|
|
This really perplexed me and took an embarrassingly long time to write such a simple method. Maybe these notes will save someone else some frustration. Here is a method to generate an MD5 hashed password to use as the value of the userPassword attribute in LDAP:
String hashMD5Password(String password) throws NoSuchAlgorithmException, UnsupportedEncodingException {
MessageDigest digest = MessageDigest.getInstance(“MD5″);
digest.update(password.getBytes(“UTF8″));
String md5Password = Base64.encode(digest.digest());
return “{MD5}” + md5Password;
}
A few tips that might be of help:
- Code that is almost exactly the same as this is posted elsewhere, without the {MD5} prefix that is particular to LDAP. Don’t forget it!
- I use Base64 from jcifs.util.Base64 (since I also use jcifs to generate passwords for the sambaNTPassword attribute) but there are several Base64 classes to choose from.
- Your LDAP server may use another form of encryption (CRYPTO, SHA, etc.). It should be a simple matter to adapt the method above to use other encryption types.
Had I known the following, this would have been so much easier:
- The format of the userPassword attribute is a string containing the crypto-identifier (ie. {MD5}) followed by the Base64-encoded MD5 digest version of the plain-text password
- Verify the output of the java method by running “slappasswd -h {MD5} -s your_password. The output of this command should match the string returned by the java method but not the string returned by ldapquery.
- ldapquery returns LDIF, so the userPassword value is further Base64-encoded.
To illustrate these last few points, consider the following:
$ slappasswd -h {MD5} -s test1
{MD5}WhBei51A4TKXgNYuoiZdig== /* this is what is stored in LDAP) */
$ slappasswd -h {MD5} -s test1 | base64
e01ENX1XaEJlaTUxQTRUS1hnTll1b2laZGlnPT0K /* this is the base64 version of above */
$ ldapsearch -h <host> -b <base> -D <bind> -w <passwd> “(uid=testuser)” userPassword
# extended LDIF
# userPassword:: e01ENX1XaEJlaTUxQTRUS1hnTll1b2laZGlnPT0=
Introduction
The ATi FirePro 2450 is a quad-output video card. Under Linux, Xorg sees it as two separate cards, each with two monitors. Getting a desktop to span all three monitors once was very difficult, but now seems to be quite easy on Ubuntu 11.10. I did not want to repeat the mistake I made in the past of not documenting the setup procedure, hence this article.
Note: 3D acceleration is not currently working with this method
Some History
 Way back in the ‘old’ days of Ubuntu 11.04, I had three monitors all sharing the same desktop using open source drivers. Life was grand. I forget exactly how I did it but it was tricky and required me to spin my own xorg.conf so I was glad to have it working, never to revisit it again.
Then one day when trying to make a bootable USB flash drive I dd’ed a bunch of zeroes over my hard drive’s partition table. I restored from a backup and saved all my really important work files, but lost my triple-head config. Not wanting to dive back into xorg.conf (because I had no notes) I quickly setup two monitors, leaving the third one turned off. It remained mostly dark, but grew brighter as it became decorated with yellow Post-It notes.
With the release of Ubuntu 11.10 I figured it was time to upgrade and maybe get that third monitor working again.
How-To
I was surprised just how easy this was. When using the open-source video drivers, no xorg.conf is created/used. By switching to the proprietary driver, the Catalyst Control Center can be used to write a sensible (and tweakable) xorg.conf. The AMD drivers seem to make the desktop far more ‘responsive’ than the open source ones.  Here is the step-by-step procedure:
- Install Ubuntu 11.10 on a machine with an ATI FirePro 2450 graphics card (I actually upgraded from 11.04).
- Connect and turn on all 3 monitors (though I suspect this will work for 4 as well)
- Install the ATI proprietary drivers:
- System Settings -> Additional Drivers -> ATI/AMD proprietary FGLRX graphics driver -> Activate
- Note, the post-release updates did not install on my computer, so I’ve ignored them
- Reboot
- Run amdcccle as an Administrator (either ‘sudo amdccle’ or search the dashboard for the AMD Catalyst Control Center). In my case, the third monitor was on it’s own ‘unknown’ device, which I enabled (you won’t be able to adjust settings just yet). Close amdcccle to save settings.
- Reboot.
- Run amdcccle again. The unknown device should now be recognized and allow the resolution and DPI to be set on the 3rd monitor. You can setup dual-display on the first two monitors at this point if you want but I found the setting did not persist through the reboot. Close amdcccle to save settings.
- Reboot. At this point I had two ‘cloned’ monitors and a third monitor that was enabled (X, mouse, keyboard) but no Window manager
- Run amdcccle a third time. Enable Xinerama, then enable dual-display / multi display on all monitors.
- Reboot and enjoy.
No wonder the circuits I design never work – I forget the tear collector and the moral rectifier. Digikey has really good pricing on 666 timers. If you don’t have an EE background this discussion might clarify some of the trickier components for you.
 Schematic
How to install Trixbox CE 2.8.0.3 on a Trixbox Appliance with a Sangoma A200/Remora card.
Background
My most recent trixbox appliance from 888 VOIP Store (I’ve bought 3) was all messed up. It was shipped by the wrong carrier, cleared customs through the wrong broker, was send to the wrong address, and wasn’t pre-configured. The previous appliances I’ve received had the Remora card installed and Trixbox CE pre-configured and fired-up right out of the box. This one didn’t have the card installed (not a big deal) and started up with a dual-boot Pro vs. CE.  Somehow in the process of setting it all up I screwed up the config to the point where Asterisk would not start, nor would it recognize the Remora card. Faced with a re-install, I thought I would take the opportunity to upgrade from Trixbox 2.6 to Trixbox 2.8.
