Subversion setup in AD environment

Setting up Subversion in an Windows 2003 Active Directory environment

 
 Install the following packages :

subversion-1.4.2-4.el5_3.1
mod_dav_svn-1.4.2-4.el5_3.1

 Create the repository

mkdir /var/www/svn
chown -R apache.apache /var/www/svn
cd /var/www/svn
svnadmin create SVN-REPO
 
  Create a file structure for project initializations

[root@isportal svn]# mkdir /opt/svn
[root@isportal svn]# cd /opt/svn
[root@isportal svn]# mkdir {branches,tags,trunks}

   
      Import directory structure to the new project

[root@isportal svn]# svn import /opt/svn/ file:///var/www/svn/SVN-REPO/Project1 -m "Initial import for first project"
Adding         /opt/svn/branches
Adding         /opt/svn/trunks
Adding         /opt/svn/tags
 
Committed revision 15.

   
      Now the project can be viewed via an SVN client or firefox using http://servername/SVN-REPO/Project1 provided you have the access rights. Access permissions are provided in the /etc/httpd/conf.d/subversion.conf file as follows :


   DAV svn
   SVNPath /var/www/svn/SVN-REPO
        AuthzSVNAccessFile /var/www/svn/accessfile
        AuthType Kerberos
        AuthName "Kerberos Login"
        KrbAuthRealm DOMAIN.TLD
        KrbVerifyKDC off
        Require valid-user
 


 
      Setup /etc/krb5.conf for kerberos authentication and define the svn access file as below:

[groups]
IT = user@DOMAIN.TLD, user2@DOMAIN.TLD
QCSWrite = developer@DOMAIN.TLD

[SVN-REPO:/Project1]
@IT = r
@QCSWrite = rw
* =

Here the IT group defined in the first section has read access to all repos, the nameWrite groups have read and write access, all others have no access.


To create any new project, just import the directory structure as shown earlier with the new project name, and added a section in the above accessfile as per the requirements of the application team.

Windows restore and Share permissions

I'd to recently do a tape restore of the D drive on one of our machines and the restore worked fine. But the shares were not enabled immediately. After a bit of reading, I figured out this nice thing that Windows stores the shares and security permissions here in the registry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares

All you need to do is restart the server service.
If you are in any case gonna reinstall the server, etc, you can backup this registry (done automatically if u do a system state backup) to a .reg fiel and restore once you're reinstalled the server.

Installing ArcSDE 9.3 64-bit on Red Hat Enterprise Linux 5

* Install Red Hat Enterprise Linux 5.0 with the following package groups:

* from Development group
+ Development Tools package group
+ Legacy Software Development package group
* from Base System group
+ Legacy Software Support package group with compat-openldap from Optional Packages
+ X Window System package group

* Ensure 32-bit i386 versions of these softwares are installed:

o compat-libf2c-34
o compat-libstdc++-33
o compat-libstdc++-296
o libXp
o mesa-libGL
o mesa-libGLU
o openldap
o openssl


[root@srvsde cdrom]#  rpm -qa  --queryformat %-{name}-%{version}-%{release}-%{arch}"\n" | grep ^compat | grep i386$ | sort
compat-libf2c-34-3.4.6-4-i386
compat-libstdc++-296-2.96-138-i386
compat-libstdc++-33-3.2.3-61-i386
compat-openldap-2.3.43_2.2.29-3.el5-i386
[root@srvsde cdrom]#  rpm -qa  --queryformat %-{name}-%{version}-%{release}-%{arch}"\n" | grep ^mesa | grep i386$ | sort
mesa-libGL-6.5.1-7.7.el5-i386
mesa-libGLU-6.5.1-7.7.el5-i386
[root@srvsde cdrom]#  rpm -qa  --queryformat %-{name}-%{version}-%{release}-%{arch}"\n" | grep ^libXp | grep i386$ | sort
libXp-1.0.0-8.1.el5-i386
[root@srvsde cdrom]#  rpm -qa  --queryformat %-{name}-%{version}-%{release}-%{arch}"\n" | grep ^open | grep 86$ | sort
openldap-2.3.43-3.el5-i386
openssl-0.9.8e-7.el5-i686


