Monday, April 30, 2012

Sending emai in a perl script using sendmail

I needed a quick way to send an email when a script was done. Did some digging around and converted another CGI script to a plain perl script and finally got the syntax correct.
 #!/usr/bin/env perl
my $sendmail = "/usr/sbin/sendmail -t";
my $reply_to = "Reply-to: replyto\@addresshere\n";
my $subject = "Subject: Some amazing subject\n";
my $send_to = "To: destination\@addresshere\n";
open (SENDMAIL, "|$sendmail") or die "Cannot open sendmail: $!\n";
print SENDMAIL $reply_to;
print SENDMAIL $subject;
print SENDMAIL $send_to;
print SENDMAIL "Content-type: text/plain\n";
print SENDMAIL "Content here. You could also put the content in a variable above.";

Wednesday, April 18, 2012

Active Directory account caching on OS X Lion

Looks like account caching of AD accounts is dependent on the same Kerberos preauthentication issue I blogged about a couple of posts back. So unchecking the box "Do not require Kerberos preauthentication" on our user accounts resulted in network credentials being cached and network accounts able to log in even when the notification said network accounts were unavailable.

Monday, April 16, 2012

.ssh permissions

I've had the same ssh keys for years. I just rsync them to a new system when I get one. I always seem to end up with mucked up permissions moving them around and never seem to remember how the permissions were set. Here's my reminder.

~/.ssh 700
~/.ssh/authorized_keys 600
~/.ssh/config 644
~/.ssh/id_dsa 600
~/.ssh/ 644
~/.ssh/known_hosts 644

Friday, April 13, 2012

Unable to join Mac Lion 10.7.3 client to an active directory domain

Kept receiving the error using the GUI, "the plugin has encountered an error processing request". On the command line I'd get that plus the 10001 error code. My domain admin account would not work but a coworkers would. The difference? My account had the box checked "Do not require Kerberos preauthentication". As soon as that was unchecked, I was able to use my domain admin account to bind a 10.7.3 machine to an Active Directory Domain. Note that my admin account had worked on binding 10.x machines BEFORE 10.7 just fine with that box checked. We had that box checked because we have Linux machines that authenticate off our active directory domain and for accounts to authenticate, they needed that box checked.