NTP time sync to external time server in Windows 2008

Posted on February 16, 2011 by Andy

Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. There are servers listed at the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your firewall.

First, locate your PDC Server. Open the command prompt and type: C:\>netdom /query fsmo
Log in to your PDC Server and open the command prompt.
Stop the W32Time service: C:\>net stop w32time
Configure the external time sources, type: C:\> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org”
Make your PDC a reliable time source for the clients. Type: C:\>w32tm /config /reliable:yes
Start the w32time service: C:\>net start w32time
The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:\>w32tm /query /configuration
Check the Event Viewer for any errors.

source: http://defaultreasoning.wordpress.com/2009/11/16/synchronize-time-with-external-ntp-server-on-windows-server-2008-r2/

LDAP/PDC on CentOS5

Posted on February 11, 2011 by Andy

Hi,

after reading several tutorials and howtos for building a ldap-pdc i decided to write this small howto build on three different tutorials. Each one of them had it's small "bugs" so here is what worked for me:

1. Building LDAP Server

install openldap, set ldap password and edit slapd.conf:

~# yum install openldap-servers openldap-clients
~# slappasswd -h {SSHA}
~# vim /etc/openldap/slapd.conf

change some lines:

suffix "dc=DOMAIN,dc=LOCAL"
rootdn "cn=Manager,dc=DOMAIN,dc=LOCAL"
rootpw {SSHA}PASSWORD -> generated with slapppasswd

add this to the file:

include /etc/openldap/schema/samba.schema
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
    by self write
    by dn="cn=Manager,dc=DOMAINdc=LOCAL" write
    by anonymous auth
    by * none

access to *
    by dn="cn=Manager,dc=DOMAIN,dc=LOCAL" write
    by self write
    by * read

copy database

~# cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

now start the ldap server and add it to startup:

~# /etc/init.d/ldap start
~# chkconfig ldap on

2. Add initial and exisitng users/groups

change some lines in the migration script:

~# vim /usr/share/openldap/migration/migrate_common.ph

$DEFAULT_MAIL_DOMAIN = "DOMAIN.LCOAL";
$DEFAULT_BASE = "dc=DOMAIN,dc=LOCAL";

after that fill the ldap database

~# /usr/share/openldap/migration/migrate_base.pl > base.ldif
~# ldapadd -x -W -D "cn=Manager,dc=DOMAIN,dc=LOCAL" -f base.ldif
~# grep "x:[5-9][0-9][0-9]" /etc/passwd > passwd
~# grep "x:[5-9][0-9][0-9]" /etc/group > group
~# /usr/share/openldap/migration/migrate_passwd.pl passwd > passwd.ldif
~# /usr/share/openldap/migration/migrate_group.pl group > group.ldif
~# ldapadd -x -W -D "cn=Manager,dc=DOMAIN,dc=LOCAL" -f passwd.ldif
~# ldapadd -x -W -D "cn=Manager,dc=DOMAIN,dc=LOCAL" -f group.ldif

3. Setup SAMBA

to keep it short: check here and here.

LDAP-Server with CentOS5

Posted on February 9, 2011 by Andy

Here you can find a nice tutorial to install a LDAP Server on RHEL5 or CentOS5. It's very basic but does the job:

http://www.server-world.info/en/note?os=CentOS_5&p=ldap&f=1

YAIB

Yet Another IT Blog

Servers