Friday, October 27, 2006


My last post's grand gesture was neatly shot down by Jorge Castro (as it should have been, thank you Jorge).

It seems there is a newly created Launchpad team just for that at

Cool, and now I get a chance to learn how to use The Launchpad. I've had an account for a while now, I needed one to order CDs through shipit, and I've been wondering what other cool stuff it'd be useful for...

Ubuntu / Active Directory Integration Call to Arms!

The following was sent out in an open e-mail (open because I'm posting it here too, hoping anyone else might be interested):

Good day. I hope this finds you in the midst of a beautiful day!

I thought I'd start a discussion about Ubuntu/Active Directory Integration and copy several people who I think would be interested in this. If you are not interested, please excuse my rude intrusion and let me know.

I suggest we can have this discussion using "Reply All" to make a short-lived "mailing list" type entity. If anyone thinks this would be more appropriately discussed in a different fashion please let me know, I'm new to this whole Open Source community dynamic thing.

This e-mail is an open e-mail, and I am going to post this to my blog hoping other people would be interested in joining this discussion.

My name is Sim♀n Anibal Ruiz Rolfs, and I have called this Round Table together for purely selfish reasons. I need Active Directory Integration to be a simple part of Ubuntu, so I want you all to help me make that happen...well, that and it would help Ubuntu immensely as far as being a viable alternative as a workstation in previously homogenous Microsoft environments, which is a fair description of most big IT shops in the United States. Ubuntu has to play nice with the locals if it's going to even be considered.

I don't know if there is a project out there for addressing this as a whole already, or not. If not, it needs to be created and I'm willing to do whatever I can to make that happen.

I'm the Technology Assistant at Bloomington High School North, and I blog about my work on ( I'm also an active member of the Bloomington Linux User's Group ( and #bloomingtonlinux on freenode), Venezuela's Fraternity of Ubuntu Users ( and #ubuntu on irc-hispano) (oh, btw, I am Venezuelan by birth and a dual citizen of Venezuela and the United States), and Ubuntu's new "Ubuntu and Education" community ( and #ubuntu-education on freenode), among other things.

Steve Cole is my boss, so I copy him on this sort of stuff to fool him into thinking I work from time to time.

Nathan Lavender is the main Active Directory guru for our corporate IS department that serves our entire school corporation. I'm copying him in case he'd be interested in participating in this discussion, though I understand he's been tasked with no time to help out with any of this so if he does join the discussion it will be out of the kindness of his heart and on his own personal time. I apologize if you're not interested, Nathan, but I thought I'd give you a chance to participate if you want; I understand if you simply don't have time for this, but I think the perspective of a Microsoft System Administrator of your caliber would be invaluable to this discussion, and I figure you might be interested in having some sway in what decisions I make here at North since they'll probably affect you somehow.

Jorge Castro is the man I saw give a presentation on Active Directory integration and Ubuntu at the Ohio LinuxFest last month. He writes a blog at ( I know from talking to him that he's got quite a bit of clue about Kerberos and LDAP and also about some network management sysadmin tools that I think are pretty essential to Active Directory integration in large organizations: sabayon and lockdown. I warned him I would bug him to suck his brain on these topics and so far have not had the time to do so. As our deployment phase enters the home stretch, I've come back to fulfill my threat.

Clay Berlo had the misfortune of showing up on my radar by writing "I managed to get winbind authentication to work and can login members of an Active Directory setup with automatically created home directories (which works rather nicely, I might add)" on one of the edubuntu mailing lists which gives him cred in my book.

He went on to ask about pam_mount to mount Windows shares on login, and I'll mention that what I envision as my first attempt to address that (because we have Samba share lockers too) is to use mount.cifs to mount the entire Student Lockers share to /usr/lockers, and then make a symlink from ~/locker to the current user's actual locker. (Any thoughts on this strategy?) I believe most Active Directory deployments use Samba shared lockers in this manner, though I have no proof of this I'd be surprised if it didn't turn out to be true.

Robin Shepard had the misfortune of catching my attention by writing "I was wondering whether anyone has attempted to get Edubuntu to authenticate users with a windows domain as yet??" on an edubuntu mailing list which means two things to me: first that interest in this exists in places other than the U.S., and secondly that in the time since that post Robin may have made some progress to share with us. If not, then the perspective of someone who wants this without knowing too many technical details would certainly be welcomed and appreciated.

