Linux and DevOps with Vijay

 It is challenge for an administration to work with openldap server or other directory server e.g. Red hat directory server or 389 directory server. 1. how to create a bulk user Ans you can create a  bulk user by either using a csv to ldif converter but it is somewhat not very user friendly. 2. when creating a new user last uidNumber used is not displayed so how to find that? Ans : no answer. You can go for a new user creation with all unix (posix) attributes but it requires uidNumber and gid number but last used uidnumber is a challange to find out. so i have created an application script to solved these issues. with my this application you can easily : 1. create bulk users 2. can change a users password 3. can know last uidnumber  used  by the ldapserver 4. can know how much total accounts used by ldapserver 5. can create a new user 6. can search a user 7. can delete a user just download the script and run # chmod +x ldap.sh # ./ldap.sh Click on bellow dow

To start configuration of NIS server for Centos 6 first rpcbind service should be installed and running. verify the installation # rpm -qa | grep -i rpcbind if it did not returns any result please get this install first # yum install rpcbind # chkconfig rpcbind on # /etc/init.d/rpcbind start (Before going ahead let me tell you NIS stands for Network Information Service. NIS is also called as YP. YP stands for Yellow Pages.This is primarily used as a central repository to hold all username and passwords (i.e /etc/passwd), and different servers can authenticate against this server for the username and password.) moving on Now install NIS packages # yum install ypserv edit network file  and set NISDOMAIN # vim /etc/sysconfig/network insert a line as bellow NISDOMAIN=mydomain.com Save & exit. Now start the service # /etc/init.d/ypserv start Now check that ypserv is running and registered with rpcbind #  rpcinfo -u localhost ypserv must return values as bel

We can configure yum local repository either by using centos6 install dvd or we can build a yum repository from rpm packages that we have in a directory. 1. Creating local yum repositoy from centos6 install media When you will insert dvd in desktop mode it will automatically get mounted itself but we need to mount this on custom location hence umount it # umount /dev/sr0 # mount /dev/sr0 /media Now create a .repo file inside /etc/yum.repose.d directory # vim /etc/yum.repose.d/local.repo write bellow lines [localrepo] name=my local yum repo baseurl=file:///media enabled=1 gpgcheck=0 save and exit now run repolist to verify packages avilable # yum repolist 2. Creating local yum repo with custom rpm packages First install createrepo package # yum install createrepo -y ( you can configure a local yum repository as per above method for installing this package) assume i have some rpms files inside directory /root/389ds #createrepo /root/389ds create a .re

Install rhel6.x or centos 6. remove some packages by the command # rpm -e --nodeps ipa-client # rpm -e sssd Install required  package # yum install nss-pam-ldapd openldap-clients  -y Now use authconfig command to provide authentication parameter # authconfig --enableldap --enableldapauth --enablecache --disablesssd --ldapserver="ldap://192.168.1.1:389" --ldapbasedn="dc=mydomain,dc=com" --enablemkhomedir --updateall backup  authconfig configuration # authconfig --savebackup="/root/ldapbak" By using above command all authentication configuration files will get store inside /root/ldapbak directory. restore authconfig configuration from last backup #authconfig --restorelastbackup you can also specify the source directory of last backup to restore that #authconfig --restorebackup="/root/ldapbak"

Scope: authenticate windows AD users to linux machine by using thier windows credential Step:1 Install the samba-winbind and kerberos packages # yum install samba-winbind samba-winbind-clients samba krb5-libs krb5-workstation pam_krb5 Step:2 Time synchronization Time of your linux and windows AD should be matched so make it sure first before moving ahead. Windows AD itself ( primary or parent domain controller) works as a ntp server hence yopu can use windows ad to sync your linux time by using bellow method # ntpdate <ntp-server-ip-address/dns-name> To make above configuration permanent edit the file “/etc/ntp.conf” and just replace what's there with one or more NTP servers on your domain, like server <ntp-server-ip-address/dns-name> Start the Service : # /etc/init.d/ntpd start ; chkconfig ntpd on Step:3 DNS settings make sure your linux machine has proper fqdn hostname. Make an entry in your dns which you