Overview In this article, a procedure is described to generate multiple certificate signing requests (CSR) for TLS servers, such as SMTP-, IMAP- or HTTP-servers, so that we can submit them to a Certificate Authority (CA). The CA will eventually perform the signature and return a public certificate to us. A Shell and the software OpenSSL […]
Articles in Category "Administration"
Generate Certificate Signing Requests (CSRs) for TLS Server Certificates
28. November 2021 in Administration, GNU/Linux, Technik.
Methods of HTTP Caching
1. März 2021 in Administration, GNU/Linux.
Preface I find the world wide web and the spectrum of methods and instruments that make it happen full of dubiousness and opportunity alike. Caching is generally known as one of the „hard problems“ of information science, and this is not different when it comes to technologies of the web. The text presented here, as […]
Comparing Distinguished LDAP Names
6. August 2020 in Administration, GNU/Linux, Programmierung.
In a Bourne Shell script, a distinguished name (DN) for performing an LDAP-query is held in a variable: dn=“cn=Malmø,ou=County Capitals,dc=Sweden,dc=Europe“ For the purpose of demonstration, this example DN contains a non-ASCII character. Let’s write a Bourne Shell function that escapes such special characters as requested by RFC 4514 using perl’s Net::LDAP::Util: canonical_dn() { perl -s […]
Determining User Access on a Linux Filesystem with „Classic Permissions“
30. November 2021 in Administration, GNU/Linux.
Introduction Looking at a Linux filesystem, checking if a certain file or directory is accessible for reading, writing or executing by certain users or groups poses interesting challenges. Let the basic and seemingly simple question be: „Given a user X and a file Y, can it be determined if X has access to Y, and […]
AD-Precreation using ktutil, kinit and adcli
4. Dezember 2019 in Administration, GNU/Linux.
Using computer object precreation you can enable machines to join an Active Directory domain with knowledge of just one dedicated one-time-password. Combined with delegation you can offload management of computer objects to an otherwise unprivileged AD user.
In Powershell das Piepen bei Backspace abstellen
7. April 2017 in Administration.
Folgendes Verfahren habe ich auf Windows 10 Home durchgeführt: In einer Powershell werden einige Vorbereitungen durchgeführt: # Profil erstellen, falls nicht vorhanden if (!(test-path $PROFILE)) { new-item -type file -path $PROFILE -force } # Skript-Ausführungs-Richtlinie ändern: Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force # Profil-Skript editieren: notepad $PROFILE Hinweis: Die Ausführungsrichtlinie RemoteSigned erlaubt das Ausführen von Skripten auf […]
Rejecting Microsoft Executables and Office Documents with Postfix
16. Juli 2020 in Administration, GNU/Linux.
Update July 16th 2020: A reader has pointed out to me that the regular expression did not (or did not always) match if the filename of the attachment contained non-ASCII characters, opening a simple way to circumvent this header check. I was able to reproduce this behavior by sending a mail with a single attachment […]
Basic Example for Response-Policy-Zones with BIND
31. Oktober 2015 in Administration, GNU/Linux.
I would like to emulate a public DNS entry that does not exist yet, while i am developing the service that will use this name on an intranet server. Let a public domain name i develop the service for be myservice.my-cool-domain.biz. When working in my intranet 192.168.2.0/24, i want to override whatever public DNS resolves […]