Dec 16, 2009

Oracle Metalink: User experience (Error #1095 ;-)

Today i logged into metalink - ups - into support.oracle.com. The new interface with Adobe flash is really nice. Three months ago i had problems in viewing service requests, so i decided to stay with the old metalink interface (take a look at my posting).
Now i have to work with the new interface. This worked but more then 20 times i got the following error message:

I queried metalink itself for this error - nothing.
I queried google: and there i found a very nice page:
(Before following the link, read to the end!!!)
http://blogs.oracle.com/Support/2009/11/top_issues_for_my_oracle_suppo.html
The posting at this link is nice but you should read the COMMENTS!!
Here a best of:

Here's my saga:
- Did everything as requested and on time (well before time) by tying my MetaLink account with Oracle SSO
- It stopped working promptly with the cutover with 'Account setup in progres ...' error.
- Had a colleage open an SR (strike 1) which was promptly closed by support without resolving the issue.
- Had my colleage open yet another SR (strike 2) which was promptly closed by support without resolving the issue
- My colleage called in the problem (strike 3) and of course support didn't resolve the problem.
- Many days pass by and yesterday I called it in (strike 4) and I was told to re-register. Didn't work as expected.
- Sent email to our customer rep in disgust
- Finally able to login this morning and what do you know they lost all my CSIs associated with the account.
- Call support again to have the CSI issue resolved again.
- I've many CSIs associated with my account (some of which I'm the admin) and was flooded with email (add/approve/... requests).
- A total of 9 days without access to the Support site; not that I needed to create any SRs.
- I was surprised to discover how much I depend on the Support site on a routine basis.

or
So, Oracle Support has
1.) intentionally decided to choose a competitors product to build their new front end (thereby declaring their own software products are inferior for the task),
2.) made themselves completely dependant upon a competitors ability (and/or desire) to quickly fix security and/or compatibility problems,
3.) wound up ignoring the largest installed base of browser on the web
4.) created a HTML version of the support site (to replace a version that was working fine, built with an Oracle product) that isn't supported!!!!!

or
My Oracle Support Services Error:
A server connection error occurred.
You cannot continue.
Please try again later.

or

Collection of exotic fly-by error messages we are receiving

"Unable to perform "" operation due to the following error: "BusinessException thrown from ReOpen First Step : updateSR() at 2009-12-02 14:59:12.488 CST"."

"Service Error: sr/home: javax.xml.rpc.soap.SOAPFaultException: Cannot perform client request"

"Error #1095"

"Error #1088"

And last but not the least - the neat and deadly
"Exception raised"

or
It would be nice to have an official admission by Support that says:

"Yes. We screwed up in a big way. We realize that out support system is in complete disarray. Here are the things that we know are completely and unacceptably messed up and here are the current statuses and what is being done."

or ....
Enjoy ;-) and remember Things can only get better!

Dec 13, 2009

Twitter: First Contact...

After all this articles about twitter, i decided to create a account on twitter and to take a look at this new, so called real-time internet.
OK, creating an account is very easy and after that, you can login and see something like this:

Hmmm...
So what about following someone? In the magazine of the GI i read, that the Tower Bridge in London is twittering its status. So i searched for this bridge and here we go:

This was easy, but not really helpful ;-). So what about some further searches e.g. Oracle:

???
This is not really what i expected.
So let's do my first tweet(?):

Without any follower this does not really look good ;-(
After that i did a search for "dietrich schroff". This gave the following result:

Yippie! My blog postings are already in the real-time internet via blog aggregators....
[Does anybody know some good tweets to follow?]


Dec 8, 2009

Chrome beta for Linux

Today i downloaded google's browser chrome for Linux. It is available via this link.
I chose

