Ok.. today I have to review all important thing for upgrading Exchange 2010 to SP1... I really hate in upgrading microsoft product since there will be a lot of forum and blog that I need to read to solved minor problem.. From my reading I should not only upgrade to SP1 but also SP2 since there are bugs already resolved in SP1... Ok.. time to read and later will update you the outcomes..
Peace... :)
Monday, May 7, 2012
Thursday, May 3, 2012
Setup SSL Server - Apache SSL
First of all, I would like to give full of thanks to Bro Saufi for transferring this knowledge :)
Ok.. Here we already subscribe Digicert.. You can choose any SSL certificate provider such as www.verisign.com, www.godaddy.com and etc...
There is wildcard cert and standart cer.. Later I will discuss on this issues. In this case, we are using wildcard cert where the cert will start with *.contoso.com
A) SSL Certificate CSR Creation
ref : http://www.digicert.com/csr-creation.htm
Before you can order your SSL Certificates, you must first generate a CSR (Certificate Signing Request) on your server:
Distinguished Name or DN
Ok.. Here we already subscribe Digicert.. You can choose any SSL certificate provider such as www.verisign.com, www.godaddy.com and etc...
There is wildcard cert and standart cer.. Later I will discuss on this issues. In this case, we are using wildcard cert where the cert will start with *.contoso.com
A) SSL Certificate CSR Creation
ref : http://www.digicert.com/csr-creation.htm
Before you can order your SSL Certificates, you must first generate a CSR (Certificate Signing Request) on your server:
Distinguished Name or DN
- The Country (C) is a two-digit code -- for the United States, it's 'US'. For countries outside of the United States, see our listing of SSL Certificate Country Codes.
- State (S) and Locality (L) are full names, i.e. 'California', 'Los Angeles'.
- The Organization Name (O) is your Full Legal Company or Personal Name, as legally registered in your locality.
- The Organizational Unit (OU) is whichever branch of your company is ordering the certificate such as accounting, marketing, etc. -nil-
- The Common Name (CN) is the Fully Qualified Domain Name (FQDN) for which you are requesting the ssl certificate. (*.contoso.com.my)
- email - nil ; password -nil
B) OpenSSL CSR Creation for Apache SSL
1. Login to your server via your terminal client (ssh).
At the prompt, type:
# openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
where server is the name of your server.
You will get 2 files :
1. server.csr - this will be used/ copy to digicert
2. server.key - this will be used in client server. Put this files same path as stated in ee /usr/local/etc/apache22/extra/httpd-ssl.conf (search for : SSLCertificateKeyFile "/usr/local/etc/apache22/path/server.key")
C) Reissues Action
- applicable if we use wild card registration
1. Get duplicate
1. Login to your server via your terminal client (ssh).
At the prompt, type:
# openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
where server is the name of your server.
You will get 2 files :
1. server.csr - this will be used/ copy to digicert
2. server.key - this will be used in client server. Put this files same path as stated in ee /usr/local/etc/apache22/extra/httpd-ssl.conf (search for : SSLCertificateKeyFile "/usr/local/etc/apache22/path/server.key")
C) Reissues Action
- applicable if we use wild card registration
1. Get duplicate
- Enter Your CSR
- paste key file server.csr (we get from before step)
- Select Your Server Software
- eg: Apache, IIS Microsoft, etc..
- Note
- purpose of server as note
- Click Button Process
- proceed the step
2. Then wait to download the files or you can received it through email notification. ( You will get zip files content :
star_contoso_com_my .crt
DigiCertCA.crt and INSTALL_INSTRUCTIONS.txt
SSLCertificateFile /your/path/to/star_contoso_com_my.crt
SSLCertificateKeyFile /your/path/to/star_contoso_com_my.key
SSLCertificateChainFile /your/path/to/DigiCertCA.crt
3. Check apache configuration
# apachectl configtest
4. Check httpd.conf
# ee /usr/local/etc/apache22/httpd.conf
uncomment
# Secure (SSL/TLS) connections
Include etc/apache22/extra/httpd-ssl.conf
5. Stop & Start Apache
#/usr/local/etc/rc.d/apache22 stop
#/usr/local/etc/rc.d/apache22 start
6. Now you should able to access you CAS server
https://servername/login
Done.
SSLCertificateFile /your/path/to/star_contoso_com_my.crt
SSLCertificateKeyFile /your/path/to/star_contoso_com_my.key
SSLCertificateChainFile /your/path/to/DigiCertCA.crt
3. Check apache configuration
# apachectl configtest
4. Check httpd.conf
# ee /usr/local/etc/apache22/httpd.conf
uncomment
# Secure (SSL/TLS) connections
Include etc/apache22/extra/httpd-ssl.conf
5. Stop & Start Apache
#/usr/local/etc/rc.d/apache22 stop
#/usr/local/etc/rc.d/apache22 start
6. Now you should able to access you CAS server
https://servername/login
Done.
