Monday, August 31, 2009

What's the system time on that db?

Needed to check this today to make sure an apps db wasn’t out of sync with its corresponding infrastructure partners.

SQL> SELECT TO_CHAR(SYSDATE ,
2 'Dy DD-Mon-YYYY HH24:MI:SS') as
3 "Current Date/Time" FROM DUAL;

It’s little stuff like this that can make you crazy.

NTP was invented back around 1980 by Dave Mills at the University of Delaware. What excuse anyone has for not running it on all their servers and clients is… well, there is no excuse.

Of course we’ve still got the UT/GMT vs. Local Time thing to content with. Personally, if I had access to a time travel machine one of the things I’d do is go back and find some way stop that first implementation of local time on computers.

Then I’d move on to preventing anything but 7-bit ASCII from ever being displayed on terminals…

Wednesday, August 26, 2009

El Reg headline: You all look bloody shifty to me (or, why is IE still our standard browser?)

Big title there, but given this:

smartscreen_filter

as reported in the UK’s own The Register under the headline MS phishing filter blacklists everything: You all look bloody shifty to me, the question needs to be asked:

“After nearly a decade in which the Mozilla project’s free (as in beer) successor to Netscape Navigator has consistently lead the way in innovation, standards-compliance and functionality over Microsoft’s Internet Explorer, why is IE still the standard browser of not only most of the unwashed masses but also major corporations and institutions who should know better?”

Is it really the same old chicken-and-egg game where unless massive numbers of average Joes and Josephines switch to the clearly better — and free — product, the movers and shakers of the industrial world just can’t “do the right thing”?

Or is it an ideological issue that arises from the executive suites derived from the nearly religious belief that nothing that’s really free could possibly be any good — except that is for tax concessions and government bailouts (although those do require some up-front “greasing of the skids” via political contributions and/or intimidation by astroturfing, not to mention astronomical fees paid to the lawyers)?

Or is it that if the desktop, the choice of browsers in particular, was really to be opened up and massive numbers were actually to choose Mozilla or some other competing browser over IE, then most of the major software publishers in the U.S. and elsewhere would be in deep trouble. They would be in trouble because most, even some of the biggest whose CEO’s have expresses disdain for MS and its products, and who are in active competition with Redmond, have built their products and their support operations with the assumption that IE is the standard..

Like efforts to make software more secure, moving away from IE on the desktop inevitably runs up against the problem posed by big companies, particularly software companies, for whom change is a bottom-line negative — even though changing your Internet browser would cost you nothing.

That and the sad fact that most normal people don’t keep track of how many times their problem getting to where they want, or doing what they want to do, winds up being some bug or other problem with their Internet browser.

Like those millions of British citizens who woke up this morning to find out they couldn’t access any of their government’s web sites because someone at Microsoft decided those web sites are unsafe.

Thursday, July 30, 2009

How do I search on a name value that has a parens in it?

How do I search on a name value that has a parens [”(”] in it?

You have to escape both parens characters in the LDAP search filter.

"(givenname=stephan (IT))"

why? Because the parens is what LDAP uses to determine where the filter begins and ends!

Just another reason never to let anyone store parens or other non-alphabet characters in name attributes.

(oh well…)

Saturday, June 13, 2009

I have no log file, yet I must scream

Very entertaining and informative post with the above “alternate title” by a developer who lays bare one of the core issues in software development, at least from this old sysadmin’s perspective.

Sometimes, when writing a program, you feel compelled to make the program emit some output which is peripheral to its operation. The question is - who wants to know about that information?

Maybe you’re debugging the program, and you insert a simple ‘print’ statement to get some information about it. Maybe your program is a network server, and you are recording the fact that a message was received and processed. Maybe you’re maintaining an old library routine, and you want it to emit a message that points to a newer, better version of that routine which is now preferred. Finally, regardless of what kind of program you’re writing, maybe it has produced an error that a user or administrator will need to deal with, and you would like to show it to them.

This activity is referred to in several different contexts depending on how the messages are delivered, but it is most commonly known as “logging”. It is critical to the operation of many, many different kinds of programs. Unfortunately, it is one of the most poorly-understood and poorly-implemented areas of software in general. Software is a veritable cornucopia of poorly-understood and poorly-implemented ideas, so that’s really saying something.

Even for an amateur programmer like me, the article provided valuable insight into not only the problems with most logging mechanisms, but also some practical suggestions on how to alleviate the pain they inevitably can cause.

(this is the only movie I ever saw that really scared the * out of me: of course I hadn’t started law school yet, and so was unfamiliar with what it was like to be truly terrified)

Thursday, April 16, 2009

Doing DSML with Sun Directory

One of my colleagues overseas recently lamented that what we really need in our (corporate) environment is a web service to interact with LDAP directory data using XML.

Of course most directory servers today have something to do that. Sun’s Java Systems Directory Server 5.2 comes with an integrated DSML server. Setting it up is pretty easy. All you have to do is go into the Server Console, open up your source instance and click on the Configuration… Network tab and check off the “Enable DSML” box. Then select what kinds of ports you’ll be using (secure, non-secure or both) and the port numbers (be sure to check to make sure whatever you choose is not already in use for something else). Do a save and you’re in business.

Now to test it. Being new to DSML, and XML in general, I needed something really simple. It turned out that, at least for now, Net::DSML fit the bill. Unfortunately the example code given in the documentation is replete with syntax errors and missing or mis-named variables, so I had to rewrite things a bit to get working.

Here’s a complete script that will query the DSE Root (note that you’ll need to replace “ldap.example.com” and the HTTP listening port with the actual values for your environment).

#! /usr/bin/perl
use Net::DSML;
use Net::DSML::Filter;
$dirHost = "ldap.example.com";
$dsmlPort = "11000";
$dsml = Net::DSML->new({ debug => 0,
                         url => "http://$dirHost:$dsmlPort/dsml" });
if (!$dsml->rootDSE( { attributes => @attributes } )) {
	
    print $dsml->error, "n";
    exit;
}
if ( !$dsml->send() ) {
	
    print $dsml->error, "n";
    exit;
}
$content = $dsml->content(); # Get data returned from the DSML server.
print $content, "n";
__END__;

Next Page »
« Previous Page