Craig Box's journeys, stories and notes...

Archive for August, 2006

Where did he go?

Thursday, August 31st, 2006

I've gone quiet! What have I been doing?

The last three were done in the company of (and with thanks to) Cathy, who now has far less hair.


Monday, August 21st, 2006

Windows Administrator Challenge: Temporary password changes

Monday, August 21st, 2006

I've yet to post something so sensational (or trollworthy, or just "noticed by Digg") to build up a loyal readership of thousands. I'm sure it'll come eventually. I need to do a couple of things: pimp myself to various Planets, and decide exactly what it is I write about. Generally, it's "things related to what I'm working on", which may or may not be of interest.

My last plea for help didn't turn anyone up. Here's another one that hopefully Google will one day turn up for someone who is bored and has the knowledge and skill to do this, or I'll get bored myself, and acquire the knowledge and skill to do it. Perhaps when it's cricket season again..

I want a simple add-on for the Active Directory Users & Computers MMC utility that does the following things:

  • Allows you to change a password for a user, and more importantly
  • Saves the original password, so you can reset it later.

No more will you have to ask a user for a password to log into their machine and fix something wrong with their specific profile or operating environment, or change their password and tell them to change it back when you're finished. The script will copy the crypted password to an unused LDAP attribute on the account, and then copy it back when finished - without ever having to know what the password is. By standard means, it's not possible to read the password hash out of AD, so I'm currently seeking help from the newsgroups.

Daniel Petri's help pages have examples on how to extend AD to add options to the context menu for a user, to run VB scripts.

NetworkManager PPTP plugin: One Ubuntu package, hold the pepper!

Saturday, August 19th, 2006

Please see the updated NetworkManager PPTP Plugin for Ubuntu page. Thanks!

Some time after blogging about getting NetworkManager's PPTP plugin checked out of CVS, I have some news to report.

Tony Mee is a legend. The author of the plugin has spent a lot of time with me, by e-mail, Jabber and Skype, accepting bugfixes, working on solutions, explaining things slowly for my non-programmer-brain. Most of the work done has been by him. I can't thank him enough here.

A few points to note first:

  • This plugin is in the middle of being converted to handle things that aren't just PPTP, and as such it presents a few more options than it might need to. Ignore screens about GPRS and Bluetooth; hopefully a subsequent version will see me disable them.
  • It is the CVS HEAD version, with the new pluggable-auth-dialog removed, as it just didn't want to build right, and isn't yet ready to replace the old auth-dialog.
  • Default PPP options might not suit - you will probably have to tick "Refuse EAP" on Authentication and "Require MPPE encryption/Require 128 bit MPPE encryption" on Compression & Encryption to connect to a Windows 2003 VPN server.
  • There are a variety of bugs with the current version of NM that could bite you. The VPN plugins can't set the MTU, you can't edit a VPN connection immediately after making it, irrelevant tabs aren't hidden - most of these will require the new 0.7 series to be released, which probably won't happen before Edgy.
  • You will have to restart DBUS, or log out and log back in again, after installing this plugin, before you can connect.

As usual, everything I know about autotools and CVS I leant from Perry. Thanks!

Now, for the fun part. I have packaged the NetworkManager PPTP plugin for Ubuntu 6.06. Download it here. I will have it up in an apt repository in the next couple of days. Please raise bugs in the program at the GNOME bugzilla, please leave comments on the package or general messages of "Hello!" in the comments below.

The next step is to find out how to disable all the irrelevant parts in the package, and start considering my potential future as an Ubuntu MOTU.

Customising a Debian/Ubuntu installation CD

Thursday, August 17th, 2006

One of the things I maintain at work is a self-installing Linux distribution.

When I started in 2002, we were purchasing KickStart installed Red Hat 7.x machines from a local company. With Progeny's AutoInstall, I managed to get a CD that would automatically install Debian Woody, but not in a very nice fashion.

Ubuntu came out, was more up to date than Woody (I think my Commodore 64 was more up to date than Woody for a moment there), and so I changed to it after the second release. Hoary introducted some support for KickStart installations, but I found that much more power could be gained with the new debian-installer that was coming for Sarge. A guide to remastering your Ubuntu CD ensued.

Two releases later, I updated all the machines to Ubuntu Dapper, and tidied up the installer a whole heap. Today, under the chargeable heading of "documenting my self-installing Linux distribution in case I get hit by a bus", I have given the Ubuntu Install CD Customization page a complete overhaul. Read it - it's grand.

