Category Archives: Serving

Album Art Wallpaper Changer

If you’ve been following along you know all of my music is ripped or downloaded as FLAC and is living on an Ubuntu server here on my network. I do a fair job of scanning in the album art (there are stacks yet to be scanned because it takes too much time, but that is neither here nor there). I thought I’d like to make use of all these scanned covers as rotating background art on my hi-fi machine.

Really there are three problems. First, get a complete list of the cover images. Second, mount that location and list in a useful manner. And third, rotate (randomly) through those images as backgrounds.

First I tackled the mounting part. I already was mounting the music share (referred to as MusicShare in the script) so I simply added an administrative folder (referred to as zetc) in that share which included a folder to house the images. I could then place a shortcut in my Pictures folder on the client machine and make a call to that folder with whatever I used to rotate the images.

Next I wrote the necessary script, but I want to save that for the end so let’s talk about the application for changing the wallpapers now. I selected Wallch and it seems to have all the options I need and seems to work well enough. (I have it running on two machines currently and I have not seen any issues worth reporting.)

Wallch is in the standard repositories so you can locate it in the Ubuntu Software Center or install it using the Terminal (with sudo apt-get install wallch). The only unusual thing I did was add a custom time interval in the Preferences dialog as I wanted a 15 second interval (the included intervals went from 10 seconds to thirty). Set it to randomly select images and called that good.

Let’s look at this script briefly as that’s really the meat of this matter. There are issues with using symbolic links in smb shares (if I serve symbolic links I lose the use of non-Windows standard characters) so I created a folder (as mentioned above) to house the hard links to the found image files.

I didn’t care to sort out proper names for them as I won’t likely ever look in the folder or care about what any particular file is called, so the image links are all named incrementally without regard for album, artist, or location.

Finally, I didn’t want to concern myself with what may or may not be located in my links folder when I run the script again (to create a more current set of links), so I remove all files located in the links folder before filling it up again with the new image links.

Here is my script. I hope this helps you with your music art needs.

##
#!/bin/bash
# by JamesIsIn from JamesIsIn.com
# Do something nice today.

directory="/media/MusicDrive/MusicShare/"
zedfile="/media/MusicDrive/MusicShare/zetc/CoverSlideshow/ZedList"
zedfolder="/media/MusicDrive/MusicShare/zetc/CoverSlideshow/SymLinks/"

find "$directory" -type f -name [Cc]over.[Jj][Pp]*[Gg] -o -name [Cc]over.[Pp][Nn][Gg] -o -name [Cc]over.[Bb][Mm][Pp] -o -name [Cc]over.[Tt][Ii][Ff] > "$zedfile"

declare -a zedfind
let i=0
while read zedline; do
zedfind[$i]="$zedline"
((i++))
done < "$zedfile"

echo "I have found" ${#zedfind[@]} "cover images."
echo
read -p "Press <ENTER> to coninue. "
echo
echo

rm "$zedfolder"/*

for (( ii=0 ; ii < ${#zedfind[@]} ; ii++ )) ; do
originalfile=$( basename "${zedfind[ii]}" )
echo "Creating link:" $ii-"$originalfile"
ln "${zedfind[ii]}" "$zedfolder"$ii-"$originalfile"
done

unset

exit

##
Share

Install AD in Win7

I feel like you used to be able to install AD (Active Directory) through the “Turn Windows features on or off” dialog.  Apparently you must now first download the Remote Server Administration Tools (or maybe it was always that way and I just don’t do it often enough to remember).

Regardless, if you behave like a normal administrator it will give you headaches and will fail.  So I’ll give you the little advice necessary to make this installation go quickly and smoothly.

First go here and download the Remote Server Administration Tools.  I am running Win7 64 bit so I downloaded the 64 bit version.  If you are not sure, download them both and one of them will tell you it’s not compatible.

Ok, unfortunately you can’t just run the installer.  The simplest way to ensure it actually installs (no failure allowed) is to launch it from a command line being run as an administrator.  To do this open the Start menu and type cmd.  When you see cmd.exe, right-click on it and choose “Run as administrator”.

Now you are running the command line with elevated privileges.  Just launch the installer from the command line.  You can do this by merely entering the path and file name and hitting Enter.

