Linux: Kerberos authentification against Windows Active Directory

Hi,

here are some steps to use kerberos authentification against a active directory with OS Version Windows Server 2008 R2 or later on your linux machine.

The default krb5 configuration implementation of the most linux distributions did not work out of the box. I assume that the REALM in /etc/krb5.conf is already configured.

Typical error messages are:

kinit: KDC has no support for encryption type while getting initial credentials
kinit: KDC reply did not match expectations while getting initial credentials

michael@debdev:~# kinit  michael@subdomain.domain.local
Password for michael@subdomain.domain.local:
kinit: KDC has no support for encryption type while getting initial credentials

To eliminate the “KDC has no support for encryption type while getting initial credentials” issue change the default encryption type in the libdefaults section of the /etc/krb5.conf file.
More »

Windows: NTFS symbolic links and hard links

Hi,

today I will explain the possiblity of the ntfs filesystem to create symbolic- and hardlinks.

Whats the difference? A symbolic link (File) or junction point (Directory) is a pointer to an existing file or directory. These works across volumes.
A hardlink is a file or directory which is referenced by more then one path on the same volume.

An example. The explorer.exe in c:\windows. The most Windows system files are hardlinks. These files have two of them. One in the Windows, respective system32 folder and one to its current version in the component store winsxs.

[C:\]fsutil hardlink list c:\Windows\explorer.exe
\Windows\explorer.exe
\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

this means the file is stored once and there are two references in the filesystem to it.
With the dir command you cannot identify an hardlink. The only way is fsutil.exe.

Creating an hardlink is very easy. More »

Windows: Show and configure network settings using netsh

Hi,

here is a set of netsh command lines which I use very often.

Show Interface configuration

netsh interface ipv4 show config

Only IP Addresses of all LAN adapters

netsh interface ipv4 show address

Show global TCP/IP Parameters

netsh interface ipv4 show global

Disable and enable a Interface

netsh int set int name="ethernet" admin=disabled
netsh int set int name="ethernet" admin=enabled

Show all network  interfaces and its link state

netsh interface ipv4 show interfaces
More »

Original Theme by Schiy · Powered by WordPress