The size of the debian package is 12MB:
-rw-r--r-- 1 schroff schroff 12M 8. Dez 20:17 /tmp/google-chrome-beta_current_i386.deb
I tried dpgk -i google-chrome-beta_current_i386.deb but this did not work:
dpkg: Abhängigkeitsprobleme verhindern Konfiguration von google-chrome-beta:
google-chrome-beta hängt ab von xdg-utils (>= 1.0.1); aber:
Paket xdg-utils ist nicht installiert.
Ok. Not really a big problem. Just add this packages: apt-get install xdg-utils. After that the installation succeded.
But how to start chrome?
There is no binary named chrome, but a the package name gives a hint:
/usr/bin/X11/google-chrome
While installation, there following is happening:
  1. an entry in /etc/cron.daily is added.
    # This script is part of the google-chrome package.
    #
    # It creates the repository configuration file for package updates, and it
    # monitors that config to see if it has been disabled by the overly aggressive
    # distro upgrade process (e.g. intrepid -> jaunty). When this situation is
    # detected, the respository will be re-enabled. If the respository is disabled
    # for any other reason, the config file won't be changed.
    #
    # This functionality can be controlled by creating the $DEFAULTS_FILE and
    # setting "repo_add_once" and/or "repo_reenable_on_distupgrade" to "true" or
    # "false" as desired. An empty $DEFAULTS_FILE is the same as setting both values
    # to "false".
  2. in /opt/google/chrome some files are added (product_logo*png, locales
  3. in /usr/share something in gnome-control-center, menu and man
  4. a link in /usr/bin and /usr/bin/X11 to /opt/google/chrome/google-chrome
After that i started chrome. The first dailog was:

The import from firefox failed, because i did not stop firefox and then:

Faster rendering of webpages is promotoed as one of the advantages of chrome. So i tried www.faz.de:
  • Firefox: 14s
  • Chrome: 14s
But this is not really a benchmark ;-)


Oct 31, 2009

Password policies: enforcing digits/uppercase letters using pam-config

Since my last posting about password policies on debian, i got several mails with the following question:
How to configure pluggable authentication modules (pam) with the command pam-config?
This is neccesary because some linux distributions add the following header on all files inside /etc/pam.d/:
# This file is autogenerated by pam-config. All changes
# will be overwritten.
Running pam-config --help shows 155 lines. For newbies this is completely unreadable. Querying the net with google gives the manpage but no examples...
So let's start.
To get the actual password check method run the following command:
# pam-config -q --pwcheck
password: nullok cracklib
This was easy. So just add am ucredit-rule:
# pam-config -a --cracklib-ucredit=-2 --cracklib
INFO: pam_pwcheck.so und pam_cracklib.so aktiviert,
INFO: nur pam_pwcheck.so mit aktivierter Cracklib-Unterstützung wird benutzt.
Hmm. pwcheck has to be removed. Not really difficult:
# pam-config -d --pwcheck
After that, retry  the command with ucredit:
# pam-config -a --cracklib-ucredit=-2 --cracklib
And how can you check, that it has really worked?
# pam-config -q --cracklib
password: ucredit=-2
Here the complete reference of pam-config:
 # pam-config --help
Anwendung: pam-config -a|-c|-d [...]
pam-config - Erstelle PAM-Konfigurationsdateien.

  -a, --add         Füge Optionen/PAM-Module hinzu.
  -c, --create      Erstelle neue Konfiguration.
  -d, --delete      Entferne Optionen/PAM-Module.
      --confdir     Benutze ein benutzerdefiniertes Konfigurations-Verzeichnis
      --initialize  Konvertiere alte Konfiguration and erstelle neue.
      --service config  Dienst zum modifizieren der Konfiguration von
      --update      Lese momentane Konfiguration und schreibe sie neu
  -q, --query       Anfrage für installierte Module und Optionen
      --list-modules Zeige alle unterstützten Module
      --help        Gibt diese Hilfeliste aus
  -u, --usage       Gibt eine kurze Gebrauchsanweisung aus
  -v, --version     Ausgabe der Programmversion

