namhb

------------------------------------------------------------------------------------

Samba config:
#vim /etc/samba/smb.conf

[global]
workgroup = hbn.local
netbios name = HBN
enable privileges = yes
#interfaces = 192.168.1.131
username map = /etc/samba/smbusers

server string = samba-ldap-pdc
security = user
encrypt passwords = Yes
admin users = root
#min passwd length = 3
obey pam restrictions = No

ldap passwd sync = Yes

log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
#time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1

#guest account = root

logon script = logon.bat
logon drive =
logon home =
logon path =

domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes

passdb backend = ldapsam:ldap://127.0.0.1

ldap admin dn = cn=Manager,dc=hbn,dc=local

ldap suffix = dc=hbn,dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=…

LDAP SAMBA to Primary Domain Controller (PDC)

################################################################################################################
Step 1: DNS Service
a. Install
#cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    192.168.44.150  server.hbn.local        server
    127.0.0.1       localhost.localdomain   localhost
    ::1             localhost6.localdomain6 localhost6
#yum install -y bind-chroot
#chmod 755 -R /var/named/
#cp /usr/share/doc/bind-*/sample/var/named/named.local /var/named/chroot/var/named/
#cp /usr/share/doc/bind-*/sample/var/named/named.root /var/named/chroot/var/named/
#cp /usr/share/doc/bind-*/sample/var/named/localhost.zone /var/named/chroot/var/named/
#touch /var/named/chroot/etc/named.conf
#chkconfig --level 35 named on
#service named start

b.Configuration:
#vim /var/named/chroot/etc/named.conf
options {
        directory "/var/named";

        forwa…

Load Balancing using HaProxy.

Writeen by Kendy Hikaru - Nam Habach
http://kendyhikaru.blogspot.com


Step 1: Basic config:
#cat /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6     localhost6

##### IP's of HaProxy #####
192.168.44.130     server.hbn.local     server

##### IP's of Web Servers #####
192.168.44.131     www1.hbn.local     www1
192.168.44.132     www2.hbn.local     www2

##### IP's of MySQL DB servers #####
192.168.44.135     db.hbn.local     db

save and quit

#scp /etc/hosts www1:/etc/
#scp /etc/hosts www2:/etc/
#scp /etc/hosts db:/etc/
####################################################################################################
Step 2: Configurations

On 2 Web Servers:
#yum install -y httpd php php-mysql php-gd 
#service httpd start
#chkconfig --level 35 httpd on
web1:

#echo "
www1.demo.com " > /var/www/html/i…

Next, we start last config: Mysql Clutering with DRBD
####################################################################################################
Step 3: MySQL cluster with Drbd and Heartbeat
Now, we have 4GB disks on both servers (db1 adn db2)
a.Partition Setup for Cluster Servers on both server:

Patition disks

# fdisk -l

Disk /dev/sda: 21.4 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      104391   83  Linux
/dev/sda2              14        2610    20860402+  8e  Linux LVM

Disk /dev/sdb: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Disk /dev/sdb doesn't contain a valid partition table


# fdisk /dev/sdb
Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete …

In this step, we will config web server and load balancer server.


####################################################################################################
Step 2: LVS Setup configuration on LB1 and LB2

a. On Load Balacer Server
Install on Lvs1 and lvs2:
# yum install -y piranha

On Lvs1:
# vim /etc/sysconfig/ha/lvs.cf

serial_no = 14
primary = 192.168.44.101
service = lvs
rsh_command = ssh
backup_active = 1
backup = 192.168.44.102
heartbeat = 1
heartbeat_port = 1050
keepalive = 2
deadtime = 10
network = direct
debug_level = NONE
monitor_links = 1
virtual server1 {
active = 1
address = 192.168.44.130 eth0:1
port = 80
send = "GET / HTTP/1.1\r\n\r\n"
expect = "HTTP"
load_monitor = uptime
scheduler = rr
protocol = tcp
timeout = 10
reentry = 180
quiesce_server = 0
server www1 {
address = 192.168.44.131
active = 1
weight = 1
}
server www2 {
address = 192.168.44.132
active = 1
weight = 1
}
}
#scp /etc/sysconfig/ha/lvs.cf lvs2:/etc/sysconfig/ha/

