Call Manager LDAP new user ID not synced

Recently changed a user ID in Microsoft Active Directory and performed a full sync but the old user ID has not updated. It was noticed that while performing a full sync, it was done within 5 seconds. With both LDAP synchronization and LDAP authentication set in Call Manager, a user will not be able to log in to Extension Mobility.

To fix the issue:

Navigate to Cisco Unified Serviceability
Under Tools, select Control Center - Feature Services
Under Directory Services, select the Cisco DirSync radio button and click restart.

Navigate back to Cisco Unified CM Administration
Under LDAP, LDAP Directory, select your server and click Perform Full Sync Now
You should notice that synchronization process is taking a bit longer because the Cancel Sync Process button is available.
After the sync process is complete, check if the new user ID is reflected.

If this issue affects Cisco Unified Presence, the service that you need to restart is the Cisco UP Sync Agent.

Requirements for installing VMware Tools on Linux guests

If you’re running a Linux guest OS with a desktop environment (X-Windows) in ESXi or Workstation, it is beneficial that you install VMware Tools.

A minimal Linux installation with no desktop environment does not enjoy all the benefits of having VMware Tools; simply because there is no X Window System installed. Most of the time, you just SSH into the Linux guest and your client or terminal such as PuTTY, has the features that you need.

However, If you need to, you need the following installed before running vmware-install.pl

gcc
make
linux-headers-$(uname -r)

Installation: VMware Tools for Linux Guests

DHCP log “not authoritative for subnet…”

Running ISC DHCP server in Debian, I stumbled upon the following log messages while looking for something entirely different:


Jan 18 13:13:45 eltonoverip dhcpd: DHCPRELEASE of 10.19.1.60 from f0:bf:97:dd:6a:a6 via eth1 (not found)
Jan 18 13:13:59 eltonoverip dhcpd: DHCPDISCOVER from f0:bf:97:dd:6a:a6 via eth1
Jan 18 13:13:59 eltonoverip dhcpd: DHCPOFFER on 10.19.1.60 to f0:bf:97:dd:6a:a6 via eth1
Jan 18 13:13:59 eltonoverip dhcpd: DHCPREQUEST for 10.19.1.60 (10.19.1.1) from f0:bf:97:dd:6a:a6 via eth1
Jan 18 13:13:59 eltonoverip dhcpd: DHCPACK on 10.19.1.60 to f0:bf:97:dd:6a:a6 via eth1
Jan 18 13:14:03 eltonoverip dhcpd: DHCPINFORM from 10.19.1.60 via eth1: not authoritative for subnet 10.19.1.0
Jan 18 13:14:06 eltonoverip dhcpd: DHCPINFORM from 10.19.1.60 via eth1: not authoritative for subnet 10.19.1.0

The Fix: I added authoritative; to the DHCP config file /etc/dhcp/dhcpd.conf

Basically, the configuration looks like the following:


subnet 10.19.1.0 netmask 255.255.255.0 {
  option domain-name-servers 10.19.1.1;
  #option routers 10.19.1.1; #temporary network, no routing needed
  range 10.19.1.101 10.19.1.149;
  default-lease-time 1800;
  max-lease-time 1800;
  authoritative;

  host laptop_name {
    hardware ethernet f0:bf:97:ee:8a:b9;
    fixed-address 10.19.1.60;
  }

}

Note that, this has no effect on devices with a statically configured IP address (rogue or not), since they do not make a DHCP request. Now that we have the server set as the authoritative server for that subnet, the server will respond a DHCP NACK message and prompt clients who request an IP address outside of the scope or range to do a DHCP discover.

The example configuration above includes a DHCP reservation, in case you need your DHCP server assign an IP address for a specific client.

IPTables on the fly

Have you seen the Harrison Ford movie, Firewall? There is a scene when one of the bank’s IT dude is looking at traffic showing a hacker is performing a brute force login. Good ol’ Hollywood tricked non-computer savvy Foxfire-users by simply showing an active Wireshark session. Harrison Ford then shows up and issued a few commands to stall the hacker. Do you know what the command was? He typed ip access-group 0… Whoa! Here it is.

Anyway, I was troubleshooting an email issue and I stumbled upon the following pattern heavily populating /var/log/mail.log

Apr 6 16:06:06 mail pop3d: Disconnected, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: Disconnected, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: Connection, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: LOGIN FAILED, user=root, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: LOGIN FAILED, user=root, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: LOGIN FAILED, user=root, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: Connection, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: Disconnected, ip=[::ffff:187.17.80.67]
Apr 6 16:06:06 mail pop3d: Connection, ip=[::ffff:187.17.80.67]

I used the following command to view the log in real-time.
tail -f /var/log/mail.log

To stall it, one of our network ninjas appended the following to our firewall script
iptables -t filter -I INPUT 1 -s 187.17.80.67 -j DROP

Keep in mind that the statement above is not persistent after a reboot. You’ll have to include it into your main (firewall) script that runs automagically on boot.

