Hi I installed SNMP on centOS and here is my snmp.conf
agentAddress udp:161
com2sec me localhost public
com2sec nms 192.168.1.8 public
group AllGroup v2c me
group AllGroup v2c nms
group AllGroup v1 me
group AllGroup v1 nms
view AllView included 1.3.6.1.2.1.1.3
view AllView included 1.3.6.1.2.1.1.3
view AllView included 1.3.6.1.2.1.1.4
view AllView included 1.3.6.1.2.1.1.5
view AllView included 1.3.6.1.2.1.1.6
view AllView included 1.3.6.1.2.1.11.19
view AllView included 1.3.6.1.2.1.11.29
view AllView included 1.3.6.1.4.1.2021.2
view AllView included 1.3.6.1.4.1.2021.9
view AllView included 1.3.6.1.4.1.2021.10
access AllGroup "" any noauth exact AllView none none
syslocation Myserver
syscontact Admin <admin#admin.com>
proc httpd
proc mysqld
disk /tmp 290000
disk /var 2000000
disk /home 18600000
load 14 10 10
When I run
snmpwalk -v 1 localhost -c public
It shows
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (37590) 0:06:15.90
SNMPv2-MIB::sysContact.0 = STRING: Admin <admin#admin.com>
SNMPv2-MIB::sysName.0 = STRING: server.admin.om
SNMPv2-MIB::sysLocation.0 = STRING: Myserver
SNMPv2-MIB::snmpInTraps.0 = Counter32: 0
SNMPv2-MIB::snmpOutTraps.0 = Counter32: 0
But the private OCD not appearing
1.3.6.1.4.1.2021.2
1.3.6.1.4.1.2021.9
1.3.6.1.4.1.2021.10
But when I run them specific via
snmpwalk -v 1 localhost -c public 1.3.6.1.4.1.2021.2
The private OCD MIB do show up as per the configuration.
How can I make the private OCDs shows with
snmpwalk -v 1 localhost -c public
??
You can't.
From the snmpwalk manpage:
If no OID argument is present, snmpwalk will search the subtree rooted at SNMPv2-SMI::mib-2 (including any MIB object values from other MIB modules, that are defined as lying within this subtree)
SNMPv2-SMI::mib-2 is 1.3.6.1.2.1; your private tree simply isn't part of the "default" selection.
If you wish to request specific information, request specific information.
Related
I am running the Rundeck war file directly
java -jar rundeck-3.0.17-20190311.war
I get this error message when I trigger a build.
Failed to read SSH Private key stored at path:
keys/rundeck.pem: org.rundeck.storage.api.StorageException:
Path does not exist: keys/rundeck.pem
Failed: ConfigurationFailure: Failed to read SSH
Private key stored at path: keys/rundeck.pem
It makes sense that the reference in the Default Node Executor is invalid and that Rundeck cannot find the .pem file.
I've tried
referencing the full working directory (/home/user/rundeck/keys/rundeck.pem) It wants the location to start with keys/.
referencing it to its relative path (keys/rundeck.pem)
copied the keys directory to /home/user/
In desperation, I ran chmod 700 on the pem file.
Most of the questions and examples I found were on older versions of Rundeck.
I'd like to know where the .pem file must be configured and how it should be referenced. Any other information that could help me configure the SSH keys will be appreciated.
You must add the key using the GUI and use the path that you are defined in your resources.xml.
For add your key, you can follow this. Although the video is based on Rundeck 2.x it is valid for Rundeck 3.x:
Check that https://www.youtube.com/watch?v=qOA-kWse22g
And for generate your resources.xml file select your new project and go to Project Settings > Edit Nodes > Click on "Configure Nodes" button (up to right) > Click on "Add Sources +" Button > Select "+ File" option > in "Format" field select "resourcexml" and fill the path in "File Path" field (put the file name at the end, usually "resources.xml"), then select "Generate", "Include Server Node" and "Writeable" checkboxes and click on "Save" button.
I'm setting up a new SLES 12 server and want to set the default group for new users so that this is not named users but rather <username> (p.ex. user foo would be assigned to the group foo).
I found that the option USERGROUPS_ENAB in /etc/login.defs is supposed to do this job, but after I changed it to USERGROUPS_ENAB yes and tried to create a new user via yast, such new user would - according to yast- still be assigned to users.
How can I accomplish the desired behavior via yast? Or do I miss something?