Richard Weideman had the misfortune of actually having me catch his attention. He is the Education Programs Manager over at Canonical, and the primary figure in our new "Ubuntu and Education" community. I've let him know how important this functionality will be to Ubuntu being acceptable in the education system here in the States so I figure he'll be interested in this. Rich, if you can think of anyone else either at Canonical or in the Ubuntu community at large who needs to be in on this I trust you to include them.


So, introductions aside, here's the first main question: Is this a good medium for this discussion? Some of you with better community engineering skills please advise on this.

Secondly: Is there a project out there for this already? If so, WHERE?!?!?! If not, can we start one?

Thirdly, and this is where Nathan comes in if he can: Is there anything beyond LDAP and Kerberos that you think would be good to set up on the Linux workstations from the Microsoft System Administrator's side of things in order to really integrate Ubuntu with Active Directory?


And again, please Reply All.



Wednesday, October 25, 2006

Ubuntu Presentation ONLINE!

Thanks to Tom Hoffman, who I'm actually just now finding out as I write this is the project manager for SchoolTool on top of writing a damned good blog (or two) that you (who are spending time reading my blog) might be interested in, the beginner-oriented Ubuntu presentation I did for the BLUG is now available online!.

Just point your browser on over to:

I'm excited that Tom took my request seriously and is helping me bring this presentation to a wider audience than I had success attracting in person.

Please check it out, I welcome comments!

Tuesday, October 24, 2006

Ubuntu Presentation Video Hosting Call

I have a .mov compressed version of my Ubuntu Presentation put together, annoying in that you can't really make out any detail on the screen the way you can on the DVD but then what can I expect?

Anyhow, our downtown IS people wouldn not be too happy if I put it up on my webspace and advertised it. SO, would anyone be interested enough in this to donate bandwidth by hosting a 69,669,268 byte video file for me? *bats eyelashes* Please?

I looked at YouTube and got all the way up to "Upload a New Video" when I found out that they limit videos to ten minutes. Not good enough.


Downtown did change a setting in the switches. They turned on IGMP filtering.

Apparently, this year when we've used Ghostcasting, it has created problems. I quote, "During the Ghost multicast, all ports on every switch I looked at ran a sustained 100% utilization."

They were told that IGMP filtering "would solve the problem by allowing multicast to intended targets and protect the rest of the network." Though the gentleman I'm quoting also mentioned that when he contact Hewlett Packard, "They asked explicitly about Ghost. Apparently, they've had quite a bit of trouble with it due to Norton's non-standard implementation of multicast."

They say: There are a couple of options. 1) configure the Ghost server / client relationship to run in unicast. I'm told Ghost Server has 3 options -- unicast, broadcast, and multicast. Or 2) I can remove IGMP filtering in the 600 wing "one-to-one" switches. Option 2 requires that server and clients run within these 5 switches. Anything more will require research, test, and implementation time and I'll need a clearance for that kind of investment.

Reverting to Unicasting doesn't seem a particularly appealing solution, and there are several reasons option 2 wouldn't work including the fact that a) not all the clients are on those switches and b) the server software only runs on Windows, and no Windows computers are located on those switches.

Until this is resolved, we've been effectively hobbled as far as rolling out the classrooms...

Incidentally, this situation is simply one more symptom of a greater problem of lack of communication that desperately needs to be addressed, and soon.

Thursday, October 19, 2006

Ghost Test Results

Ghost Unicast Tests

  • Unicast to new classroom, English pod: Success
  • Unicast to old classroom, English pod: Success
  • Unicast to computer in my office: Success

Ghost Multicast Tests

  • Multicast to new classroom, English pod: FAILURE
  • Multicast to old classroom, English pod: FAILURE
  • Multicast to computer in my office: Success


Although neither the server or the client circumstances have changed, Multicasting to the English pod is now not possible. A setting has been changed in some network hardware between the server computer and the English Pod client computers that does not affect Unicasting (the client computers can see the network and can see the server computer), but thwarts any attempt at Multicasting (the server computer starts sending out the multicast packets, but the clients never receive them).

Someone from our corporate IS department has been playing with our network hardware without talking to us about it, and they've done it since.

Wednesday, October 18, 2006


So, the last period of the day, yesterday, I spent connecting the aforementioned second-to-last classroom up to a GhostCast session (Symantec Ghost 8.0 is what we use to image the workstations) and was having very strange problems.

