Frequently Asked questions
update 13-11-2019 10:00)
Organizational Unit of Cagliari
| Head of
Service Antonio Silvestri (0706754980/8) email@example.com
This is a
collection of questions and answers, not exhaustive, regarding the use
of IT resources in the INFN organizational unit in Cagliari. For
briefness I refer to it with the term "Sezione di Cagliari" or
more briefly with the term "Sezione". You can also find the
acronym CCR which is the National INFN Computing & Networking
Due to lack of staff, this page has not been updated since November 13,
Italian version ******
How can I request access to the INFN
Sezione di Cagliari computer resources?
order to gain access to the Sezione di Cagliari computing services,
first of all you must go to the INFN secretariat (Sig.ra Dessi) and
register as a Guest or Associate. Guests are those who are not
associated and use the IT infrastructures of the Institute. Then you
have to fill in the appropriate online form on the website www.ca.infn.it (
Quick links->Account Request) in
ALL its parts. The printed form must be signed by you, your supervisor
and by the Director.
Finally hand it over to the Computing and Networking service manager.
By submitting this form all the obligations and conditions contained in
the document Regulation for the use of
IT resources in the INFN are accepted.
You will receive an email at the alternative address you specified to
set your password. Then, to finalize the account creation, you
must connect to the public server
verify your password. For example:
firstname.lastname@example.org ( you must provide the password you chose)
most services are only visible from within the local network of the
Institute. To access from outside (home, CERN, etc.) you have to
first access the computer
Mizar.ca.infn.it from this
host you have complete visibility of all services.
What is SSH?
- SSH stands for Secure
and identifies a communication protocol on an encrypted connection.
In practice, a program that is used to connect to local or
remote computers. For Linux, the command
recognized by default, for Windows
there are various packages with a graphical interface (for example:
Putty). For Mac
the command is available using application
How do I request an IP address ?
obtain an IP number for any network device (desktop, printer, or any
other object that is connected to the local network) that is not a
handset, you must fill in the "Request
for a IP Number" form and submit it to the Computing and
networking service. Under no circumstances will it be possible to grant
a standalone IP address without being authorized. ( As
required by section 6, point 3 of the Regulation
for the use of IT resources in the INFN )
- If you do not know what is an IP address
you can consult Wikipedia.
In this case, I would recommend reading the information
- Please note that all mobile devices
(laptops, tablets, phones, etc.) must use the wireless network
that is published on the network with the names:
eduroam o INFN-dot1x.
- This rule may be waived when wi-fi coverage is not sufficient,
inefficient or absent. In this case you need to know the "MAC
address " of your network interface. On Windows operating
systems, you must type the command
"ipconfig /all" in a command
prompt window that opens by clicking in
- The result of this command provides a list of network interfaces. For
cable connection find the section Ethernet adapter [Local Area
Connection o Ethernet] line,
in the Physical Address line there are 6 alphanumeric
characters divided by": ", this is the string to be transcribed in the
- If a Linux distribution is installed on the laptop, the command to be
done (in most distributions) from the terminal window is "
-a" in the resulting list of network interfaces, you must look
for (usually) an entry of the eth0
type at which you will find the entry
followed by the MAC Address.
- How do I change my login password ?
- You can change you
credentials only through the link present on the right side of our
If you need a password RESET because you no
longer remember it send an email to email@example.com
- How do I use e-mail?
- E-mail is one of the basic
services of the Sezione di Cagliari and can be accessed in a variety
of ways. There are several types of clients
that can connect to our mail server: Outlook,
so much to mention the most used ones. In addition,
one of the many web browsers ( Internet
Explorer, Chrome, Firefox, Safari, Opera,
etc.) can also be used
clicking on the webmail item on the horizontal bar on the
of our site.
- The (usually sufficient)
configuration parameters for the aforementioned clients
are as follows:
- Protocol :
- Incoming server
(START)TLS¹ ( Default
SSL can be used )
- Folder :
( this is usually the folder name in
your home directory where the mails reside
- Outgoing server
SSL can be used )
- Also remember that in all "clients" (also called the Mail
User Agent) the sender's address
has to be defined otherwise there will be communication problems.