After changing USERGROUPS_ENAB to yes in the /etc/login.defs file you've changed the behavior, as you are wanting, for the useradd command defaults. So, for example, you could run this command as root and it will do what you are expecting:
linux-54pe:~ # grep "USERGROUPS_ENAB" /etc/login.defs
USERGROUPS_ENAB yes
linux-54pe:~ # useradd bob
linux-54pe:~ # cat /etc/passwd | grep bob
bob:x:1003:1003::/home/bob:/bin/bash
linux-54pe:~ # cat /etc/group | grep bob
bob:!:1003:
The problem is that you are using YaST2. YaST2 is using its own default group assignment and so it doesn't respect the default changes made to useradd. In the /var/log/YaST2/y2log you can see that when I attempted to create the user frank:
2017-04-25 10:44:02 <1> linux-54pe(2871) [Perl] modules/Users.pm(Users::CommitUser):3517 commiting user 'frank', action is 'add_user', modified: 1, ldap modified: 0
2017-04-25 10:44:02 <1> linux-54pe(2871) [Perl] modules/Users.pm(Users::CommitGroup):3787 commiting group 'users', action is 'user_change_default'
Also, in the YaST2 module when you are creating the user in the Details tab you can see at the bottom that it's assigning it to its own default group parameter of users.
screenshot showing parameter
If you have a support entitlement with SUSE you can contact them to see if they are willing to submit this as a bug. At the very least they should be able to put this in as an enhancement request.
I'm trying to connect my ldap with the geonetwork database but every time I log in it doesn't show the administrator button. Then I check the database and it is empty. I am using GeOrchestra 13.09 in a localhost enviroment, the geoserver and mapfishapp are running well and they log in without a problem.
My config-security.properties is
Core security properties
logout.success.url=/index.html
passwordSalt=secret-hash-salt=
# LDAP Connection Settings
ldap.base.provider.url=ldap://localhost:389
ldap.base.dn=dc=geobolivia,dc=gob,dc=bo
ldap.security.principal=cn=admin,dc=geobolivia,dc=gob,dc=bo
ldap.security.credentials=geobolivia
ldap.base.search.base=ou=users
ldap.base.dn.pattern=uid={0},${ldap.base.search.base}
#ldap.base.dn.pattern=mail={0},${ldap.base.search.base}
# Define if groups and profile information are imported from LDAP. If not, local database is used.
# When a new user connect first, the default profile is assigned. A user administrator can update
# privilege information.
ldap.privilege.import=true
ldap.privilege.export=true
ldap.privilege.create.nonexisting.groups=false
# Define the way to extract profiles and privileges from the LDAP
# 1. Define one attribute for the profile and one for groups in config-security-overrides.properties
# 2. Define one attribute for the privilege and define a custom pattern (use LDAPUserDetailsContextMapperWithPa$
ldap.privilege.pattern=
#ldap.privilege.pattern=CAT_(.*)_(.*)
ldap.privilege.pattern.idx.group=1
ldap.privilege.pattern.idx.profil=2
# 3. Define custom location for extracting group and role (no support for group/role combination) (use LDAPUser$
#ldap.privilege.search.group.attribute=cn
#ldap.privilege.search.group.object=ou=groups
#ldap.privilege.search.group.query=(&(objectClass=posixGroup)(memberUid={0})(cn=EL_*))
#ldap.privilege.search.group.pattern=EL_(.*)
#ldap.privilege.search.privilege.attribute=cn
#ldap.privilege.search.privilege.object=ou=groups
#ldap.privilege.search.privilege.query=(&(objectClass=posixGroup)(memberUid={0})(cn=SV_*))
#ldap.privilege.search.privilege.pattern=SV_(.*)
ldap.privilege.search.group.attribute=cn
ldap.privilege.search.group.object=ou=groups
ldap.privilege.search.group.query=(&(objectClass=posixGroup)(memberUid={1})(cn=EL_*))
ldap.privilege.search.group.pattern=EL_(.*)
ldap.privilege.search.privilege.attribute=cn
ldap.privilege.search.privilege.object=ou=groups
ldap.privilege.search.privilege.query=(&(objectClass=posixGroup)(memberUid={1})(cn=SV_ADMIN))
ldap.privilege.search.privilege.pattern=SV_(.*)
# Run LDAP sync every day at 23:30
# Run LDAP sync every day at 23:30
#ldap.sync.cron=0 30 23 * * ?
ldap.sync.cron=0 * * * * ?