First of all, the NIC link lights were all flickering the way they should, network connectivity was there. However, every other time I tried to connect to the GhostCast server it said it couldn't find the session, and to check the server to make sure it was ready to accept clients. Grrrrrrr. Drop to the A:/> prompt, autoexec, and run it again and Bam!, it would work fine this time. (Sometimes I had to drop to the A:/> prompt several times to get it to work, but it would eventually work)

I have NEVER had problems connecting to the server before, so I was a bit wary. When I tried to run the session it claimed to be in progress, but no information was being sent. I left it overnight and this morning it has simply crapped out with an error (GhostCode 19922) that might mean the wrong NIC drivers (no), might mean that the client has 2 NICs (no), that the server has more than one IP address (no), or that the file has permissions issues (no).

It's my impression that this error code is one of those vague errors that could be just about anything. It's my impression that the problem is a network switch in there. I can run Ghost fine anywhere else. I found, this morning as I've been troubleshooting to figure out what the problem really is, that when I'm imaging a machine outside of the English pod, it goes at 400 MB/s or more!

I just self-censored a lot of not-very-constructive chatter that would have gone here.


Tuesday, October 17, 2006

Some news

  1. First of all, I'm working on getting the video of my Ubuntu presentation into a shareable format. After slapping iMovie around for a bit, I think I've convinced it to do what I want it to do, though it still thinks it's funny to crash on me randomly. More on that when I've made more progress.

  2. I've put some of my administrative documentation up online from the older Edubuntu 5.10 image. You might get a kick out of the very convulted imaging system I concocted last year.

  3. I'm hoping to get that second-to-last classroom imaged today. I was planning on doing it yesterday so they'd have use of them today, but our corporate IS department wanted me to shut all the Linux computers down at the end of school and leave them shut down until 8 this morning to rule out the Linux computers as the cause of some network errors.

  4. I've been approached by the new Education Programme Manager at Canonical, lead sponsor of Ubuntu, as a more of less direct result of starting to do this blog. Wow.

    Canonical is looking at restructuring the Edubuntu brand to make it make more sense, and part of this restructuring is creating an "Ubuntu in Education" community which I'm very excited about participating in.

    Another cool thing (well, I think it's cool, anyhow) to come out of this communication is that I've been asked to represent Canonical at the next CINLUG meeting, where Mike Huffman--the man responsible for the Indiana ACCESS program--will be speaking. Canonical is one of the sponsors of the meeting, has five minutes of talk time as a result, and they'd like for me to talk on their behalf.

That's all I can think of right now!

Friday, October 13, 2006

Four down, one to go!

We've gotten all but one classroom put together now, though in the last classroom we put together more than half of the computers couldn't see the network.

We've engaged the corporate IS department people in fixing that.


So, the teacher workstations were booting up to 640x400 resolution.

We had this problem last year, and we knew it's related to the teacher workstations being connected to a really long vga cable to the ceiling-mounted LCD projectors.

I figured out how to convince to stop trying to be so helpful (It was probing the cable, noticing the loss of signal from the really long cable, and choosing an appropriate resolution based on that information).

I give you a chunk of /etc/X11/xorg.conf:

Section "Monitor"
    Identifier    "DELL 1505FP"
    Option        "DPMS"
    HorizSynch    30-61
    VertRefresh   56-76

Notice the bolded entries, they keep from autodetecting those settings and thus fixes the issue we had...I'm sure you don't care, but I was enlightened. It only took me a little less than a year to figure it out.

Wednesday, October 11, 2006

The BLUG Ubuntu Meeting - Decompression

So my gimmick was that I walked my fiancee through the whole thing, I was supposed to never touch the keyboard and mouse, but I did once :-(, though I don't think my lapse of integrity really affected the overall impact of the presentation.

It was a successful meeting, indeed, and my presentation went off without a hitch. 8 people showed up, and three were family of mine, but I think I succesfully convinced most of the people there that Ubuntu is good.

There was one person who showed up who I'd never met before that kept me on track by asking lots of appropriate questions. It would have been great to have more questions, though, cause I missed a few things.

I missed some of the things on my outline--which sucks--and I can't believe I lost my composure (and resolve not to grab the keyboard or mouse) over the brightness and contrast levels in MPlayer. That said, it was a resounding success even considering how few people actually benefitted from it. I'll be an optimist and say that it contributed to the intimacy of the room.