Globale Modul-Optionen:
      Die globalen Module werden eingesetzt in die
      common-{account,auth,password,session}-Dateien, welche in den einzelnen
      Dateien der Dienste beinhaltet sind.
   --apparmor
   --apparmor-debug
   --ccreds
   --cracklib
   --cracklib-debug
   --cracklib-type=<value>
   --cracklib-retry=<value>
   --cracklib-difok=<value>
   --cracklib-difignore=<value>
   --cracklib-minlen=<value>
   --cracklib-dcredit=<value>
   --cracklib-ucredit=<value>
   --cracklib-lcredit=<value>
   --cracklib-ocredit=<value>
   --cracklib-minclass=<value>
   --cracklib-dictpath=<value>
   --env
   --env-debug
   --env-conffile=<value>
   --env-envfile=<value>
   --env-readenv=<value>
   --fp
   --fp-debug
   --gnome_keyring
   --gnome_keyring-auto_start
   --gnome_keyring-auto_start_if=<value>
   --group
   --krb5
   --krb5-debug
   --krb5-ignore_unknown_principals
   --krb5-minimum_uid=<value>
   --ldap
   --ldap-debug
   --limits
   --limits-debug
   --limits-change_uid
   --limits-utmp_early
   --limits-conf=<value>
   --localuser
   --localuser-debug
   --localuser-file=<value>
   --make
   --make-debug
   --make-nosetuid
   --make-make=<value>
   --make-log=<value>
   --make-option=<value>
   --mkhomedir
   --mkhomedir-debug
   --mkhomedir-silent
   --mkhomedir-umask=<value>
   --mkhomedir-skel=<value>
   --nam
   --pkcs11
   --pkcs11-debug
   --pkcs11-configfile=<value>
   --pwcheck
   --pwcheck-debug
   --pwcheck-nullok
   --pwcheck-cracklib
   --pwcheck-no_obscure_checks
   --pwcheck-enforce_for_root
   --pwcheck-cracklib_path=<value>
   --pwcheck-maxlen=<value>
   --pwcheck-minlen=<value>
   --pwcheck-tries=<value>
   --pwcheck-remember=<value>
   --pwhistory
   --pwhistory-debug
   --pwhistory-use_authtok
   --pwhistory-enforce_for_root
   --pwhistory-remember=<value>
   --pwhistory-retry=<value>
   --pwhistory-type=<value>
   --selinux
   --selinux-debug
   --ssh
   --ssh-debug
   --ssh-nullok
   --ssh-try_first_pass
   --ssh-keyfiles=<value>
   --thinkfinger
   --thinkfinger-debug
   --umask
   --umask-debug
   --umask-silent
   --umask-usergroups
   --umask-umask=<value>
   --unix
   --unix-debug
   --unix-audit
   --unix-nodelay
   --unix-nullok
   --unix-shadow
   --unix-md5
   --unix-bigcrypt
   --unix-not_set_pass
   --unix-nis
   --unix-broken_shadow
   --unix-remember=<value>
   --unix2
   --unix2-nullok
   --unix2-debug
   --unix2-trace
   --unix2-none
   --unix2-call_modules=<value>
   --unix2-nisdir=<value>
   --winbind
   --winbind-debug

Dienst-spezifische Modul-Optionen:
      Diese Module können nur zu einzelnen Dienst-Dateien hinzugefügt werden.
   --ck_connector
   --ck_connector-debug
   --cryptpass
   --csync
   --csync-use_first_pass
   --csync-try_first_pass
   --csync-soft_try_pass
   --csync-nullok
   --csync-debug
   --csync-silent
   --lastlog
   --lastlog-debug
   --lastlog-silent
   --lastlog-never
   --lastlog-nodate
   --lastlog-nohost
   --lastlog-noterm
   --lastlog-nowtmp
   --lastlog-noupdate
   --lastlog-showfailed
   --loginuid
   --loginuid-require_auditd
   --mount



Oct 30, 2009

Password policies on debian linux: dcredit? pam_cracklib.so?

Ok, nearly everybody knows pam:
PAM = Pluggable Authentication Modules
The linux-pam homepage states "Basically, it is a flexible mechanism for authenticating users." But is there an easy way to enforce password policies within this pam mechanism?

It is not really difficult, if you know where to look:
Open /etc/pam.d/common-password (debian) and read
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
The two next two lines are:
password required pam_cracklib.so retry=3 minlen=6 difok=3
password required pam_unix.so use_authtok nullok md5
and pam_cracklib.so can be installed via
apt-get install libpam-cracklib
At the first line add
dcredit=-4 lcredit=-2 ucredit=-1
This translates to dcredit=-4 (4 digits required), lcredit=-2 (2 letter lowercase required), ucredit=-1 (1 letter uppercase required). For a full list of parameters look here.

Oct 25, 2009

Offer or fraud? Marketing for blogs...

Last week i got the following mail:

Hello, my name is XXX YYYY and I am an internet marketing
specialist. I was looking at websites under the keyword system tools
and came across your website http://dietrichschroff.blogspot.com. I see that you're not ranked on the first page of Google for a system tools search.

I'm not sure if you're aware of why you're ranked this low but more importantly how easily correctable this is.

