Ubuntu 8.10: How To Connect To a Microsoft VPN

Wednesday, 19. November 2008

December 3, 2008 Update: Some of these problems have been corrected in the latest updates to Ubuntu 8.10. (See below.)


Connection to a Microsoft VPN from Linux is normally a no-brainer but Ubuntu 8.10 Intrepid Ibix has some “out of the box” issues with connecting to a Microsoft VPN. Before fixing those issues we need to go through the motions and cover all the basics. First, you will need to install NetworkManager for Gnome and the PPTP plugin.

    sudo apt-get install network-manager-gnome network-manager-pptp

    sudo NetworkManager restart

NetworkManager Configuration

You can launch NetworkManager from either the Gnome menu under System | Preferences | Network Configuration or by clicking on the network icon on the Gnome panel and selecting VPN Connections | Configure VPN. Select the VPN tab and click the Add button. When asked to choose a VPN connection type select PPTP and click the Create button. PPTP will be the default unless you have other NetworkManager plugins installed.

Now you should have a dialog to enter the VPN information. There are only a couple of pieces of information that you need to enter on this form.

  • Connection name: Name you VPN connection or keep the default name. Your choice.
  • Connect automatically: Leave unchecked for now. You can change this later if you want.
  • System setting: Leave unchecked.
  • Gateway: Enter the host name or IP address of the VPN gateway.
  • User name: Enter the NT domain, a backslash and the user name, e.g. EXAMPLE\bill. This is the first of the 8.10 issues – you must enter the NT domain with the user name here or it won't work.
  • Password: Leave this blank. This is another 8.10 issue – either accessing or storing the password from NetworkManager is broken and if you enter the password here it won't work. Don't worry, there is a workaround.
  • Show password: Don't check it, check it, it matters not.
  • NT Domain: Leave this blank. And another 8.10 issue – the NT domain should be entered with the user name instead of here and if you do put the NT domain here it won't work.

The form should look something like this when you are done:

Screenshot-Editing Example Corporate VPN

Click the Advanced button and when the dialog appears check Use Point-to-Point encryption (MPPE). Don't change any of the other setting on this form.

Screenshot-nm-connection-editor

Click the OK button on the advanced settings form and then click the OK button on the VPN information form to save the settings for your new VPN. You can close the NetworkManager window now.

Fixing the NetworkManager Configuration

If you try to connect to the VPN now it will fail. By default it is trying to negotiate EAP authentication. There is no was to disable EAP from NetworkManager so you will need to disable it with gconf-editor. Launch gconf-editor from the command line.

    gconf-editor

When the editor starts browse to System | Networking | Connections. Under Connections you should see one or more numbered connection folders. You will need to find the one that has your VPN configuration in it – open each one and look for another folder named vpn. Click on the vpn folder to see the settings to verify that it is the one you need to change. On my system this was connection number 3. Right-click on the configuration list and select New key.

Screenshot-Configuration Editor

Name the new key refuse-eap, set its type to String and its value to yes. Then click the OK button.

Screenshot-New Key

Connecting to the VPN

You are finally ready to connect to the VPN. Clink the network icon on the panel and select VPN Connections | <connection name>. Enter your password in the authentication dialog. If you want your password stored in the keyring you can check that option here – that is the workaround for not being able to enter the password in NetworkManager. Click the OK button and if all goes well you will connect to your VPN.

Screenshot-Editing Example Corporate VPN

The Bad News

Now that you've got your VPN working there's some really bad news you need to know about. Anytime you launch NetworkManager it is probably going to hork the VPN settings and your VPN will stop working once again. So don't start NetworkManager. But if you do the two things you will most likely need to fix are:

  1. Edit the VPN and delete the password from the configuration form. You can re-enter it and save it again the next time you need to connect.
  2. Check the refuse-eap setting on your VPN and re-add it with gconf-editor if it is missing.

Good luck!


December 3, 2008 Update:

In the comments Craig points out that the NT Domain issue has been fixed. I fired up Update Manager and installed all the latest updates which included an update to NetworkManager. After installing I verified that with the latest version of NetworkManager the NT Domain can be configured normally again. There was also an update to the Gnome Keyring which spurred me to try configuring the VPN password in NetworkManager too and that works now also. (However I do not know if the password storing problem was in NetworkManager or Gnome Keyring.) With these updates you can set up your VPN configuration in NetworkManager as follows:

Screenshot-Editing Example Corporate VPN Update

These latest updates resolve half of the issues I described in the original post. You will still need to enable MPPE and add the refuse-eap key to successfully connect to a Microsoft VPN.

Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Delicious Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Facebook Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Google Buzz Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Google Reader Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on LinkedIn Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Twitter Share 'Ubuntu 8.10: How To Connect To a Microsoft VPN' on Email

Drupal 6.5

Tuesday, 14. October 2008

Drupal 6.5 was released October 8th and I realized that I had missed a couple of releases. I installed the update and everything worked flawlessly.


Update: The blog API module still has an impedance mismatch between RSD and posting. It hands out “1” in response to an RSD query but expects “blog” when posting. So once again I had to re-apply the RSD patch for the Blog API module.

Share 'Drupal 6.5' on Delicious Share 'Drupal 6.5' on Facebook Share 'Drupal 6.5' on Google Buzz Share 'Drupal 6.5' on Google Reader Share 'Drupal 6.5' on LinkedIn Share 'Drupal 6.5' on Twitter Share 'Drupal 6.5' on Email

Drupal 6.2

Wednesday, 9. April 2008

Drupal 6.2 was released today. It addresses a security vulnerability that affects Drupal 6.x sites that have multiple users, as well as a variety of other bug fixes. I upgraded from 6.1 to 6.2 without difficulty. However, I did have to re-apply the RSD patch for the Blog API module.

Share 'Drupal 6.2' on Delicious Share 'Drupal 6.2' on Facebook Share 'Drupal 6.2' on Google Buzz Share 'Drupal 6.2' on Google Reader Share 'Drupal 6.2' on LinkedIn Share 'Drupal 6.2' on Twitter Share 'Drupal 6.2' on Email

Blogging to Drupal from Flickr

Wednesday, 9. April 2008


Drupal Modules as of 11/9/07

Originally uploaded by kentbye

If your blog is powered by Drupal you can blog images and videos from Flickr. This blog post was created with Flickr. First I found an image that was relevant, interesting and licensed under Creative Commons. I decided to use the image to the right which displays a graphical snapshot of the available Drupal modules. Then I clicked the BlogThis button that appears above images along with the more familiar controls. That button sent me to a Flickr blog form where I typed the blog title and content. Then I posted the entry directly to this blog. (Once I had posted it I opened it with MarsEdit to polish it and add some additional images.)

If you want to try blogging from Flickr you need to make sure you have both the Blog and Blog API modules enabled and configured in Drupal. You can see what modules are enabled and enable or disable additional modules at Home

Share 'Blogging to Drupal from Flickr' on Delicious Share 'Blogging to Drupal from Flickr' on Facebook Share 'Blogging to Drupal from Flickr' on Google Buzz Share 'Blogging to Drupal from Flickr' on Google Reader Share 'Blogging to Drupal from Flickr' on LinkedIn Share 'Blogging to Drupal from Flickr' on Twitter Share 'Blogging to Drupal from Flickr' on Email

Flickr

Wednesday, 9. April 2008

This is a test post from flickr, a fancy photo sharing thing.

Share 'Flickr' on Delicious Share 'Flickr' on Facebook Share 'Flickr' on Google Buzz Share 'Flickr' on Google Reader Share 'Flickr' on LinkedIn Share 'Flickr' on Twitter Share 'Flickr' on Email

OS X Leopard and MySQL Update

Monday, 7. April 2008

I should have looked before I wrote my last post on MySQL because there is an updated version of the MySQL package for OS X 10.5. (And it has been available for quite a while too.) I undid everything I had done previously to get MySQL working before and I downloaded and installed the 64-bit version of this new package. I even took myself out of the wheel group.

After installing the updated package I found that I could not start MySQL from the command line or the prefpane. I tried adding myself back to the wheel group but I still couldn't start MySQL. To fix the problem I still had to follow the recommendation to change the ownership of /usr/local/mysql/data that I originally found here. Then I removed myself from the wheel group and I could still start and stop MySQL from both the command line and the prefpane. I'm not sure that changing the permissions is either really necessary or the best solution to the problem but it works.

Then I tried restarting the system to see if the permissions on /usr/local/mysql/data/<computer name>.local.err were getting reset like they were before. They weren't, so that's one less problem to deal with.

Finally I tried enabling automatically starting MySQL on system start and that works now even if your user is not in the wheel group.

So now (almost) everything in the MySQL package for OS X 10.5 works out of the box.