- Please note that attachments
that exceed 20MB and list of recipients greater than 100 are not
allowed. It is recommended that you organize mails immediately after
reading them in auto-explanatory folders and you are not advised to
keep an abnormal number of messages in the Arrival area (INBOX).
- (¹) For mobile devices,
when possible, choose (START) TLS in the variant "accepts all
WARNING: It is strongly discouraged to enable
automatic mail forwarding usually through the
that is created in the user's home root. This practice generally
involves the transfer of information to entities other than the INFN
which is generally not permitted. It also poses problems of
increasing spam. In the future this practice could be specifically
- How do I create mailing
- There is a national SYMPA
mailing list server)
shared management system available for
all the OU of INFN to which you can access with the address
lists.ca.infn.it. At this time only with a personal
certificate. With this system, you
can create moderate, closed or open list types (distribution,
- Be careful that generally a
mail destined to a given list is accepted only if the originating
address of that mail is present in the list itself.
- There is an on-line help
available on the site that is important to read carefully.
How di I create a mail address alias
- At the address alias activation you can find instructions to
create top domain mail address aliases (e.g: firstname.lastname@example.org,
email@example.com, etc.). Follow the instructions and pay
attention to the conflicts that may arise.
How do I read mail via web ?
- Web clients
are provided on our horizontal bar site (webmail).
They are SquirrelMail
(not supported) and RoundCube,
they provide access to mailboxes via WWW.
- At first login, users must configure at least their own
personal parameters. In Squirrelmail on the top of the
page you will find the Options
link that will take you to the configuration page. The
part that is advisable to edit immediately is the one called Personal
Information, in particular the Full
Name and E-mail
. The latter must contain the standard INFN
address that you have been assigned to (usually in the form
- In RoundCube, you must define the default identity. After
login at the top right there is the entry
that takes you to the configuration page where you can find the tab
on the address already present (most probably wrong) a box appears
where you can enter the already mentioned standard INFN address.
to transfer files from outside to our site ?
- To copy files from the outside to our site (Sezione di Cagliari) there
are various options:
1) You can use the port forwarding or
2) The Mizar computer visible on the outside has a
volume called "/stage"
which can be used as an exchange area. For example:
the file can then be transferred from Mizar elsewhere.
The following restrictions apply to the volume /stage
which has a capacity of 1TB:
a) there may be files no older than 7 days, all the
others will be automatically deleted.
b) files larger than 200GB will be deleted within 24
c) If the space is occupied at 90% for more than 24
hours, steps shall be applied a) by halving the maximum file
size and alternatively by decreasing the number of days in point b).
3) You can use the Seafile fileharing
system (similar to DropBox). Currently the quota associated with
users is 10GB but can be increased depending on the needs and total
- Port forwarding (or
- This technique is used to
establish a connection to a remote computer that we have access to
and use it to access other computers that are otherwise unreachable.
- The command
to get this type of connection is:
- For example, we want to
accessible computer outside the INFN
site, but we can access the frontier computer
We execute the command:
-L 2222:lxca.ca.infn.it:22 firstname.lastname@example.org
- After logging in, the tunnel
is created. This session
should not be closed and should not be used. From
this moment on we can connect with any of the Sezione computers. In
-p 2222 myusername@localhost
- you will be connected to
copy a file to
use the command:
-P 2222 filename
- In the example we used the
port 2222 to be generic. We
could use any other port also the same 22.
The tunnel will be deleted when the session that created
the tunnel will be closed.
- This technique can also be used in other
areas. Many programs purchased by the INFN have network
licenses, which means that there is, somewhere in our organization, a
server that dispenses licenses on demand if such a request comes from
the networks assigned to INFN. An example is the Mathematica
program . If we are at home and want to
use the network license to use the program we have to make sure the
request (looks) coming from the Sezione network. We
must create a tunnel for the Mathematica program to access the
ssh -L 16286:mathlm.na.infn.it:16286 email@example.com
- This command creates the
tunnel with port 16286 (the port that uses Mathematica to obtain
licenses) and the Naples computer that manages the licenses (
when we log in
now on we can run the Mathematica
program on our computer. The program
must be given localhost
(or alternatively 127.0.0.1)
as the license server address .
