NetApp : SNMP request timeout ?

If you try to make an SNMP request and get a time out like this :
% snmpwalk -v 1 -c public netapp-name
Timeout: No Response from netapp-name

Check that SNMP is enabled (options snmp.enable) and that your host is allowed to perform SNMP queries to the netapp (options snmp.access).

By the way, do use -v 1 ( protocol version 1) : I had timeouts while using -v 2c as well…

Debian network configuration

Network configuration, on a Debian System, is stored in /etc/network.

In this directory you’ll find :

  • interfaces : this file describe your NICs according to interfaces(5) (check this man page to see how to setup the interface, fixed IP or DHCP, gateway, netmask, and so on)
  • if-pre-up.d : directory with scripts which will get run before bringing up an interface
  • if-up.d : directory with scripts which will get run right after bringing up an interface
  • if-down.d : directory with scripts which will get run before bringing down an interface
  • if-post-down.d : directory with scripts which will get run after bringing down an interface
  • run/ifstate : the current state of the NICs

You’ll mostly want to tweak with the interfaces file, and probably put some scripts in the various hook directories. For example the /etc/network/if-pre-up.d is great to put the script which will setup your firewall (with iptables commands and ruleset).

Be sure to read the Debian Reference, which covers this and much more in great details.

Keeping track of changes with cfengine and SubVersioN

Cfengine is a tool which purpose is to describe what is a healthy system and how to bring it back to normal when something fails.

I won’t go into an explanation about how cfengine works, because the project webpage already has a neat tutorial and complete reference. Instead of that, I’ll explain how I used cfengine to build a fool proof Linux firewall.

Continue reading Keeping track of changes with cfengine and SubVersioN

WordPress Templates

WordPress is a great blogging software, which is both feature rich and simple to use. For most beginners, it will be enough to install it and start using it. For most advanced uses and to get more control, you’ll need to tweak with the templates.

Overview

A WordPress blog is composed of the following sections :

  • header : this is the top of your page (usually a banner for your blog)
  • footer : this is the bottom of your page (few links, statistics, …)
  • page : this is where the main content goes (posts)
  • sidebar : this is the sidebar (widgets, archives, recent posts, tags…)

Altering your template

Rather unsurprisingly, altering your template can be achieved by modifying the template files corresponding to the section you want to modify.
Those files are located in your theme directory (usually something like wordpress/wp-content/themes/YOUR_THEME) and their name is the section name with an extension of “.php”. So if you want to change the sidebar, then you’ll go and edit sidebar.php.

Why to change the template?

You might want to change your template files for many purposes :

  • aesthetics (for example reordering the sections of the sidebar)
  • use of third party services (for example Google Analytics for statistics, Google AdSense for advertising, Feedburner to advertise your feeds, and so on)

For example, if you need to include some javascript code in every pages of your blog in order to get correct statistics, it may be a good idea to considering adding it in your footer.php .

If you want to include advertisement below every of your posts, you might consider adding it in the page.php .

When you’ll start tweaking your template, you’ll realize that it opens a real broad horizon of features, which will allow you to get more and more control over your blog…

Active Directory : PDC Emulator FSMO role

In an Active Directory Domain, there is a special Domain Controller which holds the FSMO Role “PDC Emulator”.

As its name suggests, it is there to ease migration from NT 4 domains to Active Directory 2000 and up domains by letting this PDC Emulator DC behave like a NT4 Primary Domain Controller. This allows to keep running NT4 BDC (Backup Domain Controllers) and NT4 Clients while you migrate core DCs to Windows 2000 and up.

However, if you think the PDC Emulator is useless if you have no NT4 component in your infrastructure… you’re wrong !

It serves many other different purposes :

  • When you use GPMC to modify a GPO (Global Policy Object), GPMC will by default perform the modification on the DC holding the PDC Emulator role. This prevents two administrators making conflicting modifications on the same GPO
  • The PDC Emulator is responsible of keeping the time synchronized on all the DCs
  • When a password is changed on a DC, this is immediately replicated to the DC holding the PDC Emulator role, and then according to the normal replication scheduling, on the other DCs. When a user fails to authenticate on a DC, this DC will immediately check with the PDC Emulator to know if this failure is due to a password change not yet replicated if it is the case, and the authentication matches the new one, then the authentication succeeds. This reduces the latency for a password change to take effect.

To make it short, even in a full Windows 2000 and up Domain, the PDC Emulator role is one of the most important ones …