Ubuntu 16.04: Setting the display to turn off, turn on, and to never go to sleep.

I have an Ubuntu system I use for monitoring the network. I wanted the screen to turn on at 7am when I arrive at work and turn off at 3pm when I leave. Here's how I dd it:

1. From the settings under Brightness and Lock I set:
   - disable Dim screen to save power
   - Set turn off screen when inactive for: Never
   - Disable Lock
2. Then I ran chrontab -e to schedule turning the display on and off.
   0 7 * * 1-5 xset -display :0 dpms force on
   0 15 * * 1-5 xset -display :0 dpms force off

Note that I'm not root and did not sudo either of these commands. Crontab needs to be set as the user who is logged in. And "-display :0" specifies the physical screens.

Access Control List (ACL) odd behavior on Brocade VDX 6740.

Recently I was trying to configure ACLs on several of my VLANs with mixed results. Some would work, some wouldn't. Sometimes they'd work fine from one access layer switch and not work from another. I filed a ticket with Brocade and they suggest I upgrade my firmware to NOS 6.0.2f,  but that didn't help either.

Here's an example of one of my virtual interfaces on the router:

rbridge-id 1
 interface Ve 55
  ip access-group vlan55acl in
  ip dhcp relay address 10.100.110.29
  ip proxy-arp
  ip address 10.100.55.2/24
  vrrp-extended-group 55
   virtual-ip 10.100.55.1
   advertisement-interval 1
   enable
   no preempt-mode
   short-path-forwarding
  !
  no shutdown

After LOTS of banging my head against a wall I finally discovered that the short-path-forwarding command in the vrrp group was to blame. Occasionally traffic would arrive at a VE from an odd direction and would be stopped by the access list. Removing the short-path-forwarding command from the vrrp groups on all rbridges solved my problem

rbridge-id 1
 interface Ve 55
  ip access-group vlan55acl in
  ip dhcp relay address 10.100.110.29
  ip proxy-arp
  ip address 10.100.55.2/24
  vrrp-extended-group 55
   virtual-ip 10.100.55.1
   advertisement-interval 1
   enable
   no preempt-mode
  !
  no shutdown

Easy, User-Accessible Windows Server Disk Usage Reports

In my organization we have an FTP server which is used to transfer files between the corporate network and the secure media network. The server acts as a temporary transfer point and I have file expiration tasks which clear out old media, but depending on usage, occasionally the server may fill up. I'm not a media producer so I can't very well decide what gets deleted and the users of the system can't tell via the FTP interface whether the server is having other issues or if the drive is full. To make it easier for them to monitor I cobbled the following together:

Recipe for Monitoring Files Storage by Users:

• IIS with Browsing Enabled.
• File Resource Manager Role installed.
• A soft quota for monitoring.
• Automated storage reports.
• File expiration tasks

With the above my users can go to http://ServerName and see a list of storage reports for the past 30 days.

Setting it up:

1. Install the File Server Resource Manager role
2. Install the IIS Role with directory browse.
3. In File Server Resource Manager set up a quota for monitoring:
1. Under Quota Management and Quotas right click and choose Create Quota.
2. Create a soft quota with the limit matching the size of the drive you're monitoring.
   
4. Create a Storage Report:
1. Under Storage Reports Management create a new storage report.
2. Under Settings and Report data check the Quota Usage box. Under Report formats choose HTML only.
3. Under the Scope tab choose the drive you want to monitor.
4. Schedule it as appropriate. I run mine once a day in the morning.
5. Send the reports to the IIS root folder.
1. Click on File Server Resource Manager (Local)
2. Go to the Action menu and choose Configure Options
3. Under the report locations and Scheduled reports folder choose the web root folder, in my case C:\inetpub\wwwroot\.
6. Configure IIS for browsing:
1. Select your Default Web Site and double click Configuration Editor.
2. Under Section find system.webServer/directoryBrowse, change enabled to True, and click Apply in the Actions column.
3. Delete the files which are already in your web root folder so you get a directory listing instead of the default IIS start page.

Now when your users go to http://YourServer they will see a list of storage reports so they can look for trends and also see how full the drive is as of that morning.

Not all active directory users appear when using getent passwd - Joining Linux to Active Directory

We set up some Ubuntu 16.04 LTS workstations with Active Directory integration. It's works with Evolution with EWS support and passes on the credentials which is super nice. But not all of our Active Directory users could log in.

If I ran wbinfo -i I would get all the users in AD.
If I ran getent passwd I would get a subset of my AD users, specifically older accounts.

What I finally found was this: Most tutorials tell you to put the following lines in /etc/samba/smb.conf

idmap uid = 10000-20000

idmap gid = 10000-20000

What those lines do is translate your Active Directory SID to a unix UID (and GID.) It does this by taking the last section of your SID and adding 10000 to get your new UID. So, for example, if my SID ends in -0900 my UID would be 10900. (900+10000=10900.)

The problem is that we've had the same domain for many, many years so our SID are getting up there. A recent user had an SID ending in -29111. So his UID became 39111 which was past the range set up above. Anyone above that range isn't given a UID and therefor can't be logged in.

To fix this I changed the lines in /etc/samba.conf to

idmap uid = 10000-100000

idmap gid = 10000-100000

After doing so and restarting the client for good measure all my Active Directory accounts appeared when I ran getent passwd.