| *** _markh__ (~chatzilla@wish-hq3.gotadsl.co.uk) has joined #wikid | 01:31 | |
| *** _markh_ has quit (Ping timeout: 240 seconds) | 01:31 | |
| *** _markh__ is now known as _markh_ | 01:31 | |
| *** CowboyPride (~BartSimps@cpe-075-183-177-241.sc.res.rr.com) has joined #wikid | 03:12 | |
| *** CowboyPride has quit (Client Quit) | 03:13 | |
| *** CowboyPride (~BartSimps@cpe-075-183-177-241.sc.res.rr.com) has joined #wikid | 03:18 | |
| *** CowboyPride has parted #wikid (None) | 03:18 | |
| *** nowen (~nowen@adsl-74-176-212-133.asm.bellsouth.net) has joined #wikid | 13:52 | |
| *** bhuffman (4614c8ba@gateway/web/freenode/ip.70.20.200.186) has joined #wikid | 15:09 | |
| bhuffman | I'd like to have the same user on multiple devices but that doesn't seem to be possible. Am I missing something? | 16:14 |
|---|---|---|
| nowen | have you seen example.jsp? | 16:14 |
| nowen | it is possible, but it is limited to the API currently | 16:14 |
| bhuffman | I've seen it... | 16:15 |
| nowen | there is an option to Add a Device Without a Passcode | 16:15 |
| nowen | you can enter a registration code there to an existing username | 16:15 |
| bhuffman | which section should I use to do this? | 16:24 |
| nowen | It should say Add a Device Without a Passcode or similar | 16:25 |
| bhuffman | Excellent - that works. | 16:26 |
| nowen | cool | 16:26 |
| bhuffman | Are there plans to add that to the standard config GUI? | 16:26 |
| nowen | if you take a look at ADRegister in /opt/WiKID/tomcat/webapps/wikid/ADRegister, you can see it in action | 16:27 |
| nowen | probably at some point | 16:28 |
| nowen | :) | 16:28 |
| *** bhuffman has quit (Quit: Page closed) | 16:32 | |
| *** CoolAcid has quit (Ping timeout: 252 seconds) | 17:25 | |
| *** CoolAcid (~Jason@2001:470:c025:f00d:8e89:a5ff:fe30:c728) has joined #wikid | 17:26 | |
| *** Guest56543 has quit (Quit: Page closed) | 18:08 | |
| *** prowlah has quit (Quit: leaving) | 18:39 | |
| *** jerquiaga (266bb9e2@gateway/web/freenode/ip.38.107.185.226) has joined #wikid | 18:54 | |
| jerquiaga | Morning all. I'm trying to setup WiKID on CentOS 6.2, followed the install how-to for the enterprise RPMs, and it doesn't seem to be working. I can get the RPMs installed, run wikidctl setup, but can't get to the web page after that to finish the setup. It's almost like the webserver isn't starting, because there doesn't appear to be anything listening on port 80. Any thoughts? | 18:57 |
| nowen | can you run 'netstat -anp | grep java' and see if it returns anything | 18:57 |
| jerquiaga | Doesn't return anything | 18:58 |
| nowen | did you run "wikidctl start"? | 18:59 |
| jerquiaga | I did, and I get: Database already started. Starting Logger service...Success! Starting TimeCop service...Success! Starting Tomcat server ...Success! | 18:59 |
| nowen | hmm | 19:00 |
| nowen | and yet, nothing from netstat | 19:00 |
| jerquiaga | Nope, nothing | 19:01 |
| nowen | can you look in /opt/WiKID/tomcat/logs/catalina.out for an error | 19:01 |
| jerquiaga | is there a way that I can verify that those services are actually running? | 19:01 |
| jerquiaga | yeah, let me check | 19:01 |
| nowen | yes, by running netstat :) | 19:01 |
| jerquiaga | got it... i have some no such file or directory errors | 19:02 |
| nowen | can you paste them into pastebin.com so I can see them? | 19:03 |
| nowen | what version of WiKID is this? | 19:03 |
| jerquiaga | http://pastebin.com/C8cSFQiG | 19:04 |
| jerquiaga | wikid-server-enterprise-3.4.87.b1074-1.noarch.rpm | 19:05 |
| nowen | did you install openjdk? | 19:05 |