I always downoad items to the desktop (since they are easy to locate and they exist as a reminder to delete them when done).  If I were signed into the built-in administrator account that path and file would look like this:

c:\Users\Administrator\Desktop\Windows6.1-x64-RefreshPkg.msu

Click through the installation dialog and you will see the Remote Server Administration Tools appearing in your “Turn Windows features on or off” dialog.  I check the following items (checking a parent does not check the children).

  • Role Administration Tools
    • AD DS and AD LDS Tools
      • Active Directory Module for Windows PowerShell
      • AD DS Snap-ins and Command-line Tools
      • Server for NIS Tools
    • AD LDS Snap-ins and Command-line Tools
    • DHCP Server Tools
    • DNS Server Tools
    • Remote Desktop Services Tools

That’s it.  Hope that speeds your day along.

Share

Attach Ubuntu to Windows Domain via Active Directory (+ sudo)

There may not be too many advantages to adding your Ubuntu machines to your Windows domain, but if you think of them this will allow you to work toward them.  It’s actually pretty easy to add a Linux box to Active Directory.  This is true because AD started out life as an LDAP server and it still retains its LDAP genes somewhere deep inside its withered exterior.

First thing you will want to do is add this utility to your Ubuntu machine:

sudo apt-get install likewise-open

It will allow you to authenticate against AD using Kerberos.  If you don’t know what that means it’s not important at this stage; it’s enough to understand that it’s a secure method for assuring identity between your client machine and your AD server.

I then added the machine to the domain.  Again this is a simple operation.  Before you do anything on the Ubuntu machine, hop into Active Directory and create a machine account in the name of the Ubuntu machine.  Then back on the Ubuntu machine it’s one line of code:

sudo domainjoin-cli join [domain.name] [username]

Easy enough.

Further I added a domain group to the local sudo group by adding these lines to the /etc/sudoers file.  You can also add a domain user.  Just note the different formats below:

# Active Directory group [groupname] given sudo privs
%[domain.name]\\[group^name] ALL=(ALL) ALL
[domain.name]\\[username]

If you don’t know how to edit a protected file like /etc/sudoers I recommend using Gedit:

gksudo gedit /etc/sudoers

(If you manage to break your sudoers file, you can always use pkexec visudo -f /etc/sudoers to fix it.)

Just add those two lines to the end of the file.  The first line is just a comment line and could say something different.  Replace those items in the square brackets with the appropriate information to your network.  Groups, as you can see, are preceded by a percent sign while users are not.  Any spaces should be replaced by carets.

For the group I created in Active Directory to grant these sudo privileges (called Ubuntu Sudoers) I included Domain Administrators and a couple of individuals who would likely be using the Ubuntu box and need sudo rights.  The combinations available should make this pretty flexible.

Anyway, that’s about it.  Not too exciting but sure it’s useful for something.  Have fun with it.

For newer versions of Ubuntu you will need to enable a login space on the login screen.  There are a number of ways, but this is nice and simple.  Again open GEdit to edit a file.

gksudo gedit /etc/lightdm/lightdm.conf

Then add this line to that file.

greeter-show-manual-login=true

You may be able to get the domain assumed (at login) using this method but there is more discussion here.

gksudo gedit /etc/samba/lwiauthd.conf

Then add this line to that file.

winbind use default domain = yes

If that does not work, you can just use the domain@username format at the login screen.

Have fun with that.

Share

How to Fail at Creating a Server Share Folder

I found this great step-by-step guide for making a mapped drive in Active Directory for each user.  It covers both sets of permissions (share and security), and it covers all of the basic details for each section in AD.  Set up correctly this method even automagically creates each user folder as needed.  Very comprehensive.

However, there is one detail they never explicitly mention and which may cause you to stumble (as it did me).  They neglect to mention that you cannot use a trailing slash in your path or you will get an error when you try to Apply the new setting.

The specified path is not valid. Enter a valid network server path using the form: \\server\share\folder.

This error is not all that clear either.  Though it does not itself contain a trailing slash, I find it so common to use one when you are referring to a directory (thank you all other computing that’s not Microsoft) it seemed only natural to include one.  If you are reading this article then you probably also think nothing of using a trailing slash.

I don’t know for certain if this holds true still (in Server 2008 or SBS 2011), but it’s true in SBS 2003 (and presumably Server 2003).

In short don’t do this:

\\Server\Share\%username%\

Hope that helps you somewhere.