I did tape it, though, and now I have to wonder what the best way of sharing this over the internet is, so that maybe it can benefit more people out there.

Would there be an audience for something like this?

Tuesday, October 10, 2006


We have three classrooms set up and plugged in (I've only got to go through and rename 5 computers). I'm pretty excited to see how the teachers will use these tools at the students' fingertips. We've got the whole gamut of teachers, from those who I know will barely use them and only so the students can type assignments to those who I anticipate will come up with creative and useful ways to push the envelope.

When we get all 5 labs up and running with this sort of "mostly useful" image, I'll be able to work on hacking together a comprehensive network management system, and having our workstations interoperate with the Microsoft network more seamlessly.

Some tools I'm thinking I'll have to figure out are Samba, LDAP, Kerberos, SystemImager, Sabayon, and Lockdown, and of course I'll need to learn more about GNOME (I've already warned Jorge Castro I'm going to bug him about this if/when I get the time to breathe).

I'm also pretty excited (and sometimes nervous, I'll be honest) about the Ubuntu presentation I'm giving for my LUG. I may be able to post video of that in case anyone is interested, I'm going to tape it.

Sunday, October 08, 2006

The BLUG Ubuntu Meeting

So, on Tuesday at 7:00 at the Monroe County Public Library, I'll be giving an Ubuntu presentation for the Bloomington Linux Users Group.

I've also tried to do a little advertising to get people who would normally never consider showing up to a BLUG meeting to show up.

So far my plans are as follows:

First of all, I'm going to limit my interaction with the computer to explaining to my fiancee--who has no previous Linux experience--how to do stuff. I will not at any time physically touch the keyboard or mouse (except during set up and tear down).

First we'll boot the computer to the default PC operating system and show the cool stuff the Ubuntu CD has that can be installed on said default operating system, for those who'd rather take baby steps. I'll also point out the "YOUR COMPUTER MAY BE AT RISK!" red alert balloon that must be appeased on that operating system, lest horrible things befall ye.

Then I'll have her reset the computer to phase two: The Live CD. (Should I make it so she has to go into the BIOS to change the boot order???)

I'll simply point out here the import things about Live CDs: that we're running the actual Operating System off the disc, and that we can play around with this all we want without making a single change to the hard disc.

I'll probably show off the Ubuntu video with Nelson Mandela that's in the Examples, as well as the excerpt of "The Official Ubuntu Book" (of which, of course, I'll have a copy on hand), maybe note that out of the box, Ubuntu doesn't support proprietary media formats. (I can't decide whether to do this before or after the actual installation.)

Then I'll run her through the installation proceedure, and demonstrate how to install it side-by-side with the existing operating system.

During the long waiting periods I'll do some question and answer stuff, assuming people have questions. Maybe I'll just have to find something to talk about if they don't.

Then we'll reboot to the new Ubuntu partition and talk about the interface, and included programs. Maybe have some Office files to open in Maybe how to set up Evolution (I'd personall download Thunderbird, but I figure since it's what comes with Ubuntu, it should be what I demonstrate).

What else do you think people will want to see on the default ?

I'll demonstrate how to install programs, both with and without Synaptic.

I'll show Automatix here, and then play a few proprietary format media files to demonstrate that it works (should probably demonstrate before-hand that they don't).

I'm also going to demonstrate how it reacts to plugging in an iPod, and a digital camera.

I may be able to demonstrate the installation and use of compiz or beryl. Oooh, glittery eye candy.

Here I'm way open to suggestions about: If you had never seen Linux in action, what would you want to see? Let me know!

I'll also be open to suggestions as late as during the presentation, but :) the more prepared I am the better, I'd think.

The whole "show" is going to be more-or-less improv though, anyhow, since there's no way I can rehearse with Sarah how to do everything before-hand and have the "no previous Linux experience" gimmick be real.

I'm thinking about taping the whole thing, as well.

Thursday, October 05, 2006

Ubuntu Presentation Next Tueday

I forgot to mention no more viruses, adware, or spyware. I'll incorporate that before I get permission to send this out to our parents/community mailing list. This is what I sent out on our faculty-staff mailing list here at Bloomington High School North:

Ubuntu: Linux for Human Beings - Invitation

Perhaps you've heard of Ubuntu.

