An alternative to custom objectclasses: the extensibleobject
I’ve spent a decade designing and implementing LDAP directories, but only recently had the opportunity to reflect on the big picture. For example, the basic structure of the environment originally put in place at the company I work for by the consultants who started things is still there, but as time marched on things [...]
Cleanup of referrals from old replication agreements in Sun Directory
A brief note on curing an issue I’ve run into on Sun Directory Server. We recently retired a couple of master directories in the environment. After the replication agreements were removed it was noticed that the LDAP referral entries for the old servers were still in place, even though they’d been manually deleted a couple [...]
OTN downloads using wget
Already posted on how to download patches from Oracle support.
This is a variation on that theme for those of us who have been in this business longer than 3 minutes and are looking for more efficient ways to do things.
OTN (Oracle Technology Network) has a pretty, if not always easy to navigate, browser interface for [...]
Use wget to download Oracle patches directly to the server
My colleague Mike Zeece found an article on Michael Brown’s blog that describes how to do this.
Since Oracle went to their horrendous Flash-centric support app getting the bits onto your servers usually involves downloading to a desktop first (because real servers don’t run Flash enabled web browsers) and then wasting additional time sftp-ing them over [...]
Securing OHS
There’s a technical paper over on SecureDBA covering the subject of securing the myriad of OHS (Oracle HTTP Server) versions out there.
Securing and Managing the Oracle HTTP Server by Kevin Sheehan and Brian Mulreany of Unisys is a free resource in pdf format. Get it, read it, and apply the advice contained therein. Includes extensive [...]
Ntpd on Solaris 10
This is easy.
Here are the steps (all done as root):
1. Copy /etc/inet/ntp.server to /etc/inet/ntp.conf, and then edit ntp.conf to comment out the “server” and “fudge” lines. Add a line to the bottom of the file,
server timeservername
Like,
server tick.usno.navy.mil
2. Create a drift file,
touch /var/ntp/ntp.drift
3. Initialize the ntpd service,
svcadm enable svc:/network/ntp
Reading SSL certificates with openssl
This will be a very basic post.
Say you have three SSL certificates:
cert1.pem
cert2.der
cert3.cer
The first certificate is probably in PEM, or Privacy Enhanced Mail, format. Basically all this means is that the certificate text has been Base64 encoded.
The second is most likely in DER, Distinguished Encoding Rules, format. This is a subset of BER, Basic Encoding Rules, [...]