So who owns 187.17.80.67? You can do a whois 187.17.80.67 and dig 187.17.80.67.

It does seem that the IP address we blocked is possibly another company’s server that might have been compromised.

To learn more about iptables, check this out.
Mastering IPTables Part 1
Mastering IPTables Part 2
Mastering IPTables Final

MySQL examples

I’ve always wanted to create my own cheat sheet that lists simple and common examples of MySQL commands that I collected.

Create a new database
create database unfortunate_database;

Delete a database
drop database unfortunate_database;

Create a new user with specific privileges on the database
grant select,update,insert,delete,create on unfortunate_database.* to 'jack'@'localhost' identified by 'H0lyFreak1ng@!';

The example above allows the username jack, password H0lyFreak1ng@! access to unfortunate_database but does not have permissions to drop a table or database. Granting specific privileges is particularly useful if you want to provide read only access. Ideally, you would have a user with all privileges and a second user with read-only privileges (grant select on unfortunate_database.*…)

To Backup a MySQL database
mysqldump -u root -proot_password unfortunate_database > unfortunate_database.sql
or
mysqldump -u root -p unfortunate_database > unfortunate_database.sql

The mysqldump command is done outside of the MySQL server console.  You don’t necessarily have to be root in order to issue the command nor specify as the user root to perform a backup of the database. As long as the user has privileges in the shell and the specified MySQL user has permissions (on the database), you should be fine. Also, the new MySQL dump file will be stored in the present working directory you are in. Which means, if you are on /home/jack on some Linux server, unfortunate_database.sql will in that directory.  The dump file, unfortunate_users.sql is just a text file that includes commands that will restore the data to the database.  With that, the file doesn’t really need to end in .sql extension but is considered good practice.

To create a table

CREATE TABLE `unfortunate_users` (
`id` int(8) NOT NULL auto_increment,
`username` varchar(64) NOT NULL,
`password` varchar(64) NOT NULL,
`active` tinyint(1) NOT NULL default '0', 
PRIMARY KEY (`id`));

To empty out data from a table without wiping out or altering the table structure
truncate table unfortunate_users

In case of you run into a scenario where someone sends you a CSV file and you need to load it unto an empty or truncated table

load data local infile 'more_unfortunate_bastards.csv' into table unfortunate_ fields terminated by ';'
enclosed by ''
lines terminated by '\n'
(column1, column2, column3, column4);

What good is a backup if you can’t restore it?
To restore a MySQL backup…
mysql -u root -p database_name < dumpfile.sql

Add a column to an existing MySQL database table
ALTER TABLE table_name ADD sometext tinyint(1);

I made an error with the above example, I did not intend sometext to be a storage for a boolean character.

To delete a MySQL database column
ALTER TABLE table_name DROP sometext;

Not enough commands?  This guy has more.  http://www.nparikh.org/notes/mysql.php

Windows 7 System Repair Disc for Boot issue

I have an Acer Aspire 1551-5448 that have Windows 7 dual-booting with Ubuntu 10.10.  Been messing around  with Ubuntu too much that it broke.  I find it annoying when after configuring a static IP address for the wlan0 and eth0, the network-manager icon went missing.  Managed to fixed that, had something to do with the function (Fn) keys turning off the Atheros wireless card, making it unable for me to view and select available wireless networks.  Figured I should start over and finally use the next LTS release anyway.  Well, after doing two wrongs (I accidentally wiped out the Linux partition), Windows 7 could no longer boot.  Instead, I get the following on boot.

error: unknown filesystem
grub rescue >

I could spend some time reading more about Grub 2 and the unfamiliar commands but I remembered that I created a System Repair Disc after burning the system recovery media long ago.  Saved me some time.  Read this forum http://answers.microsoft.com/en-us/windows/forum/windows_7-system/when-i-boot-i-get-the-following-msg-error-no-such/6b2a2d89-9e9c-4fcb-89bb-7cad29046fbb and used the following commands and steps

bootrec.exe  /fixmbr
bootrec.exe  /fixboot
bootrec.exe  /RebuildBcd

Closed the command prompt, clicked Startup Repair, restarted the netbook and Windows 7 was then able to boot.  I did not see the Grub menu so this allowed me to go ahead and reset/resize the partitions and reinstall Ubuntu. Used 12.04 LTS this time. 

Change Debian server hostname

Executing the command hostname newHostName alone, apparently, is not enough.

To change the hostname:

1.  Edit /etc/hostname using your favorite text editor. Mine is vi improved vim.

2.  Change the old host name into the new host name in /etc/hosts.  Usually the second line that states 127.0.0.1 oldHostName

3. Issue the command hostname newHostname

4. Log out and then log back in.  No need to restart.

This also works on Debian-based distributions like Ubuntu and Linux Mint.