There's no reason you can't have a top three ranking for the keyword
system tools based on your site structure and content. You have a very
nice site.

You need significantly more one way anchor text backlinks. If you're interested I can help you with this...

I'm talking about getting you ranked for ALL your keywords. Adding new
backlinks on a steady and consistent basis from high PR quality
websites is what produces the rankings you are looking for http://dietrichschroff.blogspot.com.

The right kind of links are very critical in getting top ranking....and I can hand deliver these quality links to you.

My partners and I own 1000's websites and offer private linking to hundreds of website owners just like yourself.

I didn't send this email out to very many people but I am currently
reaching out to a list of your 'keyword competitors' as well. But I do
favor your website because I can see your website monetizing the
targeted website traffic the keyword system tools can deliver.

I have your contact information and phone number. Is it ok if I give you a call?

I have a very simple way to prove that what I do works and it's risk
free for you to try. Nothing beats seeing the results with your own eyes

Is it ok if I give you a call? I would love to pursue this further over the phone with you or should I go somewhere else?

Sincerely,

XXXX YYY
(aa) bb-cccccccc
www.url.com

P.S - If the tables were turned and somebody I didn't know came to me
with a proposition, even one that was appealing, I would be hesitant
because I would be wondering - what's the catch? What does this guy
know that I don't.

But then I would think he does know something that I don't know. He
does have thousands of high PR websites, he does have hundreds of
thousands of pages indexed and ranking in Google Yahoo and MSN. Sites
that can deliver the quality anchor text backlinks. I would also think
that I need to get my website in the top rankings. And he is offering
to turn key top rankings for me...on all my keywords including system
tools. Even keywords I'm not currently competing for. Keywords that
produce traffic that's potentially worth tens of thousands, hundreds of
thousands, millions of dollars.

I emailed you because It's a win -win for both of us. Think of it this
way - Who wouldn't be interested in buying money at a discount? Because
that's what I'll be able to do offer you...Money at a discount.

Is it Ok to give you a call? Or you can can call me anytime at the number above?
I am really stunned...
Is this the way to get high ranks for google searches?
If everybody starts this, the search engines will not provide useful links anymore ;-)

Oct 21, 2009

Searching for cpu capabilities? Look at /proc/cpuinfo...

Most of us know, that with
cat /proc/cpuinfo
the number of cpus, cpu speed, cpu model etc. can be found. But there is one interesting line which is called flags:
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 13
model name : Intel(R) Pentium(R) M processor 1.73GHz
stepping : 8
cpu MHz : 1733.000
cache size : 2048 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 2
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss tm pbe bts est tm2
bogomips : 3457.11
clflush size : 64

Ok, the acronyms sound familiar. Here the outputs from some other cpus:
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe constant_tsc pebs bts pni monitor ds_cpl cid xtpr
Hmmm. No flag like 64Bit or x64... How can this acronyms be decoded?
Let's ask the kernel sources!
There is one file inside the sources, where all this flags are defined:
arch/x86/include/asm/cpufeature.h
Here are the most interesting ones:
#define X86_FEATURE_HT (0*32+28) /* Hyper-Threading */
#define X86_FEATURE_LM (1*32+29) /* Long Mode (x86-64) */
#define X86_FEATURE_VMX (4*32+ 5) /* Hardware virtualization */
#define X86_FEATURE_PN (0*32+18) /* Processor serial number */
Just if you are not sure about installing 64Bit Linux, check for lm. And if ht is shown, you do not worry, can detect twice as much cores as there are, or if...

Oct 16, 2009

Batch processing: ssh access to multiple servers without ssh-keys

It is always the same: You are used to a technique like
  • accessing server via ssh with ssh-keys
But in some environments you are not allowed or you just don't want to put your authorized_keys to the servers, which you want to access. But how to automate logins to this servers?
  1. Poor man's approach
    buffer the password and use the middle button on your mouse, each time the script asks for the password.
    This works, but this is only "semi-automatic"
  2. Use expect
    With this tool it is very easy to automate logins without using ssh-keys. Just write a script auto.ssh.sh like this:
#!/usr/bin/expect
spawn ssh -l root $argv
expect "Password: "
send "mypassword\n"
expect "#";
send "date\n";
expect "#";
send "exit\n";
This script can be called with a parameter (here IP or hostname) and executes the date command on the server. Now just write a loop:
for server in 10.0.0.1 10.0.0.2 10.0.0.3; do ./auto.ssh.sh $server; done
And you are done...
(But this is not so secure like using ssh-keys!)

