netpass-users Mailing List for NetPass (Page 2)
Brought to you by:
jeffmurphy
You can subscribe to this list here.
2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(5) |
Oct
(4) |
Nov
(1) |
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(2) |
Jun
(27) |
Jul
(15) |
Aug
(14) |
Sep
(22) |
Oct
|
Nov
(5) |
Dec
(1) |
2006 |
Jan
|
Feb
|
Mar
(18) |
Apr
(4) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(2) |
Sep
|
Oct
|
Nov
|
Dec
|
From: Jeff M. <jcm...@os...> - 2005-11-14 22:10:33
|
On Mon, 2005-11-14 at 16:36 -0500, Alex Vyhmeister wrote: > FAILED: Not sure how to install packages on this system! > A fatal error has occurred. Check the log file for details. > unsupported operating system rel= ver= at ./install line 286. > the installation script only 'knows' about RHEL and Fedora. in other words, it only knows about 'yum' and 'up2date'. you might be able to modify the lines around #286 so that it calls apt-get to install those packages. i dont have debian installed anywhere, so i cant easily do this or test it. > I've already installed all equivalent packages for the ones it asks for. > I've looked at the install file, but I don't know what changes to make > in the code so that it will just ignore the fact that the kernel isn't RH. if the packages are installed, then just put "return;" near the top of the subroutine that installs those packages so that the installation can continue. |
From: Alex V. <vyh...@an...> - 2005-11-14 21:38:11
|
I'm not doing a high-availability installation. This is the error I finally get when I try a ./install Installing requisite packages: vconfig squid dhcp perl perl-DBI perl-Filter libgd libgd-devel gd gd-devel libpng libpng-devel libjpeg libjpeg-devel reiserfs-utils expat-devel net-snmp FAILED: Not sure how to install packages on this system! A fatal error has occurred. Check the log file for details. unsupported operating system rel= ver= at ./install line 286. I've already installed all equivalent packages for the ones it asks for. I've looked at the install file, but I don't know what changes to make in the code so that it will just ignore the fact that the kernel isn't RH. Please help. Alex Vyhmeister |
From: jeff m. <jcm...@os...> - 2005-11-10 19:26:34
|
On Thu, 2005-11-10 at 11:59 -0500, Alex Vyhmeister wrote: > Is there any way to implement NetPass on a Debian kernel? > yes. 1) if you don't intend to deploy it with the high-availability option, then you can just go ahead and install/configure the packages. the install script assumes RH, so you might have to do some things by hand. or 2) if you want to use HA, then you can dig up the 'hidden' patch (http://www.linuxvirtualserver.org/) for debian, if it's needed. sometimes kernel patches are generic and apply across distributions. when apply the netpass kernel patch to the redirectors, you can either try the RH patch we have or do it by hand. it's just a one-line change in the kernel source. examine the patch for details. if you get stuck, send a message to the list. jeff |
From: Alex V. <vyh...@an...> - 2005-11-10 16:59:49
|
Is there any way to implement NetPass on a Debian kernel? |
From: Alex V. <vyh...@an...> - 2005-11-10 16:49:59
|
Is there any way to make NetPass run on a Debian kernel? |
From: Jeff M. <jcm...@os...> - 2005-09-21 19:53:16
|
fixed. in CVS On Wed, 2005-09-21 at 14:37 -0500, Julian Y. Koh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > If I'm editing a message and click the "cancel" button, I get kicked out to > the Admin login screen. > > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.0.2 (Build 2425) > Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> > > iQA/AwUBQzG2eg5UB5zJHgFjEQJgmgCbBShkqosQmoVMO4Z/Ei8ij4y3SLEAnjYG > M1GhtRH51+5tUgXp6XW/5yPy > =3fBx > -----END PGP SIGNATURE----- |
From: Julian Y. K. <ko...@no...> - 2005-09-21 19:38:05
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If I'm editing a message and click the "cancel" button, I get kicked out to the Admin login screen. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQzG2eg5UB5zJHgFjEQJgmgCbBShkqosQmoVMO4Z/Ei8ij4y3SLEAnjYG M1GhtRH51+5tUgXp6XW/5yPy =3fBx -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Julian Y. K. <ko...@no...> - 2005-09-21 16:28:23