- What is Netiquette?
- The term is a fusion between
the English word net
and the French etiquette
and is a set of rules and behaviors that all users in the network
should follow for a correct use of all Internet features (a kind of
Etiquette for the internet community). Obviously there
is no authority obliging them to follow these rules but only good
manners, common sense and respect for the neighbor. These
rules can be found on the RFC's
official website. The document number is
- How do I retrieve a file I
deleted by mistake?
- In the Sezione di Cagliari
there is a weekly (rotating) centralized backup system that saves
the incremental daily backup of the users home
directories at midnight about every
business day. The following conditions must be met for
the recovery of one or more files: the file must be present in the
backup of one of the previous 5 days, or it must be present in one
of the full backups that is done every Saturday night. One
of these backups becomes the monthly one and is available for a few
months. Who needs to retrieve a file send a mail to firstname.lastname@example.org.
- In some cases it may be
possible to retrieve deleted files on the same day and in some cases
even on the previous day, just change the current directory to /home/.snapshot/
<userdir> where there are 6 directories
e nightly.x) with snapshots
of the contents of the entire
. You can view the date and time of such snapshots
with the command
[user@node ~]$ ls -lu /home/.snapshot/
drwxr-xr-x. 113 root root 12288 Jul 18 12:00 hourly.0
drwxr-xr-x. 114 root root 12288 Jul 18 08:00 hourly.1
drwxr-xr-x. 114 root root 12288 Jul 17 20:00 hourly.2
drwxr-xr-x. 114 root root 12288 Jul 17 16:00 hourly.3
drwxr-xr-x. 114 root root 12288 Jul 17 12:00 hourly.4
drwxr-xr-x. 114 root root 12288 Jul 17 08:00 hourly.5
drwxr-xr-x. 114 root root 12288 Jul 18 00:00 nightly.0
drwxr-xr-x. 114 root root 12288 Jul 17 00:00 nightly.1
- You have to choose one of these areas and move to your
- For example:
/home/.snapshot/hourly.0/<userdir>. At this
point you can search for the file to retrieve.
In case there were printer
configuration problems with the CUPS system, try installing printers
on your local CUPS application on your computer, in which case you
will need administrator privileges (root). The procedure to
run is the same as that for the MAC operating system.
- How can I use printers of
the Sezione di Cagliari from Linux?
- This operating system uses CUPS
(Common Unix Printing System), to have a list of available printers
type the command:
lpstat -a. To
print a file type command:
- The "
-Pprinter_name" command provides
information about print jobs queued to the printer.
- The command "
job" deletes the print job. The job
number can be deduced from the result of the previous command.
- If you get such "
refused" or "
connect to server" message, this
probably means that the cups server
is unreachable or incorrect. To overcome this, you
need to check the file
(if it does not exist, you can create it) that should contain the "
cups.ca.infn.it" line .
This file can only be edited if you have root
permissions. Disable the local cups server with the following
systemctl stop cups e
- Alternatively, you can
designate the CUPS server in the command line using the options "
cups.ca.infn.it" or "
cups.ca.infn.it" depending on the type of command.
For more extensive documentation, you can use the "
- Other printing options can be
found on the lpr
standard options page .
There is also a command
with which you can make very articulated prints. For
instructions type "
- Accessible printers are:
WorkCentre 7830 (B/W)
(Printer Room /1 floor)
Xerox Phaser 7500DT (color)
(Printer Room /1 floor)
Xerox Phaser 4510DX
(Block A /1 floor)
Xerox Phaser 5550DX
(Block A /2 floor)
Xerox Phaser 4510DX
(Block C/2 floor)
HP LaserJet P2055DN
(Block A Mezzanine)
- (*) CAUTION
only these printers will accept PDF files in a direct way.
