Tofu Bánh Mì Chay Recipe

by Lisa

December 29, 2014

Ingredients:

One 14-ounce package extra-firm tofu
1.5 cups of shredded carrots
3 tablespoons rice vinegar
2 tablespoons palm sugar
1/4 cup olive oil
Sriracha sauce
1/3 cup soy sauce
1 medium yellow onion, thinly sliced
1.5 teaspoons black pepper
Fresh baguettes (
English cucumber, shredded

Method:

1. At least one day before you plan to make the sandwiches, cut the tofu into slices and pat dry. Freeze the tofu overnight, then thaw it in the refrigerator. Once it has thawed, squeeze it dry again.

2. Combine the carrot, 2 tablespoons of the vinegar, 1 tablespoon of the sugar, and a large pinch of salt in a medium bowl; cover and refrigerate while you prepare the other ingredients.

3. Whisk together the oil and a few drops of Sriracha (personal taste how much) in a small bowl.

4. Put 1 tablespoon of palm sugar and 1 tablespoon water in a large skillet over medium-low heat. Cook, shaking and swirling the pan occasionally (but not stirring), until the sugar is mostly melted and golden brown. Slowly drizzle in the soy sauce, then add the onion. Cook, stirring often, until the onion is tender, 8 to 10 minutes. Add the thawed tofu and the black pepper and cook, turning the tofu occasionally, until it has absorbed most of the sauce, about 15 minutes.

5. Split the baguette horizontally with a bread knife.Spread the Sirachah mixture on the bottom half of the baguette, and top with the tofu mixture, the carrot mixture, and the cucumber.

Stars

by Lisa

December 12, 2014

A dozen little squares of paper later, I am starting to think that using a template and cutting stars is going to yield better results. I finally found a process that works for me (http://www.firstpalette.com/Craft_themes/Colors/foldingpaperstar/foldingpaperstar.html). And a little bit of wonkieness can be accommodated in the applique process … But I think I am getting more than a bit!

Baked French Toast Casserole with Maple Syrup

by Lisa

December 9, 2014

Ingredients

1 loaf French bread (~16 ounces)
8 large eggs
1.5 cups heavy whipping cream
1.5 cups milk
2 tablespoons maple syrup
1 teaspoon vanilla extract
1/4 teaspoon ground cinnamon
1/4 teaspoon ground nutmeg
Dash salt

Directions

Slice bread into 20 slices, 1-inch each. Arrange slices in a generously buttered 9 by 13-inch baking dish in 2 rows, overlapping the slices. In a large bowl, combine the eggs, half-and-half, milk, sugar, vanilla, cinnamon, nutmeg and salt and beat with a rotary beater or whisk until blended but not too bubbly. Pour mixture over the bread slices, making sure all are covered evenly with the milk-egg mixture. Spoon some of the mixture in between the slices. Cover with foil and refrigerate overnight.

The next day, preheat oven to 350 degrees F.

Bake for 40 minutes, until puffed and lightly golden. Serve with maple syrup, fresh fruit, and fresh whipped cream.

Star Quilt – Phase Zero

by Lisa

December 7, 2014

A few weeks ago, my mom sent me a picture of a pieced circle skirt made with rainbow colors:

That is fantastic, but with Anya being so small … seven different colors would yield very tiny little slivers along the top. So I thought I’d make something like this, but using Newton’s five color spectrum divisions. Even sharing the fabric with my mom so she can make another skirt, I’m going to have a good bit of fabric left over.

I think I’m going to make a quilt. It is possible to cut a five pointed star from a square of fabric with a bunch of folds and one cut (http://www.ushistory.org/BETSY/more/flagfoldcut.htm). The mariner’s compass will be challenging, and attaching all of the stars to the background fabric will certainly be time consuming even on a machine. But I think it’ll be worth the effort. Quilt design below – the rectangle is where a twin size mattress would be.

