GLPCTL019E Error Running idsicrt

While trying to configure an ITDS instance and database, I ran into the generic GLPCTL019E error. The only thing I know from this error message is that there was a failure and not much else. In hopes of finding more information, I reviewed the ibmslapd.log, db2cli.log, and the others, still finding no hints as to why this problem occurred.

Here is the command I ran and the failure.

idsicrt -I idsinst -e password4seed -p 389 -s 636 -a 3538 -c 3539 -l /home/idsinst -t idsinst

Read more

Tunnelling VNC Through SSH

In some lab environments it’s impossible to use VNC to access remote machines due to security practices(ports being blocked, BSOs, etc). If your job requires you to access those machines pretty frequently this can be a huge headache. Thankfully, we can work around this and tunnel VNC using SSH. In my experiences SSH is almost always available.

This process basically relies on port forwarding, so use good judgement and be careful of firewalls – they may impact your ability to do this successfully (although for me, Zonelabs Integrity Client did not have problems).

SSH can allow you to forward a local port to a destination port and vice versa. Since VNC generally uses the 5900 range (by default on Windows, and usually 5901, 5902, etc on *NIX), you can forward those ports to other ports locally. In my environment I have to go to a jump point server, and then from the jump point to my target server. For you in may not be this difficult.

I’m using a Windows XP machine with cygwin installed. I haven’t tried using putty, so I can vouch for it.

Open a command line terminal:

ssh -g -L 5902:donner:5900 -C administrator@robstestserver.com

Again, the trick in my environment is I have to jump from the target host to the jump point, and from the jump point to my local machine. The -g and the -L allow me to do this. The -C is for compression.

Now open up a VNC Viewer and enter the following and you should see the contents of your target system in the VNC window.:
localhost:5902

In the example I gave above, it tells SSH to connect with Compression to robstestserver.com (the jump point server) as administrator, and then once there forward port 5900 on machine donner (which is defined in robstestserver’s hosts file) to port 5902. Then the VNC viewer on your machine is opened to port 5902 and uses that for I/O to port 5900 on donner.

This is a pretty nifty little trick to getting around the sometimes painful lab security.

If you have any questions or problems post them in the comments.

Example ITPM 3.1 Workflow with Supported Array Usage

workflow AAAarrayExample LocaleInsensitive

array var2 = { "1", "2", "3" }
log info var2
var var3 ="1"

foreach abc in var2 do
if Jython( var3 == abc ) then
log info Jython("var 1 is contained in array var2")
endif
done

var var5 ="1"
if Jython[ var5 in ("1", "2", "3") ] then
log info Jython("var5: is part of sequence")
else
log info Jython("var5: is not part of sequence")
endif

var x = var2[0]
log info Jython("x is: " + x)

array arr3
arr3[0] = "1"
log info Jython("0th element of arr3 is:" + arr3[0])

var z = arraysize(arr3)
log info Jython("size of array arr3 is: " + z)

array arr4
var xy = arraysize(arr4)
log info Jython("size of array arr4 is: " + xy)

Compiling Apache2 and PHP5 on AIX 5.3 TL5

I’ve been working on my test AIX 5.3 system trying to get Apache2 and PHP installed. My ultimate goal is too get Apache2 and PHP setup
so I can install Drupal and start testing it with a DB2 back end. If I can get it working and running stable, I will move all of my test web sites over to this machine.

After some trial and error, here is how I got Apache2 and PHP5 compiled on my AIX 5.3 TL5 machine.

Read more

Tip of the Day: Checking Connections in ITDS

To view a list of open connections against your IBM Tivoli Directory Server (LDAP) you can use netstat.

netstat –an |grep 389

It won’t give you a ton of information, really just the IP address of the machine requesting information. If you want to get more specific information about the LDAP connections, run a base scope query on the monitoring service.

ldapsearch –D cn=root –w password –s base –b “cn=connections,cn=monitors” objectclass=*

output:

connection=71116 : 192.168.55.171 : 2009-02-18 23:50:00 GMT  : 0 : 1 : UID=WPSBIND,OU=robscomputergarage,c=us :  :
connection=73411 : 192.168.55.165 : 2009-02-19 02:29:58 GMT  : 0 : 669 : CN=ROOT :  :

This information tells us a little more about what’s going on with the connections.

connection=*** is the connection number

xxx.xxx.xx.xxx is the IP address of the client.

yyyy-yy-yy is the date when the connection was first established

zz:zz:zz GMT is the time the connection was made. It also shows the timezone of the connection.

The 0 after the timestamp is showing how many operations are pending

669 is the number of operations that have been completed on that connection

CN=ROOT or UID=WPSBIND is the BindDN making the connection.

The very last field, blank in my example (: :) is the type of connection being made. It’s only valid if SSL/TLS is being used.