Desktop Build outs

Work


Installed AD from lemmermann.tech #3 sudo apt-get install xrdp To get it to auth: /etc/sssd /etc/pam.d/xrdp-sesman #%PAM-1.0 @include common-auth @include common-account @include common-session @include common-password /etc/pam.d/common-session session optional pam_mkhomedir.so skel=/etc/skel umask=077 /etc/sssd/sssd.conf under snet.crouse.org ad_gpo_access_control = permissive apt-get install libnss3-tools Installing the certificate for FireFox (what a flippin waste of time) To install the certificate you have to ensure that certutil is installed on your system. In case it is missing you can install it with: sudo apt install libnss3-tools Now you are ready to add the certificate: certutil -A -n "<CERT_NICKNAME>" -t "TC,," -i <PATH_FILE_CRT> -d sql:<FIREFOX_PROFILE_PATH> certutil -A -n "Crouse Health System" -t "TC,," -i './Downloads/www-google-com-chain(1).pem' -d sql:/home/richlemmermann/.mozilla/firefox/ih8rm2ud.default-esr certutil -A -n "PaloAltoIssuing" -t "TC,," -i './Downloads/www-google-com-chain.pem' -d sql:/home/richlemmermann/.mozilla/firefox/ih8rm2ud.default-esr certutil -A -n "Crouse Hospital Issuing" -t "TC,," -i './Downloads/ak-secure01-microsoft-com-chain.pem' -d sql:/home/richlemmermann/.mozilla/firefox/ih8rm2ud.default-esr On debian Buster the evolution-ews package is only available on buster-backports. Add buster-backports to your /etc/apt/sources.list deb http://ftp.de.debian.org/debian buster-backports main then install evolution-ews : sudo apt update sudo apt install -t buster-backports evolution-ews https://oit.utdallas.edu/helpdesk/kb/?id=946348a8ba16de1d0a42904323b00426a335099c42 /etc/xrdp/sesman.ini (so you can login) #TerminalServerUsers=tsusers #TerminalServerAdmins=tsadmins KillDisconnected=true /etc/xrdp/xrdp.ini Apparently, i did not do anything here https://appimage.github.io/admin-tools/ https://github.com/AppImage/AppImageKit docker - https://docs.docker.com/engine/install/debian/ sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common curl -fsSLk https://download.docker.com/linux/debian/gpg | sudo apt-key add - sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/debian \ $(lsb_release -cs) \ stable" sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io snap sudo apt-get install snap sudo apt-get install snapd sudo snap install core DFS sudo apt-get install keyutils /etc/request-key.conf: create cifs.spnego * * /usr/sbin/cifs.upcall -c %k create dns_resolver * * /usr/sbin/cifs.upcall %k sudo apt install cifs-utils mkdir dfs-drive sudo mount -t cifs //snet.crouse.org/data dfs-drive -o username=richlemmermann R Drive sudo mount -t cifs //crh16vdata1/CHHome/RichLemmermann r_drive -o username=richlemmermann sudo apt-get install pidgin stole .purple from %appdata%\.purple Downloaded and installed Google Chrome since FF sucks MS Teams https://www.microsoft.com/en-us/microsoft-teams/download-app#desktopAppDownloadregion sudo dpkg -i teams_1.3.00.30857_amd64.deb Turn off power saving sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target https://www.gnome-look.org/p/1084939/ https://docs.microsoft.com/en-us/sql/linux/sql-server-linux-setup-tools?view=sql-server-ver15#ubuntu curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list sudo apt-get update sudo apt-get install mssql-tools unixodbc-dev PlayOnLinux https://linuxhint.com/install_playonlinux_debian_10/ sudo dpkg --add-architecture i386 sudo apt-add-repository contrib sudo apt-add-repository contrib sudo apt install wine wine64 wine32 winbind winetricks sudo apt-get install playonlinux WineHQ wget -nc https://dl.winehq.org/wine-builds/winehq.key sudo apt-key add winehq.key sudo add-apt-repository 'deb https://dl.winehq.org/wine-builds/debian/ buster main' sudo apt-get update sudo apt install --install-recommends winehq-stable sudo mount -t cifs //crh16vdata1/chhome/richlemmermann r_drive -o rw -o username=richlemmermann,uid=254023926,gid=254000513 sudo mount -t cifs //snet.crouse.org/data dfs-drive -o rw -o username=richlemmermann,uid=254023926,gid=254000513 sudo mount -t cifs //vs12fs1/PreHPF/HIM ./VS12FS1 -o