Posted by John Paul van Helvoort on January 25, 2010
Using several X systems i was wondering if there would be an easy way to receive an exported DISPLAY to my mac.
Well here are a few steps to follow and make it all happen.
First enable you mac to listen for incoming requests ;
Find from you Applications -> Utilities the X11 app and start it.
Then from the preferences set the following.
After this open a file called org.x.X11.plist threw Finder , which van be found from ~/Library/Preferences/. Change the nolisten_tcp to not selected.
After this disable the access control on your mac ;
XMAC:Preferences jhelvoort$ xhost +
access control disabled, clients can connect from any host
XMAC:Preferences jhelvoort$
Now you should be able to export an DISPLAY to you mac and receive it there ;
oracle@SRVDB01:/u04/database> export DISPLAY=[IP_OF_MAC]:0
oracle@SRVDB01:/u04/database> ./runInstaller
Posted in Database, Linux | Leave a Comment »
Posted by John Paul van Helvoort on December 26, 2009
When using a postfix deamon to filter out bad mail with for example spamassasin , you might want to use your LDAP directory of your Windows Active Directory to query for valid Receipient addresses. This would prevent you from maintaining an aliases file manually.
For this to work , i found the following setup to work flawless :
Change the following line in your main.cf config to include an ldap config file:
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
Then lets take a look at this file ( /etc/postfix/ldap-aliases.cf ) :
# Directory settings
domain = domain.nl
server_host = ldap.domain.nl
search_base = cn=Users, dc=domain, dc=nl
version = 3
# User Binding
bind = yes
bind_dn = cn=ldap, cn=Users, dc=domain, dc=nl
bind_pw = xxxx
# Filter
query_filter = (&(objectclass=person)(proxyAddresses=smtp:%s))
leaf_result_attribute = proxyAddresses
As you can see we need to have a user which is able to bind to the Active Directory in order to retrieve the requested information.
Also we are using the proxyAddresses attribute instead of the mail attribute. This does not only retrieve the primairy mail adress , but also contains any other secundairy defined email adress for any account.
The leaf_result_attribute is returning the result of our query so that we can use it in our postix receipient retrieval. ( This is a new feature in postfix 2.4 and above )
Now when everything is setup correctly you might try to query an email adres using your own made configuration.
# postmap -vq johnpaulvanhelvoort@domain.nl ldap:/etc/postfix/ldap-aliases.cf
…..
postmap: dict_open: ldap:/etc/postfix/ldap-aliases.cf
postmap: dict_ldap_lookup: In dict_ldap_lookup
postmap: match_string: domain.nl ~? domain.nl
postmap: dict_ldap_lookup: No existing connection for LDAP source /etc/postfix/ldap-aliases.cf, reopening
postmap: dict_ldap_connect: Connecting to server ldap://ldap.domain.nl:389
postmap: dict_ldap_connect: Actual Protocol version used is 3.
postmap: dict_ldap_connect: Binding to server ldap://ldap.domain.nl:389 as dn cn=ldap, cn=Users, dc=domain, dc=nl
postmap: dict_ldap_connect: Successful bind to server ldap://ldap.domain.nl:389 as cn=ldap, cn=Users, dc=domain, dc=nl
postmap: dict_ldap_connect: Cached connection handle for LDAP source /etc/postfix/ldap-aliases.cf
postmap: dict_ldap_lookup: /etc/postfix/ldap-aliases.cf: Searching with filter (&(objectclass=person)(proxyAddresses=smtp:johnpaulvanhelvoort@domain.nl))
postmap: dict_ldap_get_values[1]: Search found 1 match(es)
postmap: dict_ldap_get_values[1]: search returned 4 value(s) for requested result attribute proxyAddresses
postmap: dict_ldap_get_values[1]: Leaving dict_ldap_get_values
postmap: dict_ldap_lookup: Search returned SMTP:john.paul.van.helvoort@domain.nl,smtp:john.van.helvoort@domain.nl,smtp:johnvanhelvoort@domain.nl,smtp:jhelvoort@domain.nl
postmap: dict_ldap_close: Closed connection handle for LDAP source /etc/postfix/ldap-aliases.cf
Posted in LDAP, Postfix | 3 Comments »
Posted by John Paul van Helvoort on November 20, 2009
When passing a website using a reverse proxy , you might encounter an 503 error when the site you try to pass on is for some reason not available.
You can monitor this behavior by implementing your own 503 reporting system.
First you take on a line that will catch these errors.
Alias /error /srv/www/htdocs/error
ErrorDocument 503 /error/503.php
After this you can put together your own 503.php script
<?php
ob_start();
header('HTTP/1.1 503');
header('Status: 503');
$error=503
?>
<html>
<title>Example.com Page Reported <? echo $error ?></title>
<body>
<br>
<center><img src=/error/images/logo.png></center>
<br>
<center> Technical Problem Encountered</center>
</body>
</html>
<?
