How To Clear The SSSD Cache In Linux

Posted by on April 13, 2016 5 comments
SSSD

The System Security Services Daemon (SSSD) provides access to identity and authentication providers. Basically rather than relying on locally configured authentication, SSSD is used to lookup its local cache. The entries within this cache may come from different remote identity providers, such as an LDAP directory, FreeIPA, or Active Directory for example.

SSSD caches the results of users and credentials from these remote locations so that if the identity provider goes offline, the user credentials are still available and users can still login. This helps to improve performance and facilitates scalability with a single user that can login over many systems, rather than using local accounts everywhere.

The cached results can potentially be problematic if the stored records become stale and are no longer in sync with the identity provider, so it is important to know how to flush the SSSD cache to fix various problems and update the cache.

Here we’ll cover a couple of different methods to flush out the SSSD cache.

Read more »

How To Use Firewalld Rich Rules And Zones For Filtering And NAT

Posted by on April 6, 2016 14 comments
Use Firewalld Rich Rules And Zones For Filtering And NAT

Here we cover the RHCE exam objective “Use firewalld and associated mechanisms such as rich rules, zones and custom rules, to implement packet filtering and configure network address translation (NAT)” in Red Hat Enterprise Linux (RHEL) 7.

Read more »

Configure Additional Options Described In Documentation For SSH In Linux

Posted by on March 30, 2016 No comments
Configure Additional Options Described In Documentation For SSH In Linux

Here we are going to take a look at some of the options available to us when configuring OpenSSH server and discuss what they actually do, as per the RHCE objective.

Read more »

How To Change Log Rate Limiting In Linux

Posted by on March 23, 2016 2 comments
How To Change Log Rate Limiting In Linux

By default in Linux there are a few different mechanisms in place that may rate limit logging. These are primarily the systemd journal and rsyslog rate limits that are in place by default.

Here we cover modifying or removing rate limiting for logging.

Read more »

How To Update Microsoft Security Essentials In Windows Server 2012 R2

Posted by on March 18, 2016 43 comments

Recently I covered how to install Microsoft Security Essentials in Windows Server 2012 R2, however after performing a Windows update it failed to install with error 0x8004FF04.

Here I will discuss why this happens and then cover how to resolve this problem and update Microsoft Security Essentials manually.
Read more »

How To Install Microsoft Security Essentials In Windows Server 2012 R2

Posted by on March 16, 2016 33 comments

Windows Defender has been built into Windows 8, 8.1 and 10 by default to provide protection against malware, however there is no such default program installed in the Windows server operating system.

To provide a basic level of security in a small server environment, we can install Microsoft Security Essentials with some simple modifications which contains most of the functionality of Windows Defender for free.

By default if you try to install Microsoft Security Essentials in Windows Server you will receive various errors which we will cover how to fix here.

Read more »

Linux Web Server Performance Benchmark – 2016 Results

Posted by on March 9, 2016 87 comments

I have previously performed a benchmark on a variety of web servers in 2012 and have had some people request that I redo the tests with newer versions of the web servers as no doubt a lot has likely changed since then.

Here I’ll be performing benchmarks against the current latest versions of a number of Linux based web servers and then comparing them against each other to get an idea of which one performs the best under a static workload.

Read more »

How To Configure An iSCSI Target And Initiator In Linux

Posted by on March 2, 2016 10 comments
How To Configure iSCSI Target And Initiator In Linux

With an iSCSI target we can provide access to disk storage on a server over the network to a client iSCSI initiator. The iSCSI initiator will then be able to use the storage from the iSCSI target server as if it were a local disk.

Here we cover how you can set up both an iSCSI target and an iSCSI initiator in Linux and connect them together.

Read more »

How To Configure Local DNS Query Cache In Linux With Dnsmasq

Posted by on February 24, 2016 3 comments
How To Configure Local DNS Query Caching In Linux With Dnsmasq

In many Linux based distributions there does not appear to be any local DNS query caching performed by default on the client side like there is in Windows. This means that if a process on the system constantly needs to connect to some domain name it will perform a DNS lookup against the resolver defined to retrieve the IP every single time.

In this particular example instance there is a process that performs 30,000,000 DNS requests per day on average against the nameserver, we are going to significantly reduce this by configuring a local DNS cache on the server performing the excessive DNS queries.

Read more »

How To Provide NFS Shares For Group Collaboration

Posted by on February 17, 2016 1 comment
How To Provide NFS Network Shares For Group Collaboration and Sharing

Previously we have covered how to provide NFS shares to specific clients, here we are going to expand upon this and cover how an NFS share can be shared with members in a group for collaboration purposes.

This will be done primarily with the use of set group ID (Set GID), as using this results in all files and directories created within the group share being automatically set with the same group owner as the share itself.

Read more »