- How can
I use printers of the Sezione di Cagliari
- The way for direct printing
was chosen to print from Windows systems. So every
computer that wants to access printers must install their drivers
for each printer .
- This installation can be done
by connecting via web to the printer. On the home page
there is a link "
install printer drivers"
(alternatively there may be a tab named
support ) that will take
you to the page where drivers can be chosen for your operating
Each printer can be accessed through the respective link
as shown in the following table:
- Alternatively, you can
connect to the manufacturer's printer site where the support area usually
contains drivers. For Xerox
printers after choosing the model go in
Global Driver --> Install from the Web).
- Also for the HP manufacturer
the procedure is similar. Go to "
area" choose the printer model and operating
system, and you will redirected to the download area. If
the printer is not on the US website try using the Italian site. We
recommend that you choose the "PCL5 / 6" or
"Postscript " drivers
- How can
I use printers of the Sezione di Cagliari
- For the configuration of
printers, you generally can apply the same guidelines for Linux. In
fact, Apple Macs use the same CUPS system for printer management.
However, it is recommended to configure printers by runnning a shell
program. Download the archive
This will create the directory mac_printers
that contains the files
running the first script (in a shell terminal window) you configure
the printers, with the second one you delete them.
- Where is the software area
available at the INFN?
- There is a public folder that
can be accessed
either by the Windows
network (Network / Map Network or Network Neighborhood) or by Mac
(from Finder using connect to
server) where there are folders with SW both free and acquired INFN.
- To access Linux from Samba you can use the following
smbclient -N //storey/public
- At "
you can use the typical Linux commands "cd, ls, dir, pwd, etc." To
have the command list type "
- To download a file, use the "
- Or you mount the remote filesystem via NFS (you must be root
in this case) with the command:
mount -t nfs storey:/volume1/public /<mount_point>
- Remember at the end of the session to do:
- How can I connect from home
(or usually from outside) to the computers in the Sezione?
- For safety reasons, access to
the local network of the Sezione must be made through the
to which you connect with the linux command:
- So all those who have to
connect to other computers at the local INFN site must first login
and then connect to the computer of their own
Mizar is a
frontier machine and limited resources (users directories are not
present) it exist for the sole purpose of accessing the local INFN
network. For no reason, the computer
should be used for other purposes (long
compilations, program runs, or any other activity that could degrade
- Alternatively you can use the
VPN connection. Refer to the section: How
do I link a VPN with the Sezione ?
- Graphic link via X11
- If you want to use Linux
graphics features (X11), the connection must be made with the "-X"
ssh -X email@example.com
- You can concatenate the
graphical display with other sessions to other hosts with multiple
commands so "
ssh -X" the last
session sends the graphic output to the first server.
- For users of the PUTTY
- Putty is a Windows
application for ssh
sessions . The equivalent -X option of
ssh is accomplished by enabling " X11
forwarding " in the
configuration (Connection / SSH / X11) and placing the
following address " 127.0.0.1:0
" in the row next to " X
Display location "
How do I use the Wi-Fi Trip / eduroam
- In some areas of the building where the
Sezione di Cagliari is located, there is a wireless
infrastructure (Wi-Fi) for all the affiliates at the INFN. Wi-Fi
networks are announced with the names called SSID (ServiceSetIDentifier):
INFN-Web , INFN-dot1x
and eduroam. This
infrastructure is part of the TRIP
(The Roaming INFN Physicist) project that is intended to provide any
INFN employee access to GARR network in any INFN site.
- By connecting to the INFN-Web network you are automatically directed
(via Captive Portal) to a page where you can authenticate with an X.509
Personnel Certificate issued by the INFN
Certification Authority (or any other valid Certification
Authority) or with username and password
but in this case ONLY for the local users of the Sezione.
- By connecting to the INFN-dot1x network you will be authenticated with
the username and password
of the membership structure wherever you are. However,
this kind of connection requires a particular configuration of the
wireless network interface that you can find on the CCR
site (or in the
Windows group pages ).
