home

https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf DNS Entries hensler.net TXT “v=spf1 ip4:3.225.201.202 ~all” default._domainkey.hensler.net. TXT “v=DKIM1;k=rsa;” “part I” “part II” _dmarc TXT v=DMARC1; p=none; pct=100; rua=mailto:dmarc-reports@hensler.net DNS Type SPF use has been removed in the standards track version of SPF, RFC 7208. Your DNS Type SPF record should be republished as Type TXT instead. dig hensler.net txt http://spf.myisp.ch/ https://www.kitterman.com/spf/validate.html? spf […]

https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx request wildcard certificate sudo certbot –server https://acme-v02.api.letsencrypt.org/directory -d *.hensler.net –manual –preferred-challenges dns-01 certonly sudo certbot certonly –manual -d ‘*.hensler.net’ –dry-run sudo certbot certonly –manual -d ‘*.hensler.net’ >> update .txt for _acme-challenge.hensler.net in route53 sudo service nginx restart sudo certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log – – – – – – – – – […]

Spamassasin not starting with reboot: sudo systemctl status spamassassin.service sudo systemctl enable spamassassin.service sudo vim /lib/systemd/system/spamassassin.service [Service] Restart=always RestartSec=3

Ubuntu Postfix Dovecot SMTP Banner Ubuntu Open lightsail ports SSH TCP 22 Custom TCP 25 HTTP TCP 80 Custom TCP 110 Custom TCP 143 HTTPS TCP 443 Custom TCP 993 Custom TCP 995 sudo netstat -lnpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 […]

#1: Migrating a monolithic application (daytrader) on top of a WebSphere Liberty application server form traditional deployment to cloud services using AWS. This involves multiple steps, starting with containerizing the application, converting the database (Derby to Postgres) and finally migrating images into Amazon’s cloud to make use of the Elastic Cloud services (EC*) and High […]

add_filter( ‘widget_tag_cloud_args’, ‘jmw_exclude_tag_from_tag_cloud’); function jmw_exclude_tag_from_tag_cloud( $args ) { $args[ ‘exclude’ ] = ’45’; // ID of the tag. If multiple tags use comma delimited sting ‘2,5,36’ return $args; }

Design and implement OAuth/OIDC authentication process for mobile clients (native/html) using ISAM (IBM Security Access Manager) and authorisation code grant type. Integrate custom “Message Provider Gateway” (MSG) in authentication process (verification of access token) using OIDC JWKS (JSON Web Key Set) and /userinfo endpoints. Products used: IBM Security Access Manager

By default, the WebSphere Application Server SAML Trust Association Interceptor (TAI) supports IdP-initiated SSO only. When custom code is in place, the SAML TAI can be configured to support SP-initiated SSO. Writing a custom java class the authentication process will be intercepted and handled by the SP – a SAML mutual trust relationship between the […]

User account synchronization between internal LDAP and directories of a foreign application domain (e.g. Cloud application), using SCIM (System for Cross-domain Identity Management), alternatively parsers (LDIF, JSON, XML, others) or synchronization with a cloud database. Products used: IBM Security Directory Integrator (SDI), IBM Secure Directory Server (SDS), Amazon Web Services (AWS) DynamoDB, Red Hat.

The intention of this project was to provide a consistent Single-Sign-On (SSO) between an on-premise ISAM (IBM Security Access Manager) and IBM’s Cloud Identity (CI) using SAML by utilising local user accounts for authentication. MMFA (Mobile Multi Factor Authentication) with QR Code and TOTP (Timely One Time Password) was added to provide a 2-factor authentication […]

Design and implement multiple corporate-wide deployments for IBM Sametime 9 including components necessary to provide web conferencing and multi-way audio/video/chat. Products used: IBM Sametime complete v9

yum -y install epel-release yum -y install NetworkManager-openvpncd /usr/sbin/openvpn automatic login:create ovpn.username.txt with:usernamepassword vi /etc/openvpn/tta.confauth-user-pass ovpn.username.txt cp ovpn.username.txt /etc/openvpn/cp tta.conf /etc/openvpn/ ./openvpn –config /etc/openvpn/tta.conf –auth-user-pass /etc/openvpn/ovpn.username.txt autostart openvpnsystemctl enable openvpn@ttasystemctl status openvpn@tta.conf.service

cd /opt/wlp/bin ./installUtility install adminCenter-1.0 server start | stop | status vi /opt/wlp/usr/servers/defaultServer/server.xml in firefox (LIN) https://localhost:9943/adminCenter

httpd-vhosts.conf httpd-ssl.conf httpd.conf ln -s /Users/bhr/Music/iTunes/iTunes\ Media/Uploads/ /Users/bhr/Sites/media.hensler.net/uploads https://larsjung.de/h5ai/

use .vimrc sample to avoid “visual” in vim when trying to copy/paste. https://github.com/amix/vimrc/blob/master/vimrcs/basic.vim

