Random Thoughts

Tech, words and musings from an Englishman in Seattle

Extreme Makeover: Kirkland Edition

The Extreme Makeover: Home Edition folks are in town, just a short distance from home, so this evening Julian and I headed over to take a look.

The actual house is on a pretty narrow road in the Highlands Neighbourhood - there are vehicles and makeshift offices and work areas all over the driveways and lawns of the neighbours…

Mind you, it all appears very organized. There are shuttle buses for spectators running every 15 minutes from a park very close to our house.

They really appear to be progressing well - the house looks like a pretty cool design, but I'm not sure that the work environment was all that safe. There must have been around twenty or so people up on the roof wielding nail guns and all sorts of projectile firing tools.

I took a few pictures (I'll update this post with them later), meanwhile here's a crowded shot from the Seattle PI, taking at approximately the same time later Julian and I were there:

This evening, the boy and I watched the season opener and he really seemed to like it.

A welcome change from the usual evening faire of Mr. SpongeBob and his square pants.

Two Trips To Seattle In One Day

It's unusual if I head to Seattle twice in a month, but twice in one day? Entirely uncharacteristic.

Saturday started off normally for the Lacey family with a trip to Arena Sports in Redmond for Soccer practice. Julian runs around playing soccer and complaining that he can't score a goal (on his own, he's got pretty good skills), whereas Jazzy really gets into the two year old class.

As soon as that was over it was a quick trip home for a snarnie and juice and Julian and I headed over to Seattle for the 2007 Bolla Grape Stomp at the Festa Italiana at the Seattle Center.

You see, my pal Andy had signed myself, himself and herself up to compete. Team name? Grape Balls of Fire.

We were in the first heat and won! Astounding. The incumbents were in our heat and we beat 'em!

After hosing ourselves down - it's a messy business, Julian and I took the winnings and headed over to the Children's Museum for an hour or so.

Fast forward a few hours and I found myself heading back over to Seattle, this time solo, for a gig I'd been looking forward to for a while.

The Arctic Monkeys. Not a bad performance - great lightshow, but the acoustics really sucked. The vocals were bouncing all over the place. If you haven't heard them yet, go and pick up a CD now.

Probably the nicest surprise of the gig were the supporting act, VoxTrot - great energy. They really engaged the crowd - unlike the Monkeys.

Sadly, I felt that the Monkeys were just going through the motions.

Meals To Die For

Last night I found myself back at the hotel (I'm in Mountain View at the moment), and called home to chat to the family units. Julian has taken to answering the phone this trip, which was really cool. I would obviously rather be at home, but to hear his voice saying “Daddy, I gotta tell you something, I love you”, really warms you deep down…

Anyhow, Nabila came on the phone and informed me that dinner was 'sausages and chips'.

That 'sausages and really good fries' to you Americans.

I got a real craving. I was in California. There's gotta be a British pub around here somewhere.

Then I remembered that back in 1996 I visited some transplanted brits that were living in Cupertino and that we went to a British pub.

That pub can't be far from here.

Out came the iPhone and Google maps, whereupon I found The Duke Of Edinburgh. That's it! And it's under a mile from the hotel.

So I tootle along and it's exactly as I remembered. Felt wallpaper, east-end feel and everything!

After a perusal of the menu I settle on a starter of two warm scotch eggs with mustard followed by two bangers with heaps of fried onions in a sesame seed bun.

Divine!

The scotch eggs were perfect. I don't think I've had one for about ten years and these were incredible. The sausage inna bun? Well, it looked like heartburn waiting to happen, but at the same time looked gorgeous.

I ate it.

I was in heaven.

I like this place. Squint and you'd believe you were in the east end of London. The accents of those around me made me feel cosy.

Highly recommended.

Fast forward to 5am. Heartburn city…

Oh, and did I mention that as I walked into the place, what must have been an aircraft carrier sized bird dropped the hugest load on me?

I guess being shat on by a bird really is good luck.

Samba Upgrade Hell

A few nights ago I decided to upgrade the Debian installation on my home server. I backup all the important stuff nightly, so I wasn't too worried. However, I did take a lot of care following along with the upgrade process and intervening when needed.

Now, this server is pretty important to my home network. It serves time, dhcp, nameservers and most importantly it runs samba to act as the Primary Domain Controller for my home Windows domain. All the windows boxes, as well as the Infrant NAS are clients in this domain.

You might remember my post from last November describing the setup.

Anyhow, it was the first thing I checked.

Main Vista client still on domain? Check. Can log in? Check. Can browse the domain? Check.

Can mount the photo share from the NAS? Nope.

No logon servers available.

Ack!!!

Now I'm worried. No matter what I do, I can't mount a share from the NAS on any Windows or Mac box.

Ok, over to linux and dig out smbclient.

NTSTATUSNOLOGONSERVERS.

After some groveling around I figure out that it's a problem with the NAS. Leave domain. Join domain. It all works, but I just can't see the shares. I turn to Google. “Samba 3.0.23 NTSTATUSNOLOGONSERVERS”. Nothing of use turns up.

Next step.

I download the source to Samba 3.0.26a, the latest rev, build it and install it side-by-side. This way I can switch between the two revisions, so I decide to bring the domain up completely fresh in the new installation.

I can use “net getdomainsid” and “pdbedit -u user -v” to get all the old SIDs and RIDs, so hopefully everything will match in the new domain.

It all works perfectly - machines join the domain; users can login with the same SIDs (this is important so that all the old permissions still work).

Can I see the shares on the NAS?

Nope.

