el.samoun.sna2008@gmail.com

Replicate OpenLDAP Servers

2008-05-21T06:08:00.000-07:00

In this exercise, you configure LDAP replication with your neighbor.
You use a new LDAP entry
“uid=replicator,dc=digitalairlines,dc=com” with password “novell”
for replication.
In part IV, you change the surname of user kbailey from “Bailey” to
“Smith”. You do this on the master to see if the replication works correct.
Do the following:

■ Part I - Add the Replicator DN to the Master’s LDAP Directory
■ Part II - Configure the LDAP Master Server
■ Part III - Configure the LDAP Client Server
■ Part IV - Copy the Database and Start the Servers
■ Part V - Test Replication

Part I - Add the Replicator DN to the Master’s LDAP Directory
1. To add the new LDAP entry on the master create a new LDIF file by entering
vi replicator.ldif
2. Enter the following lines
dn: uid=replicator,dc=digitalairlines,dc=com
objectClass: inetOrgPerson
uid: replicator
cn: LDAP Replicator
sn: Replicator
You also can copy the file exercises/section_3/replicator.ldif from the Course DVD.
3. Save the file and exit by entering :wq.
4. Add the entry to the LDAP directory by entering
ldapadd -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -W -f
replicator.ldif
5. To enter a password for the replicator enter
ldappasswd -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -W -S
"uid=replicator,dc=digitalairlines,dc=com"
6. Enter novell twice as new password.
7. Enter the administrator password (also novell) to set the password.

Part II - Configure the LDAP Master Server
1. On the master stop your LDAP server by entering rcldap stop.
2. Open the file /etc/openldap/slapd.conf by entering
vi /etc/openldap/slapd.conf
3. Specify a file where the changes in the LDAP directory are stored by adding the line
replogfile /var/lib/ldap/master-slapd.replog
4. Specify the replication host (all in one line)
replica uri=ldap://slave_ip:389
binddn=”uid=replicator,dc=digitalairlines,dc=com”
bindmethod=simple credentials=novell
slave_ip is the IP address of your neighbor’s computer.
5. Save the file and exit by entering :wq.

Part III - Configure the LDAP Client Server
1. Stop your LDAP server by entering rcldap stop.
2. Open the file /etc/openldap/slapd.conf by entering
vi /etc/openldap/slapd.conf
3. Add the following lines
updatedn=”uid=replicator,dc=digitalairlines,dc=com”
updateref="ldap://master_ip"
master_ip is the IP address of your neighbor’s computer.
4. Change the following access rule
access to *
by * read
to
access to *
by dn=”uid=replicator,dc=digitalairlines,dc=com” write
by * read
5. Save the file and exit by entering :wq.

Part IV - Copy the Database and Start the Servers
1. On the master server enter
scp -r /var/lib/ldap/ host:/var/lib/ldap/
Replace host by the host name of the slave server.
2. Enter novell when prompted for a password.
3. On both servers start the slapd by entering
rcldap start.
4. On the master server start the slurpd by entering
rcslurpd start

Part V - Test Replication
1. To change some user information on the master, create a new
LDIF file by entering
vi change.ldif
2. Enter the following lines
dn: uid=kbailey,ou=people,dc=digitalairlines,dc=com
cn: Kate Smith
sn: Smith
You also can copy the file exercises/section_3/change.ldif from the Course DVD.
3. Save the file and exit by entering :wq.
4. To change the LDAP information, enter
ldapmodify -x -D
“cn=Administrator,dc=digitalairlines,dc=com” -W -f
change.ldif
5. On the master and slave enter
ldapsearch -x “uid=kbailey”

Set up an LDAP User Database

2008-05-21T06:00:00.000-07:00

In this exercise, you create a password (“novell”) for user kbailey.
In part II you enable an automatically creation of the home directory if a user logs in using ssh.
In part III you login as user kbailey to test your configurations.
Do the following:

■ Part I - Set LDAP User Password
■ Part II - Configure Automatically Home Directory Creation
■ Part III - Login as kbailey via SSH

Part I - Set LDAP User Password
1. Use the command getent (Get Entry) to test whether the LDAP database is used by the glibc. Enter
getent passwd
The users in /etc/passwd and the LDAP database should be
listed. The end of the output may look similar to this:

...
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
geeko:x:1000:100:Geeko Chameleon:/home/geeko:/bin/bash
kbailey:*:1010:100:Kate Bailey:/home/kbailey:/bin/bash

2. To set the password for the user kbailey, enter
ldappasswd -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -W -S
"uid=kbailey,ou=people,dc=digitalairlines,dc=com"
3. Enter novell twice as the new password.
4. Enter the administrator password (also novell) to set the password.
5. Search for your own LDAP entry by entering
ldapsearch -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -x
“uid=kbailey” -W
6. Enter the administrator password (novell). Your encrypted user
password should be listed.

