Change Ubuntu Server from DHCP to a Static IP Address

Ever need to quickly assign a static IP to your new Ubuntu server installation? Here's an article that explains how to do it.

If the Ubuntu Server installer has set your server to use DHCP, you will want to change it to a static IP address so that people can actually use it.

Changing this setting without a GUI will require some text editing, but that’s classic linux, right?

Let’s open up the /etc/network/interfaces file. I’m going to use vi, but you can choose a different editor

sudo vi /etc/network/interfaces

For the primary interface, which is usually eth0, you will see these lines:

auto eth0
iface eth0 inet dhcp

As you can see, it’s using DHCP right now. We are going to change dhcp to static, and then there are a number of options that should be added below it. Obviously you’d customize this to your network.

auto eth0
iface eth0 inet static
        address 192.168.1.100
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1

Now we’ll need to add in the DNS settings by editing the resolv.conf file:

sudo vi /etc/resolv.conf

On the line ‘name server xxx.xxx.xxx.xxx’ replace the x with the IP of your name server. (You can do ifconfig /all to find out what they are)

You need to also remove the dhcp client for this to stick (thanks to Peter for noticing). You might need to remove dhcp-client3 instead.

sudo apt-get remove dhcp-client

Now we’ll just need to restart the networking components:

sudo /etc/init.d/networking restart

Ping www.google.com. If you get a response, name resolution is working(unless of course if google is in your hosts file).

Really pretty simple.

Source: http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/

How to shrink a large modellog.ldf file

Problem: My disk space is full on my server.  My SQL Server modellog.ldf is over 8 GB each and growing exponentially.  What should I do?


First try to figure out what's using the log file:


use [model]
select (sum(size) * (8192/1024)) / 1024 from dbo.sysfiles WHERE (status & 0x40) <> 0
DBCC SQLPERF(LOGSPACE)
select ceiling((sum(size) * (8192.0/1024.0)) / 1024.0) from dbo.sysfiles
exec sp_spaceused
DBCC SQLPERF(LOGSPACE)


It is very unusual that the model database data or log files would grow at all.  The database is normally used only as a template for creating new databases.  Make sure you don't have any renegade applications using the database.


To simply shrink the file, do the following:


You may need to back up the transaction log before shrinking. 
Then backup log again with the truncate only option i.e

BACKUP LOG MODEL WITH TRUNCATE_ONLY


Then you can run the database shrink command :


ALTER DATABASE model SET RECOVERY SIMPLE
GO
USE model
GO
DBCC SHRINKFILE('modellog', 2)
GO

Firewall ports needed for proper Zimbra email server operation.

The following TCP ports need to be open in order for Zimbra to work properly:

POP3 - port 110

IMAP - port 143

SMTP - port 25

HTTP - port 80

HTTPS - port 443 

Secure SMTP (SSMTP) - port 465

Secure IMAP (IMAP4-SSL) - port 585

IMAP4 over SSL (IMAPS) - port 993 - NECESSARY FOR iPHONE CONNECTIVITY

Secure POP3 (SSL-POP) - port 995

Installing $12.99 GoDaddy SSL Certificate on Zimbra versions 5 and 6

This is the only way I managed to install a Standard $12.99 SSL Certificate onto Zimbra 6.0.6

STEP 1: Generate CSR (SSL Certificate Signing Request) and get it signed by GoDaddy.

1) Log into Zimbra's Administration Console - Usually done by logging into https://yourhost.yourdomain.com:7071/zimbraAdmin/

2) On the left hand side, under Tools, click "Certificates"

3) Click on Install Certificate

4) Select your Server Name - hit next

5) Choose "Generate CSR for the commercial certificate authority" - hit next

6) Choose a 2048 bit size, and fill out the form using the following guide:

General CSR Creation Guidelines

Before you can order your SSL Certificates, you must first generate a CSR (Certificate Signing Request) on your server. A CSR is an encrypted body of text. Your CSR will contain encoded information specific to your company and domain name; this information is known as a Distinguished Name or DN.

In the DN for most servers are the following fields: Country, State (or Province), Locality (or City), Organization, Organizational Unit, and Common Name. 

