Blog Category: AIX
Problem When you look for a process in the ps output, the command line of grep often shows up: ps auwwx | grep sshd root 648 0.0 0.0 3732 1012 ? S Apr06 0:00 /usr/sbin/sshd user 20807 0.0 0.0 4836 680 pts/0 S 04:31 0:00 grep /sshd $ This can make writing scripts for automating […]
When ordering a secure certificate, most often one has to deal with the following files: certificate key file (aka private key): .key certificate request file: .csr primary certificate file (issued by the CA): .crt certificate chain (aka intermediate certificate, or sf bundle): sf_bundle.crt As a result, when deploying to a web server, it is necessary […]
Problem How to add another LPAR with a new vlan to an existing SEA. Solution Without downtime: Create one more virtual Ethernet with new vlan, then add this adapter to the current SEA and change the property with chdev command. chdev -dev entX -attr virt_adapters=entY,entZ (where entX is the SEA and entY is the adapter […]
Problem iSCSI is much more flexible and easy to manage then a fibre channel (FC) infrastructure. There is a performance penalty of course, but in many cases the performance penalty is well worth the management benefits. This article will show how to set up the NetApp as a target and the AIX or VIOS host […]
Authentication in Apache is done through htaccess, either from the configuration file, or from the .htaccess file in a given directory. Note that only full directories can be easily protected with this method. Here is how: (first log in to the shell, as this method only works if you have shell access) $ cd …/html/protected_dir […]
In order to get the optimal security and guaranteed mail delivery, the following partition table is recommended: / /data /home /tmp /usr /var /var/qmail /var/qmail/queue
To mount a CD or DVD in an LPAR, first you need to use the media library to assign one of the CDs in the library to the LPAR. For example, using the ivm inteface: Click on the lpar name in the “View/Modify Partitions” section Select the optical devices tab Create a virtual optical device […]
Problem When the domino server caches an MX record, and that record changes, it may take time before the cache is refreshed. In some instances it is desirable to have the DNS cache refreshed on demand. Solution On the Domino console (IBM Domino Administrator -> Server… -> Status -> Server Console) run the following domino […]
Problem You have one or more NetApp storage systems (F960 or later series), running Data ONTAP® 7G (or later). You would like to take advantage of the snapshot capabilities, to facilitate the database backup process. However, you don’t want to use the default root login for the automated logins, nor do you want to use […]
IBM makes it very easy to get the model number and the serial number of an AIX system or a VIOS on thier Power Series: $ uname -M # model number IBM,NNNN-NNN $ uname -m # serial number HHHHHHHHHHHH You don’t even need to be root to run the commands. More useful AIX commands.
Domino Server SSL Key Import By default, the SSL key order process in the Domino Administrator assumes that only single domain certificates are used. Hence, when you have a multi domain UCC or a wildcard certificate, it has to be loaded into the keyring (a.k.a. kyr file) outside of the Domino Administrator. The basic overview […]
In case an application such as the IBM Systems Director needs the DB2 client to be installed, the process has a couple of pitfalls. Here are steps that make the installation very simple. Download the DB2 client from IBM: http://www.ibm.com/software/data/db2/9/download.html Create a directory and unpack the tarball in that directory, and install the client: wget […]
Ever wondered how to exclude a string from grep? Last week I decided to dig until I find the answer, as I had to find a “lost” DB2 script in a pile of archives. It turns out that grep has a feature called “grep for all except”. Finally found that on a mailing list archive […]
To deploy a Sametime environment with multiple levels of licensing, multiple Sametime servers with each respective license versions needed (Entry, Standard, etc.). The Sametime wiki has a number of useful resources to plan out a complex Sametime deployment: http://www-10.lotus.com/ldd/stwiki.nsf/page.xsp?documentId=6F6353B28F5FB51185257775007AC431&action=openDocument http://www-10.lotus.com/ldd/stwiki.nsf/dx/1.3_Lotus_Sametime_product_family http://www-10.lotus.com/ldd/stwiki.nsf/xpViewCategories.xsp?lookupName=Learning%20Center And here are some documents that delve into the details: http://www-10.lotus.com/ldd/stwiki.nsf/dx/Chapter_2._Planning_a_Sametime_8.5.1_deployment http://publib.boulder.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=/com.ibm.help.sametime.v851.doc/plan/plan_topol_deploy.html