Part II - Configure Automatically Home Directory Creation
1. Open the file /etc/pam.d/sshd with vi by entering
vi /etc/pam.d/sshd
2. Add the following line
session required pam_mkhomedir.so skel=/etc/skel/
umask=0022
3. Save the file and exit by entering :wq.

Part III - Login as kbailey via SSH
1. Login as user kbailey by entering
ssh -l kbailey localhost
2. Enter yes to modify the list of known hosts.
3. Enter the password of kbailey (novell).
The home directory should be created.
4. Enter exit to log out.

Add Users to the LDAP Directory

2008-05-21T05:29:00.000-07:00

In this exercise, you add a user with the following information to your LDAP directory:

Information Value
Login kbailey
Name Kate Bailey
UID 1010
GID 100
Home directory /home/kbailey
Login shell /bin/bash

1. There should be some entries in the LDAP directory created by YaST. To see the content of your LDAP directory enter ldapsearch -x
2. Create an LDIF file by entering vi example.ldif
3. To create a Posix accout for a new user kbailey, add the following lines:
dn: uid=kbailey,ou=people,dc=digitalairlines,dc=com
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
uid: kbailey
uidNumber: 1010
gidNumber: 100
cn: Kate Bailey
givenName: Kate
sn: Bailey
homeDirectory: /home/kbailey
loginShell: /bin/bash
shadowMax: 99999
shadowWarning: 7
shadowInactive: -1
shadowMin: 0
shadowLastChange: 12609
You also can copy the file exercises/section_3/kbailey.ldif from the Course DVD.
4. Save the file and exit the text editor by entering :wq.
5. Add the LDIF file to your LDAP database by entering
ldapadd -x -D "cn=Administrator,dc=digitalairlines,dc=com" -W -f kbailey.ldif
6. Enter the password for the LDAP administrator (novell).
7. To see the content of your LDAP directory, enter
ldapsearch -x "uid=kbailey"

Set Up OpenLDAP with YaST

2008-05-21T05:03:00.000-07:00

In this exercise, you set up an OpenLDAP server and client using YaST. The base DN is “dc=digitalairlines,dc=com” and the common name of the LDAP adminstrator is “cn=Administrator,dc=digitalairlines,dc=com” with password “novell”. TLS/SSL is not used in this exercise. Do the following:

■ Part I - Install OpenLDAP
■ Part II - Setup the OpenLDAP Server
■ Part III - Setup the OpenLDAP Client

Part I - Install OpenLDAP
1. From the main menu, start YaST.
2. Enter the root password (novell) and select OK.
3. From the YaST Control Center, select Software > Software
Management.
4. From the filter drop-down menu, select Search.
5. In the Search field, enter ldap; then select Search.
6. On the right, select the following packages:
❑ nss_ldap
❑ openldap2
❑ openldap2-client
❑ pam_ldap
7. Select Accept; then insert the requested SUSE Linux Enterprise
Server 10 DVD.
8. When installation is complete, remove the DVD and close the
YaST Control Center.

Part II - Setup the OpenLDAP Server
1. Start YaST.
2. Start the YaST module Network Services > LDAP Server.
3. Select Yes to start the LDAP server.
4. Select Configure.
5. In the LDAP Server Configuration dialog select Add Database
to add a database.
6. In the Add Database dialog enter the following information:
Textbox Value
Base DN dc=digitalairlines,dc=com
LDAP Password novell
Validate Password novell
7. Select OK.
8. In the left frame select Global Settings > TLS Settings. Make
Sure that the option TLS Active is set to no.
9. Select Finish.

Part III - Setup the OpenLDAP Client
1. Start the YaST module Network Services > LDAP Client.
2. Select Use LDAP to activate LDAP for user authentication.
3. Make sure that the content of Addresses of LDAP Servers is
127.0.0.1.
4. Make sure that the content of LDAP base DN is
dc=digitalairlines,dc=com
5. Make sure that the option LDAP TLS/SSL is deactivated.
6. Select Advanced Configuration.
7. Select the Administration Settings tab.
8. Enter cn=Administrator in the textbox Administration DN.
9. Activate the option Append Base DN.
10. Activate the option Create Default Configuration Objects.
11. Activate the option Home Directories on This Machine.
12. Select Accept.
13. Select Finish.
14. When asked to enter the administrator password enter novell.

Configure Zone Transfers from the Master Server to Slave Server

2008-05-01T03:43:00.000-07:00

In this exercise, you configure zone transfers from a master to a slave server.

In part I, you create a 128 bit MD5 key with the name zonetransfer.

