Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

December 06 2013

Prosody with authentification against LDAP/ActiveDirectory

I am using

  • Prosody v0.9.1
  • sasl2-bin v2.1.25
  • Debian 8/jessie

you need several packages:

apt-get update ; apt-get install sasl2-bin libsasl2-modules-ldap lua-ldap lua-cyrussasl

and configs:

/etc/default/saslauthd

START=yes
MECHANISMS='ldap'
MECH_OPTIONS='/etc/saslauthd.conf'

/etc/saslauthd.conf

ldap_servers: ldap://ldap.example.com/
ldap_search_base: ou=foo,dc=example,dc=com

ldap_bind_dn: ldap-user-for-binding
ldap_bind_pw: pw-for-that-user
ldap_use_sasl: no
ldap_start_tls: no
ldap_auth_method: bind

ldap_filter: (sAMAccountName=%u)

/etc/prosody/prosody.cfg.lua

authentication = 'cyrus'
cyrus_service_name = 'xmpp'

-- eventually configure SSL properly
ssl = {
        key = 'x';
        certificate = 'y';

        options = { 'no_sslv2', 'no_sslv3' , 'no_ticket', 'no_compression' };
        ciphers = 'HIGH:!DSS:!aNULL@STRENGTH!:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA';
}

Add the system-user ‘prosody’ to the ‘sasl’-group and restart both services:

adduser prosody sasl ; service saslauth restart ; service prosody restart

Eventually have a look at /var/log/auth.log for sasl-problems or the prosody-logs.

The post Prosody with authentification against LDAP/ActiveDirectory appeared first on nur Bahnhof.

flattr this!

November 20 2013

a tale of fail and win (image recovery/management under linux)

  1. use git-annex-assistant to create backups on several destinations
    1. use test-repo first, do some tests
    2. try on smaller directories w/ actually valuable data, create backups first
    3. annex-ize several other directories
    4. remove picture-backup from external HDD to make space for new backup via git annex (very bad ida)
    5. annex-ize several GB of pictures dating back to 2004 (RAWs and JPGs)
    6. fail somehow several times, remove .git directory start anew
    7. (do some other stuff)
    8. get back to the picture-dir, realize that it is empty (besides some folders), .git directory contains nothing
  2. use ntfsundelete, and some proprietary tools to recover (only marked as) deleted files from the ntfs volume (900 GB)
    • use git annex fsck on the recovered .git data, get only some pictures back, not very much (about 2k files)
  3. use photorec on several runs to recover .jpg and .cr2 (RAW) data
  4. try to use picasa on the files to get some sorting (and kick out unwanted data as images from games etc.)
    • picasa somehow mangles the raw-files :(
    • picasa does not properly use the exif-provided file-creation date, but a mixture of that and the files’ date w(
  5. fiddle around with exiftool to get back the timestamp from the files’ exif-data
    find . -type f -name '*.jpg' -exec exiftool  -FileModifyDate\<DateTimeOriginal {} \;
  6. try digikam
    1. somehow works
    2. slow on previews when using ‘import from files’
    3. slow on DB handling
    4. hangs itself when moving about 6k (?) files from one folder to another
    5. switch to MySQL as backend
      • somehow fail, try google
      • realize that the internal MySQL server won’t do, install external one
      • use ‘settings’->’Database migration’ before switching via the config
    6. speed is better
    7. use the duplicate detection to remove redundant files (takes time …)

The post a tale of fail and win (image recovery/management under linux) appeared first on nur Bahnhof.

flattr this!

August 07 2013

citrix netscaler – ssl

Certificate with key size greater than RSA512 or DES512 bits not supported

Beste Sicherheit die man für Geld kaufen kann… Anstatt mitzuteilen, dass erst eine Lizenz eingespielt werden muss…

The post citrix netscaler – ssl appeared first on nur Bahnhof.

flattr this!

