Connection to a Microsoft VPN from Linux is normally a no-brainer but Ubuntu 8.10 has some "out of the box" issues with connecting to a Microsoft VPN. Before fixing those issues we need to go through the motions and cover all the basics. First, you will need to install NetworkManager for Gnome and the PPTP plugin.

    sudo apt-get install network-manager-gnome network-manager-pptp

    sudo NetworkManager restart

NetworkManager Configuration

You can launch NetworkManager from either the Gnome menu under System | Preferences | Network Configuration or by clicking on the network icon on the Gnome panel and selecting VPN Connections | Configure VPN. Select the VPN tab and click the Add button. When asked to choose a VPN connection type select PPTP and click the Create button. PPTP will be the default unless you have other NetworkManager plugins installed.

Now you should have a dialog to enter the VPN information. There are only a couple of pieces of information that you need to enter on this form.

• Connections name: Name you VPN connection or keep the default name. Your choice.
• Connect automatically: Leave unchecked for now. You can change this later if you want.
• System setting: Leave unchecked.
• Gateway: Enter the host name or IP address of the VPN gateway.
• User name: Enter the NT domain, a backslash and the user name, e.g. EXAMPLE\bill. This is the first of the 8.10 issues - you must enter the NT domain with the user name here or it won't work.
• Password: Leave this blank. This is another 8.10 issue - either accessing or storing the password from NetworkManager is broken and if you enter the password here it won't work. Don't worry, there is a workaround.
• Show password: Don't check it, check it, it matters not.
• NT Domain: Leave this blank. And another 8.10 issue - the NT domain should be entered with the user name instead of here and if you do put the NT domain here it won't work.

The form should look something like this when you are done:

Click the Advanced button and when the dialog appears check Use Point-to-Point encryption (MPPE). Don't change any of the other setting on this form.

Click the OK button on the advanced settings form and then click the OK button on the VPN information form to save the settings for your new VPN. You can close the NetworkManager window now.

Fixing the NetworkManager Configuration

If you try to connect to the VPN now it will fail. By default it is trying to negotiate EAP authentication. There is no was to disable EAP from NetworkManager so you will need to disable it with gconf-editor. Launch gconf-editor from the command line.

    gconf-editor

When the editor starts browse to System | Networking | Connections. Under Connections you should see one or more numbered connection folders. You will need to find the one that has your VPN configuration in it - open each one and look for another folder named vpn. Click on the vpn folder to see the settings to verify that it is the one you need to change. On my system this was connection number 3. Right-click on the configuration list and select New key.

Name the new key refuse-eap, set it's type to String and it's value to yes. Then click the OK button.

Connecting to the VPN

You are finally ready to connect to the VPN. Clink the network icon on the panel and select VPN Connections | <connection name>. Enter your password in the authentication dialog. If you want your password stored in the keyring you can check that option here - that is the workaround for not being able to enter the password in NetworkManager. Click the OK button and if all goes well you will connect to your VPN.

The Bad News

Now that you've got your VPN working there's some really bad news you need to know about. Anytime you launch NetworkManager it is probably going to hork the VPN settings and your VPN will stop working once again. So don't start NetworkManager. But if you do the two things you will most likely need to fix are:

1. Edit the VPN and delete the password from the configuration form. You can re-enter it and save it again the next time you need to connect.
2. Check the refuse-eap setting on your VPN and re-add it with gconf-editor if it is missing.

Good luck!

The schedule for the 2008 film festival was announced today. AIFF published an online guide and schedule in PDF format. Mac users users can download the schedule in .ics format to import into iCal. Everone else can import or bookmark the Google calendar below.

  

Drupal 6.5 was released October 8th and I realized that I had missed a couple of releases. I installed the update and everything worked flawlessly.

---

Update: The blog API module still has an impedance mismatch between RSD and posting. It hands out "1" in response to an RSD query but expects "blog" when posting. So once again I had to re-apply the RSD patch for the Blog API module.

April 28, 2008

The Nation
33 Irving Place
New York, NY 10003

To Whom It May Concern,

Several months ago your magazine solicited me to receive a free trial issue of your magazine. I agreed to receive one free issue. I liked the magazine but did not want to subscribe until some other magazine subscriptions had lapsed.