Some applications do not offer direct pdf printing; the internal printing system allows setting up a local pdf printer. https://www.papercut.com/kb/Main/SetupNullPrinterOnMac

ServerName was.hensler.net:80 LoadModule rewrite_module modules/mod_rewrite.so RewriteEngine On RewriteRule ^\/$ https://%{SERVER_NAME}/ [NE,L,R] LoadModule ibm_ssl_module modules/mod_ibm_ssl.so Keyfile /opt/IBM/HTTPServer/ssl/key.kdb SSLStashfile /opt/IBM/HTTPServer/ssl/key.sth <IfModule mod_ibm_ssl.c> Listen 0.0.0.0:443 <VirtualHost *:443> ServerName was.hensler.net:443 SSLEnable SSLClientAuth none SSLCompression off SSLProtocolDisable SSLv2 SSLv3 SSLProtocolEnable TLSv1 TLSv11 TLSv12 SSLCipherSpec TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 SSLCipherSpec TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 SSLCipherSpec TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 SSLCipherSpec TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 SSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA SSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA SSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA SSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA # […]

https://backstage.forgerock.com/knowledge/kb/book/b73824898#a56766667 cd /etc/systemd/system vim opendj.service [Unit] Description=opendj LDAP Server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/opt/opendj/logs/server.pid ExecStart=/opt/opendj/bin/start-ds –quiet ExecStop=/opt/opendj/bin/stop-ds –quiet PrivateTmp=true LimitNOFILE=infinity [Install] WantedBy=multi-user.target systemctl enable opendj.service systemctl start opendj.service systemctl stop opendj.service

http://publib.boulder.ibm.com/httpserv/ihsdiag/startstop_questions.html#how-do-i-start-ihs-during-the-linux-boot-process cd /etc/systemd/system vim ihs.service [Unit] Description=IBM HTTP Server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/opt/IBM/HTTPServer/logs/httpd.pid ExecStart=/opt/IBM/HTTPServer/bin/apachectl start -d /opt/IBM/HTTPServer ExecStop=/opt/IBM/HTTPServer/bin/apachectl graceful-stop ExecReload=/opt/IBM/HTTPServer/bin/apachectl graceful PrivateTmp=true LimitNOFILE=infinity [Install] WantedBy=multi-user.target vim ihsadmin.service [Unit] Description=IBM HTTP Administration Server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/opt/IBM/HTTPServer/logs/admin.pid ExecStart=/opt/IBM/HTTPServer/bin/adminctl start ExecStop=/opt/IBM/HTTPServer/bin/adminctl stop PrivateTmp=true LimitNOFILE=infinity [Install] WantedBy=multi-user.target   systemctl enable ihs.service systemctl start ihs […]

yum -y install binutils bind-utils compat-db.x86_64 compat-libstdc* compat-libstdc++-33.i686 compat-libstdc++-33.x86_64 elfutils-libelf elfutils-libelf-devel elfutils-libs.i686 elfutils-libs.x86_64 elfutils.x86_64 firefox ftp gcc gcc-c++ glibc-common glibc-devel glibc-headers glibc* gtk2-engines.x86_64 gtk2.i686 gtk2.x86_64 kernel-devel kernel-headers ksh ksh.x86_64 libaio libaio-devel libaioi libcanberra-gtk2.x86_64 libcyanberra-gtk2.i686 libgcc.i686 libgcc.x86_64 libgcc* libstdci libstdc++.i686 libstdc++.x86_64 libXft.i686 libXft.x86_64 libXmu.i686 libXmu.x86_64 libXp libXp.i686 libXp.x86_64 libXpi libXtst.i686 libXtst.x86_64 make mc mlocate net-tools ntp […]