In part II, you configure the master server to use this key for zone transfer. Create a file /etc/named.key where you enter the key zonetransfer options. This file is included into the /etc/named.conf

In part III, you configure the slave to server to use this key for zone transfer. Copy the file /etc/named.key from the master server to the client server and include it into the file /etc/named.conf.
Do the following:

■ Part I: Generate a Key
■ Part II: Configure the Master Server
■ Part III: Configure the Slave Server

Part I: Generate a Key

1. To stop the DNS server, enter
rcnamed stop
2. Change the directory by entering
cd /var/lib/named
3. To generate a key, enter (on one line)
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST zonetransfer
4. Record the file name of the key in the space below:

Part II: Configure the Master Server

Do the following:
1. Create a new file /etc/named.key with the following content:
key zonetransfer {
algorithm HMAC-MD5;
secret “key”;
};
Instead of key insert the key you created in part I.
2. Change the owner of the file to named by entering
chgrp named /etc/named.key
3. Remove the read permission for others from the file by entering
chmod o-r /etc/named.key
4. On the master server, open the /etc/named.conf file with a text editor.
5. Add the following line at the beginning of the file:
include “/etc/named.key”;
6. Change the content of the zone description of digitalairlines.com as follows:
zone "digitalairlines.com" in {
type master;
file "master/digitalairlines.com.zone";
allow-transfer {
key zonetransfer;
};
};
7. Change the content of the zone description of 0.0.10.in-addr.arpa as follows:
zone “0.0.10.in-addr.arpa” in {
type master;
file “master/10.0.0.zone”;
allow-transfer {
key zonetransfer;
};
};
8. Save the file and exit the text editor.
9. Open a second terminal window and enter su - to get root permissions.
10. When prompted, enter the root password novell.
11. Enter the command
tail -f /var/log/messages
12. Switch to the first terminal window and start bind by entering
rcnamed start
13. From the second terminal window, watch the log output of bind when the slave server is started.

Part III: Configure the Slave Server

Do the following:
1. Copy the file /etc/named.key from the master server to the slave server.
2. Change the owner of the file to named by entering
chgrp named /etc/named.key
3. Remove the read permission for others from the file by entering
chmod o-r /etc/named.key
4. On the slave server, open the /etc/named.conf file with a text editor.
5. Add the following line at the beginning of the file:
include “/etc/named.key”;
6. Add the following lines after the option section:
key zonetransfer {
algorithm HMAC-MD5;
secret “key”;
};
server IP_address_of_the_master_server {
keys {
zonetransfer;
};
};
In the secret option, enter the key of the master server.
7. Save the file and exit the text editor.
8. Remove the files in the directory /var/lib/named/slave/ by entering:
rm /var/lib/named/slave/*
9. Open a second terminal window and enter su - to get root
permissions.
10. When prompted, enter the root password novell.
11. Enter the command
tail -f /var/log/messages
12. Switch to the first terminal window and start bind by entering
rcnamed start
13. From the second terminal window, watch the log output of bind to see if the zone transfer will be done.

Configure DNS Server with Forwarding

2008-05-01T02:24:00.000-07:00

In this exercise, you work with a partner to configure a DNS master server and a DNS slave server for the domain digitalairlines.com. Both servers should be configured to make zone transfer.

The range of IP addresses is 10.0.0.2 to 10.0.0.12. The names of the computers in your network are da2 to da12.

The IP address of your forwarder is 10.0.0.254. Its name is da1.

In part V you configure a subdomain muc.digitalairlines.com. The master server for this subdomain is the slave server of digitalairlines.com.

The range of IP addresses in this subdomain is 10.0.1.100 to 10.0.1.102. The names of the computers is da100 to da102.

The master server of digitalairlines.com forwards requests concerning the subdomain to the slave server.

You need to work as a team on all parts of the exercise.
Do the following:

■ Part I - Switch to Static IP Addresses
■ Part II - Install BIND
■ Part III - Configure the DNS Master Server for the Domain
digitalairlines.com
■ Part IV - Configure the DNS Slave Server for the Domain
digitalairlines.com
■ Part V - Configure the DNS Master Server for the Domain
muc.digitalairlines.com
■ Part VI - Enable Forwarding

Part I - Switch to Static IP Addresses

To switch to static IP addresses, do the following:
1. From the GNOME desktop, open the main menu.
2. Select More Applications.
3. Enter term into the Filter text box.
4. Select the Gnome Terminal icon to start a terminal emulation.
5. Enter /sbin/ip address show to record the following information for your SUSE Linux Enterprise Server 10 server:
❑ IP address:
❑ Hostname:
6. Close the terminal window.
7. From the main menu, start YaST.
8. Enter the root password (novell) and select OK.
9. Select Network Card from the Network Devices YaST module.
10. Make sure that Traditional Method with ifup is selected and select Next.
Your network card is listed in the upper table.
11. Make sure your network card is selected; then select Edit.
12. Make sure that the Address tab is activated.
13. Switch the setup by selecting Static address setup.
14. In the IP Address field, enter the IP address from Part I.
15. In the Subnet mask field, enter 255.255.255.0.
16. Select Host name and name server.
17. (Conditional) If a dialog appears indicating that the resolv.conf
file has been temporarily modified, continue by selecting
Modify.
18. In the Hostname field, enter the hostname from Part I.
19. In the Domain Name field, enter digitalairlines.com.
20. Select OK.
21. Select Routing.
22. In the Default Gateway field, enter the IP address of your Internet
gateway (10.0.0.254).
23. Select OK.
24. Select Next.
25. Select Next.