Last week I received a surprising and vaguely threatening letter from a dubious collection agency called “National Credit Audit Corporation”. This company claims to be collecting $10.97 on behalf of the The Nation for a trial subscription I did not want. A quick search on the Internet showed the true colors of this company. They are a shady collection agency who earn their living by intimidating people for the payment of dubious debts through scare tactics. This business practice is just the modern version of the “protection racket” - give the goons some money and nothing bad will happen to you or your family. Give NCAC $10.97 and nothing bad will happen to your credit. That companies like this exist is scandalous. That your magazine helps them stay in business is shameful.

As long as you continue to do business with NCAC I will never become a subscriber. If your magazine were to sever all ties to NCAC and publicly renounce and repudiate them I would gladly subscribe to your magazine for ten years, paid in advance. But as long as you continue to do business with those charlatans you will not see one penny from me.

Sincerely yours,

Dean Franklin

---

"National Credit Audit Corporation" Tries To Collect Bogus Debt article from The Consumerist

---

Click here to search Google for other reports of fraud, scams and bogus debt collections perpetrated by National Credit Audit Corporation.

Drupal 6.2 was released today. It addresses a security vulnerability that affects Drupal 6.x sites that have multiple users, as well as a variety of other bug fixes. I upgraded from 6.1 to 6.2 without difficulty. However, I did have to re-apply the RSD patch for the Blog API module.

If your blog is powered by Drupal you can blog images and videos from Flickr. This blog post was created with Flickr. First I found an image that was relevant, interesting and licensed under Creative Commons. I decided to use the image to the right which displays a graphical snapshot of the available Drupal modules. Then I clicked the button that appears above images along with the more familiar controls. That button sent me to a Flickr blog form where I typed the blog title and content. Then I posted the entry directly to this blog. (Once I had posted it I opened it with MarsEdit to polish it and add some additional images.)

If you want to try blogging from Flickr you need to make sure you have both the Blog and Blog API modules enabled and configured in Drupal. You can see what modules are enabled and enable or disable additional modules at Home » Administer » Site building » Modules on your blog. You should also check the Drupal user permissions and verify that your users have permission to create blog entries using the Blog module and permissions to add content with the Blog API module. The user permission are found at
Home » Administer » User management » Permissions. Your permission settings for blogging should be similar to mine (see below).

If you are running Drupal 6.x you may also need to apply a patch to the Blog API module to fix this issue.

Once your site has the Blog API module enabled and configured you can add your blog to your Flickr account. Open the Your account / Blogs page in Flickr and click Setup your blog. Flickr needs to know what kind of blog you have and lets you choose from a list of blog types that it knows about. For Drupal-powered blogs you need to select MetaWeblogAPI Enabled Blog.

Next you will need to configure your login details. The API Endpoint is the URL for the blog API. For Drupal with the Blog API module the API Endpoint would be http://www.yourblog.com/xmlrpc.php. You also need to enter your username and password so that Flickr can use RSD to retrieve your blogs details and capabilities.

Depending on your Drupal configuration, you may be prompted to choose a blog. The Drupal Story and Page content types may be listed in addition to Blog entry. If that is the case, just choose the user: blog entry from the list.

After selecting the blog you will have an opportunity to review your blog settings. By default Flickr will store your password and you won't need to enter it when blogging. If you prefer not to let Flickr store your password be sure to uncheck the box before continuing.

You can also select a custom posting template. There are several standard layouts to choose from. Or if you are comfortable with HTML and CSS, you can create a customized template of your own. Finally, you can create a test post from theYour account / Blogs page. If everything worked the way it is supposed to you should see a test post from Flickr on your blog. Now go blog some Flickr images!

This is a test post from , a fancy photo sharing thing.

I should have looked before I wrote my last post on MySQL because there is an updated version of the MySQL package for OS X 10.5. (And it has been available for quite a while too.) I undid everything I had done previously to get MySQL working before and I downloaded and installed the 64-bit version of this new package. I even took myself out of the wheel group.

After installing the updated package I found that I could not start MySQL from the command line or the prefpane. I tried adding myself back to the wheel group but I still couldn't start MySQL. To fix the problem I still had to follow the recommendation to change the ownership of /usr/local/mysql/data that I originally found here. Then I removed myself from the wheel group and I could still start and stop MySQL from both the command line and the prefpane. I'm not sure that changing the permissions is either really necessary or the best solution to the problem but it works.

Then I tried restarting the system to see if the permissions on /usr/local/mysql/data/<computer name>.local.err were getting reset like they were before. They weren't, so that's one less problem to deal with.

Finally I tried enabling automatically starting MySQL on system start and that works now even if your user is not in the wheel group.

