buy hypertropin


The notes of a madman

Archive for the ‘CentOS’ Category

Joining a Windows 7 system to a Samba domain

Posted by grigsby on May 17, 2009

UPDATE: I would strongly recommend reading the following link prior to mucking about int he windows 7 registry. The changes required vary with different versions of Samba. You have been warned!

I had a client request a Windows 7 RC1 system so that they could test their product against the latest candidate from Redmond. Their network is made up of a mix of Windows clients on Linux/Samba servers. Setting up the new client was fairly easy, but, as expected, Windows 7 refused to join to a the Samba domain stating that the domain in question was not available. Having gone through something similar when we finally added Vista clients I expected to have to update Samba to get this to work. Turns out you have to add two reg keys as well. Since it took me a fair bit of search to find this, I thought I’d document the required changes here, if for no other reason to save myself the trouble when I went to do it again…

  1. First you need to be running Samba v3.3.4 or later. Earlier versions have been reported to work, but there are some issues. Since this version is not available in the OS repos (CentOS) I got my copy from the Samba Enterprise site. They carry packages in RHEL, SLES, and Debian flavors and I have been using them for some time.
  2. Next the Windows 7 client needs to have two registry keys added.

    DWORD DomainCompatibilityMode = 1
    DWORD DNSNameResolutionRequired = 0
  3. The following key needs to be changed or you will receive an error when trying to login using a domain accout of “The trust relationship between this workstation and the primary domain failed.”

    RequireStrongKey = 0

Once these changes were made I was able to join the domain. I did receive an error on the join as shown in the following image, but the system seems to be working fine.


I’m assuming this will be resolved in future releases. Hope this helps save somebody at least a few minutes…

Read the rest of this entry »

Samba error: “Failed to verify incoming ticket!”

Posted by grigsby on March 8, 2009

I started having an issue with one of my samba servers. This particular server uses an AD controller for authentication. Today it stopped authenticating. A brief search found this error in the log.client_name log.

[2009/03/08 18:28:16, 1, pid=6667, effective(0, 0), real(0, 0)] smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!

After a bit of research and more than a little digging in the source code (FLOSS FTW!!!) I found that this error message is related to a time difference between the client and server. This lead me to the fact that my NTP client was pointing to a server that had been removed from the network some time ago. A change to the NTP client and a forced time change and BAM, Samba is working again.

UPDATE: I forced the time change with the ntpdate command but I’ve just been informed that I could have used the AD controller itself using the following:

net time set -S ad_controller_name_OR_IP

Vista backup to Samba share

Posted by grigsby on February 15, 2009

So I recently had to deploy a Vista machine to a customer’s network. Till now we had only had one vista box stuck in corner for testing. Now is has been decided that we need a couple of Vista boxes on peoples desktops. The logic goes that we won’t find as many problems if people aren’t using it on a regular basis. (I really feel for the guy that got suck with the Vista box. I mean the box is nice, but Vista just sucks. Eggs. Really old eggs.)

So the initial setup of the box was normal for Vista. I spent most of my time trying to figure out where they hide or renamed options… Typical, right? So the box gets deployed and I migrate the user’s data to the system. Then I got to setup backup for his email. We typically just using Windows backup to backup email and a a few other files. Everything else is stored in on the server. So I got to start the backup process and I get this:

Windows Backup
File Backup could not save your automatic backup settings for thefollowing reason:
Cannot create a file when that file already exists. (0x800700B7)
Please try again

Or something similar. A quick swipe at google and I see that it’s a Samba/Vista issue. Something changed in SMB2 and the only thing that seems affected is Vista Backup. Figures. So I schedule server downtime for the weekend to update Samba as according to the Samba Bugzilla site, this is fixed in a slightly later release.

Sunday afternoon comes along and here I am. I install the update, restart Samba and…. Frack. Error. Fast forward 3 hours. After I start reading comments on the Bugzilla site in desperation I find that the issue is related to ACLs that Vista backup is trying to set on the directory. Wait, does ext3 support ACLs? /me quick google…. Ah, you have to pass the file system an option to enable ACL support. So, long story short… If you want Vista backup to work, you have to 3.0.25+ of Samba, and you have to have ACL support enabled on your file system. The magic incantation is simply spec’ing ‘acl’ in the mount command, like this:

LABEL=/work /work ext3 acl 1 2

I hope this saves at least one person the hours I’ve just wasted.

