[01:58] <doctormo> pleia2, BiosElement, Vantrax: ok so when people are first signing up for development using this projects tool, I have it requiring a 3 step process.
[01:59] <pleia2> ok
[01:59] <doctormo> a) Authorise with launchpad (gives website with registration details if required b) add user to bazaar config and c) compare upload ssh key.
[01:59] <Vantrax> projects tool?
[01:59] <Vantrax> ive missed a step somewhere
[01:59] <doctormo> I can figure out the username from the launchpad auth and add that automatically to the bzr config using the code behind bzr launchpad-login
[02:00] <doctormo> The ssh key upload needs to be done via code too, since I need to look at existing ssh keys and compare them to installed svailable private keys
[02:01] <doctormo> Of course the launchpad auth is done via firefox, OAuth forwards you to login via launchpad and then accept access to the program
[02:01] <doctormo> Vantrax: http://doctormo.wordpress.com/2009/09/18/launchpad-naultius-sneak-preview/
[02:04] <BiosElement> Sounds great doctormo ^_^
[02:09] <Vantrax> im impressed
[02:09] <Vantrax> you have some hidden coding talent i see
[02:26] <doctormo> Vantrax: hidden? my profession before Canonical was programming perl for years and years :-D
[02:26] <cprofitt> hey doctormo
[02:27] <doctormo> Oh hey cprofitt, how goes work schedual?
[02:27] <cprofitt> work is fine...
[02:27] <cprofitt> I should be able to make the meeting Monday night
[02:27] <cprofitt> and the 'stress' of the start of school should ease this week
[02:28] <cprofitt> though... to be honest...
[03:10] <Vantrax> cprofitt: you around
[03:11] <cprofitt> yes
[03:12] <cprofitt> Vantrax, what is up?
[03:12] <swoody> ah, good evening Vantrax and cprofitt :)
[03:12] <Vantrax> you know kerberos configurations at all?
[03:12] <cprofitt> a little... at least for AD
[03:12] <cprofitt> not for Linux
[03:12] <Vantrax> thats what im playing with
[03:12] <Vantrax> the configs are the same for both
[03:12] <Vantrax> MS implements MIT Kerberos
[03:12] <cprofitt> yep
[03:12] <Vantrax> which is what linux uses
[03:13] <Vantrax> anyway, how much you know about capaths and multiple realms
[03:13] <cprofitt> nothing to be honest... I have one single tree/domain currently
[03:13] <Vantrax> aww
[03:13] <Vantrax> I have a student and a staff one
[03:14] <cprofitt> are you using AD?
[03:14] <Vantrax> the student one as a one way hiearchical trust relationship with the staff one
[03:14] <Vantrax> yeah, were rolling over to it atm
[03:14] <cprofitt> so the student one trusts the staff?
[03:14] <Vantrax> yes
[03:14] <cprofitt> but the staff one does not trust the student
[03:15] <Vantrax> no
[03:15] <Vantrax> so staff can log in on student machines, but students can not log in on staff machines
[03:15] <cprofitt> you could have done that w/o sep. domains
[03:16] <Vantrax> its kinda hard with 10k users...
[03:16] <Vantrax> and alot of services hanging off them
[03:16] <Vantrax> anyway here is the krb5.conf file, its the same on windows and linux http://paste.ubuntu.com/27500
[03:17] <cprofitt> redtubez?
[03:17] <Vantrax> lol
[03:17] <cprofitt> http://paste.ubuntu.com/27500/
[03:17] <Vantrax> ops, that was missing a 0
[03:17] <cprofitt> that is just another link...
[03:17] <Vantrax> http://paste.ubuntu.com/275000/
[03:17] <cprofitt> k
[03:18] <Vantrax> im pretty sure im doing the capaths wrong
[03:19] <Vantrax> no one seems to know anything about them tho >.<
[03:19] <cprofitt> hmm...
[03:19] <cprofitt> any idea where the files are kept in AD?