#ldap.sync.cron=0 0/1 * 1/1 * ? *
ldap.sync.startDelay=60000
ldap.sync.user.search.base=${ldap.base.search.base}
ldap.sync.user.search.filter=(&(objectClass=*)(mail=*#*)(givenName=*))
ldap.sync.user.search.attribute=uid
ldap.sync.group.search.base=ou=groups
ldap.sync.group.search.filter=(&(objectClass=posixGroup)(cn=EL_*))
ldap.sync.group.search.attribute=cn
ldap.sync.group.search.pattern=EL_(.*)
# CAS properties
cas.baseURL=https://localhost:8443/cas
cas.ticket.validator.url=${cas.baseURL}
cas.login.url=${cas.baseURL}/login
cas.logout.url=${cas.baseURL}/logout?url=${geonetwork.https.url}/
<import resource="config-security-cas.xml"/>
<import resource="config-security-cas-ldap.xml"/>
# either the hardcoded url to the server
# or if has the form it will be replaced with
# the server details from the server configuration
geonetwork.https.url=https://localhost/geonetwork-private/
#geonetwork.https.url=https://geobolivia.gob.bo:443
#geonetwork.https.url=https://localhost:443
The geonetwork.log shows these results:
2014-03-11 13:41:00,004 DEBUG [geonetwork.ldap] - LDAPSynchronizerJob starting ...
2014-03-11 13:41:00,006 DEBUG [org.springframework.ldap.core.support.AbstractContextSource] - Got Ldap context on server 'ldap://localhost:389/dc=geobolivia,dc=gob,dc=bo'
2014-03-11 13:41:00,008 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] - Returning cached instance of singleton bean 'resourceManager'
2014-03-11 13:41:00,026 DEBUG [geonetwork.ldap] - LDAPSynchronizerJob done.
2014-03-11 13:41:26,429 INFO [geonetwork.lucene] - Done running PurgeExpiredSearchersTask. 0 versions still cached.
2014-03-11 13:41:56,430 INFO [geonetwork.lucene] - Done running PurgeExpiredSearchersTask. 0 versions still cached.
and the that appear in the geonetwork.log is
2014-03-11 13:44:06,426 INFO [jeeves.service] - Dispatching : xml.search.keywords
2014-03-11 13:44:06,427 ERROR [jeeves.service] - Exception when executing service
2014-03-11 13:44:06,427 ERROR [jeeves.service] - (C) Exc : java.lang.IllegalArgumentException: The thesaurus external.theme.inspire-service-taxonomy does not exist, there for the query cannot be excuted: 'Query [query=SELECT DISTINCT id,uppc,lowc,broader,spa_prefLabel,spa_note FROM {id} rdf:type {skos:Concept},[{id} gml:BoundedBy {} gml:upperCorner {uppc}],[{id} gml:BoundedBy {} gml:lowerCorner {lowc}],[{id} skos:broader {broader}],[{id} skos:prefLabel {spa_prefLabel} WHERE lang(spa_prefLabel) LIKE "es" IGNORE CASE],[{id} skos:scopeNote {spa_note} WHERE lang(spa_note) LIKE "es" IGNORE CASE] WHERE (spa_prefLabel LIKE "***" IGNORE CASE OR id LIKE "*") LIMIT 35 USING NAMESPACE skos=<http://www.w3.org/2004/02/skos/core#>,gml=<http://www.opengis.net/gml#>, interpreter=KeywordResultInterpreter]'
The version of GeoNetwork currently used in geOrchestra does not show the "administration" button on its first page. You have to fire a search, then in "other actions" menu on the top right, you should be able to get to the administration interface. We know that it is not very intuitive, but it should change in the next months (we recently planned an upgrade of GeoNetwork before the end of the year).
Did you solve it? I think in your config-security.properties, at this place ldap.base.dn.pattern=uid={0},${ldap.base.search.base}
you need to replace {0} with the username typed in the sign-in screen of geonetwork
I'm adding some attributes from live to staging for testing purposes, I'm using ldifde:
D:\Shared>ldifde -i -v -f attr3.ldf -j .
Connecting to "myDomain.com"
Logging in as current user using SSPI
Importing directory from file "attr3.ldf"
Loading entries
1: CN=myAttribute,CN=Schema,CN=Configuration,DC=myDomain,DC=com
Entry modified successfully.
1 entry modified successfully.
The command has completed successfully
D:\Shared>
But when I try to update it using vbs, I got:
C:\Users\update.vbs(8, 1) Active Directory: The requested operation did not
satisfy one or more constraints associated with the class of the object.