Share 'OS X Leopard and MySQL Update' on Delicious Share 'OS X Leopard and MySQL Update' on Facebook Share 'OS X Leopard and MySQL Update' on Google Buzz Share 'OS X Leopard and MySQL Update' on Google Reader Share 'OS X Leopard and MySQL Update' on LinkedIn Share 'OS X Leopard and MySQL Update' on Twitter Share 'OS X Leopard and MySQL Update' on Email

Automatically Start MySQL on Startup in OS X Leopard

Monday, 7. April 2008

In an earlier post I explored how to install MySQL from a package on OS X Leopard, but I left unsolved the problem of how to make MySQL start automatically on system startup. This morning while reading Mac OS X Hints a post titled “10.5: Join 'wheel' group as possible fix for system issues” caught my eye and started me thinking that perhaps it might also be a solution for the MySQL auto-start problem I had been unable to solve.

First I had to find a way to add myself to the wheel group so followed a link from that hint to another hint titled “10.5: Manage users and groups using a GUI tool*. From there I downloaded and installed Apple's Server Admin Tools for 10.5. These tools are not meant to be used with the desktop version of OS X, but the Workgroup Manager tool works and can be used add a user to a group. I followed the steps described and added myself to the wheel group. It took me a couple of minutes to find the wheel group because the Workgroup Manager displays the groups' long names instead of their short names. In the case of the wheel group the long name is System Group.

wheel_group

After adding myself to the wheel group I opened the MySQL prefpane in System Preferences and checked “Automatically Start MySQL Server on Startup”. Then I shut down and restarted my MacBook. When it finished booting I logged in and MySQL was already running. Problem solved!

AutoStartMySQL


*Mac OS X Hints offers the following warning for this hint:

Warning: You should not play around with these settings if you don't know what you're doing. It is possible to break certain parts of the operating system, or to render it unusable.

You should definitely not add users to the wheel group unless you are reasonably confident that you know what you are doing and what the security implications are.

Share 'Automatically Start MySQL on Startup in OS X Leopard' on Delicious Share 'Automatically Start MySQL on Startup in OS X Leopard' on Facebook Share 'Automatically Start MySQL on Startup in OS X Leopard' on Google Buzz Share 'Automatically Start MySQL on Startup in OS X Leopard' on Google Reader Share 'Automatically Start MySQL on Startup in OS X Leopard' on LinkedIn Share 'Automatically Start MySQL on Startup in OS X Leopard' on Twitter Share 'Automatically Start MySQL on Startup in OS X Leopard' on Email

MarsEdit Media Manager Catalog

Friday, 21. March 2008

In the previous post I explored using the MarsEdit Media Manager to upload non-image files to your website. As a file uploader it works great, but it doesn't work quite as well as a “media manager” for those non-image files. After uploading an MP3 file I went to the Media Manager Catalog to see if I could drop an existing MP3 file into a new blog post as easily as I could with an existing image file. I couldn't because the Media Manager Catalog doesn't handle non-image files well at all.

MediaManagerCatalog

The highlighted area in the above screenshot is the MP3 file of Memento Mori by The Bastard Fairies that I uploaded earlier. Media Manager displays a light blue rectangle as a place holder for the file but it will not show me the file name or even let me click to select it. I tried uploading several other non-image file types – such as a PDF file – and the Media Manager Catalog handles them all the same way.

The Media Manager Catalog clearly intends to handle non-image files because there is a combo box that can used to filter the view by all files (the default), images only or non-image files only. Interestingly, I can select and insert a non-image file by using the cursor keys to select the file and then clicking insert, but I can't select the file with a mouse click. Even then if there is more than one non-image file there is no way to tell which non-image file you are inserting because there is no file name displayed.

I don't know if this would be classified as a bug or a partially implemented feature. Whatever the case, I would like to see Red Sweater get the Media Manager Catalog working to fully support non-image files. While they are at it there are some other features I would like to see in the Media Manager.