username=richlemmermann,uid=254023926,gid=254000513 sudo mount -t cifs //vs12app01/Inetpub/MedRex ./medrex_inetpub -o username=richlemmermann,uid=254023926,gid=254000513,rw Pidgin sudo apt-get install gir1.2-telepathyglib-0.12 gir1.2-telepathylogger-0.2 https://extensions.gnome.org/extension/782/pidgin-im-integration/ sudo apt-get install net-tools dnsutils flameshot screen shot program sudo apt install flameshot On Ubuntu and other Gnome based distros¶ You can easily configure your 'print' keyboard shortcut to be assigned to Flameshot. Below an example to open Flameshot in GUI mode: Open Settings → Devices → Keyboard → Shortcuts. Search for 'print', and unbind the screen capture function by selecting it, and clicking backspace. Scroll down and click on the '+'. On 'Name', name it 'Flameshot' or 'PrintScreen'. Define the command as 'flameshot gui'. Select 'Define shortcut...'and click your keyboard Prt Sc key. Sophos Install xrdp sound did not work -> sudo apt install xrdp-pulseaudio-installer SQL Tools sudo curl -k https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - sudo curl -k https://packages.microsoft.com/config/ubuntu/16.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list sudo apt-get update sudo apt-get install mssql-tools unixodbc-dev echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc source ~/.bashrc If you are having issues with the client on Debian 10 with OpenSSL1.1.1 the fix is to revert to the previously default weaker key length. To do so: Modify /etc/ssl/openssl.cnf config file as follows (fyi see known issues with OpenSSL 1.1.1 in Debian 10 below): Change the last line from CipherString = DEFAULT@SECLEVEL=2 to CipherString = DEFAULT@SECLEVEL=1 sudo apt-get install poppler-utils sudo apt-get install build-essential wget --no-check-certificate https://www.imagemagick.org/download/ImageMagick.tar.gz tar xvzf ImageMagick.tar.gz cd ImageMagick-7.0.11-3 sudo apt-get install -y libtiff-dev ./configure --disable-shared make sudo make install sudo ldconfig /usr/local/lib magick --version sudo apt-get install libtiff-tools richlemmermann@IT-LEMMERMANNL:~$ cat ./ParseMedRex.sh #! /bin/bash #sudo mount -t cifs //vs12fs1/PreHPF/HIM ./VS12FS1 -o username=richlemmermann,uid=254023926,gid=254000513 /opt/mssql-tools/bin/sqlcmd -S 10.32.12.189,1433 -d PreHpf_HIM -Q "SELECT REPLACE(PatientName,',',' '), D.MRN ,'./VS12FS1/'+REPLACE(P.FilePath,'\','/'), CONVERT(date, D.Date,101) AS cDate FROM view_Documents D INNER JOIN view_Pages P ON D.DocumentID = P.DocumentID WHERE (D.MRN = '$1')ORDER BY cDate, D.AdmitNum, P.FilePath, P.PageNumber" -U cnn_Medrex -P "fX7k&K9lTB^C" -s, > medrex.csv #rm medrex_no_spaces.csv #while IFS="," read -r rec_mrn rec_path rec_date #do # echo "$rec_mrn,$rec_path,$rec_date"|xargs >> medrex_no_spaces.csv #done < <(tail -n +2 medrex.csv) while IFS="," read -r rec_name rec_mrn rec_path rec_date do rec_date="$(echo -e "${rec_date}" | tr -d '[:space:]')" rec_mrn="$(echo -e "${rec_mrn}" | tr -d '[:space:]')" rec_path="$(echo -e "${rec_path}" | tr -d '[:space:]')" rec_name="$(echo -e "${rec_name}" | tr -d '[:space:]')" # echo "./medrex/$rec_mrn/$rec_date" sudo mkdir "/media/medrex/$rec_mrn" sudo mkdir "/media/medrex/$rec_mrn/$rec_name $rec_mrn $rec_date" # sudo cp $rec_path "/media/medrex/$rec_mrn/$rec_date" sudo magick $rec_path "/media/medrex/$rec_mrn/$rec_name $rec_mrn $rec_date/$(basename "${rec_path///\*}").pdf" done < <(tail -n +2 medrex.csv) sudo /home/richlemmermann/pdfs.sh $1 .bashrc if [ -z "$STY" ]; then screen -R; fi Audio in xrdp https://c-nergy.be/blog/?p=13655 # Step 1 - Install Some PreReqs sudo apt-get install git libpulse-dev autoconf m4 intltool build-essential dpkg-dev -y sudo apt build-dep pulseaudio -y # Download pulseaudio source in /tmp directory - Do not forget to enable source repositories cd /tmp sudo apt source pulseaudio # Compile pulsever=$(pulseaudio --version | awk '{print $2}') cd /tmp/pulseaudio-$pulsever sudo ./configure # Create xrdp sound modules sudo git clone https://github.com/neutrinolabs/pulseaudio-module-xrdp.git cd pulseaudio-module-xrdp sudo ./bootstrap sudo ./configure PULSE_DIR="/tmp/pulseaudio-$pulsever" sudo make #copy files to correct location (as defined in /etc/xrdp/pulse/default.pa) cd /tmp/pulseaudio-$pulsever/pulseaudio-module-xrdp/src/.libs sudo install -t "/var/lib/xrdp-pulseaudio-installer" -D -m 644 *.so sudo apt-get install pdftk useful command = lowriter --convert-to pdf ./r_drive/MFA\ Office\ 365\ and\ AD\ Manager.odt

