July 18, 2012

Find pid in Solaris 10


If you do not know the pid of a process, you can use "pidof" command in Linux. In case of Solaris, its not available.

Here's how you can find it:

 #ps -ef | grep nscd | grep -v grep | cut -c12-19
123

Here, it will find the pid of nscd. the cut command will cut characters from 12 to 19 from output of 'ps -ef' command.
or
 #ps -ef | grep nscd | grep -v grep | awk '{print $2}'
Here, we use awk to print second column of ps.

Labels: , , ,

Stopping OpenLDAP

This is most dumb but useful post. How to turn off slapd.

You know how to start the slapd:

 #/usr/local/libexec/slapd  [-option..]

however, pkill slapd is not the correct way to turn off slapd.

Here's how you turn it off:

 #kill -INT `cat /usr/local/var/slapd.pid`  

This will send appropriate signal to slapd process, and will store any cached data and close gracefully.

Labels: , , , , ,

July 17, 2012

OpenLDAP 2.4 on CentOS 6.2 Part 2

Continuing from Part 1.

Once you install OpenLDAP, it is yours.
Now you need to configure /usr/local/etc/openldap/slapd.conf
Note that, I have only changed

suffix          "dc=kaustubhghanekar,dc=com"  
rootdn         "cn=Manager,dc=kaustubhghanekar,dc=com"
Here's my slapd.conf:

 #  
 # See slapd.conf(5) for details on configuration options.  
 # This file should NOT be world readable.  
 #  
 include          /usr/local/etc/openldap/schema/core.schema  
 # Define global ACLs to disable default read access.  
 # Do not enable referrals until AFTER you have a working directory  
 # service AND an understanding of referrals.  
 #referral     ldap://root.openldap.org  
 pidfile          /usr/local/var/run/slapd.pid  
 argsfile     /usr/local/var/run/slapd.args  
 # Load dynamic backend modules:  
 # modulepath     /usr/local/libexec/openldap  
 # moduleload     back_bdb.la  
 # moduleload     back_hdb.la  
 # moduleload     back_ldap.la  
 # Sample security restrictions  
 #     Require integrity protection (prevent hijacking)  
 #     Require 112-bit (3DES or better) encryption for updates  
 #     Require 63-bit encryption for simple bind  
 # security ssf=1 update_ssf=112 simple_bind=64  
 # Sample access control policy:  
 #     Root DSE: allow anyone to read it  
 #     Subschema (sub)entry DSE: allow anyone to read it  
 #     Other DSEs:  
 #          Allow self write access  
 #          Allow authenticated users read access  
 #          Allow anonymous users to authenticate  
 #     Directives needed to implement policy:  
 # access to dn.base="" by * read  
 # access to dn.base="cn=Subschema" by * read  
 # access to *  
 #     by self write  
 #     by users read  
 #     by anonymous auth  
 #  
 # if no access controls are present, the default policy  
 # allows anyone and everyone to read anything but restricts  
 # updates to rootdn. (e.g., "access to * by * read")  
 #  
 # rootdn can always read and write EVERYTHING!  
 #######################################################################  
 # BDB database definitions  
 #######################################################################  
 database     bdb  
 suffix          "dc=kaustubhghanekar,dc=com"  
 rootdn          "cn=Manager,dc=kaustubhghanekar,dc=com"  
 # Cleartext passwords, especially for the rootdn, should  
 # be avoid. See slappasswd(8) and slapd.conf(5) for details.  
 # Use of strong authentication encouraged.  
 rootpw          secret  
 # The database directory MUST exist prior to running slapd AND   
 # should only be accessible by the slapd and slap tools.  
 # Mode 700 recommended.  
 directory     /usr/local/var/openldap-data  
 # Indices to maintain  
 index     objectClass     eq  

Then start slapd.
Before starting it, make sure that environment variables work perfect.
To check this, run following:


 # ldd /usr/local/libexec/slapd  
     linux-vdso.so.1 => (0x00007fffe01ff000)  
     libdb-5.3.so => /usr/local/BerkeleyDB.5.3/lib/libdb-5.3.so (0x00007fe2f743e000)  
     libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003fd1400000)  
     libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003fd2c00000)  
     libc.so.6 => /lib64/libc.so.6 (0x0000003fd0c00000)  
     /lib64/ld-linux-x86-64.so.2 (0x0000003fd0800000)  


So now all the .so files are in place, we can start slapd.


 # /usr/local/libexec/slapd  

Verify all good status by running 'echo $?'


Sometimes when starting slapd after rebooting your server, may give error like this:


/usr/local/libexec/slapd: error while loading shared libraries: libdb-5.3.so: cannot open shared object file: No such file or directory


This is again problem with the environment variables. Make sure you have the variables CPPFLAGS, LDFLAGS, LD_LIBRARY_PATH are configured correctly as described in part1.


Now you can start populating server by adding objects.
For more on creating .ldif files and adding them using ldapadd, ldapmodify etc., look here.

Labels:

OpenLDAP 2.4 on CentOS 6.2 Part 1

It is painful when you have errors and somehow you aren't getting way around it.

Here's how I did my Installation:

Downloaded Latest release of OpenLDAP (2.4.31) from here.

Transferred the file to the CentOS 6.2 Server using Secure Copy (SCP). The directory on server can be any with sufficient space in it. I used /home.

The downloaded package was openldap-2.4.31.tgz.
Extract it.


 # tar -xvf openldap-2.4.31.tgz  

This will create a directory /home/openldap-2.4.31
cd to that Directory.

Here you will have some files including the "configure" script.
To check what options the script provides, perform following command


 #./configure --help  

It is always better to let the script decide what options are best for you. We will choose options later as required.


 #./configure

It will start to configure the build.

Here's first error I encountered:

configure: error: Unable to locate cc(1) or suitable replacement.  Check PATH or set CC.

Then I did


 yum install gcc

Which installed development tools, C compiler etc.

The next error, most common:

configure: error: MozNSS not found - please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)

Location for NSPR and NSS Libraries and Headers varies with Operating System. However, I was unable to find that. I will update soon as soon as I find it.

I tried following option


 #./configure --with-tls=no  

This option bypassed the tls check.

WARNING: Your LDAP Server will then be unable to have TLS Data Protection.

The next error:
configure: error: BDB/HDB: BerkeleyDB not available

This made me download and install BerkeleyDB from here.
To install Berkeley DB see the documentation. I copied it to /home and installed it as follows:


 #tar -xvf db-5.3.21.gz  
 #cd db-5.3.21  
 #make  
 #make install  

Even after installing Berkely DB, it didn't let me proceed with same error. What was missing?
Well I set a few Variables, and I was off.


 CPPFLAGS="-I/usr/local/BerkeleyDB.5.3/include"  
 export CPPFLAGS  
 LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.5.3/lib -R/usr/local/BerkeleyDB.5.3/lib"  
 export LDFLAGS  
 LD_LIBRARY_PATH="/usr/local/BerkeleyDB.5.3/lib"  
 export LD_LIBRARY_PATH  

Make sure you put a capital "I" instead of "i" in CPPFLAGS or it may throw following error:


configure:5251: error: C compiler cannot create executables
See `config.log' for more details.

Then the harsh configure was done.
Next command, Run "make depend", then "make", then "make test" and last "make install"!

Continuing in Part 2, the configuration after installing OpenLDAP.

Labels: , , ,

July 3, 2012

Solving for error when installing Role Center and Enterprise Portal AX 2009

This error ate my head for many hours before I was able to solve it.
I had this error:

No .NET Business Connector session could be found.

When installing Role Center and Enterprise Portal. Make sure you have done following:
  1. AX Client and Business Proxy Connector accounts are pointing to appropriate AOS.
  2. If you have installed SP1 for AOS, then you need to have it installed for Client and BC Proxy also.
  3. Compile SysDevelopmentProxy class from Application Object Tree. If not possible, compile whole application.
Third step is solution for above problem. Very bad.
Also, thanks to Iulian Cordobin on dynamicsuser.net for the solution.

Labels: , ,