My notes, things I have learned, and documentation I have created.

The following was verified on openldap versions 2.0 and 2.3:

To display all attributes associated with a particular cn:
# ldapsearch -x -b ‘distinguished name‘ ‘cn=Some CN’

Or using a wildcard:
# ldapsearch -x -b ‘distinguished name‘ ‘cn=startswith*’

Example:
# ldapsearch -x -b ‘dc=mydomain,dc=com’ ‘cn=myCN’
# ldapsearch -x -b ‘dc=mydomain,dc=com’ ‘cn=myCNstartwith*’

This information can help you to determine what you want to modify.

How to modify an attribute value for a particular cn:

#ldapmodify -x -D ‘distinguished name‘ -w password -f filename

Contents of filename:

dn: distinguished name
changetype: modify
replace: attribute
attribute: newvalue

Example:
# ldapmodify -x -D ‘cn=admin,dc=mydomain,dc=com’ -w MyPassword -f myfile

# cat myfile
dn: cn=”Lastname, Firstname”, dc=mydomain, dc=com
changetype: modify
replace: mail
mail: myaccount@mydomain.com

Installing a Microsoft Hyper-V server is simple enough, but what to do once you have installed? The pieces fall into place once you can figure out where download/install/enable the Hyper-V Manager. This is the interface you will need to use in a small implementation to manage and create your virtual machines on your Hyper-V server.

In Windows 7, go to Control Panel/Programs/Programs and Features, and click on “Turn Windows features on or off.”

This will bring up the Windows Features window, where you can check/uncheck features that you want to enable/disable.

Check the Hyper-V Tools box to enable the Hyper-V Manager.

Note: The Hyper-V Manager mmc plugin can also be found in the Remote Administration software for Windows 7/Vista. Further information can found on the Microsoft website.

I finally got around jail breaking my iPhone 4s, and it was easy enough. Here are the steps I used:

Computer OS: MacOS Lion 10.7.2

Connected phone to computer using the USB cable.

Opened up iTunes

Right mouse clicked on my phone in iTunes, and selected Backup

Download the Absinthe program from http://cache.greenpois0n.com/dl/absinthe-mac-0.1.2-2.zip.

Unzipped the program by double clicking it.

I closed iTunes, and launched Absinthe.

Clicked “Jailbreak”. This step take quite and while, and looks like it is restoring.

Once complete, you will see a message stating that you are almost done.

Unlock you phone, and tap the Absinthe icon that was added.

This will briefly display the Greenp0ison website, and then reboot.

This will replace the Absinthe icon with a Cydia icon.

Launch Cydia, and you get a “Preparing Filesystem” message and the Springboard will re-launch.

Update: I had to re-setup the Wi-Fi Sync. I did this by plugging my phone into my computer with iTunes running. I turned off Wi-Fi Sync by unchecking it in iTunes, and applying. Then, I turned it back on and applied. This took care of it.

I needed to get some Windows 2003 virtual machines migrated from a VMware Server 1.x implementation to an ESXi host (In my case, this was controlled under vCenter.). Here is the procedure I used that worked rather well despite some limitations. Note: this procedure was used to migrate Windows 2003 VMs.

Verify that you have no snapshots. If you do, remove them. Also, if you want maintain the same MAC address and IP address, you should note them before starting.

Shutdown the virtual machine from the VMware Server console.

Copy the VM over to your ESXi server (You need to have ssh enabled on the ESXi host.).

Add the copied over VM to your vSphere client inventory.

Use the VMware Standalone Converter to convert the powered off VM you just copied over. The destination is going to the same as your ESXi host (or any other ESXi). I did uncheck “Remove restore checkpoints”, but this should not be necessary.

Once converted, boot the newly converted VM.

Install or upgrade VMware tools.

Then, if you want to preserve the MAC address and IP address, shutdown the VM.

Modify the MAC address via the vSphere client by manually setting it in the Network Adapter settings.

Boot the VM.

Configure the static IP address, if you had one before the migration.

This process went very well and without an issue. However, you do need to be able to have enough space to have two copies of the VM on the ESXi host if you only have one ESXi host in your environment.

The following procedures were used on RedHat Enterprise Linux 5.x.

The following previous post outlined how to get the linux server joined to domain and supporting ADS authentication. This link also contains information for RHEL6.x in the comments as well :

Howto Join An Active Directory Server using RHEL5.x/CentOS5.x and Samba 3.0.x

The key is getting the /etc/squid/squid/conf right. I have included the entire configuration used. A lot of the options are not required in all situations. I have a number of things going on here. Many of which I could clean up and make better, but I wanted to leave them in here because I know this configuration works. I actually have three proxy servers (two peers) in the configuration. The configuration forwards the requests to one of the two peers based upon the site accessed. This is probably not required for most deployments.

