Fight­ing with the Ora­cle Direc­to­ry Serv­er 7 (DSEE7) on Solaris 10 update 9

After mov­ing our sec­ondary man­age­ment site (our team is split up into 2 dif­fer­ent loca­tions) to a new build­ing, we decid­ed to clean-up some things. One of those things involves mov­ing the LDAP to a dif­fer­ent machine (more or less a new serv­er for the new site, it is inde­pen­dent regard­ing LDAP/homes/… from the pri­ma­ry site). While I am at it, I take the oppor­tu­ni­ty to move from DSEE5 to DSEE7 (my pre­vi­ous post about the DSEE6 migra­tion was at the pri­ma­ry site). This time I took the pack­age dis­tri­b­u­tion instead of the zip dis­tri­b­u­tion (the main rea­son is that I can get patch-listings with an auto­mat­ic tool, and the sec­ondary man­age­ment site has no disaster-recovery require­ments for the appli­ca­tions… we just will set­up a new sec­ondary site some­where else if nec­es­sary).

Here my expe­ri­ences with the instal­la­tion instruc­tions of DSEE7.

  • The install instruc­tions refer to the web inter­face for the DSEE7 man­age­ment, but I have not seen some­thing which tells you first have to set­up an appli­ca­tion serv­er (this was bet­ter in the DSEE6 instruc­tions).
  • When using the Glass­fish appli­ca­tion serv­er which comes with Solaris 10 for the web inter­face, you will get an excep­tion after deploy­ing the dscc7.war, as it is using an out­dat­ed JVM. After some fight­ing and Googling, I found that I have to change the AS_JAVA val­ue in /usr/appserver/con­fig/asenv.conf to a more recent JVM as it is point­ing to the very out­dat­ed j2se 1.4.x. I point­ed it to /usr/java (which is a sym­link to the most recent ver­sion installed as a pack­age). Instead of the orig­i­nal excep­tion I got anoth­er one now (after a redi­rec­tion in the web-brows­er), some­thing that it can not find the AntMain class (Glass­fish uses ANT from /usr/sfw, this is the one which comes with Solaris 10 update 9). I tried with Java 5 instead of Java 6, but I get the same error. In the net there are some dis­cus­sions about such errors (it is even a FAQ at the ANT site), but this Glassfish/DSEE7 thing is a black box for me, so what am I sup­posed to do here (I do not want to put the sys­tem into an unof­fi­cial state by installing my own ANT for Glassfish/DSEE7)?
    It was not men­tioned in the Appen­dix of the DSEE7 install instruc­tions which explains how to install the .war in Glass­fish that you have to change to a more recent JVM, and I still fight with the AntMain prob­lem (hey Ora­cle, there is room for improve­ment in the prod­uct com­pat­i­bil­i­ty test­ing and doc­u­men­ta­tion ver­i­fi­ca­tion process).

I will update this post­ing when I make some advance­ments. For now I let the web inter­face in the bad state as it is and con­cen­trate on fin­ish­ing the LDAP move to the new sys­tem (installing an DSEE on a back­up sys­tem, con­fig­ur­ing repli­ca­tion, switch­ing the clients to them). The web inter­face is inde­pen­dent enough to han­dle it lat­er (hints wel­come, that is the main pur­pose why I write this pos­ing in the mid­dle of the work).

Send to Kin­dle

One-Time-Passwords for Horde/IMP?

I search a way to use one-time-pass­words for Horde/IMP on FreeB­SD. I do not want to use PAM (local users on the machine). Cur­rent­ly I use the authen­ti­ca­tion via IMAP4 (link between the IMAP4-server and post­fix via MySQL, to have the same PW for send­ing and receiv­ing), and I expect that not all users of Horde/IMP will use OTP if avail­able, so the prob­lem case is not that easy. I can imag­ine a solu­tion which tries to authen­ti­cate via OTP first, and if it suc­ceeds gets a pass­word for the login to the IMAP4 serv­er. If the OTP-auth fails, it could try the entered pass­word for the login to the IMAP4 serv­er. Migrat­ing exist­ing users to a new solu­tion can be done by telling them to enter the pass­word from the machine of the per­son doing the migra­tion. The solu­tion needs to auto­mat­i­cal­ly login to the IMAP4 serv­er, enter­ing a pass­word for the IMAP4 serv­er after the OTP-login to Horde is not an option.