[03:20] <cprofitt> http://mailman.mit.edu/pipermail/kerberos/2007-March/011376.html
[03:21] <cprofitt> do you have a forest + two domains?
[03:21] <cprofitt> or is the student a sub-domain?
[03:22] <Vantrax> two domains
[03:22] <cprofitt> k.
[03:22] <Vantrax> er two subdomains
[03:22] <Vantrax> i think
[03:22] <cprofitt> right...
[03:23] <cprofitt> You tree is ad.griffith
[03:23] <cprofitt> and you have two sub-domains -- staff-test and student-test
[03:23] <Vantrax> yer
[03:24] <cprofitt> yeah the capaths do not make sense given that then...
[03:24] <Vantrax> ^.^
[03:24] <Vantrax> i know that
[03:24] <cprofitt> let me break out an old book... give me a minute
[03:24] <Vantrax> i stand corrected, it is 2 forests each with a single domain
[03:24] <doctormo> You guys, I'm having a hard enough time setting up ldap for a 5 machine setup to provide universal login.
[03:24] <Vantrax> the domains are then the root of each respective forest
[03:24] <cprofitt> ouch...
[03:24] <cprofitt> that may be the issue...
[03:24] <Vantrax> lol
[03:25] <Vantrax> i can give you some docco
[03:25] <Vantrax> i have done that for labs before, thats what we are migrating away from
[03:25] <cprofitt> I think it may be better to make a forest with two sub-domains
[03:25] <cprofitt> but let me get to that section...
[03:26] <Vantrax> yeah, but i dont control that bit:P
[03:26] <Vantrax> doctormo: your doing it using pam_ldap right?
[03:26] <cprofitt> Vantrax, you don't?
[03:26] <Vantrax> no, a project team does. I just have to make it work
[03:27] <cprofitt> are they still in testing... and you can 'give advice' or have they committed to the design already
[03:27] <doctormo> Vantrax: Trying, but it's been something I've been doing on and off.
[03:27] <Vantrax> they are pretty committed to the design:P
[03:27] <cprofitt> AD 2003 or AD 2008?
[03:27] <Vantrax> 2008
[03:27] <Vantrax> 2003 is pointless because win7 will not connect to it
[03:27] <doctormo> anyway, I better go before this Microsoft fan topic makes me see red.
[03:27] <doctormo> And sleep
[03:27] <Vantrax> <- is no MS fan
[03:28] <Vantrax> I am learning KERBEROS... a FOSS project
[03:28] <Vantrax> it just happens to be used by MS as well
[03:28] <doctormo> Vantrax: I know, I've installed krbs5
[03:28] <Vantrax> i will say i am becoming a fan of win7 tho >.<
[03:28] <Vantrax> damn those free copies
[03:29]  * doctormo isn't a fan of the company and doesn't care how good the tech is. sleep
[03:29] <cprofitt> Vantrax, are you just needing to make the Linux side work?
[03:30] <Vantrax> year
[03:30] <Vantrax> yer
[03:30] <cprofitt> k
[03:31] <Vantrax> so i can make each side log in effectively but i cant have a staff log in with the default set to student
[03:32] <cprofitt> Vantrax, have they got it working on the Windows side?
[03:32] <Vantrax> no:P
[03:32] <Vantrax> they are waiting on me, it will be the same
[03:34] <cprofitt> Then that makes it hard to ensure they have the trust setup properly
[03:34] <cprofitt> If I were doing it... I would ensure that first...
[03:35] <cprofitt> I think you may need an entry for both in the realms section... but trying to hunt that down now...
[03:35] <Vantrax> i do
[03:35] <cprofitt> you do have that....
[03:35] <Vantrax> and you do
[03:37] <cprofitt> this may help -- http://web.mit.edu/Kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/capaths.html
[03:40] <Vantrax> yeah, thats where i go this far off
[03:44] <cprofitt> is not this what you need then....
