Solution:
two virtual machines
two datastore
two san
two sites
mirror data volume

Schema:

“hardware” configuration:

VMs settings:
Add VMware RDM Lun Volumes to Vms, as images before
Melio installation:
prerequisites (from MelioFs 4 User Guide)
Installation Checklist:

* Using an account with local administrator privileges, log on to the system in which Melio is going to be installed. → create a Domain Users in Active Directory, then it will be a local machine Administrator
* Verify that the Windows Management Instrumentation (WMI) service is running.
* Verify that the system has IP connectivity to the network that will be used for Melio
communications. → VM has two nic VMXNET3, one in LAN, one is a separated not routed LAN, where multicast can “run”; remember to set, in Windows, preference in advanced option for nic LAN before the “MelioLan”
* Using the instructions provided by the manufacturer of your storage hardware, install and
connect your storage hardware to the servers that will be running Melio. Once you’ve
confirmed the storage hardware is operating correctly, create one or more LUNs and map
them to the servers. Check the event logs on the servers for any storage connection-related
error messages and resolve all reported errors prior to installing Melio.
* Verify that the LUN(s) to be formatted with Melio FS is seen by Windows. To accomplish this, open a DOS prompt and enter the following commands: → do not disable autmount; then verify they are not offline
o diskpart <enter>
o list disk <enter>
You should see the LUN(s) in the list of disks. If not, check the connection(s) between the
server(s) and the storage and confirm that the LUN(s) has been mapped to the server(s) from
the storage.
Verify that the LUN(s) to be formatted with Melio FS is not configured for “Read-only” mode.
To accomplish this, enter the following commands in diskpart:
o select disk # <enter> (# equals the number assigned to the LUN)
o attributes disk <enter>
If the LUN(s) is set to “Read-only” mode, enter the following commands:
o attributes disk clear readonly <enter>
o attributes disk <enter>
The LUN(s) should now appear with “Read-only” set to “No”.

Installation
From pag.8 MelioFS 4 User Guide pdf
Make a custom installation with only Melio and MelioFs volume Manager