   * Mount the installation cdrom into /mnt/cdrom

[root@srvsde sde]# mount 172.31.32.120:/media/ESRI /mnt/cdrom/
[root@srvsde sde]# ls /mnt/cdrom/
Autorun.inf  ESRI.bmp  ESRI.exe  ESRI.ini  GDBDirectConnect  GDBDirectConnect_unix  hp  hpia  ibm  linux  Media  PDFs  quickstart.pdf  quickstart_unix.pdf  Readme.txt  sdk  solaris  windows  Xtras

   * Create the sde user
[root@srvsde ~]# useradd sde
[root@srvsde ~]# passwd sde
[root@srvsde ~]# useradd -G oinstall sde
  
   * Switch to sde user

[root@srvsde cdrom]# su - sde
[sde@srvsde ~]$ ls ESRI-linux/
db2  documentation_server  install_db2.htm  install_oracle.htm  install_postgresql.htm  oracle10g  oracle11g  oracle9i  pg
[sde@srvsde ESRI-linux]$ ls ESRI-linux/oracle10g/
01.toc  02.tar  b5.nls  en.nls  install  ja.nls  jp.nls  ko.nls  th.nls  tw.nls  zh.nls

   * Start the installation :
[sde@srvsde oracle10g]$ ./install -load
ESRI is willing to license the software to you only if you accept and agree to the enclosed license agreement. 
If you have read and agree with the terms in the enclosed license agreement type 'yes' to continue the installation process, if not press  or type 'no' to exit installation process. [no] yes


Press  to take the default, '?' for help, '^' to return to 
the previous question, or 'q' to quit.

Enter CD-ROM mount point: [/cdrom] /mnt/cdrom

Select which product to load by entering the product number.

   1 - /mnt/cdrom/hp/db2_64
   2 - /mnt/cdrom/hp/informix
   3 - /mnt/cdrom/hp/oracle10g_64
   4 - /mnt/cdrom/hp/oracle9i_64
   5 - /mnt/cdrom/hpia/oracle10g_64
   6 - /mnt/cdrom/ibm/db2_64
   7 - /mnt/cdrom/ibm/informix
   8 - /mnt/cdrom/ibm/oracle10g_64
   9 - /mnt/cdrom/ibm/oracle11g_64
  10 - /mnt/cdrom/ibm/oracle9i_64
  11 - /mnt/cdrom/linux/db2
  12 - /mnt/cdrom/linux/oracle10g
  13 - /mnt/cdrom/linux/oracle11g
  14 - /mnt/cdrom/linux/oracle9i
  15 - /mnt/cdrom/linux/pg/arcsde
  16 - /mnt/cdrom/solaris/db2_64
  17 - /mnt/cdrom/solaris/informix
  18 - /mnt/cdrom/solaris/oracle10g_64
  19 - /mnt/cdrom/solaris/oracle11g_64
  20 - /mnt/cdrom/solaris/oracle9i_64

Enter product number to load: [1] 12

Enter pathname to install directory: [/home/sde/ESRI-linux/oracle10g] 
The pathname to the install directory must not contain any upper-case letters

Enter pathname to install directory: [/home/sde/ESRI-linux/oracle10g] /home/sde/sdeexe9.3

Directory does not exist: /home/sde/sdeexe9.3
Would you like to create it? [yes] 

ArcSDE version 9.3 for Oracle10g - May 14, 2008  
-------------------------------------------------

ArcSDE Product
Package numbers to load: [all] 


Package selection complete
--------------------------

You have chosen the following packages to be loaded

ArcSDE Product
 ArcSDE Server                                         

Is this correct? [yes] 

Total size of chosen packages in megabytes: 169.7
Available space in megabytes: 4460.0

List file names while loading? [no] yes

Loading package(s), Please wait...

