There’s one standard document on HOWTO get Network Connect working on Ubuntu Linux. It’s mad scientist’s doc: http://mad-scientist.us/juniper.html . However, there are a few things not covered. I’ll assume that you’ve followed mad scientist’s excellent guide before going any further.

Issue #1: 64-bit Ubuntu

By default, when you install java on your 64-bit system, you get a 64-bit java. No surprise there, right? Well, Juniper’s tools don’t play nice with 64-bit java. If you attempt to start the junipernc script you’ll promptly see the “VPN has failed!” error message.

VPN has failed!

Also if you look closely in your Terminal you’ll see the text error:

Failed to load the ncui library.

This is the clue that we are dealing with the 64-bit issue.

The work around for this is to install a 32-bit java on your system. Type the following into your Terminal:

sudo apt-get install ia32-sun-java6-bin

After typing your password, a 32-bit copy of java will be installed at: /usr/lib/jvm/ia32-java-6-sun .

Now, you need to convince Juniper Network Connect to use the 32-bit java. If you don’t use java for much besides your new VPN, you may just want to make the 32-bit java your default. This can be done by typing the following into your Terminal:

update-alternatives --set java /usr/lib/jvm/ia32-java-6-sun/jre/bin/java

If you DO use java and just want to tell the VPN to use the 32-bit java, you should modify the junipernc by adding the following line right after the block of lines that start with “#”:

export JDK_HOME=/usr/lib/jvm/ia32-java-6-sun

Now, when you run junipernc, it will use 32-bit java and you should no longer have the failure due to ncui.

Issue #2: Determining Your Realm

The scripting for Network Connect asks a few questions that may not make sense to a typical user. Even a networking savvy programmer may not be certain what values to use for the “Realm” or “PIN + SecureID Code”.

Finding your realm is fairly straight forward if you don’t mind diving into some HTML. Point your web browser to your company’s VPN website: https://vpn.mycompany.com or https://connect.mycompany.com .   View the source of that page and look for a line like:

<input type="hidden" name="realm" value="REALMNAME">

The value of REALMNAME is what you’ll need to enter when prompted.  Your IT department may or may not know what this is if you ask them.

If you don’t know your “PIN + SecureID Code”, it’s simply the password you type along with your username on the VPN website to gain access. As mad scientist says, some companies use “SecurID so [they] enter a personal PIN plus the value provided by the SecurID fob,” which explains why he coded that as the prompt for the password input.

If you need help, there’s a long running thread over at the ubuntu forums where this continues to be discussed a lot: http://ubuntuforums.org/showthread.php?t=232607 . I gathered my info from both mad scientist’s page above and the thread itself.

One further note, I’ve tested this on Ubuntu 9.04 64-bit as well as 8.10 32-bit. Hope this is helpful to all you who need Juniper VPN access on 64-bit Ubuntu Linux.

I recently purchased a Mac Mini to be my home media computer. I plan to blog more about that later. For now, the only tricky thing about using a Mini has been using my TV for a monitor.

There’s a lot of noise on the web (or Google at least) when trying to search for a solution to using a Mini’s DVI output on LCD TV’s. Typically they recommend using DisplayConfigX  or SwitchResX to tweak your display modelines, timing, resolution, and just generally dive deeper than I like  into display configuration. My solution was MUCH simpler.

My television is a Samsung 46″ LCD (LN46A539P1F). It has 3 HDMI inputs, but one is specifically intended to be used for PCI DVI input converted to HDMI.  It also provides a VGA DSUB input which works perfectly with a Mac Mini’s miniDVI->VGA apapter, but the point here is to get direct digital signal without converting to analog.

The Mac Mini has a miniDVI output and is packaged with a miniDVI->DVI adapter, so to get a signal into the TV, you’ll need a DVI->HDMI or miniDVI->HDMI adapter. I bought both from Monoprice as they are very inexpensive and either works fine.

Once you have the apdapter on and the HDMI cable connected to the TV, the Mac will recognize that it is displaying on an HDTV and will recommend 720p (1280×720 resoution) or 1080p (1920×1080 resolution). However, you will now most likely see that your output is either too small on the screen (has a few inches of black border around the picture)  or is too big (extends beyond the screen). If it’s too big, you have Overscan enabled in your Displays preference pane. If not, you should enable Overscan.

Now, on your TV, go to the Menu:

• Choose “Picture” (should be first option)
• Choose “Picture Options” (near the bottom of list)
• Choose “Size” (will have options like 4:3, 16:9, and Just Scan)
• Choose “Just Scan”
• Close Menu

Bam! Your display should now be just right!

I discovered J.D.’s Get Rich Slowly personal finance blog a few months ago and have read it off and on since then.

Today I noticed he had a link to an excellent slideshow resource provided by Dave Ramsey.

So, go watch how you and I can both Drive Free and Retire Rich.

My company is amazing. In preparation for the launch of our new product, some of the team got together to launch a rocket. After all, NASA uses Jive, so why shouldn’t we use rockets?

There was one dude on site who managed to catch this awesome snapshot!

Jive Launches the SBS Rocket!

I’m just posting a simple tip today.

I was wanting to play around with the very cool SASS meta-language using Compass. The language and tool are implemented in Ruby, which is pre-installed on OS X, but as I discovered, I needed a newer version of RubyGems.

I had already known I needed to update Gems, so I was doing the following:

$ sudo gem update

Eventually I got errors like this:

Updating installed gems...
Bulk updating Gem source index for: http://gems.rubyforge.org
Bulk updating Gem source index for: http://gems.github.com/
Attempting remote update of RedCloth
ERROR:  Error installing RedCloth:
    RedCloth requires RubyGems version >= 1.2
Attempting remote update of capistrano
ERROR:  Error installing capistrano:
    capistrano requires RubyGems version >= 1.2
Attempting remote update of net-sftp
ERROR:  Error installing net-sftp:
    net-sftp requires RubyGems version >= 1.2
Attempting remote update of net-ssh
ERROR:  Error installing net-ssh:
    net-ssh requires RubyGems version >= 1.2
Gems updated: RedCloth, capistrano, net-sftp, net-ssh

Turns out, to update RubyGems, one must update the gem system!

So, the next correct command to run is:

$ sudo gem update --system

This updated my RubyGems to version 1.3.1 and allowed me to move forward in playing with Ruby.

Long have I searched for the magic bullet solution to my bookmark synchronization woes.  I’ve wanted a simple plugin that would synchronize my bookmarks between multiple installations of Firefox and Safari, thus making it simple to access said bookmarks from any computer, or between the two commonly used browsers on my Mac.  I’ve looked at many options, but always the solution only allows me to sync one browser or the other, leaving me looking for some secondary sync tool to get between Firefox and Safari on my Mac itself, not via network or a proper sync.

I’d almost given up on finding a solution, then, a few months ago I started using Delicious. It was cool because there were plugins for Safari, Firefox, and IE, and of course, it’s by default a web based bookmarking system. Its cool, I like it, but I just didn’t use it much. The plugins integrate it into the browser by giving you ANOTHER bookmarks menu, not by integrating with the browsers’ bookmark system.

Before ever using Safari or Delicious, my Firefox bookmark sync tool of choice was Foxmarks. It provided a web interface for remote access to my bookmarks, plus a nice sync interface for all my Firefox installations. I was randomly poking around today and discovered that Foxmarks now works with Safari and IE! I was excited and wasted no time installing Foxmarks for Safari. So far, it works great!

For the most part, it works just as you’d expect, bookmarks sync between all my Safari(Mac only, for now, I think) and Firefox(Mac, Linux, and Windows) installations without hassle. I’ve yet to try out the Internet Explorer functionality, but I’m guessing it works pretty well. I just don’t use IE enough to care.

One caveat to be aware of: both Firefox and Safari use some browser specific URL syntax to access internal functionality for recent bookmarks, etc. That stuff will only work on the browser where it was created, Safari on Safari, Firefox on Firefox, etc. For me, that’s a non issue, I rarely use those features. I have tested and confirmed that javascript bookmarklets (like for Tinyurl and Cornify) do seem to work after syncing. Those are about the only reason I use on the bookmark menubar.

Since getting a Mac Book Pro for work, I’ve become quite the fan of OS X. As a unix/software guy, I really enjoy having the power of a BSD/Unix system readily available, without having to install some hack like cygwin. (I’m not knocking cygwin, it’s a really nice Windows add-on, but I prefer not to run Windows, in general.) I also like the OS X user interface, and lately, that it runs the very cool boxee media center software. So, I wanted to build a boxee box. My options were AppleTV, Mac Mini, or Hackintosh. The Mac Mini was more money than I wanted to spend for an untested solution. The AppleTV would probably be a good solution, especially now that it’s getting more testing from the boxee community, but I wasn’t sure about it. Finally, I thought that a Hackintosh would be a cool project, give me not just boxee but a full OS X system, and I could buy the parts for $235 from newegg. That’s a cheap computer, and especially a cheap Mac.

I went with an Intel D945GCLF2 motherboard. It’s a mini-ITX board with built in dual Atom 330 processors, the kind of CPU’s used in the new and inexpensive NetBook computers. It’s a very low power solution, but with the dual processors most of the research I did suggested it should do 720p HD content. It has a S/PDIF header for digital audio out, but requires an extra cable and I have yet to test it. VGA out is less preferable than DVI, but again, this is cheap, and my Samsung 46″ LCD has VGA-input, so it certainly works. Also, it’s limited to a single 2GB DIMM, so max out that RAM early.

I bought the following from newegg:

• D945GCLF2 motherboard - $80
• Any old PATA (SATA should work, too) DVD Burner - $25
• 2GB Kingston 240-pin DDR2 667 SDRAM - $21
• APEX MI-100 Black/Silver Mini-ITX Case w/ 250w PSU - $56
• 80GB Western Digital SATA Hard Drive - $37
• Shipping/Handling + rush processing - $15

Total cost: $234
Full disclosure: I later bought a cheap USB bluetooth dongle ($25) and Apple’s Bluetooth keyboard and mouse (full retail, ouch) as that was the best wireless control solution, but any USB keyboard and mouse combo should work fine for normal usage.

INSTALL GUIDE FOR RETAIL OS X on D945GCLF2

Read more »

I’ve been a bit obsessive this week as I’ve been trying to research and find a new camera that I would really like. The last one died last weekend… so we were facing the trip home for Christmas with no camera! Before Beaumin was born, not having a camera for a few weeks would have been a non-issue, but now, we take multiple pictures a day!

I talked with several friends who are way more “camera geeky” than I am… I’m pretty ignorant of photography for the most part, but I wouldn’t mind learning a bit more. So I only had a few basic criteria:

• Pretty decent low-light (indoor) photos
• Use AA batteries (I really like having easy access to spares in a pinch)
• Some advanced features so I can learn more if I get motivated

Not required but very nice to have items were:

• Big optical zoom (because its really nice)
• Viewfinder (because sometimes glare just makes LCDs useless)
• Semi-fast flash recharge

It was soon obvious that I was looking for an “Advanced Point and Shoot” for which a few of the top players were Nikon’s P80 and Canon’s SX10 IS. I have some friends who are die-hard Nikon fans and others who are die-hard Canon fans, so this was tricky.

Read more »

A while back I posted a simple solution for restricting website access in a situation where HTTP basic authentication couldn’t be used.

Not much more to the story, but I did make a few tweaks to my sample code. The mod_rewrite rule and javascript have been a tiny bit improved, so now after a successful login, it will try to redirect you to where you intended to go. (Previously, it always sent the user to /) 

Also, in the comments I made it MUCH clearer that this is NOT intended to be a secure solution, just a simple way to keep Google and random people out of things. Anyone with a basic knowledge of HTML/Javascript/Cookies (or less than basic) could read the source and figure out how to create the “secure” cookie, and BAM they’re in like Flynn.

I’m solidly impressed with the WPMU Plugin Commander. One thing that seemed odd to me about WPMU was that I either enable users to have plugin control, or NO ONE (not even the site admin) has the ability to enabled/disable plugins (without a lot of hacking).

This plugin provides a control panel where I can globally enable/disable plugins, set plugins to be auto-enabled for new blogs, and give users the ability to enable/disable only selected plugins.

The perfect scenario is, I want to auto-anable Akismet for my users, so they get spam filtering on comments. Also, I want them to have the ability to try out other various plugins, but don’t want them able to turn off Aksimet.

I’ll echo the sentiments of others I read when discovering Plugin Commander, “this functionality should be in WPMU core!”