Free Teaching Material on Systems and Network Management
Purpose of this site
I wrote these notes to teach the subject Systems and Network Management in the Department of Information and Communications Technology at the Hong Kong Institute of Vocational Education (Tsing Yi), up to September 2004.
This site has no connection to HKIVE or to the Department of ICT, since I do not work there any more.
Teaching PlanTeaching plan: PDF, OpenOffice format, Excel format
- Submit zipfile or tarball of text sourcode and two LDIF files online, outside campus, inside campus (using SSL). Here is our CA certificate to load into your browser.
- Due: 8pm, Sunday, 23 May 2004.
- The assignment is here .
- A solution, another (incomplete, since no LDIF) solution, another (very complete) solution. The last one was written first, and it is not as clean as I would like. I may rewrite parts of it for production use to make it shorter and simpler, and make the code cleaner and more easy to follow. The first one listed here is the last one I wrote, and has the cleanest code. Note that the first two show how to use and create nested data structures, and how to pass references to hashes to and from functions.
- Some other Perl programs I have written that may or may not
- A solution to the exercise given in the laboratories (which many of you did not bother to do!): make-ou
- The program I wrote to create all the accounts and set up the server ldap1.tyict.vtc.du.hk: setup-ldap1
- A program I wrote to setup the ACLs to allow you to write to your own organisational unit: gen-acls
- A very simple little program to create the admin user for which special access is provided by the ACLs above: create-admin
- A program I wrote to send you all email: mail-people
- The program I wrote to generate the fake enrollment data: generate-fake-enrolment-data
- A little Perl module I wrote to calculate and verify the checkdigit in a Hong Kong ID: HKID.pm. Thank you, Keung Kai-chung, for the email that got me started.
- A little Perl module I wrote to randomly select an item from a list, where each item in the list has its own "weight", so that we can, for example, select the gender "male" with greater probability than "female" for to simulate the gender of students in an engineering course. It is used by the program above.
- The data files are here. Choose the one with your student number in the file name.
- A few little programs that may help
- Getting Started with the Assignment, Solutions are above.
- Functions to Search for next UID, GID numbers. Please do not use getpwent() or getgrent(); I am sorry I made the mistake of suggesting that you use them!
- A picture showing the structure of the directory on ldap1.tyict.vtc.edu.hk
- Due at your next laboratory session.
- Submit your solutions to all questions in the Perl Data Structures Tutorial, Solutions, some text files you can browse and run: Q1, Q2, Q3, Q4.
- Assignment 2: Questions
- The second deadline has been extended to 8pm, Monday, 8 December 2003 since ictlab was down on Sunday 7 December 2003.
- The student data is here: Artificial student data for the assignment
- Discussion about the assignment. Please discuss the assignment here rather than sending me email.
- Due 8pm, Sunday 30 November 2003 — get a 10% bonus
- Otherwise, submit before 8pm Monday 8 December 2003.
- Submit zipfile of text sourcode online, Our CA certificate to load into your browser.
- Note that I made two mistakes in my assignment
- You do NOT need to submit any hard copy
- You do NOT need to submit any screen dumps of
the User Manager For Windows, but instead, you DO
need to show the ACLs for all the home directories you have
created. You could do that like this:
D:\home> for /d %i in (*) do @cacls %i >> \temp\cacls-out.logand submit the output file that this creates.
- How I would run my assignment on Linux in the College:
- Create a local account for myself, and copy my work to
$ sudo useradd -c "Nick Urbanik (local)" nickl $ sudo passwd nickl Changing password for user nicku. New UNIX password: $ sudo cp -a assignment-2 ~nickl $ sudo chown -R nickl.nickl ~nickl
- Add the new local account to the sudoers file:
$ sudo visudo
- Log in to my new local account, and temporarily turn
off LDAP authentication:
$ sudo authconfig
- To make things a bit easier, I would add /sbin
and /usr/sbin to my PATH environment
variable which is set in my log in script,
$ echo 'PATH=$PATH:/sbin:/usr/sbin' >> ~/.bash_profile
- Please understand what that does; please don't destroy your log in script
- Then source it:
$ source ~/.bash_profile
- Note: to see what is happening in that last part, please see section 7.2, page 187, of my Workshop Notes.
- Create a local account for myself, and copy my work to that account:
- Assignment 1: Perl Hashes and Arrays: Questions Solutions.