# cat /etc/squid/squid.conf

half_closed_clients off


The .acl files listed in the configuration are either just a list of usernames (ADS or otherwise), or a list of domains. In the case of the domains, you can use the following syntax to signify all host for a particular domain:

.mydomain.com


Below, I have tried to strip out the other things to demonstrate all that is needed to support proxy access via ADS group membership.

Excerpts from /etc/squid/squid.conf:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param ntlm keep_alive on
...
# Begin Group
external_acl_type WindowsGroup ttl=60 children=5 %LOGIN /usr/lib/squid/wbinfo_group.pl
# End Group
...
# Begin Group
acl InWindowsGroup external WindowsGroup ProxyAccess
acl InLocationsWindowsGroup external WindowsGroup ProxyAccessLocations
# End Group
...
# Begin store access test.
acl LocationAllowedSites url_regex -i "/etc/squid/LocationAllowedSites.acl"
acl LocationRestrictions dstdomain "/etc/squid/LocationRestrictions.acl"
# End store access test.
...
acl MyACL proxy_auth REQUIRED
...
# Begin Group
http_access allow InLocationsWindowsGroup LocationAllowedSites !LocationRestrictions
http_access allow InWindowsGroup
# End Group
...

Also, if you want to customize the default access denied page that users receive when they go to a site that they are not permitted to access, you can add you customizations to the /usr/share/squid/errors/English/ERR_ACCESS_DENIED file. I believe you can do a number of other creative things with error pages, but I have not looked in to that.

If you want to add/remove sites from the files, you just need to issue a “service squid reload” to activate the new settings.

To run the System Restore from the command line in Safe mode:

Restart the computer and hold down the F8 key while it restarting.

Select the “Safe mode with a Command prompt” option.

Enter in the command prompt:

In Windows XP:
C:\> %systemroot%\system32\restore\rstrui.exe

In Windows 7:
C:\> %systemroot%\system32\rstrui.exe

This is the best way to go back to a different restore point in Windows XP and 7.

I started looking into Hyper-V, and learned something quick. I installed Windows 2008 R2 Hyper-V on a server. Then, I used a Windows 7 client to access the host via the Hyper-V Manager. I created a virtual machine and installed an operating system, but found that I had no network connection. I had to configure the host network interfaces via the Hyper-V Manager Virtual Network Manager. Once I did this, I was able to adjust the network interface on my virtual machine to use the newly configured interface.

Installing RHEL6 on a Hyper-V server presented some new challenges as well. I was able to install the OS easily enough. The problem came when I actually tried to use it. There was no virtual network interface card driver loaded. I had to download and install the Linux Integration Services software from Microsoft. It is a 2.2MB ISO image, so you can either put it on CD/DVD, mount it from a flash drive or use it as your virtual CD drive (which I did).

From the RHEL6 VM:
# cd /media # If /media is the mount point you used.
# ./install.sh
# shutdown -r now

Now, in my case, I did a minimum install, so maybe it is different when you do a basic install, but I had to manually create the ifcfg-eth0 and network files. For now, I just wanted to get on the network, so I used a DHCP client configuration.

# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes

# vi /etc/sysconfig/network
GATEWAY=192.168.0.1

# service network restart
or
# shutdown -r now
or
# ifup eth0

When you have a large volume and you want to control when file system checks are done, you can disable interval checks by issuing the following command:

# tune2fs -i 0 /dev/sdax

I have had reboots take a long because the interval was up for a 2TB partition. I have disabled it and will do them at my own time choosing.

Update: You can do this permanently by changing the sixth field in /etc/fstab file for the volume/partition.

The first lesson I learned on this little adventure was that you need to remove any existing VMware snapshots for the guest. I removed all the snapshots from the vSphere client using the Snapshot Manager option.

Once you get that out of the way, you just need to go in Edit Settings for the guest, select the Hard Disk you want to expand, and enter in the new size. I wanted to increase the root partition on a CentOS 6 guest by 10GB.

Once that is completed, all the rest was done from the guest. My objective was to try to do this without rebooting. Unfortunately, I had reboot one time early in the process.

First, I had to create a new partition on the expanded disk. I printed out the current configuration using fdisk and then created the new partition. As you can see below, I got a message about the device being busy. I tried using partprobe and kpartx as suggested in the output, but neither worked for me, so I ended up rebooting.

