Irena Sendler’s Story

Again, I promise I won’t do this very often (since this is a programming blog), but the world needs to know…

Irena Sendler (http://en.wikipedia.org/wiki/Irena_Sendler), a Polish Catholic social worker, risked her very own life to save 2,500 Jewish children from certain death at the hands of the Nazi genocide.  She did it by smuggling the children out of the Warsaw ghettos and placing them in new homes with new identities.  Then when the Holocaust was over, she spent her life reuniting these children with loved ones and extended family members (because many of the children’s parents had been executed).

An amazing woman, worthy of an amazing recognition.  The Nobel Peace Prize would be fitting, wouldn’t you say?  It is awarded "to the person who shall have done the most or the best work for fraternity between nations, for the abolition or reduction of standing armies, and for the holding and promotion of peace congresses."

She was indeed nominated for the prize in 2007.  However, she lost…and guess who won instead?  A propagandist and environmental alarmist, who has placed himself in a position to benefit greatly (financially and politically) from the "Green Movement" (in truth, it is nothing more than a theory that greenhouse gases are the cause of Global Warming).  Al Gore won the Nobel Peace Prize for creating a slide show movie.  I think I would be less irritated if he had won for his invention of the Internet or something.

Here is a tribute to Irena Sendler that everyone should watch: 

The question I have to ask is how can Al Gore accept the Nobel Peace Prize, knowing that he was up against a real hero and freedom fighter?  She risked her life for peace and saved 2,500 Jewish children.  Al Gore has done nothing but shoot off his mouth.  How can he even think he deserved the prize more than her?  Why didn’t he decline the prize and offer up the name of Irena instead?  Because it didn’t quite fit into his political agenda.

On behalf of those that can appreciate true selfless and compassionate service to mankind, I have just four words for Irena Sendler:

Thank you so much.

Comments

Anonymous
The 2007 Nobel Peace Prize was shared.

Cannot Set a Value on Node Type ‘Element’

You will receive an InvalidOperationException with this error message if you try to use the Value property of an XmlNode to set the node’s value.  You need to set the value using the InnerText property instead.

Thank you to this blog post for documenting the issue and its fix:  http://www.neilpullinger.co.uk/2008/03/cannot-set-value-on-node-type-element.html

Comments

Anonymous
TKSSSSSSSSSSSSSSSSSSS
Sandeepya
Thanks !
Anonymous
This helped me a lot - a huge Thanks from Germany!

Virtual Machine Converter Tool

VMWare provides a free utility that can clone physical machines into a VMWare virtual machine; it can also convert other vendors’ VM formats into the VMWare format.  I can think of so many uses for this very handy tool.  It has a very simple and easy user interface that walks you through the steps.  Here is a link to the product:

http://www.vmware.com/products/converter/

One important note:  When you are specifying the name and destination of the resultant VM image, the location must be in UNC format (i.e., \machinename\share).  The thing that got me, though, was that it will give you an uninformative error if you leave a trailing backslash (‘') at the end of the UNC path, saying something like it couldn’t connect to the share for some reason.  Just remove the last slash and you’ll be good to go.

Adding a Linux Machine to a Windows Domain

Before I went on vacation last week, I was able to successfully add a Red Hat Enterprise Server (version 3) box to our Windows 2003 Active Directory Domain.  I primarily used the following link as a guide through the process:

http://www.wlug.org.nz/ActiveDirectorySamba

I will now add some extra commentary to each of the steps on the tutorial for my specific situation:

————————————————–

1.  Install and Check Necessary Packages:  For this step, I opened a shell and used the up2date utility to verify the named packages were up-to-date.  Prior to this, I had let Red Hat update everything it thought needed to be updated; this means that this step was trivial for me, since every necessary package was found and up-to-date.  Also, my installation had system-config-samba for the first packaged named in the list.

2.  Configure Name Resolution:  We chose the easier option of merely configuring the hosts file on both machines.  I know the tutorial says to avoid it, but we are not at a place right now where we could easily switch our DNS machine to be a Linux box.  We haven’t had any problems so far, but I will keep you updated.

3.  Configure Samba and Winbindd:  I went ahead and just replaced my smb.conf with the one in the tutorial and then modified the workgroup, netbios name, realm, and password server accordingly.

4.  Configure Kerberos:  I was able to get the net ads join command to work after changing one configuration setting in the \etc\krb5.conf file (and therefore, not needing to perform the "Manual Approach").  I changed the dns_lookup_kdc property to true and then the Domain server was able to accept the Linux box into the domain.  I eventually ended up making a few more changes to this file after seeing an example file on Red Hat’s support site.  My config file looks just like the one at this link, with the exception of the property I set to true mentioned above (also don’t forget to replace the EXAMPLE.DIRECTORY and 10.0.0.1 place-holders with your specific values):

http://kbase.redhat.com/faq/FAQ_71_2338.shtm

Next, go ahead and execute the commands in the "(Re)starting Samba and Winbindd" section in order to test that everything is playing nice.  For my installation, however, in order to restart the Samba service, I used the following command from a shell:

/etc/rc.d/init.d/smb restart

If everything goes alright, then modify the init.d startup scripts in order to start the smb and winbindd services at boot up.  For my installation, I ended up just using the GUI utility provided by Red Hat found under something like System Settings | Server Settings | Services (or you can just type redhat-config-services into a shell).  Just check the two services and then be sure to hit the Save button.

