Configure Google Authenticator on CentOS 7

Image of laptop with hand holding a skeleton key extending outwards through the display.

Intro

As part of the rebuild on my Plex Media Server using CentOS 7, I had intended to configure Google Authenticator but hadn’t gotten around to doing it yet.  As I got into the process recently I discovered that many of the steps that I had used when configuring my CentOS 6 Digital Ocean droplet were out of date to the point of uselessness.

I also discovered that most of the guides that I found either relied on the older 1.0 code release which was also outdated or used a unknown RPM repo.  As such I decided to write up the process that I followed to use the code downloaded from the official GitHub repository.

NOTE: If you are doing this in an enterprise setting, it is likely that your company has particular settings and restrictions that you may need to adhere to (e.g., not running things as the root user). Also, please note that all of my examples use the CentOS defaults unless specifically noted.

Read more

Windows Tip of the Week: Find your account password expiration date in an AD environment

Image of laptop with hand holding a skeleton key extending outwards through the display.

In many cases your enterprise Active Directory will not involve too many domains, in fact it is quite common for an Active Directory implementation to only include one domain.  In some cases, however, when you have the unfortunate situation of having a username in multliple domains with differing policies on password expiration it is useful to be able to know when your password, or that of another user will expire.  Here is an easy way to accomplish this from the command line.

For the current active user

[code language=”bash”]
net user /domain
[/code]

For a different user

[code language=”bash”]
net user /domain _username_here_
[/code]

Here is an example of the output:

[code language=”bash”]
User name afore
Full Name Andrew Fore
Comment
User’s comment
Country code 000 (System Default)
Account active Yes
Account expires Never

Password last set 1/29/2015 4:38:37 PM
Password expires 4/29/2015 4:38:37 PM
Password changeable 1/29/2015 4:38:37 PM
Password required Yes
User may change password Yes

Workstations allowed All
Logon script
User profile
Home directory
Last logon 3/18/2015 3:27:55 PM

Logon hours allowed All

Local Group Memberships
Global Group memberships *VMWare Admins *Domain Users
*Staff
[/code]

If you notice there is a lot of useful information regarding the user account here, but of particular interest in my situation was the value of Password expires since I was trying to ensure that I got my password reset prior to the policy setting so that I would not find myself locked out over the weekend that I went on call when the Helpdesk would be closed.

Creating a firewalld service for Plex Media Server

plex_firewalld-4141008I recently rebuilt my Plex Media Server box as a CentOS 7 VM running on Hyper-V on a Windows Server 2012 setup.

When I installed the rpm and started the service I found that I was unable to load the interface on my desktop. I knew that it was running because I installed netstat and I was able to see the port was open for traffic and I was also able to load the interface locally in lynx on the server.

Read more