#vim /etc/sysc…

LVS - Load Balancing Detaied Tutorial
Linux Load Balancer  using Piranha,Pulse,IPVsadm and Highly Available MySQL using DRBD & HearTBeat.
Source: http://www.Wbitt.com
Demo: http://www.hbn.local

6 Nodes Load Balancer

Two nodes for LVS (Piranha Pulse nannay Ipvsadm) as Load balancer
Two nodes for Web servers can be multiple upto your requirement.
Two nodes for mysql database server using Drbd & heartbeat for highly avaliable mysql database.

Step 1: Basic configurations

a. Hosts file
#cat /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6     localhost6

##### IP's of Load Balancers #####
192.168.44.101     lvs1.hbn.local     lvs1
192.168.44.102     lvs2.hbn.local     lvs2

##### IP's of Web Servers #####
192.168.44.131     www1.hbn.local     www1
192.168.44.132     www2.hbn.local     www2

##### IP's of MySQL DB servers #####
192.168.44.…

The first, i recommnet: "I can`t hack SSL". Note, SSL is protocol used to exchange security data, base on PKI. In this example, attacker use sslstrip, is the man in the middle, attacker is proxy, will replace all https link by http. You can see more at: http://securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx
or: https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
Nothing is security :)).
So, if you type https, instead of click to link, you can prevent is. But follow me, note to certificate, if untrust, not connect. It is mistakes.
Demo use SSLstrip, ettercap
Link: http://www.mediafire.com/?j6laxbcceructc0


<p><br><br><br>orr</p>

------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Al…

So easy to create master domain controller with Samba, many errors :)). But i like it than AD of M$. Because it is quickly, and i need only authenticate for my domain.
Lesson 3:Samba to PDC
Edit smb.conf

workgroup =    SMBDOMAIN

server string = PC1 domain controller

local master = yes

os level = 64

domain master = yes

preferred master = yes

domain logons = yes

win support = yes

uncommnet
[netlogon]
[Profiles]
[tmp]

groupadd lanmachines
useradd -M -s /sbin/nologin -g lanmachines winxp$
useradd -M -s /sbin/nologin -g lanmachines wintendo$

smbpasswd -am winxp
smbpasswd -am wintendo

smbpasswd -a root
tail /etc/samba/smbpasswd

join domain normal
note: use WORKGROUP = workgroup ( in samba config file), not domain.

Lab: http://www.mediafire.com/?ow47sz7l2femcm0
or:


------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window …

Many people ask me about samba. This my note about samba:
Install:
yum install -y samba-*
Note: don`t disable cups service
Lesson 1: SMB Client

Connect to Win
smbclinet -L winxp -U administrator

smbclient //winxp/install -U admnistrator
smb: \>; (smb mod) ls
? to help

mkdir /media/smb
smbmount //winxp/install /media/smb -o username=administrator
or:
# mount -t cifs //IP/share_name -o username=

mount (to list)
leave /media/smb directory
umount /media/smb

Lesson 2:

workgroup = SMBDOMAIN

server string = PC1 domain controller

hosts allow = 192.168.1. 192.168.2. 127.

security = user

wins support = yes

[demoproject]
commnet = share
path = /data/demoproject
valid users = @webproject kamran
public = no
write list = @webproject kamran root
create mask = 0660
directort mask = 0770

Video: 
Part1: http://www.mediafire.com/?wn82jiz2qi8j95c
Part2: http://www.mediafire.com/?4oke4vgb3j57sf4


------------------------------------------------------------
Thanks for reading
----------------------------…