Archive for the ‘software’ Category

« Older Entries

NTLM authentication working!

Thursday, February 26th, 2015

OU logoWoohoo! I got NTLM to work! What a relief to finally feel “connected” with the rest :)
How I finally managed: I installed NTLM APS version 0.9.9.5, and used the following config values (keeping only the pertinent values, the rest isn’t changed):

[GENERAL]
PARENT_PROXY:

[NTLM_AUTH]
NT_HOSTNAME:
NT_DOMAIN:pwo
USER:hjo
PASSWORD:
LM_PART:1
NT_PART:1
NTLM_FLAGS: 07820000
NTLM_TO_BASIC:0

Let’s see if it still works with debugging turned off…yup! So I’ve updated that in the above description.

I’ve now added a tiny PAC file, proxy-for-local-domain.js:

function FindProxyForURL(url, host) {
        host = host.toLowerCase();
        
        // Route all OU traffic through local NTLM authentication-
        // handling proxy
        if (dnsDomainIs(host, ".ou.nl"))  {
                return "PROXY 127.0.0.1:5865";          // (IP:port)
        }

        // Anything else: just direct
        return "DIRECT";
}

and then configured Firefox to use an automatic proxy configuration url of file://.../proxy-for-local-domain.js. Tested and it works! woohoo!

Posted in software, unix/windows, work | Comments Off on NTLM authentication working!

Printing running; NTLM authentication 1 step closer

Friday, February 6th, 2015

With some help of the OU IT staff, I got one step closer to two things!

NTLM authentication

This was my goof-up. The cntlm config file was only readable by root. Le doh!
So:

  1. install cntlm
  2. config /etc/cntlm.conf as:

    Username hjo
    Domain www.intranet.ou.nl

    # List of parent proxies to use. More proxies can be defined
    # one per line in format : Proxy 145.20.126.12:8080
    #Proxy 10.0.0.42:8080

    # List addresses you do not want to pass to parent proxies
    # * and ? wildcards can be used
    #
    NoProxy localhost, 127.0.0.*, 10.*, 192.168.*

    # Specify the port cntlm will listen on
    # You can bind cntlm to specific interface by specifying
    # the appropriate IP address also in format :
    # Cntlm listens on 127.0.0.1:3128 by default
    #
    Listen 3128
    Listen 3310

  3. run chmod go+r /etc/cntlm.conf
  4. Generate the password hashes for authentication: cntlm -H and enter your password. Example:

    $ cntlm -H
    Password:
    PassLM FE03A594184396D6552C4BCA4AEBFB11
    PassNT F3496B77FA086840D57D7F868C476AC8
    PassNTLMv2 9AB19C7C88EADFC4DE62B818E2878131 # Only for user ‘hjo’, domain ‘www.intranet.ou.nl’

  5. copy the password hash lines to //etc/cntlm.conf below username/domain.

That’s where I’m at now. It still doesn’t work, but we jumped through another hoop! :)

Printing

I followed now the Mac instructions again:

  1. Go to the “add printer” dialog
  2. Choose LPD printer, add the name.
    Name is something like MFP-XXX-A0YYYY. XXX for my building is HLR – my printer is MFP-HLR-A09550.
  3. Download the C360 printer driver (PPD) from the Konica Minolta website (I found multiple options, ended up using the file KOC360UX.ppd)
  4. Use this printer driver. Configuration:
    • paper source unit: PC-408
    • Finisher: FS-529
    • Punch Unit: none
    • Saddle kit: none
  5. Now you need to set up authentication. I’m not clear on how to do this (doesn’t work yet), but good info seems to be available from:
    • here for printers in the same class (Konica Minolta C220/280/360 share the same printer driver, apparently)
    • here for other printers.
      This explanation includes a link to an explanation on how to send the correct printer commands apparently.

This actually works!

PS: I was running this while using the Java Juniper client, so I was on the VPN.

Posted in software, unix/windows, work | Comments Off on Printing running; NTLM authentication 1 step closer

Connecting to VPN (Juniper) on Ubuntu 14.04 64 bit

Wednesday, February 4th, 2015

The OU is using a VPN. You can connect with a Java applet, unfortunately, we’re still running an older version that relies on the 32 bit java version.

Instructions for working around that can be found
here.
Moreover, my home dir is encrypted, which apparently a problem (see comment about encrypted home dirs).
Solution to that one from here:
move the setuid binaries somewhere else and symlink them.
I.e.:

  • sudo mv $HOME/.juniper_networks/network_connect/ncsvc /opt/juniper-vpn/ncsvc
  • ln -s /opt/juniper-vpn/ncsvc $home/.juniper_networks/network_connect/ncsvc

This gets it working. Funnily enough, I still cannot connect directly to intranet – so what is Juniper now doing for me anyway? :)

Edit
Note that you should *ONLY* link the SUID binary. If you symlink the whole directory, it doesn’t work and Juniper crashes.
(Thanks Juniper, for that fun-filled 45 minutes of hunting the internet on why you crashed!)

Posted in software, unix/windows, work | Comments Off on Connecting to VPN (Juniper) on Ubuntu 14.04 64 bit

Exchange + Google calendars in Thunderbird

Monday, February 2nd, 2015

Thunderbird logoPart 2 of getting set up. Obviously, I have an Exchange calendar. Obviously, people are going to be using that to gauge when I’m available. So I need to manage that calendar in a way that works.

Enter the Lightning plugin for Thunderbird! With the previously mentioned DavMail, you can get your exchange calendar in Thunderbird. Which kind of beats Microsoft’s web interface – though not by much.