// Retrieve the URL requested
function curPageURL() {
$isHTTPS = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on");
$port = (isset($_SERVER["SERVER_PORT"]) && ((!$isHTTPS && $_SERVER["SERVER_PORT"] != "80") || ($isHTTPS && $_SERVER["SERVER_PORT"] != "443")));
$port = ($port) ? ':'.$_SERVER["SERVER_PORT"] : '';
$url = ($isHTTPS ? 'https://' : 'http://').$_SERVER["SERVER_NAME"].$port.$_SERVER["REQUEST_URI"];
return $url;
}
// Fill basic variables
$page=curPageUrl();
$today = date("F j, Y, G:i");
$ip=$_SERVER['REMOTE_ADDR'];
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// E-mailadres to inform
$to='webmaster@example.com';
$subject='ERROR '.$error.' Reported on '.$page;
$message = '
<html>
<body>
<table>
<tr>
<td>Requested URL</td><td>'.$page.'</td>
</tr>
<tr>
<td>Requested By</td><td>'.$ip.'</td>
</tr>
<tr>
<td>Requested On</td><td>'.$today.'</td>
</tr>
</table>
</table>
</body>
</html>
';
// Mail the error
mail($to, $subject, $message, $headers);
?>
Offcourse you can use this same code to report on different errors reported aswell :).
Posted in Apache, Linux | Leave a Comment »
Posted by John Paul van Helvoort on November 20, 2009
To catch all traffic which requests an APEX admin page like 4550 , you can include these RewriteRules in your Apache Reverse Proxy configuration.
When not set on the first entry point ( in this case the reverse proxy ), you might run into the problem that all traffic received on your back-end server seem to come from an internal adres( your reverse proxy server)
and can therefor not be filtered using the build-in security feature in APEX. So be implementing these rules your site can be made more secure again.
# Set Engine on
RewriteEngine On
# 403 error will be thrown if met
# exclude the password change page for apex users
RewriteCond %{REQUEST_URI}%{QUERY_STRING} !/(apex|builder)/f?p=4155:.*
RewriteCond %{REQUEST_URI}%{QUERY_STRING} /(apex|builder)/f?p=(4[0-9]{3}:.*)
# Making it available still from 127.0.0.1 and 10.0.0.x
RewriteCond %{REMOTE_ADDR} !^(127\.0\.0\.1|10\.0\.0\.[0-9]{1,3})$
# Else , let request go threw
RewriteRule /(apex|builder)/ - [F]
If you want to catch these 403 errors and show a nice error message for it, you can set these lines aswell
alias /error /srv/www/htdocs/error
ErrorDocument 403 /error/forbidden.html
Now place a forbidden.html file in /srv/www/htdocs/error/ and you are all set.
Posted in Apache, Apex, Linux | Leave a Comment »
Posted by John Paul van Helvoort on November 12, 2009
Oracle now provides us with a desktop tool to monitor our environment using the an Oracle Enterprise Grid Control.
Simply install the desktop widget en search your favorite targets to be listed. From here you have a straight link to the target in your monitoring tool in case of any problem.
Here are some examples from after the installation on my desktop.
Target Search & Monitoring
Login screen:
Monitoring targets
High-Load Databases
Load on all databases known to EMGC.
Please visit the Oracle site and try-out there new Tools !
http://www.oracle.com/technology/products/oem/widgets/index.html
Posted in Grid Control | Leave a Comment »
Posted by John Paul van Helvoort on November 11, 2009
After creating a new Oracle Wallet for my apache instance i ran into the error that the opmnctl service would not start when i changed the ssl.conf configuration to pickup the new wallet.
#SSLWallet file:C:\oracle\product\10.1.3\apache\ohs\conf\ssl.wlt\default
SSLWallet file:C:\oracle\WALLETS
Instead i got :
C:\oracle\product\10.1.3\apache\opmn\bin>opmnctl startall
opmnctl: starting opmn and all managed processes…
================================================================================
opmn id=IAS-SRV:6200
0 of 1 processes started.
ias-instance id=IAS-1
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
——————————————————————————–
ias-component/process-type/process-set:
HTTP_Server/HTTP_Server/HTTP_Server/
Error
–> Process (index=1,uid=1246497958,pid=2160)
failed to start a managed process after the maximum retry limit
Log:
C:\oracle\product\10.1.3\apache\opmn\logs\\HTTP_Server~1.log
So stop the , if any , processes again.
C:\oracle\product\10.1.3\apache\opmn\bin>opmnctl stopall
opmnctl: stopping opmn and all managed processes…
To solve this , you should check the auto-logon in your wallet to operate under these conditions.
After this start you opmn processes.
C:\oracle\product\10.1.3\apache\opmn\bin>opmnctl startall
opmnctl: starting opmn and all managed processes…
C:\oracle\product\10.1.3\apache\opmn\bin>
Posted in Apache, Application Server | Leave a Comment »
Posted by John Paul van Helvoort on November 10, 2009
Exception in thread “main” java.lang.IndexOutOfBoundsException: No group 9
While installing Oracle Webcenter Suite 10.1.3.2.0 i ran into the following error.