Oh, yes, send­ing the pass­words over SSL is not an option (that is already the only way to login there). The goals are to have

  • an easy to remem­ber pass­word for an OTP app on the mobile to gen­er­ate the real pass­word
  • the pass­word expire fast, so that a stolen pass­word does not cause much harm
  • not the same login-password for dif­fer­ent ser­vices (mail-pw != jabber-pw != user-pw)
Send to Kin­dle

One-Time-Passwords for XMPP/Jabber?

I search a way to use one-time-pass­words for jabber/XMPP (ejab­berd) on FreeB­SD. I do not want to use PAM (local users on the machine). Cur­rent­ly I use the inter­nal authen­ti­ca­tion, and I expect that not all users of the jab­ber serv­er will use OTP if avail­able, so the prob­lem case is not that easy (migrat­ing exist­ing users to a new solu­tion can be done by chang­ing the pass­word myself and then telling them to change their pass­word, but there needs to be a way to let them change the non-OTP pass­word).

I assume that OTP is not fore­seen in the XMPP pro­to­col, so where could I ask to have some­thing like that con­sid­ered as an exten­sion (if such a place exists at all)?

Oh, yes, send­ing the pass­words over SSL is not an option (that is already the only way to login there). The goals are to have

  • an easy to remem­ber pass­word for an OTP app on the mobile to gen­er­ate the real pass­word
  • the pass­word expire fast, so that a stolen pass­word does not cause much harm
  • not the same login-password for dif­fer­ent ser­vices (mail-pw != jabber-pw != user-pw)
Send to Kin­dle

Silenc­ing a hair dry­er (and oth­er house­hold stuff)?

My wife used a hair dry­er this morn­ing. Nor­mal­ly this is noth­ing worth to blog about, but after a night with not so much sleep (my child is get­ting sev­er­al new teeth at once and I took care about it this night) the sound of the hair dry­er was a bit annoy­ing, even if I was already prepar­ing me to go to work too.

At this point I sud­den­ly noticed, that I can not remem­ber to have seen a com­mer­cial of a hair dry­er where a low noise sound pres­sure lev­el is one of the impor­tant fea­tures. I also can not remem­ber that some­one things that this shall be changed. This is strange.

There is a lot of move­ment to make cars more silent. There is a lot of move­ment to lim­it the sound pres­sure lev­el of portable music play­ers (those where the music is con­sumed the most with head­phones). There are rules about the sound pres­sure lev­el at work. There are com­mer­cials which focus on the lack of loud noise from the dish­wash­er or the wash­ing machine, but I can not remem­ber to have seen putting the noise lev­el of a hair dry­er, a mix­er, a vac­u­um or some­thing sim­i­lar as a major fea­ture against a com­pe­ti­tion into a com­mer­cial.

When we are a bit late to go to work, my wife is some­times using the air con­di­tion­ing of the car as a hair dry­er (we dri­ve togeth­er, so no dan­ger on the road), and this is pro­duc­ing enough air­flow to dry the hairs while still not being as loud as a hair dry­er. Yes, the air­flow gen­er­ates some noise which you can not pre­vent, and the fans are more far away from the ear than it is the case with a hair dry­er (and it is not a low-class car), but if I look at the noise lev­el of qui­et fans in a PC, I am sure that it is pos­si­ble to cut the noise pres­sure lev­el of a hair dry­er. No high-frequent noise from the motor of the fan and a blade and case design which pro­vides a good air­flow while reduc­ing airflow-noise is pos­si­ble.

