Quand on a le probleme suivant dans SUSE en faisant les mises a jour:
ERROR(You:rpm failed
————
Prendre la DB YOU en backup:
cd /var/lib
tar cf /tmp/rpm.sav.tar rpm
Recréer la BD.
cd /var/lib/rpm
rpm -vv –rebuilddb
Archive
Archive for avril, 2009
[print_link]
Basically the setup details are:
SLES9: 192.168.1.10
Windows 2003 Server: 192.168.1.1
Required RPM: heimdal-lib(kerberos), samba-client, samba-winbind, samba, sudo, xntp, glibc, pwdutils, openssh.
A. Time synchronization
Ensure Clock synchronization between your SLES9 and AD. Type #rcxntpd start
B. Kerberos setup
Edit /etc/krb5.conf
[libdefaults]
default_realm = AD.YOURDOMAIN.COM
clockskew = 300
[realms]
AD.YOURDOMAIN.COM = {
kdc = ad01.ad.yourdomain.com
default_domain = ad.yourdomain.com
admin_server = ad01.ad.yourdomain.com
}
EXAMPLE.COM = {
kdc = kerberos.example.com
admin_server = kerberos.example.com
}
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICE:DAEMON
[domain_realm]
.ad.yourdomain.com = AD.YOURDOMAIN.COM
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 1
try_first_pass = true
}
Note: Be careful here. It’s CASE SENSITIVE and please make sure you can PING each others.
C. Samba setup
Edit /etc/samba/smb.conf
[global]
winbind separator = +
winbind cache time = 10
winbind use default domain = yes
workgroup = ADYOUDOMAIN
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
idmap gid = 10000-20000
idmap uid = 10000-20000
realm = AD.YOURDOMAIN.COM
security = ADS
template homedir = /home/%U
template shell = /bin/bash
password server = server.example.com
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n
Retype*new*password*%n\n*password:*all*authentication*tokens*updated*successfully
Pam password change = Yes
The example show as above is not complete. Please focus on realm and security.
D. /etc/nsswitch.conf setup
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases: files
E. PAM configuration
/etc/pam.d/passwd
auth required pam_unix2.so nullok
auth sufficient pam_winbind.so
account required pam_unix2.so
account sufficient pam_winbind.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_unix2.so
/etc/pam.d/sshd
auth sufficient pam_winbind.so
auth required pam_unix2.so # set_secrpc
auth required pam_nologin.so
auth required pam_env.so
account sufficient pam_winbind.so
account required pam_unix2.so
account required pam_nologin.so
password sufficient pam_winbind.so use_authtok
password required pam_pwcheck.so
password required pam_unix2.so use_first_pass use_authtok
password required pam_unix2.so use_authtok
session required pam_unix2.so none # trace or debug
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
session required pam_limits.so
/etc/pam.d/login
auth required pam_securetty.so
auth required pam_env.so
auth sufficient pam_winbind.so
auth sufficient pam_unix2.so nullok use_first_pass
auth required pam_deny.so
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_unix2.so
password sufficient pam_winbind.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
session sufficient pam_limits.so
Note:
Notice the highlighted pam_mkhomedir.so line. This helps to create a home directory in Unix if one does not already exists with umask 077 so that
only the user has access to it. Also, the highlighted pam_winbind.so will allow the authentication to the AD server.
/etc/pam.d/sudo (sudo rpm require)
auth sufficient pam_winbind.so
auth required pam_unix2.so
F. Join Domain
Make sure Samba and Winbind are stop
#/etc/init.d/smb stop
#/etc/init.d/winbind stop
For Debugging purposes kindly Disable the nscd Caching Daemon from all runlevels and stop nscd daemon if it is running with the following commands:
#/etc/init.d/nscd stop
#chkconfig nscd off
Make sure kerberos is working properly
#kinit domainadministrator@AD.YOURDOMAIN.COM
Enter your administrator password if required
Type #net ads join -U domainadministrator
Domainadministrator’s password:
Using short domain name — AD
Joined ‘AD.YOURDOMAIN.COM’ to realm ‘AD.YOURDOMAIN.COM’
You should be connect to Microsoft AD now. Now see if you can retrieve the Domain Information with the following commands:
wbinfo -u (Lists all domain users)
wbinfo -g (Lists all domain groups)
G. Testing
Open a new Putty SSH session, login with adyourdomain\youradusename and password
Note: Please make sure your winbind(/etc/init.d/winbind start) services is running.
If you’re require sudo, type #visudo and insert:
%ADYOURDOMAIN\\adgroupnamehere ALL=(ALL) ALL
and save.
After login as normal user and type #sudo su -
You’re require to enter your password for access as root.
Congratulations! You’re done!
source: http://www.planetmy.com/blog/how-to-authenticate-to-active-directory-on-suse-linux-9/
Enfin du beau temps, le toit est baissé 
Jusqu’à la prochaine pluie. 
Patchouli est avec nous depuis le 9 decembre 2007.
Voici quelques photos.
Voici les commandes de compilation optimales pour apache et PHP5
APR:
./configure –prefix=/usr/local/apr –with-devrandom=/dev/urandom
APR-UTIL:
./configure –prefix=/usr/local/apr –with-apr=/usr/local/apr
APACHE:
./configure –prefix=/usr/local/apache2_php5_ssl –disable-include –disable-asis –enable-vhost-alias –disable-negotiation –disable-actions –disable-userdir –enable-rewrite –enable-so –enable-ssl –with-mpm=prefork –with-apr=/usr/local/apr –with-apr-util=/usr/local/apr –libdir=/usr/local/apr/lib
PHP:
‘./configure’ ‘–prefix=/usr/local/apache2_php5_ssl/php’ ‘–with-apxs2=/usr/local/apache2_php5_ssl/bin/apxs’ ‘–with-zlib’ ‘–with-mysql’ ‘–with-gd’ ‘–with-jpeg-dir’ ‘–with-openssl’ ‘–with-curl’ ‘–enable-exif’ ‘–with-mysqli=/usr/bin/mysql_config’ ‘–with-mhash’ ‘–with-imap’ ‘–enable-mbstring’ ‘–with-kerberos’ ‘–with-imap-ssl’ ‘–enable-ftp’ ‘–enable-imap’
Voici le manuel en format PDF. Jeep_Wrangler_2008_UserManual
Et le Service Manual en PDF: Jeep Wrangler 2008 Service Manual
Manuel d’installation de la suspension Zone Offroad 3″
Manuel d’installation du Steering Stabilizer
Bye bye l’asphalte. J’ai passé la journée à apprendre à utiliser le « jackhammer » Vraiment cool comme outil.
On a aussi rempli le truck de terre pas chere lol
J’ai fais installé le Pioneer AVIC-f90BT.
wow Le Iphone fonctionne numéro uno avec.
