Labeling your OSSO login page
Just a simple little trick that may make you look like a genius to the uninitiated: sticking an environment name on your Oracle 10g AS SSO banner page.
All you have to do is edit the following file on your SSO server:
$ORACLE_HOME/j2ee/OC4J_SECURITY/applications/sso/web/pages/header.jsp
Right about here (starting at line 67 in an unmodified header.jsp file, new stuff in [...]
500 error on logging in to oiddas
Had this happen yesterday in an Oracle 10g Application Server environment. Got to the DAS Console front page (http://sso.example.com/oiddas:7777/oiddas) and hit with a “500 Internal Server Error: Contact your System Administrator”.
Being said system administrator, I did what anyone in my place would. I restarted the SSO server. NG. Then I did what I should have [...]
Using a Sun or Red Hat DS into a simple LDAP proxy
While Oracle’s Virtual Directory and Sun’s Directory Proxy Server have lots of features that make deploying them worthwhile, if all you need is a simple pass-through LDAP proxy the standard Sun and Red Hat (a/k/a Netscape or 389 Directory) servers support a feature called Chaining that does the job.
Basically chaining involves substituting a remote Sun/Red [...]
An alternative to custom objectclasses: the extensibleobject
I’ve spent a decade designing and implementing LDAP directories, but only recently had the opportunity to reflect on the big picture. For example, the basic structure of the environment originally put in place at the company I work for by the consultants who started things is still there, but as time marched on things [...]
Using OpenLDAP schema in Red Hat Directory
Just the other day I finally got started working on building a real personal address book backend in the home LDAP database. Almost immediately I realized the base schema was going to have to be extended because there were no attributes for date of birth or anniversary, two data points that would be useful to [...]
nmap is your friend
One of my favorite tools for tracking down abusive LDAP clients is nmap .
Here’s the “standard” command line “SYN Stealth Scan” with O/S detection (invoked as root):
nmap -sS -O -PI -PT 10.0.44.56
And here’s your typical output:
Starting Nmap 4.20 ( http://insecure.org ) at 2010-02-17 13:49 EST
Interesting ports on 10.0.44.56:
Not shown: 1690 closed ports
PORT [...]
Cleanup of referrals from old replication agreements in Sun Directory
A brief note on curing an issue I’ve run into on Sun Directory Server. We recently retired a couple of master directories in the environment. After the replication agreements were removed it was noticed that the LDAP referral entries for the old servers were still in place, even though they’d been manually deleted a couple [...]