This week I had the “Red Hat Enterprise Directory Services and Authentication” course and exam in Amsterdam.
In the course we had some very nice stuff, like Red Hat DS and at the end Red Hat Enterprise IPA… all very cool… but today I had the exam (due to the RedHat NDA I am not allowed to say anything about the exam, so I won’t do it)… but a few hours after the exam I received my results… and I passed the exam 
For a project I am working on migrating UNIX applications to Linux. Most of the scripting work supposed to be done in India, and that is where the issues came in. First you have a developer who knows how to work with M$ Technet and never worked with PERL before (at least 80% of the scripts is written in PERL).
First of all I introduced the user Net::LDAP within PERL, because they first did a ldapsearch, put the output into a ASCII file… and with a PERL script they structured the data… and loaded it into a Oracle database… so that was the first improvement.
Next there were several issues, like not good reading or understanding LDAP/PERL at all…
But at a certain moment, they start complaining about the fact that one of the scripts was slow… on the old system the script had a run time of 4 hours… and now it is up to 28 hours(!!!) 
So they requested me to investigate this.
First I found a ‘main’ kornshell script doing the next thing:
for VAR in a b d e f g i j k m n o p q r s t u v w x y z
do
  for NAME in “‘” a b c d e f g h i j k l m n o p q r s t u v w x y z
  do
    ldap_script.pl $NAME $VAR
  done
done
The content of the ldap_script.pl was something like:
#!/usr/bin/perl
use Net::LDAP;
$ldap = Net::LDAP->new($LDAP_SERVER);
$ldap->bind($LDAP_DN, password=>$LDAP_PASSWD) or die “Cannot connect”;
$LDAP_FILTER=”(&(sn=$ARGV[0]*)(OfficeName=$ARGV[1]*))”;
$mesg = $ldap->search(base=>$LDAP_BASE,
                     filter=>$LDAP_FILTER,
                    ) or die “Cannot connect”;
push(@ENTRIES,$mesg->entries);
$ldap->unbind;
I thought that this costs a lot… loading PERL script, connecting to server, binding to it… et cetera… And this was done in the original script > 2000 times 
So… I removed the loop out of the mainscript… and implemented it into the PERL-script, like this:
use Net::LDAP;
$ldap = Net::LDAP->new($LDAP_SERVER);
@LOOP=(“a”,”b”,”c”,”d”,”e”,”f”,”g”,”h”,”i”,”j”,”k”,”l”,”m”,”n”,”o”,
      “p”,”q”,”r”,”s”,”t”,”u”,”v”,”w”,”x”,”y”,”z”, “‘”);
$ldap->bind($LDAP_DN, password=>$LDAP_PASSWD) or die “Cannot connect”;
foreach $LOOP1 (@LOOP)
{
 foreach $LOOP2 (@LOOP)
 {
    $LDAP_FILTER=”(&(sn=$LOOP1*)(OfficeName=$LOOP2*))”;
    $mesg = $ldap->search(base=>$LDAP_BASE,
                          filter=>$LDAP_FILTER,
                         ) or die “Cannot connect”;
    push(@ENTRIES,$mesg->entries);
 }
}
$ldap->unbind;
And this runs within 3 hours!!! And it is flying!
There can be done more performance tuning… but that will be another project!
NOTE: Some of the software is very experimental!!! I had some issues that my .ics was totally removed when I added a new ‘task’ via lightning, please make a backup of your ics file!
Some while ago I wrote a small article about WebDAV and Calendar …
Yesterday evening I completed for 50% an entry from my wish-list regarding my servers. On the backup-MTA I now have TLS and authenication enabled on Sendmail I wanted to have this enabled, because from my laptop I often setup an SSH-tunnel, but o…
As I wrote before, I did pass RHCE, RHCT and LPIC1. After a few weeks of study I also passed LPIC2 and ITIL 
The results for ITIL:
Passing score: 65
Your score…: 67
Grade……..: PASSED
Section Title                    Score
————————————– —–
General                         66
Service Desk                     66
Incident Management                25
Problem Management                 80
Change Management                 80
Configuration Management            75
Release Management                100
Service Level Management            66
Availability Management              0
Capacity Management                50
IT Service Continuity Management      100
Financial Management for IT Services  100
Other ITIL Topics                 100
Relationships                    50
But I also passed LPIC 201 en LPIC 202.