Please note:

The Country is a two-digit code -- for the United States, it's 'US'. For countries outside of the United States, see our listing of SSL Certificate Country Codes.

State and Locality are full names, i.e. 'California', 'Los Angeles'.

The Organization Name is your Full Legal Company or Personal Name, as legally registered in your locality.

The Organizational Unit is whichever branch of your company is ordering the certificate such as accounting, marketing, etc.

The Common Name is the Fully Qualified Domain Name (FQDN) for which you are requesting the ssl certificate.

If you are generating a CSR for a Wildcard Certificate your common name must start with *. (for example: *.domain.com). The wildcard character (*) will be able to assume any name that does not have a "dot" character in it.

Once your CSR is created, you will be able to simply copy and paste it into the online order form.

7) Hit next, and wait for the CSR to be generated.

8) Before hitting Finish, click on "Download CSR" to save the file to your computer.

9) Go to GoDaddy.com and start the SSL creation process using their wizard.

10) Once you're at the step where you're asked for the CSR file. Open the previously downloaded file using a text editor, and copy EVERYTHING INCLUDING: -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----

11) Now paste the CSR to GoDaddy making sure you chose 2048-bit from the GoDaddy wizard.

12) Finish the GoDaddy certificate creation process, making sure that the information you enter matches what you used to create the CSR.

13) Download the certificate from GoDaddy for Apache.

STEP 2: Installing the certificate in Zimbra

1) Log into Zimbra's Administration Console - Usually done by logging into https://yourhost.yourdomain.com:7071/zimbraAdmin/

2) On the left hand side, under Tools, click "Certificates"

3) Click on Install Certificate

4) Select your Server Name - hit next

5) Select "Install the commercially signed certificate" - hit next twice

6) Visit https://certs.godaddy.com/anonymous/repository.seam and download gd-class2-root.crt

7) Now attach the files as follows:

Certificate : here you attach the generated certificate, of the form host.yourdomain.com.crt
Root CA: here you attach the file you downloaded in step 6. gd-class2-root.crt
Intermediate CA: Here you attach the 'bundled' file that came with your certificate.

8) Hit Next, and then Finish.

9) Here you might receive an error, and things won't work.

STEP 3: Troubleshooting

1) Copy your gd-class2-root.crt to /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt

Then follow the steps below:

1. At this point, the csr and the private key should have been created by Zimbra in /opt/zimbra/ssl/zimbra/commercial directory and name them: commercial.csr and commercial.key.
2. Make sure the permissions are set to 740 root:root (you can skip this step, I did)
3. Make a new directory, ex: /root/certs
4. Place the singed cert and the bundle cert in /root/certs (these are the files you downloaded from GoDaddy) 
5. Verify that the cert and the key match via these commands (run as root)
   
   cd /root/certs
   
   /opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key ./ ./ 
   
6. If the output looks good, you can deploy the certificate via this command:
   
   /opt/zimbra/bin/zmcertmgr deploycrt comm ./ ./
   
7. The final step would be to restart the zimbra services for the change to take effect (see the end of this post) 

IF step 7 gives you errors such as "logger service cannot start" or "ldap service" can't start.

Then you need to do the following:

The commercial certs were deployed fine. However you must also as ROOT run:

/opt/zimbra/bin/zmcertmgr addcacert /opt/zimbra/ssl/zimbra/commercial/commercial.crt

Finally, restart your services by

1) su root

2) su zimbra

3) zmcontrol stop

4) zmcontrol start

Microsoft: Internet Explorer warning issued on January 14th, 2010

Internet Explorer 8 works fairly well, but Internet Explorer has never been safe to use. This new security warning by Microsoft should be an awakening for many of us in the business world that still rely on IE for our daily operations. Is it time to switch to Google Chrome or Firefox and give up the patching game that Microsoft has us playing day in and day out. If you’re still using Internet Explorer, read the following alert issued by Microsoft on January 14th, 2010 and decide what you want to run on your business machines:

 

The following text comes from: http://www.microsoft.com/technet/security/advisory/979352.mspx – Please visit the site for all the details.