Below is a blow-up of the star. There are really three different triangles cut from two different colors. Piecing it together, though, is a challenge. I found a good paper piecing tutorial at https://www.youtube.com/watch?v=IlF1J05OV4U … the process actually makes sense now. At least in theory!

Rainbow Skirt – Fabric Acquisition Completed

by Lisa

December 6, 2014

I have finally acquired all fifteen half-yard pieces of fabric to make Anya’s rainbow circle skirt.

Once the pieces are cut, I can sew the arcs together. Then when all five arcs are completed, I’ll sew the straight lines to join the arcs together into a circle. Once I have one big circle, I can get the waistband attached. Mom bought a few yards of a rainbow elastic for these skirts:

Unfortunately the next step is the hardest — I have to find the box that contains my scissors and rotary cutter!

Back online …

by Lisa

November 16, 2014

Well, our servers and network equipment have been unpacked, and it looks we are back online!

Halloween 2014 – Little Red Riding Hood

by Lisa

November 3, 2014

For Halloween this year, I made a cape for Anya’s Little Red Riding Hood costume. The process came from http://www.doityourselfdivas.com/2013/10/diy-little-red-riding-hood-costumecloak.html – but I made a fully lined cloak instead of just lining the hood. As a result, I needed two one yard pieces of fabric. There is a real lead-free pewter cloak clasp too, it is just hiding behind her mouse.

It turned out beautifully, and we even managed to get her to wear it long enough to take a few photos 🙂

It was not difficult to sew … Mostly a couple of straight line seams. I had a lot of trouble with the top of the hood – too much bulk sewn by machine. Two failed attempts and I just stitched it up by hand. This way, there is not a ridge of fabric on top of her head.

Another gratuitous cute kid picture:

Rainbow Skirt – Pattern

by Lisa

October 30, 2014

My mom sent me a picture of a fantastic pieced skirt:

It is similar to a pieced chevron skirt that we had seen on Project Run & Play (http://alittlegray.blogspot.com/2012/04/pr-week-1-piece-by-piece-chevron-skirt.html) — but the sections are parallel to the seam instead of creating the chevron pattern. I saved the original chevron too — it is another skirt I would like to make for Anya.

I’m trying to figure out if it is feasible to make something like this for Anya. How much fabric would be needed?

I want to use a 3.5″ radius for the waist (~22″ waist so there’s some gather at the waist and it can grow with her) and five color spectrum divisions. Which means each section is made at 72 degrees.

Then I need to figure out how large of a rectangle of fabric is going to be needed to cut these arcs.

So the largest arc requires fabric 8″ high (well, a little more for the seam allowance) and 16″ wide (again plus a little for the seam allowance). So an 40″x18″ half yard is plenty of fabric – even enough for two skirts so I can send fabric along to my mom. We can both have a 20″x18″ rectangle. Now I just need to find a fabric with fifteen shades that I like — a reasonably priced fabric.

You know, when I learnt to use AutoCAD, I never expected that it would be my tool of choice when creating patterns for my kid’s clothes … but the polar array made it so easy to section the circles!

Anatomy of an LDAP Filter

by Lisa

August 25, 2014

LDAP filters are searches. Equality tests are supported for any attribute — attribute=value. Most attributes are case insensitive (but check your schema definition to verify!), and you can perform both exact matches (attribute=value) and sub-string matches (attribute=value*). While you will see * used in substring searches, LDAP filters do not support regex pattern matching. Some attributes support greater than and less than comparisons as well. A filter like (modifyTimestamp>=20140811000000Z) finds any object modified since 11 August 2014. This is useful when you are processing directory records and don’t want to look at any that haven’t changed since the last time your batch ran.

Tests are combined using Boolean operators. The three operators — AND (&), OR (|), and NOT (|) can be grouped and nested within parenthesis to from complex queries.

Your directory may support extensible matching — Active Directory does not. You may be able to find objects in the OUName OU using “ou:dn:=OUName”.

Your directory may support approximate matching — find close matches using “givenName=~Tim” where Tim and Timmy are returned.