- For OS Windows (versions below 10) you may need to
download the SecureW2
program to obtain from the Computer and
Networking service. To ensure proper operation of this
type of connection, it is advisable to check its operation before a
trip. However, due to particular local needs, it may
be possible for some sites to change both network names and some
configuration parameters. When connection problems
occur, you must contact a referral person for the network where you
- In the Physics Department building SSID eduroam is present
in many areas, if you want to use the Wi-Fi eduroam network you have
to select SSID eduroam (Education
Roaming), the profile for that
access is identical to that for INFN-dot1x .
- We remind you that the credential you are requested to
input are <ca-local-username>@ca.infn.it as user
input and <ca-local-password> as password input.
If you want to
configure the latest versions of MAC OS, you
need to create your profile(s) with a special "iPhone
Configuration Utility" program available on the Apple site or
eduroam_dot1x_configuration file . This is a compressed file
- There is also an on-line auto-configuration
procedure on the CNAF site . A file is imported to
the MAC or mobile devices with IOS
- Eduroam on android
: select SSID and enter Phase 1 PEAP / TTLS and Phase 2 PAP, then
(domain=ca.infn.it) and password.
- However, we recommend that you use the
automatic configuration system for all operating systems through the cat.eduroam.org
- Eduroam is the secure, world-wide roaming access service developed for
the international research and education community. You can use your
institution credentials to access any world wide eduroam hotspot. The
Italian Eduroam Federation is
coordinated by the GARR. Here are some useful links for
- WARNING! There is a difference in treatment if a user
is connected via INFN-dot1x (or INFN-Web) and eduroam. The first
one can access the local network and INFN (computers and printers)
resources, while the latter will have no access.
- How do I request a personal certificate?
- There are two ways to do this:
- Use the
official service purchased by INFN DigiCert
. Only available if you already have access to the
INFN central portal.
- The procedure is simple to
have to connect to the site
choose your "Identity Provider" in our case "INFN" and then goto
"start single sign-on". You will see the AAI INFN page
where you can enter your credentials. Once you return
to the Digicert page you can request the certificate, selecting it
as "Product" Premium and "Request Certificate". After
a few seconds the certificate will be ready for download.
- The CA Digicert Certificate
is available at this address.
Warning for this operation you can use only the
following browsers: Safari, IE, Firefox ESR and Firefox Portable
- ATTENTION use the same
web browser with which the request was made. The validity
of the certificate is one year, just before the deadline you will
receive notices for renewal. If the certificate has
expired you need to repeat the entire procedure.
- How do I publish one or
more personal pages on the web?
- If a user wants to publish
their own pages, you can use the webca.ca.infn.it
computer service. Log on and transfer files to your
local home directory.
- In practice, you
create an HTML document with the name of
index.html. Make sure all of
these documents are readable by everyone with the "
o+r nomefile" command.
- The link to
access this document will be
where userid is the username of the user. Notice
that disk quotas are enabled each user has a 1GB soft
limit and a hard
(1.3GB) over which you will receive error alerts.
- All those who use
or will use this system or a similar one will accept all the
rules contained in the Regulation
for Use of IT Resources in the INFN
and implicitly the following limitation of liability:
- " Content
published must relate to their own professional activity and
the activity carried out at INFN. The owner of the pages is
solely responsible for their content and will be held liable
for breach of applicable laws
- How can I place a password for accessing
- To password protect the contents of a web
page (for example: pippo.html) follow these steps:
file and untar it. In the created
there are three files (bootstrap.min.css, password_protect.php,
style.css) modify, according to your needs, the lines of
password_protect.php containing $username = xxxx and $password = yyyyy
Change suffix to the name of the file containing the page in php
(example: change pippo.html in pippo.php) and place the
following rows in the top of the file
Thus, when you access
pippo.php page you will be
asked username (xxxx) and password (yyyyy).