Share

GPMC Is Your Friend

I suppose this is rather late in the game for me to write a little post about the Group Policy Management Console but here it is nonetheless.  I usually work with SBS (Small Business Server) machines where the GPMC is part of the traditional bundle (as of SBS 2003 r2?) and so I am very used to having it available to me when I am working in Active Directory or with Group Policies.

That being said, it’s not included by default in the regular Server 2003 (I know: ancient).  It’s very useful however because it allows you to clearly view which elements exist in your policy (rather than having to slog through all of the elements to locate those that look like they have been changed).  It’s not perfect as it would be preferable to edit directly in the console and not have to open the usual (slogging) editor.  So it goes.

Regardless you can get the installation package here.  (Be forewarned that this download will fail in Opera and Firefox so you’ll have to dust off IE.)

Once you get the installer on your server, remember to click the “Unblock” button in the Properties dialog or Windows will throw an error when you attempt to run it.

Have fun with that.

Share

Local Groups, Active Directory, and Group Policy

I was asked to set up a handful of laptops for a specific one-day event where users would be taking a survey on them and that was pretty much the end of it.

I created a special limited user account for the purpose and removed that user account from the AD group Domain Users so that special account would not be able to login anywhere I did not specify.  Then I created a Group Policy for a security group in which that special user was a member whereby the particular user restrictions were passed to that special user (such as forcing the Home page in IE to the survey users were to take).

Next I created a special bucket in AD to hold the few laptops for this project.  I then was able to create a Group Policy forcing my special domain security group as a member of the local Users group on the laptops in that bucket.

Let’s go over this scenario again in detail.

GroupEventUser contains one user (EventUser).  These are both housed in a bucket in AD (UsersEvent).  The five machines (we’ll call EventMach1EventMach5) are in another bucket (LaptopsEvent).  The bucket LaptopsEvent has a GPO which forces GroupEventUser into the local Users group on each of the five machines there contained.

This Group Policy Object can be created here in the GP Editor:

Computer Configuration —> Windows Settings —> Security Settings —> Restricted Groups

That’s the easy part.  Setting up the actual object is a bit confusing.  You’ll want to, of course, “Add Group…” at Restricted Groups.

Then you will enter the name of the group you are forcing into the Add dialog (in my example I would add GroupEventUser).  With this object now created you will open its Properties dialog (this will open automatically when you create the object) and in the field “This group is a member of:” (by clicking the associated “Add…” button) you will add the name of the local computer group you will force your AD group into (in my case Users which is the local users group thus allowing my domain group GroupEventUser login privileges on those machines in LaptopsEvent).

Once again, you create a policy object named after the domain group you are adding to the local group, and add the local group in that object’s member of section.

Clear as mud?  You can see this somewhat confusing article where I got my information about the GPO for forcing the group membership.  (In part I wrote this article because there was a lot of forum posts telling folks this could not be done.  See this one for instance.  There were many others.  Google is your friend.)

Hope that helps you out.

Share

Modify AD Items in Bulk

I am going through our Active Directory here with the purpose of cleaning things up and making sure everything is up to snuff.  A lot of the changes we want made are common across many users.  I didn’t want to change each user with the exact same information (everyone works for the same company, for example).

I found this great free utility for making bulk changes in AD.  (You can find some additional information about ADModify here as well.)

It’s a bit clunky but it does what it claims to do.

The download is a ZIP and you’ll have to go into the Properties dialog and click to Unblock executable extractions.  There are a few dll’s and a couple of executables in there.  One is a command line tool, but I have only tried the dialog.

You can put it anywhere you’d like.  I put it in a folder where I keep other tools (called Tools).  No installation required.  It will create a log (XML) file in its folder for each operation you perform.  A little annoying but easy enough to manage.

When you run it, it brings up a plain dialog where you can drill into AD.  Once you choose the first two settings (Domain List & DC List) and click the green button you will be able to drill down until you are at the level you’d like to bulk change.  There is an option to seek out in recursive fashion too.  Select the bucket of interest and choose Add To List-> and this will load all the objects per the search you created into the right hand pane.  Select the ones you want (click, ctrl-click, & shift-click work).

Next you will click Next>>>.  This will bring up a more or less familiar AD dialog.  You’ll note the obvious difference that there are check boxes by which you select which items you intend to alter.  Once you check a box you can input data into that field to bulk change all the items selected in the previous step.

Works great and is making this process of cleaning and updating a lot easier.

Check it out and let me know what you think.

Share