Pages

12/09/2011

Vsphere 5 Web Client Issues

We upgraded from ESX 2.5 to Vsphere 5, after logging into the Vsphere 5 Web Client I was prompted with a error that stated it couldn't find the Inventory Service. Here are the steps to resolve that issue.

- Stop the vCenter Inventory Service.
- From the Windows Start menu, select Administrative Tools > Services.
- Right-click vCenter Inventory Service and select Stop.
- Open a command prompt.
- Delete the entire contents of the Inventory_Service_Directory/data directory.
- The location of the Inventory Service directory is specified during the vCenter Server installation.
- Change directory to Inventory_Service_directory/scripts
For example, if you installed vCenter Inventory Service in the default location, run    this command.
cd /Program Files/VMware/Infrastructure/Inventory Service/scripts
- Run the createDB.bat command, with no arguments, to reset the vCenter Inventory Service database.
- Run the register.bat command to update the stored configuration information of the Inventory Service.
register.bat current_vCenter_Server_fully_qualified_domain_name vCenter_Server_HTTPS_port
For example, if the vCenter Server fully qualified domain name is machinename.corp.com and the HTTPS port is 443, run this command.
register.bat machinename.corp.com 443
- Restart the vCenter Inventory Service and Vsphere Web Client

11/22/2011

Google Apps: The Whole Kit and Caboodle

Bethel's Information Services will be presenting the experiences with moving to Google Apps, sign-up for NCCE 2012 in Seattle, WA and check out the session. I will be a co-presenter at this session for the technical aspect.

Google Apps has become the "Whole Kit and Caboodle" for Bethel Schools. In 2010, BSD left its current communications platform for Google Apps. Belly up to the bar and hear the tale of our decision making process, planned transition/implementation, provided support/training, and achieved results (expected and otherwise).

Google Apps: The Whole Kit and Caboodle

NCCE 2012

11/15/2011

Google Password Sync: Windows Server 2008

Alright! Finally, I sat down and decided to find out what the issues people were having with running the GoogleHashUpdater in Windows Server 2008.

My Current Test Setup: 
Windows Server 2008 R2 64bit 
Hashing Password Filter RC4 64bit
Google Data API 1.4.0.2 <--- Very Important!!!

1) You need to create an attribute field to house the password hash for the user
2) The password filter needs to be installed on all Domain controllers, but can be installed on one to test with.
3) Complex passwords need to be enabled in the Group Policy

  • Download the filter (see above)
  • Download the Google Data APII (see above)
  • Install the Google Data API on each domain controller
  • Copy the following files from the Google Data API installation folder "C:\Program Files (x86)" to "C:\Windows" of each domain controller:
    • Google.GData.Apps.dll
    • Google.GData.Client.dll
    • Google.GData.Extensions.dll
  • Create the attribute “hashedPassword” (type: Case Sensitive String) with AD Schema Editor
  • You need to create a x500 OID also. Use this tool to figure out and OID (http://gallery.technet.microsoft.com/ScriptCenter/en-us/56b78004-40d0-41cf-b95e-6e795b2e8a06 )
    • Copy the script
    • Open Notepad, Paste
    • Save as oid.vbs
    • Run oid.vbs
    • Prompt gives base OID, and explains adding a number for a attribute
  • Once the attribute is created copy “HashingPasswordFilter.dll” into C:\Windows
  • Import the registry key, “HashingPasswordFilter.reg”
  • Enable Logging for Debugging
    • HKEY_LOCAL_MACHINE -> SOFTWARE -> Microsoft -> Fusion
      • DWORD "EnableLog" = 1
  • You will also need a user to update the users in AD, we already had a user we used for our scripts, but you need Allow log on locally and log on as a batch job.
  • Edit ini file with login information, copy to “C:\ProgramData”, make sure it is readable only by administrators
  • Copy “GoogleHashUpdater.exe” to the process path specified in “HashingPasswordFilter.ini”
  • Edit Group Policy under password policies to make sure Complex Passwords are enabled (this is required)
  • Reboot Controller.
  • You can confirm the install worked by Checking the log file “C:\ProgramData\HashingPasswordFilter.log”
  • Also, you can check System Information to make sure the module is loaded.
  • You can open command prompt and run "GoogleHashUpdater.exe" to confirm it's working. If it crashes, make sure you have Logging Enabled. Once you tell it to close program it will spit out an error of what is missing or erroring.
Once a user changes their password it will update the “hashedPassword” attribute for that user. Also the GoogleHashUpdater should go update the user too. (We aren’t using that yet, a few bugs still with that)
Currently we are syncing passwords nightly, users login via Single Sign-on (CAS by Jasig) so passwords aren’t too important at the moment, only for IMAP and Mobile Syncing.