- What is Spam? What can I do to not
receive it? ( in
REVIEW contact computing service
- Spam means sending a large amount of
unwanted messages (usually commercial but not limited to). It can
be implemented with various types of media but it has become a serious
problem with the use of Internet mail.
- To limit the impact on the
user, there is a first filter on our mail server that blocks a
number of known computers that are used to generate spam. Subsequently,
users can further use a message filtering program
(spamassassin) to block messages that have passed the first barrier.
However, this system needs to be "trained" so that it can
more accurately discern between "good" mails and "bad" mails. To
do this, each user with a certain regularity should do the
- 1) Classify "good" mail in
one or more folders
- 2) Create a folder where you
put all the spam you receive, for example you can call it Spam (that
folder must contain at least a thousand messages the first time you
do this procedure)
- 3) Log in to
Change directory where you keep your mail folders
- 4) Enter the command:
sa-learn --showdots --spam --mbox Spam
- 5) For each folder
containing "good" mail, you must launch the command:
--showdots --ham --mbox folder1
sa-learn --showdots --ham --mbox folder2
sa-learn --showdots --ham --mbox folderN
- 6) If everything is fine you
can delete the mails from the Spam folder.
- For more information on the
anti-spam program, type "
- How do I make a VPN connection
with the "Sezione"
- The VPN (Virtual Private
Network) protocol allows you to connect to the LAN of the Sezione
di Cagliari so that it is recognized as part of the LAN
itself. This means having free access to almost all
services present in Sezione. This is useful
to avoid duplicate connections and access services as if you were on
the local network. This also enhances the security of
our LAN, as in this case interactive access (such as logins) to
internal computers can be completely eliminated or greatly reduced.
- The current configuration is
called split-tunneling which means that from an external computer
(outside the Sezione ) traffic to our networks will be
hijacked through a special (virtual) connection while the rest of
the traffic will be treated normally.
- Keep in mind that this type
of connection is NOT EFFICIENT for intense traffic (the connection
has an overhead), it is useful only in those cases where it is
advantageous to have a preferential path for your activities.
- To achieve this, you must
install a client
that provides this type of connection.
- Client for WINDOWS
- You must download and install
GUI (Download stable Installation
Package) program. To configure it, you must download
file and unpack the files contained in it in the
- At this point just launch
the program from the button
"start-> All programs->
- A red icon appears in the
lower right of the system
tray. By clicking on
the right mouse button a menu appears; Two INFNCA1 and
INFNCA2 alternatives are shown, select one of the them and click on
"connect". You will be prompted for the username and
password for your INFN account. If everything is
successful, the bottom right icon from red will become green.
- For Windows
7/8/10 Professional 64bit you
must use the " OpenVpn
Portable for Windows 64bit " package
(you do not have to install it is a file that contains
a directory that can be placed in any location). This
directory contains the program to run OpenvpnPortable. It
must be run as Administrator (select
the program and press the right mouse button run / run as / as
- Client for LINUX
- You must download and install
OpenVPN. This and subsequent operations depend on the
Linux distribution that is being used and must be made with root
privileges (or sudo). First, install the
"epel-release" package (the name should change depending on the
version of linux) with "
apt-get) install epel-release"
and then "
- If you do not find the
epel" with the
above instructions you will need to search for your Linux
distribution in use.
- To configure you must
download the linux.zip
file and unpack (
linux.zip) the files in the directory
To launch the program, type (always as root or with the
- You will be prompted for the
username and password for your INFN account.
Leave the window active for the duration of the VPN
- Client for MAC
- For MacOS, download and
install the TunnelBlick
package (follow the link, use this version
only). Then download the Mac.zip
unzip it. Launch Tunnelblick, drag and drop the
configuration files (
into the icon to the top right.
- After launching Tunnelblick
the icon appears at the top right, clicking on it you can open one
of the available connections, when the icon will turn from gray to
black the connection has been successfully.
- Mobile Devices
- For Android
mobile systems, you must download and install the OpenVPN
for Android package and
import the android.ovpn
configuration file. For IOS
(iPad / iPhone), you must install the program OpenVPN
and import configurations with the
and and ios2.ovpn
, they specify the servers that provide the service.
