Setting up 389 Directory Server for Active Directory Sync

The official installation method is to added EPEL repository
http://fedoraproject.org/wiki/EPEL

Then you can yum install 389-ds then you can run setup-ds-admin.pl then you can start dirsrv and dirsrv-admin services

Follow this link and you will be able to finish it. Viewing the official manual consumes too much time.
http://www.linuxmail.info/category/389-directory-server/

Some notes here:
1) If you only sync From AD (Active Directory) to DS (Directory Server), then the sync account in AD no need to be in Admin group. It can be an ordinary user with “replicate directory change” permission. This permission can be set by using “delegate control” in “AD user and computer”.

2) If you need to further sync from DS to other DS, you need to choose “Single Master” in the sync agreement. Otherwise, you can only initialize the second DS but no further replication will occur. It will say No replication since the server started.

3) Pay attention to the user names. In DS, use uid=xxx,dc=domain,dc=local but in AD they use cn=xxx,dc=domain,dc=local.

4) If you use your own CA, then you need to import your CA cert to 4 places:
4a) The truststore of DS.
4b) The truststore of DS-admin.
4c) The trusted root certificate of local computer in Domain Controllers.
4d) The trust store in the PassSync program folder in Domain Controller.

5) In Windows server 2008 R2, you need to open an administrator command prompt to run the passsync setup program.

6) To configure oneway sync, you need to add an attribute to the sync agreement. You can do it by browser the DS directory, in the config subtree. You can find your created sync agreement there.
http://directory.fedoraproject.org/wiki/One_Way_Active_Directory_Sync

7) To troubleshoot, there is a very good tool called ldp.exe released by microsoft in its Windows server 2003 support tool.. Yes, 2003… but it can run on Windows 2008 R2. Just download the whole package from the link below and extract only ldp.exe to your server. Life will suddenly become easier.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90&DisplayLang=en

加油。。。

Convert Windows Vmware server 2.0.2 to KVM (Ubuntu)

Convert Windows Vmware server 2.0.2 to KVM (Ubuntu)

Be reminded that, KVM does not support Windows 98 / Windows ME well. If you have such guest, then you may need to consider something other than KVM.
If you are the first time, then you better have both the Windows host and the Linux host running… Don’t try to destroy the Windows and install the Linux on it then pray for success.
If your CPU does not have virtualization support, you better use VMware.

In Windows Host, explore to the folder containing the VM guest you want to convert.
pay attention to the virtual hard disk (vmdk) files. If you have some files name ending with numbers… e.g. winxp-00001.vmdk , winxp-00002.vmdk. Then you need to combine the files using vmware-vdiskmanager.exe. By default, it is in Program files\Vmware\ folder.
the command looks like
vmware-vdiskmanager -r winxp.vmdk -t 0 winxpbig.vmdk
or
vmware-vdiskmanager -r winxp.vmdk -t 2 winxpbig.vmdk

The -t 0 switch will create a resultant file that consist of only used space while -t 2 will produce a file consist of the whole image size.
Some says -t 0 failed, you can try -t 2.

For Windows guest, you need to do more things. Otherwise, You may receive a Stop 0x0000007B error after you move the Windows XP.
After combining the files, you can now change the guest’s disk to the combined one and boot it from Windows host to do the following steps.
1) In Windows guest, run mergeide.reg from http://support.microsoft.com/kb/314082 you also need to copy some files to system32\drivers folder. see the link.
2) In Windows guest, remove vmware tool
3) shutdown the guest

Now, you are ready to transfer the vmdk file to your linux machine…
If you do not have large enough portable device, then installing filezilla ftp server is a good way to transfer files. http://filezilla.sf.net
The files need to transfer are *.vmdk and *.vmx. And it is no harm to transfer everything if you have enough space. It is good to keep one virtual machine in one folder.

In the linux host part:
1) get Ubuntu and set it up. (http://www.ubuntu.com) you can choose VM host function.
2) install other useful things
sudo apt-get install virt-goodies qemu-kvm kvm libvirt-bin bridge-utils virt-top kvm-pxe
3) setup bridge network
3a) edit (vi) /etc/network/interfaces
3b) The address below should match your internal subnet.
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
address 192.168.11.3
network 192.168.11.0
netmask 255.255.255.0
broadcast 192.168.11.255
gateway 192.168.11.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0

3c) restart network sudo /etc/init.d/networking restart, then you should have a bridge network ready to use. you can verify it by the command ifconfig .
4) convert vmware config files (*.vmx) to libvirt XML config file. You need to have virt-goodies installed in the previous step to use vmware2libvirt.
4a) vmware2libvirt -f winxp.vmx > winxp.xml
5) life is not perfect and so does vmware2libvirt.. you need to modify the XML to make it work. otherwise, you will receive not bootable device or no boot device error.
5a) you need to add a driver tag inside the disk tag
<driver name=’qemu’ type=’vmdk’/>

5b) For windows guest you need to use localtime clock.
<clock offset=’localtime’/>
5c) change the type to bridge in interface tag and change network=’eth0′ to bridge=’br0′ in the source tag.
<interface type=’bridge’>

<source bridge=’br0’/>

</interface>

then you can define your virtual machine config to qemu using libvirt and start it.
sudo virsh -c qemu:///system define winxp.xml
sudo virsh start winxp <— please refer to your name tag in the xml file.

