We are open for business

This is the earliest we’ve ever opened the labs and, knock on wood, this is the smoothest one I’ve had in some time. Very few people are actually here,

The only bump in the road was easily solved, once I thought it through: URHNet users were getting told that our print servers didn’t have drivers for the printers we were sharing. This is not true. Since they are coming in as the Guest account, I figured something had to be up with permissions. The share (servernameprint$) had Read permissions for Everyone, so that’s good. The underlying file permissions, on the other hand, were missing Everyone. So, I re-added that, and all is now good.

And, had I looked in the Microsoft Knowledgebase first, I would have found article 271901.

HP 5308xl and port security

Since my searches on Google came up dry, here’s how you clear existing MAC addresses from port security on an HP ProCurve 5308xl (from pg 237 of the Access Security Guide):

#configure terminal
(config)#show port-security H6
(config)#no port-security H6 mac-address 00b0d0-46b139
(config)#show port-security H6

Copy and paste of the MAC from the output of the show command works just fine.

Battleground state?

This guy must be nuts:

The Keyes candidacy also poses a dilemma for Democratic presidential contender John Kerry, and potentially a dividend for Bush. Illinois is no lock for the Democrats. It’s a highly contested key battleground state.

I mean, come on, even The Daily Show has written Illinois off as a “blue state”. The rest of the column makes some sense, but I think the “carpetbagger” moniker and Keyes own taped quotes about Hillary are going to do more damage than he thinks. As long as Barack doesn’t have any skeletons in his closet, he’s going to skate through this one.

Lab installs

I’ve been busy rebuilding lab machines, hammering the network, as this graph shows:spikes
That’s the gig interface on a Dell 2650 server, working hard. And those spikes correspond to about 120 workstation installs across 5 sites. Graduate sites, that have to be scheduled, start tommorrow morning.
And we get to find out how people are going to react to losing the (free) dot printers. With cheaper laser printing, more lasers and color lasers available in 3 sites, hopefully it will go well.

FreeS/WAN, x509 patches and the Unix epoch

Just so this gets into google: If you are creating a Windows Certificate Server CA to use with FreeSWAN/OpenSWAN/etc, don’t set it to be valid past the end of the unix epoch (ie 2038). FreeSWAN barfs on the RootCA cert, with nothing resembling a useful error (mentioned here). Now, back to running around like a chicken with it’s head cut off getting the labs ready to open.

Stinky

Stinky thumbnail
Hi, my name is Stinky. I’m sleeping, because it’s sunny in here. Maybe later I’ll pose for some better pictures.
Update: I woke up a bit more and posed some.
Stinky thumbnailStinky thumbnail

Been kind of quiet around here

Working my tail off, getting ready for opening, as usual. Lab rebuilds are progressing nicely, close to go time, but I should probably roll in the latest (out of cycle) security bulletin from Microsoft first. Hopefully it doesn’t require any strange things to install properly. Now I just need to hope for no critical patches on patch Tuesday.

In what will probably be the last chance until September, I took Friday off, and spent most of the day working at Hoopeston, getting my linux desktop closer to moving over to new hardware and other misc tasks. And we had one of those 10 minute tasks turn into an all afternoon clusterf$%k. But, in the long run, it was really just moving up the schedule for a reinstall, not creating work. Yeah, that’s the ticket.

Saturday I took advantage of the wonderful concrete floor and air tools to rotate the tires on the Dakota and spent some time working in Hoopeston again. I picked up Alisha’s new hamster, Stinky, from my in-laws and brought it home. He seems to be happier in his plastic habitat than in the cardboard box. Maybe I’ll get some pictures this week.

A funny random link to a former co-worker’s blog.