Help/
Help/accom_users.htm
Help/accounts.png
Help/add_new_svc.htm
Help/add_server.png
Help/add_soc.htm
Help/add_soc_1.png
Help/add_usrs_agsadmin.htm
Help/add_usrs_agsusers.htm
Help/agol_coordsys_extent.png

------------SNIP--------------

sdeexe93/lib/libpe.so
sdeexe93/lib/libsg.so
sdeexe93/lib/libsde.so
sdeexe93/lib/libsdeora10gsrvr93.so
sdeexe93/lib/libgsrvrora10g93.so
sdeexe93/lib/libsdesetup.so
sdeexe93/lib/liblocssa.so
sdeexe93/lib/libst_shapelib.so

Finished loading package(s)

Exiting...



   * Uncomment
      esri_sde      5151/tcp     # ArcSDE service on pinetree
in $SDEHOME/etc/services.sde


   * Copy the createsdeoracle.sql script to oracle home.
[root@srvsde ~]# cp /home/sde/sdeexe9.3/sdeexe93/tools/oracle/createsdeoracle.sql /home/ora10g/

   * Switch to Oracle user
[root@srvsde ~]# su - ora10g

   * Modify the createsdeoracle.sql file to replace the LOCATION variable in the line
datafile '/LOCATION/sde.dbf' size 400M
to
datafile '/u03/oradata/SRVSDE/sde.dbf' size 400M

   * Execute the script

[ora10g@srvsde ~]$ sqlplus "/ as sysdba" @createsdeoracle.sql

SQL*Plus: Release 10.2.0.4.0 - Production on Thu Jul 2 09:47:13 2009

Copyright (c) 1982, 2007, Oracle.  All Rights Reserved.


Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

* CREATESDEORACLE.SQL script         *
*            *
* Purpose:           *
*            *
* To create the SDE tablespace, the SDE Oracle user    *
* and grant privileges to the SDE user       *
*            *
* NOTES: 1. Before running this script        *
*     Replace the word LOCATION with the pathname for  *
*     the sde.dbf datafile to be created.       *
*            *
*  2. If upgrading remove rem from the grants in the   *
*     upgrade section         *
*            *
*  3. Please use the sys user to run this script.      *
*     You will also need to the system password      *
*            *
*    Example:           *
* % sqlplus "sys as sydba" @createsdeoracle.sql      *
*            *
*            *
**************************************************************
* Granting of permissions by the SYS user in Oracle, on two packages
* to the public role.

Grant succeeded.


Grant succeeded.

* * * * * * * * * * * * * * *
* ArcSDE NEW INSTALLATION   *
* * * * * * * * * * * * * * *
* Connect as system/ to create the sde
* tablespace and user.
Enter password: 
Connected.
* Create the sde tablespace.
* Before you run this script update LOCATION for the desired datafile pathname.

Tablespace created.

* Create the sde user
* The password for the sde user is set to "XXX". You may
* change this if you wish.

User created.

* Granting the required privileges to the sde user.

Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.


Grant succeeded.

* SELECT ANY TABLE is required for compressing the database
* This privilege needs to be granted whenever a compress is run.

Grant succeeded.

* ADMINISTER DATABASE TRIGGER can be revoked after install

Grant succeeded.

* * * * * * * * * * *
* ArcSDE UPGRADE    *
* * * * * * * * * * *
* If upgrading please remove rem from each grant.
* Granting the required privileges to the sde user.
* After upgrading you may revoke the following privileges
* Please remove rem from each grant.
* Revoking the upgrade privileges to the sde user.
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
[ora10g@srvsde ~]$ sqlplus "/ as sysdba"

SQL*Plus: Release 10.2.0.4.0 - Production on Thu Jul 2 09:48:20 2009

Copyright (c) 1982, 2007, Oracle.  All Rights Reserved.


Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> 
SQL> 
SQL> 
SQL> 
SQL> GRANT EXECUTE ON dbms_pipe TO public;

GRANT EXECUTE ON dbms_lock TO public;
Grant succeeded.

SQL> SQL> 

Grant succeeded.