If it can boot, then you can convert the vmdk hdd to qemu’s native type qcow2.
Remembert to shutdown your guest first!!!

qemu-img convert winxp.vmdk -O qcow2 winxp.qcow2
* -O is a capital letter O not a zero

after converting the image, you need to tell libvirt to use it.
you can edit the xml file then undefine the vm and then define it again.
Or directly edit the config file.
sudo virsh edit winxp
change the driver type from vmdk to qcow2
change source file to the converted file.
<driver name=’qemu’ type=’qcow2’/>
<source file=’/your_virtual_disk_location/winxp.qcow2’/>

next, we can change to use virtio driver. kvm web site says that it will increase performance a lot.
But many people find no much differece…

Fedora commons installation

For version Fedora Commons 3.4.2 on CentOS 5.5 and possibly 5.6

Official Documentation
https://wiki.duraspace.org/display/FCR30/Fedora+Repository+3.4.2+Documentation

/usr/local/fedora/tomcat/logs/catalina.out
is a good place to view error message.

== installation
Follow this guide
https://wiki.duraspace.org/display/FCR30/Installation+and+Configuration+Guide
To install jdk
yum install java-1.6.0-openjdk

To add environment variable use the following commands
export FEDORA_HOME=”/usr/local/fedora”
export JAVA_HOME=”/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre”
export JAVA_OPTS=”-Djavax.net.ssl.trustStore=$FEDORA_HOME/server/truststore -Djavax.net.ssl.trustStorePassword=changeme”

To make env var appear when startup, create a file called fedoracommons.sh in /etc/profiles.d and put the commands above in to that file.

If only for testing purpose, Do NOT use SSL. It is complicated… To config SSL please see below.

== replication
Please config journaling first…

== enable journaling
https://wiki.duraspace.org/display/FCR30/Journaling
The page contains many old setting syntax.
If you copy and paste, you will see
“fedora.server.management.ManagementModule” could not be found
“fedora.server.journal.Journaler” could not be found
This problem consumed me 3 days…
For every occurance of fedora.server.management.Management or similar, change it to org.fcrepo.server.management.Management
In other word, replace fedora to org.fcrepo
You also need to create the folders
mkdir /usr/local/ndr-content
mkdir /usr/local/ndr-content/journals
mkdir /usr/local/ndr-content/journals/journalFiles
mkdir /usr/local/ndr-content/journals/archiveFiles

For Fedora Commons version 3.4 running in Linux… The Journal receiver can run and everything looks normally when start up but just no file is writing to the journal folder. This can cause error if you maark the follower server crucial.

Finally.. figured out that need to add -Djava.rmi.server.hostname=192.168.11.11 to the command to start journal receiver.

java -Djava.rmi.server.hostname=192.168.11.11 -jar fcrepo-server-3.4-rmi-journal-recv.jar “/usr/local/ndr-content/journals/journalFiles”

 

develop with cakephp and eclipse in Windows

if you do not have apache php mysql in your computer, download one from somewhere.

download xampp from http://www.apachefriends.org/en/xampp-windows.html

you may need to set memory_limit=256M or more

download cakephp from http://cakephp.org/

my version is 1.3.8
extract to local web server root, for example: E:\zwamp\vdrive\web\cakephp
you will have “app” and “cake” and other cakephp folders in this folder.

if you need to use bake, you need to config environment variables. see the link below if you don’t know how.
http://tv.cakephp.org/video/gwoo/2010/12/24/setting_up_the_cakephp_console_on_windows

Add environment variables
E:\xampp\php;E:\xampp\htdocs\cakephp\cake\console

Important!! to run bake, your eclipse workspace is better in the same drive as xampp.
Download eclipse
http://www.eclipse.org/ choose download, choose Eclipse for PHP
extract to somewhere, for example: E:\eclipse

launch eclipse by clicking E:\eclipse\eclipse.exe
when being asked, choose E:\xampp\htdocs\ as your workspace

In eclipse, choose file -> new -> PHP Project.
In project name, type cakephp. If you want another name, you need to change file folder name that you extracted cakephp as well.

Note that, if you choose “Create project at existing location”, you will receive an error saying “cannot create project content in workspace”.
You can now start using cake php in eclipse.

To make eclipse recognize cakephp template files, go to Window -> Preferences -> General -> content Types -> Text -> PHP Content type -> Add, then add *.ctp.

