Making ejabberd 14.12 work with Microsoft Windows Active Directory LDAP

Wireshark tcpdump LDAP example

Why ejabberd? My office uses Google Talk for intra-employee instant messaging. This Monday all users got a broadcast message from Google saying that the Google Talk desktop client will cease working on February 15. (Though this may be an old automated notification from when Google was threatening to EOL Talk last February.) Update (2015-03-09): They finally did kill Talk for Windows as of February 23, 2015. Of course we can’t take the risk of Google actually shutting down our IMs, and I personally don’t like the new Hangouts Chrome app. Moreover, we want to limit employees to only messaging other people in our organization. We also don’t necessarily want Google being a party to all of our communication. That means … Continue reading

Sprint / Netgear 6100D 4G Antenna Installation (Video)

What’s all this, then?

Back in August I reviewed the Netgear 6100D from Sprint and followed up with a post detailing some advanced configuration options.

The Video

I also installed a flat panel 4G antenna from 4G Antenna Shop. I made a video detailing the unboxing and installation (which I just got around to editing together):

It’s my first video of this sort, so if you have any feedback please let me know in the YouTube comments or by email!

4G Antenna Shop

I didn’t get into it in the video, but overall I’d recommend 4G Antenna Shop. The cable and antenna I got were both of very high quality and definitely worth the price.

Their customer service was great; I had a couple of questions about my order, and one of their guys (Robert) got back to me within 15 minutes and was extremely helpful. They shipped really quickly, too.

I did have two minor issues, both of which I talk about in the video:

During checkout they give you the option of selecting your device so that they can provide the correct adapters to go from the cable (if you order it through them) to the device. At the time I’d ordered, they had an option for “Netgear Sprint Spark LTE”, which I thought was the Netgear 6100D. There was no separate option for the 6100D, but it turned out that they were referencing a different product, and so I received the wrong adapters. (They’ve since added the 6100D as an option.)

I chalked this up to being mostly my fault, as I didn’t know that there was another Netgear LTE device out there for Sprint Spark.

My other issue was with the packing job. Again, it’s a minor complaint because nothing was damaged, but the box arrived pretty beaten up with holes in the top from the antenna mount having poked through. There was no packing material to keep the box rigid, and the antenna and cable were just sorta rattling around inside.

Bear with Me…

Oh, and sorry if I rambled on a bit in the video. If you couldn’t tell from a lot of my other posts on here, I have an aversion to brevity. :)

I’m hoping to get some more how-to and instructional videos out there in 2015, so please subscribe to my YouTube channel!

(Hey, I’m allowed to shill for myself, right?)

Bash “Shellshock” Bug – Quick Vulnerability Test and Patch

Shellshock

This is not meant as a comprehensive guide to the Bash “shell shock” bug, but as a quick reference to test and patch for the vulnerability. First, test your version of Bash with this line: env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” If you get the world “vulnerable” in your output then you need to update Bash: vulnerable this is a test If your output contains errors followed by “this is a test”, then your Bash version is not vulnerable: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test Check to see if your distribution has an updated/fixed version of Bash available in its repository. … Continue reading

Integrating Bullhorn with Exchange 2003 Using Journaling and Forwarding

Bullhorn vs. Exchange

Bullhorn vs. Exchange 2003 One of the companies for which I manage IT uses Bullhorn’s applicant tracking software for their recruitment workflow. That company also uses the now-ancient Exchange 2003 for their email. But, Bullhorn doesn’t officially support integration with Exchange 2003. What’s involved? First off, “integration” is a strong word. It implies that our servers will pass information back and forth and stay in some meaningfully synchronized state. That’s not the goal in this case. The integration simply consists of passing all emails that are sent and received by our recruiters to Bullhorn’s servers. Once Bullhorn receives the emails, they’re parsed and can be viewed in the Activity Center and/or under the contact record to which they apply (using … Continue reading