- Assignment 2: Questions, Suggestions towards a solution.
- Assignment 3: Network Monitoring and Troubleshooting Assignment: The assignment specification.
Test on SNMP on Tuesday, 20 January, 2004, 10.30am, B115
- Sorry about the confusion of posting both the wrong time and location—the test will be held in the normal lecture time, as shown above. I have also corrected the time in the Study Guide, and have posted the correct time and location in the email I sent out this morning.
- Study Guide
- Please bring your Perl Reference Guide booklets, the small booklets I gave you at the beginning of the year, as you will need them during the test.
- Yellow paper: Questions, Solutions; White paper: Questions, Solutions
- Nick's valuable summary of Perl we have studied
- Perl (PDF, 1 slide/page), (4up PDF)
- External Resources:
- The MIB Tree
- External Resources:
- ISO's five areas of Network Management: (PowerPoint), (4up PDF)
- SNMP Lecture notes: (PowerPoint slides), (4up PDF)
- SNMPv3 VACM and USM: (pdf: One slide per page), (pdf: four slides per page), (pdf: eight slides per page)
- SNMP Perl Lecture notes: (pdf: One slide per page), (pdf: four slides per page), (pdf: eight slides per page), Interfaces Tree A4, just in bounding box: Interfaces Tree; Attempt to show all of the MIB tree (way too wide): Big part of MIB Tree A3, just in bounding box: Big part of MIB Tree
- The Structure of Management Information (bigger font)
- The SNMP RFCs
- Network Troubleshooting: (PDF, 1 slide/page), (handouts for printing), (4up PDF), (8up PDF), (Very Old PowerPoint),
- Notes about LDAP: single page PDF, PDF handout for printing
- Perl LDAP programming with Net::LDAP: PDF, 1 Slide/page, PDF, 4 Slides/page
- External Resources:
- An Excellent tutorial on many aspects of LDAP: straight to the point, and with examples.
- Lecture notes: (single page PDF), (4up PDF).
- The DHCP and DNS System used in CM two years ago, and in the Computer Centre in Tsing Yi for the last two or three years, and now has been reorganised for ICT last week
- The manual page for my Perl program: make-dhcpd.conf(1)
- Some manual pages for the current version of the ISC DHCP server:
- Some RFCs relating to DHCP.
Routing and Switching
Useful 3Com referenceEverything you wanted to know about IP addresses but were afraid to ask, (local copy)
Revision June 2003
- An Introduction to Perl, Solutions.
- Perl Data Structures: tutorial, Solutions, some text files you can browse and run: Q1, Q2, Q3, Q4.
- Making Accounts with Perl and Regular Expressions
- The (artificially generated) student registration data. You will use this for the remaining exercises. Note that this file is generated using the original data format, but all the names, numbers and IDs are randomly generated.
- How do I set up a Perl program so I can execute it just
by typing it's name?
- First, make a directory ~/bin if it does not exist already
- Put your program (say, printit) into that directory
- Make it executable:
chmod +x printit
- That's it!
useradd will not make a user name that begins
with anything but a letter. The code from
chkname.c in the shadow-utils says:
- User/group names must start with a letter, and may not contain colons, commas, newlines (used in passwd/group files...) or any non-printable characters.
- There is a length limit of 32 on user names, and a limit of 16 characters on group names.
- The hash_md5_password function that I wrote to MD5 hash passwords for use with a call to useradd.
- See here for how to install Linux onto your removable hard disk using the automatic Kickstart installation disks.
- Setting up local (non-LDAP) accounts
from the OSSI subject about applying OS
yum configuration file that will speed up
yum enormously by installing updates
form local repository. Save this to /tmp and
then copy to overwrite the file /etc/yum.conf,
e.g., after saving to /tmp with
$ sudo cp /tmp/yum.conf-rh9 /etc/yum.conf
- Some notes about updating Mozilla and setting up Java, Acrobat Reader, and Flash 6.
- Lab activity: Making Windows 2000 accounts using Perl.
- An Introduction to SNMP: the MIB tree.
- SNMP Operations: get.
- SNMP Agent: set and trap operations A patch to /etc/snmp/snmpd.conf that provides simple public, private community strings using snmp v3 VACM.
- The VACM, USM Tutorial, Solutions Monday, 23 December 2003. Interfaces Tree A4, just in bounding box: Interfaces Tree; Attempt to show all of the MIB tree (way too wide): Big part of MIB Tree A3, just in bounding box: Big part of MIB Tree
- Perl Net::SNMP, and more on USM and VACM, Solutions, 29 May 2004 snmpget-loopback-bytes, snmpget-loopback-bytes-usm, The SNMP RFCs
- Setting up Cricket to monitor SNMP objects
- Exercises with Cricket
Network Troubleshooting Exercises
- Exercises with troubleshooting tools
- DHCP and tcpdump, the source file print-bootp.c from tcpdump version 3.7.1, from which I wrote the handout.
- Intro to LDAP Operations
- Exercises with LDAP and LDAP filters, solutions. RFC 2254; the grammar used there is defined in RFC 822. LDAP version 3 is defined in RFC 2251.
- Exercises with Net::LDAP, Solutions: change-description.pl, show-password.pl
- An exercise with your own LDAP directory Little shell environment setting file The patch to the migration tools.
Past Exam Papers
Very Important Note
The exam this year (on 31 May 2004) will be quite different from previous years. It will involve much more Perl programming than before. In particular, it will include qestions related to programming with Net::SNMP and Net::LDAP. Information about these modules will be provided in the exam room.
Other changes include BGP added for the first time, some other material on DHCP and DNS removed. We emphasised SNMPv3 much more than previously, and did not perform laboratory exercises with Cricket.
- Supplementary exam for 2003/2004 Question Paper, Suggested answers
- Exam for 2003/2004 Question Paper, Suggested answers
- Exam for 2002/2003 Question Paper, Suggested answers
- Supplementary Exam for 2002/2003 Question Paper, Suggested answers
- Exam for 2001/2002 Question Paper, Suggested answers
- Supplementary exam for 2001/2002 Question Paper, Suggested answers
Older Material from 2001/2002
- Switching notes: (PowerPoint)
- Creating User Accounts in Linux using regular expressions. And here are solutions.
- Tutorial Exercise about the Structure of Management Information. RFC1213-MIB.txt
- The lab test, to be held on Tuesday, 5 February Please refer to the cricket notes above.
- The first Cisco Router familiarisation exercise, in a different laboratory, C218.
Revision from 2001/2002
Books, References and Software
Good books about Perl
Good books about SNMP
- OpenNMS On nms
- Net SNMP
- Cricket Cricket on nms, Cricket Slideshow,
- Nagios (formerly Netsaint)
Other SNMP Resources
- The network management server at http://netman.cit.buffalo.edu/
- The Simple Web at http://www.simpleweb.org/
- SNMP Link at http://www.snmplink.org/
- The Simple Times is an online magazine at http://www.simple-times.org/ that produces a new issue every now and then.
- Links to the SNMP FAQs
Books about Network Troubleshooting
- Joseph D. Sloan, Network Troubleshooting Tools, O'Reilly, August 2001, ISBN 0-596-00186-X
- The excellent mtr program, left out of Sloan's book.
Books about LDAP
- Understanding and Deploying LDAP Directory Services (2nd Edition) Timothy A. Howes, Mark C. Smith, Gordon S. Good ISBN: 0672323168, Addison Wesley Professional, May 2, 2003 (now in the library, call number: TK 5105.595 .H69 2003)
- LDAP System Administration, Gerald Carter 1-565-92491-6
- Clayton Donley, LDAP Programming, Management and Integration, Manning, 2003, ISBN: 1-930110-40-5
- Burning Red Hat CDs with our CD Writer in A204e You still don't have a set of three Fedora Core CDs? Here are detailed instructions on how to use our CD writer in A204e to burn any of the six CDROMs. This also shows how to use the very useful rsync Internet protocol.
Using Mailing Lists (or even asking me questions!)
How To Ask Questions The Smart Way (Eric Raymond)
You will also find this material on the Internet at http://sysadmin.no-ip.com/snm/ (and maybe at http://nicku.thebbs.org/snm/), on the Internet and within the College at http://ictlab.tyict.vtc.edu.hk/snm/ and also at http://CSAlinux.tyict.vtc.edu.hk/snm/.
Copyright 2004 Nick Urbanik: all material on this site is available under the terms of the The GNU General Public License Where is the source? All directories below this one are browsable; all source documents and diagrams are there.
Nick Urbanik <email@example.com>