| jerquiaga | when i ran the yum install for open jdk, it said it was already installed | 19:06 |
| nowen | run 'java -version' | 19:08 |
| jerquiaga | java version "1.6.0_22" OpenJDK Runtime Environment (IcedTea6 1.10.4) (rhel-1.42.1.10.4.el6_2-x86_64) OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode) | 19:08 |
| nowen | do you have /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/bin/java? | 19:10 |
| nowen | what happens when you run that command | 19:10 |
| nowen | hmm. | 19:11 |
| nowen | run 'echo $JAVA_HOME' | 19:11 |
| jerquiaga | looks like the path i have is /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/bin/java | 19:12 |
| jerquiaga | JAVA_HOME is /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64 | 19:12 |
| nowen | you can reset java_home by running 'export JAVA_HOME= /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/ | 19:12 |
| nowen | ' | 19:12 |
| jerquiaga | looks like i have an extra jre in there that WiKID isn't expecting for some reason | 19:13 |
| nowen | did you run the alternatives command? | 19:14 |
| jerquiaga | OK, i did the export | 19:14 |
| jerquiaga | yeah, i did | 19:14 |
| jerquiaga | when i ran the configure, it was set as the OpenJDK | 19:14 |
| jerquiaga | let me try starting it again after the export | 19:14 |
| nowen | hmm. I wonder. | 19:15 |
| nowen | I think that openjdk does one thing and sun's the other | 19:15 |
| jerquiaga | now i have java listening it looks like | 19:15 |
| jerquiaga | although, still no page | 19:17 |
| nowen | try going straight to https://ipaddress/WiKIDAdmin | 19:18 |
| jerquiaga | No joy | 19:19 |
| nowen | are you on IE? | 19:19 |
| jerquiaga | Chrome | 19:19 |
| nowen | is iptables open for those ports? | 19:19 |
| jerquiaga | how do i check? i admit that I'm not very proficient on the Linux side of the house | 19:20 |
| nowen | 'iptables -L -n' will list what is open | 19:20 |
| nowen | you might want to use our ISO. it builds an appliance, essentially. no linux needed, but helpful. it handles the fw etc | 19:21 |
| jerquiaga | http://pastebin.com/yvU212NN | 19:21 |
| jerquiaga | OK, maybe I will try that then | 19:22 |
| nowen | I have to say it is quite a breeze | 19:22 |
| nowen | are you using vmware or some such? | 19:22 |
| jerquiaga | we use Hyper-V | 19:22 |
| nowen | that should be fine. the iso is based on centos 5 btw | 19:23 |
| jerquiaga | OK | 19:23 |
| jerquiaga | I'll grab the ISO then and give that a shot | 19:23 |
| jerquiaga | thanks for the help! | 19:23 |
| nowen | cool. come back here | 19:23 |
| nowen | for anythin | 19:23 |
| nowen | g | 19:23 |
| jerquiaga | will do | 19:23 |
| *** jerquiaga has quit (Quit: Page closed) | 19:23 | |
| *** jmcmurry (266366aa@gateway/web/freenode/ip.38.99.102.170) has joined #wikid | 22:09 | |
| jmcmurry | thanks for the links Nick | 22:09 |
| nowen | NP ;) | 22:09 |
| nowen | do your NAC devices support Radius? | 22:10 |
| jmcmurry | yes they do | 22:10 |
| nowen | integration should be quite simple then | 22:11 |
| jmcmurry | should be a no brainer -> will be more of a implementation whitepaper we will do first | 22:11 |
| nowen | let me know and we'll give you some link love | 22:11 |
| jmcmurry | I had been meaning to get a couple of people on this in Nov '11 but we got busy and i dropped the ball | 22:12 |
| jmcmurry | so i thought i would do it to kickstart them :) | 22:12 |
| nowen | :) | 22:12 |
| nowen | that's good to be busy at the end of the year | 22:13 |
| jmcmurry | it was the busiest december since we started in 2007 | 22:13 |
| nowen | you know, our PC token can run on a USB drive. There might be something with that and USBInformer | 22:13 |
| jmcmurry | oh, now there is a thought. i like that idea | 22:13 |
| nowen | in fact _markh_ might have some thoughts on that if he is here | 22:15 |
| jmcmurry | We just released (last week) USBInformer and have sold 30 copies so far (50 user licenses) | 22:21 |
| nowen | nice | 22:21 |
| jmcmurry | not a huge thing, but it was nice to see an immediate pop | 22:22 |
| nowen | definitely | 22:22 |
| jmcmurry | we are not a big company by any means <25 people | 22:22 |
| jmcmurry | our Edge line we sell on average 40 units per month | 22:23 |
| nowen | same here. we use some reliable contractors for certain things. windows native, apple | 22:23 |
| jmcmurry | december we did 65, so that was huge for us | 22:23 |
| jmcmurry | we have a couple of guys in new mexico who contract on some things for us (not NAC related, thats all in house) | 22:24 |
| jmcmurry | our bread and butter is NAC of course. but looking to expand in other areas. two factor is going to be a big push for us in 2012 with our utility customers | 22:25 |
| jmcmurry | :) | 22:25 |
| nowen | interesting. I don't suppose you'll be at Shmoocon? | 22:25 |
| jmcmurry | unfortunately no, i am traveling between Northern california office, SoCal, Utah and Seattle in Jan / Feb | 22:26 |
| nowen | ugh | 22:26 |
| jmcmurry | i never seem to get to go to conferences, but last year I tried hard and went to defcon/bh/bsidesvegas/interop/rsa | 22:27 |
| nowen | RSA is out for me this year - overlaps with a school break | 22:27 |
| jmcmurry | i don't know if i will do RSA this year, its become more hype and cramped spaces :) | 22:28 |
| jmcmurry | i really enjoy the besides/firetalks ideal | 22:28 |
| nowen | BsidesSF | 22:28 |
| nowen | we have had two great ones here in Atlanta | 22:28 |
| jmcmurry | of course that doesn't exactly our real customer - so we go to utility conferences, education confs, etc | 22:29 |
| nowen | yeah, I feel the same way | 22:29 |
| jmcmurry | yeah we sponsored bsidesatlanta in 2011 (i think $750 ) | 22:29 |
| nowen | oh yeaj/ LOL | 22:29 |
| nowen | FYI I still have to send that check in. Still waiting on receipts from some peopel | 22:30 |
| jmcmurry | our goal this year is to sponsor every single bsides in the US | 22:30 |
| nowen | that is great | 22:30 |
| nowen | did you have someone here? | 22:30 |
| jmcmurry | nope :( | 22:30 |
| jmcmurry | this year though, i think either myself or Ethan will go to some of them in person, just to hang out | 22:31 |
| nowen | yeah. the connections are great | 22:31 |
| jmcmurry | the information passed is awesome, and the connections | 22:31 |
| jmcmurry | i don't think of sponsoring as a revenue generator at all | 22:32 |
| nowen | no | 22:32 |
| jmcmurry | our little way of giving back, to help the next group of people coming up | 22:32 |
| jmcmurry | its not much (the $750 per sponsor) but it is helpful for some of the locations | 22:32 |
| nowen | big time | 22:32 |
| jmcmurry | we meet our customers at JMUX conference, EDUCase, etc and of course word of mouth | 22:33 |
| nowen | what is jmux? | 22:35 |
| jmcmurry | these guys (now a GE company) http://www.gedigitalenergy.com/multilin/catalog/jmux.htm | 22:36 |
| nowen | hmm | 22:36 |
| jmcmurry | every single utility out there uses something like this (most us JMUX, some intermix with other types) | 22:36 |
| jmcmurry | PG&E, SOCAL Edison, WAPA all use JMUX | 22:37 |
| jmcmurry | it is THE interconnect between substations | 22:37 |
| jmcmurry | SCADA rides on it :) | 22:37 |
| jmcmurry | Meters (revenue) ride on it for electric and water | 22:38 |
| jmcmurry | better link http://www.gedigitalenergy.com/Communications/Multiplexers.asp | 22:38 |
| jmcmurry | we have (and are) deploying our Edge devices in front of these systems to provide access control - hence the need for two factor :) | 22:39 |
| nowen | regulatory requirement? | 22:40 |
| jmcmurry | yes | 22:40 |
| jmcmurry | JMUX can be considered a Critical Asset by NERC, so it would fall under the CIP for access, admission, monitoring, etc | 22:40 |
| jmcmurry | have you garnered any success in the utility vertical ? | 22:58 |
| nowen | not really | 22:58 |
| nowen | seems to be heating up tho | 22:59 |
| jmcmurry | might be interesting if there was a good match with our product sets, to jointly go after that vertical | 22:59 |
| nowen | definitely | 22:59 |
| jmcmurry | do you have salespeople? | 23:07 |
| nowen | no | 23:07 |
| nowen | we mostly do pre-sales support. that gets them up and running. once it is up and running, it tends to stay that way | 23:07 |
| nowen | we market mostly to techies, who then do the install and sell it up to mgmt | 23:08 |
| jmcmurry | i have 3 inside sales people, along with 2 pre-sales eng | 23:08 |
| jmcmurry | all inhouse | 23:08 |
| nowen | I would have thought that the utilities would want to see a body | 23:08 |
| jmcmurry | when we sell the systems, we can be onsite as well (have 1 more person outside eng support) | 23:09 |
| jmcmurry | and of course our staff moves between customers | 23:09 |
| jmcmurry | locations | 23:09 |
| jmcmurry | since each place is unique, our model is to sell the systems, then hold their hands through planing, deployment and long term support/maintenance | 23:10 |
| jmcmurry | a lot of places don't have real technical people on staff. especially some of the Govt (Fed) agencies we deal with | 23:10 |
| nowen | yeah, that could be an issue for us. | 23:10 |
| jmcmurry | they know they have problems, they just don't know how to fix | 23:11 |
| nowen | it's pretty simple to setup the appliance, but it helps to know networking, etc | 23:11 |
| jmcmurry | well if it was integrated solution to a joint customer we could also be the first point of contact to assist with WiKid appliance | 23:11 |
| jmcmurry | and help (or do) the integration for the customer as part of the package | 23:12 |
| nowen | or run it on your box? | 23:12 |
| jmcmurry | hmm, didn't think of that | 23:12 |
| nowen | it might be best behind your box from a security standpoint, but I don't know much about your box. | 23:16 |
| nowen | time for me to head home | 23:17 |
| jmcmurry | it would sit on our control server | 23:18 |
| jmcmurry | which is above the edge itself | 23:18 |
| jmcmurry | minimum deployment is a control server and a edge (two sep appliances) | 23:18 |
| jmcmurry | 1 CS can support up to 50 Edge devices | 23:18 |
| nowen | ok | 23:19 |
| jmcmurry | os is based on freebsd | 23:20 |
| jmcmurry | stripped down | 23:20 |
| nowen | hmm, we're geared toward linux, but it shouldn't be too hard | 23:20 |
| jmcmurry | ok u go home - i won't keep you | 23:20 |
| nowen | our server is written in java | 23:20 |
| nowen | ok - I'll be back tomorrow | 23:21 |
| jmcmurry | should be a prob | 23:21 |
| jmcmurry | should not be | 23:21 |
| nowen | :) | 23:21 |
| nowen | later! | 23:21 |
| jmcmurry | cy | 23:21 |
| *** nowen has quit (Quit: Leaving.) | 23:21 | |
| *** jmcmurry has quit (Ping timeout: 264 seconds) | 23:54 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!