Software – Keyserver Client Silent Install

Posted on December 7, 2011 by

To build an installer for the Sassafras Software’s K2 – Keyserver Key Audit client use the client customization application they provide.  This is found in the
“client – misc”  folder of their computer installer archive that can be reached by logging into their Support and Downloads web page.

Their documentation…

http://www.sassafras.com/hrl/7.0/k2clientconfigW.html

I put the client installers and the k2clientconfig application in the same folder and the ran this command:

k2clientconfig.exe -s 3 -c no -b no -h keyserver.williams.edu k2Client-x64.exe

The output was:

Changing PROP_SILENCE
Changing PROP_HOSTNAME from ‘keyserver’ to ‘keyserver.williams.edu’
Changing PROP_KEYCHECKOUT from ‘2’ to ‘0’
Changing REBOOT from ‘Force’ to ‘Suppress’
Digital signature has been removed from k2Client-x64.exe

 

Posted in Software | Tagged , , | Comments Off on Software – Keyserver Client Silent Install

Software – Adobe Settings Files locations

Posted on December 7, 2011 by

A helpful web page that describes where to find the preference, settings, and workspace files for Adobe CS apps is at:

http://kb2.adobe.com/cps/828/cpsid_82893.html

Posted in Software | Tagged , , , | Comments Off on Software – Adobe Settings Files locations

Windows – NTLM Authentication Level

Posted on December 2, 2011 by

With the advent of Windows 7, Microsoft increased the default NTLM (a.ka. LAN Manager) authentication level required to connect to various network resources like file shares.  If you are running windows 7 and need to connect to older files shares you may need to lower the NTLM authentication on your computer to allow the connection.  If you are not able to log into the file shares from a windows 7 computer but are from other non-windows 7 computers,  try setting your LAN Manager  authentication level to …”Send LM & NTLM – use NTLMv2 session security if negotiated”

To do this  — In the Start menu search box type “Local Security Settings” (or look in the Administrative shortcuts) and then open the program …  this screen snip shows how to find this setting … no reboot is required …

Posted in Labs, Software | Tagged | Comments Off on Windows – NTLM Authentication Level

Mac – Unmounting Windows (or any other) volume at startup

Posted on November 28, 2011 by

To umount a Macintosh volume at start-up (for example the windows bootcamp volume) you can create a startup item …

In:

/Library/StartupItems

Create a directory “Unmount”  in that directory you want to put 2 files:

Unmount

and

StartupParameters.plist

 

Unmount file is a shell script with the following contents:

#!/bin/sh
. /etc/rc.common
if [ “$1” == “start” ]
then
/usr/sbin/diskutil unmount /dev/diskXXX
fi

The /dev/diskXXX in this file you need to change.  My unmount command is actually …

/usr/sbin/diskutil unmount /dev/disk0s3

To find the correct information for your system run the command:

“diskutil  info /Volumes/Windows/”     —- or whatever the volume name is …

in the output you need to look for the “Device Node” .  Whatever it says for that Device Node is what you should put in the Unmount command in the shell script above.

 

StartupParameters.plist is a plist file that contains:

<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE plist PUBLIC “-//Apple Computer//DTD PLIST 1.0//EN”
“http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
<plist version=”1.0″>
<dict>
<key>Description</key>
<string>Try to unmount the old disk</string>
<key>Provides</key>
<array>
<string>Unmount</string>
</array>
</dict>
</plist>

 

 

After creating the files, chmod them so that they are:

-rw-r–r–     StartupParameters.plist
-rwxr-xr-x   Unmount

Also, I set the owner and group to “root” and “wheel” respectively to match the other items in the /Library/StartupItems directory … (“chown -R root /Library/StartupItems/Unmount/” and “chgrp -R wheel /Library/StartupItems/Unmount/”)

 

For additional details see:

http://hints.macworld.com/article.php?story=2005052804075538

 

Posted in Articles, Labs | Tagged , , | Comments Off on Mac – Unmounting Windows (or any other) volume at startup

Windows – Launch program each time you login

Posted on November 15, 2011 by

To start a program each time you log into a windows computer …

  1. Create a shortcut to the program on the desktop (find the program in the program files folders and “right-click” on it …)
  2. Click on the Windows Start icon then “right-click ” on Programs and select Open
  3. Double click on the “Programs” folder and then on the “Startup” folder
  4. Copy or move the shortcut you created in the first step to this “Startup” folder
Posted in Labs, Software | Tagged , | Comments Off on Windows – Launch program each time you login

Software – GIS Idrisi

Posted on November 4, 2011 by

To install Taiga Idrisi software correctly ….

  1. Install the software
  2. Run as Admin the License Manager and enter information for network client: \\lm2\taiga\taiga
  3. Run as Admin the Application once to have the license stick
Posted in Labs, Software | Tagged | Comments Off on Software – GIS Idrisi

Windows – Adding printers in Windows XP

Posted on November 3, 2011 by

To add printers system-wide in Windows XP you had to use a odd set of commands:

http://support.microsoft.com/kb/314486

Thankfully, this has gone away in windows 7 with the use of group policy user preferences ….