Mount Windows shares in Linux

sudo mount -t cifs //crh16vdata1/chhome/richlemmermann r_drive -o rw -o username=richlemmermann,uid=254023926,gid=254000513

sudo mount -t cifs //snet.crouse.org/data dfs-drive  -o rw -o username=richlemmermann,uid=254023926,gid=254000513
sudo mount -t cifs //vs12fs1/PreHPF/HIM ./VS12FS1 -o username=richlemmermann,uid=254023926,gid=254000513
sudo mount -t cifs //vs12app01/Inetpub/MedRex ./medrex_inetpub -o username=richlemmermann,uid=254023926,gid=254000513,rw
sudo mount -t cifs //cswis001/IL ./cswis001 -o username=richlemmermann,uid=254023926,gid=254000513,rw
sudo mount -t cifs //it-lemmermann/temp ./temp -o username=richlemmermann,uid=254023926,gid=254000513,rw

 

Home


Initially, i did not have the network plugged in. It suggested i do it manually. But, i wanted to be sure that it worked first before i ran a cable across my room Configured NIC for DHCP (for now) Got NIC from: ls /sys/class/net/ was enp0s25 Updated APT sources. Found a site that did it for me https://debgen.simplylinux.ch/ #------------------------------------------------------------------------------# # OFFICIAL DEBIAN REPOS #------------------------------------------------------------------------------# ###### Debian Main Repos deb http://deb.debian.org/debian/ stable main contrib non-free deb-src http://deb.debian.org/debian/ stable main contrib non-free deb http://deb.debian.org/debian/ stable-updates main contrib non-free deb-src http://deb.debian.org/debian/ stable-updates main contrib non-free deb http://deb.debian.org/debian-security stable/updates main deb-src http://deb.debian.org/debian-security stable/updates main deb http://ftp.debian.org/debian buster-backports main deb-src http://ftp.debian.org/debian buster-backports main As root: apt-get updates apt-get install sudo screen mc SCP .dircolors from RPi Note: To reboot until sudo is installed: systemctl reboot sudo apt-get install curl Install youtube-dl tool # https://ytdl-org.github.io/youtube-dl/download.html sudo curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/local/bin/youtube-dl sudo chmod a+rx /usr/local/bin/youtube-dl .screenrc vbell off # Enable mouse scrolling and scroll bar history scrolling termcapinfo xterm* ti@:te@ scrollback 10000 Edited to customize the command prompt to use color and server name Edited too to start screen on login .bashrc force_color_prompt=yes PS1='\[\e]0;\u@\h: \w\a\]\[\033[00m\](plex )\[\033[01;32m\]\w\[\033[36m\] ' (end of the file) if [ -z "$STY" ]; then screen -R; fi mkdir /media cd /media sudo mkdir cohBackups sudo mkdir D sudo mkdir dale_downloads sudo mkdir dale_pictures sudo mkdir Docs sudo mkdir downloads sudo mkdir downloads_new sudo mkdir J sudo mkdir medianew sudo mkdir Music sudo mkdir Pics sudo mkdir windowsshare sudo mkdir /media/medianew/downloads sudo mkdir /media/medianew/documents sudo mkdir /media/medianew/pictures sudo mkdir /media/medianew/extradrive sudo mkdir /Media sudo mkdir /MediaNew sudo apt install cifs-utils sudo apt-get install nfs-common sudo apt-get install exfat-fuse exfat-utils (to find the UUID, and File System Type) = sudo blkid /etc/fstab UUID=9A38-B89E /Media exfat defaults,nofail,auto,umask=000,users,rw 0 0 UUID=1E95-E7EE /MediaNew exfat defaults,nofail,auto,umask=000,users,rw 0 0 #//192.168.1.3/Downloads$ /media/downloads cifs username=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.3/D /media/D cifs username=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.3/k /media/J cifs user=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.3/Pictures /media/Pics cifs user=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.3/Docs /media/Docs cifs user=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.17/Backups /media/cohBackups cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.74/Pictures /media/dale_pictures cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.74/Downloads /media/dale_downloads cifs user=share,password=ThePasswordHere,defaults 0 0 #//192.168.1.3/Music /media/Music cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.44/Downloads /media/medianew/downloads cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.44/Documents /media/medianew/documents cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.44/ExtraDrive /media/medianew/extradrive cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.44/Pictures /media/medianew/pictures cifs user=share,password=ThePasswordHere,defaults 0 0 //192.168.1.44/backups /media/windowsshare cifs user=share,password=ThePasswordHere,defaults 0 0 sudo apt-get install samba /etc/samba/smb.conf [share] Comment = Pi shared folder Path = /share Browseable = yes Writeable = Yes only guest = no create mask = 0777 directory mask = 0777 Public = yes Guest ok = yes [media_movies] Comment = Pi shared folder Path = /Media/Movies Browseable = yes Writeable = Yes only guest = no create mask = 0777 directory mask = 0777 Public = yes Guest ok = yes [media_TVshows] Comment = Pi shared folder Path = /Media/TV Shows Browseable = yes Writeable = Yes only guest = no create mask = 0777 directory mask = 0777 Public = yes Guest ok = yes ;[downloads] ;Comment = downloads shared folder ;path = /Media/downloads ;browseable = yes ;writeable = yes ;only guest = no ;create mask = 777 ;directory mask = 777 ;Public = yes ;Guest ok = yes ;[downloads_dale] ;Comment = downloads shared folder ;path = /Media/downloads_dale ;browseable = yes ;writeable = yes ;only guest = no ;create mask = 777 ;directory mask = 777 ;Public = yes Guest ok = yes ;[timemachine] ;Comment = downloads shared folder ;path = /Media/timemachine ;browseable = yes ;writeable = yes ;only guest = no ;create mask = 777 ;directory mask = 777 ;Public = yes ;Guest ok = yes PLEX curl https://downloads.plex.tv/plex-keys/PlexSign.key | sudo apt-key add - echo deb https://downloads.plex.tv/repo/deb public main | sudo tee /etc/apt/sources.list.d/plexmediaserver.list sudo apt install apt-transport-https sudo apt update sudo apt install plexmediaserver BAD sudo gzip -krv plexmediaserver.zip /var/lib/plexmediaserver/ (sudo apt-get upgrade) Find out your nic: ls /sys/class/net/ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo auto enp0s25 auto enp0s25:1 iface lo inet loopback #iface enp0s25 inet dhcp iface enp0s25 inet static address 192.168.1.98/24 gateway 192.168.1.1 iface enp0s25:1 inet static address 192.168.1.10/24 mysql (RPi crashed) wget http://repo.mysql.com/mysql-apt-config_0.8.13-1_all.deb sudo apt install ./mysql-apt-config_0.8.13-1_all.deb sudo apt update sudo apt install mysql-server gunzip /media/windowsshare/mysql/20210109.moolatoo.sql.gz ~/20210109.moolatoo.sql mysql -u root -p < /media/windowsshare/mysql/20210109.moolatoo.sql mysql -u root -p CREATE USER 'moolatoo'@'%' IDENTIFIED BY 'Wb7QsFG3WYXbYDjK'; GRANT ALL PRIVILEGES ON moolatoo.* TO 'moolatoo'@'%'; FLUSH PRIVILEGES; SHOW VARIABLES LIKE '%ssl%'; (shows Enabled) /etc/mysql/my.cnf [mysqld] skip_ssl # disable_ssl bind-address=192.168.1.10 #See if i can remove huge delay when mysql sits for a while skip-name-resolve #skip-host-resolve service mysql restart # Stupid insert error What it is...need to cleaer: ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION SELECT @@GLOBAL.sql_mode; SELECT @@SESSION.sql_mode; SET @@session.sql_mode= ''; SET @@global.sql_mode= ''; Copy backup_mysql.sh to ~/ sudo crontab -e 0 22 * * * /home/rlemmerm/backup_mysql.sh sudo apt-get install rsync VirtualBox install without GUI deb https://download.virtualbox.org/virtualbox/debian buster contrib wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add - sudo apt-get update sudo apt-get install virtualbox-6.0 wget https://download.virtualbox.org/virtualbox/6.1.16/Oracle_VM_VirtualBox_Extension_Pack-6.1.16.vbox-extpack BAD = sudo apt-get install virtualbox-guest-additions-iso sudo apt-get install virtualbox-6.0 Example: sudo vboxmanage import '/media/medianew/extradrive/Debian 