Wednesday, April 25, 2012
Configure sendmail as a smart host
Smart host is very handy if you are on dial up network or sometimes a host finds mail that it is unable to deliver directly to the desired remote host.
http://www.cyberciti.biz/faq/configure-sendmail-as-a-smart-host/
1. Install send mail (UBUNTU) -> kalu freebsd dah siap install...
#apt-get install sendmail
...bla...bla..
sendmail (y)..
..bla..bla..
2. Create file sendmail.mc
#cd /etc/mail
#nano sendmail.mc
3. Tambah command kat bawah ...features...
define('SMART_HOST','smtp.net4india.com')
4.Replace smtp.net4india.com with your actual smtp server address. If line contains word, dnl remove the dnl word. Regenerate a new sendmail.cf config file with m4 command:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
ckp sifu; .cf nih autorun.. bahaya kalu edit .cf file nih.. sbb kalu .cf nih ubah ada extra space.. nnti dia akan jd lain...
5.Restart sendmail service:
# /etc/init.d/sendmail restart
...kata sifu.. senang jerk.. pastu gelak2.. huhuhu.. kena byk blaja lg nih..
http://www.cyberciti.biz/faq/configure-sendmail-as-a-smart-host/
1. Install send mail (UBUNTU) -> kalu freebsd dah siap install...
#apt-get install sendmail
...bla...bla..
sendmail (y)..
..bla..bla..
2. Create file sendmail.mc
#cd /etc/mail
#nano sendmail.mc
3. Tambah command kat bawah ...features...
define('SMART_HOST','smtp.net4india.com')
4.Replace smtp.net4india.com with your actual smtp server address. If line contains word, dnl remove the dnl word. Regenerate a new sendmail.cf config file with m4 command:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
ckp sifu; .cf nih autorun.. bahaya kalu edit .cf file nih.. sbb kalu .cf nih ubah ada extra space.. nnti dia akan jd lain...
5.Restart sendmail service:
# /etc/init.d/sendmail restart
...kata sifu.. senang jerk.. pastu gelak2.. huhuhu.. kena byk blaja lg nih..
Tuesday, April 24, 2012
UBUNTU - Check Network Interface Usage
How to check network interface usage?
Open Ubuntu servern and run this command.
# vnstat -u -i eth0
# vnstat
Open Ubuntu servern and run this command.
# vnstat -u -i eth0
# vnstat
Move / Copy files with exception in UNIX.
The syntax :
mv [!filename]* target.
ie:
In directory "y" you have these files :
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 1
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 2
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 3
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 4
You want to move all files except file "4" to directory "z".
The syntax should look like this :
# mv [!4]* ../z/ Done.
mv [!filename]* target.
ie:
In directory "y" you have these files :
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 1
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 2
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 3
-rw-r--r-- 1 sirap sirap 0 2010-03-25 11:40 4
You want to move all files except file "4" to directory "z".
The syntax should look like this :
# mv [!4]* ../z/ Done.
SUDO on Freebsd / Linux
as root install
sudo located at /usr/ports/security/sudo
make configure
make && make install
edit conf at
ee /usr/local/etc/sudoers
example and edit :
# Runas alias specification
#User privilege specification
root ALL=(ALL) ALL
kenan ALL=(www) ALL
note :
This Sudo command limits the user's power on the basis of the configuration made on the file "/etc/sudoers".
Generally in default case you might see something like this:
root ALL=(ALL) ALL
Above, you can see ALL 3 times. But what does it mean?
The first ALL: Run from any(all) host
The Second ALL: From any Terminal
The third ALL: Can Run any command
example :
usename ALL=(group) ALL
** note : !/usr/bin/su (this will prevent user to sudo su)
General sudoers File Record Format
usernames/group servername = (usernames command can be run as) command
How To Change New HD in DELL PECL 5i
Kalaulah ditakdirkan korang punya salah satu harddisk (HDD) rosak...pastu nak replace (kalau korang pakai RAID 5 -Dell Perc5i la..)..alih2 RAID kata degraded...(x jumpa hdd baru tu)...cuba rebuild, x boleh2...cuba force online pun, x boleh2...ha..ni aku nak kongsi pengalaman aku..
Sepatutnya hdd baru boleh di rebuild automatically...aku pun x tahu kenapa...mungkin boleh rujuk kat sini : [1]
Anyway...apa yang aku buat...(ikut pendapat mamat Dell yg reply kat link atas tu la pun), assign hdd baru sebagai HotSpare dulu...pastu dia akan rebuild sendiri tanpa hilangkan data kat hardisk lain (hopefully la). Tunggu la dia rebuild...berjanggut ooo...bergantung pada server tu sendiri.
dah settle...reboot...dah siap...
Reference : http://lists.us.dell.com/pipermail/linux-poweredge/2006-November/028538.html
copied from sifu sirap :)
Subscribe to:
Posts (Atom)