[03:44] <cprofitt> http://paste.ubuntu.com/275008/
[03:44] <cprofitt> unless I am reading the example wrong
[03:45] <cprofitt> I think that allows a machine joined to the student domain to authenticate to both domains...
[03:45] <cprofitt> if I read their example correctly
[03:49] <Vantrax> give me a few min to test
[03:50] <Vantrax> nope, says client not found in the database, isnt hitting the second domain
[03:50] <cprofitt> hmm...
[03:51] <cprofitt> what error were you getting with the capath section you had?
[03:51] <Vantrax> both sides do work, i can change the default_realm value to STAFF-TEST and get a valid login
[03:51] <Vantrax> same one
[03:52] <Vantrax> Client not found in Kerberos database while getting initial credentials
[03:55] <cprofitt> is your machine 'joined' to the domain
[03:55] <cprofitt> I think your capath section might actually be right....
[03:55] <cprofitt> but there may be an issue with the 'membership'
[03:56] <cprofitt> once I take all their extra stuff out of that example your capath is correct
[03:56] <cprofitt> I had not noticed the es.net at the bottom ...
[03:57] <cprofitt> yeah... your capath is accurate to that example...
[03:57] <cprofitt> my mistake on the one I gave you.
[03:59] <cprofitt> Can you get the machine to login to either domain at this point?
[04:01] <cprofitt> Vantrax, I found this -- http://paste.ubuntu.com/275013/
[04:03] <Vantrax> clear as mud >.<
[04:04] <Vantrax> this is starting to give me a headache
[04:04] <cprofitt> lol
[04:06] <cprofitt> Vantrax, shot in the dark -- http://paste.ubuntu.com/275017/
[04:07] <Vantrax> im thinking that student-test = staff-test has to be in there somewhere
[04:08] <Vantrax> not that one:
[04:08] <cprofitt> http://www.cmf.nrl.navy.mil/ccs/people/kenh/kerberos-faq.html#confxrealm
[04:08] <cprofitt> yeah... that is what I think...
[04:08] <cprofitt> I would think student-test has to equal both
[04:09] <cprofitt> since student-test can authenticate to either
[04:09] <cprofitt> did you try the last paste I posted?
[04:10] <Vantrax> yeah
[04:10] <Vantrax> lunch time for me, you going to be round a while?
[04:11] <cprofitt> this might help too -- http://groups.google.com/group/comp.protocols.kerberos/browse_thread/thread/3d546e7bd92d74c3
[04:11] <cprofitt> no... I need to go to sleep
[04:11] <cprofitt> 11:11pm here
[04:12] <Vantrax> ok, mind helping me tomorrow?
[04:12] <Vantrax> he he he, seen that already too
[04:12] <cprofitt> I can try...
[04:13] <cprofitt> I wish I had such a setup to test... but I went with one forest just to avoid things like these
[04:13] <Vantrax> yeah, fun isnt it...
[04:13]  * Vantrax goes to eat before he tears out his hair...
[04:14] <Vantrax> see you tomorrow then, have a good night
[04:14] <cprofitt> thanks... good luck
[15:06] <pleia2> darn, the mailing list archives going nutty last week has really caused a problem
[15:06] <pleia2> BiosElement's email wasn't archived :(
[15:27] <doctormo> We all ready for tonight's big teach off?
[15:29] <pleia2> we need a dev environment for the demos
[15:49] <doctormo> BiosElement: your attribution is funny in the example asciidoc """Martin Owens <william@bioselement.com>"""
[16:26] <BiosElement> doctormo, Yeah, I know. I didn't have your E-Mail when I typed it up and was in a bit of a hurry. It's not the official version
[16:27] <doctormo> BiosElement: Yes, my fake email address is none@none.cone :-D
[16:28] <BiosElement> hehe, I'm a fan of root@localhost myself :P
[16:28] <doctormo> BiosElement: Not a valid email on most sites
[16:28] <BiosElement> doctormo, Sadly :P
[16:28] <doctormo> I'm still trying to work out a few things for this key management...
