MY BUSINESS DAY IS YOU!

Assignment: create Active Directory group for linux administrator who need a root privilege (sudo su) with no password required. 1. Create linuxadm group at Active Directory server with group type: security. 2. Add Active Directory user account into linuxadm group (e.g bruce wayne). 3. Add Active Directory group into sudoers profile (/etc/sudoers) using visudo on linux server. [root@labnfs ~]# visudo %BATMAN.LOCAL\\linuxadm         ALL=(ALL)       NOPASSWD: ALL 4.  check UID  before/after run "sudo su" on Linux server using Active Directory user account to confirm it. aghiel@aghiel-mbproi9 ~ % ssh bruce@labnfs bruce@labnfs's password:  [bruce@labnfs ~]$  [bruce@labnfs ~]$ id uid=215401106(bruce) gid=215400513(domain users) groups=215400513(domain users),215401120(linuxadm) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [bruce@labnfs ~]$ sudo su [root@labnfs bruce]# id uid=0(root) gid=0(root) groups=0(root) contex...

1.  install linux package for this purpose : [root@labnfs ~]# yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y 2.  point to DNS server where Active Directory (AD DNS) active : [root@labnfs ~]# vi /etc/resolv.conf [root@labnfs ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.1.77   ==> AD DNS nameserver 192.168.1.1   ==> default DNS from DHCP note: if you have default DNS server using DHCP which is not part of AD DNS server and you modified name server in /etc/resolv.conf manually, network manager always overwrite /etc/resolv.conf with default DNS server.  [root@labnfs dhcp]# cat /etc/resolv.conf   ==> always overwritten by network manager  # Generated by NetworkManager nameserver 192.168.1.1.  to prevent that happened, you need to add preferred DNS into /etc/dhcp/dhclient.conf (if it doesn't exist,you can create dhcli...

Unconfigure iSCSI LUN on client-side + ZFS: 1. remove iscsi pool # zpool destroy -f iscsi_pool 2. verify iscsi LUN # iscsiadm list static-config Static Configuration Target: iqn.1986-03.com.sun:02:f11c14b0-5df9-ea4c-9c8b-f8df4b69c9e6.share01,10.24.132.141:3260 3. remove LUN # iscsiadm remove static-config iqn.1986-03.com.sun:02:f11c14b0-5df9-ea4c-9c8b-f8df4b69c9e6.share01,10.24.132.141:3260 4. verify iscsi LUN has been removed # iscsiadm list static-config 5. disable LUN mapping # iscsiadm modify discovery -s disable Unconfigure iSCSI LUN on storage-like server + ZFS: 1. remove iSCSI mapping. # iscsitadm list target Target: zonk/iscsi01 iSCSI Name: iqn.1986-03.com.sun:02:ce177099-6ab3-c39d-82ea-d49f2b439052 Connections: 0 Target: share01 iSCSI Name: iqn.1986-03.com.sun:02:f11c14b0-5df9-ea4c-9c8b-f8df4b69c9e6.share01 Connections: 0 # iscsitadm delete target -? iscsitadm delete target OPTIONS: -u, --lun -l, --acl ...

make sure iscsi target daemon alive (for storage-like server). If not, activate it: #svcs -a |grep iscsi disabled 15:34:14 svc:/system/iscsitgt:default online Jun_25 svc:/network/iscsi/initiator:default #svcadm enable svc:/system/iscsitgt:default Configure iscsi target (on storage-like) + ZFS: 1. create volume : #zfs create -V 500g zonk/iscsi01 2. set shareiscsi=on into volume: #zfs set shareiscsi=on zonk/iscsi01 3. create iscsi target volume : #iscsitadm create target -b /dev/zvol/rdsk/zonk/iscsi01 share01 4. verify iscsi target: #iscsitadm list target -v Target: zonk/iscsi01 iSCSI Name: iqn.1986-03.com.sun:02:ce177099-6ab3-c39d-82ea-d49f2b439052 Alias: zonk/iscsi01 Connections: 0 ACL list: TPGT list: LUN information: LUN: 0 GUID: 0 VID: SUN PID: SOLARIS Type: disk Size: 500G Backing store: /dev/zvol/rdsk/zonk/iscsi01 Status: online Target: share01 iSCSI Name: iqn....

How to use rsync via ssh on solaris 10: 1. install rsync package on both (server & client) and follow the instruction : # pkgadd -d rsync-2.6.9-sol10-sparc-local (sparc) #pkgadd -d rsync-3.0.7-sol10-x86-local (x86) don't forget to install libcap also if it doesn't exist on servers (#pkginfo |grep -i libcap) : #pkgadd -d libpcap-1.1.1-sol10-sparc-local (sparc) #pkgadd -d libpcap-1.1.1-sol10-x86-local (x86) Voila! you have rsync package installed!: -bash-3.00$ which rsync /usr/local/bin/rsync -bash-3.00$ which ssh/usr/bin/ssh 2. to check whether it is worked using ssh or not : #rsync -avn -e ssh --rsync-path=/usr/local/bin/rsync remoteuser@remotehost:/dirtobecopied/ /localdir/destination 3. to try synchronize the data with option Z (compressed using gzip) : #rsync -avz -e ssh --rsync-path=/usr/local/bin/rsync remoteuser@remotehost:/dirtobecopied/ /localdir/destination 4. to limit transfer speed/bandwidth (e.g 1MBps): #rsync -avz --bwlimit=1024 --rsync-path=/usr/local/bin/rs...

SQL> select name, value from v$sysstat 2 where name like 'session%' order by name; NAME VALUE ---------------------------------------------------------------- ---------- session connect time 2.3017E+12 session cursor cache count 1029 session cursor cache hits 1444889 session logical reads 292519432 session pga memory 3589314472 session pga memory max 3822966956 session stored procedure space 0 session uga memory 2.5830E+10 session uga memory max 383812564 9 rows selected.

How to install samba server (network filestore on UNIX for windows) 1. Install samba package (from CD companion solaris) 2. configure smb.conf , i.e : # Global parameters # aghiel p 19 April 2005 workgroup = sunwrkgrp server string = sunb-aghiel security = Share hosts allow = localhost, batman hosts deny = All [root] path = / comment = Solaris root guest ok = Yes read only = Yes [share] path = /share comment = Solaris share guest ok = Yes read only = No [software] path = /export/home/software guest ok = Yes guest account = forever comment = software read only = No create mask = 0755 3. start samba : /usr/sfw/sbin/smbd -D /usr/sfw/sbin/nmbd -D or running script below (/etc/init.d/samba) : #!/sbin/sh # # Copyright (c) 2001 by Sun Microsystems, Inc # All rights reserved. # #ident "@(#)samba 1.1 01/09/24 SMI...