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 12:25 -0400 09/21/2005, Jeff Murphy wrote: >done. in CVS You the man. Thanks!! -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQzGKFA5UB5zJHgFjEQJqHgCdFFKw3cKkeiMF1JDR7L1pNhS2ckAAn2gG k++paUYGgCAgcnV55H6w5c/Z =GmeX -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Jeff M. <jcm...@os...> - 2005-09-21 16:26:04
|
done. in CVS jeff On Wed, 2005-09-21 at 11:15 -0500, Julian Y. Koh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > There doesn't seem to be an audit log entry generated when an admin user > changes an issue to "fixed" from "pending" or "user-fixed". We would like to > be able to track this information since sometimes our tech support people may > say something is fixed when it isn't really, and it'd be nice to have those > log messages to support our positions. |
From: Julian Y. K. <ko...@no...> - 2005-09-21 16:15:41
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There doesn't seem to be an audit log entry generated when an admin user changes an issue to "fixed" from "pending" or "user-fixed". We would like to be able to track this information since sometimes our tech support people may say something is fixed when it isn't really, and it'd be nice to have those log messages to support our positions. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQzGHHw5UB5zJHgFjEQIA9wCfSCZZD48CzGS54wGKGycnVbZjSQkAn0AG R4vfrc3X7y8ApyRPqLQVf07W =rXJ9 -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: jeff m. <jcm...@os...> - 2005-09-17 02:36:34
|
On Fri, 2005-09-16 at 17:29 -0500, Julian Y. Koh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > I wonder now if perhaps toolbars and other things that are constantly trying > to update information via HTTP are causing NetPass to get confused by having > a large number of sessions open, perhaps even overflowing the total number of > sessions that NetPass/Apache can handle and thus putting some people back > into the LOGIN phase. that could possibly be true. we periodically report on top-URLs and instruct mod_rewrite to deny those. attached is the current list that we filter. we generate this list by doing a simple awk/sort/uniq on access_log and looking for urls that are obviously coming from automated apps. the sessions, even though there are many of them, are mostly short- lived. so unless you see many hundreds of httpd processes running, that's probably not what's happening. have you put the latest netpass code in place along with disabling cookies per the instructions i sent out a week or two ago? that should resolve any toolbar related looping issues (which we saw here at UB as well). jeff |
From: Julian Y. K. <ko...@no...> - 2005-09-16 22:30:05
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In the past, the main problem with people looping through the NetPass registration process (ie, after the Nessus scan is complete and passed, the user goes back to the initial Login page) was either not accepting cookies and/or bad date/time outside the cookie validity range. However, this year we're still seeing a fair number of people with this problem. The cause for some of them appears to be misconfiguration in some cases, in that if their switch isn't properly entered into the NetPass VLAN map, the port never gets flipped to the UNQUAR VLAN. I wonder now if perhaps toolbars and other things that are constantly trying to update information via HTTP are causing NetPass to get confused by having a large number of sessions open, perhaps even overflowing the total number of sessions that NetPass/Apache can handle and thus putting some people back into the LOGIN phase. Does that sound like a reasonable hypothesis at all? -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQytHYw5UB5zJHgFjEQIG0ACgglXXxRemtcpHPmvQLF1jsVjSPAQAoNpq sHRL0nLUOJx5HjxAmmrYg8kq =J7nN -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Jeff M. <jcm...@os...> - 2005-09-14 19:34:16
|
On Wed, 2005-09-14 at 14:31 -0500, Julian Y. Koh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > At 15:07 -0400 09/14/2005, Jeff Murphy wrote: > > > >try adding > > > >-force => 1 > > > >to line 359 of qc.mhtml > > That's line 659, and this does appear to work. Thanks!!!!! added to CVS |
From: Julian Y. K. <ko...@no...> - 2005-09-14 19:31:50
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 15:07 -0400 09/14/2005, Jeff Murphy wrote: > >try adding > >-force => 1 > >to line 359 of qc.mhtml That's line 659, and this does appear to work. Thanks!!!!! -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQyh6eA5UB5zJHgFjEQIMcQCcDkoWNkySzAzsHP0Rvw9+X35OQ5IAn35R woXkNsDSDwMNoywke6mloSuQ =cKxA -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Jeff M. <jcm...@os...> - 2005-09-14 19:08:03
