Index ¦ Archives ¦ Atom > Category: technical ¦ Atom

How to join Active Directory domains with a One Time Password

realmd and adcli allow you to join a domain with a one time password.

That is: a domain administrator can prepare a one time password, and that one time password can later be used (usually by someone else) to join a specific computer to the domain.

FreeIPA supports this natively …


More secure with less “security”

At GUADEC in Brno, I gave a talk about usability and security prompts.

The video and slides is now online. I’m really impressed with how fast the videos became available this time around.


git-coverage: Useful code coverage

I’ve sorta dabbled in using code coverage off and on, but it never really grabbed me as super useful and fit well within my workflow.

When hacking on open source I want to try out patches, run tests against them, whether automatic unit tests or manually diddling things during …


How to create an Active Directory domain to test against

Many interested people want to help test the Active Directory work and bug fixes we’ve been doing. But sadly there’s no public Active Directory servers that I know of. So here’s how to setup a virtual machine with your own Active Directory. It’s not that hard …


Kerberos and Active Directory Logins

Ray and I and some others have been working on making it easy to use Kerberos single sign on with GNOME 3.6. The feature itself isn’t super revolutionary. You sign in with your realm login (eg: your Active Directory user name and password) and then you can go …


VMWare Player on Fedora 16

I have some VMWare VM’s I’ve been using here and there. I probably should convert them to Virtual Box, but I’ve had a rough time getting that working as well.

So … every time you upgrade the kernel, VMWare barfs because kernel headers have changed. Usually I look …


Redesigning the Seahorse Experience

As part of the work on getting smart cards into Seahorse, there’s some design work that needs to be done to make the new functionality usable. In particular, the overarching design goal is that Seahorse isn’t a tool we expect users to “learn”. Actions should follow mostly from …


Importing certificates and keys

I’ve been working on an importer for keys and certificates that can work with PKCS#11 key storage, such as smart cards, NSS or gnome-keyring.

Here’s a demo of it in action. If you want to try this out yourself, you’ll need:


Introspecting Certificates

Today I merged in a contribution from Evan Nemerson for GObject introspection support into the Gcr and Gck libraries. I ended up tweaking thousands of lines of comments and code, filed some bugs and so forth.

But the end result is you use PKCS#11 and stuff like the Gcr …


Smart card icons

I’ve been working on smart card integration into Seahorse, and as part of that we need icons for smart cards. I had fun putting together something today:

Smart card icons

Obviously not perfect, but I’m happy with the result. The tools and info in gnome-icon-theme are really nice.

At some point …

© Stef Walter. Built using Pelican. Theme by Giulio Fidente on github. .