References
How-To
This procedure too a few tries to get right, but seems quite straight forward. Trixbox appliances don’t have CD-ROM drives, so this procedure uses a USB CD-ROM. If installing this in VMWare, add two NICs and and two hard drives to mimic the appliance hardware.
Install
- Download and burn Trixbox CE 2.8.0.3 iso to a cd.
- Boot the machine with the cd installed in a USB CD-ROM (Press F12 to enter Boot Selection Menu, then USB-CDROM)
- At the installer prompt, type ‘appliance linux usb’
- Answer any questions the installer might have about keyboards and timezones, and enter a root password.
- There may be an error about a missing kickstart file. Count to 30, then press OK. To see what’s going on with usb-storage modules, etc. press Ctrl-Alt-F2. press Ctrl-Alt-F1 to return to the installer.
- Answer any more questions the installer might have, but if it starts asking about partition schemes or package selection, something is wrong – those questions should be answered automatically by the kickstart file.
- There may be an error about a dahdi module requiring a kernel – this does not seem to impact the installation.
- Installer will finish and system will reboot.
Basic Config
- Login as root.
- Connect box to network and config using ‘system-config-network’. eth0 is the on-board NIC (WAN) and eth1 is the 4-port NIC (LAN).
- Change web interface password: ‘passwd-maint’
- Change root password: ‘passwd’
- Connect to web interface (user: maint)
- Check ‘Packages’ for updates (none at time of writing)
- Check “PBX->PBX Settings -> Module Admin->Check for Updates Online” (3 at time of writing). Click upgrade-all, then ‘process’.
Sangoma Config
The wanpipe packages available through the Trixbox package manager do not work, but RPMS do exist that can be installed simply:
- Login as root
- ftp or wget ftp://ftp.sangoma.com/linux/custom/yannick/RPMS/RPMS_trixbox-2.8.0.3/wanpipe-modules-2.6.18-1.28.1.10.el5-3.5.10-0.i686.rpm
- ftp or wget ftp://ftp.sangoma.com/linux/custom/yannick/RPMS/RPMS_trixbox-2.8.0.3/wanpipe-util-3.5.10-0.i686.rpm
- Install: ‘rpm -ivh *.rpm’
- Don’t run wancfg – run ‘setup-sangoma’ instead.
- Answer questions. Mostly say ‘Yes’ to everything.
- Reboot
- Verify – run ‘dmesg’ and look for wanpipe messages, then run ‘asterisk -r’ and type ‘dahdi show channels’ and ‘dahdi show status’
I’ve never been a heavy Outlook user (I only recently stopped using Pine), but I was really surprised by how lost Outlook users become when you take them out of their element. Instead of adapting and finding new (and better) workflows, they insist on trying to force Google Apps to work like Outlook. Here is what you can expect die hard Outlook users to complain about when you ask them to switch to the web-based Google Mail. More users are switching all the time, so expect this list to grow…
Folders, sub folders, and sub sub sub sub folders
Outlook users don’t get the concept of labels, nor do they like to use the Search feature. They want 9 levels of nested folders even if those folders may only contain a single message. Stop the riot with Folders 4 G-Mail – of course, then you have to wean them off Internet Explorer, which is a whole different battle.
Capture the flag
Star? Star? We don’t need no stinkin’ star? A Star simply won’t do! Where are my flags? I must have red, blue, yellow, green, orange, and purple!
This is of High Importance:Â I’ve requested a read receipt.
Outlook users assume that everyone in the world uses Outlook, and that recipients actually drop everything and leap into action when they receive a message marked with “high importance”. “If I don’t request a read receipt, how will I know my message has been read?”.  In the real world, read receipts aren’t supported in many mail systems, and most high importance messages are flagged as spam or actively ignored by the recipient. Google probably doesn’t support these features because they, like the rest of us, have recognized they’re useless!
If a message is important and requires a response, use compelling subject lines and message content to get action from the recipient. Instead of using “Re: Something Boring” as a subject line, use “Re: Something – Response Required by Friday”.
Send email messages as attachments in other emails that have e-mails as attachments.
This reminds me of pointing two mirrors at one another, or wrapping a present that’s a box within a box within a box. Isn’t this what the Forward feature is for? Ever heard of cut-and-paste?
Create events and tasks from mail messages
This one really surprised me. I didn’t know Outlook could do this, but apparently if you drag an e-mail message onto the Calendar it creates an event with the content of the e-mail pasted in the details box. Pretty cool, but GMail can do it even better. When viewing a message in GMail, click More actions -> Create Event. Google will parse the message and use dates and times within the body to create a calendar event.
It’s also possible to associate Google Tasks with e-mail messages. When viewing the message, click More Actions -> Add to Tasks. The task will then contain a link back to the e-mail message.
HTML Signatures
Wow. Who knew that business would grind to a halt without the ability to attach a picture or crappy fonts to an e-mail signature. Granted, the ability to include a link to your website is a nice feature. Thankfully there’s the Blank Canvas plug-in, because without it, the world as we know it would end.
Send To / Send as E-Mail
Because GMail is web based, it can’t act as the default mail client to attach documents to e-mails automatically. Without Outlook installed, how ever are you going to e-mail that document? Well, if creating a new message and clicking “Attach a file” is too much for you, you can always install Affixa. Then, using the send-as-email feature will trigger Affixa to create a new draft message in GMail with the document attached. Fill in the To, Subject, and Message, and then Send.
|
|
