June 12, 2017

GPO Map Drive Login Script not working

Group

Problem: Active Directory Group Policy Logon Script to Map Drive fails to execute when applied to specified A.D. Group.

Likely Cause: The GPO “Security Filtering” must also include computers, not just the Groups.

Solution: Set the “Security Filtering” to include “Domain Computers” as well as the desired user groups.

  

June 08, 2017

RHEL7 CentOS7 chroot-named


enter image description here

Recently, I replaced two old RHEL5 DNS BIND (named) servers to RHEL7. Essentially, I took the easy route and used WebMin config backups to setup the new servers. However, i did come across some easily resolvable issues.


Problem: I want to replace named with chroot-named

Solution:

yum -y install bind-chroot

systemctl stop named
systemctl disable named

/usr/libexec/setup-named-chroot.sh /var/named/chroot on
mkdir /var/named/chroot/var/named/data
chown named:named /var/named/chroot/var/named/data

systemctl enable named-chroot
systemctl start named-chroot


Problem: Job for named-chroot.service failed because the control process exited with error code.

Solution: you need to mkdir/chown data directory as described above.

You can get additional service status info with journalctl -xe -u named-chroot


Problem: zones aren’t being transferred or files are access-denied (as seen with with the above journalctl command )

Solution:

#DNS1 (optional?)
scp -p /var/named/chroot/var/named/*.{rev,hosts} root@DNS2:/var/named/chroot/var/named/slaves/

#DNS2
chown -R root:named /var/named/chroot/var/named/slaves/
chmod 770 /var/named/chroot/var/named/slaves/
chmod 660 /var/named/chroot/var/named/slaves/*

~~~

Written with StackEdit.

June 01, 2017

MS Edge? NO THANKS!!!!!

Somehow, recently while using Firefox on Debian, a websearch produced an MS page with a banner-nag... WTF?