Simon’s Blog

June 15, 2009

Apache LDAP Authentication How To

Filed under: How-Tos — simonjday @ 9:19 AM

This lesson will show you how to install and configure Apache 2.2.x on Windows with LDAP Basic Authentication against Microsoft Active Directory

Install Apache 2.2.x

Download the latest Apache 2.2.x installer from http:://www.apache.org

Download the AUTH LDAP module for Apache 2.2 and also SUN C++ SDK

Download the SUN C++ SDK for Windows NT4 optimized version from the SUN SDK Website http://www.sun.com/download/products.xml?id=3ec28dbd
Download the version 3.11 of the pre compiled mod auth ldap dll from here http://muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap.html#directives Choose MS Windows binary v3.11 for Apache 2.2.2

Extract both zip files
Place the file mm_mod_auth_ldap.dll into the Apache modules Directory
Place the dlls from the SDK extracted zip file into the Apache Modules Directory

Open the Apache Httpd.conf file in your Favourite Text Editor

media_1243529535740.png

In order to control which URL requires LDAP authentication we use an Apache Location Directive

Add the Following to your httpd.conf and modify to fit your environment

All Values in the Screen Shot above with Red Arrows must be changed

# LDAP Stuff
LoadModule mm_auth_ldap_module modules/mm_mod_auth_ldap.dll

LDAP_UseMemoryCache_G On
LDAP_HashTableSize_G 1024
LDAP_CacheTTL_G 5000
LDAP_Persistent_G On
SupportNestedGroups_G On

<Location /wordpress>
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AuthBasicProvider “mm_ldap”
#AuthLDAPAuthoritative Off
#AuthAuthoritative Off
#AuthOnBind On
#Sub_DN “ou=CIS,ou=People”
Bind_Tries 3
AuthName “Authorized imaginary staff only”
AuthType Basic
LDAP_Debug On
LDAP_Server 192.168.254.40
LDAP_Protocol_Version 3
LDAP_Connect_Timeout 1000
Base_DN “CN=Users,DC=sjdec,DC=local”
UID_Attr “sAMAccountName”
Bind_DN    ”CN=Administrator,CN=Users,DC=sjdec,DC=local”
Bind_Pass “livelink”
require valid-user
</Location>

Save the Httpd.conf and restart Apache

Test the Page in a Browser

media_1243529769751.png

Call the page defined by the Location Directive in a browser and a login popup should appear
Then Login with a LDAP User and Password

Use The Firefox Addon Live HTTP headers to check authentication

media_1243529910661.png

Install the Firefox Addon Live Http Headers and then repeat the login test above and view the HTTP response headers to check that authentication is working as expected
You should see the server issue an HTTP 401 when the page is called and then Basic Authorization being set once the user has logged in

June 12, 2009

Creating a Network Attached Storage VMware using Free NAS

Filed under: How-Tos — simonjday @ 2:54 PM

This Tutorial will give you a run down on how to create a VMware using the free NAS FreeBSD Distro Free NAS http://freenas.org

Create a new VMware Virtual Server

media_12448049431362.png

Using the create new Server wizard create a new vmware server of type Other Linux 2.4 kernel
Assign a HDD of at least 8GB
Assign at least 256MB RAM
Download the freenas distro from the freenas site http://www.freenas.org/
Assign Networking of type bridged or host only as the NAS server should have a fixed IP address
Start up the Newly created VMware Server and allow Free Nas to boot up until it reaches the Console Setup Screen (See Above Screen Shot)

media_1244820193974.png

Install Free NAS on the Virtual machine

media_12448051101932.png

From the Console Setup Window choose option 9 Install/Upgrade to Hard Drive
Choose Option 2 Install embedded OS on HDD + Data Partition.
Click OK
Click OK
Select the CD-ROM Drive Found as the Installer source
Select the Target VMWare virtual disk as the Installer Target
Allow the Installer to continue
After it has formatted the disk Select Enter to return to the Install & Upgrade Screen
Choose Exit Option to return to the Setup Console

 

Assign a LAN IP Address for the Install

media_12448053905942.png

From the Console Setup Screen Choose Option 2 to Set the LAN IP address
Assign an IPv4 Static Address DO NOT USE DHCP
Once the IP has been assigned shutdown the System from the Console Setup menu and remove the ISO image of Free NAS from the virtual machine and then Start up the VM again to ensure it boots from the newly installed O/S and not the CD-ROM.