sudo vim /etc/postfix/main.cf message_size_limit = 10485760 mailbox_size_limit = 0 biff = no smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit recipient_delimiter = + tls_random_source = dev:/dev/urandom #smtpd_tls_ciphers = medium myhostname = mail.hensler.net mydomain = hensler.net myorigin = $mydomain #inet_interfaces = $myhostname, localhost mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,mail.$mydomain mynetworks = 127.0.0.0/8 smtpd_banner = $myhostname smtpd_use_tls= yes smtp_use_tls = […]

brew install dnsmasq   sudo vim /usr/local/etc/dnsmasq.conf bogus-priv local=/lan.hensler.net/ domain=lan.hensler.net expand-hosts listen-address=127.0.0.1 listen-address=10.0.29.150   sudo vim /etc/hosts ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost 10.0.29.60 hostname   /etc/resolv.conf domain lan.hensler.net […]

http://www.height8.com/info/os/osx/named

sudo vim /etc/openldap/slapd.conf include /private/etc/openldap/schema/core.schema include /private/etc/openldap/schema/cosine.schema include /private/etc/openldap/schema/inetorgperson.schema pidfile /private/var/db/openldap/run/slapd.pid argsfile /private/var/db/openldap/run/slapd.args database bdb suffix “dc=hensler,dc=local” rootdn “cn=manager,dc=hensler,dc=local” rootpw {SSHA}DXreBCiCpU1sH728ubClNXpHblzw80Wo directory /private/var/db/openldap/openldap-data index objectClass eq cachesize 2000 sudo vim /etc/openldap/sample.ldif version: 1 dn: dc=hensler,dc=local objectClass: top objectClass: dcObject objectClass: organization dc: hensler o: Some Org description: A sample domain dn: ou=people,dc=hensler,dc=local objectClass: top objectClass: […]

create standard user sftpusr allow ssh remote login for sftpusr sudo vim /etc/ssh/sshd_config # override default of no subsystems # Subsystem sftp /usr/libexec/sftp-server #Subsystem sftp internal-sftp -l VERBOSE -f LOCAL3 Subsystem sftp internal-sftp Match User sftpusr X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp ChrootDirectory /chroot/%u run command sudo mkdir /chroot sudo mkdir /chroot/bin sudo cp /bin/bash […]

sudo vim /etc/apache2/httpd.conf ServerName localhost:80 DocumentRoot “/Users/bhr/Sites” <Directory “/Users/bhr/Sites”> Options FollowSymLinks Multiviews MultiviewsMatch Any AllowOverride None Require all granted </Directory> LoadModule php7_module libexec/apache2/libphp7.so LoadModule perl_module libexec/apache2/mod_perl.so LoadModule userdir_module libexec/apache2/mod_userdir.so LoadModule include_module libexec/apache2/mod_include.so LoadModule rewrite_module libexec/apache2/mod_rewrite.so LoadModule vhost_alias_module libexec/apache2/mod_vhost_alias.so LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so LoadModule ssl_module libexec/apache2/mod_ssl.so Include /private/etc/apache2/extra/httpd-userdir.conf Include /private/etc/apache2/extra/httpd-vhosts.conf Include /private/etc/apache2/extra/httpd-ssl.conf sudo vim /private/etc/apache2/extra/httpd-userdir.conf Include /private/etc/apache2/users/*.conf […]

Midnight Commander for Mac OS X vim .bash_profile alias ll=’ls -alp’ alias mc=’. /usr/local/libexec/mc/mc-wrapper.sh’

sudo ufw disable selinux not installed by default sudo vim /etc/network/interfaces auto enp0s25 iface enp0s25 inet static address 10.0.29.60 netmask 255.255.255.0 gateway 10.0.29.1 dns-nameservers 62.2.17.60 sudo passwd root sudo sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/’ /etc/ssh/sshd_config sudo service ssh restart sudo vim /etc/security/limits.conf *    soft    nofile 65536 *    hard    nofile 65536 sudo vim /etc/environment LANG=en_US.utf-8 LC_ALL=en_US.utf-8

http://zanshin.net/2015/10/01/change-sshd-port-on-mac-os-x-el-capitan/

https://gist.github.com/mustafaturan/7053900   To send videos with WhatsApp run ffmpeg with following codecs: ffmpeg –i “original–file.mp4” –vcodec libx264 –acodec aac “output–file.mp4”