As a hair dry­er is a device which is not far away from ears, I am sur­prised that there is not more inter­est (at least in var­i­ous tech­ni­cal standards-compliance def­i­n­i­tions and tests required by the gov­ern­ment) in this. Spe­cial­ly kids seem to agree that it is too loud.

Sim­i­lar for a vac­u­um.

And while we are at it, my moth­er is known to bake good cakes, she is bak­ing at least one cake per week and if there is some fes­tiv­i­ty (fam­i­ly, friends, neigh­bors) she is even bak­ing 5 – 6 cakes in a week. As such she is not using a cheap mix­er, she is using a qual­i­ty prod­uct with a sta­ble stand. Still, this device is mak­ing a lot of noise. A part of the noise is gen­er­at­ed by the motor (high fre­quen­cy, depends upon the speed of the mix­er) and if you real­ly want to speak about some­thing, you bet­ter go out of the kitchen.

I know, devices with a reduced noise lev­el a more expen­sive to cre­ate and build, but I can not real­ly believe that nobody would we will­ing to spend mon­ey for such a device. So, if you know a mar­ket­ing per­son of a man­u­fac­tur­er of such devices, please have a talk about a nice “our prod­uct is bet­ter than the one of the com­pe­ti­tion because it is more silent”-campaign with him/her.

Send to Kin­dle

No good heat reser­voir avail­able?

I was search­ing for a good heat reser­voir. Unfor­tu­nate­ly it seems that all on the marked are far from state of the art (they are prob­a­bly in their class, but see below).

Most of the devices use water to store the ener­gy. I found one (in Europe/Germany) which is using phase change tech­nol­o­gy instead of water to store more heat in the same stor­age place (but you need to ask how much it costs and how long they need to deliv­er, which prob­a­bly means that it is a lot more expen­sive (part­ly due to lim­it­ed amount of pro­duc­tion quan­ti­ty) than water based heat reser­voirs). I have read a lot about phase change mate­ri­als (PCM), and it seems there are dif­fer­ent kinds of sil­i­ca or wax (or oth­er mate­ri­als) which are bet­ter suit­ed to store heat ener­gy, but the only mass-market tech­nol­o­gy seems to be water based ones.

This looks strange to me. When I look at his­to­ry, oth­er mate­ri­als than water where already used a lot in the past (e.g. stones where heat­ed and then they were used in a press­ing iron or as some­thing which is replaced now by a hot-water bot­tle or an elec­tri­cal heat­ing cush­ion in the bed; yes, all this does not involve a change in the phys­i­cal state of the mate­r­i­al, but the point is that oth­er mate­ri­als than water where already used in the past), so I do not under­stand what is pre­vent­ing to let PCM based heat reser­voirs going main­stream.

Except for choos­ing the right PCM and obtain­ing it, it does not look hard to build such a heat reser­voir. You can add a heat-exchanger in the bot­tom and feed solar-power there for long-term heat­ing the PCM, anoth­er heat-exchanger at the top to heat the use-water and/or heating-water from the heat stored in the PCM, and a 3rd heat-exchanger (placed at the top too) which you con­nect to your central-heating if you need a lit­tle bit of quick short-term heat­ing of the PCM. I do not know if you need to add some  heat-layers (e.g. by putting a big cheat of a non-PCM mate­r­i­al between the long-term heat­ing part and the short-term heat­ing part), but  it should be easy to test if some­thing like this is ben­e­fi­cial or not. If you have a fire­place which you want to con­nect to the long-term heat­ing of the PCM, it may also be ben­e­fi­cial to have a 4th heat-exchanger togeth­er with the solar-one, but maybe there is anoth­er solu­tion to do this with the 3‑heat-exchangers-setup (I have not inves­ti­gat­ed this pos­si­bil­i­ty at all).

If some­one knows some inter­est­ing prod­ucts in Europe or has some help­ful infor­ma­tion (any­thing which can be inte­grat­ed into exist­ing heat­ing sys­tems with­out much ren­o­va­tion of a lot of rooms), please write a com­ment.

Send to Kin­dle