I also added a Google calendar via CalDav (which works directly with Lightning). Adding and deleting events is nicely synchronized :) Adding another (big) Google calendar, however, borked the overview (appointments no longer shown), though the list above the calendar still showed correct info.

Posted in software, Thunderbird config, unix/windows, work | Comments Off on Exchange + Google calendars in Thunderbird

Connecting Thunderbird to an Exchange (Outlook) server

Monday, February 2nd, 2015

Thunderbird logoSo, my new employer uses Exchange servers for email (i.e. Outlook for clients). I’m not on an Outlook-supported platform, so that’s not ideal.

DavMail to the rescue! It’s a piece of software that runs under Windows, Unix and OSX. What it does: it translates the secret Exchange-Outlook mail protocol into public protocols (POP, IMAP, SMTP, CalDav, LDAP, …).
And it works quite beautifully! Though you’ll need openjdk-7-jre for it to run.

Next, you can set up Thunderbird to get your Exchange mail via DavMail (username at the OU: XXX@pwo.ou.nl). And it works beautifully!

In related news: it seems you cannot stop Thunderbird from checking an account: if you’re online, it’s trying to check that account. Annoying if you have an old account to which you no longer have access (but have a local archived copy).

Posted in software, Thunderbird config, unix/windows, work | Comments Off on Connecting Thunderbird to an Exchange (Outlook) server

Gimp’ing the sky away

Friday, April 25th, 2014

GIMP logoI like making posters and playing around with graphics. I’m not necessarily good at it, but I like it. And I do have Opinions (with initial capital ;-).

So this time we were compiling together a simple poster made up of a few photos over a background. The photos were given, so now for the background. Just a colour gradient is somewhat too boring, and does not do justice in most cases. As this was a custom-made one-off souvenir, we’re not redistributing the work, so we’re happy to use a photo shared under most CC-licenses. Here’s the beauty we found:

Photo of Luxembourg - Grund by night

As you can observe, the photo in question is somewhat… landscapy-oriented. However, the customer was dead-set on a portrait rendition. Which put us a bit short on the sky. What to do, what to do??

Jolie @ Gimptalk forums had an excellent suggestion:

  • select the layer with the landscape photo
  • Choose Layer > Layer to Image size
  • Fuzzy select (U) the sky.
  • Add area above sky to selection (shift-click).
  • Color picker (O) select dark part of the sky as foreground colour. Make this a bit darker.
  • Color picker select light part of the sky as background color (ctrl-click). Make this a bit lighter.
  • Blend tool (L). Select “FG to BG” (which is default). Select shape: linear (again, default).
    Draw a line from the top of the image down to the sky (or a bit further).

That’s it! Result:

luxembourg with more sky

Posted in fun, software | Comments Off on Gimp’ing the sky away

Taking a quick picture with your webcam

Thursday, January 9th, 2014

You want to take a picture, but hooking your smartphone up to the PC is a pain (no cable or something), and your digital camera isn’t near. You do have a webcam though… so: what do you do?

vlc -I dummy v4l2:///dev/video0 --video-filter scene --no-audio --scene-path $OUTPUTDIR --scene-prefix webcam_photo --scene-format png vlc://quit --run-time=5

That’s what you do. Hooray for VLC making your life somewhat easier!

 

(hattip to Stack Exchange)

Posted in software | Comments Off on Taking a quick picture with your webcam

Connecting Ubuntu to WPA2 PEAP networks

Thursday, December 19th, 2013

It doesn’t work out of the box, and apparently there’s a bug report for it.
From http://askubuntu.com/questions/279762/cant-connect-to-wpa2-enterprise-peap:

There is a bug report here: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1104476
A workaround is to remove the line
system-ca-cert=true
from the configuration file found in /etc/NetworkManager/system-connections/NAMEOFNETWORK

Posted in software, unix/windows | Comments Off on Connecting Ubuntu to WPA2 PEAP networks

New laptop (MS, wherefore art thou so fat?)

Sunday, October 27th, 2013

I bought a new laptop (cool thingy, it’s a Toshiba Z930 with mem upgraded to 10 Gb, ghi ghi). The specs are really cool: it’s the lightest ultrabook out there (at the time of writing), and while it doesn’t have 1080p resolution, it does do 1366 x 768. Moreover, it’s the only ultrabook which also offers VGA and Ethernet ports. Yeah, these might become obsolete, but I’m an academic, and given the expected upgrade cycle in most universities (“if it ain’t broke, don’t replace it” sums it up nicely), I need that stuff.

I haven’t had time to play with it, I hardly had time to start it up myself. I read that Win 8.1 came out, so I figured to start it up and try to get that on my system – yes, I’ll go for dual boot with Ubuntu (or something else like Mint). Now I have a really cool SSD drive in there – which is not that big. More specifically, it’s 128 GB. Currently, the unusued windows partition is leaving me with 50 GB usable space of that. I started doing windows update, which kept repeating and repeating, every time ending with a reboot and more updates to install. The first update required me to download over 1 Gb of updates. And that was nowhere near the end of it. I was down to 50 GB out of 128 GB (unformatted) before I started this, and your updates are eating away gigabytes of that???

Seriously, Microsoft, go jogging. You’re becoming too fat to sit on my disk.

Posted in software, unix/windows | Comments Off on New laptop (MS, wherefore art thou so fat?)

Firefox tiny tip

Sunday, October 27th, 2013

Firefox logoI recently had occasion to reset my Firefox install – meaning all settings reverted to default. One annoying thing is that if you have a few tabs (a few > 6), Firefox does not show a close button on them.

While researching that issue, I found this tidbit: you can middleclick a tab to close it. Holy cow!!! I wish someone had mentioned this to me sooner! :)

Posted in software | Comments Off on Firefox tiny tip

« Older Entries