Firefox starts with a chrome://*.xul URL, which is a reference to a Add-On extension in Mozilla-derivative browsers. Firefox as of version 43 blocks automated installation of unsigned extensions. IBM’s commonlaunchpad xpi extension (found in the extensions directory of the new Profile being used by launchpad.sh) is unsigned. To workaround this downgrade Firefox with a version […]

vim /etc/ssh/sshd_config Subsystem sftp internal-sftp -l INFO -f AUTH vim /etc/rsyslog.conf auth.* /var/log/sftp.log   https://access.redhat.com/articles/1374633

postfix https://www.server-world.info/en/note?os=CentOS_7&p=mail #virtual_alias_domains = hensler.net virtual_alias_maps = hash:/etc/postfix/virtual ADD forwarder addresses vi /etc/postfix/virtual postmap /etc/postfix/virtual service postfix restart dovecot https://www.server-world.info/en/note?os=CentOS_7&p=mail&f=2 DNS hensler.net. A xxx.xxx.xxx.xxx hensler.net. MX 10 mail.hensler.net mail.hensler.net. CNAME hensler.net wordpress.hensler.net. A xxx.xxx.xxx.xxx ROUTER 25,110,143,80,443 FIREWALL https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7 systemctl stop firewalld.service firewall-cmd –zone=public –permanent –add-service=http firewall-cmd –zone=public –permanent –add-service=https firewall-cmd –add-service=smtp –permanent firewall-cmd –add-port={110/tcp,143/tcp} –permanent […]

  sudo visudo # User privilege specification root    ALL=(ALL) ALL %admin  ALL=(ALL) ALL bernhardhensler ALL=(ALL) NOPASSWD: ALL

Clipboard between Mac OS, Centos 64 7 CentOS yum install epel-release yum install xclip cat somefile.txt | xclip -selection clipboard In Mac OS use preinstalled pbcopy/pbpaste cat /etc/passwd | pbcopy   http://tedhagos.com/linux/clipboard-copy-paste-terminal.html

sudo vim /Users/bhr/Library/LaunchAgents/com.mmac.useragent.plist <?xml version=”1.0″ encoding=”UTF-8″?> <!DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”> <plist version=”1.0″> <dict>         <key>KeepAlive</key>         <true/>         <key>Label</key>         <string>com.mmac.useragent</string>         <key>Program</key>         <string>/Users/bhr/startUp/bindfs.sh</string>         <key>RunAtLoad</key>         <true/>         <key>StandardErrorPath</key>         <string>/tmp/com.mmac.startup.stderr</string>         <key>StandardOutPath</key>         <string>/tmp/com.mmac.startup.stdout</string> </dict> </plist> sudo vim /Users/bhr/startUp/bindfs.sh #!/bin/bash sudo /usr/local/bin/bindfs -r -g SFTPGroup /Volumes/DATACUBE/Media/Movies/ /chroot/sftp/movies sudo /usr/local/bin/bindfs […]

Generate new ssh key ssh-keygen -t rsa -C “bernhard.hensle@timetoact.ch” add private key to keychain ssh-add -K ~/.ssh/bhensler_id_rsa ssh-copy-id root@111.111.111.111

cd /Applications/ open AppName osascript -e ‘quit app “AppName”‘ ps -ax | grep AppName

vim .bash_profile export PATH=$PATH:/Applications/VMware\ Fusion.app/Contents/Library/ POWER COMMANDS           PARAMETERS           DESCRIPTION ————–           ———-           ———– start                    Path to vmx file     Start a VM or Team                          [gui|nogui] stop                     Path to vmx file     Stop a VM or Team                          [hard|soft] reset                    Path to vmx file     Reset a VM or Team                          [hard|soft] suspend                  Path to vmx file     Suspend a […]

vim ~/.ssh/config Host * ServerAliveInterval 240 http://www.kehlet.cx/articles/129.html

https://www.howtoforge.com/samba-server-installation-and-configuration-on-centos-7 yum install samba samba-client samba-common vi /etc/samba/smb.conf [global]         workgroup = WORKGROUP         server string = CNX5 Samba Server %v         netbios name = CNX5         security = user         map to guest = bad user         dns proxy = no [IBM]         path = /opt/IBM         valid users = root         browsable =yes […]