SQL> exit
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options


    * Configure the .bash_profile in /home/sde


[root@srvsde lib]# cat /home/sde/.bash_profile
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
 . ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin
SDEHOME=/home/sde/sdeexe9.3/sdeexe93/
export SDEHOME
ORACLE_HOME=/oracle/product/10.2.0
export ORACLE_HOME
TNS_ADMIN=$ORACLE_HOME/network/admin
export TNS_ADMIN
ORACLE_SID=QNMPSDE
export ORACLE_SID
PATH=$PATH:$SDEHOME/bin:$ORACLE_HOME/bin
export PATH
LD_LIBRARY_PATH=$SDEHOME/lib:/usr/lib:/lib:$ORACLE_HOME/lib:$ORACLE_HOME/lib32
export LD_LIBRARY_PATH
unset USERNAME

export PATH


    * Execute the sdesetup script
[sde@srvsde bin]$ ./sdesetup  -o install -d ORACLE10G -H /home/sde/sdeexe9.3/sdeexe93/ -u sde -p XXX -D qnmpsde -i esri_sde -l /home/sde/ECP666666666_v93.ecp 

ESRI ArcSDE Server Setup Utility Thu Jul  2 10:43:51 2009
----------------------------------------------------------------
Install or update ArcSDE, GDB schema objects: 
  Are you sure? (Y/N): y
Creating ArcSde schema.....
Successfully created ArcSde schema.

Installing locators.....
Successfully installed locators.

Creating geodatabase schema.....
Successfully created GDB schema.


Registering authorization key.....
Successfully registered authorization key.

Successfully installed ArcSDE components. 
Refer SDEHOME\etc\sde_setup.log for more details.


    * Start the sde service
[sde@srvsde bin]$ sdemon -o start
Please enter ArcSDE DBA password: 


-------------------------------------------------------
ArcSDE 9.3  for Oracle10g Build 508 Thu Apr 17 12:23:18  2008
-------------------------------------------------------


ST_Geometry Schema Owner: (SDE) Type Release: 1007

Instance initialized for ((sde)) . . .


Connected to instance . . .

DBMS Connection established...

RDBMS:     "Oracle"
Instance Name:    "esri_sde"

IOMGR Process ID (PID):           13547 


ArcSDE Instance esri_sde started Thu Jul  2 11:05:33 2009

Schedule cron jobs to send sms on mobile

I've got a weekly shutdown for our Websphere servers for a Database backup. To keep an eye on the logs as the shutdown procedures happen, I've got this cron entry

# Shut down Websphere Portal for Oracle backup every Thursday 12:05 midnight and start next morning 4:15 AM
05 00 * * 5    /etc/init.d/websphere_portal stop 2>&1 > /root/portal-stop.log; echo $HOSTNAME >> /root/portal-stop.log; tail -n 6 /root/portal-stop.log | mailx 'nabeel@smsserver.domain.tld'
15 04 * * 5    /etc/init.d/websphere_portal start 2>&1 > /root/portal-start.log; echo $HOSTNAME >> /root/portal-start.log; tail -n 6 /root/portal-start.log | mailx 'nabeel@smsserver.domain.tld'

So I get the last 6 lines in my mobile inbox as SMS

Init script for Websphere Portal/DB2 on linux

Copy the following script to /etc/init.d/webpshere_portal or some name.

#!/bin/bash
# Websphere_portal  # Startup script for IBM WebSphere Portal Server
#
# chkconfig: - 99 15
# description: Websphere Portal server startup
# processname: websphere_portal
# pidfile: /var/run/websphere_portal.pid
# author: Nabeel Moidu nabeelmoidu.at.gmail dot com
# Source function library.
. /etc/rc.d/init.d/functions

portal=/opt/IBM/PE/AppServer/profiles/wp_profile/bin
args=WebSphere_Portal
prog="WebSphere Portal Server"
proc=/opt/IBM/WebSphere/AppServer/java/bin/java
RETVAL=0
username=portaluser
password=password


# verify installation
if [ ! -x $portal ]; then
echo "$prog is not installed"
exit 0
fi

# source function library
. /etc/rc.d/init.d/functions


case "$1" in
start)