 

Access the Free NAS Admin Web GUI

media_12448056042342.png

Once the Virtual Machine has restarted you should now be able to reach the Free NAS Web Admin GUI using the IP address set in the previous Step
Login with user admin and password freenas

Add The Data Portion of the Data Disk

media_12448058505482.png

from The Web GUI Go to the Disk Menu and Choose Management
From The Disk Drop Down Choose the Vmware HDD and Click Add
Click Apply Changes

Add the Data Portion of the HDD as a new Mount-point

media_12448060040272.png

From the Web GUI Choose the Mount-point Menu Disks/Mount-point
click the Red Cross to add a Mount Point
Choose the Disk from the Drop Down created in the previous Step
Choose Partition of type 2 from the PArtition Drop Down
Input a Share Name e.g DATA
Dont Change any Other Options
Click Add
Then Click Apply Changes

Manually Adding Extents

media_12448063646752.png

For Each ISCSI Disk we wish to create for our NAS we must create an ISCSI Extent and Target
The Extents are based on a file in the Mount-point created in the previous step and must be created from the shell
Go back to the VMware and choose option 6 (Shell) from the Console Setup menu and this will return a standard linux Shell Prompt
Change Directory to the mount-point created earlier e.g cd /mnt/DATA
For each iSCSI Disk we require we must create an extent file
In this example I will create just one
At the shell prompt in the mount-point directory type touch QD
The name is not important.
We can now add the ISCSI Targets via the WEB GUI so can now go back to the Web GUI

Adding iSCSI Targets

media_12448065013832.png

From the WEB GUI go to the Services / iSCSI Target Page

Adding the Extent to the iSCSI Target

media_12448067224142.png

On the iSCSI target page in the Web GUI Click the + to add a new extent
On the Add Extent Page Choose Type File and in the Path window set the path to the extent file created from the shell (Use the Radio Button at the right of the window to choose the path to the file.
Set a Size for the Extent in MB and add a comment if you wish
Click Add and the browser should return to the previous page showing the newly added extent.

Creating an iSCSi Target using the newly created extent

media_12448069506752.png

From the iSCSI Target Page Click the + at the right of the Target section to add a new iSCSi target.
Choose the extent created in the previous step
Choose the Authorized Network that will have access to this iSCSI Target e.g. 192.168.254.0 / 24.
Click Add to return to the next page.

Completing the iSCSi Target Creation

media_12448070978272.png

From the iSCSI Target Page
Select the Enable Checkbox
Then click the Apply Changes button
Then Click the Save and Restart Button to apply the Changes to the Free NAS Server.
We are now finished with the Free NAS setup.
We should now able to attach a Windows Server to this iSCSI Target using the Windows iSCSI Initiator.

Download and Install the iSCSI Initiator

media_12448133741762.png

Download the Microsoft iSCSi Initiator from the Microsoft website http://www.microsoft.com/downloads/details.aspx?familyid=12cb3c1a-15d6-4585-b385-befd1319f825&displaylang=en
Once the download has finished run the installer
The Installer will place a short cut to the iSCSi configuration tool on your Desktop
Then Launch the Configuration tool in order to add an iSCSi target from our Free NAS server
In the Discovery Tab add the Free NAS server as a Target Portal

Go To the Targets Tab to see the iSCSi disks

media_12448136055642.png

In the iSCSI Initiator Tool go to the Targets Tab and you should see the iSCSI Targets provided by your Free NAs server
Select the relevant one and click the Logon button and then check the Automatically Restore this connection checkbox
Click OK
Click OK
The newly attached Disk should now be available in the Disk Management Admin Tool in Windows

Attach a Drive Letter and format the iSCSI disk

media_12448137861312.png

Open Administrative Tools Computer Management and go to Disk Management
A wizard should now run once it detects the new Disk
Assign a Drive Letter and format the Drive (NTFS)
You now have an iSCSI attached NAS disk that can be used for example to create a Windows Cluster
Have Fun !!!

June 1, 2009

Thoughts For Monday

Filed under: General Stuff — simonjday @ 4:49 PM

Well not such a Bad Weekend but the Lions were terrible and lucky to win.But it was good too see England get stuffed by the Baa Baa’s in a great match at Twickers.Cant wait till big bad J Collins gets to the Ospreys as he was awesome

Been writing Internal Blog Site Tutorials again this time on OpenText Runtime and Core Services

Just started setting up a Virtual Server of the latest and greatest from M$ Windows 7 RC1.

I wonder what it will be like it cant be as bad as Vista can it although I doubt it is as good as OS X Leopard so gawd knows what M$ will do when OS X Snow Leopard comes out later this year.

I wonder how many features will have been added to windows 7 from OS X :)

Blog at WordPress.com.