Part II - Install BIND

To install BIND, do the following:
1. From the YaST Control Center, select
Software > Software Management
2. From the Filter drop-down menu, select Search.
3. In the Search field, enter bind; then select Search.
4. On the right, select the bind and the bind-chrootenv package.
5. Select Accept; then insert the requested SUSE Linux Enterprise Server 10 DVD.
6. When installation is complete, remove the DVD and close the YaST Control Center.

Part III - Configure the DNS Master Server for the Domain digitalairlines.com

Do the following to configure a DNS master server:
1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To rename the file /etc/named.conf to /etc/named.conf.orig, enter
mv /etc/named.conf /etc/named.conf.orig
4. Create a new configuration file named /etc/named.conf with the following content:
# /etc/named.conf: Configuration of the master name server
options {
# Where are the files located?
directory "/var/lib/named";
# Forwarding requests to the classroom server
# forwarders { 192.0.2.1; 192.0.2.2; };
};
# Definition of root zone
zone "." in {
type hint;
file "root.hint";
};
# Definition of the zone localhost
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
5. Configure the forwarders line to match the following:
forwarders {10.0.0.254;};
Make sure that you delete the comment character from the beginning of the forwarders line.
6. Add the following two zone statements after the existing zone statements:
zone “digitalairlines.com” in {
type master;
file “master/digitalairlines.com.zone”;
};
zone “0.0.10.in-addr.arpa” in {
type master;
file “master/10.0.0.zone”;
};
7. Save and close the file.
8. Create a new file digitalairlines.com.zone in the directory
/var/lib/named/master/.
9. Enter the following zone configuration in the file:
$TTL 172800
digitalairlines.com. IN SOA your_FQDN. hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
digitalairlines.com. IN NS your_FQDN.
digitalairlines.com. IN NS slave_FQDN.
da1 IN A 10.0.0.254
da2 IN A 10.0.0.2
da10 IN A 10.0.0.10
da11 IN A 10.0.0.11
da12 IN A 10.0.0.12

The SOA record (including hostmaster.digitalairlines.com) must be on a single line.

Make sure you enter your FQDN (such as da50.digitalairlines.com) in the SOA and NS records.

Use the current date and “01” as the serial number (such as 2006071501).

Add an A record for your own host, such as
da50 IN A 10.0.0.50
10. Save and close the file.
11. Create a new file 10.0.0.zone in the directory /var/lib/named/master/.
12. Enter the following zone configuration in the file:
$TTL 172800
0.0.10.in-addr.arpa. IN SOA your_FQDN. hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
0.0.10.in-addr.arpa. IN NS your_FQDN.
0.0.10.in-addr.arpa. IN NS slave_FQDN.
254 IN PTR da1.digitalairlines.com.
2 IN PTR da2.digitalairlines.com.
10 IN PTR da10.digitalairlines.com.
11 IN PTR da11.digitalairlines.com.
12 IN PTR da12.digitalairlines.com.
13. Save and close the file.
14. Open a second terminal window and enter su - to get root permissions.
15. When prompted, enter the root password novell.
16. Enter the command
tail -f /var/log/messages
17. Switch to the first terminal window and start bind by entering
rcnamed start
18. From the second terminal window, watch the log output of bind
for any messages such as Unknown RR Type or File Not Found.
If any errors occur, fix them and restart bind.
19. From the first terminal window, start bind automatically when the system is booted by entering
insserv named
20. Open the file /etc/resolv.conf in a text editor.
21. Delete all existing nameserver entries.
22. Add the following entry:
nameserver your_ip_address
23. Save and close the file.
24. Verify that your DNS server works by entering
host da10.digitalairlines.com
This should display the IP address of 10.0.0.10.

