How to query the Domino 8.5.3 LDAP database with ldapsearch

By default the ldapsearch utility is installed on the Domino server in the “bin” directory where all the other utilities are.  You need a local domain admin to bind a domino query on the local server, and you need its credentials. Here is an example:


su - dominouser
cd /path/to/domino/data
/opt/ibm/lotus/bin/ldapsearch -h domino.server.address.com -D "cn=adminuser,o=org" -w adminpassword uid="adminusershortname"


Creating an easy to deploy SSL certificate in PEM format

When ordering a secure certificate, most often one has to deal with the following files:

  • certificate key file (aka private key): .key
  • certificate request file: .csr
  • primary certificate file (issued by the CA): .crt
  • certificate chain (aka intermediate certificate, or sf bundle): sf_bundle.crt

As a result, when deploying to a web server, it is necessary to configure 3 files: the key, the cert, and the trust chain. However, a little known fact is that these can be combined in a “pem” file that holds all three. One may even include the trusted root certificate optionally. Here is how:

  • download your certificates (your_domain_name.crt) from your NewPush Customer Portal.
  • paste the entire body of each certificate one by one into one text file in the following order:
    • domain.key
    • domain.crt
    • sf_bundle.crt

    Make sure to include the beginning and end tags on each certificate. The result should look like this:

    -----BEGIN RSA PRIVATE KEY-----
    ...
    -----END RSA PRIVATE KEY-----
    -----BEGIN CERTIFICATE-----
    ...
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    ...
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    ...
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    ...
    -----END CERTIFICATE-----

The number of

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

sections will depend of the length of the certificate trust chain.


Hello Xtend

The Eclipse foundation announced today the availability of Xtend, and improvement on the Java language, that remains compatible. See the video below, and check out the Xtend website to see for yourself, how Xtend embraces Java, while improving it readability and adding a number of nifty features, some of which programmers like in Smalltalk, Perl, and PHP.

Xtend Intro from Xtext Team on Vimeo.


What is the difference between site to site and mobile VPN?

For most businesses, there are two types of VPN that apply:

  • site to site VPN: this is used to link sites, such as your office and the data center,
  • mobile VPN: this is used to link mobile or home users to a corporate site, or a data center.

The mobile VPN to your office is typically free, you just need to pay a one time setup fee and sometimes an extra license fee depending on the vendor. If your firewall is based on pfSense, there are no extra license fees.

The site to site VPN is typically priced on a per channel basis, to cover our bandwidth and virtual port costs on the terminating firewall in the data center. This is optional, and you can decide to sign up for that service once there is a clear business case for it.


How to install Tomcat 6 on RHEL 6 or CentOS 6

Here are some steps to install Tomcat 6 on Red Hat 6 (or CentOS 6).

 

First we are going to prepare the repository:


yum install yum-priorities
rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
rpm -Uvh http://mirrors.dotsrc.org/jpackage/6.0/generic/free/RPMS/jpackage-utils-5.0.0-7.jpp6.noarch.rpm

Next we will install Java and Tomcat 6:


yum -y install java
yum -y install tomcat6 tomcat6-webapps tomcat6-admin-webapps

Finally we can launch Tomcat 6:


service tomcat6 start

To connect to Tomcat, just browse to port 8080 on the server, for example:


http://127.0.0.1:8080/

Here are a couple of diagnostic commands to test that Tomcat is running:

# service tomcat6 status
tomcat6 (pid 17318) is running... [ OK ]
# netstat -nlp|grep 800
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN xxxxx/java
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN xxxxx/java
# netstat -nlp|grep 8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN xxxxx/java

File Structure

The Red Hat file structure is different than the default file structure Tomcat 6 has when installing from source. Here is the file structure that is used when installing with this method:

/etc/tomcat6 (this is where the main tomcat config files reside)
/usr/share/doc/usr/share/tomcat6
/usr/share/tomcat6/bin
/usr/share/tomcat6/conf
/usr/share/tomcat6/lib
/usr/share/tomcat6/logs
/usr/share/tomcat6/temp
/usr/share/tomcat6/webapps
/usr/share/tomcat6/work
/var/cache/tomcat6
/var/cache/tomcat6/temp
/var/cache/tomcat6/work
/var/lib/tomcat6 (this is where you will add and/or change most of your files)
/var/lib/tomcat6/webapps
/var/log/tomcat6

Here is an article that explains how to add support for JConsole debugging and/or monitoring to Tomcat:
https://wiki.internet2.edu/confluence/display/CPD/Monitoring+Tomcat+with+JMX


Install Packages on OpenBSD 4.x and OpenBSD 5.x

To install binary packages on OpenBSD, the package manager needs to have the correct download URL.  This URL changes based on OpenBSD version and architecture.  Here is how to set it independently:

export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(machine -a)/

Once that is done, the pkg_add command will work. In fact all pkg_* commands will work.


OpenVPN connects, but no ping

OpenVPN connection issue on Windows Vista and Windows 7

 

Problem

When connecting to an OpenVPN tunnel on Windows Vista or Windows 7, the OpenVPN GUI shows the connection as successful, but the protected network can not be reached.

Solution

Start OpenVPN as administrator. This is necessary even of the account launching OpenVPN is an administrator level account. If the OpenVPN GUI is already running, quit the application. Before launching OpenVPN GUI, right click, and select “Run As Administrator”.

There is a way to make this permanent in the Windows application properties:

Right click on the OpenVPN GUI icon, then click on Properties, and on the Compatibility tab. Tick the “Run this program as an administrator box.”


Enterprise Social Media Analytics with Atlas for Connections

The key benefits from deploying an enterprise social media software are to improve

  • customer satisfaction by building stronger relationships with customers,
  • staff effectiveness by simplifying access to existing internal expertise,
  • staff retention by allowing employees to build a stronger network and stronger relationships within the enterprise.

Atlas for IBM Lotus Connections is a social networking application, available from IBM Software Services for Lotus (ISSL), that allows users to visualize their current network of contacts and see how they can efficiently extend that network to tap into valuable resources and trusted experts across an entire organization.

Atlas enables these capabilities by accessing information from the different components of Lotus Connections. When users log in to their dashboard, Atlas compiles and displays information that will help them better understand the company’s professional networks and who they can tap into these networks to increase their effectiveness day in and day out.

With the help of these different components, Atlas allows users to:

  • visualize and analyze social networks in an organization,
  • identify the shortest path to reach someone,
  • find expertise across extended networks,
  • visualize and manage their personal networks.

Contact us to leverage this social networking and visualization application to help your company build vibrant and balanced professional networks, increase team effectiveness, and improve individual productivity.

Watch this brief demo from IBM demonstrating how to unlock the value of enterprise social media.