Problem When using a complex email infrastructure, multiple email servers are involved usually. The core servers typically take care of managing the data that users access in their day to day activities. Other servers can be used for SPAM/Virus filtering, archival, store and forward functions. It is important for all these servers to be able […]
Questions to ask when planning storage and server infrastructure Storage Requirements What our their current storage environment? (What technology do we use? NetApp, EMC, HP, Hitachi, Compellant?) What is our current amount of usable storage? What is our current data in GB / TB? How much of that data is deemed critical as opposed to […]
Java Shopping Cart Hosting The need to host a shopping cart comes up on a regular basis. There are literally hundreds of very good solutions out there. Here is a list of carts that satisfy the following criteria: – configurable – customizable – embeddable – has a flexible API – compatible with IBM DB2 – […]
DB2 Support for Data Migration When it is time to upgrade from DB2 on Intel to DB2 on Power for example, taking a backup/restore approach isn’t possible as DB2’s backups are platform dependent. The solution is to use a DB2 command called db2move. Basics of db2move db2move allows to export data from DB2 at different […]
Often programmers that haven’t worked with patches before find it intimidating. Patches are actually very simple to deal with. Here is how. Creating Patches diff -u oldfile newfile > filename.patch or diff -urN /olddir /newdir > filename.patch or diff -urN -X excludes /olddir /newdir > filename.patch diff options: -u Output (default 2) lines of unified […]
Synopsis After changing the name of the host on which DB2 9.7 is running, the following error message is received when trying to start the database: 09/28/2009 02:32:50 0 0 SQL6048N A communication error occurred during START or STOP DATABASE MANAGER processing. SQL1032N No start database manager command was issued. SQLSTATE=57019 Solution For each database […]
# rpm -i postgres-[version number].src.rpm # rpmbuild -bb –target i686 /usr/src/redhat/SPECS/postgresql.spec If you get a problem with unpackaged files, use the following trick: vi /usr/lib/rpm/macros An modify some of the lines as follows: # # Script gets packaged file list on input and buildroot as first parameter. # Returns list of unpackaged files, i.e. files […]
Problem You reached the limit or your unhappy with the performance or features of your database server, and you want to move to DB2. The transition can be simple with respect to your code, as it may be just a matter of changing a few lines of code for the connection string, and setting the […]
Summary The AIX NIM server allows a very flexible automated installation process to deploy hundreds or AIX nodes as well as LPARs in a matter of hours. It is possible to achieve similar results using the RHEL kickstart system. This article is about a way of automating the RHEL 5 deployment directly from AIX 6.1 […]
Problem To maximize the benefit from the multi-port adapters on a NetApp, it is best to bond the ports together (some vendors refer to this as “trunk groups”). Then over the new bonded trunk, the various networks can be assigned as VLANs, maximizing the network throughput for each LAN the NetApp needs to communicate with. […]
MySQL allows to select a different king of engine on a per table basis at creation time of each table. Each engine has its advantages and caveats. Here is a brief summary: MyISAM: fastest disk based, least space requirement, non-transactional, slow crash recovery InnoDB: slowest engine, transactional, fastest crash recovery HEAP:fastest overall engine, limited by […]
Installation get it from http://untroubled.org/qmail-autoresponder/ untar the tarball $ make # ./installer # ./instshow # vi /etc/vmailmgr/vdeliver-postdeliver And make sure it contains: #!/bin/sh if test -s /autoresponse/message.txt then qmail-autoresponder /autoresponse/message.txt /autoresponse fi Then # /etc/vmailmgr/vdeliver-predeliver and make sure it contains: #!/bin/sh /usr/local/bin/vcheckquota Then # chmod a+x /etc/vmailmgr/* Usage Put |qmail-autoresponder MESSAGE_FILE DIRECTORY into your […]