Part IV - Configure the DNS Slave Server for the Domain digitalairlines.com

To configure the DNS slave server, do the following on the DNS slave server:
1. Open a terminal window and and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To rename the file /etc/named.conf to /etc/named.conf.orig, enter
mv /etc/named.conf /etc/named.conf.orig
4. Create a new configuration file named /etc/named.conf with the
following settings:
# /etc/named.conf: Configuration of the slave name server
options {
# Where are the files located?
directory "/var/lib/named";
# Forwarding requests to the classroom server
# forwarders { 192.0.2.1; 192.0.2.2; };
};
# Definition of root zone
zone "." in {
type hint;
file "root.hint";
};
# Definition of the zone localhost
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
5. Configure the forwarders line to match the following:
forwarders {10.0.0.254;};
Make sure that you delete the comment character from the beginning of the forwarders line.
6. Enter the following two zone statements after the existing statements:
zone “digitalairlines.com” in {
type slave;
file “slave/digitalairlines.com.zone”;
masters {
master_server_ip_address;
};
};
zone “0.0.10.in-addr.arpa” in {
type slave;
file “slave/10.0.0.zone”;
masters {
master_server_ip_address;
};
};
7. Save the changes and close the editor.
8. Open a second terminal window and enter su - to get root permissions.
9. When prompted, enter the root password novell.
10. Enter the command
tail -f /var/log/messages
11. Switch to the first terminal window and start bind by entering
rcnamed start
12. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
13. If any errors occur, try to fix them and restart bind.
14. Start bind automatically when the system boots by entering
insserv named
15. From the first terminal window, open the /etc/resolv.conf file in a text editor.
16. Delete all existing nameserver entries.
17. Add the following entry:
nameserver server_ip_address
18. Save and close the file.
19. Verify that your DNS server works by entering
host da10.digitalairlines.com

Part V - Configure the DNS Master Server for the Domain muc.digitalairlines.com

In the following, the slave server will also be configured as master server of the subdomain. To configure the DNS Master Server for the Domain muc.digitalairlines.com, do the following on the slave server:

1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To stop the DNS server, enter
rcnamed stop
4. Open the file /etc/named.conf with your favorite editor.
5. Add the following two zone statements after the existing zone statements:
zone “muc.digitalairlines.com” in {
type master;
file “master/muc.digitalairlines.com.zone”;
};
zone “1.0.10.in-addr.arpa” in {
type master;
file “master/10.0.1.zone”;
};
6. Save and close the file.
7. Create a new file muc.digitalairlines.com.zone in the directory
/var/lib/named/master/.
8. Enter the following zone configuration in the file:
$TTL 172800
muc.digitalairlines.com. IN SOA your_FQDN.
hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
muc.digitalairlines.com. IN NS your_FQDN.
muc.digitalairlines.com. IN MX 1 da1.digitalairlines.com.
da100 IN A 10.0.1.100
da101 IN A 10.0.1.101
da102 IN A 10.0.1.102
9. Save and close the file.
10. Create a new file 10.0.1.zone in the directory
/var/lib/named/master/.
11. Enter the following zone configuration in the file:
$TTL 172800
1.0.10.in-addr.arpa. IN SOA your_FQDN.
hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
IN NS your_FQDN.
100 IN PTR da100.muc.digitalairlines.com.
101 IN PTR da101.muc.digitalairlines.com.
102 IN PTR da102.muc.digitalairlines.com.
12. Save and close the file.
13. Open a second terminal window and enter su - to get root permissions.
14. When prompted, enter the root password novell.
15. Enter the command
tail -f /var/log/messages
16. Switch to the first terminal window and start bind by entering
rcnamed start
17. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
18. If any errors occur, fix them and restart bind.
19. Open the file /etc/resolv.conf in a text editor.
20. Modify the search entry to:
search digitalairlines.com muc.digitalairlines.com
21. Save and close the file.
22. Verify that your DNS server works by entering
host da100.muc.digitalairlines.com
This should display the IP address of 10.0.1.100.

Part VI - Enable Forwarding

To forward requests concerning a subdomain to the master server of the subdomain server, do the following on the master server for digitalairlines.com:
1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To stop the DNS server, enter
rcnamed stop
4. Open the /etc/named.conf file with a text editor.
5. Add the following zone after the other zone definitions:
zone “muc.digitalairlines.com” in
{
type forward;
forward only;
forwarders {
IP_address_of_the_slave_server;
};
};
zone “1.0.10.in-addr.arpa” in
{
type forward;
forward only;
forwarders {
IP_address_of_the_slave_server;
};
};
6. Save and close the file.
7. Open a second terminal window and enter su - to get root
permissions.
8. When prompted, enter the root password novell.
9. Enter the command
tail -f /var/log/messages
10. Switch to the first terminal window and start bind by entering
rcnamed start
11. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
12. If any errors occur, fix them and restart bind.
13. Verify that your DNS server works by entering
host da100.muc.digitalairlines.com
This should display the IP address of 10.0.1.100

Troubleshoot DHCP

2008-04-30T19:57:00.000-07:00

In this exercise, you troubleshoot DHCP.
Do the following:

1. Run the dhcpdump utility on your server by typing the following
(on one line):
tcpdump -lenx -s 1500 port bootps or port bootpc dhcpdump
2. Generate some DHCP traffic by restarting the network on a client.
3. Review the output of the tcpdump utility.
4. Run the dhcping utility with the respective client, server, and hardware address parameters from a client (on one line):
dhcping -c client_addr -s server_addr -h client_hardware_addr
5. Review the output on the client and the entries in the file
/var/log/messages

Use DHCP and Dynamic DNS

2008-04-30T19:33:00.000-07:00

In this exercise, you configure dynamic DNS for your DHCP server.