[16:31] <BiosElement> Sounds fun >.>
[16:32] <doctormo> BiosElement: Seems they misplaced the idea that some things might need to be managed via the API, so I'm having to think of work arounds.
[16:32] <BiosElement> doctormo, Pretty typical to be honest >.> API's always seem to be mostly ignored
[16:33] <doctormo> BiosElement: I'm of the "you do everything, don't bother asking me why someone would want to use it, we just do everything"
[16:36] <BiosElement> doctormo, Sounds right. ...And the new york times just crashed firefox >.>
[16:37] <doctormo> Damn yanks, over confident, over sexed and now they don't even need to be over here.
[16:42] <doctormo> BiosElement: that's a paraphraise joke btw
[16:43] <BiosElement> doctormo, I figured. And before I forget, I'm toying with the idea of making a web based editor for the DocBook/asciitext files. I'll start with DocBook and then work on asciitext
[16:44] <doctormo> BiosElement: Sounds like a good idea, make any reading/writing into libs so it'll be possible to make a gui version
[16:44] <BiosElement> doctormo, I'm basing it off turbogears so it shouldn't be hard to port over to a gui if we have too.
[16:45] <doctormo> I don't know what that is
[16:45] <doctormo> bbl
[17:04] <cprofitt> Vantrax, you here?
[18:15] <doctormo> back
[18:36] <BiosElement> Welcome back doctormo
[22:59] <Vantrax> whoops.... left IRC on at work over night
[23:05] <doctormo> Vantrax: No worries, it made you look like you were really attentive :-D
[23:05] <Vantrax> yay
[23:05] <Vantrax> make up for the three weeks i was MIA with the baby
[23:07] <doctormo> How is everyone?
[23:21] <cprofitt> Vantrax, you there?
[23:22] <Vantrax> indeed
[23:36] <Vantrax> whats up cprofitt
[23:36] <cprofitt> hey Vantrax -- did you ever figure out the capaths
[23:38] <Vantrax> cprofitt: nope, but it might be a fault on the configuration... maybe...
[23:38] <Vantrax> turns out they never checked if the inheritance actually worked...
[23:45] <rdw200169> hey, i just saw Martin's post on the planet, and i wanted to throw some change in the bucket, concerning all this documentation madness
[23:46] <rdw200169> i would like to suggest some interesting workflow ideas that I use for my projects and the benefits of each accordingly
[23:46] <knudsonm_> Knudson is here
[23:46] <rdw200169> let me preface this by noting (strongly) that I prefer restructured Text
[23:47] <cprofitt> Vantrax, it would be good if they find out if their machines are actually working before you are asked to do it
[23:47] <cprofitt> Vantrax, what room is our class in?
[23:47] <Vantrax> cprofitt: no idea
[23:47] <rippls_> Hi - I'm here for moodle things...
[23:48] <Vantrax> he he he
[23:48] <Vantrax> is pleia around?
[23:49] <cprofitt> pleia2, ping pong gong
[23:51] <knudsonm_> Mark and Steve are here from Woodland, Washington to help you with Moodle.
[23:56] <cprofitt> knudsonm_, so the Moodle training is here?
[23:57] <BiosElement> I'm assuming so.
[23:57] <knudsonm_> yes, we're here
[23:57] <knudsonm_> how would you like to start
[23:57] <BiosElement> And Vantrax pleia2 can't be here.
[23:58] <cprofitt> sounds good... and this is user based -- as in for the instructor... correct?
[23:58] <knudsonm_> we have and admin in Steve and a user in me ready to serve you
[23:59] <knudsonm_> Steve set up Moodle server and runs it, I teach teachers how to use it
[23:59] <cprofitt> Sounds good. I hope people come... the one question I would start off with (since I have only one course to my credit) is what format/tool would you feel best for teaching IT type courses?
[23:59] <knudsonm_> I also use it in a middle school computer class, and math class