Please notice that other attributes, the original ones, are able to be updated, this issue is only for the ones I'm importing.
So, I wonder if I'm missing some step like link or detach the new attribute after imported.
This is attr3.ldf
#attr3.ldf
#adding my new attribute
dn: CN=myAttribute,CN=Schema,CN=Configuration,DC=myDomain,DC=com
changetype: add
objectClass: top
objectClass: attributeSchema
cn: my-Attribute
distinguishedName: CN=my-Attribute,CN=Schema,CN=Configuration,DC=myDomain,DC=com
instanceType: 4
whenCreated: 20100401175340.0Z
whenChanged: 20100401175341.0Z
uSNCreated: 24154
attributeID: 2.16.840.1.113805.111
attributeSyntax: 2.5.5.12
isSingleValued: TRUE
rangeLower: 0
rangeUpper: 1
uSNChanged: 24163
showInAdvancedViewOnly: TRUE
adminDisplayName: my-Attribute
adminDescription: my-Attribute
oMSyntax: 64
searchFlags: 0
lDAPDisplayName: myAttribute
name: my-Attribute
schemaIDGUID:: tonVW6suWUu1Gev/D1pI9Q==
isMemberOfPartialAttributeSet: TRUE
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=myDomain,DC=com
#The following attributes were removed because I was getting:
#Add error on entry starting on line 1: Unwilling To Perform
#The server side error is: 0x20e7 The modification was not permitted for security
#reasons.
#The extended server error is:
#000020E7: SvcErr: DSID-03152D2C, problem 5003 (WILL_NOT_PERFORM), data 0
#objectGUID:: eTKYtnXbCE2fPMgc8UIe0w==
#attributeSecurityGUID:: VAGN5Pi80RGHAgDAT7lgUA==
And this is the vbs code,
'update.vbs
Set objUser = GetObject("LDAP://CN=John Lennon,CN=Users,DC=myDomain,DC=com")
objUser.myAttribute="someValue" 'Also tried with integers but not luck
objUser.SetInfo
Thanks,
m0dest0.
Thank you JPBlanc, you are right, I was missing to add the attr to the class and then refresh the schema,
Register the dll, regsvr32 schmmgmt.dll
Open Run and type mmc.exe
Add Active directory schema snap-in
Right click on the class, properties and hit the Add button and so on.
Finally, refresh the schema:
C:\Users>admod -sc refreshschema
AdMod V01.17.00cpp Joe Richards (joe#joeware.net) March 2011
Modifying ROOTDSE...
DN Count: 1
Using server: myServer.myDomain.com:389
Directory: Windows Server 2008 R2
Modifying specified objects...
DN: ROOTDSE...
The command completed successfully
Regards,
Adding an attribute to the Schema is not enought, you must also add the attribute to the user class (in the schma) if you want to use it in a user object. You must modify your LDIF file:
# Define your attribute
# Reload the schema
dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
# modify user class
Have a look to your Schema using Microsoft MMC (registering schmmgmt.dll)
If you still have trouble, I can help again tomorow morning.
I used to use this code to serve static files from Comanche web server from within Pharo 1.2 image:
createService
| contentPath dirPath svc ma |
contentPath := 'htdocs'.
dirPath := FileDirectory default fullNameFor: contentPath.
svc := (HttpService on: self port)
name: 'seaside-' , self port greaseString.
ma := ModuleAssembly core.
ma alias: '/static' to: [
ma serverRoot: dirPath.
ma documentRoot: dirPath.
ma directoryIndex: 'index.html index.htm'.
ma serveFiles ].
ma addPlug: self.
svc plug: ma rootModule.
^ svc
The code if from http://samadhiweb.com/blog/2011.07.10.seaside.comanche.staticfiles.html
Unfortunately, this doesn't work any more on Pharo 1.3. ModuleAssembly class doesn't exist any more. So how do I setup comanche to serve static files?
Make sure that you have the full Komanche loaded. The prepared Seaside images use KomHttpServerLight which just contains the bare minimum web-server functionality Seaside requires. To get the full thing you need to load DynamicBindings, KomServices, KomHttpServer, and maybe other dependencies.
If you are running Seaside in that image, another option is to load the Seaside-Filesystem package from the Seaside30LGPL repository. You can then setup an 'external directory' handler that servers files from the disk.
We use this only for development though, so I do not know about its performance in deployment.