To better understand an LDAP filter, decompose it into its sub-components. An example filter is:

(&(|(uid=e0*)(uid=n9*))(!(homeDirectory=*))(|(memberOf=cn=group1,ou=groups,o=example)(memberOf=cn=group2,ou=groups,o=example)))

This filter becomes

(&
     (|(uid=e0*)(uid=n9*))
     (!(homeDirectory=*))
     (|(memberOf=cn=group1,ou=groups,o=example)(memberOf=cn=group2,ou=groups,o=example))
)

The three sub-groups are AND’d — for an object to match the filter, it must meet all three sets of criterion.

Then decompose the first of the three sub-groups.

(|
     (uid=e0*)
     (uid=n9*)
)

This group uses an OR operator — the value of the uid attribute needs starts with e0 OR the value of the uid attribute starts with n9. You don’t need to use the same attribute in with the OR operator. I could use (|(st=OH)(title=Engineer)) to find all records where st is OH or title is Engineer.

The second sub-group has a single sub-component. The filter (homeDirectory=*) means “the value of homeDirectory is not NULL”. There is a NOT operator around the comparison — so we have the value of homeDirectory is NULL.

Decomposing the third sub-group:

(|
     (memberOf=cn=group1,ou=groups,o=example)
     (memberOf=cn=group2,ou=groups,o=example)
)

This group uses an OR operator — the value of memberOf is cn=group1,ou=groups,o=example OR the value of memberOf is cn=group2,ou=groups,o=example

The complete filter, then, finds records where

the value of the uid attribute needs starts with e0 OR the value of the uid attribute starts with n9

AND

the value of homeDirectory is NULL

AND

the value of memberOf is cn=group1,ou=groups,o=example OR the value of memberOf is cn=group2,ou=groups,o=example

Bulk LDAP Operations

by Lisa

August 24, 2014

LDIF – Directory Import and Export using LDIFDE.EXE and LDAPMODIFY

You can obtain ldifde.exe from any existing domain controller – copy \\dcname\c$\winnt\system32\ldifde.exe to your SYSTEM32 folder. The ldapmodify command is part of the openldap-clients package on Linux. Windows builds of the openldap clients are available. The data being imported is essentially the same, just the command line to invoke the program differs.

Using LDIF files to update LDAP data is facilitated if you know the directory schema attributes, especially those associated to the user object class. Active Directory schema is well documented on MSDN – base Active Directory schema can be found at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschema/adschema/active_directory_schema_site.asp and the extensions made by Exchange are documented at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wss/wss/wss_ldf_AD_Schema_intro.asp

LDIFDE is a command line program which runs with currently logged on user’s credentials – this means that your ID can write changes to AD using LDIFDE. Please do not play with this program in the production Active Directory domain but rather test writing to a test domain.

LDIF Export

Exporting directory information is fairly straight forward:

ldifde –f filename.txt –d “ou=base,DC=windstream,DC=com” –p subtree –r “(&(attribute=value)(otherattribute=othervalue))” –s domaincontroller.windstream.com –l “attribute1, attribute2, attribute3 …”

-f	File to contain exported data
-d	Search base
-p	Search scope
-r	RFC-2254 compliant filter
-s	Domain controller from which to obtain data
-l	Attributes to be returned (eliding this command will return values for all attributes)

This will create a file named ljlexport.txt of all e####### users with email addresses whose accounts are located under WINDSTREAM.COM\WINDSTREAM\IT. The file will contain, for each user, their logon ID (sAMAccountName), email address (mail), account status (userAccountControl), display name, and telephone number.

ldifde –f ljlexport.txt –d “ou=IT,ou=windstream,DC=windstream,DC=com” –r “(&(sAMAccountName=e*)(mail=*))” –s neohtwnnt836.windstream.com –l “sAMAccountName, mail, userAccountControl, displayName, telephoneNumber”

-r specifies the search filter and can become a rather complex query depending on what you are looking for — & is an AND filter, | is an OR filter. ! can be used to find unmatched values and * works as a wildcard

“(&(mail=*)(!sAMAccountName=n99*))” find all mail enabled accounts which are not N99’s for instance.