10.2.ova' --vsys 0 --vmname testvm sudo vboxmanage list vms sudo vboxmanage list vms --long | grep -e "Name:" -e "State:" vboxmanage extpack install Oracle_VM_VirtualBox_Extension_Pack-6.1.16.vbox-extpack vboxmanage -version =6.0.24r139119 VBoxManage startvm testvm --type headless -failed due to USB shit sudo VBoxManage unregistervm testvm --delete sudo apt-get install virtualbox-6.1 sudo vboxmanage extpack install --replace ./Oracle_VM_VirtualBox_Extension_Pack-6.1.16.vbox-extpack sudo VBoxManage import /media/medianew/extradrive/VirtualBox/Debian-FunBox.ova --vsys 0 --vmname debianfunbox sudo VBoxManage modifyvm debianfunbox --nic1 bridged Had to manually update in: /root/VirtualBox VMs/New group/debianfunbox/debianfunbox.vbox Change to <CPU> <PAE enabled="false"/> <NestedHWVirt enabled="true"/> <LongMode enabled="true"/> <HardwareVirtExLargePages enabled="true"/> </CPU> sudo vboxmanage controlvm debianfunbox acpipowerbutton Enable RDP sudo VBoxManage modifyvm debianfunbox --vrde on VBoxManage startvm debianfunbox --type headless #sudo VBoxManage natnetwork add --netname natnet1 --network "192.168.1.0/24" --enable #sudo VBoxManage modifyvm debianfunbox --nic1 natnetwork sudo vboxmanage modifyvm debianfunbox --nic1 bridged --bridgeadapter1 enp0s25 sudo VBoxManage guestproperty get debianfunbox "/VirtualBox/GuestInfo/Net/0/V4/IP" Turn off ACPI without hopefully unaffecting hyper threading https://serverfault.com/questions/321499/how-to-disable-all-power-management-in-ubuntu-for-a-server-netbook sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target Back on: sudo systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target List all listening ports on interfaces sudo lsof -nP -iTCP -sTCP:LISTEN sudo apt-get install vsftpd Setting HDD power management (plex )~ sudo hdparm -B 127 -S 241 /dev/sda /dev/sda: setting Advanced Power Management level to 0x7f (127) setting standby to 241 (30 minutes) APM_level = 127 Formatted another USB external drive for Plex Music sudo umount /dev/sdd & sudo mkfs.exfat /dev/sdd sudo mkdir /MediaMusic sudo mkdir /MediaMusic/Music sudo mount /dev/sdd /MediaMusic/ Update Samba [media_Music] Comment = Pi shared folder Path = /MediaMusic Browseable = yes Writeable = Yes only guest = no create mask = 0777 directory mask = 0777 Public = yes Guest ok = yes Set up SFTP sudo groupadd sftp_users sudo addgroup flics sftp_users sudo nano /etc/ssh/sshd_config Match Group sftp_users ForceCommand internal-sftp #ChrootDirectory /data/%u sudo systemctl restart sshd (open up firewall port 22 on FIOS router) Haven't done yet: https://linuxconfig.org/installation-and-getting-started-guide-with-amazon-glacier-storage-on-the-linux-system ? glacier-cmd Notes for broken GNOME sudo apt-get purge gnome-session sudo apt-get autoremove sudo apt-get autoclean sudo apt-get install gnome-session sudo systemctl start gdm.service sudo reboot sudo grep "Failed password" /var/log/auth.log | grep -v COMMAND | awk '{print $11}' | sort | uniq -c lock out after 5 attempts for 5 mins sudo nano /etc/pam.d/common-auth (toward top) auth required pam_tally2.so deny=6 unlock_time=300 sudo nano /etc/pam.d/common-account #https://stackoverflow.com/questions/29491249/pam-tally2-not-resetting-failures-on-success #reset account after success account required pam_tally2.so sudo systemctl restart sshd ** RESET TALLY pam_tally2 -r -u username Tarball for Plex Metadata tar -cvzf $OUTPUT/`date +%Y%m%d`.PlexeMetaData.tar.gz /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server/* Remove all files, recursively, in a folder with a given extension find /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server/ -name "*.gz" -type f -delete take off -delete if you want a WhatIf Disable service from starting for all rc.d/* sudo update-rc.d -f vsftpd remove sudo apt install ntfs-3g sudo apt-get install bind9-utils sudo apt-get install dnsutils curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash sudo apt-get install speedtest /msg NickServ REGISTER Password_here rich@lemmermann.us /NETWORK ADD -autosendcmd "/^msg NickServ IDENTIFY password;wait 2000" libera