Our investigation so far has shown that Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are vulnerable.

The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.

At this time, we are aware of limited, targeted attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if the situation changes. On completion of this investigation, Microsoft will take appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update.

In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Alternative browsers:

Download Google Chrome here: http://chrome.google.com

Download Mozilla Firefox here: http://www.getfirefox.com

Download Opera here: http://www.opera.com

How to install applications for use with Terminal Server?

Installing applications on a terminal server is done slightly differently than typical installation in order to ensure that all permissions are properly set and the application is usable by all terminal services users.

There are two modes in terminal server, Execute and Install. By default all users are logged on in Execute mode and this means they can run programs etc. When you want to install an Application for use by everyone the Administrator should change to Install mode.

The best way to install software is to use the Add/Remove programs control panel applet as this will automatically set the mode to Install during the installation and then back to Execute at the end. Alternatively you can manually change your mode to install by typing

C:\> change user /install

To change back to execute use

C:\> change user /execute

And to check you current mode use

C:\> change user /query

In this example we will use Add/Remove to install Winzip on a terminal server.

1. Start the Add/Remove programs control panel applet (Start - Settings - Control Panel - Add/Remove Programs)
2. Select the 'Install/Uninstall' tab and click 'Install'
3. You will be told to insert the setup media, click Next
4. The installation wizard will look for setup.exe on the CD or disk, it won't find it, select an alternate by clicking the 'Browse' button, and select the winzip.exe file. Click Next
5. You will now be given the option to change your mode so all users can use the application. Select 'All users begin with common application settings.' and click Next
6. The install of the application will begin and you will notice your mode has been changed to Install if you typed 'change user /query'.
7. Proceed to install the application as normal
8. Once setup is complete click Next to the install dialog then Finish

All terminal server users will now have Winzip. An alternative would be to manually set the mode to install, install the software and set back to execute.

How to Clear Windows Update Cache upon Update Failure

We all know that generally speaking, Windows Updates help solve old problems while bringing in new problems. Every once in a while, the update process itself fails, and you’re left with updates that don’t fully install, and can’t be removed from the update queue.

 

Here is a simple trick to clear that update cache in order to re-try the update or to disable it on your next Windows Update attempt.

1. Open Command Prompt by Start -> Run and type "cmd"

2. On the Command Prompt, type "net stop wuauserv". This is done so that you will terminate the windows automatic update service to allow us to delete the cache files

3. Still on the Command Prompt, type "cd /d %windir%" or "cd\windows"

4. Type "rd /s SoftwareDistribution"

5. Thats it, the cache has been purged. Now we need to restart the windows automatic update service again. To do that, type "net start wuauserv"

Break Dancing Robot from Japan

The Japanese have been pioneering some amazing robotic technology in the past few years, and this robot improves on that by adding some 'style'. Check out this break dancing robot I found on the web!

Lenovo Unveils New AMD-Powered Business Laptops - PC World Business Center

I am a big fan of business laptops such as Dell Latitudes and IBM Thinkpads. Lenovo has never impressed me with their incarnations of the beloved Thinkpad laptops, but this new series of laptops that Lenovo is pushing seems to follow many of the design elements that made the Thinkpad such an attractive business machine. They've changed the keyboard and the matte finish has been replaced with a somewhat glossy one, but overall, the laptop is as close to the real Thinkpad experience as Lenovo is going to get.

For $449.00 you get:

Processor AMD Athlon Neo Single-Core MV-40 (1.6GHz, 800MHz, 512KB L2) Operating system Genuine Windows 7 Home Premium 32 System graphics AMD M780G with ATI Radeon HD 3200 graphics Total memory 1 GB PC2-5300 DDR2 SDRAM 667MHz SODIMM Memory (1 DIMM) Supports 2GB Hard Drive 160 GB Hard Disk Drive, 5400rpm Battery 6 cell Li-Ion Battery 2.6 Ah Integrated WiFi wireless LAN adapters ThinkPad WiFi (BGN) Wireless WAN accessories Integrated Mobile Broadband - Upgradable

Designed for extreme mobility, lightweight ThinkPad® X Series laptops deliver big in reliability, performance and durability. And with the edgy new X100e—Lenovo's first business entry ultraportable—X Series is more affordable than ever. Beyond light Lighten your load with X Series—most models weigh in at less than 3 lbs! Small footprint Starting at just 11.1" wide and 7.4" deep, crowded tables and tiny airline trays are no match for compact X Series laptops.
All-day computing The X200s model gives you up to 13.2 hours of battery life on a single charge! Spacious displays Enjoy roomy widescreens—up to 13.3" on the X301 model. Its LED backlit display helps ease eye strain, too.