BASIC liability insurance

Thursday, August 17th, 2006

As those of you who know me personally will know that I am, quite vocally, not someone who enjoys programming. My main problem is that I write code so infrequently that whenever I sit down I've forgotten either the syntax of language or the parameters of the API, and find more time is taken with reading the docs or finding suitable examples than actually writing or thinking.

I visited my parents yesterday to help my 16 year old brother study for a test, and he also asked for some help with a programming assignment. Due either to a recent loss of computing equipment, or general difficulty in deciding on a language for teaching programming, they're using QBasic. Last time I used QBasic, I hadn't gone through a university degree and learnt half a dozen programming languages, so I found it all a bit easier this time. The problem was that I had no idea if half of the things I wanted to do had syntax in QB: you can't specify an array using numbers[4] = {1, 3, 6, 8}, so an example on the web (the only time I had to go outside of the help) pointed out that you use READ and a DATA statement. I remember seeing DATA statements in Commodore 64 code printouts in magazines, and not having any idea how the stuff quite how they worked. Surely it's easier to specify your data inline, rather than in a DATA statement? Isn't BASIC supposed to be, well, basic?

Anyway, below the fold is what I wrote. The goal was to teach my brother, and his brief was "write a roulette game". I insisted there would be no GOTOs, and no functions/subroutines, as he hadn't covered them at school. Generally the code had to make sense so he could read it and figure out how it all worked.

We finished it, and then, like the bastard I am, I deleted the bit that tests for odd and even and made him rewrite that. I suspect he'll find this post before actually rewriting it himself. Maybe not enjoying programming runs in the family.


And the barriers keep falling...

Wednesday, August 16th, 2006

Due to their anti-trust arrangement with Microsoft, Real are bringing WMV/WMA to Linux, legally. And Sun have announced more about Java's upcoming release to Open Source.

Linux will "succeed" (not to say it isn't succeeding already, but be ready for "primetime" or "The Enterprise" when it is in a position where people can target their software to it, and want to do it. Each step helps.

Open source graphics drivers (Part 2)

Thursday, August 10th, 2006

Quoth Ian:

Great to see [Intel open-sourcing their graphics drivers] - now if only AMD/ATI and Nvidia would follow suit.

They've had open-source drivers for their hardware for some time: quoth the truely excellent Keith Packard:

Intel has made free software drivers available for all of its graphics adapters since the i810, so if it says 'Intel graphics' on the label, you can be sure that free software will support it.

The release today adds support for the brand-new i965 chips which add advanced rendering capabilities to Intel's graphics adapters, including the ability to support OpenGL vertex shaders and hardware T&L. As far as I can tell, while the hardware has been announced, it's not yet available from retailers yet.

But, as for AMD/ATI? Ask, and ye shall receive? If it happens, it's yet another reason to love AMD. Good to see competition in the chip markets.

Cranky at little 'exploitable' Outlook foibles?

Wednesday, August 9th, 2006

There used to be a bug in Outlook and Outlook Express's handling of uuencode (remember that?) that meant if you began a message with "begin" and two spaces, it would render the rest of the message unreadable. A few people on the WLUG mailing list tried using "begin   quoted message from X", until we politely pointed out to them that some people are forced to, or choose to, use a Windows mail client, and it's bad advocacy to stop them from being able to read your messages.

Other variations on the theme pop up every now and then; here's one on a message from jdub this morning, with a little less angry and a little more style.

If you're interested, it is put there by X-Message-Flag. And it's easy to do.

All medicines have benefits and some have risks

Wednesday, August 9th, 2006

I wouldn't ever look at the web if it wasn't for AdBlock and the Filterset.G updater. It pains me to try and use a computer without these two Firefox extensions installed - there is just so much background noise that you don't remember seeing, after seeing a pain-free web for a wee while.

But, like Panadol, there are pains it fixes and pains it creates. Adblock can't tell which ads you want to see and which you don't. I first noticed this last election, when I wanted to see the National Party's thank-you-very-much ad. See the two missing boxes? A friend sent me these fantastic 50s ads, (including wallpaper for other bacon lovers). Robin Capper's link to the new Sony Bravia ad suffers much the same fate.

Two morals of the story. First, if you're putting an ad on the 'web, don't put 'ad' in the image path ?. Second, if you're setting up AdBlock for people (and I firmly believe it improves the internet experience and will defend to the death my right to use it), make sure they know about the site whitelist and when to use it.