Command: /u00/oracle/product/10.1.3/web/jdk/bin/java -jar /u00/oracle/product/10.1.3/web/j2ee/home/admin_client.jar deployer:
oc4j:opmn://xxx.helvoort.nl:6004/OC4J_WebCenter oc4jadmin -script /u00/oracle/product/10.1.3/web/portal/conf/oc4jportal_server_xml.params
Exception in thread “main” java.lang.IndexOutOfBoundsException: No group 9
at java.util.regex.Matcher.group(Matcher.java:463)
at java.util.regex.Matcher.appendReplacement(Matcher.java:730)
at java.util.regex.Matcher.replaceAll(Matcher.java:806)
at java.lang.String.replaceAll(String.java:2000)
at oracle.webdb.config.PortletContainerConfigAssistant.replacePwd(Unknown Source)
at oracle.webdb.config.PortletContainerConfigAssistant.configServerXML(Unknown Source)
at oracle.webdb.config.PortletContainerConfigAssistant.main(Unknown Source)
Please use a password without “$” as this is not escaped during configuration and therefor causing the installation to fail during a replace action.
Posted in Application Server | Leave a Comment »
Posted by John Paul van Helvoort on November 9, 2009
When trying to install an application server 10.1.3.2.0 i ran into the following error.
The error is thrown based on an earlier attempt on installing an application server. However, the product was removed successfully and should therefor not throw this error. Even when a different ORACLE_HOME is chosen , the error returns.
This behavior is caused by a corrupted Oracle Inventory as a quick peek in the file inventory.xml located in the ContentXML directory under your current oraInventory reveals that there is no such ORACLE_HOME present at this time.
As a workaround i created a dummy file called “oraInst.loc” in the “/tmp” directory containing these lines :
inventory_loc=/tmp/oraInventory
inst_group=dba
After creating this file , start your installer using
./runInstaller -invPtrloc /tmp/oraInst.loc
Your installer will continue now.
Posted in Application Server | Leave a Comment »
Posted by John Paul van Helvoort on November 6, 2009
After switching our Embedded Gateway to an Apache front-end using modplsql.
We are faced with an error while loading interactive reports using FlashChart.
As we are using a Reverse Proxy to route the traffic to our internal servers , this is actually the cause of our problem for interactive report to show successfully.
In order to overcome this behavior , we added the following lines to our $ORACLE_APACHE_HOME/ohs/modplsql/dads.conf file in between the “Location” definition:
PlsqlCGIEnvironmentList HTTP_HOST=xxx.yenlo.nl
PlsqlCGIEnvironmentList REQUEST_PROTOCOL=http
xxx.yenlo.nl being our public adres for outside and “http” being our protocol.
Restart your apache services by executing :
[apache] xxx:bin> ./opmnctl stopall
opmnctl: stopping opmn and all managed processes…
[apache] xxx:bin> ./opmnctl startall
opmnctl: starting opmn and all managed processes…
Now your FlashChart should show up successfull again !
Posted in Apex, Application Server | Leave a Comment »
Posted by John Paul van Helvoort on November 3, 2009
By default the Apache 2.0 version of Oracle HTTP Server is installed without using the HTTP “worker” method. As this is a performance enhancer , you would like to change your Apache configuration to implement the use of it.
For example , your Apex application will benefit from this as the multi-threated method with mod_plsql is supporting data connection pooling. The old fashion prefork method however is not and there for is not preferable.
Default your Apache process list will look like this after installing the Oracle HTTP Server (Apache 2.0) (10.1.3.3.0);
[apache] xxx:conf> ps -ef | grep httpd
oracle 3775 3738 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 3779 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 3781 3775 0 Oct31 ? 00:03:48 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 3794 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 3801 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 4042 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 4050 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 4327 3775 0 Oct31 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 16187 3775 0 Nov02 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 18433 3775 0 Nov01 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 22394 3775 0 Nov01 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 30316 3775 0 Nov02 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 30439 3775 0 Nov02 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
Here you can clearly see there is no worker process active, but instead the old fashion prefork processes are used.
The following can be done to implement the worker method which will add multi-threading to your httpd configuration.
open your opmn.xml ( located : $ORACLE_HOME/opmn/conf ) and find the following section :
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS2">
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-enabled"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
Change it to ;
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS2">
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-enabled"/>
<data id="mpm" value="worker"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
After this just restart your opmn services
[apache] xxx:bin> ./opmnctl stopall
opmnctl: stopping opmn and all managed processes…
[apache] xxx:bin> ./opmnctl startall
opmnctl: starting opmn and all managed processes…
Now lets check if the worker method is implemented correctly;
[apache] xxx:bin> ps -ef | grep httpd
oracle 23556 23521 3 14:26 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd.worker -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 23560 23556 0 14:26 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd.worker -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 23562 23556 0 14:26 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd.worker -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 23564 23556 0 14:26 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd.worker -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
oracle 23565 23556 0 14:26 ? 00:00:00 /u00/oracle/product/10.1.3/apache/ohs/bin/httpd.worker -d /u00/oracle/product/10.1.3/apache/ohs -DSSL
When you are getting back the httpd.worker process you are running the multithreaded (MPM) method of the Apache 2.0 HTTP Server.
Posted in Application Server | Leave a Comment »