Netgear LG 6100D Sprint LTE Gateway – Advanced Configuration

Netgear 6100D Native GUI Backup and Restore Settings

Man, oh man! I was getting frustrated with my new 6100D LTE gateway from Sprint. In fact, I posted a very long rant about it yesterday. This post is all about solutions. Really, it’s about one very big solution: http://[Netgear 6100D Address]/index.asp What is that? Oh, not much, just the native Netgear configuration GUI. It has about ten times the feature set of Sprint’s half-baked GUI. Seriously. Already have a problem? This didn’t happen to me at first, but I must have triggered some state within the 6100D that causes this screen to appear when returning to the Netgear GUI after having used the Sprint GUI: If you find yourself redirected to this utterly pointless landing page, just change the … Continue reading

Netgear LG 6100D LTE Gateway for Sprint Review – Bad Device, or the Worst Device?

Netgear Joke 9000

I recently obtained a Netgear LG6100D LTE Gateway from Sprint as a backup for my hard internet connections. The device seemed perfect on paper: Cellular connectivity for the home or business network! I’ve used some bad consumer routers in my day, but this is one of the worst I’ve encountered. Or maybe it’s that it looked so promising at first and then let me down so hard. Update (2014-08-26): I found that you can access the native Netgear web GUI. It has a heck of a lot more features, and solves many of the complaints I have with the “correct” way of configuring this device. Upon logging in the user interface is clean, fairly informative, and I noticed that the … Continue reading

Oh, Pebble! You have a great product that’s being ruined by your support.

pebble_case_24XXXX_mq_sanitized

Two important things before I get started: I really like the original Pebble Smartwatch.  I’d probably like the Steel as well, but I haven’t tried it. I have a lot of respect for Pebble as a company.  It came into being through crowdsourced funding and actually delivered the product it promised. However, after about 6 months of ownership, my watch stopped vibrating.  Trying to resolve this issue was my first interaction with Pebble support, and hopefully will be my last.  Their process is slow, detrimental, and offensive. You may wonder at that last one:  “Offensive?” My gripe isn’t with the particular customer service person that handled my case.  (In fact I’ve redacted their name from this post.)   The CS … Continue reading

Fix for: Keepalived router enters fault state on link down

keepalived_logo

TL;DR: This is the configuration option you want: dont_track_primary At work and at home I have pairs of redundant “core” routers in an active-passive (or master-backup as you like) configuration. They consist of commodity hardware, a few 4-port gigabit NICs, and CentOS. All of these machines had been running flawlessly for anywhere from two to six years (as they were put into service or upgraded). That is until yesterday when my primary router at home had an SSD failure which completely stopped it in its tracks. The backup router took over, and in less than a second traffic was being routed. All of my point-to-point VPNs reconnected within about 20 seconds. In other words, it worked exactly as it should. … Continue reading

Redundant email servers with soft-fail (450) vs. hard-fail (550)

postfix_soft_fail

I manage a fairly large number of incoming mail exchangers, which are numerous both to handle large message volumes as well as to provide redundancy. In most cases, these mail servers are Postfix with MySQL providing virtual alias maps, transport maps, relay domains, and virtual alias domains. Unfortunately the Postfix+MySQL implementation isn’t always 100% great. On very rare occasions the Postfix instance may fail to communicate with the MySQL server, for any number of reasons. From the perspective of the sender’s MX, this usually results in a 550 status code (often given as “Relay access denied”). This is a hard-fail, in that it tells the upstream MX that the recipient they’re trying to reach is permanently unavailable. The upstream MX … Continue reading

SAN with Linux Cluster and CLVM: Is it Necessary?

remove_clustering_services

To answer the title of this post in one word: No. But as with all things computer related, that “no” needs to be followed by the caveat: “Well, it depends upon your needs.” From what I’ve seen, Linux clustering was designed primarily for high-availability services, with only a secondary effort to share disk resources across nodes. I have tried — and would never use in production — Linux clustering services for a VM host cluster. I know other people have done it and will continue to do it, but a properly configured (and managed) VM cluster does not need true clustering. (Again, “depending upon your needs”). Linux clustering requires fencing. (It didn’t always, but now it does). Fencing is a … Continue reading