Music educator who has completed his transition into IT. I want to know all t3h thingz. Alas, one lifetime isn't long enough to learn everything, so I'll settle for what can be shoved into my brain during this life time.
I plan on mainly posting content on Saturdays or Sundays, but for the opening week, I made a few things.
Click over to the channel and check it out, should the below interest you.
I've never had much use for Cortana, other than practicing my disable-and-remove-useless-programs skill.
I finally got around to getting a little WordPress site going in my lab, and I've decided to make it the new home of www.eddiejennings.net. Enjoy!
Over time I'll try to find good ways of making some content from previous iterations of my blog (and podcast) available.
Sometimes for malware, you have to nuke and start over. 
@scottalanmiller said in Congrats to Eddie - New Linux Admin:
@EddieJennings has put in so much work learning and teaching Linux administration. It's awesome to see him moving up to a Fortune 100 Linux Admin! Congrats Eddie!
Thank you Scott! I havenβt been this excited about a job opportunity since I was able to land my first position from the career change. 
It cannot be stated enough how important community is. Since joining ML in 2016, all of you have effectively been my IT mentors.
<rant>
What boils my blood more than anything:
User: HELP HELP. . . but not right now.
</rant>
@dustinb3403 said in I can't even:
hah...
If he's running out of stroage just direct him to https://downloadmorestorage.com/.
Just signed a litter accepting a promotion effective 9/22. Not bad for a Friday
Being humbled as I test firewall rules on my home Edge Router Lite 3.
@Semicolon said in sssd and user ID mapping:
@EddieJennings we use a combination. We use the ids generated by sssd and automate the population of the AD attributes to align with them to ensure consistency. Where it comes in handy is when we have NFS mounts exported from an LDAP-aware NAS device. The NAS device doesn't natively understand the sssd mappings, and relies upon LDAP calls to find the accounts.
You can't really have a conflict, unless you were looking for a user and group to have the same number (which they can't with sssd, because it appends the principle's RID (padded to 5 digits). If you have a need to manually specify a UID/GID,, that would be for a local account, I presume. In those scenarios, we do create AD accounts that have manually defined UIDs that line up with the local user (always less than 1000) for the NAS appliance to find when evaluating access.
I'm curious. How do you gather the ids generated by sssd and populate them in to uidNumber and gidNumber attributes in AD?
I use keys and use my Ansible control mode as a jump box 
Lots of work left to tame the Wild West. This thread is just one many things to be done.
"Yes."
The people accessing these VMs are my team (admins) as well as various developers. The number of unique users is enough to where managing local accounts wouldn't make sense. Also, there's SSO involved with many of our company's resources and AD is basically the source of truth for that.
There's a good bit for me to think through, in particular if it's worth using FreeIPA / IdM for authentication for these VMs and have FreeIPA / IdM have a trust with AD, which as of right now the answer to that is "no, it's not worth it." Thus, likely what's going to happen is going to be using sssd to work directly with AD, which brings up the though of the best way of handling user and group IDs.
I'm not aware of any kind of native way to generate unique uidnumber and gidnumber when creating an AD user; thus, I think the way to go will be just letting sssd handle ID mapping, but I was curious if there is a reason I'm not thinking of that would make sense to not have sssd handle ID mappings.
We are soon going to be using AD for authenticating users to our Linux VMs. Of the things to think through, one thing I'm considering how to handle UID/GID mapping. SSSD generates handles this by default using an algorithm to map AD SIDs to UIDs/GIDs. This in theory should keep UID/GID consistent as the user logs into different Linux VMs. However, you can disable this mapping and set some attributes in AD (uidNumber,gidNumber, etc.).
What would be a scenario where you would want to disable the sssd auto-ID mapping and set these attributes in AD? The only I can think of is when you want to specify the exact UID/GID that would be associated with a user or group, which would present the challenge of having to make sure you don't have ID conflicts.
Just finished uploading a video of one of the Niehaus jazz etudes.
Testing Ansible playbook for managing vCenter DRS group membership.
@black3dynamite said in Miscellaneous Tech News:
https://ubuntu.com/blog/no-more-dhcpd
https://www.isc.org/blogs/isc-dhcp-eol/
I saw the news about dhcpd a while ago. I haven't taken the time to mess with Kea yet. I suppose dhcpd will truly be dead when it's no longer in the RHEL repos
Doing my periodic looking at Ubiquiti's website to see all of the EdgeMax stuff people would actually use continuing to not be in stock.
@Obsolesce said in What Are You Doing Right Now:
@EddieJennings said in What Are You Doing Right Now:
Just finished successful upgrade of laptop to Fedora 38.
How is it?
The only gotcha was needing to uninstall and reinstall some qt5 stuff (for Musescore). All other aspects were smooth.
