We -as a country- are no longer to be trusted?

Who Do You Trust? As legislation changed, Mozilla filed a bug with potential serious consequences. Check out bug 1408647. Removing the root certificate as trusted authority makes it look asif any certificate, issued by any of the Dutch PKI organizations, is potential unsafe. Which is correct, to a point, as the law allows the use of false keys by the Ducth autorities. Creepy. That makes the

MS Windows 10 Creators Update

It failed. Again. As it has done since august. It has not improved. It's defenitely back to the 1.0 version - no, not a typo. Seach the web for Win 10 upgrade 1703 failed, and will will be greeted with almost half a million hits. MS: get your act together! How about a course "Programming C for beginners"?!? There is NO NEED to reboot more than once (and not even that, actually), and once

Nextcloud configuration

Nextcloud configuration issues on Debian 9 Stretch In an attempt to get email and storage fixed, I am trying to get dovecot, postfix and nextcloud to integrate. With varying levels of success - what else is new? Anyway, nextcloud greets with the fact I do not have OPcache enabled, and I should add to php.ini. WRONG NOT php.ini So, I did... I added opcache.enable=1 opcache.enable_cli=1

Debian Stretch and opendkim: connection refused, no listener at port 8891

Debian stretch opendkim behaviour changed opendkim fails to sign! In a nutshell... if you face this: postfix/submission/smtpd[17385]: warning: connect to Milter service inet:localhost:8891: Connection refused and you cannot find a listener process at port 8891: netstat -nltp | grep 8891 returns nothing, and you find this in the /var/log/mail.log: opendkim[18055]: OpenDKIM Filter v2.11.0

Storage Server: datasets, snapshots and performance

Storage Server: datasets, snapshots and performance This is a long post, but with lots of pictures. Kind of a management overview ;) Datasets and snapshots Datasets As may have become clear from a previous post, I have one volume, with a (a -to date- single) dataset (ds1). This was not the result of experience, of deep thought, it was just copied from Benjamin Bryan who did an entry on ZFS

Storage Server: FreeNAS: use your SSD efficiently

FreeNAS: use your SSD efficiently ZIL and Cache Not open for discussion; I think it is a complete waste of resources to use a 120, or 250GB SSD for logs, let alone cache, as FreeNAS will (and should!) use RAM for that. So, I searched and found a way to create two partitions on a single SSD, and expose these as ZIL (ZFS Intended Log) and cache to the pool.Mind you - there (more...)

Storage Server: Software – FreeNAS

Software: FreeNAS All hardware has been implemented, all 13 harddisks and one SSD are connected, serial numbers, as well as physical, and logical locations noted. Cramming 4 2.5" disks in the CD bay Time to add some software. I will install the latest and the greatest(?) FreeNAS software, V11. Installation The installation, due to IPMI being capable of mounting remote images, is a

Asrock E3C224DI-14S IPMI not reachable

Documentation missing There's definately some documentation missing on the IPMI settings. I managed to lock myself out of the IPMI (also know as 'Integrated Light Out', or ILO) management interface. Not sure how I managed to do that, but in the quest to find out how to restore devine powers, I noticed quite a lot of people suffered from this. And, the solution is quite simple, when you know

Storage Server: Firmware

Firmware The first thing to do, in order to get any software RAID program to run, is to flash the controller out of RAID mode. Only then all of the disks will be seen as just a bunch of disks - nothing else. JBOD that is, for short. The board I have, comes with a LSI SAS2308 controller, to with I want to connect 12 SATA drives using three SAS-to-SATA breakout cables. Drivers There are

Things to do after you cloned a Virtual Machine

Clean up a cloned VM After you made a clone of your (base) VM, you will need to do some stuff. MAC-address First of all, I suspect you have a different MAC-address than the original machine. VMWare does that, as long as you have your MAC address assigned automatically. VirtualBox will ask you whether to re-initialize the MAC-address while cloning. The problem is the udev process, responsable

Now, here’s an idea…

Gaining control Or rather - regaining control. Over my own data, and what's done with it. Currently, I use several services, of which I know they are monitored. Several of these services fall under US legislation, although I'm not a US citizen. This allows several agencies to go through my documents, email and other stuff, whether I like that or not (I do not). Of course, for some of this, I

Stroage server

Storage server Hardware Aiming at 2 VDEVs of 5 or 6 disks each, I'd need a motherboard capable of running 12 disks.I used a SuperMicro board in the ESXi build, mainly because virtualization using bare metal hypervisors was quite new to me. However, these boards have quite a steep price. There's a new motherboard by SuperMicro, that screams NAS, but that has not yet hit the shops. So, I

OAM PS3 State-of-the-art

An attempt to run OAM 11G Release 2 PS3 on Oracle Linux 6.7, WLS 12C, RDBMS 12C. Install Linux Pretty straightforward. Used Oracle 6.7, as 7 is not certified. Create a 200MB /boot, and an LVM for /, both ext4. Install just the server. Deselect *all* options, just X system and X legacy support (the OUI needs it). Some 566 packages will get installed. Make sure it boots, and the network starts.

OAM PS3 – continued

Allow auto start (production mode) for your scripts: cd /oracle/user_projects/domains/oam_domain/servers mkdir -p oam_server1/security mkdir -p omsm_server1/security mkdir -p oam_policy_mgr1/security vi oam_server1/security/boot.properties cp oam_server1/security/boot.properties omsm_server1/security/ cp oam_server1/security/boot.properties oam_policy_mgr1/security/ You can now use command line

refhost.xml kludge is fixed

No More missing packages I wrote several times about manually editing refhost.xml. There's not need for it, just apply Patch 18231786.

Wrong Java version on Unified Directory Server

Wrong version Java After losing the battle with the OS guys for control over java, I keep stumbling upon environments that have wrong java versions due to the fact java is installed in /usr/java, or /usr/bin.In such cases, this is the result:which java /usr/bin/java As I do not have control over /usr/bin, I install java in /oracle/middleware/java, so I would like which java /oracle/middleware/

OAM PS3

Identity and Access Management Patch Set 3 It has been launched last week. I have seen it in March, during a partner event in Paris, and there are quite a few changes and improvements to get exited about. Install over previous (not upgrade) I cloned my PS2 OAM machine, and the plan is to get PS3 running asap. So, I fire up the V11.1.1.9 RCU, and drop the existing schemas. Next, rerun (more...)

Access Denied – Access to administration console is restricted

Access Denied - Access to administration console is restricted. Ran into it, today. Again. This time, I'll make a proper blog entry, not like this one... This time, I actually did follow my own advice, but for the fact, I now am working in a multi-homed WebLogic environment - I simply pasted the wrong WLS home...

Retrieving OAM keystore password

How to retrieve the password of OAM keystore If you ever need it; the password of the default OAM keystore password (which is generated) can be retrieved using: cd /oracle/middleware/oracle_common/common/bin ./wlst.sh connect(); domainRuntime() listCred(map="OAM_STORE",key="jks") Would you like to change it, use resetKeystorePassword()

BEA-090898 during PlugIn activation in clusters

Be Secure I did not mention it in my not so "OAM-in-a-day" entry, but when you run a clustered environment, make sure to set the "Secure" flag on the AdminServer and Managed Server configuration screens. It does have more impact that setting the "Use JSSE" flag on the SSL/Advanced section of the Weblogic console, but when you failed to do so, that's one place to correct it. Why? No particular