REMEMBER!!!
Install on all Domain Controllers or it won’t work properly.


I hope this helps those who have been contacting me. I'm glad the solution was an easy fix. Let me know if you have anymore questions.

10/16/2011

Drupal Modules for your Portal

After a few months of having our new portal up and running, I thought it would be good to share some the modules we have put to use.  We are using many more, but these are the main ones to point out.

Drupal 7 Modules

Homebox
This took some work to get it tweaked the way we wanted, but works pretty well out of the box. Homebox allows you to create a dashboard that users can customize.  The user has the ability to add/remove blocks that you provide or add custom content blocks that they can configure.  It works well if you want to allow the custom content blocks, which allows a user to use Google Gadgets in they dashboard.  We fixed some refreshing issues, don't allow minimizing/maximizing, added the custom content to allow for HTML, and stopped the ability to duplicate blocks that don't need to be duplicated.  Contact me if you would like a customized version of what we are running.


Lightweight Directory Access Protocol
This module allows you to do a couple of things. You can use the LDAP protocol to tie to Active Directory or Open Directory, allowing users to use the same password.  You can also sync the groups from the Directory to Drupal, allowing to sync roles within Drupal.  We are currently using it to sync groups to roles.

CAS
I must if you are currently or will be leveraging Central Authentiication Service SSO. We are currently using this and it works great with the LDAP module.

Kaltura
Allow your users to be able to upload, edit, and share media in this open source platform.  We are currently using this to allow users to upload videos. It converts them on the fly and provides a way for users to share media.  It has the capability of recreating youtube within Drupal.

Login Destination
Force your users to go to certain pages on login.

Front Page
This module changes the front page for users, great if your using Login Destination also.

Node Privacy by Role
Lock down your content but assigning specific roles to different node types

Tray
Need a floating menu bar? This module is a quick way to add one. We've done a bit a CSS tricky with ours but overall great if you don't need anything complicated.

Shadowbox
Add some flair to your size, by provide lightbox style popups to your site for media.

Forum Access
Provide specfic permissions on those Drupal forums.

10/13/2011

Google's free LMS is coming soon...

Keep an eye out for this one. Google and Pearson have teamed up to create a free Learning Management System/Social Network for Education. It is primarily focused for Higher Education, but should be interesting to say the least. It's suppose to drop ship in the marketplace on Oct 18th.

Google on "Improving the DOM"

Google has some amazing things in the works, namely "Dart". I highly suggest checking it out, I find this pretty exciting and expect it to get some major traction.

Improving the DOM

8/04/2011

Creating a K12 portal with Drupal

Over the past month, we have been working on getting the new portal up and running using Drupal 7. We are ready to launch on Monday and thought I would share our welcome video that quickly goes over some of the features. I'll provide more information on Drupal integration with CAS, LDAP, Kaltura, BBB, and Google at a later date. Enjoy the video.

7/13/2011

OS X Server 10.6 on vSphere 5

Among the many of those disturbed by the Licensing of vSphere 5, it seems that OS X 10.6 Server will be supported as a guest operating system.

What's New in VMware vSphere 5

vSphere 5 Pricing

To run Mac OS X in a virtual machine, ESXi must be running on Apple branded hardware.
ESXi 5.0 introduces hardware support for Apple’s Xserver 3,1 server.
Supported versions include Snow Leopard 10.6 through update 10.6.8 with supplemental update v1.1.

6/27/2011

Deploy Firefox

Looking for a way to deploy Firefox with default/locked preferences? Well it's built-in to Firefox, two files to config and it's done. You can have it override all existing preferences also.

http://kb.mozillazine.org/Locking_preferences

6/02/2011

Gluster 3.1 to 3.2 Upgrade

Decided it would be worth updating our Gluster storage to the newest version, it adds a few new features and bug fixes.  This upgrade with simple and easy to do with no data loss

You can find the instructions here
Upgrading to Gluster 3.1 from 3.1.x

The upgrade consisted of having a newer CentOS kernel (if you're running CentOS).  Geo-replication requires python-ctypes and newer version of rsync.