- How do I synchronize the date
and time with the NTP service?
- The Network Time Protocol
(NTP) service has the ability to keep time synchronized with servers
that provide the exact date and time. This service is
practically enabled for any device that has the ability to be
connected to the network. For security reasons, the
time servers (outside the local network) that you can connect to
have been restricted to the following:
- How to use the local file
- This service (experimental)
allows you to share files with various hardware objects (computers,
tablets, smartphones, etc.) by using the "Seafile" product installed
in our CED. All information can be found at http://www.seafile.com/en/home/.
Seafile clients can be downloaded from the download
During the installation you will be asked to type in the server
- The user authentication is
done via the official INFN mail address and password of the Sezione
- ATTENTION with
new seafile versions it may happen that new "folders" are not
synchronized in these cases, we recommend disabling server
certificate verification. This option is accessed as
follows: mouse click (right key) on the seafile icon, then
advanced and select "
- National Services INFN
- At the CCR
site you can find
useful news and tips to manage your computers. There
is also a
page listing the services the INFN
provides to its users. Some are oriented towards
end-user computing services.
Activating Microsoft products
- For the correct operation of the following procedures make sure that
the date, time and TimeZone are those of Rome.
- The Windows 7, 8, 8.1, 10 OS that are installed using the
downloaded ISO from the Microsoft Volume Licensing Service Center
are enabled by following these steps:
- 1. Open a Command Prompt as
Administrator (Run as Administrator)
- 2. Type the following commands:
\windows\system32\slmgr.vbs /skms kms.infn.it
cscript \windows\system32\slmgr.vbs /ato
- If another medium is used, the two
commands above must be preceded by the following command:
\windows\system32\slmgr.vbs /ipk "code for SO"
- Where the CODE FOR SO is available on the Microsoft page:
cscript ospp.vbs /sethst:kms.infn.it
cscript ospp.vbs /act
- In some Office 64-bit installations you might find it in
XX = 16 per Office 2016
XX = 15 per Office Professional Plus 2013
XX = 14 per Office Enterprise 2010
- Check for any changes to the CCR
site from where this information was duplicated.
- Office 365:
- INFN can also use the Microsoft Office
365 platform. CCR has provided instructions
to use it.
For the Microsoft Project software, a campus license
was purchased for all INFNs. For Microsoft Visio,
licenses are available for sites that have requested it. Go to this
page fro instructions.
- How do I use the
programs enabled only for INFN networks?
- You can do it in two ways: The first is to use a VPN connection with
the Sezione headquarters, the second is the one that uses
the port forwarding or
tunneling technique .
- How do I know how much disk
space I can use?
- Each user has a disk quota available, the default is 30GB.
The Linux command
- verifies your quota its
Disk quotas for user xxxx (uid nnn):
Filesystem blocks quota limit grace files
quota limit grace
9831828 31457280 33554432 4294967295 4294967295
- The meaning of these numbers
is as follows: the column blocks
defines the current disk occupation (9831828 kb. 9.4GiB), the quota
column soft limit
(31457280 KB) is the allocated disk space (30GiB) while the column hard
(33554432KB = 32GiB) is the maximum allowed occupation beyond which
no write operation is allowed. In this case, the user
has 2GiB available before the restrictions apply. To
change the allocated quota, you have to ask the authorization of the
Please note that backing up account data that exceeds the 32GiB
quota is excluded from the backup system even if the quota is
- For those who often go to
- The division
of computer science at CERN offers
its users information and recommendations that all concerned should
know. The site is safe
and full of suggestions for solving
various issues. Particularly interesting may be the file
transfer page .