 # Websphere should come up only if DB2 is up.
 for (( ; ; ))
 do

 # Check status of DB2
 su - wpdb2ins -c 'db2gcf -s' | grep Available;
 PRC_EXT_STAT=$?;

 # If DB2 is available, then startup the portal

 if [ $PRC_EXT_STAT = "0" ]; then
  echo -n "Starting $prog: "
  
  # Set ulimit
  ulimit -n 1000000
  
  # setup environment variables
  . /home/wpdb2ins/sqllib/db2profile
  
  # Bring up the portal
  $portal/startServer.sh $args 
  RETVAL=$?
  if [ $RETVAL = 0 ]; then
   touch /var/lock/subsys/websphere_portal
   echo_success
  else
   echo_failure
  fi
  break;
 # If DB2 is not up, then start DB2
 else
  su - wpdb2ins -c 'db2start'
 fi
 done

 ;;
stop)
 echo -n "Shutting down $prog: "
 $portal/stopServer.sh $args  -username $username -password $password 
 RETVAL=$?
 if [ $RETVAL = 0 ]; then
  rm -f /var/lock/subsys/websphere_portal
  # Shut down DB2
  su - wpdb2ins -c 'db2stop';
  echo_success
 else
  echo_failure
 fi
 echo
 ;;
restart)
 $0 stop
 $0 start
 ;;
status)
 status $proc
 ;;
*)
 echo "Usage: websphered {start|stop|restart|status}"
 exit 1

esac

exit 0

Then execute the following commands



chmod +x /etc/init.d/websphere_portal
chkconfig --add /etc/init.d/websphere_portal
chkconfig --level 345 websphere_portal on


SVN error

[root@up-subversion ~]# svn import NetBackup file:///test/ -m "test"
svn: The log message is a pathname (was -F intended?); use '--force-log' to override

Fix
[root@up-subversion ~]# svn import NetBackup file:///test/ -m "test message"

The message name was the same as the repo name and hence the error

Lotus Forms Error

One of the developers in our application team was deploying a forms app on a Websphere Portal and this error kept occuring

[com/PureEdge/xfdl/FormNodeP]: java.lang.NoClassDefFoundError: com/PureEdge/xfdl/FormNodeP

It turned out the Websphere Portal did not have the Shared Library LFS_API_LIB configured. Once I added it and restarted the Portal , it worked.

Set language firefox google search

It annoys me often when my google searches via the default firefox google extension directs me to an arabic page. Here's how you fix it on linux (thanks to Colin Verot http://www.verot.net/google_language.htm ).

Edit the file
/usr/lib64/firefox-x.x.x/searchplugins/google.xml
or
/usr/lib/firefox-x.x.x/searchplugins/google.xml

and add the line
Param name="hl" value="en"

Restart Firefox.

LVM Volume group extension fails

If it fails with a message about missing uuid, try


vgreduce --removemissing VolGroupName


This removes the mising volumes in the group and we can proceed with the volume group extension

Disabling security for Websphere Application Server

Quite a few times I've got my WAS installations having their security settings corrupted thereby denying me login into the admin console.
Here's how you disable security in such cases (of course you need to have root access to shell )

vim /opt/IBM/PE/AppServer/profiles/profile_name/config/cells/instance_name/security.xml

in the first line disable security

useLocalSecurityServer="false"
enabled="false"

Now login with any name, troubleshoot the login issues and switch it back.

ISA unable to access site

One of my friends couldn't access the birlasunlife.com website on IE 8 when passed through a proxy.
It was working on firefox though. Looks like its a malformed url as mentioned here
http://blogs.technet.com/yuridiogenes/archive/2008/10/09/error-64-from-the-field-to-the-classroom.aspx
good article in there.

ISA 2006 and migration troubles

Our ISA 2004 server got screwed up and from my previous experience I'd found that setting up a new one and importing the settings is easier than troubleshooting one. So while my colleague worked on troubleshooting the existing one, I put up a new server with ISA 2006 ( a FORCED upgrade ;) )
and tried importing the old settings to the new server.