Upgrade steps are simple, download the rpm's, upgrade the installed packages and then you're on your way.  If you built from source, then there are some additional steps, refer to the upgrade page.

5/25/2011

Using Drupal Session Variables outside of Drupal

Drupal stores session variables a bit differently then normal php applications, so some integration is required.

If you have an external script you want to call and need to include variables, then you need to add the following to your script:


Change anything with @@ @@

chdir('@@rootpathofdrupal@@');
require_once './includes/bootstrap.inc';
define('DRUPAL_ROOT', getcwd());
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

Once you have added the necessary information your will be able to get the same session variables.

5/24/2011

Example of Google Docs 3.0 API's

Currently we are in the process of rewriting our portal for the district. We are looking to tie more into Google App's within our portal. So, we thought this would be a good time for us to start going down the path or pulling the data and pushing data back.

First thing is first, there are many different client's out there you can use. We are using the Zend Framework to do what we need to do.

Download these:

Also, you'll need to be running Google APP's for what we are doing, we have setup OAuth. Please check here for more info: OAuth Overview

See Example below for a quick way to pull the first 5 results in a specified user's google doc's account:


replace the following
$CONSUMER_KEY = '@@replaceme@@';
$CONSUMER_SECRET = '@@replaceme@@';
$USER = '@@user@domain.com@@';
$admin = '@@admin@domain.com@@';



4/21/2011

CAS SSO 3.4.7 with LDAP/AD Attributes

Been working on rebuild our CAS Server for a few days now.  We needed to CAS pull additional attributes out of Active Directory for some of our SSO services.  So I'm going to quickly walk through what you need to do you set this server up.

Requirements:
Apache Tomcat 6.0.32
Maven 2.2.1
CAS Server 3.4.7

Attached files: 
  \/  cas.zip \/
  • pom.xml
  • deployerConfigContext.xml
  • person-directory-impl-1.5.0-RC6.jar (recompiled to ignore AD referrals)

  1. Install Apache Tomcat 6, I used 6.0.32. This is easy enough, get the binary download, extract, run the startup script in the bin folder. Test Confirm working, default port is 8080
  2. Install Maven 2.2.1, this will be used to compile CAS
  3. Download CAS 3.4.7, and extract.
  4. Open cas-server-3.4.7/cas-server-webapp
  5. Replace pom.xml with one in cas.zip 
  6. Open cas-server-3.4.7/cas-server-webapp/src/main/webapp/WEB-INF/
  7. Replace deployerConfigContext.xml with one in cas.zip. Also edit file, and replace anything with braced in @@.
  8. While still in the "WEB-INF" folder, create a folder called "lib", put person-directory-impl-1.5.0-RC6.jar inside of it.
  9. Open cas-server-3.4.7/cas-server-webapp
  10. Compile with maven, "mvn clean package install"
  11. This will output target/cas.war, copy to tomcat/webapps/cas.war
  12. Restart Tomcat
  13. Enjoy, CAS should be good to go.

4/08/2011

Run your own online classroom

While traveling down the path of using Drupal 7 has a portal for the District, I came across this Open Source Web Conferencing Platform.  This platform can be up and running in minutes using their VM Appliance.  It allows for multiple rooms, screen sharing, multiple webcams and audio, and has all the other normal web conferencing goodies.  I suggest checking it out.


Big Blue Button

3/18/2011

VMware's management client for iPad available

VMware's management client for iPad availableVMware's management client for iPad available: " VMware has released the vSphere Client for iPad, with which IT staff will be able to monitor and manage their virtualized infrastructure.


"

3/14/2011

Building iOS apps

A few months ago, we provide our technicians with iPad's to help them be a bit more productive.  The overall goal was to give the technician the ability to view and edit their work orders on the go.  Typically they would either stop off at a computer in the building or print them off at their desk.  After purchasing the iPad's we got the enterprise developer package to start building our own apps.  Off hand we don't have any experiencing programming Objective-C, but we decided to build our apps using Titanium from Appcelerator.

