Friday, May 08, 2009

mandriva-directory-server-on-debian-etch

pdc:/etc/ldap# diff slapd.conf slapd.conf-mds
3d2
<
6d4
<
9d6
<
14a12,19
> include /etc/ldap/schema/mmc.schema
> include /etc/ldap/schema/samba.schema
> include /etc/ldap/schema/printer.schema
> include /etc/ldap/schema/mail.schema
> include /etc/ldap/schema/dnszone.schema
> include /etc/ldap/schema/dhcp.schema
>
> schemacheck on
24c29
< loglevel none
---
> loglevel 0
27,28c32,33
< modulepath /usr/lib/ldap
< moduleload back_hdb
---
> modulepath /usr/lib/ldap
> moduleload back_bdb
38c43
< # Specific Backend Directives for hdb:
---
> # Specific Backend Directives for bdb:
41c46,47
< backend hdb
---
> backend bdb
> checkpoint 512 30
47c53
< #backend
---
> #backend
50c56
< # Specific Directives for database #1, of type hdb:
---
> # Specific Directives for database #1, of type bdb:
53c59
< database hdb
---
> database bdb
56c62
< suffix "dc=acbgroup,dc=com"
---
> suffix "dc=example,dc=com"
60c66,67
< # rootdn "cn=admin,dc=acbgroup,dc=com"
---
> rootdn "cn=admin,dc=example,dc=com"
> rootpw {SSHA}kPd9OeiwGx4lyZUiQ2NFmzXV0JWyLV9A
65,69d71
< # The dbconfig settings are used to generate a DB_CONFIG file the first
< # time slapd starts. They do NOT override existing an existing DB_CONFIG
< # file. You should therefore change these settings in DB_CONFIG directly
< # or remove DB_CONFIG and restart slapd for changes to take effect.
<
75,77c77,78
< # to get slapd running at all. See http://bugs.debian.org/303057 for more
< # information.
<
---
> # to get slapd running at all. See http://bugs.debian.org/303057
> # for more information.
79a81
>
81a84
>
86c89,94
< index objectClass eq
---
> index objectClass,uidNumber,gidNumber eq
> index cn,sn,uid,displayName pres,sub,eq
> index memberUid,mail,givenname eq,subinitial
> index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
> index zoneName,relativeDomainName eq
> index dhcpHWAddress,dhcpClassData eq
91,94d98
< # Checkpoint the BerkeleyDB database periodically in case of system
< # failure and to speed slapd shutdown.
< checkpoint 512 30
<
96,97c100
< # replogfile /var/lib/ldap/replog
<
---
> # replogfile /var/lib/ldap/replog
103,104c106,107
< access to attrs=userPassword,shadowLastChange
< by dn="cn=admin,dc=acbgroup,dc=com" write
---
> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> by dn="cn=admin,dc=example,dc=com" write
123c126
< by dn="cn=admin,dc=acbgroup,dc=com" write
---
> by dn="cn=admin,dc=example,dc=com" write
129c132
< # by dn="cn=admin,dc=acbgroup,dc=com" write
---
> # by dn="cn=admin,dc=example,dc=com" write
133c136
< # Specific Directives for database #2, of type 'other' (can be hdb too):
---
> # Specific Directives for database #2, of type 'other' (can be bdb too):
139c142,143
< #suffix "dc=debian,dc=org"
---
> #suffix "dc=debian,dc=org"
Posted by at No comments:

Thursday, April 16, 2009

changing NAT to Bridge into MV-374

Posted by at No comments:

Wednesday, March 25, 2009

creazione diaktone it


Il





problema da risolvere e' il seguente: il 4638 non hangupa l atelfonata quando il

dialplan hanguppa la linea. Su suggerimento di Kostas

http://forum.allnet-italia.it/viewtopic.php?p=475

ho prima creato un tone set chiamandolo dialtone_it, poi ho caricato i toni riposrtati nel post del forum:




























successivamente ho associato il toneset a tutte le interfaccie isdn e sip
Posted by at No comments:

Friday, February 13, 2009

Configurazione di patton 4638 Rel 5.3

Step 1
Prima di tutto si devono configurare le BRI, settando la modalita' TE. Questa e' la lista delle bri presenti sul patton, sono 5 numerate da 0 a 4


















Adesso vediamo il settaggio della singola bri










































































Step 2
Adesso configuriamo le SIP interfaces





Selezioniamo Interfaces



Step 3
Adesso modifichiamo if-asterisk-1


In modo analogo gestiamo 2,3 e 4.

Step 4
Gestiamo i gateway, poi abbiamo finito


Attenzione: io sto lavorando sull'autenticazione senza successo, pertanto vedete in fondo sinistra la selezione del Location service 1001, nella configurazione senza autenticazione non mettete nulla.