In part I, you generate a new 128 bit MD5 key.

In part II, you overwrite your DNS configuration file /etc/named.conf with the file named.conf from the Course DVD. You add a key section and allow dynamic updates for the digitalairlines and 10.0.0 zone.

In part III, you configure the DHCP server to update your DNS server.

In part IV, you configure your DHCP client.
Do the following:

■ Part I - Generate a Key
■ Part II - Configure the DNS Server
■ Part III - Configure the DHCP Server
■ Part IV - Configure the DHCP Clients

Part I - Generate a Key

1. Start a terminal emulation from the main menu.
2. Switch to user root by entering su -.
3. When you are prompted for the root password, enter novell.
4. Switch to the directory /var/lib/named/ by entering
cd /var/lib/named
5. To create a key, enter
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST dhcp-dns
The name of the key file is written on the screen by this command. Record it in the space below:
6. Enter cat name_of_the_key.key and record the key in the space below:

Part II - Configure the DNS Server

Do the following:
1. Overwrite your BIND configuration file /etc/named.conf with the file exercises/section_2/named.conf form the 3074 Course DVD.
2. Start your favorite text editor and open the file /etc/named.conf.
3. Append the following after options:
key dhcp-dns {
algorithm HMAC-MD5;
secret your_key;
};
zone "digitalairlines.com" in {
type master;
file "digitalairlines.zone";
allow-update { key dhcp-dns ;}:
};
zone "0.0.10.in-addr.arpa" in {
type master;
file "10.0.0.zone";
allow-update { key dhcp-dns ;}:
};
4. Save the file.
5. Restart your DNS server with the new configuration:
rcnamed restart

Part III - Configure the DHCP Server

Do the following:
1. Open the file /etc/dhcpd.conf with your text editor and enter the following:
ddns-update-style interim;
ddns-updates on;
key dhcp-dns {
algorithm HMAC-MD5;
secret your_key;
}
zone digitalairlines.com. {
key dhcp-dns;
}
zone 0.0.10.in-addr.arpa. {
key dhcp-dns;
}
2. Save the file and close the editor.
3. Switch back to the virtual terminal and enter
chmod 600 /etc/dhcpd.conf
to prevent it from being readable by all users.
4. Close the terminal window.

Part IV - Configure the DHCP Clients

1. On your DHCP client, edit the file /etc/HOSTNAME. Change the hostname of the client to something that is unique in your network and not already known to your DNS server. (For example, you could set your lastname as the hostname of your client.)
2. Restart your dhcpd by entering
rcdhcpd restart

Configure DHCP Clients

2008-04-30T19:29:00.000-07:00

In this exercise, you activate the DHCP client with YaST.

To configure a DHCP client, do the following:

1. Start YaST from the main menu.
2. When you are prompted for the root password, enter novell.
3. Select Network Devices > Network Card.
4. Select Change.
5. Make sure that your network card is selected in the top field and
select Edit.
6. Select Automatic Address Setup (via DHCP).
7. Select Host Name and Name Server.
8. Make sure that the following are selected:
❑ Change Host Name via DHCP
❑ Update Name Servers and Search Lists via DHCP
9. Select OK.
10. Select Next.
11. Select Finish.
12. Close the YaST window.
13. Start a terminal emulation from the main menu.
14. Switch to user root by entering su -.
15. When you are prompted for the root password, enter novell.
16. Enter ifstatus-dhcp eth0 to see the IP address of your network
card.
17. Close the terminal window.

Configure the DHCP Server

2008-04-30T18:59:00.000-07:00

In this exercise, you install and configure a DHCP server for the domain digitalairlines.com. The IP addresses your DHCP server manages are 10.0.0.101 to 10.0.0.120. Your DHCP server should inform the clients about the DNS information and routers (both services on 10.0.0.254). The computers of two of your neighbors should get the IP addresses 10.0.0.151 and 10.0.0.152. The defaul lease time is one day the maximum lease time two days. Do the following:

■ Part I - Install the DHCP Server Software
■ Part II: Edit the /etc/sysconfig/dhcpd File
■ Part III - Edit the /etc/dhcpd.conf File
■ Part IV - Test the Configuration

Part I - Install the DHCP Server Software

To install the DHCP server software, do the following:

1. Start YaST from the main menu.
2. When you are prompted for the root password, enter novell.
3. Select Software Management.
4. Select the Filter pull-down menu; then select Search.
5. Enter dhcp in the Search text box and click Search.
6. Select the check boxes in front of the following packages:
❑ dhcp
❑ dhcp-server
❑ dhcp-tools
7. Select Accept.
8. When the installation is finished, close all YaST windows.

