Author Archives: jro

XWiki 10.9 with LDAP/SSO/MSSQL on Windows

Information

XWiki is a next generation wiki, a generic web development platform for collaborative applications. In this guide we will setup XWiki in a Windows 2016 environment on tomcat with a MSSQL 2016 backend.

Server Setup

  • Deploy a Windows 2016 Server image/machine using standard template (this is assuming DB hosted on external server)
    • 4 vcpu
    • 8GB Ram
  • Configure pagefile drive (E:\) 12GB
  • Add new 50GB disk to host the application (E:\)
  • Download and install latest java8 64bit offline installer
  • Create a service account to be used for tomcat & office services and add to admins group for that server (e.g. svcxwiki01). If you do not wish to add the service account as a local admin you can probably get by if you grant the user modify permissions on all the directories used below.

Continue reading

vCenter 5.5 Web Client in Linux w/ Firefox & Flash 11.5 (Pipelight)

Short story..

Adobe ended flash support for Linux @ 11.2 and the recent vCenter 5.5 Web Client requires version 11.5 minimum… As of recent the only solution was to just use Chrome which for me was sad as I’m primarily a Firefox user. While looking for a silverlight plugin for Firefox I came across Pipelight, which just happens to have a flash plugin as well.

After enabling the flash plugin I fired up the vCenter Web Client and sure enough there it was. Still testing out how stable it is but if you do decide to try it I recommend installing the vCenter Firefox plugin both natively and in the wine instance.

Centralized WAP Management Without A Controller (telnet)

Say for example, the past several years  you’ve been gradually deploying WAPs throughout your network infrastructure to the point of now warranting the use of a wireless controller to reduce management overhead.  You never expected your wireless infrastructure to have grown so  large, thus many of the WAPs currently deployed do not support a wireless controller and you’re now considering replacement of your entire wireless infrastructure. 

Unfortunately, the cost associated with updating or replacing an entire wireless infrastructure or even the costs of a controller alone often outweigh the management overhead reduction causing the project to be put on hold or rejected.

The use of a wireless controller typically requires that you’ve had some type of WAP standardization protocol in effect so that the WAPs you’ve been deploying are through the same vendor and the same model or family.  Even then, it’s usually only those identified as “enterprise grade” that include support for a controller often leaving IT professionals out of luck.

Continue reading

Linux SSH + PAM + LDAP + SSSD+ 2008 R2 AD Deployment

As an update to my previous post “Linux SSH + PAM + LDAP + 2003 R2 AD Deployment“, SSSD is now part of the base RHEL6 repository (soon CentOS6 as well) which makes it much faster and easier to implement LDAP/AD authentication.  In regards to configuring Active Directory, not too much has changed since my previous post so you’ll need to hit up the previous guide for a complete guide.  So lets get to it..

Continue reading

mstsc In Linux!

Simple shell script to help me with my habit of always trying to use mstsc to launch remote desktop connections even on my Linux workstation..  You can add other misc rdesktop flags as you feel necessary. Put it in /usr/bin etc

#!/bin/bash
# Usage: mstsc /v:host (or mstsc host)
 
iuser="username"
ihost=$1
ohost=${ihost/\/v:/}
 
rdesktop -g 1280x1024 -u $iuser -z $ohost > /dev/null 2>&1 &

Uninstalling Websense Desktop Client

We’ve been using Websense as our content filtering solution for about a year now, primarily utilizing the Remote Desktop Client in conjunction with the Remote Filtering service to handle our remote users and offices. While Websense is probably the most featured packed content filtering solution, it comes at a cost due to a per user licensing model and heavy hardware requirements.

Barracuda recently entered the content filtering market with their appliance, and after a 30-day demo of their 610 model we decided it was the way to go. While it lacks some of the features of Websense, it will free up 2 servers and $8,000/yr in software renewals which is well worth the initial appliance cost.

The primary downside to the Barracuda was the lack of a Remote Filtering agent, which means our remote users and offices will have to proxy through our central office. With our new 50mb Opteman on the way, and utilizing Frontmotion Firefox ADM to force proxy settings, this won’t be a problem.

However..

Attempting to remove the Websense Desktop Client turned out to be more of a hassle then expected. When attempting to use the same .msi for the uninstall as used for the initial install, I would get “This action is only valid for products that are installed” as seen here:

error

After ensuring the .msi I was using was identical to what was used for the installation, I reinstalled the WDC then proceeded to remove it immediately which worked without issue. With a little GPO help, I was able to push this out to all workstations:

@echo off
REM WDC_Uninstall.bat
REM Copyright (c) 2009 Jared Orzechowski <jaredo at ameritech dot net>
 
if exist "C:\Program Files\Websense\WDC" GOTO :Uninstall
GOTO :End
 
:Uninstall
echo Removing Remote Client Filter
net use Y: \\domain.com\DFS\Client_installs\CPMClient /Y
start /wait msiexec /i Y:\CPMClient.msi REINSTALL=ALL REINSTALLMODE=veums PASSPHRASE=somepass REBOOT=NO /qn
"C:\Program Files\Websense\WDC\wdc.exe" -ds somepass
sc stop WebsenseDesktopClient
start /wait msiexec /x{14D74337-01C2-4F8F-B44B-67FC613E5B1F} /qn /norestart
net use Y: /DELETE /Y
rmdir /S /Q "C:\Program Files\Websense\WDC"
GOTO :End
 
:End
echo Operation Complete..

Cleaner Fonts In Wine

This should work on most newer versions of wine, just run regedit (registry editor) and add/modify the following.

[HKEY_CURRENT_USER\Control Panel\Desktop]

“FontSmoothing”=”2” “FontSmoothingType”=dword:00000002 “FontSmoothingGamma”=dword:00000578 “FontSmoothingOrientation”=dword:00000001