Tuesday, July 9, 2013

rancid and relays using usercmd patch

As I've blogged before, rancid is a really awesome new cisco config differ.
I monitor about 100 devices, and all was well so far.
Now I've come across a device that I can't reach directly from my rancid host. It's not possible to create a direct network connection, or to use ssh tunnels or netcat to forward those ports using a relay host.
Instead I found a much simpler and more elegant solution. Albeit this involves patching rancid.

Monday, July 1, 2013

TortoiseSVN 1.8.0 and NTLM Authentication on Windows

Subversion 1.8.0 was released recently, and my favorite svn client was updated, too. I had hoped this update to go down smooth, just like going from 1.6 to 1.7 in the past.
This time around there are some authentication issues it seems. TortoiseSVN has dropped neon and relies now solely on serf to handle HTTP(S) authentication.

The release notes mention some server-side configuration changes for optimal performance, but they fail to mention that serf doesn't play nice with NTLM authentication. It does work well with Kerberos though.

So, if you've set up Apache like I described here or here, just add this line to make Kerberos the default and have  TSVN 1.8.0 play nice with single-sign-on.
SSPIPackage Negotiate
This will change the default authentication schema (NTLM) to Kerberos. This will cause TortoiseSVN < 1.8 to prompt for username and password, because the underlying neon library cannot handle Kerberos. TortoiseSVN 1.8 and later will be fine though.
You can force older clients to use serf for specific servers though. I've previously written about it here.

There is a big discussion going on in the subversion-dev mailing list about how to best fix this behavior. It is expected that TortoiseSVN 1.8.1 will include a fix for this issue.

This issue and the fact that most SVN tools still haven't been built on top of subversion 1.8 means that you should stay on TortoiseSVN 1.7.x for now.

Tuesday, June 25, 2013

CollabNet Subversion Edge 4.0 with SSPI WSGI and trac

CollabNet released Subversion Edge 4.0 recently, as they've written here. As you know I've been using this to host our Subversion and trac server. I've made a few tweaks and additions but I've never had any issues with updating Subversion Edge. Until now, that is.

Monday, April 22, 2013

XenServer 6.1, Dell OpenManage and SNMP

I finally updated our productive environment to XenServer 6.1. The upgrade went without a hitch, but there are still many issues with Windows VMs and the XenTools. In the end completely removing the XenTools and reinstalling them did the trick.

Anyway, this post is about Dell OpenManage and SNMP. I've found a spot-on post in the Citrix forums here - thanks Josh Phillips. Read on for the details.

Friday, March 29, 2013

OpenMediaVault & XBMC

I recently stumbled upon OpenMediaVault (OMV), a Linux distribution specific for NASes based on debian squeeze. It's inspired by FreeNas as I gathered.

Thursday, March 28, 2013

SQL Server Update Woes

There are various issues that can happen when trying to update SQL Server. For almost all there are workarounds, and they usually work well.

Today I had a trickier experience, and thought I'd share my findings. I wanted to install KB2494113 - "Security Update for SQL Server 2005 Service Pack 3". I got error 57A through Windows Updates. So I had to resort to downloading and installing the update manually.

Friday, March 8, 2013

XenServer 6.1

As I've previously written about here, I'm using the Citrix XenServer. I've been using the free version in a production environment for a few years now. Sure, there were minor issues or hiccups, but no deal breakers.

I'm still running XenServer 5.6, although XenServer 6 and even 6.1 were already released.
Why didn't I upgrade yet?

Tuesday, January 8, 2013

TortoiseSVN with kerberos authentication

I'm a big fan of TortoiseSVN (TSVN, short) on Windows. Working with multiple SVN servers and different authentication methods has its pitfalls, however.
I just found out how to make the current TSVN (1.7.11 as of this writing) work with Kerberos authentication on a Linux server that uses krb5 as I previously described here.