Leopard & Samba & Plaintext Password

So, this one is so weird that I *have* to blog about it.
A number of my colleagues have upgrades their MacBooks to Leopard and then discovered that they can no longer mount their home directories via our corporate Samba systems. Now, the first thing I should mention is that our Samba servers use plaintext passwords (the reason for this is too long to explain here) so the first step is to enable plaintext password support in Leopard.
To do this, you create a /etc/nsmb.conf file using the following command via Terminal:-

sudo vi /etc/nsmb.conf

and you enter the following two lines:-

[default]
minauth=none

Save the file and reboot your machine. When you get back to the Finder, under the "Go" menu select "Connect to Server", and enter the server address URL, usually in the format

smb://<servername>/<loginID>

You should then get a prompt asking for a name and password.
Here's the magic part.
If you have a password with a percent symbol ('%') the login will fail. What you need to do is to change your password so that it doesn't have the '%' symbol and it should all work.
WHY???
My suspicion is that Leopard is constructing a mount URL using the information provided from the login dialog box. The full format of the URL is:

smb://<userID>:<password>@<servername>/<sharename

Since this is a URL, Leopard is parsing the whole string looking for escape characters which start with (you guessed it!) a percent symbol. The format of the escape sequence is %hh where hh is a two digit hexademical value. For example, a space character is ASCII 32 decimal or 20 hexadecimal, so the escape sequence for a space would be %20.
If your password has a percent symbol, the next two characters are interpreted as a hexadecimal value. If it happens to be a valid hex value, the all three characters (the % and the next two) are replaced with one character, which changes the password and the login will fail.
If the two characters are not valid hex values, then the nameauth daemon will crash with a "Bad Number" error (you can see this in the Console) and the mount dialog will spin forever.
So far, I've only been able to prove this with one machine, but I'd be interested to hear if anyone else has similar experiences.
Why this breaks in Leopard but works perfectly well in Tiger is beyond me!

Posted at 12:05AM Jan 30, 2008 by samktan in IT  |  Comments[4]

Project Blackbox in Canberra, our nations capital!

So here's a picture of Project Blackbox with the Australian Federal Parliament Building in the background.

Powered by ScribeFire.

Posted at 09:18PM Dec 19, 2007 by samktan in SUNW  |  Comments[2]

Project Blackbox in Sydney, Australia

Project Blackbox is currently touring Australia. First stop is Darling Harbour, Sydney. If you haven't been to see it yet, register at http://au.sun.com/events/blackbox/index.jsp and come on down. Here's a picture of the actual box all ready for a green Xmas.

Powered by ScribeFire.

Posted at 10:14PM Dec 17, 2007 by samktan in SUNW  |  Comments[0]

Sun Fire x64 servers plus Windows Server 2008 (with Hyper-V)

If you are interested in testing out our Sun Fire x64 servers with Windows Server 2008, here are a couple of links that will be useful for you.

Download a trial copy of Windows Server 2008 from http://www.microsoft.com/ws08eval

Read the Sun Blueprint at http://www.sun.com/blueprints/1107/820-3781.html

Enjoy! (I hope.)

Powered by ScribeFire.

Posted at 11:09AM Dec 16, 2007 by samktan in IT  |  Comments[0]

I'm back!!!

Yes, I know it's been a long time since my last posting. The last six months have been pretty hectic, what with the tender which is still running (don't tell me, I know!) plus various product delivery problems plus AMD's multiple delays for Barcelona plus VMware ESX certification issues plus ... etc. etc. etc. !!! All in all, it reminds of the Chinese saying, may you live in interesting times. :-)

Powered by ScribeFire.

Posted at 11:08AM Dec 16, 2007 by samktan in SUNW  |  Comments[0]

Busy with tender

Yes I know it's been two weeks since my last blog entry but I've been busy working on a tender for x64 servers that could be worth 1000+ server every year for the next 5 to 9 years. Need to pay a lot of attention to it for the next five days. :-)

Powered by ScribeFire.

Posted at 09:38PM May 14, 2007 by samktan in SUNW  |  Comments[0]

09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C0

So why do these 16 hexadecimal numbers cause so much fear in the hearts of the MPAA? Read all about it at http://news.com.com/8301-10784_3-9714898-7.html and http://www.theinquirer.net/default.aspx?article=39330 and www.digg.com.

Powered by ScribeFire.

Posted at 09:02PM May 02, 2007 by samktan in IT  |  Comments[0]

Customer Success Stories

Yet another site I came across while perusing the ever growing mail in my INBOX marked "Later". This time it's a website that lists our customers who speak up about how Sun has created solutions for some of the most challenging problems in industry, in the customers own words. Read all about it at http://www.sun.com/customers/testimonials/index.jsp.

Powered by ScribeFire.

Posted at 08:21PM May 02, 2007 by samktan in SUNW  |  Comments[0]

Logical Domains

The final part of the Logical Domains trinity has been released. The first two, that being the UltraSPARC T1 processor and Solaris 10 11/06, have been available for quite some time now. The final component, a firmware upgrade for the OBP of the Sun Fire T1000 and T2000 servers were released earlier this week. You can read all about it and get your own copy at http://www.sun.com/ldoms

Powered by ScribeFire.