|
try adding -force => 1 to line 359 of qc.mhtml and re-do the operation. i dont think a restart of apache will be needed. the line should look like this after you make the change $resultsRV = $np->db->addResult(-mac => $mac, -type => 'manual', -force => 1, jeff On Wed, 2005-09-14 at 13:57 -0500, Julian Y. Koh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I'm trying to put a host into PQUAR and assign it a message that's defined in > our Resnet group. When I do that, the port gets switched to PQUAR properly, > but I get a message that says > > <mac address> failed to update database: invalid manual id > > If I save a copy of that message to the default group and then use that > message instead of the message defined in the Resnet group, then everything > works fine. > > Any idea what could be causing this? > > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.0.2 (Build 2425) > Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> > > iQA/AwUBQyhynw5UB5zJHgFjEQLkjwCgycvttF6W4ZvrVKJE5gxyV8XPTEIAoP9x > 1lLKBjOT3LA6DZxRLC7RAjMV > =UrT4 > -----END PGP SIGNATURE----- > -- Jeff Murphy <jcm...@os...> |
From: Julian Y. K. <ko...@no...> - 2005-09-14 18:57:48
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm trying to put a host into PQUAR and assign it a message that's defined in our Resnet group. When I do that, the port gets switched to PQUAR properly, but I get a message that says <mac address> failed to update database: invalid manual id If I save a copy of that message to the default group and then use that message instead of the message defined in the Resnet group, then everything works fine. Any idea what could be causing this? -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQyhynw5UB5zJHgFjEQLkjwCgycvttF6W4ZvrVKJE5gxyV8XPTEIAoP9x 1lLKBjOT3LA6DZxRLC7RAjMV =UrT4 -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Julian Y. K. <ko...@no...> - 2005-09-13 14:59:20
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 10:55 -0400 09/13/2005, Jeff Murphy wrote: >we use this list for microsoft. Ah, cool. Looks like in this case we needed to allow go.microsoft.com. We'll get the others added as well. Thanks!!!! -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQybpPw5UB5zJHgFjEQLCqwCfT+GC3I+LBosDCOcvibulEixEdGkAn21t PNYQmUjAdJ/+3MpMwzDHulBh =I826 -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Julian Y. K. <ko...@no...> - 2005-09-13 14:31:35
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We're getting reports that our users are unable to get through the Windows Validation portion of Windows Update - they get redirected to the NetPass pages instead. What URL/domain do we need to allow in the squidguard config to allow this through? It's not immediately apparent from the browser. At least according to the user... -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQybivQ5UB5zJHgFjEQIqlwCgrGsf9SJrNX/88TOv9VPDKKy6x3sAn2xc QS0N8KwYv2hLOtbl5Fh75H62 =oruC -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Julian Y. K. <ko...@no...> - 2005-09-12 19:09:42
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 16:29 -0400 09/06/2005, Jeff Murphy wrote: >added to cvs > > >On Tue, 2005-09-06 at 10:58 -0500, Julian Y. Koh wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Would it be possible to sort lists of networks, switches, etc by IP >> address instead of by pure number sorting? How about doing this same sorting in the Networks list in the User Editor? Actually, what would be cool is if all the named netgroups show up in the list before the list of networks, since most likely all interaction is going to be done by adding people to netgroups, not networks. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQyXScA5UB5zJHgFjEQLKkQCglypWAkHnU+97cTf75eJSIT+GKSEAn2bl CKF78m4wmmKxpSrrIv9pwOKQ =6xOU -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |
From: Jeff M. <jcm...@os...> - 2005-09-07 17:01:36
|
On Wed, 2005-09-07 at 10:44 -0500, Robert Vance wrote: ` > [rev@npw1 ~]$ diff /opt/netpass/lib/NetPass.pm > /opt/netpass-src/NetPass/lib/NetPass.pm > 527d526 > < my $myNW = shift; > 548c547 > < my $ifIndex = $snmp->get_mac_port($mac, $myNW); > --- > > my $ifIndex = $snmp->get_mac_port($mac); > 569c568 > < $mac, $loopctl, $myNW); > --- > > $mac, $loopctl); > 620c619 > < $mac, {}, $myNW); > --- > > $mac, {}); > > > Jeff, if this doesn't break anything of yours can this be added to the > NP source tree? > > i dont see any problem with making that change. can you send me a unified diff (diff -u) ? jeff |
