Posts Tagged ‘howto’

Adding a Custom LDAP Schema to Open Directory on 10.5+

Published January 15th, 2010.

Open Directory is a key component of Mac OS X Server. It consists of OpenLDAP, MIT Kerberos, Password Server and a tool chain that enables GUI administration. Sadly, adding new ldap schemas to the directory server is not documented in the advanced administration guides and you have to tinker with the command line tools. I could not find any good documentation how you to add a custom LDAP schema, so I’ll show my solution here.

Mac OS X Server 10.5 ships with OpenLDAP 2.3. This release supports run-time configuration, which means that the LDAP schemas are stored within the directory server and you cannot simply put your new schema file in /etc/openldap/schema/; you have to convert it to an LDIF file and load this into the directory itself. This can be done during run-time but it breaks replication if you do so. So, instead you have to create a proper old-style config and run a manual conversion to the new run-time config.

To do so, you need to place the new schema file in /etc/openldap/schema/some-new.schema. This directory is copied  to new replicas when you join them, so you won’t break the Apple tool chain. Then, you need to include the new schema file from /etc/openldap/slapd.conf; this has no direct effect but slaptest(1) uses this to re-create the run-time config. Finally, convert the old-style config to a new run-time config using slaptest(1) like “slaptest -f slapd.conf -F slapd.d” and restart slapd:

cd /etc/openldap
cp some-new.schema schema/
cat >> slapd.conf <<HERE
include /etc/openldap/schema/some-new.schema
HERE
mv slapd.d slapd.d_bak
slaptest -f slapd.conf -F slapd.d
launchctl unload /System/Library/LaunchDaemons/org.openldap.slapd.plist
launchctl load /System/Library/LaunchDaemons/org.openldap.slapd.plist

Beware: we are deleting the old run-time config here and create a new one from the static config. If you have changed the config without adopting the old-style config, you might loose modifications. So, check twice if all required schemas are included from slapd.conf. AFAIK, Kerio Mailserver is troublesome here as it is not adding the include lines to slapd.conf. Though, thise procedure is exactly what the Apple tool chain does on replication and I suggest you do it exactly this way. Good luck!

Tags: , , , , , ,
Posted in Uncategorized | Comments

Exploiting Python’s Class Dispatcher

Published May 16th, 2008.

In object oriented programming, the class dispatcher is a built-in function that looks up member functions and executes them in the context of a given class. In Python, those lookups are conducted dynamically, enabling one to modify the behaviour of a class without the need of subclassing. Here are some unusual but yet useful examples.

# class-based programming style
class Foo:
    pass

class Bar(Foo):
    def bar(self):
        print "bar"

bar = Bar()

bar.bar() # prints "bar"

So what? If you write all code on your own, you are fine. You can subclass Foo and invoke all methods from the new class Bar. But what, if the instantiation is done in code sections that you cannot modify? Imagine you are writing a plugin and you do not want to touch the code of others. They decided to instantiate Foo and you do not want to change this, nor you want to change Foo.

# prototype-based programming style
class Foo:
    pass

foo = Foo()

def bar(self):
    print "bar"

foo.__class__.bar = bar

foo.bar() # prints "bar"

This second example shows how to “inject” a method into an already instantiated object. In fact, this works because Python uses dynamic delegation. Objects and classes are inspected at runtime and so, the dispatcher finds attributes even if they are added after object instantiation.

Tags: , , , , ,
Posted in Uncategorized | Comments

Groupwise on SLES9

Published July 5th, 2006, updated February 21st, 2008.

Preface

Here are some short notes on the installation of GroupWise 7.0 Web Access on SUSE Linux Enterprise Server 9 (SLES9). The setup consists of a NetWare/Groupwise server that holds the web access agent and a Linux box that runs the web application (a Tomcat container).

Installation

  • get the installation files from the GroupWise 7 Linux CDs (gw700lnx.iso) and make them accessible, say in /tmp/gw700lnx/
  • locate and install the WebAccess RPM, “rpm -ivh novell-groupwise-webaccess-7.0-20050803.i386.rpm”
  • copy the GroupWise directory holding your domain directory from yout NetWare box to some local directory; you’ll need at least your wpdomain.db in, say /tmp/gwweb-root/
  • install Apache2, Tomcat5, J2EE and the “apache2-jakarta-tomcat-connectors” RPMs from the SLES9 installation media
  • ensure that Apache2 runs with Jakarta (mod_jk)
  • run ./install from the GroupWise 7 Linux CDs (/tmp/gw700lnx/install); you’ll need an X server
    • enter your settings, using the local domain directory (/tmp/gwweb-root/)
    • if it crashes during LDAP browsing, enter the values without browsing
    • this creates the essential file /opt/novell/groupwise/webaccess/commgr.cfg
    • and it copies the defaults from /opt/novell/groupwise/webaccess/default to the same directory

Apache Configuration

(assuming /etc/apache2/ as current working directory)

  • add these lines to your webserver’s config (vhosts.d/something.conf), they will include the Novell configuration file: 
    <ifmodule mod_jk.c>
    Include /etc/opt/novell/gw/gw.conf
</ifmodule>

Tomcat Configuration

(assuming /usr/share/tomcat/ as current working directory)

  • chmod /opt/novell/groupwise/webaccess/commgr.cfg so that it is readable to Tomcat
  • symlink /var/opt/novell/gw/ to ./webapps/gw, so that Tomcat finds the webapplication

Testing

  • start Tomcat and Apache
  • try to login at http://localhost/gw/
  • check the logs of the involved applications, Tomcat/Catalina (/usr/share/tomcat/logs/), Apache (/var/log/apache2/) and GWWA (/opt/novell/groupwise/webaccess/logs/); when you find the compile error in GWWA’s logs reporting that “draftfldrsel.inc” cannot be found, ignore this (it is at least not the reason why the web application hangs)

Tags: , , , ,
Posted in Uncategorized | Comments