Ok then. Lets downgrade the distribution's samba package to the previous version (3.0.14a).

Now we're screwed. It can't access the password database.

Ok, so the distribution's samba install is dead. I uninstall it and run with the source-built version in /usr/local/samba.

Now we're back to a state with fresh source and everything working except the NAS shares.

Bump up the debug level. Try connecting. Everything is working. No errors from Samba, but the NAS is still horked.

Ok, lets scour the docs carefully… Nothing.

More searching reveals the following in the Infrant forums:

I have a ReadyNAS running RAIDiator 3.01c1-p4 it's a member of a domain “CLOUDVIEW”. The PDC is a FreeBSD box running samba 3.0.23c.

It used to work. However I updated my samba build on the PDC and I now get this

jeeves# /usr/local/bin/smbclient \\\\filestore\\ -U jpp

Password:

session setup failed: NTSTATUSNOLOGONSERVERS

jeeves#

and syslog on the PDC show this

Dec 6 00:24:37 jeeves smbd 31622: [2006/12/06 00:24:37, 2] auth/auth.c:checkntlmpassword(309)

Dec 6 00:24:37 jeeves smbd 31622: checkntlmpassword: authentication for user [jpp] -> [jpp] -> [jpp] succeeded

Dec 6 00:24:37 jeeves smbd 31622: [2006/12/06 00:24:37, 2] auth/auth.c:checkntlmpassword(309)

Dec 6 00:24:37 jeeves smbd 31622: checkntlmpassword: authentication for user [jpp] -> [jpp] -> [jpp] succeeded

What changed and how to I get access to my data again?

Sounds familiar. What's the resolution?

After a lot of digging around I fixed it. During the upgrade of samba to .23c (now d) my PDC somehow “lost” the group mappings - this effectively left my network with no “Domain Admins” “Domain Users” or “Domain Guests” groups.

Re-creating those group mapping with the correct RID's fixed the issue.

Ok, there's a lead. “net group” shows no groups on my machine and “net groupmap” shows no NT to unix mappings. Could the NAS be looking for the “Domain Users” group (as it exports a share for each user) and as it can't find it, failing with a weird error?

After much documentation reading, I find out that this is actually by design! Prior to 3.0.0.23, those very important groups were generated automatically by Samba. With 3.0.0.23, they go away and it's up to the admin to create them!

Doesn't sound like a minor-minor-point release change to me.

Anyhow, I came up with the following:

# net groupmap add ntgroup=“Domain Admins” unixgroup=ntadmins rid=512 type=d

  1. net groupmap add ntgroup=“Domain Users” unixgroup=users rid=513 type=d
  2. net groupmap add ntgroup=“Domain Guests” unixgroup=nogroup rid=514 type=d

Can I connect to the NAS?

YES!!!

That was it.

Man did that suck.

What sucks even worse is the fact a minor-minor-point release upgrade horks backward compatibility in such an unpleasant fashion and, as far as I can tell, without calling attention to it in the upgrade process. The only relevant documentation I can find about this in the “Note” in the samba 'how to' docs

Versions of Samba-3 prior to 3.0.23 automatically create default group mapping for the Domain Admins, Domain Users and Domain Guests Windows groups, but do not map them to UNIX GIDs. This was a cause of administrative confusion and trouble. Commencing with Samba-3.0.23 this annomaly has been fixed - thus all Windows groups must now be manually and explicitly created and mapped to a valid UNIX GID by the Samba administrator.

This ain't exactly calling the problem to attention…

Anyhow, hopefully this rambling post will be of some help to others in the future.

Oh, and don't get me wrong - I love samba. I just feel a little jilted :-)

Intern One Heads Back To College…

Our second intern of the summer, Julia, headed back to college this week. She rocked quite hard - we'll miss her…

Gayle has all the details…

Oh, and Ming, yes you were our first intern, but Gayle forced us to promote Julia… Or something like that…

Tags: , .

iPhone Agnst?

On Friday night I couldn't resist it anymore. My boss and one of my colleagues were taunting me with their new phone. And man, I couldn't resist the DPI.

So I became an iPhone owner.

And it's the best thing in consumer electronics since the Tivo. It's that good. It's life changing.

Cue dramatic music. Cue Karen saying “Yup, confirmed geek.”

Anyhow, today Mr. Jobs announced a $200 price drop on the iPhone, so I thought:

1. I'm pissed.

2. Apple are a cool company.

3. I'll call them. On my iPhone.

So out came Google Maps on the aforementioned communications device. Search. Apple Store. Up pops the details. Click the phone number.

Bzztt preeeaaaarrrk.

Oops. Apparently a fax line is listed as their Bellevue store's phone number. No problems - I click the listed url instead and click on the listed phone number displayed on the resultant page.

“Hi! I bought an iPhone from you a few days ago and I notice that you've just dropped the price by two hundred bucks. Can I get a refund on the difference?”

“Well, not exactly”, says she.

“But we can do a return for a $60 restocking feed. You'll save $140!”

“Cool!”, says me. Getting $140 back ain't too bad.

But then, and dark distant Apple returns policy surfaces in my mind, only to be confirmed by Om Malik

Should Apple reduce its price on any Apple-branded product within fourteen (14) calendar days of the date of purchase, you may request a refund of the difference between the price paid and the current selling price. An original purchase receipt is required, and you must request your refund within fourteen (14) calendar days of the price reduction.

Which makes me wonder whether the Apple store employee didn't know about the company's own policy, or whether she was purposefully steering me at another, less expensive for Apple, policy…

Tags: , .

© 2001 to present, Steve Lacey.