Oct 14, 2009

Bash history for multiple shells...

Did you ever configure something and after a while you were not able to remember the exact syntax for the command?
If you used the bash shell, then the command history was your friend:
history|grep <part of command>
and you got everytime the line with the right command back.
Everytime? Hmm no. Sometimes the command did not show up in the history. First guess:
HISTFILESIZE
was not big enough, but there is another option for missing entries:
If you work with multiple shells at the same time, then the history will be (over)written by closing the last shell.
But this can be avoided:
After adding the following to your .bashrc, you will never miss an entry again ;-):
shopt -s histappend
For more information of shopt take a look here.

Oct 1, 2009

Linux: hash algorithms for passwords inside /etc/shadow

You read the headline and you are sure that this is easy to answer?
I was thinking the same: Just a MD5-hash inside this /etc/shadow file.

But this is not true anymore:
You can use several hash algorithms inside /etc/shadow like
  • MD5
  • blowfish
  • DES
  • SHA-256
  • SHA-512
Inside /etc/shadow you can see the following:
schroff:$1$<String1>$<String2>:0:99999:7:::
$1$ stays for MD5, $2a$ for blowfish, $5$ for SHA-256, $6$ for SHA-512. The <String1> contains a salt and <String2> the hashed password.
The other values can be easily interpreted (and changed) with the following command:
schroff@hades:$ chage -l schroff
Letzte Passwortänderung : Feb 01, 2009
Passwort läuft ab : nie
Passwort inaktiv : nie
Benutzerzugang läuft ab : nie
Minimale Anzahl der Tage zwischen Passwortänderungen : 0
Maximale Anzahl der Tage zwischen Passwortänderungen : 99999
Anzahl Tage, an denen vor Passwortablauf gewarnt wird : 7
And where can the hash algorithm be changed? This depends on the linux you are using:
  • /etc/pam.d/common-password (Debian)
  • /etc/default/password (SUSE/Novell)
Is there a way to generate this passwords via command line? Yes, with debian package makepasswd (but only for MD5):
echo "mypasswd" | makepasswd --crypt-md5
$1$r2elYKyB$vUr/Ph.brKTldM2h2k8J5.

But this will not work via copy and paste inside /etc/shadow ;-(
To change password via script some linux distribution can use:
echo oracle:mypasswd | chpasswd

or
echo -n mypasswd | passwd --stdin oracle

Sep 21, 2009

DHCP on PCs: Lease-Time

Everyone knows DHCP. Yes your PC gets something like a lease for a time...
Do you know how to ask your PC, when this lease expires?
This is not very difficult:
On Windows:
ipconfig /all

Ethernetadapter Drahtlose Netzwerkverbindung:

Verbindungsspezifisches DNS-Suffix: mydomain.me
Beschreibung. . . . . . . . . . . : Intel(R) PRO/Wireless 2200BG Network Connection
Physikalische Adresse . . . . . . : 00-12-34-56-78-90
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
IP-Adresse. . . . . . . . . . . . : 192.168.18.21
Subnetzmaske. . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.18.1
DHCP-Server . . . . . . . . . . . : 192.168.18.1
DNS-Server. . . . . . . . . . . . : 192.168.18.1
Lease erhalten. . . . . . . . . . : Dienstag, 22. September 2009 20:58:40
Lease läuft ab. . . . . . . . . . : Freitag, 2. Oktober 2009 20:58:40
On Linux:
cat /var/lib/dhcp3/dhclient.leases
lease {
interface "eth1";
fixed-address 192.168.18.21;
option subnet-mask 255.255.255.0;
option routers 192.168.18.1;
option dhcp-lease-time 864000;
option dhcp-message-type 5;
option domain-name-servers 192.168.18.1;
option dhcp-server-identifier 192.168.18.1;
option dhcp-renewal-time 432000;
option ntp-servers 192.168.18.1;
option broadcast-address 192.168.18.255;
option dhcp-rebinding-time 756000;
option domain-name "mydomain.me";
renew 6 2009/09/26 15:58:34;
rebind 3 2009/09/30 12:17:44;
expire 4 2009/10/01 18:17:44;
}
This is ok, but what if you use a black box as router, where you can not adjust the dhcpd parameters? Something like changing the lease time, because 756000s=210h=8.75d is really to long for a network, where you use computers only on a hourly base...
On Linux you can configure your client very easy:
Add inside /etc/dhclient.conf the following line
send dhcp-lease-time 3600;
After this little change start dhcp with
dhclient -cf /etc/dhclient.conf
and your lease details show:
option dhcp-lease-time 3600;
option dhcp-renewal-time 1800;
option dhcp-rebinding-time 3150;
On Windows this is nearly impossible:
There is a nice starting point provided by Microsoft: http://support.microsoft.com/kb/121005. But with this information you only know that you have to add the following key inside the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dhcp\Parameters\Options\51
With the explanation given there
Lease Time (51): This option is used in a client request (DHCPDISCOVER or DHCPREQUEST) to allow the client to request a lease time for the IP address. In a server reply (DHCPOFFER), a DHCP server uses this option to specify the lease time it is willing to offer. The time is in seconds, and is specified as a 32-bit unsigned integer. The code for this option is 51, and its length is 4.
it is not possible without any futher documentation to create the appropriate keys and values ... ;-(