Ecco il trunk sip su freepbx




ecco gli errori

ecco gli errori

<------------>
Scheduling destruction of SIP dialog '846c72dfab0b302a' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog 'aaf4dfe03ae20ae7' Method: REGISTER
IDSRack05*CLI>
<--- SIP read from 192.168.16.2:5060 --->
REGISTER sip:192.168.16.1:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK63b65b92794f7f3d8
Route:
Max-Forwards: 70
From: 1001 ;tag=29b67ff7be
To: 1001
Call-ID: 923509206c7644a9
CSeq: 20033 REGISTER
Contact: 1001
Expires: 3600
User-Agent: Patton SN4638 5BIS 00A0BA04473D R5.3 2009-01-15 H323 SIP BRI M5T SIP Stack/4.0.28.28
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Using latest REGISTER request as basis request
Sending to 192.168.16.2 : 5060 (no NAT)

<--- Transmitting (no NAT) to 192.168.16.2:5060 --->
SIP/2.0 403 Forbidden
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK63b65b92794f7f3d8;received=192.168.16.2
From: 1001 ;tag=29b67ff7be
To: 1001 ;tag=as6baefcde
Call-ID: 923509206c7644a9
CSeq: 20033 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '923509206c7644a9' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog 'bd591885983749f4' Method: REGISTER
IDSRack05*CLI>
<--- SIP read from 192.168.16.2:5060 --->
REGISTER sip:192.168.16.1:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK95e795fc3c732da1c
Route:
Max-Forwards: 70
From: 1001 ;tag=5d05d922f0
To: 1001
Call-ID: ba29a22bac47faed
CSeq: 26050 REGISTER
Contact: 1001
Expires: 3600
User-Agent: Patton SN4638 5BIS 00A0BA04473D R5.3 2009-01-15 H323 SIP BRI M5T SIP Stack/4.0.28.28
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Using latest REGISTER request as basis request
Sending to 192.168.16.2 : 5060 (no NAT)
IDSRack05*CLI>
<--- Transmitting (no NAT) to 192.168.16.2:5060 --->
SIP/2.0 403 Forbidden
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK95e795fc3c732da1c;received=192.168.16.2
From: 1001 ;tag=5d05d922f0
To: 1001 ;tag=as7f0991cc
Call-ID: ba29a22bac47faed
CSeq: 26050 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog 'ba29a22bac47faed' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog '258b3c1310b2780a' Method: REGISTER
IDSRack05*CLI>
<--- SIP read from 192.168.16.2:5060 --->
REGISTER sip:192.168.16.1:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bKb7ccc4bead518036e
Route:
Max-Forwards: 70
From: 1001 ;tag=a8d94a44bc
To: 1001
Call-ID: d48f445874ab99e6
CSeq: 5925 REGISTER
Contact: 1001
Expires: 3600
User-Agent: Patton SN4638 5BIS 00A0BA04473D R5.3 2009-01-15 H323 SIP BRI M5T SIP Stack/4.0.28.28
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Using latest REGISTER request as basis request
Sending to 192.168.16.2 : 5060 (no NAT)
IDSRack05*CLI>
<--- Transmitting (no NAT) to 192.168.16.2:5060 --->
SIP/2.0 403 Forbidden
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bKb7ccc4bead518036e;received=192.168.16.2
From: 1001 ;tag=a8d94a44bc
To: 1001 ;tag=as73a77b29
Call-ID: d48f445874ab99e6
CSeq: 5925 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog 'd48f445874ab99e6' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog '846c72dfab0b302a' Method: REGISTER
IDSRack05*CLI>
<--- SIP read from 192.168.16.2:5060 --->
REGISTER sip:192.168.16.1:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK5bae5c500940055a0
Route:
Max-Forwards: 70
From: 1001 ;tag=8a2ebae494
To: 1001
Call-ID: a12b9db8478a6127
CSeq: 21809 REGISTER
Contact: 1001
Expires: 3600
User-Agent: Patton SN4638 5BIS 00A0BA04473D R5.3 2009-01-15 H323 SIP BRI M5T SIP Stack/4.0.28.28
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Using latest REGISTER request as basis request
Sending to 192.168.16.2 : 5060 (no NAT)
IDSRack05*CLI>
<--- Transmitting (no NAT) to 192.168.16.2:5060 --->
SIP/2.0 403 Forbidden
Via: SIP/2.0/UDP 192.168.16.2;branch=z9hG4bK5bae5c500940055a0;received=192.168.16.2
From: 1001 ;tag=8a2ebae494
To: 1001 ;tag=as30f795e4
Call-ID: a12b9db8478a6127
CSeq: 21809 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog 'a12b9db8478a6127' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog '923509206c7644a9' Method: REGISTER
Posted by at No comments:
Labels:

Friday, July 25, 2008

At last i was able to install a Rapid Freessl cert into Zimbra NE 5.0.8 Centos 5.2
Amazing!
I got only this serror:

httpd: Syntax error on line 232 of /opt/zimbra/conf/httpd.conf: Cannot load /opt/zimbra/httpd-2.2.8/modules/libphp5.so into server: /opt/zimbra/httpd-2.2.8/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied
This error is a know bug, you can find it in bugzilla

[192.168.30.5 18:17:59 zimbra@zimbra ~/freessl ]$ sudo zmcertmgr deploycrt comm commercial.crt commercial_ca.crt
** Verifying commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: commercial.crt: OK
** Copying commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain commercial_ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...done.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
** Installing CA to /opt/zimbra/conf/ca...done.


You should use cli instead of gui.
with gui i got errors.
Posted by at No comments:
Labels: , , ,

Saturday, July 19, 2008

The problem:
every time a client send out mails using mailman to more than 100 subscribed account, qmail stop to work.
Analisys.
Issue is due to inetd. I have debian etch and inetutils-inetd installed.
To avoid mailman issue, the fix is:
smtp stream tcp nowait.max
where max is a vaery large number

BUT:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451478

inetutils-inetd does not support nowait.max

you MUST use openbsd-inetd

do not use xinted as plesk do not provide /etc/xinetd.d/* files, you have to do them yourself
Posted by at No comments:
Labels: , , , , , , ,

Wednesday, April 30, 2008

At last i was able to change password using windows CtrlAltCanc
chgpwd.php
define ('LDAP_SERVER', 'xxxx.xxxx.it');
define ('BASE_DN', 'dc=xxxx,dc=it');
define ('LDAP_OU', 'ou=People');
define ('LDAP_DN', 'uid');
define ('GROUP_DN', 'ou=Groups');

define ('AUTH_OK', 0);
define ('AUTH_KO', 1);

class ldapUtils{

var $lastError = array();
var $ldapConn;
var $daysLeft;

function admin_change_password($ldapUid,$ldapNewPass){

/* try to connect to the server */
$this->ldapConn = ldap_connect(LDAP_SERVER);
if (!$this->ldapConn){
$this->_ldapGetLastError();
return AUTH_KO;
}

$user_ldaprdn = LDAP_DN . '=' . $ldapUid . ',' . LDAP_OU . ',' . BASE_DN;
$admin_ldaprdn = 'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot';
$admin_ldappass = 'xxxx'; // associated password

$ldapBind = ldap_bind($this->ldapConn,$admin_ldaprdn,$admin_ldappass);
if (!$ldapBind){
$this->_ldapGetLastError();
return AUTH_KO;
}
$hashpass = '';
$hashpass = shell_exec("/usr/sbin/slappasswd -s ". $ldapNewPass);

$len = strlen($hashpass) - 1;
$hashpass = substr($hashpass,0,$len);

$stringCrypt = '';
$stringCrypt = shell_exec("/usr/sbin/mkntpwd ". $ldapNewPass);
$sambaPassword = preg_split("/:/",$stringCrypt);
ldap_set_option($this->ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
$entry['userpassword'] = $hashpass;
$entry['sambantPassword'] = $sambaPassword[1];
$entry['sambalmPassword'] = $sambaPassword[0];
$entry['sambaPwdLastSet'] = date("U");
$entry['sambaPwdMustChange'] = date("U") + 90 * 86400;
$result = ldap_mod_replace($this->ldapConn, $user_ldaprdn, $entry );
echo $result . "\n";
var_dump($entry);
if ($result){
return AUTH_OK;
} else{
$this->_ldapGetLastError();
return AUTH_KO;
}
}
}

openlog("chgpwd.php", LOG_PID, LOG_LOCAL0);


syslog(LOG_WARNING, 'change password ' );


if(isset($argv[1]) ){

echo "password:" ;
$stdin = fopen('php://stdin', 'r');
$newpass = '';
$newpass = fgets($stdin);


syslog(LOG_WARNING, 'change password: ' . $argv[1] . ' - ' . $newpass );
$ldap = new ldapUtils();
if( $ldap->admin_change_password($argv[1], $newpass) == AUTH_KO ){
syslog(LOG_WARNING, 'failed to change password'. $argv[1] . ' - ' . $newpass);
closelog();
return AUTH_KO;
}
syslog(LOG_WARNING, 'password changed');
echo "changed";
return AUTH_OK;
} else {
syslog(LOG_WARNING, 'mancano i parametri');
closelog();
return AUTH_KO;
}


?>
Posted by at No comments:
Subscribe to: Posts (Atom)