Corporate Mergers

Well it's that time again where I'm stuck in the middle of a corporate merger. Time to ramp up the documentation machine for a smooth transition and hope for the best. It was always more difficult to handle these back in my early IT days, afraid of losing the job or being pushed out. Now that I have close to 15 years of IT experience and nearly half of that in my current position I'm going to keep a positive attitude. At worse-case-scenario if I do get laid off I'll have more time at home with the family and deal with each day as it approaches. Wish me luck!

Sharepoint Extrapolations

So I've heard about this thing known as "Sharepoint" from MS. Interestingly enough, it wasn't as nearly complex as I had initially perceived it to be. Over the last few weeks I've dabbled with the "Basic" setup of a Sharepoint 2007 server, which, I've read, should never be done anywhere in production. At any rate, it was a great starting point and really opened up a new doorway of Geekdom for me. I've installed a couple of sites from templates found on the MS site to manipulate physical inventory and a document collection knowledge base. I'd like to go on for a little more but I'm being pressed into engaging a personal remote tech support call ... be back shortly to clean this entry up a bit and add some worthy materials and whatnot.

Simple .htaccess under Debian/Ubuntu

I'm no web pro and the Apache2 documentation, although very thourough, was way too heavy for what I was trying to figure out. About 90 minutes into epic failure with various how-to and guide sites I was able to mangle my own configuration. Again -- I'm no apache master and I'm not really interested in learning everything to know about Apache right now. There are security concerns to be considered, but I am looking for something simple to protect an internal website. Your results may vary, but my case is that I have an internal webserver that I want to use to host a couple of departmental documents and files - nothing serious or top-secret here. If you are working with a public or internet server this may not be for you but might get you started in the right direction.

Under Debian/Ubuntu there are sites-available and sites-enabled for your virtual hosts. The configuration files for each of the sites are stored under /etc/apache2/sites-available, generally a single text file with the name of the site. In my case, I want to modify the default site as it is the main document root of this particular server.

# pico /etc/apache2/sites-available/default

Look for the directive that has your path you want to protect. Again, I want the document root of this server so I will be editing the seciton with . Change the line (under your directive only) AllowOverrides None to AllowOverrides All

Save the file with CTRL-X and reload the Apache configuration with the following command

# /etc/init.d/apache2 reload

Now that the configuration has been modified you can create the password file and the access file for the directory to be secured. It is a rule of thumb to not keep the password file in the document root so keep that in mind and place it somewhere that the webserver can read but users can not.

# htpasswd -c /path/to/password/.htpasswd username

Once the password file has been created (I called mine .htpasswd) you can add a user later with this command

# htpasswd /path/to/password/.htpasswd username

And to delete a user from this list, use this command (there are no confirmation prompts to delete)

# htpasswd -D /path/to/password/.htpasswd username

With the configuration changed and the password file created (.htpasswd in my case), we can now create the directory access change file called .htaccess. You need to place this file in the same directory that you changed the AllowOverride directive in your site configuration above AND reloaded apache2 or it will not work.

# pico /path/to/directory/needing/password/.htaccess

AuthName "Foo"

AuthType Basic

AuthFile /path/to/password/file/.htpasswd

Require valid-user

The AuthName directive can be anything you want to be displayed in the popup for the username/password box just be sure to encapsulate it between quotation marks or you will get a 500 Internal Server error when you go to test it.

Debian: TaskFreak Installation

TaskFreak! is an open source project and task management tool. Tool is an understatement, this thing is handy! Installing this is listed as easy and JustWorks(tm) but the documentation on it I feel is lacking. I've compiled a list detailed instructions below to get started with a Debian Lenny system and all of the pre-installation requirements.