Sep 18, 2009

Sun's hardware at Oracle: cont'd

After my last posting there was another announcement from Oracle regarding SUN hardware and Oracle software:

At http://streaming.oracle.com/ebn/download/8176478.pdf the full presentation is provided by Oracle.
Please note that Exadata Version 2 consists of
x86 CPU cores
So Oracle does not only commit the SUNs SPARC architecture...

Sep 11, 2009

Sun's hardware at Oracle: a new announcement

Oracle announced the following statement on their website:


But why did they announce this now?
Here some answers out of the web:
The advertisement is a sign of how seriously Oracle views the Sun customer base as part of the value of Sun. At JavaOne, Ellison said Oracle has sold many database systems to run on Sun servers. Linux servers make up its fastest growing business, but Sparc/Solaris platforms remain its largest installed base, he said.
www.informationwee.com
or
Analysts see Oracle's ad as a defensive move ... Among the top hardware makers, Sun registered the biggest decline in server revenue in the second quarter, offering evidence that this protracted merger may be eroding Sun's value.
www.computerworld.com
or
Still, this may all be a little propaganda to ease the worries of the EU's Competition Commission, which has extended its investigation of the deal.
news.softpedia.com
or
This is very good news for us geeks; Oracle is promising to invest in not only Solaris, some decent competition for Linux, but also in the SPARC architecture. We're getting two alternative products for one here.
www.osnews.com
Many opinions and if you ask yourself, you will get even more ;-)

Sep 9, 2009

Oracle SOA Suite 11g: How to start the soa instance...

You tried to install Oracle's SOA Suite 11g?
The installation completed successfully?
You got the login screen like shown in this posting?

Now you can login...

The next screen shows this:

After that there is this fancy gui with some flash components inside:

Yippie! Everything is ok...
Let's take a look at the SOA components:



But stop! There are no SOA components. The manual shows this:

???
How do i get this additional folder inside the SOA console?
Ok, this is very easy:
/opt/Oracle/Middleware/user_projects/domains/soa_domain/bin/
startManagedWebLogic.sh soa_server1 http://localhost:7001
And here we go:


Just a last comment: Stopping this server can be done via command:
./stopManagedWebLogic.sh soa_server1 t3://hades:7001 weblogic oracle10

Sep 8, 2009

Oracle WLS: Installation errors

Did you try to install an Oracle WLS and got some errors like:
INST-07248
INST-07292
and you do not know what to do?
The official pages are here. There you can find some explanations.
For the errors abouve, the provided Middleware home was empty....


Aug 26, 2009

Review at amazon: Sichere Netzwerkkommunikation: Grundlagen, Protokolle und Architekturen

Are you interested in securing networks and german books are no problem? Then you should read this one:

Because german is mandantory, here the link to my review at amazon.de in german.

JDeveloper 10g: 10.1.3.1 to 10.1.3.5 and BPEL

I was searching for the changes from JDeveloper 10.1.3.1 to 10.1.3.5 related to BPEL technology. Here the official webpages:
There are many fix lists and readme but nothing about BPEL.
Even on metalink i was not able to find anything...
So if anybody knows how to get the lists with the JDeveloper patches related to BPEL, please add a comment to this blog ;-)
Thanks!