“(&(sAMAccountName=e0*)(!(employeeID=*)))” Find all employee accounts with no employee ID specified

“(&(mail=*)(|(sAMAccountName=n99*)(sAMAccountName=g99*)))” mail enabled accounts which are either n99’s or g99’s

“(&(objectClass=user)(objectCategory=person))” Real user accounts, objectClass=user alone will return a lot of things you don’t believe are users J

“(&(objectClass=user)(objectCategory=person)(telephoneNumber=813*))” Real user accounts with phone numbers in the 813 area code

“(&(objectClass=user)(objectCategory=person)(msExchHomeServerName=*SCARLITNT841))” Real user with mailboxes on SCARLITNT841

-d specifies the search base (subtree search by default) – you can use “DC=windstream,DC=com” to get the entire directory or something like “ou=Central,ou=windstream,DC=windstream,DC=com” to just get users within the Central OU.

LDIF Import

Importing Directory Information is not so straight forward and again do not play with this program in the production Active Directory domain. You need to create an ldif import file to make changes to objects. A sample file content:

dn: cn=Landers\, Lisa,ou=GPOTest,ou=IT,ou=windstream,dc=windstreamtest,dc=com
changetype: modify
add: proxyAddresses
proxyAddresses: smtp:lisa@newtestdomain.windstream.com
-
replace: telephoneNumber
telephoneNumber: 501-905-4305
-
delete: mobile
mobile: 501-607-3750
-
delete: facsimileTelephoneNumber
-
 
dn: cn=Ahrend\, Sam,ou=IT,ou=windstream,dc=windstreamtest,dc=com
changetype: modify
replace: mDBUseDefaults
mDBUseDefaults: FALSE
-
replace: mDBStorageQuota
mDBStorageQuota: 190000
-
replace: mDBOverQuotaLimit
mDBOverQuotaLimit: 200000
-

Provided you have an import file, the syntax of the command is ldifde –i –v –k –y –f filename.txt

-i	LDIFDE import operation
-v	Produce verbose output
-k	Ignore constraint violations (and entry exists errors on add)
-y	Lazy commit
-f	File name to be imported

Changetype Add

A changetype of add is used when the entire object does not currently exist – this ldap operation creates a new object with the attributes specified in the stanza.

dn: cn=TestingGroup 10001,ou=testing,ou=it,DC=windstream,DC=com
changetype: add
cn: TestingGroup 10001
distinguishedName: cn= TestingGroup 10001,ou=testing,ou=it,DC=windstream,DC=com
name: TestingGroup10001
sAMAccountName: TestingGroup10001
objectClass: group
objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=windstream,DC=com
groupType: -2147483646
managedBy: cn=Landers\, Lisa,OU=GPOTest,ou=IT,OU=WINDSTREAM,DC=windstream,DC=com
member: cn=Landers\, Lisa,OU=GPOTest,ou=IT,OU=WINDSTREAM,DC=windstream,DC=com
member: cn=Ahrend\, Sam, ou=IT,OU=WINDSTREAM,DC=windstream,DC=com
legacyExchangeDN: /o=WINDSTREAMEXCH/ou=First Administrative Group/cn=Recipients/cn=TestingGroup10001
mailNickname: TestingGroup10001
reportToOriginator: TRUE

This example will create an e-mail enabled global security group named “TestingGroup 10001” under windstream.com – it – testing. Both Sam and I will be listed as members of the group and I will be listed as the group owner. Add operations can be chained together with just a blank line between them should you need to add multiple objects in batch.

Any mandatory attributes for the schema classes need to be included (handled by ldifde works too) or the add operation will fail. Attributes not valid for the object classes will cause the operation to fail as well. If an object already exists, no change will be made even if some of the attributes specified differ from the values within AD.