I'd exported the configuration of the ISA 2004 server to an xml file some time back so that came in handy today. But while importing, it prompted for a password. I don't remember ever providing a password for the exported xml. I tried my usual ones but it was all in vain. I tried deleting the password line in the xml file.It didn't work. Finally after going through some forums etc. I figured out that the best way was to export the config of the new ISA 2006 to a new file, open the new and old xml files in an xml editor and identify the Array and Enterprise sections. Copy over the two sections from the old config to the newly exported file. Save it and import the configurations from the new xml file. You should have all the settings and rules of the old server working.

MySQL backup script

#!/bin/bash
# A simple shell script to backup all MySQL Server Database
# Each dump will be line as follows:
# Directory:  /var/lib/mysql/backup/mm-dd-yyyy
# File: mysql-DBNAME.04-25-2008.gz
# -------------------------------------------------------------------------
NOW=$(date +"%m-%d-%Y") # mm-dd-yyyy format
FILE="db-full-$NOW.tar.gz"
BAK="/var/lib/mysql/backups/"
 
### Server Setup ###
#* MySQL login user name *#
MUSER="user"
 
#* MySQL login PASSWORD name *#
MPASS="pass"
 
#* MySQL binaries *#
MYSQL="$(which mysql)"
MYSQLDUMP="$(which mysqldump)"
GZIP="$(which gzip)"
 
# get all application related databases
DBS="$($MYSQL -u $MUSER -p$MPASS -Bse 'show databases' | grep -v information_schema)"

# create backups securely
umask 006 

# start to dump database one by one
for db in $DBS
do
 FILE=$BAK/mysql-$db.$NOW.gz
 # gzip compression for each backup file
 $MYSQLDUMP -u $MUSER -p$MPASS $db | $GZIP -9 > $FILE
done

Websphere startup script for linux

Startup script for Websphere Application server on linux. Its got an added check for Oracle connectivity before the service is brought up.

#!/bin/bash
# Websphered  # Startup script for IBM WebSphere Application Server
#
# chkconfig: - 99 15
# description: IBM's J2EE application server
# processname: websphered
# pidfile: /var/run/websphered.pid

# Source function library.
. /etc/rc.d/init.d/functions

websphered=/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/bin
args=server1
prog="WebSphere Application Server"
proc=/opt/IBM/WebSphere/AppServer/java/bin/java
RETVAL=0
username=user
password=password


# verify installation
if [ ! -x $websphered ]; then
echo "$prog is not installed"
exit 0
fi

# source function library
. /etc/rc.d/init.d/functions


case "$1" in
start)

 # Continous loop to check Oracle connectivity. Websphere should come up only if Oracle is up.
 for (( ; ; ))
 do

 # Check for Oracle connectivity

 su - oracle -c '/opt/Oracle/product/10.2.0/client_1/bin/tnsping database_name ' | grep OK;
 PRC_EXT_STAT=$?;

 # If Oracle is pingable, then startup WAS and break out of loop

 if [ $PRC_EXT_STAT = "0" ]; then
  echo -n "Starting Websphere Application Server: "
  $websphered/startServer.sh $args 
  RETVAL=$?
  if [ $RETVAL = 0 ]; then
   touch /var/lock/subsys/websphered
   echo_success
  else
   echo_failure
  fi
 #Break out of loop
 break;
 echo
 fi
 # Wait 30 seconds before checking again 
 echo " Waiting for Oracle connectivity: "
 sleep 30

 done

 ;;
stop)
 echo -n "Shutting down websphered: "
 $websphered/stopServer.sh $args  -username $username -password $password 
 RETVAL=$?
 if [ $RETVAL = 0 ]; then
  rm -f /var/lock/subsys/websphered
  echo_success
 else
  echo_failure
 fi
 echo
 ;;
restart)
 $0 stop
 $0 start
 ;;
status)
 status $proc
 ;;
*)
 echo "Usage: websphered {start|stop|restart|status}"
 exit 1

esac

exit 0