For reference:

smbount 2GB limit and cifs “mount error 13”

Posted by grigsby on August 8, 2008

So I needed to copy several GBs of data between a linux compute machine and a windows box. It’s enough data that I don’t want to copy to a file server and then back to the workstation. The linux system is not running Samba, FTP is out, and SCP is slower than molasses in January. First thought share a drive on the WinXP box and mount it on the server.

[root@biglinuxbox data]# mount -t smbfs -o username=user //win_workstation/share /tmpmnt
[root@biglinuxbox data]# cp /local/data/big_data_file.tgz /tmpmnt
[root@biglinuxbox data]#

Cool! Wait. That was awfully fast… Oh. The file on the client side is exactly 2GB. Damn. Quick google and… yup. smbfs has a 2GB limit. Damn.

[root@biglinuxbox ~]# mount -t cifs -o username=my_username //win_workstation/share /tmpmnt
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page ( mount.cifs)
[root@biglinuxbox ~]# mount -t cifs -o username=domain/my_username //win_workstation/share /tmpmnt
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page ( mount.cifs)
[root@biglinuxbox ~]# mount -t cifs -o username=domainmy_username //win_workstation/share /tmpmnt
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page ( mount.cifs)
[root@biglinuxbox ~]# man mount.cifs
[root@biglinuxbox ~]# mount -t cifs -o user=domain/my_username //win_workstation/share /tmpmnt
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page ( mount.cifs)

Okay. Getting mad. After spending a few minutes in the man pages, I find that you can also specify the domain on the options line. Even though the man page says that domain/username should work, it’s not.

[root@biglinuxbox ~]# mount -t cifs -o user=my_username,domain=plm //win_workstation/share /tmpmnt
[root@biglinuxbox ~]# rm damon.tgz
rm: remove regular file `damon.tgz'? y
[root@biglinuxbox ~]# cp /local/data/big_data_file.tgz /tmpmnt


Sorting IP addresses

Posted by grigsby on January 17, 2008

I recently had to sort a large list of IP address numerically. My first few passes didn’t work. Finally I pieced the following together. This is using sort from the GNU coreutils, version 5.97, running on a CentOS 5.0 box. Should work on anything running GNU Sort. It might work on other versions of sort, but I had issues with it on HP-UX. This worked in a few seconds for well over 50k addresses. Enjoy.

sort -t'.' -nk 1,1 -k 2,2 -k 3,3 -k 4,4

Recovering a failed raid array

Posted by grigsby on January 8, 2008

Just had an external SCSI chassis go offline. The chassis was connected to one UPS while the computer was connected to another ( I know, I know). The UPS powering the SCSI drives went south for the winter. This mad the OS/SCSI bus all kinds of unhappy. Had to hard boot the system. When I brought the system backup it refused to start the software raid system built on the external chassis. First I checked to make sure the drives were all being seen. They were:

[root@lnxets2 root]# mdadm --examine --scan /dev/sdc1 /dev/sdd1 /dev/sde1 /dev/sdf1 /dev/sdf2 /dev/sdg1 /dev/sdg2
ARRAY /dev/md0 level=raid5 num-devices=7 UUID=776de615:eecea59e:e1e94c0a:c8a70e3f

So now I try to bring the array up:

[root@lnxets2 root]# mdadm -A /dev/md0 /dev/sdc1 /dev/sdd1 /dev/sde1 /dev/sdf1 /dev/sdf2 /dev/sdg1 /dev/sdg2
mdadm: /dev/md0 assembled from 1 drive - not enough to start the array.

Google was of no help on this. The error seemed to indicate slices were missing from the array, but the OS saw them. fdisk saw them. I then started examining the each slice, using mdadm -E /dev/sdc1, one at a time and found that all of the devices in the external array were marked faulty, most likely because they had gone offline due to the power failure. So, since the data was backed up, I decided to try to force the array back to live using the following:

[root@lnxets2 proc]# mdadm -A /dev/md0 /dev/sdc1 /dev/sdd1 /dev/sde1 /dev/sdf1 /dev/sdf2 /dev/sdg2 /dev/sdg1 /dev/sdb1 -f
mdadm: forcing event count in /dev/sdd1(1) from 7 upto 10
mdadm: forcing event count in /dev/sde1(2) from 7 upto 10
mdadm: forcing event count in /dev/sdf1(3) from 7 upto 10
mdadm: forcing event count in /dev/sdf2(4) from 7 upto 10
mdadm: forcing event count in /dev/sdg1(5) from 7 upto 10
mdadm: clearing FAULTY flag for device 1 in /dev/md0 for /dev/sdd1
mdadm: clearing FAULTY flag for device 2 in /dev/md0 for /dev/sde1
mdadm: clearing FAULTY flag for device 3 in /dev/md0 for /dev/sdf1
mdadm: clearing FAULTY flag for device 4 in /dev/md0 for /dev/sdf2
mdadm: clearing FAULTY flag for device 6 in /dev/md0 for /dev/sdg1
mdadm: /dev/md0 has been started with 6 drives (out of 7) and 1 spare.
[root@lnxets2 proc]# fsck /dev/md0
fsck 1.32 (09-Nov-2002)
e2fsck 1.32 (09-Nov-2002)
/dev/md0: recovering journal
/dev/md0: clean, 147/6602752 files, 11169427/13193088 blocks
[root@lnxets2 proc]# mount /raid

And lucky me, all came back to life, just as it should.

The lesson here folks, is always make sure your SCSI array, and your server, are running on the same power source…

Force a reinstall of a RPM

Posted by grigsby on December 21, 2007

I recently had to force a reinstall of a bunch of packages (I don’t want to talk about it. If you follow me on twitter, you know some of the details). Here is the procedure I used.

First locate the packages of the missing files using this command:

for file in `rpm -Va | grep missing |awk '{print $2}'`; do rpm -q --whatprovides $file >> /tmp/missingpack ; done

I then used this to sort the file and eliminate any duplicates:

cat /tmp/missingpack | sort -n | uniq > /tmp/missinguniq

At this point I can remove the missing packages using this:

rpm -e --justdb --nodeps packagename

Then simply reinstall as normal using yum. I’m sure I could have automated this a bit more, but the system was hurting (again, don’t want to talk about it).

Hope that helps somebody else.

CentOS 4.4 Hangs at GRUB on initial boot

Posted by grigsby on March 21, 2007

New CentOS 4.4 i386 hangs on boot with only “GRUB ” displayed on screen. Seems this the installer doesn’t correctly install grub if the root drive is a RAID1. Here is the fix I used:

Boot off the install CD in rescue mode. Chroot to the freshly installed image.

chroot /mnt/sysimage

Install root on both drives.

# grub
grub> root (hd0,0)
Filesystem type is ext2fs, partition type 0xfd

grub> setup (hd0)
Checking if “/boot/grub/stage1” exists… yes
Checking if “/boot/grub/stage2” exists… yes
Checking if “/boot/grub/e2fs_stage1_5” exists… yes
Running “embed /boot/grub/e2fs_stage1_5 (hd0)”… 16 sectors are embedded.
Running “install /boot/grub/stage1 (hd0) (hd0)1+16 p
(hd0,0)/boot/grub/stage2 /boot/grub/grub.conf”… succeeded

grub> root (hd1,0)
Filesystem type is ext2fs, partition type 0xfd

grub> setup (hd1)
Checking if “/boot/grub/stage1” exists… yes
Checking if “/boot/grub/stage2” exists… yes
Checking if “/boot/grub/e2fs_stage1_5” exists… yes
Running “embed /boot/grub/e2fs_stage1_5 (hd1)”… 16 sectors are embedded.
Running “install /boot/grub/stage1 (hd1) (hd1)1+16 p
(hd1,0)/boot/grub/stage2 /boot/grub/grub.conf”… succeeded

grub> quit

Now Exit and reboot. This should resolve the issue.

Here is a related bug:

Create local CentoOS repo

Posted by grigsby on March 12, 2007

mount /media/cdrom
rpm ––import /media/cdrom/RPM-GPG-KEY-centos4
yum localinstall /media/cdrom/CentOS/RPMS/createrepo-0.4.3-1.noarch.rpm
mkdir /var/local/dvd.repo
cd /var/local/dvd.repo
ln -s /media/cdrom/CentOS/RPMS RPMS
createrepo ./
vi /etc/yum.repos.d/dvd.repo

The dvd.repo file looks like:

name=Local DVD

Then you can:

yum ––disablerepo=* ––enablerepo=dvd list
yum ––disablerepo=* ––enablerepo=dvd install kernel-devel
yum ––disablerepo=* ––enablerepo=dvd install gcc
umount /media/cdrom