Advanced Setting (tuning MelioFS)
See pag. 21 MelioFS 4 User Guide
Additional parameters can be configured within the Melio Configuration utility (Start > All Programs > Sanbolic > Melio Configuration).
Important note: The default parameters and values for Melio are designed to work under the majority of configurations. Modifications made to any of the parameters described below should not be made without first conferring with Sanbolic Technical Support.
Configuring TCP/IP settings for Melio
Melio uses both TCP and UDP protocols for communications between Melio instances running on all machines participating in a Melio cluster.
The subnets that appear under the Network settings (“View > Driver Settings > Network”) in the Melio Volume Manger console are used to select the subnet ranges (network interfaces) on which Melio will listen. This ensures that Melio is compatible with DHCP servers that may assign a computer different IP addresses.
If a machine has more than one IP address (active network interface), a subnet range address should be selected. Selecting a subnet range for Melio is done on a per machine basis by opening the Melio Volume Manager, selecting a computer on the left-hand side of the console and selecting “View > Driver Settings > Network” from the toolbar at the top of the console. If a machine has only one IP address, you can leave the default subnet range setting “0.0.0.0/0”.
Melio uses the specified multicast address to find other cluster members. Each Melio instance listens on the multicast address at the port specified under the Network settings. In order for Melio to form a cluster with machines located on different subnets, all intermediate routers must be configured to forward multicast packets between subnets.
MelioFS Volume Configuration
See pag. 14 MelioFS 4 User Guide
Note: Prior to managing a disk with Melio Volume Manager, at least one partition (LUN) on your SAN storage must be provisioned and presented (mapped) to every computer running the Melio software.
Launch the Melio Volume Manager (Start > All Programs > Sanbolic > Melio Volume Manager).
By default, the local computer running Melio will be displayed on the left-hand side of the Melio Volume Manager console.
Right-click on the disk label (where it says “Empty”) in the center window pane and select “Manage” to manage a single disk or “Manage Multiple” to manage multiple disks.
A pop-up window will appear asking you to select the disk(s) that you want Melio Volume Manager to manage.
Note: Unless advised by Sanbolic Technical Support, you should NOT make any changes to the values of the parameters listed under the “Timings” section. The default values are designed to work under the majority of use cases. (Descriptions for these parameters are provided later in this manual.)
Select the disk(s) to manage and click “OK.”
Note: If you are going to use the entire capacity of the disk(s) to create your Melio shared volume, you can select the option “Automatically create full-size basic partition on each disk”. Additionally, if you are going to create a stripe set using the selected disks, you can select the option “And stripe them”.
If you are going to use only a portion of the disk(s) or plan to use the disk(s) to create a volume set or mirror set, simply click “OK”.
Note: After clicking “OK” to manage the selected disk(s), a message will appear informing the user that the process of managing the disk(s) will take approximately five minutes.
It is important to note that the process of managing a disk can take as long as 10 minutes due to the number of tasks involved, regardless of the number of disks selected or the size of the disk(s).
Please do not attempt to cancel this process until it has completed successfully.
After the process of managing the disk(s) has completed, the following screen is displayed.
To create a partition on a managed disk, right-click on the disk (where it shows “Empty”) and select “New.”
Leave the size as it appears to create a partition using the entire available disk space or specify the desired partition size by entering numbers in the “Size” field or using the red slider bar.
Enter a label for the partition. (Optional)
When you are ready to create the partition, click “OK”.
Once this step is completed, the new partition will appear in blue in the upper center window pane. A blue partition indicates that the partition is ready to be created. (See illustration on following page.)
To create the partition, select “Action > Apply Changes” from the toolbar or press F3.
A pop-up window will be displayed asking for confirmation. Click “Yes”.
Once the changes are committed to the disk, the color of the partition will change to black, indicating that the partition has been created.
Now the partition can be converted to a logical drive (volume) that can be mounted and accessed by multiple computers simultaneously.
Right-click on the partition in the upper center window pane and select “Create Logical Drive…”
A dialog window will appear asking you to assign a drive letter to the new volume. The setting “Try to set this letter, if available, on each machine that has access to the volume” means the Melio Volume Manager will attempt to supply Windows with the same drive letter for this volume on all machines that will be sharing access to the volume. If the drive letter is already in use by a machine, Melio Volume Manager will assign the volume the next available drive letter on that particular machine. It is also possible to mount a Melio volume on an empty Melio FS or NTFS folder using mount points. To mount a volume on an empty folder, check the radio button labeled “Mount to an empty folder” and enter the path to the folder.
Under “Initial Security,” leave the option “Give everyone full control” (default).
Under “File System,” leave the option to format the volume with “Melio FS” (default).
Enter a label for the volume in the “Volume Label:” field. (Optional)
Click “OK” to create the volume. A window containing messages about the volume creation process will appear.
Note: During the volume creation process, if Windows prompts you to format the volume, click “Cancel” as the volume is already being formatted with Melio FS.
Note: If Windows prompts you to restart the machine, click “Cancel”. Restarting the machine is not necessary.
If you receive a warning message about a non-signed driver being installed, click “Continue Anyway” to proceed with the driver installation.
Once the volume has been created, a message will appear in the window stating that all steps have completed successfully. Click “OK” to close the window and return to the Melio Volume Manager.
Notice: A disk that cannot be managed by the Melio Volume Manager is displayed as “Unknown” or “Foreign”. This indicates that another volume manager is actively managing the disk. To manage the disk with the Melio Volume Manager, it must first be unmanaged by the other volume manager. To accomplish this, you need to delete all partitions on the disk. If the disk is “dynamic,” you must convert it to a “basic” disk using Windows Disk Manager. Note that deleting partitions on a disk or converting a disk from dynamic to basic will delete all data stored on the associated volume. Make sure that any data you need is backed up to another volume PRIOR to deleting partitions or converting disks.
MelioFS Mirrod Raid1 Configuration
See pag. 21 MelioFS 4 User Guide
Follow the instructions provided earlier to create at least two partitions managed by the Melio Volume Manager.
Note: The partitions making up a mirror set must be exactly the same size.
Right-click on one of the partitions and choose “Mirror” > “Create…”
In the “Make Mirror” window, select the other partition that will be used for the mirror and click “OK”.
The mirror will appear in blue.
From the toolbar, select “Action” > “Apply Changes” to create the mirror set.
The mirror will appear in orange, indicating that it is synchronizing.
Once synchronization has completed, the mirror will appear in green.
You can now create a logical drive (volume) on the mirror set.
To make the mirror set visible to Windows as a logical drive (volume), follow the steps described previously to create a logical drive.
Once the logical drive has been created, the mirror will resynchronize.
After synchronization has completed, the logical drive (and its partitions) will appear in green, indicating it is ready for use
Results:

Windows DFS Configuration:
Done MelioFS configuration, it’s time to make a share (or more) using Microsoft features:

http://technet.microsoft.com/en-us/library/bb727150.aspx

http://technet.microsoft.com/en-us/library/cc732863%28WS.10%29.aspx

Nella ricezione della posta è opportuno che sia verificata prima di essere inoltrata al server di posta, ovvero che il destinatario esista. Già con questo “piccolo” controllo parte dello spam non viene consegnato e non va ad usare risorse utili sul nostro server.