March 05 2013

Plantronics MyHeadset/Update/Configuration

configuring/updating a plantronics voyager legend headset is quite a pita:

  • you need windoze
  • install some software which has no startmenu-entry, does not start after install
  • does not demand admin-rights when you start the .exe by hand w/o admin-rights
  • does not show up anywhere (but task-manager) after beeing started, so you can not shut it down the normal way
  • the configuration runs via a web-interface (http://www.plantronics.com/us/support/myheadset/updater/) which then talks to the running process which listens on 0.0.0.0/[::]:8011
  • this the updater-website then runs some javascript which talks via XML with the local process and plantronics.com. in a ugly way (okay it is XML…)

Here some examples:

Query: http://127.0.0.1:8011/isThereAnInoperableDeviceAttached?_=someID
Reply: OK

Query: http://127.0.0.1:8011/getDeviceList?_=someID
Reply:

<?xml version="1.0" encoding="utf-8"?>
<ArrayOfDeviceDescrip xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <DeviceDescrip name="Voyager Legend" pid="115" fwVersion="44" />
</ArrayOfDeviceDescrip>

Query:

http://127.0.0.1:8011/getExtendedDeviceDescription?xml=%3CExtendedDeviceQuery%20pid%3D%22115%22%3E%3CPStoreSetting%3Elanguage%3C/PStoreSetting%3E%3CPStoreSetting%3EvocalystPhoneNumber%3C/PStoreSetting%3E%3CPStoreSetting%3EenableAnswerIgnoreVR%3C/PStoreSetting%3E%3CPStoreSetting%3EenableDonDoff%3C/PStoreSetting%3E%3CPStoreSetting%3EenableA2DP%3C/PStoreSetting%3E%3CPStoreSetting%3EenableIncomingCallerAnnouncement%3C/PStoreSetting%3E%3CPStoreSetting%3EenableMuteVoicePrompt%3C/PStoreSetting%3E%3CPStoreSetting%3EmuteReminderTimeout%3C/PStoreSetting%3E%3CPStoreMap%20url%3D%22http%3A//www.plantronics.com/inc/support/myheadset/updater/psmap/bt_0044.PLT_Moorea_PStoreSettingConfiguration.xml%22%20/%3E%3C/ExtendedDeviceQuery%3E&_=someID

Reply:

<?xml version="1.0" encoding="utf-8"?>
<DeviceDescripEx xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="Voyager Legend" pid="115" fwVersion="44">
  <Settings>
    <NvPair name="language" value="0x407" />
    <NvPair name="vocalystPhoneNumber" value="+492222222" />
    <NvPair name="enableAnswerIgnoreVR" value="0x1" />
    <NvPair name="enableDonDoff" value="0x1" />
    <NvPair name="enableA2DP" value="0x1" />
    <NvPair name="enableIncomingCallerAnnouncement" value="0x1" />
    <NvPair name="enableMuteVoicePrompt" value="0x1" />
    <NvPair name="muteReminderTimeout" value="0x15" />
  </Settings>
</DeviceDescripEx>

As that seems not to be enough we have an GET request to an statistics/tracking-interface by plantronics (URI decoded):

http://www.plantronics.com/moriniSrv/postMetrics?xml=<?xml version="1.0" encoding="UTF-8" ?>
<UpdateDescrip pid="115" downloadUrl="http://www.plantronics.com/inc/support/myheadset/updater/dfu/bt_0115_0044.PLT_Moorea_GBR_EN_dfu.dfu" postUpdateDelaySecs="20"><BeforeUpdateDeviceDescrip name="Voyager Legend" pid="115" fwVersion="44"><Settings><NvPair name="enableIncomingCallerAnnouncement" value="0x1" /><NvPair name="language" value="0x407" /><NvPair name="vocalystPhoneNumber" value="+4922222" /><NvPair name="enableMuteVoicePrompt" value="0x1" /><NvPair name="muteReminderTimeout" value="0x15" /><NvPair name="enableDonDoff" value="0x1" /><NvPair name="enableA2DP" value="0x1" /><NvPair name="enableAnswerIgnoreVR" value="0x1" /></Settings></BeforeUpdateDeviceDescrip><AfterUpdateDeviceDescrip name="Voyager Legend" pid="115" fwVersion="44"><Settings><NvPair name="enableIncomingCallerAnnouncement" value="1" /><NvPair name="language" value="0x809" /><NvPair name="vocalystPhoneNumber" value="+492222222" /><NvPair name="enableMuteVoicePrompt" value="1" /><NvPair name="muteReminderTimeout" value="15" /><NvPair name="enableDonDoff" value="1" /><NvPair name="enableA2DP" value="1" /><NvPair name="enableAnswerIgnoreVR" value="0x1" /></Settings></AfterUpdateDeviceDescrip><SaveAndRestore><PStoreSetting>informationPhoneNumber</PStoreSetting><PStoreSetting>scoOpenTone</PStoreSetting></SaveAndRestore><PStoreMap_before url="http://www.plantronics.com/inc/support/myheadset/updater/psmap/bt_0044.PLT_Moorea_PStoreSettingConfiguration.xml" /><PStoreMap_after url="http://www.plantronics.com/inc/support/myheadset/updater/psmap/bt_0044.PLT_Moorea_PStoreSettingConfiguration.xml" /></UpdateDescrip>&_=someID

So what is this? Modern software-design?

