The Objective: Reject all requests that reach the NGINX server with our a host name in its header
Why it matters: When a request is made to via IP address (http://your.add.rress.here), it will return what is determined to be the “default server” for that IP address. This is often not the desired result. The result we are going for here is to close the connect with the requesting client.
- generate a bogus cert and store it in your /etc/nginx/certs/bogus/ (or whichever folder you use for your certificates)
- create a “default.conf” configuration file in your /etc/nginx/conf.d/ (or whichever folder you include in your config)
- add the configuration to the “default.conf” file (update it if your folders are different for certs)
- test your configuration (/usr/sbin/nginx -t -c /etc/nginx/nginx.conf)
- if all is well, restart your service (sudo service nginx restart)
- validate it’s working as intended
listen 80 default_server;
listen 443 default_server ssl;
This process assumes your linux machine has Centrify Express running on it.
Determine the group name
$adquery user rick -G
Add entry to sudoers file
sudo echo “%domain_admins ALL=(ALL) NOPASSWD: ALL” >> /etc/sudoers
Ubuntu 15.04 Desktop on Hyper-V using Windows 10
Issue: “The image’s hash and certificate are not allowed (DB) .
1) Disable “Secure Boot”
2) Move up the DVD Drive in the Boot order
High load average (over 2.5)
Symptoms: the system responses poorly via GUI
Results: Load average dropped to 2.0
Notes: This virtual machine is configured for 2 vCPU’s
- Install ccsm ($ sudo apt-get install compizconfig-settings-manager)
- open ccsm ($ ccsm)
- Disable Effects > Animation & Effects > Fading Windows
Load average still high
Event log entry in Windows NPS
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
Authentication Type: PEAP
EAP Type: –
Account Session Identifier: –
Logging Results: Accounting information was written to the local log file.
Reason Code: 265
Reason: The certificate chain was issued by an authority that is not trusted.
Remove “System-cs-cert=true” from /etc/NetworkManager/system-connections/<SSID>
I have noticed that you need to remove this entry every time you edit the SSID, even if you leave it in there and set it to false.