5.  Configure PAM and Winbind:  For this step, I ended up changing a few different config files, and I’m not which ones really mattered or not.  So go ahead and make the changes to \etc\pam.d\login; I believe it is 3 lines that need to be added (the auth line for pam_unix.so and two pam_winbind.so lines, one for the auth section and one for the account section).  I also added these same 3 lines to \etc\pam.d\remote and \etc\pam.d\sshd.  For the \etc\pam.d\su config file, I only added the two pam_winbind.so lines (with no parameters and using the /lib/security/$ISA/ folder structure all of the other lines in the file use).

There is one more change I made to \etc\pam.d\system-auth, which allows the automatic creation of user profiles for your domain accounts upon first login.  I added the following script call as required under the session section:

/lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel umask=0077

Be sure to read the article at the following link to understand what this script will and won’t do:

http://kbase.redhat.com/faq/FAQ_85_5367.shtm

————————————————–

After verifying that domain user accounts can login, su, and ssh, I also did a reboot to make sure everything started up correctly on boot up and that the profiles were being automatically created.  Also, make sure the login screen will show the box name and it’s newly inherited domain.

I may be trying to do this exact same procedure soon for an Ubuntu machine on our company network.  I’m still undecided whether to just try this method above or to try following a pretty well-written tutorial I found on Ubuntu’s support site (currently, I’m leaning toward the latter).  I’ll let you know how it goes when I do though.

FOLLOWUP (07/16/08):  I just found out the Ubuntu machine is going to be phased out and redone anyway.  So I won’t be attempting to migrate it to our Windows Domain anymore.  But here are some good links I found in my research specific to doing this process on Ubuntu:

Comments

PapaBear
Excellent! Now if only my current company had some linux servers for me to play around on (and were willing to let me play with their Active Directory). Someday I plan to buy a really beefy 64bit server (one running the new cell processor), put windows server 2008 on it and virtualize a whole bunch of windows and linux machines in an isolated network on it. Then I can designate one of the many windows server 2003 virtual machines that I will have running in it as a D.C. and try to join every other virtual machine to it (including the linux ones using the steps you outlined here!) all on a single physical machine (one of the virtual machines will be a linux firewall/router so that I can connect to the host machine’s network adapter so that it can see the internet). Someday…. Until then I can only dream about the awesome experience you are having at your current job. Kudos, Mike!

Randomly Reordering an Array - Beware of Bias

Comments

So I came upon the following blog post and found that I (just as the author has done) have been using a naive algorithm for randomly reordering arrays (mostly notably used when shuffling a deck of cards):

http://scottonwriting.net/sowblog/posts/13356.aspx

I agree I have seen this simple iterate-and-swap reordering algorithm all over the place, even in my education at college.  I can think of a few applications that I am using it in right now.  Here is some example C# code demonstrating the faulty algorithm:

Random rnd = new Random();

for (int i = 0; i < deck.Length; i++)
{
   // Set swapWithPos to a random position,
   //    such that 0 <= swapWithPos < deck.Length
   int swapWithPos = rnd.Next(deck.Length);

   // Swap the value at the "current"
   //    position (i) with value at swapWithPos
   int tmp = deck[i];
   deck[i] = deck[swapWithPos];
   deck[swapWithPos] = tmp;
}

Apparently, there is some bias introduced by this algorithm while reordering the array.  For example, with a 3 item array of values [0, 1, 2], there are 27 outcomes, but only 6 unique permutations.  Half of the permutations ([0, 2, 1], [1, 0, 2], and [1, 2, 0]) each appear 5 times in the 27 outcomes, while the other half of the permutations ([0, 1, 2], [2, 0, 1], and [2, 1, 0]) each appear only 4 times each.  There is a slight bias toward half of the permutations in this example.

With a few modifications, this algorithm can be morphed into the Fisher-Yates Shuffle (also known as the Knuth Shuffle), which provides for an unbiased way to guarantee each permutation to be equally likely.  Here is some example C# code showing the more correct reordering algorithm:

Random rnd = new Random();

// The number of items left to shuffle (loop invariant).
int i = deck.length;

while (i > 1)
{
    // Set swapWithPos to a random position,
    //    such that 0 <= swapWithPos < i
    int swapWithPos = rnd.Next(i);

    // Decrement i in order to make it the last pertinent index
    --i;

    // Swap the value at the "current"
    //    position (i) with value at swapWithPos
    int tmp = deck[i];
    deck[i] = deck[swapWithPos];
    deck[swapWithPos] = tmp;
}

This algorithm has built into it some method for setting aside a growing set of already shuffled items as it iterates through the array.  Perhaps it is this feature that eliminates the bias toward a certain subset of the permutations (I can’t really tell from my readings).

FOLLOWUP (01/05/09):  I found this article today on the same subject, but with a lot more graphs and detailed explanations:  The Danger of Naïveté