The post Plantronics MyHeadset/Update/Configuration appeared first on nur Bahnhof.

flattr this!

August 29 2011

May 11 2011

ein Experiment

altes header-bildIch habe die letzten Tage etwas auf meinem Server aufgeräumt und einige (uralt-) WordPress-Installationen in eine saubere WordPress-Network-Installation verwandelt – dazu vielleicht später mehr in einem extra Artikel.

Nachdem ich gegen Ende 2007 meinen Blog, den ich drei Jahre lang mit mehr oder weniger sinnvollem Inhalt gefüllt habe, dann endgültig schlafen gelegt habe, starte ich nun einen Neuanfang.

Zum Schließen des Blogs haben mich damals einige Dinge gebracht; darunter zwei Abmahnungen/Unterlassungserklärungen die nach einem Gang zum Anwalt des Verbraucherschutzes und einer wohl formulierten Antwort nicht mehr von sich hören ließen und generelle Entwicklung in diesem Themenbereich sowie das Beispiel Anderer.

Ein solcher Reboot hätte auf verschiedene Weise geschehen können:

  • ohne alle alten Inhalte
  • mit den alten Inhalten in einem Archiv mit statischem HTML (niemand will eine WordPress-Installation von 2007 laufen lassen, oder ein Upgrade durchführen und sich dann auf Bug-Suche begeben)
  • mit allen alten Inhalten

Ich habe mich für Letzteres entschieden, da man an solchen Dokumenten meist ganz anschaulich sehen kann welchen Weg jemand im Laufe der Zeit genommen hat; ein weiterer Punkt ist auch, dass ich immer wieder auf der Suche nach Informationen auf Seiten stoße, die ihrer Inhalte beraubt wurden.

Anschaulich wird das durch einige Blüten, die ich jetzt wohl nicht mehr bringen würde ;-).

September 30 2010

April 26 2010

Blogging Like a Hacker

I already knew a lot about what I didn’t want. I was tired of complicated blogging engines like WordPress and Mephisto. I wanted to write great posts, not style a zillion template pages, moderate comments all day long, and constantly lag behind the latest software release. Something like Posterous looked attractive, but I wanted to style my blog, and it needed to be hosted at the domain of my choosing. For the same reason, other hosted sites (wordpress.com, blogger.com) were disqualified. There are a few people directly using GitHub as a blog (which is very cool), but that’s a bit too much of an impedance mismatch for my tastes.

On Sunday, October 19th, I sat down in my San Francisco apartment with a glass of apple cider and a clear mind. After a period of reflection, I had an idea. While I’m not specifically trained as an author of prose, I am trained as an author of code. What would happen if I approached blogging from a software development perspective? What would that look like?

November 18 2009

Leistungsschutzrecht – Neue Nutzungsbedingungen auf F!XMBR

area_51
Foto: F!XMBR

1. Das Zitieren der Autoren und deren Artikel auf F!XMBR ist ohne vorherige Zustimmung zukünftig nicht mehr gestattet.
Wer sich zukünftig zwecks Zitaten widerrechtlich an unseren Texten bereichern will, muss damit rechnen, rechtlich verfolgt zu werden. Jeder Autor, der uns zitiert, muss sich ab sofort – selbstverständlich vor dem Zitieren – eine Genehmigung einholen. Diese wird schriftlich erteilt, im Regelfall folgt innerhalb von 24 Stunden das Antwortfax. Gegen einen entsprechenden Obolus pro Zitat ist es anderen Publikationen und Bloggern gestattet, F!XMBR zu zitieren. Das gilt ebenfalls für die Übernahme unserer Überschriften. An einem so genannten Flatrate-Modell wird derzeit gearbeitet.

(weiterlesen…)

April 26 2009

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl