OpenID & Yahoo

Yahoo have released an OpenID Provider Service
Read all about it!

Advertisements

Sun Java Directory Server 6.2 corruption and recovery…


This has not been classified as a Sun Directory Server error, rather it led to
a method of recovery that I would like to share.

I was working on a pair of Sun Directory Servers (version 6.2)
recently, with a custom plugin. The servers would only start with a very peculiar error
logged every second in the error log (anyone know what this means?)

[18/Jan/2008:18:49:15
+0000] – INFORMATION – conn=-1 op=-1 msgId=-1 – allow_operation:
component identity is NULL

After
a day of researching the error proved futile, we decided to rebuild
from scratch. Fortunately the data appeared intact, though there were
replication errors galore! Secondly, the partner master server logged
the same error every second so that server also needed to be rebuilt.

I
followed the following steps. Note that this was a pair of Sun
Directory Servers (version 6.2) with only a few thousand objects
(development and QA environment). The steps below may not be optimal
for many replicated servers containing hundreds of thousands or
millions of users.

  • Export
    the old instance to LDIF

  • Create
    a new instance

  • Copy
    the certificates and schema from the old instance to the new

  • Import
    the LDIF file

  • Enable
    replication

Assumptions

  1. Sun
    Java Directory Server 6.2

  2. Solaris
    10

  3. PKG
    version of Directory Server.(location of commands differs for the
    ZIP version)

  4. The
    hostname & IP address of the new and faulty Directory instances
    are the same

  5. Two
    servers in MMR (multi-master replication)

  6. Custom
    schema in 99user.ldif

Perform
the following……………..

First Solaris
host

1.
Shutdown the faulty Directory Server

/opt/SUNWdsee/ds6/bin/dsadm
stop /var/opt/SUNWdsee/dsins1

2.Export
the data without replication information

/opt/SUNWdsee/ds6/bin/dsadm
export -Q /var/opt/SUNWdsee/dsins1 dc=company,dc=com
/export/home/CleanExport.ldif

3.
Create a new instance on port 389 since the faulty instance is not
running

/opt/SUNWdsee/ds6/bin/dsadm
create /var/opt/SUNWdsee/dsins2

4.
Copy custom schema from the faulty directory server to the new
instance

(a)
backup the new 99user.ldif

cp
/var/opt/SUNWdsee/dsins2/config/schema/99user.ldif
/var/opt/SUNWdsee/dsins2/config/schema/99user.ldif.BACKUP

(b)
copy the schema

cp
/var/opt/SUNWdsee/dsins1/config/schema/99user.ldif
/var/opt/SUNWdsee/dsins1/config/schema/

5.
Start the new instance

/opt/SUNWdsee/ds6/bin/dsadm
start /var/opt/SUNWdsee/dsins2

6.
Create the suffix

/opt/SUNWdsee/ds6/bin/dsconf
create-suffix dc=company,dc=com

7.
Import the data into the new instance

/opt/SUNWdsee/ds6/bin/dsadm
import /var/opt/SUNWdsee/dsins2 /export/home/CleanExport.ldif
dc=company,dc=com

8.
Enable replication on the new instance

/opt/SUNWdsee/ds6/bin/dsconf
enable-repl /var/opt/SUNWdsee/dsins2 -d 40404 master
dc=company,dc=com

Second
Solaris host

1.
Shutdown the faulty Directory Server


/opt/SUNWdsee/ds6/bin/dsadm stop
/var/opt/SUNWdsee/dsins1

2.Create
a new instance on port 389 since the faulty instance is not running


/opt/SUNWdsee/ds6/bin/dsadm create
/var/opt/SUNWdsee/dsins2

3.
Copy custom schema from the faulty directory server to the new
instance

(a)
backup the new 99user.ldif

cp
/var/opt/SUNWdsee/dsins2/config/schema/99user.ldif
/var/opt/SUNWdsee/dsins2/config/schema/99user.ldif.BACKUP

(b)
copy the schema

cp
/var/opt/SUNWdsee/dsins1/config/schema/99user.ldif
/var/opt/SUNWdsee/dsins1/config/schema/

4.
Create the suffix

/opt/SUNWdsee/ds6/bin/dsconf
create-suffix dc=company,dc=com

5.
Start the new instance

/opt/SUNWdsee/ds6/bin/dsadm
start /var/opt/SUNWdsee/dsins2

6.
Enable replication on the new instance

/opt/SUNWdsee/ds6/bin/dsconf
enable-repl /var/opt/SUNWdsee/dsins2 -d 50505 master
dc=company,dc=com

First Solaris
host

1.Create
replication agreement from host 1 to host 2

/opt/SUNWdsee/ds6/bin/dsconf
create-repl-agmt dc=company,dc=com secondhost:389

2.Initialize
the second Directory Server with data from the first Directory Server

/opt/SUNWdsee/ds6/bin/dsconf
init-repl-dest dc=company,dc=com secondhost:389

Technorati Tags:

Humbled by those who have less, much less.

Although it has been 20+ years since I
finished high school, The English poetry I learnt, still resonates
with me and I can recall phrases and lines to this day. William
Wordsworth wrote a sonnet that I shall reproduce here, since it is,
of course, only 14 lines.

The world is too much with us; late
and soon,
Getting and spending, we lay waste our powers;
Little
we see in Nature that is ours;
We have given our hearts away, a
sordid boon!
This Sea that bares her bosom to the moon,
The
winds that will be howling at all hours,
And are up-gathered now
like sleeping flowers,
For this, for everything, we are out of
tune;
It moves us not.–Great God! I’d rather be
A Pagan
suckled in a creed outworn; (1)
So might I, standing
on this pleasant
lea, (2)
Have glimpses that would
make me less forlorn;
Have sight of
Proteus (3)
rising from the sea;
Or hear old
Triton (4) blow his
wreathed horn.

(1)
Brought up in an outdated religion.

(2)
Meadow.

(3)
Greek sea god capable of taking many shapes.

(4)
Another sea god, often depicted as trumpeting on a shell.

For two years our family was very
fortunate to have the services of a live-in nanny who began her
employment with us a year after our son was born. A rather simple woman,
almost illiterate, and not conversant in English, I recall that when
our daughter started grade one and began to learn reading and
writing, our nanny used some of her free time to study English
reading and writing as well. I remarked to myself that a 60 and 6
year old were learning to read and write English for the first time.
Our nanny grew very fond of our younger son and loved him as if he were the
son she could not bear (her husband divorced her in their youth as they
were unable to conceive). Upon recent a visit to her home country, she
phoned us with the most unfortunate news that she was not returning to
America as she had been diagnosed with breast cancer.

With no dependents of her own, our nanny worked to
save for her and her sisters’ retirement. Her sole possessions
accompanied her in one suitcase when she went home a few weeks ago. Thus when she called to inform us of her
condition, we offered to send her few remaining possessions to her
but she refused and suggested we give them away.

As I cleaned her
room I found notes she had taken in her English language classes. In
the notebook, among other sentences, was written:

“I love children.”

“I love to cook
for the children.”

I was moved to
tears. Here we live in one of the most
sought after areas
in the world. Our children attend magnificent
schools and not deprived of toys nor clothing nor extra-curricular activities. And a
woman who at age 60 is learning English for the first time, writes of her love for children that she could not bear herself. Those of us
consumed by the rat-race and materialism that American consumerism
thrusts upon us, as
Wordsworth wrote, should stop and smell the flowers…..

Technorati Tags:

Patches required to enable Solaris servers and workstations to migrate to native-ldap clients




Notes:



  1. The tables below
    list patches required to allow Solaris SPARC servers and
    workstations to migrate to native-ldap clients. (The equivalent x86 patch is available on the download links below).


  2. The patch column
    contains a number which references the patch to install. The number
    is hyperlinked to http://sunsolve.sun.com
    to enable patch downloads. The links are current as of January
    8
    th, 2008.


  3. IMPORTANT: Solaris
    patches are revised and replaced by newer patches. The links in the
    patch column to download the patch, may not resolve the latest patch
    available. Please read the patch notes carefully, be aware of
    obsoleted patches and download the newer patch.






Solaris 10 patches


Install
SUNWnisu package from the Solaris 10 DVD, before installing patches



















































































































Order



Patch



Prerequisite
patch



1



119213
(NSS patch)



n/a



2



119042



n/a



3



119963



n/a



4



119574



n/a



5



119578



n/a



6



126419



n/a



7



118918



n/a



8



120900



n/a



9



125547



n/a



10



125378



n/a



11



121133



120900



12



126538



119042



13



119254



121133



14



118833



118918


119042


119578


119254



15



120272



119042


126538


118833



16



126897



119578



17



122640



118833



18



125503



118833


118918


119042


119574


119578


120272


120900


121133


126538


122640


126897



19



125369



118833


119578


126897



20



120011



119574


126538


122640


125369


125503


125547


126419


126897











Solaris 9 patches



































Order



Patch



Prerequisite
patch



1



119211
(NSS patch)



n/a



2



112233



n/a



3



112874



112233



4



112960



112874



Solaris 8
patches


























































































Order



Patch



Prerequisite
patch



1



119209
(NSS patch)



n/a



2



111310



n/a



3



111111



n/a



4



112936



n/a



5



116602



n/a



6



115827



n/a



7



113648



n/a



8



111317



n/a



9



111023



n/a



10



110386



n/a



11



108987



112936



12



108528



108987


111111


111310



13



108989



108528



14



128624



108528


108989


110386


111023


111317


113648


115827


116602



15



108993



108528


108989


110386


111023


111317


113648


115827


116602