Next time, just mail the money. Saves on gas and lodging.

Well, I got a free meal and 1k check for being. Since this is a sign convention, the motel, and gas are a write off for my dad.... So its a cheap weekend for me.

Morning/Afternoon Gents.

Evening.

Night.

Whats up Dave?

What is it night or evening?

Not much, Doc. It's 22h49. :)

Its 3:53PM here.
Taking it easy after a few days of work.
The old body is not what it was.

Yep, Kerberos.
Background. A user ran a sniffer on the private network that made an excel of everyone's login and password. The powers that be decided to fix this we need to go to 90 day password change/rotation. NO systems have be set up to authenticate to AD.

I am in charge of the Macs/Mac Servers, Exchange, and Fortinet Firewall. Was pretty simple, just bind them to AD and re-create some security groups in AD and assign the groups server rights on the servers.

This all worked great until the AS400/security consultants were brought in to bind the users on our AS400 to AD. They had a horrible time and finally gave up. After they left not only did the AS400 not authenticate users using AD, but something they did killed the PC SMB/Samba access to my mac servers, and the AD lookup of the Firewall for VPN users and Wireless access. In fact, several MS servers started having authentication problems. And still are.

Interesting is all the Mac services except SMB access authenticated to AD fine.

I don't know what the AS400 guys changed or where, but I found that each computer/device has security settings for each AD group when bound to AD. One of those settings is "Allow Authentication." Turned that on for in the settings for each of the devices I am responsible for. Now they all authenticate without any problems. My devices haven't had any problems since, but the other pc servers/services are having random outages where users cannot login then suddenly can again. My guess is that Samba and the Fortinet are respecting the "computers" security settings.

Don't know if I should tell them what they are overlooking (they treat me like I am and idiot because I am a Mac guy), anonymously fix the security settings so their servers and services stop having authentication problems (just to make them wonder), or let them figure it out for themselves and just say hey the stuff I'm responsible works fine.

I think the sniffer problem won't be helped by forcing pw changes as long as they aren't forcing encrypted secure login and lock down directory lookups, but hey...I'm just that stupid mac guy.

Nite Gents.

Stijn!!
 

Good morning guys.

Richard, was that English?

Ugh, too many beers, had a WTF moment when I opened my eyes. I got dressed quietly and left. The hangover is punishment, I guess....
Not doing that again...

hey guys.

isn't it funny that i start a thread describing a timing belt tensioner snafu and everyone wants to tell me how to tension my belt and how i am doing it wrong? cracks me up. it is so common, which is why i don't offer help or post there much anymore.

more details, please!

Stijn!!
 

Good afternoon guys.

Haircut: done
El Camino club breakfast: done. We had one of each 57, 62 and a 71 Elky and some 80s show up.

The PCA car show was good. I think my car was the oldest car there.

http://tapatalk.com/mu/440c8a74-c1c8-a89b.jpg

http://tapatalk.com/mu/440c8a74-c1e2-aad7.jpg

I don't see any hooters.

Looks like a good turnout glen. Spent all day getting free stuff from our suppliers, now we are watching them set up for the pool party. We have a nice view of the pool out our window.

i haven't purchased vodka in about 10 years. the other night, i got the itch, so i went and got some. i had forgotten how 'heady' the stuff is. anyway, i've been judicious with it and i must say i like the stuff i bought:

Monopolowa - Wikipedia, the free encyclopedia

http://forums.pelicanparts.com/uploa...1313281061.jpg

Morning/Afternoon Gents.