Posted at 07:32PM May 02, 2007 by samktan in SUNW  |  Comments[0]

Apple MacBook and MacBookPro battery recall

Well, this the season it seems. Apple have announced yet another battery recall, this time for MacBook and MacBookPro systems (I refuse to call them laptop when I can't operate them on my laptop without severe burns!) sold between February 2006 and April 2007. The recall is applicable even if your system is out of warranty. Read all about it at http://www.apple.com/support/macbook_macbookpro/batteryupdate/.

Posted at 02:02PM Apr 29, 2007 by samktan in IT  |  Comments[2]

Tuning for UltraSPARC T1

It is a very rare person who has a 32 CPU development server, which tends to lead to the situation where most developers write code that is rarely capable to scaling to 32 processors. This has not usually been a problem since traditionally 32 CPU servers cost in the vicinity of small houses.

With the introduction of the UltraSPARC T1 with it's 8 core and 32 threads, a server can cost less than US$10000 and run 32 simultaneous applications. Developing applications for this is not the same as that of a typical 2 or 4 CPU Intel server, getting the most out of so much horsepower requires a radical thinking of application architecture.

For those of you who are interested in knowing how to do tuning for UltraSPARC T1 processors, and it's successors, read the "UltraSPARC T1 Tuning Guide" available right here.

Powered by ScribeFire.

Posted at 08:08PM Apr 27, 2007 by samktan in SUNW  |  Comments[0]

DTrace

So here's a file that I found in one of my many folders on my computer, apparently I downloaded it and printed out a copy but that's as far as I got with it. Perhaps someone else can benefit from this DTrace Guide. Enjoy, I hope.

Powered by ScribeFire.

Posted at 07:57PM Apr 27, 2007 by samktan in Solaris  |  Comments[0]

Proxy Servers

One of the downsides of proxy servers is that most corporate networks have them and most home users don't. Having to remember to switch the proxy servers on and off is difficult because the setting is usually buried several layers deep in the Preferences of the browser.

Two options exist for Firefox/Mozilla/Seamonkey users. The first is to use PrefBar from http://prefbar.mozdev.org/ which puts a preferences bar on the toolbar that you can use to turn your proxy settings on and off with a single click.

After installing PrefBar and restarting your browser, click on Customise, then click on "Proxies" in the left-column and click "Add Item", then click "OK". You'll now have a check box on the PrefBar toolbar that you can use to turn your proxy setting on or off.

The second option and this probably works for IE as well but I haven't tested it, is to use a PAC file. A PAC file is nothing more than a simple JavaScript file with a single function called "FindProxyForURL" that returns a proxy server name for a given URL.

The PAC file that I use is given below, and basically it says if the host is resolvable, i.e. the browser can get an IP address for the host from the local DNS server, then connect directly without a proxy, otherwise use the specified proxy server.

There is a line commented out that checks if the domain of the host ends with ".sun.com" and if it does, go direct, but I found that this breaks sites outside SWAN like www.sun.com and sunsolve.sun.com so I took it out. You can certainly put it back in for specific domains that you know are reacheable directly.

To use this file, save the following lines in a file on your local drive, e.g. proxy.pac, then in your browser, under "Network Settings", in "Automatic proxy configuration URL", put in the path to your local proxy.pac file, e.g. file:///Users/samktan/Documents/proxy.pac or file:///c:/Documents and Settings/samktan/My Documents/proxy.pac. Yes, that is three (3) forward slashes after the file: protocol specifier.

function FindProxyForURL(url, host)
{
    if (isPlainHostName(host) ||
        // dnsDomainIs(host, ".sun.com") ||
        isResolvable(host))
        return "DIRECT";
    else
        return "PROXY webcache.sfbay.sun.com:8080; DIRECT";
}


Now no matter where I go, I don't have to worry about checking my proxy settings, everything just works, as it should be.

Powered by ScribeFire.

Posted at 10:22AM Apr 27, 2007 by samktan in IT  |  Comments[4]

Gears of War

Possibly the best game on any console, Gears of War is the reason to get an Xbox 360 and a HD plasma or LCD TV. Take a look at this trailer and judge for yourself.



Due to the size of the file, you need a BitTorrent client to download it. Check out the list at http://en.wikipedia.org/wiki/BitTorrent_Client and pick one that you like. Personally I like Azureus because of the many options available but some people find that daunting.

Posted at 02:51PM Apr 25, 2007 by samktan in IT  |  Comments[0]

Managing Bookmarks (2)

After a few weeks of testing, I've settled on using Google Browser Sync http://www.google.com/tools/firefox/browsersync/ for keeping my bookmarks synchronized between multiple browsers on multiple machines.

I did try a few others including the Google Toolbar and del.icio.us, with varying degrees of success. Google Toolbar was overkill, it had many more features than I needed, although it was the only one that ran on both IE and Mozilla. del.icio.us worked erratically, I don't know if it was a server or client problem from within SWAN, Sun's internal corporate network. I kept getting error 999, saying that I had tried to connect to the server too many times and consequently my connection was being rejected. I suspect that the Yahoo! servers track by IP address and since everyone on SWAN is using proxy servers, it might look like a lot of connections coming from one IP address.

Google Browser Sync is not without it's flaws. On startup it tries to connect to the server but since I use my computer at home and at work every day, the first start is always going to fail until I can change the proxy settings. I'm experimenting on using a proxy PAC file but I've not figured out how to specify one in Firefox, the input field seems to expect a HTTP URL.

More when I get some time to test it out.

Posted at 08:45AM Apr 22, 2007 by samktan in IT  |  Comments[5]