Aug 21, 2009

Oracle SOA Suite 11g: How to get a running test instance (on a laptop)?

After migrating the first project, the next step is to deploy this bpel to a server. I started with only installing JDeveloper an let's see, if it possible to stay with that (without installing the real wls production server).

I started with just with
/opt/Oracle/Middleware/utils/quickstart/quickstart.sh

So this looks like the wls server can be configured with Getting started with WebLogic Server 10.3.1:


But after some clicks i ended with:

Ok, there was only a very small chance, that a database is included inside the jdev-package. Like expected i installed Oracle's XE database. And after a short search i found a nice guide for setting up test instances inside wiki.oracle.com.

Just to add the missing steps:
dpkg -i oracle-xe-universal_10.2.0.1-1.0_i386.deb
/etc/init.d/oracle-xe configure
oracle@hades:~/app/oracle/product/10.2.0/server/bin$ ./createdb.sh
lsnrctl start
sqlplus system/passwd@XE
and as written in the Oracle documentation - download the rcu and run it:
./rcu






Ok, ignore this, but then:
RCU-6107:Fehler bei der Prüfung auf Voraussetzungen von DB Init Param für: SHARED_POOL_SIZE
Erforderlicher Wert = 147456 KB, Aktueller Wert = 0 KB, Vergleichsoperator: ">="
RCU-6107:Fehler bei der Prüfung auf Voraussetzungen von DB Init Param für: SGA_MAX_SIZE
Erforderlicher Wert = 147456 KB, Aktueller Wert = 143360 KB, Vergleichsoperator: ">="
But this is fixable:

SQL> alter system set sga_max_size=150M scope=spfile;
System altered.
SQL> alter system set sga_target=150M scope=spfile;
System altered.
and restart the DB:









Once again:
/opt/Oracle/Middleware/wlserver_10.3/common/bin/config.sh
...




Then i tried via Jdeveloper -> Run -> Start Server Instance
But the result was just many errors and no connectivity via http://localhost:7001.

Then i tried
cd /opt/Oracle/Middleware/user_projects/domains/DefaultDomain/
./startWebLogic.sh
And after waiting 2 minutes, it worked:





Aug 18, 2009

Review at amazon: SOA Principles of Service Design

Last week i read the first book from Thomas Erl.

It is a very nice book, if you have to build some slides or if you want to give a lecture. But really deep insights into the topic service design is not provided. For example chapter 6 "service contracts" covers only a simple WSDL as example.
Nearly 50% of the book is occupied by fancy graphics, but most of the are quite useless or without any additional value.
Perhaps it was just the wrong book from Thomas Erl, so i will try another one, too...
If you like, take a look at my review at amazon.de (It is written in german, sorry again ;-).

Aug 16, 2009

Review at amazon: Multiprojektmanagement. Projekte erfolgreich planen, vernetzen und steuern

Are you interested in multi-project-management and german books are no problem? Then you should read this one:

Because german is mandantory, here the link to my review at amazon.de in german.

Aug 15, 2009

Migrating BPEL projects from 10g to 11g (example: 101.HelloWorld)

On this blog i started more than one year ago with the lost (collaxa) BPEL-tutorials. My first posting was the 101.HelloWorld.
Now after the arrival of Oracle's application server 11g i decided to do all the tutorials again to see what has changed. So let's start:
First you need to download jdeveloper 11g and add the bpel components.
Then get the old bpel tutorials (you can copy them from an 10g installation area: /opt/oracle/product/10.1.3.1/OracleAS_1/bpel/samples/tutorials).
After that open jdeveloper and create an application:


Then you have to create a project, even we do not need this here:


Then you can click finish.
Now choose open and select the HelloWorld.jpr:

This starts the migration wizard:








And the wait:





Done! So let's see what happened.
Ok, much more files than in 10g:

The bpel itself has one transformation more than before:

Opening the transformation, i got the following error:

But after restarting jdeveloper, i was able to access this xslt.

In addition a composite was generated:

The test suite was migrated, too

As a difference to 10g the tests are added at composite level and not inside the bpel (the blue arrow inside the light blue circle).

Double clicking this arrow opens this dialog:



And Generate Sample does really work (it changes Kireet to name1 ;-)....
Deploying and checking will be done in another posting.