Pre-Installation packages required:

# apt-get install apache2 mysql-server mysql-client php5 php5-mysql

# wget http://www.taskfreak.com/files/stable/taskfreak-multi-mysql-0.6.1.tgz

# tar -zxvf taskfreak-multi-mysql-0.6.1.tgz

# mv taskfreak/* /var/www/
Note: Be sure that all of the hidden . files get moved as well!

# pico /var/www/include/config.php
Note: Change the three lines listed with //edit me (DB_USER, DB_PASS & DB_BASE). These three variables are how you will be connecting to the MySQL database that we create a few lines down. Do _NOT_ use the root account for this as it will not work (and you shouldn't even if it does)


# mysql -u root -p
Note: You should have been given the opportunity to set a root password for your mysql installation. You will only need this initially to create the database and new user for TaskFreak.

-> create database [DB_BASE];

-> create user '[DB_USER]'@'localhost' identified by '[DB_PASS]';

-> grant all privileges on '[DB_BASE].* to '[DB_USER]'@'localhost' with grant option;

-> exit
Note: Be cautious of the punctuation. Remember that words between [ ] come from your install/config.php file and you do not enter the [ ] symbols, just the words. The ' and ; punctuation marks are specificly spaced and required. There should be a ; after every mysql command or when you press enter you will get a blank -> prompt. If that happens, just type a ; and press enter and it should continue.

Once the above has been completed, open your browser to point to your installation http://server.ip.address/install/index.php. Click the link at the top-left "Check Install" -- there will be errors about missing tables. To correct this, scroll down to the bottom and click the "YES create missing tables for me" button. The tables get created and the database returns a green OK for each element.

Logon to your new TaskFreak! server with the following url : http://server.ip.address/index.html

Debian: Finding fastest apt mirror

For Debian systems already configured and installed, there is a nifty tool that you can install that will check all of the Debian mirrors to see which is the fastest available. This doesn't always mean the the closest will be chosen and your firewall/router must allow traceroute through it.

# apt-get install netselect-apt# netselect-apt lenny

As simple as that! Thanks to mypapit's blog post.

Playing with MS Forefront

Yes I know I'm a linux guy but I support more Windows machines than I do linux. I've been waiting for Microsoft to release a competing Antivirus/Antimalware product for some time. With several years of bad experiences with CA and Symantec products, I'm happy to say that my initial deployment of Microsoft's Forefront Client Security has been successful. Setup is a bit tricky, though, as it depends on WSUS for deployment to the clients and although there is a manual process, it's a bit tedious to get these manual installations to report to the management server at first. I have to admit that once you get comfortable with WSUS, things are a lot easier to deal with. Firstly, the Forefront enterprise product has some very robust reporting and management features. Will be back with an edit and more info in a couple days/weeks as I get free time to blog, which isn't often.

Syndicate of 7

I've been running the 64bit edition of Windows 7 Ultimate for about 2 months now and so far very pleased with it. I've switched to 7 full-time so I can get a better feel of the OS as I did not embrace Vista. Taking quite a bit of getting used to but at least things are much easier to find and the new taskbar features are a great improvement. Another nice default feature is including a lot of codecs within Media Player. I was impressed that when I attached my USB drive all of my music file formats (ogg, aac & mp3) were capable of being played without looking for and subsequently installing add-ons and such. My only complaint thusfar is how poorly VMware Workstation 6 performs with more than 1 guest running. Luckily I still have my Debian drive handy for when I need to do intensive testing. I'll be back again soon with updates on my pilot of 7.

UPDATE 12/10/2009:

It's been a few more weeks and I'm still running Windows 7 full-time. We have a couple others in the company that are running 7 now (32 & 64 bit editions). I've also upgraded my Vmware Workstation to v7 and noticed that cleared up a ton of issues as far as compatability and such. I do miss my Debian install but for right now everything with 7 has been incredibly stable and now all the tools are at my fingertips for domain management and such. I've been tinkering with Media Center - not entirely on the bandwagon for that. It's a clunky interface to manage all of your media and what-not but to be honest, I prefer doing all of that myself without all of the layers, bells and whistles.