Posted in Articles, Labs | Tagged | Comments Off on Windows – Adding printers in Windows XP

Mac – AD Authentication to non-primary domain controllers details

Posted on November 3, 2011 by

Here are some details on how to make sure your non-primary AD authentication servers are available to macs running snow leopard …

This comes from the MACENTERPRISE list which always provides a wealth of information for people who support Macs …

======================================

Subject: Re: Mac Login issue
From: Tim Perfitt
Reply-To: Mac OS X enterprise deployment project
Date: Wed, 23 Feb 2011 20:14:28 -0600
Content-Type: text/plain
Parts/Attachments:

text/plain (64 lines)

There is no way to manually enter in the DCs, as this information is based on site. The important thing to check is that the SRV records for the DCs that are in your site are advertised at the top level of AD DNS as well. You can see which DCs are available by turning on verbose DS logging and looking at the logs:

sudo defaults write /Library/Preferences/DirectoryService/DirectoryServiceDebug “Debug Logging Priority Level” -integer 7
sudo touch /Library/Preferences/DirectoryService/.DSLogDebugAtStart
sudo killall DirectoryService

open Console and filter on “tory:” for this log: /Library/Logs/DirectoryService/DirectoryService.debug.log

You should see some lines like these:

2011-02-23 19:26:38 CST – T[0x0000000101981000] – Active Directory: Processing Site Search with found IP
2011-02-23 19:26:47 CST – T[0x0000000101981000] – Active Directory: Site found of – Default-First-Site-Name
2011-02-23 19:26:47 CST – T[0x0000000101981000] – Active Directory: Adding Server –

In order for a DC to be used, it must :

1. Have ldap and kerberos service records in the site specific DNS service records (_ldap._tcp.sitename._sites.dc._msdcs.domain.name and _kerberos._tcp.sitename._sites.dc._msdcs.domain.name)
2. Have its kpassword service records in the top level dns records (_kpasswd._tcp.domain.name)

If a DC fails either of those tests, it is not used. If you see “Adding Server – “, you know that it passed those tests and would be used in case of a failure and for load balancing.

The rules for GC are a bit different, since it doesn’t care about _kerberos or _kpassword (GCs aren’t used to to authenticate users or change passwords). The important thing for GCs is that the _ldap records are in the site specific DNS entries (_ldap._tcp.sitename._sites.gc._msdcs.domain.name). Again, if you see “Adding Server” in the GC section:

2011-02-23 19:26:51 CST – T[0x0000000101C10000] – Active Directory: Global Catalogs – Start checking servers for site “Default-First-Site-Name”

then you know it passed that test.

HTH,

tim

On Feb 23, 2011, at 11:15 AM, Logston, Alan wrote:

> When I came into work this morning and got a call that an entire Mac instructional lab would not allow domain/Student logins. Soon I got three more calls complaining of the dame situation all over campus. There was a very small handful of Macs able to authenticate and all the PCs were still logging in just fine.
>
> I dug into the problem and discovered that the Domain controller DC-1 was down. The PCs were falling back to other servers to authenticate but the Macs were only trying to authenticate to DC-1
>
> In the “Directory Utility” I have “Prefer this domain server” Blank. I thought this would make it so the Mac would auto discover the other authentication servers like the PCs.
>
>
> Is there any way I can manually enter these severs so this problem will not happen again?
>
>
>
> Thanks,
>
>
> Alan
> ITS
>
>

Posted in Labs | Tagged , | Comments Off on Mac – AD Authentication to non-primary domain controllers details

Windows – AD Management with PowerShell

Posted on November 1, 2011 by

Apparently, it is now possible to manage the AD with PowerShell. Since the GUI for active domain users and computers can typically only make changes one account at a time, this powershell access could be handy when you have to manipulate multiple accounts at once:

http://www.scriptlogic.com/smbit/article/track-user-password-expiration-using-active-directory?elq_mid=2220&elq_cid=786672&elq=938d349e11c845d681800dccd9b9246a

Posted in Labs | Tagged , | Comments Off on Windows – AD Management with PowerShell

Software – Matlab 2011

Posted on October 13, 2011 by

Building a deployable and completely silent software installer for Matlab on windows is a bit of an adventure .  Clearly, each installation is different so I don’t think I can give a detailed step-by-step recipe here for every circumstance.  I can give you a few steps which took me a while to piece together from various sources and a considerable amount of trial and error …

  • Extract the installer from the vendor to a new, empty folder
  • Be sure to replace the generic “archives” folder which may initially contain only the license manager with the archives folder you have specific for the Matlab products you need to install
  • Create an installer input file with all the questions answered (a copy of ours is attached , remember to change the auth-code to your real auth code, ours is scrubbed out in this example)
    • For a completely silent install also change the “mode=automated” to “mode=silent” in this installer input file
  • If you run this in a non-FlexLM environment you also have to deal with the activation process (we run FlexLM here to simplify the process, so I can’t help you with that process …)
  • Make sure you have a copy of your network license file to copy into a known place for the installer to point at
  • Run the installer from a batch script with commands like:

    echo Copying network license file …
    xcopy /Q /Y “%install_dir%payload\matlab_network.dat” c:\windows\temp\

    echo Installing software and required conponents …
    “%install_dir%payload\bin\win64\setup.exe” -inputFile “%install_dir%payload\wc_installer_input.txt”

    Where %installdir% is set to the directory where you are running the installation. Also mind the line breaks shown here are not intended for the actual commands ….

Posted in Software | Tagged , , | Comments Off on Software – Matlab 2011