Downgrading firmware on a NetApp SAN If you have just reclaimed a shelf from a NetApp SAN that you would like to use with an older head, you will notice that the drives are not recognized. This is due the the fact that DataOntap upgrades the drives automatically when you plug them in to an […]
Problem You need to create an online application that is capable of sending a FAX securely (PCI, HIPAA or other compliance). Solution After trying trustfax and eFax, neither of which has a secure API, Ralph found that Metro Fax has a SSL API for developers and the cost is reasonable. The following SDK as well […]
IBM has a comprehensive approach to encourage security by design. A free Red Book is available for developers: The IBM Redbook for Security in Development The home page for IBM’s main security testing tool is IBM Rational AppScan
Problem You have a few SSL cert files on your server, but you are not sure which one is the newest, or the right cert to use. Solution Look at the contents of a CSR openssl req -noout -text -in [domain_name].csr Where [domain_name].csr is the name of the CSR file. Look at the contents of […]
If you are familiar with Linux and Solaris where the logs are typically in /var/log/messages and /var/adm/messages, looking for the logs on an AIX system might be frustrating at first. The usual file locations are empty or non existent. By default the logs are actually in /var/adm/ras You can change that behavior by configuring syslog.conf. […]
Summary Patching AIX can be intimidating at first for someone coming from the Windows / Linux world. AIX has capabilities that natively support production quality operations. One of these qualities is that one can install patches on an alternative volume, make that volume bootable for testing and allowing an easy way out if something doesn’t […]
Problem When using SMTP TLS, the IBM Domino server shows the following error in the log file: SSL Error: Keyring File access error Solution When engaging the STARTTLS command, the Domino server looks in the default location for the Keyring file with the default name: keyfile.kyr and keyfile.sth. The location is the data root specified […]
NetApp SAN default gateway setup DataOntap is a FreeBSD based operating system built by NetApp. However, most of the command line interface commands differ from the usual FreeBSD commands. When a new NetApp installation is performed, or a NetApp migration is needed, typically the IP address needs to be changed, as well as the default […]
For those of us that are still forced to used 32bit MySQL, there is a table size limit of 4GB by default (even though the file size limit on those systems is 4TB on ext3 – 2TB on NTFS). Here is what to do to lift that limit: ALTER TABLE tbl_name MAX_ROWS=1000000000 AVG_ROW_LENGTH=nnn; You have […]
Enterprise Class Email Protection If you need to go beyond classic SPAM and Virus filtering for your IBM Domino environment, we recommend you take a look at Lotus Protector for Mail Security. Starting at only .50 one time license fee per user, it is easy to see how the ROI over 1 year beats most […]
Problem The explain tables allow to create access plans and visualize them. Before the explain feature of DB2 can be used, the EXPLAIN tables need to be generated. Solution To create the EXPLAIN tables, the following command needs to be issued while connected to the database that the access plain needs to be generated in: […]
Problem: Protecting Cognos 10 App Server The Cognos 10 application runs within an application server. As a result it is vulnerable to attacks over the Internet through the open ports for WWW traffic. Here are some notes on CAF. Ant http://publib.boulder.ibm.com/infocenter/caapps/v8r4m0/topic/com.ibm.swg.im.cognos.inst_apps.8.4.0.doc/inst_apps_i_cnfg_CAF.html You can track firewall activity by checking the log file, which contains rejected requests […]
Problem You have a directory that deserves it’s own file system for some reason. This could be because you need to increase throughput, manage backups separately, manage quotas separately or just to have a cleaner data architecture. Solution Create a new filesystem using mkfs Mount the new filesystem temporarily to /mnt Stop all processes that […]
When entering new services, I was having this error, and I couldn’t figure out why: Checking Table ‘service’ ERROR: 10813…service(number=XXXXXXX): Nextusagedate is ‘0000-00-00’ (FIX MANUALLY) BillMax support promptly acknowledged that it is a bug that cause this behavior under rare circumstances. The solution is to run on the billmax database the following SQL: update service […]