Titanium allows you to create iOS, Android and Blackberry apps using HTML and Javascript from API's they provide.  We just deployed our first app's to our tech's last week.  Styling is still a little rough, but functionality is there for all the basic needs right now.  Future versions are in the works, but we want to get our tech's rolling with some useful for now.

We also provided our tech's with a Directory app to lookup Staff and Students as necessary which will later be incorporated into the Work Order App.



2/22/2011

Gitorious Server: Build your own

For those who like the way GitHub or Gitorious works, there is good news!  You can run your own Gitorious server to host a public and/or private git repository.  I currently have a Gitorious server running in the hopes of forming an area where local school district's can share their coding projects, data mining procedures, and other related systems information.  I have more information on this project at a later date, which will allow Districts to participate in the project.

On to what I wanted to talk about.  Setting up a Gitorious server isn't too hard as long as you have a grasp on building a linux server.  I've current running our server on Ubuntu 9.10 and is working well in a virtual environment.

For installation I suggest you start with this write-up provided by the group.

http://www.gitorious.org/gitorious/pages/UbuntuInstallation


You may find some issues with ruby gems, and you just need check out the rubygems community for different versions of ruby gems

http://rubygems.org/


You can also check out this tutorial for additional information on building ruby from the source.

http://cjohansen.no/en/ruby/setting_up_gitorious_on_your_own_server


After a couple of hours, you can have your own public/private git repo up and running.  If you aren't sure how git works or want to get some more information I suggest checking out this website.  This will walk you through how the version control system works and how you can leverage it in your own environment.

http://library.edgecase.com/git_immersion/

2/12/2011

XRaid Progress

In a previous post, I described our situation with storage and finding a way to reuse the XRaid's we had in the racks. By using a IDE2SATA adapter and a notebook 7200rpm drive, we were able to replace all the drives in a fairly cheap manner. Right now, I have 70 drives (5 XRaid's, 4 in picture.) formatting in Raid 5. We are about 24 hours in and formatting is at almost 50%.



1/31/2011

Ubuntu 9.10 and Intel e1000 driver

Thought I would share this bit of trouble I ran into.  I installed Ubuntu Server 9.10 on our ESX Farm, which uses Intel E1000 network adapters, which don't play well out the box with Ubuntu.  You will need to build a driver for it to use first.  Here is a quick tutorial on how to fix the problem.


  1. Go get the source for building a e1000 driver. Here 
  2. Extract -> sudo tar xvf e1000-8.0.25.tar.gz
  3. Go inside the src folder
  4. Run the following -> sudo make install (requires gcc package to be installed)
  5. Reboot
  6. Check for the interface -> sudo lshw -C network
  7. It should say *-network disabled, if so we need to enable it. Check for the logical name, it should be eth0 or eth1
  8. sudo nano /etc/network/interfaces
  9. add the folowing lines 
    1. auto eth0 (eth0 or eth1, whatever it is)
    2. iface eth0 inet dhcp
  10. restart networking, sudo /etc/init.d/networking restart
  11. the network adapter should be operational now!

1/27/2011

Gitorious

After day of playing around, I was finally success in building a Gitorious Server. It's a great alternative to GitHub, plus you can host your own server for free.

I'll provide some more information on how to set in up in the next week.

1/11/2011

Google Apps Management

I've been meaning to post this up, but I've been using this set of tools for awhile now to rename accounts and various other tasks.  It helps to maintain Google App's using a set of tools that run in python, it's open source and free to use.

To rename an account it's pretty easy, see example.

Changing John Doe to John Smith

in terminal execute the following:
python gam.py update user jdoe username jsmith lastname Smith

Check it out!


1/06/2011

Mac App Store Licensing

If you had questions on Licensing for apps through the new Mac App Store, you should see the following. It states you can install on any Apple you own as long as it is for personal or non-commercial use.

Terms Mac App Store

1/05/2011

Multiple Updates in the works

We have a lot of projects in the works over the next month.  You can expect some updates coming in the next couple of weeks.

Here a list of the following that I will be covering:

- Scripting with Python
- XRAID Renew Project
- New Infrastructure Upgrades for our Webservers
- Portal Rewrite using Open Technologies
- Progress using DHTMLx Touch
- Master-Master Replication for MySQL