Simplest LDAP Server

One application I am working on needed LDAP authorization support. In order to test before actually deploying it I decided to create local LDAP server in virtual machine.

I decided to use CentOS minimal install as starting point. It is extremely small distribution to start with and it allows for virtual machine with only 256 MB of RAM (although it needs 512 MB in order to install, go figure).

Installation of CentOS is uneventful. Just go next, next, next and it is done. Although it might be wise to skip media check since it takes ages. In matter of minutes OS will boot up and then the fun starts.

Since we will need network access for both using machine as LDAP server and for getting packages of the Internet, we need network access. Getting it to work is as easy as writing ifup eth0. In order to make these changes permanent just edit /etc/sysconfig/network-scripts/ifcfg-eth0 and change line starting with ONBOOT with ONBOOT="yes". It is as easy (if you disregard annoyance of vi editor).

Now we need to install our directory server. First install package (answer y to everything):

yum install 389-ds-base

And then run setup (answer yes to first two questions and just use default for others):

setup-ds.pl

That should leave us with values totally unsuitable for anything but for testing (which is exactly what we want):

Computer name ...............: //localhost.localdomain//
System User .................: //nobody//
System Group ................: //nobody//
Directory server network port: //389//
Directory server identifier .: //localhost//
Suffix ......................: //dc=localdomain//
Directory Manager DN ........: //cn=Directory Manager//

Quick search will prove that our directory server is up and running

ldapsearch -h 127.0.0.1 -x -b "dc=localdomain"
 ...
 # search result
 search: 2
 result: 0 Success
 # numResponses: 10
 # numEntries: 9

Well, now we are ready to add our first user. In order to do this just create user.ldif file with following content:

dn: uid=jdoe,ou=People,dc=localdomain
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: jdoe
cn: John Doe
displayName: John Doe
givenName: John
sn: Doe
userPassword: test

Not all these attributes are mandatory but I find this to be minimum acceptable set for my use. This is not enough if you want to use LDAP server for logons but it is enough for basic password checking. We add user with:

ldapadd -h 127.0.0.1 -x -D "cn=Directory Manager" -W -f user.ldif
 adding new entry "uid=jdoe,ou=People,dc=localdomain"

If something is messed up, just delete the user and add it again:

ldapdelete -h 127.0.0.1 -x -D "cn=Directory Manager" -W "uid=jdoe,ou=people,dc=localdomain"
ldapadd -h 127.0.0.1 -x -D "cn=Directory Manager" -W -f user.ldif
 adding new entry "uid=jdoe,ou=People,dc=localdomain"

Yes, there is an ldapmodify operation but I find it better to start with clean slate during testing.

Another test to verify that our user authentication works and we are good. Password asked here is not your root LDAP password but password of an user (test in my example):

ldapsearch -h 127.0.0.1 -x -D "uid=jdoe,ou=People,dc=localdomain" -W -b "ou=people,dc=localdomain" "uid=jdoe"
 dn: uid=jdoe,ou=People,dc=localdomain
 objectClass: top
 objectClass: person
 objectClass: organizationalPerson
 objectClass: inetOrgPerson
 uid: jdoe
 cn: John Doe
 displayName: John Doe
 givenName: John
 sn: Doe
 search: 2
 result: 0 Success

Congratulations, you have just made your first LDAP authorization.

Since, in current state, our LDAP cannot talk with outside world, we can think of dropping firewall (not something that you should do in production environment):

iptables -F INPUT
service iptables save

And last step would be to ensure that our directory server gets started as soon as machine is booted up:

chkconfig dirsrv on

With this LDAP test server configuration is done.

Pure Laziness

Visual Studio 2012 comes with Blend. Even Visual Studio installation is named “Visual Studio 2012 with Blend”.

Therefore I was surprised when I actually started Blend under Windows 7. I got slapped with “… supports only Windows Store app development on Windows 8 …”.

Under assumption that there is some programming API for retrieving actual version of Windows, I cannot think of an excuse other then pure laziness why this item ended up offered as instalaltion option. If you know that your component does not work under certain OS, do not even show it to user. And do not even think about actually installing it.

I understand that Microsoft wants to sweeten deal for early Windows 8 adopters. I find nothing wrong with that. It is actually really sensible thing to do.

But do not install by default stuff that developer cannot use. It will just make him cranky.

P.S. Uninstalling Blend left it’s item and project templates directories behind…

Virtual CloneDrive - Installation Failed!

After fresh Windows 7 installation and some initial setup I came around to install programs on top of it. I find Virtual CloneDrive perfect companion for this job since most of software I have is in form of an ISO image.

This time I stumbled upon a problem. Every time I tried to install it I would get “Installation failed!” followed by “Completed!” and setup asking for restart. And CloneDrive would just end up as Unknown device in Device Manager. Every time before this program worked perfectly, why it would not now?

After short analysis I managed to find a problem. As part of install driver is extracted in user’s temporary folder (AppData\Local\Temp). Then system is invoked in order to install it.

Just after Windows install I have enabled encryption on my user profile. When system attempted to install driver it was accessing file in context of another user. Thus it was unable to read encrypted files.

Solution was simple - I just turned off encryption attribute for directory and started setup again. This time everything went in perfect order. After having similar issues with multiple programs, I permanently removed NTFS encryption on temporary folder. It seems that lot of programs use this folder during installation of system components and it was just too annoying to keep it encrypted.

Real solution would be for programs with system components to use Windows\Temp as temporary folder. However, you cannot control what other people do…

Summae 1.10

After quite a while here is upgrade for Summae.

It finally brings proper command-line support for handling directories and basic file pattern matching.

In addition you don’t need to install program in order to calculate something. Just unpack it from zip and you are ready.

Of course there were slight visual changes but nothing major going on. It is simple utility and it will stay like that.

Download.

Windows ME, Take 2

I have followed Windows 8 from developer preview all the way to the RTM. I was never really taken away with UI, but I thought it bearable. And I was determined to give it fighting chance - I’ll work for at least a month and then judge.

Well, month has passed and judgement is here - I will delete it and bring Windows 7 back.

I have endured idiotic interface, I have endured disk repair every time I boot between it and Windows 7 (although they are on different physical drives). I have endured inferior store applications. I have endured image viewer from hell (who needs move to next image?). I have even endured a hard crash during startup. Straw that broke my back was Visual Studio.

I have installed Visual Studio 2012 on fresh Windows 8. Both being flagship products of this year I didn’t think that there will be problems. Well, I thought wrong. First day after install, during 2010 solution load, it somehow forgot all his editors (including one for text). Just to be safe I reinstalled both Windows and VS. And than it happened again day after. This time I just did VS repair. And than again. And a few times more…

Same Visual Studio under Windows 7 loads solution without any issue.

After some time (and possibly some updates) I haven’t had same issue. In order not to miss reinstalls too much I got new error: “An error occurred saving the project file. The specified file could not be encrypted.” Why the hell would it want to encrypt this file I have no idea. Project is on exFAT drive and it works fine until I make changes.

Same Visual Studio under Windows 7 saves project without any issue.

Visual Studio 2012 is not a saint. It is slower than 2010 and its form editor crashes whenever it rains in Redmond. But those are relatively small issues and I haven’t even come close to uninstalling it. That is, if it runs under Windows 7.

I had every version of Windows since 3.11 installed at one time or another. And there was only one version that I skipped - Windows ME. Now it is joined by Windows 8.

P.S. To be fair there are two things I will miss: file copy dialog and removal of Aero UI.