Part II: Edit the /etc/sysconfig/dhcpd File

To edit the /etc/sysconfig/dhcpd file, do the following:

1. Start a terminal emulation from the main menu.
2. Switch to user root by entering su -.
3. When you are prompted for the root password, enter novell.
4. Start your favorite text editor and open the file
/etc/sysconfig/dhcpd.
5. Change the line
DHCPD_INTERFACE=””
to
DHCPD_INTERFACE=”eth0”
6. Save the file.

Part III - Edit the /etc/dhcpd.conf File

To edit the /etc/dhcpd.conf file, do the following:

1. Start a terminal emulation from the main menu.
2. Switch to user root by entering su -.
3. When you are prompted for the root password, enter novell.
4. Enter ip address show to get the MAC address of your network card.
5. Record your MAC address in the space below:
6. Record the MAC address of your two neighbors in the table below:
Hostname: IP: MAC:
Hostname: IP: MAC:
7. Rename the file /etc/dhcpd.conf to /etc/dhcp.conf.orig by entering
mv /etc/dhcpd.conf /etc/dhcpd.conf.orig
8. Open a new file /etc/dhcp.conf with your favorite text editor.
9. To switch off dynamic DNS updates, enter
ddns-update-style none;
10. To set the default lease time to one day, enter
default-lease-time 86400;
11. To set the maximum lease time to two days, enter
max-lease-time 172800;
12. To define the domain name, enter
option domain-name “digitalairlines.com”;
13. To specify the domain name servers, enter
option domain-name-servers 10.0.0.254;
14. To specify the default gateway, enter
option routers 10.0.0.254;
15. To specify the range of IP addresses to be provided by your DHCP server, enter
subnet 10.0.0.0 netmask 255.255.255.0
{
range 10.0.0.101 10.0.0.120;
}
16. To assign fixed IP addresses to the hosts of two of your neighbors, add
host hostname1.digitalairlines.com
{
hardware ethernet mac1;
fixed-address 10.0.0.151;
}
host hostname2.digitalairlines.com
{
hardware ethernet mac2;
fixed-address 10.0.0.152;
}

Instead of hostname1 and hostname2, enter the hostname of
your neighbor’s computer. Instead of mac1 and mac2, enter the
MAC address of your neighbor’s computer.
17. Save the file.

Part IV - Test the Configuration

To test the configuration, do the following:

1. Enter rcdhcpd syntax-check to test your configuration.

You should get an error message that the lease database could
not be opened. That happens because the dhcpd is not started.
There should be no syntax error in the output of rcdhcpd
syntax-check.

How to Configure Internet Connection Sharing in Windows XP

2008-04-26T01:25:00.000-07:00

INTRODUCTION

This article describes how to set up and use the Internet Connection Sharing feature in Microsoft Windows XP. With Internet Connection Sharing, you can use networked computers to share a single connection to the Internet.

How to use Internet Connection Sharing

To use Internet Connection Sharing to share your Internet connection, the host computer must have one network adapter that is configured to connect to the internal network, and one network adapter or modem that is configured to connect to the Internet.

On the host computer

On the host computer, follow these steps to share the Internet connection:
1. Log on to the host computer as Administrator or as Owner.

2. Click Start, and then click Control Panel.

3. Click Network and Internet Connections.

4. Click Network Connections.

5. Right-click the connection that you use to connect to the Internet. For example, if you connect to the Internet by using a modem, right-click the connection that you want under Dial-up.

6. Click Properties.

7. Click the Advanced tab.

8. Under Internet Connection Sharing, select the Allow other network users to connect through this computer's Internet connection check box.

9. If you are sharing a dial-up Internet connection, select the Establish a dial-up connection whenever a computer on my network attempts to access the Internet check box if you want to permit your computer to automatically connect to the Internet.

10. Click OK. You receive the following message:

When Internet Connection Sharing is enabled, your LAN adapter will be set to use IPaddress 192.168.0.1. Your computer may lose connectivity with other computers onyour network. If these other computers have static IP addresses, it is a good idea to set themto obtain their IP addresses automatically. Are you sure you want to enable InternetConnection Sharing?

11. Click Yes.

The connection to the Internet is shared to other computers on the local area network (LAN). The network adapter that is connected to the LAN is configured with a static IP address of 192.168.0.1 and a subnet mask of 255.255.255.0

On the client computer

To connect to the Internet by using the shared connection, you must confirm the LAN adapter IP configuration, and then configure the client computer. To confirm the LAN adapter IP configuration, follow these steps:
1. Log on to the client computer as Administrator or as Owner.

2. Click Start, and then click Control Panel.

3. Click Network and Internet Connections.

4. Click Network Connections.

5. Right-click Local Area Connection, and then click Properties.

6. Click the General tab, click Internet Protocol (TCP/IP) in the This connection uses the following items list, and then click Properties.

