Got a new vocation: that of plying open source software at the workplace.
This is my personal contribution to the open source movement. Apart from using open source, I want to “push” others into using it. In my former workplace, I made it a network policy before I left that all workstations connected to the net use Firefox and Thunderbird for web and email, respectively. There was resistance, of course, but eventually, some of them saw the light, so to speak. With the current rash of holes in IE, they had no choice but look for alternatives. Now, here in my new work, I’ve surreptiously placed Firefox in selected workstations. They wouldn’t know the difference, really, because for them, it’s all the same: so long as they can access the internet, even if it was a damned monkey hanging by its tail doing the connection for them, they’ll grab it. For now, Firefox will do. Later, I’ll be putting in OpenOffice.org. Can’t wait. (So the allusion in the title didn’t actually stick. So what? I liked the title, suits me fine.)Monthly Archive for August, 2004
This is my after-travel report for my attendance to the Philippine Open Source Conference:
With open source moving towards the mainstream of information technology, the Philippine Open Source Conference 2004 was a fitting event to highlight viable and relevant solutions not only for technology-inclined individuals, but for enterprise applications as well. Organized by Media G8way Corporation and Imperium Technology, Inc., the Open Source Conference, held from August 17 to 19 at the Shangri-la Edsa Plaza, featured seminar tracks on business applications; telecommunications, networking and security; and programming and advocacy. Open source experts and advocates discussed topics and issues on enterprise Linux, open source migration, interoperability, mobile solutions like virtual private networks and SMS, and high availability and clustering. Open source, in a nutshell, is a philosophy and a movement that puts forward the premise that software should be free for use, to be modified, and to be shared with the community, as opposed to proprietary software that have restrictions on use, sharing and modification. In the Philippines, open source has gained popularity in industry and government, with its features like little (or no) costs, technically superior performance, and inherent community support. It has increasingly become an attractive value proposition for businesses that are looking for solutions with lower costs and high technological value. For government, it offers a way to rationalize enhancement of IT services while keeping the funding footprint at a minimum. The Conference was also the venue for establishing links and contacts with IT vendors and professionals. It carried big-name product exhibits like Novell, Intel, and even Microsoft, an outspoken critic of open source. There were birds-of-a-feather sessions where individuals with similar objectives discussed special issues like LAMP (Linux-Apache-MySQL-PHP/Perl/Python), security, open source in government, enterprise hardware, SMS gateway, training and certification, and Linux-Windows interoperability and migration. With the ongoing reconfiguration of the Philrice information network, the lessons and tools gleaned from the Conference become even more relevant. For interoperability, Active Directory can be integrated with OpenLDAP (an open source implementation of the Lightweight Directory Access Protocol) for single-sign-on of network services (Web access, messaging, file services, etc.). Open source network management tools like MRTG (multi-router traffic generator) and the ASTI-packaged NetMon can be used to monitor server hardware and services. Kannel, an open source SMS gateway software, is a likely solution for the SMS facility for Philrice and the Open Academy. Solutions derived from the Conference open possible venues to enhance services and lower the total cost of ownership of network resources. Philrice can explore the viability of migration to open source desktops, for example, or the implementation of Linux-based thin clients for office-productivity-intensive workstations. Other services, such as voice-over-IP and VPNs, can be explored for intra-office and interbranch communications. The Philrice experience on open source solutions can serve as a model and possibly provide benchmarks on open source implementations for other government agencies and institutions in their IT efforts.
- Get staging-server to connect to the test LAN segments.
- Install the following services:
- Proxy with LDAP authentication
- LDAP with connection to Active Directory
- Samba for file sharing and LDAP authentication
- Jabber IM with LDAP authentication
- Install Nagios to monitor the servers.
- Test Kannel on leila for SMS and SMS-to-email gateways.
- Work on the intranet, Open Academy, and corporate CMS.
- Wash laundry on weekends.
You know, the one in Sesame Street where a small doll contains a smaller doll, and so on, ad nauseam.
I’m talking about the dependencies chain in RPM installation, of course. For example, as I was about to upgrade Webmin, Maui complained that the package depended on several Perl modules, which in turn, needed some other Perl modules. It was doubly harder because I still couldn’t make the problem of Maui not resolving FQDNs properly, so I had to rely on the IP addresses of the RPM repositories in doingwgets — a tedious process, I tell you.
But, I finally made it work: upgraded Webmin to version 1.5, and added SSL functionality for additional security; but only for almost a day of scrounging the web for the correct and compatible RPMs (Net::SSLeay, Mon::client and Convert::BER, just to name a few).
I also had to rebuild the index file for the SARG to reflect the previous month. It still does not make weekly and monthly reports, though. I probably forgot to add cron entries for them.
There’s still no reply from my predecessor regarding his documentation for the TACACS+ and NAS configuration. Meanwhile, the modem pool is just laying there, unused.
Bridging would not work for the network reconfiguration. We have to resort to a file server sitting between the two subnets. This server will also have Jabber for messaging.
I’ve installed FC2 on the staging server, which will be promoted to either the proxy or the LDAP server to be connected to the W2K3 domain controller for one-time login and authentication.
Whew! Lots of work ahead.
- Investigate the logs on the Squid authentication admin interface error (a blank error page on
nauth_edit.cgi). - Try out bridging on the network reconfiguration testbed. Seems to me this one will work. We have managed to create an Active Directory setup that authenticates hosts on different subnets. Problem is, the hosts themselves cannot “see” each other on the network. I would have loved to implement a Samba PDC + OpenLDAP on this one, if only we could solve the requirement for the existing apps that need domain authentication.
- Look further into Maui’s resolution problem: she still can’t resolve hostnames, and yet the DNS lookups work. Had to resort to placing raw IPs on her
yum.confandwgets. - Research on network acceptable use policies — something that’s tenable and open for the academe culture here.
- Read up on advance IP routing. The deadline for the load-balancing multiple-leased-line scheme is fast approaching, and I haven’t done anything substantial yet. Heck, I haven’t even configured networking on the staging server.
- Cram on Cisco IOS, specifically on AAA, TACACS+ and NAS.
