open squid.conf on any of the text editor
vim /etc/squid/squid.conf
and add te below lines to add an access list
acl ipacl url_regex http://[0-9]*/.[0-9]*/.[0-9]*/.[0-9]*
http_access deny ipacl
You need back slash before dot in the url_regex. otherwise all the URLs will
be blocked.
Tuesday, November 30, 2010
Wednesday, November 24, 2010
SSH or SCP without password
Scenario
You have two Linux servers and you want to ssh or you want to do scp(to copy some files to the other server) without any password. This can be useful if you want to create a script to copy files from one server to another as backup
First Linux server :192.168.1.10
Second Linux Server :192.168.1.11
install ssh on both of them
#apt-get install ssh
In the First Server
1. Login as root
2. ls -al /root/
3. try to find a folder ".ssh"
4. if their is any files or folder other than 'known_hosts' delete it by using following command
5. Now generate ssh keys, follow steps
6. ssh-keygen -t rsa
7.Don't give any passphrase -This is important
8. Press enter again & again untill you get command prompt again.
9. Now you will find few files one of them will be "id_rsa.pub" in the .ssh folder
10. copy this file to the second linux machine, follow steps
11. scp /root/.ssh/id_rsa.pub root@192.168.1.11:/root/
12. you will be asked for root password, type your password, press enter
13. now log on to 192.168.1.11 as root
14. type the sequence of following commands
15 .cd ~/.ssh
(. if it is their then follow the command sequence below, or create .ssh folder by typing following command mkdir .ssh)
16. now add the key to your authorised keys, follow the steps
17. cat /root/id_rsa.pub >> /root/.ssh/authorized_keys --->> press enter
18. go back to your 192.168.1.10, type the following command
19. ssh root@192.168.1.11
20. you should be loged in to it without any password
21. repeate step 11 to 19 on all machines you want to logon without password
You have two Linux servers and you want to ssh or you want to do scp(to copy some files to the other server) without any password. This can be useful if you want to create a script to copy files from one server to another as backup
First Linux server :192.168.1.10
Second Linux Server :192.168.1.11
install ssh on both of them
#apt-get install ssh
In the First Server
1. Login as root
2. ls -al /root/
3. try to find a folder ".ssh"
4. if their is any files or folder other than 'known_hosts' delete it by using following command
5. Now generate ssh keys, follow steps
6. ssh-keygen -t rsa
7.Don't give any passphrase -This is important
8. Press enter again & again untill you get command prompt again.
9. Now you will find few files one of them will be "id_rsa.pub" in the .ssh folder
10. copy this file to the second linux machine, follow steps
11. scp /root/.ssh/id_rsa.pub root@192.168.1.11:/root/
12. you will be asked for root password, type your password, press enter
13. now log on to 192.168.1.11 as root
14. type the sequence of following commands
15 .cd ~/.ssh
(. if it is their then follow the command sequence below, or create .ssh folder by typing following command mkdir .ssh)
16. now add the key to your authorised keys, follow the steps
17. cat /root/id_rsa.pub >> /root/.ssh/authorized_keys --->> press enter
18. go back to your 192.168.1.10, type the following command
19. ssh root@192.168.1.11
20. you should be loged in to it without any password
21. repeate step 11 to 19 on all machines you want to logon without password
Monday, November 15, 2010
FSMO Best Practice
By default, when you install the first DC of your forest root domain, this first DC holds all five FSMO roles. When you install the first DC of any other domain in your forest, that DC will hold all three domain FSMO roles (PDC Emulator, RID Master, and Infrastructure Master). Depending on the complexity of your network, however, this default roles assignment may not be appropriate, so you need to transfer some of your roles to a different machine to achieve optimal FSMO-role placement on your network
Rule 1: The PDC Emulator and RID Master roles should be on the same machine because the PDC Emulator is a large consumer of RIDs.
- Tip: Since the PDC Emulator is the role that does the most work by far of any FSMO role, if the machine holding the PDC Emulator role is heavily utilized then move this role and the RID Master role to a different DC, preferable not a global catalog server (GC) since those are often heavily used also.
Rule 2: The Infrastructure Master should not be placed on a GC.
- Tip: Make sure the Infrastructure Master has a GC in the same site as a direct replication partner.
- Exception 1: It's OK to put the Infrastructure Master on a GC if your forest has only one domain.
- Exception 2: It's OK to put the Infrastructure Master on a GC if every DC in your forest has the GC.
Rule 3: For simpler management, the Schema Master and Domain Naming Master can be on the same machine, which should also be a GC.
- Exception: If you've raised your forest functional level to Windows Server 2003, the Domain Naming Master doesn't need to be on a GC, but it should at least be a direct replication partner with a GC in the same site
Thursday, November 11, 2010
My kayako experience
Our company purchased Kayako ticketing system. Even though it is satisfying minimum functionalities of a ticketing system, it showed a lot of un professional approach towards customer support
1) Even if you pay for the license ,they will not support you in installation .You have to pay for the installation and for the installation of the pre requisites ,separately .
2)For any minute change in the code , or any client specific change they will encourage their third party developers. If you purchase kayako you can get the below commends twice daily "Jasvinder Singh: We apologize, we do not support code or template modifications." OR "Jasvinder Singh: You may seek assistance from our third party developers. Their information is available at :
http://www.kayako.com/community/third-party-services.php "
I would like to add senareos which i recieve such comments .I am using V3 version ok kayako eSupport
1)If you have scenario where you have client users and a group of client users having a manager. And kayako will generate email alert for client users but not to the managers. The managers have to rely on their browser based login panel to get each and every updates
#####################################
kayako never support email to the very first user in the CC list.
it means "the very first post of ticket is not send to the CC users",the second update onwards will send to all users in the CC list
If you want this functionality you have to contact any third party vendors.
1) Even if you pay for the license ,they will not support you in installation .You have to pay for the installation and for the installation of the pre requisites ,separately .
2)For any minute change in the code , or any client specific change they will encourage their third party developers. If you purchase kayako you can get the below commends twice daily "Jasvinder Singh: We apologize, we do not support code or template modifications." OR "Jasvinder Singh: You may seek assistance from our third party developers. Their information is available at :
http://www.kayako.com/community/third-party-services.php "
I would like to add senareos which i recieve such comments .I am using V3 version ok kayako eSupport
1)If you have scenario where you have client users and a group of client users having a manager. And kayako will generate email alert for client users but not to the managers. The managers have to rely on their browser based login panel to get each and every updates
#####################################
kayako never support email to the very first user in the CC list.
it means "the very first post of ticket is not send to the CC users",the second update onwards will send to all users in the CC list
If you want this functionality you have to contact any third party vendors.
Subscribe to:
Posts (Atom)