Quindi è fondamentale, assieme ad altri controlli, aggiungere questo tipo di verifica, per ottenere un servizio di posta migliore!

Questa piccola guida è riferita all’uso di Postfix, con supporto ldap, in ambiente Gnu/Linux con server Exchange o Lotus Domino

Query LDAP verso Lotus Domino:

la sintassi per postfix da aggiungere in /etc/postfix/main.cf è :

[...]

ldap_timeout = 10

ldap_search_base =

ldap_server_host = ip_del_server_di_posta_Domino

ldap_server_port = 389

ldap_query_filter = (mail=%s)

ldap_result_filter = %s

ldap_result_attribute = mail

ldap_scope = sub

ldap_bind = no

relay_recipient_maps = ldap:ldap

[...]

Query Ldap verso M$crosoft Exchange:

mentre nel caso di server M$crosoft Exchange la sintassi da aggiungere in /etc/postfix/main.cf è:

[...]

ldap_server_host = ip_del_server_di_posta_Exchange

ldap_search_base = dc=dominio,dc=it

ldap_version = 3

ldap_bind_dn = CN=postfix,CN=Users,DC=dominio,DC=it <– utente, “base”, inserito in Active Directory per poter fare la query LDAP

ldap_bind_pw = utente_postfix_password

ldap_query_filter = (proxyAddresses=smtp:%s)

ldap_result_attribute = mail

relay_recipient_maps = ldap:ldap

smtpd_recipient_limit = 240

[...]

In entrambi i casi occorre salvare il file e riavviare il servizio Postfix.

]]> http://www.tipsandtux.org/wordpress/postfix-verifica-ldap-in-real-time.html/feed 0 http://www.tipsandtux.org/wordpress/autenticazione-squid-against-ldap-active-directory.html http://www.tipsandtux.org/wordpress/autenticazione-squid-against-ldap-active-directory.html#comments Tue, 15 Dec 2009 19:02:39 +0000 superpaia http://www.tipsandtux.org/wordpress/?p=16 —– con squid fino 2.5.x e Active directory 2003 —–

Ecco le informazioni per impostare l’autenticazione esplicita di un proxy Squid su GNU/Linux verso un server LDAP Active Directory.

—– con squid fino 2.5.x e Active directory 2003 (testato con Sles verso Ad 2003) —–

** Autenticazione utenti: **

inserire in squid.conf:

auth_param basic program /usr/sbin/squid_ldap_auth -p -R -b “cn=users,dc=dominio,dc=loc” -D “cn=squid,cn=users,dc=dominio,dc=loc” -w “PASSWORD” -f “(&(userPrincipalName=%s)(objectClass=person))” IpAddressLdapServer

&

acl password proxy_auth REQUIRED

&

http_access allow password

—– con squid >2.6 e Active directory 2003 (testato con squid di ubuntu 7.04 e SLES verso AD 2003) —-

** Autenticazione utenti: **

inserire in in squid.conf:

auth_param basic program /usr/lib/squid/ldap_auth -p -R -b “cn=users,dc=dominio,dc=loc” -D “cn=squid,cn=users,dc=dominio,dc=loc” -w “PASSWORD” -f sAMAccountName=%s -h IpAddressLdapServer

&

acl password proxy_auth REQUIRED

&

http_access allow password

** Autenticazione degli utenti e gruppi di Active directory: ***

con questa configurazione gli utenti oltre ad autenticare sè stessi devono anche appartenere ad un determinato gruppo di Active Directory per poter accedere ad internet tramite il proxy

(prerequisito è che l’autentificazione utenti standard funzioni)

auth_param basic program /usr/lib/squid/ldap_auth -p -R -b “cn=users,dc=dominio,dc=loc” -D “cn=squidr,cn=users,dc=dominio,dc=loc” -w “PASSWORD” -f sAMAccountName=%s -h IpAddressLdapServer

&

external_acl_type GruppoDiRete %LOGIN /usr/lib/squid/squid_ldap_group -R -b “dc=dominio,dc=loc” -D “cn=squid,cn=Users,dc=dominio,dc=loc” -w “PASSWORD” -f “(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=SquidGroup,dc=dominio,dc=loc))” -h IpAddressLdapServer

&

acl password-gruppi proxy_auth REQUIRED

&

acl AccessoInternet external GruppoDiRete SquidGroup  # QUEST’ULTIMO È IL GRUPPO IN AD

&

http_access allow AccessoInternet

— Riferimenti: —

http://www.squid-cache.org

http://www.papercut.biz/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory

ENJOY