Key features: - Bold color options: Midnight Black or Heatwave Red in smooth finishes - Full-sized, spill-resistant keyboard combining legendary ThinkPad feel with a more contemporary design - Lightweight with a small footprint and an 11.6" HD display - Affordable price with a variety of robust warranty options - Two navigation options: familiar TrackPoint® and an easy-to-use multitouch touchpad - New low-light-sensitive Web camera - Multiple connectivity options - Business-class operating system and corporate-level support Model Max. battery life67 X200s 4 hrs. to 13.2 hrs. X301 4.3 hrs. to 10.0 hrs. X200 3.1 to 9.8 hrs. X100e 2 to 5 hrs. Extra long battery life On the road, your laptop is only as good as its battery performance. X Series features Lenovo's Power Manager, carefully selected low-voltage processors, less power-hungry displays and the latest battery technology, allowing up to 13.2 hours* of worry-free computing. Plus Lenovo Battery Stretch lets you temporarily extend battery life in extreme circumstances. *Depending on model.

Durability X Series notebooks are tough enough to take the rigors of business travel.   • Next-generation ThinkPad roll cage on X301 and X200s   • Magnesium-alloy top and bottom covers on X200 and X200s   • Solid-state drives with no moving parts on X200, X200s and X301   • Spill-resistant keyboard   • Reliable, sturdy metal hinge construction designed for daily use

Model Max. CPU performance X200 Dual-core processor 2.40GHz X200s Dual-core processor 1.86GHz X301 Dual-core ultra-low voltage processor 1.40GHz X100e Single- and dual-core processors* 1.6GHz

Fast and energy efficient From CPUs that offer true parallel processing when running multi-threaded applications or multiple applications simultaneously to ultra-low voltage processors that balance performance and energy efficiency, X Series gives you several performance options. Need hardware-based security and integrated graphics for less battery power usage than discrete graphics? Or DirectX® 10 graphics support and enhanced visual performance? No problem. Check out all our X Series models to find the processor that's perfect for you. *Dual-core processors on X100e available first quarter 2010

Integrated fingerprint reader Built-in solutions and security   • ThinkVantage® Rescue and Recovery™ helps you recover from system crashes quickly, even if the primary operating system won't boot.   • ThinkVantage Active Protection System™ detects sudden changes in motion and temporarily stops the hard drive to help protect it from damage (not applicable to models with solid-state drives).   • Integrated fingerprint reader (not available on X100e) helps you securely access your data and easily manage your passwords.   • 32-byte pre-boot password protection, available on select X Series models, helps guard against external threats.   • ThinkVantage Client Security Solution software   • BIOS disablement of ports acts as a final layer of protection for your business-critical data.

Hack your UPS and get more run time in the data center.

Although power outages may occur only once or twice a year, when they occur, the modern office generally comes to a halt. Without internet access, email, or phone, your entire team can be left disconnected from the rest of the world. Depending on your business, this downtime can cost thousands of dollars in lost profits. One way to circumvent this problem is to create a backup power system. In this post, we will explore an 'inexpensive' option that will provide uninterrupted power while you switch over to a generator. We're talking about hacking UPS systems with larger batteries in order to extend their run time. Stay tuned for more details on locating the right parts, safety issues, and how to assemble the units.

Here is a good video giving a rough idea of what we plan to do:

Skype now support 720p HD video!

Skype users can now make high-definition video calls as long as they have an HD webcam and sufficient bandwidth and processing power. The feature is only available in the beta version of Skype.

Download the latest developer’s version here.