vi /etc/init.d/ihs #!/bin/bash # SERVICENAME should match this filename SERVICENAME=$(basename $0) LOCKFILE=”/var/lock/subsys/${SERVICENAME}” APACHECTL=/opt/IBM/HTTPServer/bin/apachectl # The next lines are for chkconfig on RedHat systems. # chkconfig: 2345 98 02 # description: Starts and stops IHS # The next lines are for chkconfig on SuSE systems. ### BEGIN INIT INFO # Provides: IHS_61.1 # Required-Start: $network $syslog […]

Deployment Manager cd /opt/IBM/WebSphere/AppServer/bin/ ./wasservice.sh -add dmgr -serverName dmgr -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01 service dmgr_was.init stop service dmgr_was.init start service dmgr_was.init status NodeAgent ./wasservice.sh -add node01 -serverName nodeagent -profilePath /opt/IBM/WebSphere/AppServer/profiles/AppSrv01 service node01_was.init stop service node01_was.init start service node01_was.init status #To have the node agent automatically start the Appserver JVM, set the Monitoring Policy of each JVM to […]

http://www-01.ibm.com/support/docview.wss?uid=swg24039355 http://www-01.ibm.com/support/knowledgecenter/SSFHJY/welcome IBM Connections cnx5.sites IBM Connections 5 CR3 (CentOS 7) Conversion, Docs, Viewer cnxDocs.sites IBM Connections Docs 1.0.7 (Windows 2008 R2) create LCUSER db2set DB2CODEPAGE=1208 db2stop force db2start create database (cnx5.sites) createDb.bat updateDBSchema.bat db2 -td@ -vf appGrants.sql install Python disable Netbios disable TCPIP Netbios Helper FNCMIS If you want Docs to work with CCM libraries, […]

Installation Manager 64bit yum install gtk2 yum install libXtst Download IBM Connections 5 http://www-01.ibm.com/support/docview.wss?uid=swg24037654   CCM CLFRP0038E: IBM Connections Content Manager failed to be configured on WebSphere Application Server. Error Step : Step “action-config-fncs-ccm” >> install ksh (korn shell) IHS grouped ihsgrp useradd -g ihsgrp -s/bin/bash -d /home/ihsadmin -m ihsadmin setupadm -create -usr ihsadmin -grp […]

DOMINO 9.0.1 yum install glibc-2.*.i686 libgcc-4*.i686 libXtst-1.*.i686 libXmu-1.*.i686 libXp-1.*.i686 libXft-2.*.i686 libXi-1.*.i686 libstdc++-4.*.i686 groupadd notes useradd -g notes -s/bin/bash -d /home/notes -m notes passwd notes vim /etc/security/limits.conf *    soft    nofile 65536 *    hard    nofile 65536 /opt/ibm/domino/bin/server -listen #rc_domino Copy rc_domino_script into /opt/ibm/domino Copy rc_domino into /etc/init.d, check variable DOMINO_START_SCRIPT Copy domino.service into /etc/systemd/system chmod 755 rc_domino_script […]

Install yum -y install netatalk avahi dbus nss-mdns chkconfig netatalk on chkconfig messagebus on chkconfig avahi-daemon on adduser afp passwd afp vi /etc/netatalk/afpd.conf “hostname” -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword vi /etc/netatalk/AppleVolumes.default :DEFAULT: “HTTPD” allowed_hosts:10.0.29.0/24 allow:afp rwlist:afp options:upriv,usedots dperm:0770 fperm:0660 ~ “HOME” /var/www/html/ “HTML” vi /etc/nsswitch.conf hosts:      files mdns4_minimal dns mdns mdns4 vi /etc/avahi/services/afpd.service […]

iTunes “master library” (bhr’s library) create new library with default values on local disk add Music to your iTunes library enable iCloud Music Library in preferences, wait for sync to complete recreate new library = (1) enable iCloud Music library change iTunes media folder location to external drive add movies, apps, videos etc. enable sharing […]

WP Add Mime Types functions.php add_filter(‘upload_mimes’,’add_custom_mime_types’); function add_custom_mime_types($mimes){ return array_merge($mimes,array ( ‘ac3’ => ‘audio/ac3’, ‘mpa’ => ‘audio/MPA’, ‘flv’ => ‘video/x-flv’, ‘svg’ => ‘image/svg+xml’ )); }