  • Catalog SyncSync the Media Manager Catalog with files that already exist on the web server. Add existing files to the catalog and also dDelete any entries from the catalog that don't exist on the web server.
  • Catalog Delete – Delete a file from the Media Manager Catalog. and also delete the file from the web server. It might also be nice to download the deleted file first and put it in the local Trash in case you made a mistake or change your mind.
  • QuickLook Integration – While I wouldn't expect anything more than an icon in the Media Manager Catalog for non-image files, it would be nice to be able to preview the files in QuickLook. This would be a nice feature even for image files which already have a thumbnail view in the Media Manager Catalog.
  • Upload and Hyperlink Path Config – Configuration option to specify/override the default for both the file upload and hyperlink paths. (I swear this was an option in an earlier version. But I guess either I hallucinated it, I can't find it now or it has disappeared in the current version.)
  • Upload Multiple Files – Drop more than one file on the uploader and upload them all to the web server.
  • Replace File – When uploading a file with the same name as an existing file, Media Manager adds “_0”, “_1”, etc. to the file name and uploads it as a new file. It would be nice to have the option to replace the existing file instead.
  • Catalog Duplicate Files – When a file with the same name is uploaded the blog API adds “_0”, “_1”, etc. to the file name, but the Media Manager Catalog still shows the original name in the Catalog instead of the new name.

If you have any additional suggestions for improving Media Manager let me know in the comments. Better yet, let Red Sweater know too. MarsEdit is a great product but we can help them make it even better.


Update: I opened a topic on this issue on Red Sweater's MarsEdit forum. You can comment there as well as here.


Update: Daniel Jalkut responded to the forum post and pointed out that some of these features are simply not possible given the current blog APIs. I have updated my list accordingly.

Share 'MarsEdit Media Manager Catalog' on Delicious Share 'MarsEdit Media Manager Catalog' on Facebook Share 'MarsEdit Media Manager Catalog' on Google Buzz Share 'MarsEdit Media Manager Catalog' on Google Reader Share 'MarsEdit Media Manager Catalog' on LinkedIn Share 'MarsEdit Media Manager Catalog' on Twitter Share 'MarsEdit Media Manager Catalog' on Email

Uploading MP3 Files With MarsEdit

Wednesday, 19. March 2008

Reader dimmer asks:

Out of curiosity have you tried uploading an mp3 via MarsEdit? Does it work?

I had not tried it and before the question was asked I had not uploaded any files besides JPEGs with MarsEdit. But why not try now? The MarsEdit Media Manager allows you to upload any type of file to your web server. I looked around for an MP3 that I could offer on my site without running afoul of the dreaded RIAA. I had just downloaded The Bastard Fairies album Memento Mori and since they encourage free distribution of their music* I picked a track, dropped it on the Media Manager and then clicked Upload & Insert.

MediaManagerUpload

When the MP3 file finished uploading MarsEdit added a link to the file into the draft of this post:

It look's like you don't have Adobe Flash Player installed. Get it now.

It works great, but with one caveat that I'll talk about in my next post.


*The download page for Memento Mori says:

These 12 tracks from our album are FREE for all to download, and we just ask one simple thing. Please make copies for all your friends and ask them to do the same, and so on and so forth.

Share 'Uploading MP3 Files With MarsEdit' on Delicious Share 'Uploading MP3 Files With MarsEdit' on Facebook Share 'Uploading MP3 Files With MarsEdit' on Google Buzz Share 'Uploading MP3 Files With MarsEdit' on Google Reader Share 'Uploading MP3 Files With MarsEdit' on LinkedIn Share 'Uploading MP3 Files With MarsEdit' on Twitter Share 'Uploading MP3 Files With MarsEdit' on Email

Stacks Improved in OS X Leopard 10.5.2

Thursday, 14. February 2008

Apple made a minor but welcome improvement to Stacks with the 10.5.2 upgrade. You can now change the stack icon on the toolbar to a folder icon. So now instead of seeing this:

StacksIconDisplay

I see this:

StacksFolderDisplay

I am much happier seeing the Application folder as my Application stack icon than I was seeing the 1Password icon. To change your Stacks icon display, right-click on the stack you want to change and select Display as: Folder. If you don't like it then change it back to Display as: Stack to see 1Password, Address Book, Adium or whatever icon is first in your Applications folder.

StacksDisplayAs

Share 'Stacks Improved in OS X Leopard 10.5.2' on Delicious Share 'Stacks Improved in OS X Leopard 10.5.2' on Facebook Share 'Stacks Improved in OS X Leopard 10.5.2' on Google Buzz Share 'Stacks Improved in OS X Leopard 10.5.2' on Google Reader Share 'Stacks Improved in OS X Leopard 10.5.2' on LinkedIn Share 'Stacks Improved in OS X Leopard 10.5.2' on Twitter Share 'Stacks Improved in OS X Leopard 10.5.2' on Email