From South Africa to 9 classrooms at Bloomington North, the Ubuntu community has been bringing the world of Free Software to normal, everyday people everywhere.

Bloomington North's own Technology Assistant, Simón A. Ruiz, will be hosting a demonstration and question & answer session this coming Tuesday, October 10th at 7:00 pm in room 1B at the Monroe County Public Library about Ubuntu.

The demonstration part of the evening will feature a very special guest with absolutely no previous Linux experience being walked through the installation process.

Please come by and take a peek at the future of computing.

If you're interested in coming, please contact Simón at so he can have some CDs available for you to take home with you, absolutely free of charge.

So, what is Ubuntu? Read on...

Ubuntu: Linux for Human Being

Ubuntu is a complete Linux-based operating system, freely available with both community and professional support. It is developed by a large community and we invite you to participate too!

The Ubuntu community is built on the ideas enshrined in the Ubuntu Philosophy: that software should be available free of charge, that software tools should be usable by people in their local language and despite any disabilities, and that people should have the freedom to customise and alter their software in whatever way they see fit.

These freedoms make Ubuntu fundamentally different from traditional proprietary software: not only are the tools you need available free of charge, you have the right to modify your software until it works the way you want it to.

Ubuntu includes more than 16,000 pieces of software, but the core desktop installation fits on a single CD. Ubuntu covers every standard desktop application from word processing and spreadsheet applications to web server software and programming tools.

Swamped here at work

We're putting the five new classrooms together now, physically, and it's taking up most of our time.

Yesterday we finished the first classroom that's been put together and imaged with Ubuntu 6.10, Mark Helmsing. I'm excited to see what Mark does with it, as he's the one teacher that really integrates technology tools into his class already, without having a 1:1 computing environment.

He was the first major user when I set up a small Moodle box, and he basically single-handedly drove its turning into the beefy rack-mounted system our Corporate IS department cares for downtown, which is now available from outside our corporation firewall. He's still the main user of it today.

When I'm not putting computers together, I'm running around fixing things and doing tech support. So I'll be posting more interesting stuff when I get a chance to sit down and actually have some time to work on the design of our workstations.

In the meantime, Jorge Castro mentioned my blog (WooHoo!), and some Ohio LinuxFest people who found me through him decided that I should do a presentation on what I've been doing here next year.


I even got the following e-mail from Jon "maddog" Hall, encouraging me to just go for it:


> I just don't know, off the top of my head, what I could talk about that
> would be worthwhile.

I hear this over and over again, from people who have done fantastic things.

I heard it from the guy in St. Petersburg, Russia who was using Linux to run his
Steam Turbine Testing lab.  I encouraged him to write an article, and it made it to
the front page of the Linux Journal.

For some reason people seem to think that no one would care to listen to what they
did....too bad, since case studies (people talking about what they did) are the
number one selling tool in computer science.

I agree with Greg....go for it.


I'm going to.

Also, in Jorge's post, he seems to allude that maybe I should not move away from Edubuntu just because it doesn't provide us--in our particular current situation--anything except a few cool educational games. (Forgive me if I read something into nothing.)

In our particular current situation, the boxes are in English classrooms, and they're used mostly for web browsing (Like our Moodle) and word processing/presentations, anything extra on the desktop is just a game as far as the teachers are concerned.

What do you think?

I'm still subscribed to the edubuntu-devel list, and *almost* all the activity surrounds LTSP deployment, which is why I didn't figure it made much difference if we used Ubuntu or Edubuntu, I can always switch to Edubuntu at some future date if our situation changes so that Edubuntu can offer us something special, and we can actively contribute to that community.

Should I just keep the school on Edubuntu, simply because we're using Ubuntu in an educational setting, on the off chance that someday the program will spill over into non-English areas of the school?

Make yourself heard in the comments!

Tuesday, October 03, 2006

The man is an idiot...

So I asked people to post comments, but had comments enabled for "team members only".


Thanks for letting me know!

Monday, October 02, 2006

Ohio LinuxFest Rocked

I went to Ohio LinuxFest over the weekend and it was great! (Please leave a comment if you went, so I know you're out there.)

I'd write more, but I'm in rush mode trying to get a working Ghost image to use in setting up our 5 new classrooms.

I would have preferred to be able to take the time to understand what I'm doing enough to make an elegant solution off the bat, but we need something and we need it fast.

I hope to get this done soon, so I can work on the real next image.

Take care!