7. In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain an IP address automatically (if it is not already selected), and then click OK.

Note: You can also assign a unique static IP address in the range of 192.168.0.2 to 192.168.0.254. For example, you can assign the following static IP address, subnet mask, and default gateway:

IP Address 192.168.0.2 Subnet mask 255.255.255.0 Default gateway 192.168.0.1

8. In the Local Area Connection Properties dialog box, click OK.

9. Quit Control Panel.

To configure the client computer to use the shared Internet connection, follow these steps:
1. Click Start, and then click Control Panel.

2. Click Network and Internet Connections.

3. Click Internet Options.

4. In the Internet Properties dialog box, click the Connections tab.

5. Click the Setup button.

The New Connection Wizard starts.
6. On the Welcome to the New Connection Wizard page, click Next.

7. Click Connect to the Internet, and then click Next.

8. Click Set up my connection manually, and then click Next.

9. Click Connect using a broadband connection that is always on, and then click Next.

10. On the Completing the New Connection Wizard page, click Finish.

11. Quit Control Panel.

When you now start Microsoft Internet Explorer, the client computer will try to connect to the Internet by using the host computer's shared Internet connection.

Troubleshooting

When you turn on Internet Connection Sharing on the host computer, the host computer's LAN adapter is automatically assigned the IP address of 192.168.0.1. Therefore, one of the following situations may occur:
•
IP address conflictEach computer on the LAN must have a unique IP address. If more than one computer has the same IP address, an IP conflict occurs, and one of the network adapters turns off until the conflict is resolved. To resolve this conflict, configure the client computer to automatically obtain an IP address, or assign it a unique IP address.
•
Loss of network connectivityIf your network is configured with a different IP address range than Internet Connection Sharing uses, you will lose network connectivity with the host computer. To resolve this issue, configure the client computers to automatically obtain an IP address, or assign each client computer a unique IP address in the range of 192.168.0.2 to 192.168.0.254.

Reset password administrator

2008-04-24T21:16:00.000-07:00

Some program let you reset your administrator password such as ERD Commander, but you have to pay for it. With Windows XP cd lets you reset your administrator for free. See how to do below.
1. Boot from Windows XP cd
2. Until you see Welcome to Setup screen, press Enter to setup Windows
3. The Licensing Agreement screen is shown, press F8 to accept
4. Then you will see an option for repairing you should select your XP installation and press R to repare
5. Don’t do anything and wait until finishing copying files from the cd for installation and windows will restart automatically and Windows is installing.
6. Looking at the lower left side of the screen until you see Installing Devices progress bar, press Shift + F10
7. A prompt is coming up, type NUSRMGR.CPL and press Enter to access your account in Control Panel.
8. It let you change or remove password as you like.
9. Keep installing process…

Ntldr is missing

2008-04-04T17:45:00.000-07:00

Ntldr is missing

1. Insert the Windows XP bootable CD into the computer.
2. When prompted to press any key to boot from the CD, press any key.
3. Once in the Windows XP setup menu press the "R" key to repair Windows.
4. Log into your Windows installation by pressing the "1" key and pressing enter.
5. You will then be prompted for your administrator password, enter that password.
6. Copy the below two files to the root directory of the primary hard disk. In the below example we are copying these files from the CD-ROM drive letter "E". This letter may be different on your computer. copy e:\i386\ntldr c:\, copy e:\i386\ntdetect.com c:\
7. Once both of these files have been successfully copied, remove the CD from the computer and reboot.

How to install recovery console

2008-04-04T17:27:00.000-07:00

To install the Recovery Console, follow these steps:
1.
Insert the Windows XP CD into the CD-ROM drive.
2.
Click Start, and then click Run.
3.
In the Open box, type d:\i386\winnt32.exe /cmdcons where d is the drive letter for the CD-ROM drive.
4.
A Windows Setup Dialog Box appears. The Windows Setup Dialog Box describes the Recovery Console option. To confirm the installation, click Yes.
5.
Restart the computer. The next time that you start your computer, "Microsoft Windows Recovery Console" appears on the startup menu.

To run the Recovery Console from the Windows XP startup disks or the Windows XP CD-ROM, follow these steps:
1.
Insert the Windows XP startup disk into the floppy disk drive, or insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer. Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.
2.
When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
3.
If you have a dual-boot or multiple-boot computer, select the installation that you must access from the Recovery Console.
4.
When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.
5.
At the command prompt, type the appropriate commands to diagnose and repair your Windows XP installation. For a list of commands that are available in Recovery Console, type recovery console commands or help at the command prompt, and then press ENTER. For information about a specific command, type help commandname at the command prompt, and then press ENTER.
6.
To exit the Recovery Console and restart the computer, type exit at the command prompt, and then press ENTER.