So now (almost) everything in the MySQL package for OS X 10.5 works out of the box.

In an earlier post I explored how to install MySQL from a package on OS X Leopard, but I left unsolved the problem of how to make MySQL start automatically on system startup. This morning while reading Mac OS X Hints a post titled "10.5: Join 'wheel' group as possible fix for system issues" caught my eye and started me thinking that perhaps it might also be a solution for the MySQL auto-start problem I had been unable to solve.

First I had to find a way to add myself to the wheel group so followed a link from that hint to another hint titled "10.5: Manage users and groups using a GUI tool"*. From there I downloaded and installed Apple's Server Admin Tools for 10.5. These tools are not meant to be used with the desktop version of OS X, but the Workgroup Manager tool works and can be used add a user to a group. I followed the steps described and added myself to the wheel group. It took me a couple of minutes to find the wheel group because the Workgroup Manager displays the groups' long names instead of their short names. In the case of the wheel group the long name is System Group.

After adding myself to the wheel group I opened the MySQL prefpane in System Preferences and checked "Automatically Start MySQL Server on Startup". Then I shut down and restarted my MacBook. When it finished booting I logged in and MySQL was already running. Problem solved!

---

*Mac OS X Hints offers the following warning for this hint:

Warning: You should not play around with these settings if you don't know what you're doing. It is possible to break certain parts of the operating system, or to render it unusable.

You should definitely not add users to the wheel group unless you are reasonably confident that you know what you are doing and what the security implications are.

In the previous post I explored using the MarsEdit Media Manager to upload non-image files to your website. As a file uploader it works great, but it doesn't work quite as well as a "media manager" for those non-image files. After uploading an MP3 file I went to the Media Manager Catalog to see if I could drop an existing MP3 file into a new blog post as easily as I could with an existing image file. I couldn't because the Media Manager Catalog doesn't handle non-image files well at all.

The highlighted area in the above screenshot is the MP3 file of Memento Mori by The Bastard Fairies that I uploaded earlier. Media Manager displays a light blue rectangle as a place holder for the file but it will not show me the file name or even let me click to select it. I tried uploading several other non-image file types - such as a PDF file - and the Media Manager Catalog handles them all the same way.

The Media Manager Catalog clearly intends to handle non-image files because there is a combo box that can used to filter the view by all files (the default), images only or non-image files only. Interestingly, I can select and insert a non-image file by using the cursor keys to select the file and then clicking insert, but I can't select the file with a mouse click. Even then if there is more than one non-image file there is no way to tell which non-image file you are inserting because there is no file name displayed.

I don't know if this would be classified as a bug or a partially implemented feature. Whatever the case, I would like to see Red Sweater get the Media Manager Catalog working to fully support non-image files. While they are at it there are some other features I would like to see in the Media Manager.

• Catalog Sync - Sync the Media Manager Catalog with files that already exist on the web server. Add existing files to the catalog and also dDelete any entries from the catalog that don't exist on the web server.
• Catalog Delete - Delete a file from the Media Manager Catalog. and also delete the file from the web server. It might also be nice to download the deleted file first and put it in the local Trash in case you made a mistake or change your mind.
• QuickLook Integration - While I wouldn't expect anything more than an icon in the Media Manager Catalog for non-image files, it would be nice to be able to preview the files in QuickLook. This would be a nice feature even for image files which already have a thumbnail view in the Media Manager Catalog.
• Upload and Hyperlink Path Config - Configuration option to specify/override the default for both the file upload and hyperlink paths. (I swear this was an option in an earlier version. But I guess either I hallucinated it, I can't find it now or it has disappeared in the current version.)
• Upload Multiple Files - Drop more than one file on the uploader and upload them all to the web server.
• Replace File - When uploading a file with the same name as an existing file, Media Manager adds "_0", "_1", etc. to the file name and uploads it as a new file. It would be nice to have the option to replace the existing file instead.
• Catalog Duplicate Files - When a file with the same name is uploaded the blog API adds "_0", "_1", etc. to the file name, but the Media Manager Catalog still shows the original name in the Catalog instead of the new name.

If you have any additional suggestions for improving Media Manager let me know in the comments. Better yet, let Red Sweater know too. MarsEdit is a great product but we can help them make it even better.

---

Update: I opened a topic on this issue on Red Sweater's MarsEdit forum. You can comment there as well as here.

---

Update: Daniel Jalkut responded to the forum post and pointed out that some of these features are simply not possible given the current blog APIs. I have updated my list accordingly.