Changetype Delete

Delete is used to delete the entire object – so be extra careful here. The syntax is quite simple – the DN of the object to be removed and a line that says “changetype: delete”. Again, multiple operations can be chained together with just a blank line.

dn: cn=TestingGroup 10002,ou=testing,ou=it,DC=windstream,DC=com
changetype: delete
 
dn: cn=TestingGroup 10003,ou=testing,ou=it,DC=windstream,DC=com
changetype: delete
 
dn: cn=TestingGroup 10004,ou=testing,ou=it,DC=windstream,DC=com
changetype: delete
 
dn: cn=TestingGroup 10005,ou=testing,ou=it,DC=windstream,DC=com
changetype: delete

Changetype Modify

Modify is used to change attributes on an existing object. Modify can be used to add, replace, or delete an attribute. The example above has two different stanza’s (separated by a blank line). Within each stanza several operations are made:

First to add another email address to the secondary email addresses. For a multi-value attribute (member, proxyAddresses …) changetype: modify\nadd: attribute adds another value to the attribute. For single-valued attributes modify/add will fail if a value is present.

dn: cn=Landers\, Lisa,ou=GPOTest,ou=IT,ou=windstream,DC=windstream,DC=com
changetype: modify
add: proxyAddresses
proxyAddresses: smtp:lisa@newtestdomain.windstream.com
-

The next operation replaces the telephone number with the value specified – this will overwrite the existing value. Be careful not to replace multi-value attributes

replace: telephoneNumber
telephoneNumber: 501-905-4305
-

The next operation deletes the mobile phone number with the value specified – if the value does not match, a change is not made. This can be used as a failsafe, in this case only delete my mobile telephone number if the value is what I expect it to be, or to remove entries from multi-value attributes. Delete the member of the group which is the specific member listed without changing the other group members, for instance.

delete: mobile
mobile: 501-607-3750
-

The next operation deletes the fax number – regardless of content the value is removed.

delete: facsimileTelephoneNumber
-

A blank line separates the two stanzas and a new object is specified. Again the modify/replace option is used which will change the attributes to the values specified.

dn: cn=Ahrend\, Sam,ou=IT,ou=windstream,DC=windstream,DC=com
changetype: modify
replace: mDBUseDefaults
mDBUseDefaults: FALSE
-
replace: mDBStorageQuota
mDBStorageQuota: 190000
-
replace: mDBOverQuotaLimit
mDBOverQuotaLimit: 200000
-
 
dn: cn=Landers\, Lisa,ou=IT,ou=windstream,DC=windstream,DC=com
changetype: modify
replace: mDBUseDefaults
mDBUseDefaults: TRUE
-

Changetype ModDN
ModDN changes the object’s distinguishedName. This is interesting as it can be used to move users – this example would move my account into the Central OU under ACI

dn: CN=Landers\, Lisa,OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
changetype: moddn
newrdn: CN= Landers \, Lisa,OU=Central,OU=WINDSTREAM,DC=windstream,DC=com
deleteoldrdn: 1

ModDN can also be used to rename the object’s display in administrative listings:

dn: CN=Landers\, Lisa,OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
changetype: moddn
newrdn: CN= Landers\, Jane, OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
deleteoldrdn: 1

You would of course want to modify/replace at least givenName and displayName on the object dn to avoid confusion – otherwise my middle name would appear in active directory users and computers but my first name in Outlook. I would modify the attributes first – if you modify the DN first, you need to remember to use the new DN for subsequent attribute value changes.

dn: CN=Landers\, Lisa,OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
changetype: modify
replace: givenName
givenName: Jane
-
replace: displayName
displayName: Landers, Jane
-
 
dn: CN=Landers\, Lisa,OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
changetype: moddn
newrdn: CN= Landers\, Jane, OU=GPOTest,OU=IT,OU=WINDSTREAM,,DC=windstream,DC=com
deleteoldrdn: 1
-