From: Robert V. <re...@no...> - 2005-09-07 15:44:45
|
We've been applying the following patch to NetPass.pm to enable the tree search functionality in the Cisco.pm module. The reason for this is roughly as follows. NP given a mac address will look at the address cache (via SNMP) of the switch to find if that mac is there and what port is it on. The problem with the cisco's is that the address table community string is indexed by the vlan number. So there seems to be to two choices: 1) To make a "direct" snmp call we need the network or IP address of the host so we can determine the vlan numbers we need. Unfortunately the network is not passed to the Cisco module. To pass it we need to pass it down from a couple of layers above. Not a big deal but it does change a couple modules (adding one parameter to a procedure call). This is what we did for np1 last year. 2) We can do this without changing anything external to the cisco module but it will be less efficient. Basically what we have to do without having the network is walk the address tables for all the netpass vlans on the switch. And if we can't find out the particular netpass vlans for a switch, we'll need to walk all vlans on the switch until we find the mac address. So if a given switch has 30 vlans, we may need to make up to 30 snmp calls to go through the complete mac address table of the switch. This seems potentially less efficient than linear searching and so should not be used. [rev@npw1 ~]$ diff /opt/netpass/lib/NetPass.pm /opt/netpass-src/NetPass/lib/NetPass.pm 527d526 < my $myNW = shift; 548c547 < my $ifIndex = $snmp->get_mac_port($mac, $myNW); --- > my $ifIndex = $snmp->get_mac_port($mac); 569c568 < $mac, $loopctl, $myNW); --- > $mac, $loopctl); 620c619 < $mac, {}, $myNW); --- > $mac, {}); Jeff, if this doesn't break anything of yours can this be added to the NP source tree? rev |
From: Jeff M. <jcm...@os...> - 2005-09-07 13:08:11
|
On Wed, 2005-09-07 at 09:01 -0400, Don Rugh wrote: > To All, > > > Aside from using a MySQL DB utility, is there anyway to: > > > - edit an existing record in the client database, or > - delete a single record? > > > We have a situation where a student registered their computer using > their roommate's account (no policy violations here...!!!!), and need > to correct the DB......didn't know if we were missing some > functionality somewhere, or if these functions were just not > supported. > if you just want the username updated, set the machine to QUAR and they will need to log back in. the record should be updated. there's no way to delete a single record via the web ui. you would just connect via any mysql util and issue the appropriate SQL command. > > Thanks, > Don > > Donald G. Rugh > > Director of Network Services > > Information Services > > Saint Vincent College > > 300 Fraser Purchase Road > > Latrobe, PA 15650 > > 724-805-2559 > > don...@em... > > > > -- Jeff Murphy <jcm...@os...> |
From: Don R. <don...@em...> - 2005-09-07 13:01:55
|
To All, Aside from using a MySQL DB utility, is there anyway to: - edit an existing record in the client database, or - delete a single record? We have a situation where a student registered their computer using their roommate's account (no policy violations here...!!!!), and need to correct the DB......didn't know if we were missing some functionality somewhere, or if these functions were just not supported. Thanks, Don Donald G. Rugh Director of Network Services Information Services Saint Vincent College 300 Fraser Purchase Road Latrobe, PA 15650 724-805-2559 don...@em... |
From: Julian Y. K. <ko...@no...> - 2005-09-06 22:10:23
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The By Client report doesn't appear to use the Username: variable, so the users get listed in a "UBIT Name" column. This is just a cosmetic issue. Low priority. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBQx4Tyg5UB5zJHgFjEQJyDwCgtroB1DxCC1/LyeXW5wOOf0M7mAgAoKNa sIx/cvH0kmcjFXMMLHosHATB =dwda -----END PGP SIGNATURE----- -- Julian Y. Koh <mailto:ko...@no...> Network Engineer <phone:847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> |