LPIC 201 results:
Section                       Percent Correct
———————————— —————
Linux Kernel                        90%
System startup                      87%
Filesystem                         100%
Hardware                           75%
File and Service Sharing               87%
System Maintenance                   83%
System Customization & Automation        66%
Troubleshooting                     50%
LPIC 202 results:
Required score: 500
Your score….: 740
Status……..: PASS
Section                       Percent Correct
———————————— —————
Networking configuration             85%
Mail & News                       92%
DNS Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 80%
Web Services                     100%
Network Client Management            66%
System Security                    80%
Network Troubleshooting             100%
I have a Nokia N80ie, and use it the fetch my e-mail on it. On my server I use a self-signed certificate, which is not known by the Nokia, so everytime I have to permit access So the first step is to fetch public certificate with openssl:$ openss…
Every sysop might recognize this… I changed a config file some while ago… but what did I change and what is the history of that file. Besides of the changes, I want to have them in a backup 
So I decided to setup a config-file repository, where the servers can commit automaticly their changes using SVN over SSH. I use SSH to have no password prompts but certificates. Only the user svn-backup can commit files to the repository. On both server I only checked out the repository-part concerning them.
[root@tank] svn co
svn+ssh://[email protected]/repos/config-files/tank
/usr/data/svn-config
And in the crontab for the user root, we have the next entry:
45 * * * */usr/local/backup/svn-backup.sh
And in the svn-backup script we have the next lines:
#!/bin/bash
#
# Subversion script to backup configfiles
#
# Written by Pieter de Rijk <pieter -at- de-rijk.com>
SVN_BACKUP_PATH=”/usr/local/svn-backup”
cp -R /usr/local/etc/ $SVN_BACKUP_PATH/usr/local/etc/ > /dev/null 2> /dev/null
cp -R /etc/ $SVN_BACKUP_PATH/etc/ > /dev/null 2> /dev/null
rm -rf $SVN_BACKUP_PATH/usr/local/etc/squid/errors
rm -rf $SVN_BACKUP_PATH/usr/local/etc/squid/icons/*.jpg
rm -rf $SVN_BACKUP_PATH/usr/local/etc/squid/icons/*.gif
cd $SVN_BACKUP_PATH
/usr/local/bin/svn up > /dev/null 2> /dev/null
for files in “`/usr/local/bin/svn status $SVN_BACKUP_PATH | grep ^?`”;
do
  ADD_FILE=`echo $files | awk ‘{ print $2 }’`
  if [ ! -z $ADD_FILE ];
  then
    /usr/local/bin/svn add $ADD_FILE
  fi
done
/usr/local/bin/svn commit -m “[`hostname -s`] Config changes `date`”
And when something change I receive a message
Only users in the wheel group can checkout the repositories, but are not allowed to commit
As I wrote before some vendor promissed me a 16-core machine…. and indeed we received it. Now I have my ‘toy’ placed in the basement. Besides of some trouble putting a modified version of RHEL 4.5 on it, it works fine. At this moment I’ve insta…
For a project at work, I did some benchmark tests of the impact of SSH-tunnels on HTTP-traffic. And as we should suspect is true, on this test the traffic slows down with a factor 6. I did this, because some off-shore company out of India came u…
At work we received from a vendor, as they told us, a quad quad-core (16 cores total) to test our applications So we start installing it with RHEL4. And we only saw 8 cores… so we start mailing to the vendor with screenshots… and one of the …
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible and enable advertising to provide you free content. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.