To run bake, add a external command and use the settings similar to below:

Location: E:\xampp\htdocs\cakephp\cake\console\cake.bat
Working Directory: ${project_loc}/app
Arguments: bake

Some says it can autocomplete views but it does not work for me…
http://bakery.cakephp.org/articles/gravyface/2009/07/23/how-to-add-autocomplete-to-eclipse-aptana
add cake/tests/cases/libs to exclude pattern
There is a good manual in cakephp site but it is for Ubuntu. Some of them can also apply to Windows.
http://bakery.cakephp.org/articles/rynop/2010/11/11/howto_setup_eclipse_3_6_to_get_the_most_out_of_cakephp_1_3_development

Convert Xen guest to KVM guest using Centos 5.5 in the same machine

Convert Xen guest to KVM guest using Centos 5.5 in the same machine

Suddenly have chance to do the migration…  and virt-v2v version 0.4.0 and 0.4.10 for CentOS do not work.
The key to manual convert is to include virtio_blk into initrd, otherwise, you will see the errors:
Volume group “VolGroup00” not found
Unable to access resume device ( /dev/VolGroup00/LogVol01 )
Mount: could not find filesystem /dev/root

In all guests (DomU) install the normal kernel
yum install kernel
set the normal kernel as the default boot kernel, by editing /boot/grub/menu.lst
set default=X, where X is an integer of the position of normal kernel
edit /boot/grub/devices.map
change /dev/hda  to /dev/vda
use mkinitrd to add virtio_blk to initrd
cd /boot
mv initrd-2.6.18-194.26.1.el5.img initrd-2.6.18-194.26.1.el5.img.bak
mkinitrd -f –with=virtio_blk –with=virtio_pci –builtin=xenblk initrd-2.6.18-194.26.1.el5.img 2.6.18-194.26.1.el5
( you have to match your kernel version number)
copy down your mac address in the file /etc/sysconfig/network-script/ifcfg-eth0
add virtio_blk to /etc/modprobe.conf
alias scsi_hostadapter1 virtio_blk
Power off all guests (DomU)
You need not to boot it from Xen anymore.

In the host (Dom0), install the normal kernel and kvm
yum install kernel kvm kvm-tools kmod-kvm kvm-qemu-img bridge-utils
Stop xend and xendomains
chkconfig – -levels 2345 xend off
chkconfig – -levels 2345 xendomains off
set the kernel as the default kernel, by editing /boot/grub/menu.lst
//add bridge network interface br0
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br0
ifcfg-eth0 need only 4 lines
DEVICE=eth0
HWADDR=0a:1b:2c:3d:4e:5f
BRIDGE=br0
ONBOOT=yes

Ifcfg-br0 need the following lines. Replace with your IP.
DEVICE=br0
BOOTPROTO=static
BROADCAST=192.168.x.255
IPADDR=192.168.x.y
NETMASK=255.255.255.0
NETWORK=192.168.x.0
ONBOOT=yes
TYPE=Bridge

service network restart

reboot the host (Dom0)
start virtual machine manager (virt-manager)
click file -> add connection
choose qemu as hypervisor, local as connection then click connect
You will now have a new tree of virtual machines.
Add a new virtual machine in the qemu tree
Choose whatever ISO file as the install media (will not actually install anything…)
Choose a very small harddisk image. By default, it will be in /var/lib/libvirt/images/your_image_name.img
Choose a suitable network, br0 in our case.
If you have recorded your guest mac address, you can paste here, otherwise, we will do it later by editing the config file /etc/libvirt/qemu/your_guest_name.xml .
Force off the newly created guest.
Copy your Xen harddisk file to replace the newly created one. By default, you can find it in /var/lib/xen/images/your_xen_DomU_guest_name.img
cp /var/lib/xen/images/Xen_hdd_file.img /var/lib/libvirt/images/your_image_name.img

Boot into guest.
Then we need to re-enable eth0 on the guest
mv /etc/sysconfig/network-scripts/ifcfg-eth0.bak /etc/sysconfig/network-scripts/ifcfg-eth0
service network restart
We are done.

For some case, if you forgot do something in the guest, you can use kpartx to help you instead of booting back to Xen kernel.
//mount the hdd image file
cd /var/lib/libvirt/images
kpartx -a your_image_name.img
vgchange –ay VolGroup00
cd /mnt
mkdir ddd
mount /dev/mapper/VolGroup00-LogVol00 /mnt/ddd
mount /dev/mapper/loop0p1 /mnt/ddd/boot
mount –bind /sys /mnt/ddd/sys
mount –bind /dev /mnt/ddd/dev
mount –bind /proc /mnt/ddd/proc
chroot /mnt/ddd
cd boot
mv initrd-2.6.18-194.26.1.el5.img initrd-2.6.18-194.26.1.el5.img.bak
mkinitrd -f –with=virtio_blk –with=virtio_pci –builtin=xenblk initrd-2.6.18-194.26.1.el5.img 2.6.18-194.26.1.el5
( you have to match your kernel version number)
exit chroot mode
exit
umount /mnt/ddd/sys
umount /mnt/ddd/dev
umount /mnt/ddd/proc
umount /mnt/ddd/boot
umount /mnt/ddd
vgchange –an VolGroup00
cd /var/lib/libvirt/images
kpartx -d your_image_name.img