WARNING: This antivirus "TrendMicro"
has a centralized management console meaning that the user has a limited
number of permitted operations
- Active institutional
- List of distribution lists for the Sezione di
Cagliari currently active:
Researchers & Technologist (employees only)
Employees, researchers & associates
Technical, Technological & Administrative Personnel
personnel belonging to Group I
- 8) firstname.lastname@example.org
personnel belonging to Group II
personnel belonging to Group III
- 10) email@example.com
belonging to Group IV
- 11) firstname.lastname@example.org
belonging to Group V
- 12) email@example.com
All users who have an account at the Sezione
- CAUTION!! These are closed lists so the lists accept mails
to be distributed ONLY IF you are registered and the message comes
from the registered email address.
- How to install
anti-Virus/anti-Malaware TrendMicro ?
- The INFN National Computing
Committee has purchased a new antivirus which according to the AgID directives must be installed on
every INFN's Windows and MacOS computer.
|Run the program. if all goes well you will be asked to
|If instead there were problems, the typical one is you cannot
uninstall the antivirus already present, uninstall it manually,
reboot and proceed with the installation again. If the existing
antivirus is the old Sophos Antivirus this must be uninstalled
with the following program: SophosZap.zip
unpacking, run the
- What are the usable
programs covered by the National Contract?
- The INFN National Committee
for Computing & Networking (CCR) has purchased licenses and has
concluded many contracts for general purpose SWs for the INFN.
This is the list of licensed SW: ESACOMP, CAMPUS_ADOBE,
ANSYS, NAG, NX-IDEAS, AUTODESK, ALFRES, MATHEMATICS, LABVIEW,
TrendMicro antivirus, COMSOL, GPFS, JIRA, CLIOSOFT, MICROSOFT, AFS,
SEEVOGH, SIMULINK, ADOBE_CONNECT, SECUREW2.
- In Sezione we can
- Mathematica to use it you
need to instruct the program to use the network licenses provided by
mathlm.na.infn.it (At the launch of the
program choose: other ways to activate
-->> network license, see also
- Microsoft Windows &
Office, AutoDesk, Matlab, LSF, Adobe. The SW is found
some programs can also be found on our repository and
on the site of the CCR development
- How do I use Matematica program
- The Mathematica program is
licensed by a central server residing in Naples so to work it must
connect with this server. The following scenarios can be presented:
- If I am in the Sezione, I can install the
version of mathematica in our repository and activate the
license by choosing (on the first run) the "Other Ways to
Activate option" and entering the Naples server address
under the heading Connect to a Network License Server.
If I want to use the Mathematica
program installed on one of our servers I can choose to work on
the server and activate the graphic output on my computer (in
this case an X11
server installed on your computer is required) or use the
version of Mathematica installed on my computer (only as an
interface) and the remote server kernel engine.
- If I am outside the Sezione building
(for example at home) to use the network license I must ensure
that the request (it seems to) comes from the LAN of the Sezione
network. I need what's called port forwarding.
We need to create a predetermined path
so the Mathematica program can access the license server:
-L 16286: mathlm.na.infn.it: 16286 firstname.lastname@example.org
this command creates a
tunnel with port 16286 (the port Mathematica uses to obtain
licenses) and the Naples computer that manages the licenses (
when we log in to mizar. From this moment we can run the
Mathematica program on our computer. The program must be
given local address
as license server.
- How to make video / sound
- There are various systems to
do this kind of activity. There is a videoconferencing
system in the meeting room, you can consult A.
to use it. There
are also various software tools (eg: eZuce/Vibe SRN), you can find
more information on the Multimedia
- What is the X11 system ?
- X Window System (known in
jargon as X Window, X11 or simply as X), in computer science, is a
widespread graphic manager, de facto standard for many Unix-like
systems (including Linux and FreeBSD). It was created by MIT in
1984. The latest version of the protocol, X11, was completed in
September 1987. The X.Org Foundation implements the X version 11
protocol in XOrg (Wikipedia).
All Unix systems have a version of this manager and there are
versions for Windows (X-Ming, X-Win32)
and MacOS (Xquartz).
For MacOS using Xquartz program it may be
necessary (if it does not work) to perform the following steps:
- Update XQuartz (Xquartz menu check for updates)
- At the command line, type:
org.macosforge.xquartz.X11 enable_iglx -bool true