# fdisk /dev/sda

Command (m for help): p

Disk /dev/sda: 32.2 GB, 32212254720 bytes
64 heads, 32 sectors/track, 30720 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00033ab9

Device Boot Start End Blocks Id System
/dev/sda1 * 2 501 512000 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2 502 20480 20458496 8e Linux LVM
Partition 2 does not end on cylinder boundary.

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 3
First cylinder (1-30720, default 1): 20481
Last cylinder, +cylinders or +size{K,M,G} (20481-30720, default 30720):
Using default value 30720

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

# shutdown -r now

I created a file system on the partition. I am not sure whether this is needed or not since I was expanding an existing volume, but I did it anyway.

# mkfs.ext4 /dev/sda3
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
655360 inodes, 2621440 blocks
131072 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=2684354560
80 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 38 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

Then, initialize the new partition:

# pvcreate /dev/sda3
Physical volume “/dev/sda3” successfully created

Extend the volume group:

# vgextend vg_vmdev01 /dev/sda3
Volume group “vg_vmdev01” successfully extended

I extended the volume by 9.9GB:
# lvextend -L +9.9G /dev/mapper/vg_vmdev01-lv_root
Rounding up size to full physical extent 9.90 GiB
Extending logical volume lv_root to 27.44 GiB
Logical volume lv_root successfully resized

Then, resize the file system:
# resize2fs /dev/mapper/vg_vmdev01-lv_root
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/mapper/vg_vmdev01-lv_root is mounted on /; on-line resizing required
old desc_blocks = 2, new_desc_blocks = 2
Performing an on-line resize of /dev/mapper/vg_vmdev01-lv_root to 7193600 (4k) blocks.
The filesystem on /dev/mapper/vg_vmdev01-lv_root is now 7193600 blocks long.

And that is it. This expanded the root volume by 9.9GB. Just to verify that all was well, I rebooted again.

This is the process I used to upgrade an iPhone 3Gs running IOS 4.1 baseband 06.15.00 to IOS 5.0.1 while preserving the baseband and the carrier unlock.

Software installed/downloaded:

OS: MacOS Lion 10.7.2
iTunes: 10.5.2
redsn0w_mac_0.9.10b1.zip
iPhone2,1_5.0.1_9A405_Restore.ipsw

I plugged the phone into my computer and backed up from iTunes by right mouse clicking on the phone and selecting “Backup”.

I downloaded the redsn0w application and the IOS install into a folder called JB.

I unzipped the redsn0w_mac_0.9.10b1.zip and executed redsn0w.app from the redsn0w_mac_0.9.10b1 folder.

Clicked Extras.

Clicked Custom IPSW and browsed to the JB folder where I downloaded the iPhone2,1_5.0.1_9A405_Restore.ipsw from Apple.

Since I had an original 3Gs, I selected “No” on the “Will this custom IPSW be used on a newer (fixed) version of the iPhone3GS?”.

This created a custom NO_BB_OLDROM_iPhone2,1_5.0.1_9A405_Restore.ipsw file that will not attempt to update the baseband when IOS 5.0.1 is restored.

Once created, I needed to put the phone in DFU mode. For some reason, I had trouble using the method I had used before. This is what I did this time:

With device powered on,unlocked and connected via the USB cable with iTunes running:
Hold the Power and Home buttons.
When the screen goes black, count to 2.
Then, release the Power button, and hold the Home button for 10 – 15 seconds.
iTunes came up and displayed that it was in recover mode. I tried restoring my custom IPSW from here but I kept getting a 1600 error. So, once I had in recover mode, I fired up Redsn0w again and went into Extras and clicked on “Pwned DFU”.
This put it in DFU mode quickly.

Then, I was able to hold “alt/option” and click the “Restore” button in iTunes.

This allowed me to browse to the custom IPSW: NO_BB_OLDROM_iPhone2,1_5.0.1_9A405_Restore.ipsw.

This installed IOS 5.0.1 on the phone and preserved the baseband (06.15.00) with the applications and settings restored.

Once up, the phone still needed to be jailbroken and unlocked.

I closed iTunes, and brought up Redsn0w again. I needed to point redsn0w to the unchanged iPhone2,1_5.0.1_9A405_Restore.ipsw file. This time, I chose Jailbreak. The only option that I had selected was “Install Cydia”.

After rebooting and verifying the Cydia icon is installed, I needed to unlock the phone.

I launched Cydia and clicked on Manage and then Sources.

Then, I added the Ultrasn0w repository by clicking “Edit” and “Add”. Then, I added the repository: http://repo666.ultrasn0w.com. Note: this took me quite a few attempts on the 27th, due to server load some where along the line. Eventually, I was able to get the repository added.

Once added, I was able to search for and install Ultrasn0w.

I rebooted and the phone was updated, jailbroken and unlocked.