WordPress Installation SEP 2016 CentOS 7 epel-release httpd mysqld php 7 phpmyadmin addtl. modules php70w-mysql, php70w-gd PHP7: http://idroot.net/tutorials/how-to-install-php-7-on-centos-7/ WordPress: https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-centos-7 OS cat /etc/redhat-release CentOS release 6.6 (Final) vi /etc/sysconfig/network NETWORKING=yes HOSTNAME=wordpress.sites vi /etc/selinux/config disable service iptables save service iptables stop chkconfig iptables off vi /etc/sysctl.conf net.ipv6.conf.all.disable_ipv6 = 1 yum install mc wget unzip xclock xauth […]

create configuration file man 5 vpnd | col -b > /Users/bhr/com.apple.RemoteAccessServers.plist copy configuration file sudo cp /Users/bhr/com.apple.RemoteAccessServers.plist /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist sudo chmod 644 /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist sudo chown root:wheel /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist edit configuration file sudo vi /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist <key>com.apple.ppp.l2tp</key> <dict> <key>DNS</key> <dict> <key>OfferedSearchDomains</key> <array> <string></string> </array> <key>OfferedServerAddresses</key> <array> <string>xxx.xxx.xxx.xxx</string> <string>xxx.xxx.xxx.xxx</string> </array> </dict> <key>IPSec</key> <dict> <key>AuthenticationMethod</key> <string>SharedSecret</string> <key>IdentifierVerification</key> <string>None</string> <key>LocalCertificate</key> <data> </data> <key>LocalIdentifier</key> […]

diskutil list /dev/disk0    #:                       TYPE NAME                    SIZE       IDENTIFIER    0:      GUID_partition_scheme                        *251.0 GB   disk0    1:                        EFI EFI                     209.7 MB   disk0s1    2:                  Apple_HFS imac HD                 250.1 GB   disk0s2    3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3 /dev/disk2    #:                       TYPE NAME                    SIZE       IDENTIFIER    0:      GUID_partition_scheme                        *15.9 GB    disk2    1:                        EFI EFI                     […]

Undo Command u undo the last command. Screen Commands CTL/l Reprints current screen. CTL/L Exposes one more line at top of screen. CTL/E Exposes one more line at bottom of screen. CTL/F Pages forward one screen. CTL/B Pages back one screen. CTL/D Pages down half screen. CTL/U Pages up half screen. Cursor Positioning Commands j […]

*SEARCH find / -name *searchText* find . | xargs grep ‘zip’ *XSERVER in cygwin (startxwin.bat): xhost (SERVER IP ADDR) of XServer (AIX, Linux ..) *PS ps -ef | grep a* *X11 in Telnet session (PUTTY) of XServer: export DISPLAY=(CLIENT IP ADDR):0.0 in SSH session MAC OS X: xQuartz starten ssh -X root@xxx.xxx.xxx.xxx //xclock sollte ohne […]

Synology Forum SSH can either be enabled using the latest firmware and a patch, or using the recent beta firmware which allows you enable and disable SSH from the web-based management interface. However, I was a little concerned about the default settings of SSHD, especially if one were to SSH over the internet and not […]

I couldn’t find a suitable version of firefly to run on my Synology cs407 (a version I found (1) was missing e.g.  FLAC support).  So I decided to create my own following below’s short instructions.  

obsolete with Firmware version: DSM 2.0-722 This is a guide on how to enable the NFS capabilities of the Synology product. This procedure is aimed for users who are experienced with Telnet and the Linux Operating System. Please note that improper manipulation or modification of the Synology server may result in machine malfunction or loss […]

Setup of your CS407 ssh login to your CS407 ipkg -force-depends install openldap (provided you have configured optware for your CS407) — link — cd /opt/etc/openldap/ and edit slapd.conf and add the following lines (take a look at the README to define which schema files are appropriate for your environment) – below listed schema files […]

How to switch from unfriendly URLs to friendly ones, e.g.: http://bernhard.hensler.net/?p=1001 becomes http://bernhard.hensler.net/post-with-friendly-url

Setup of your CS407   ssh login to your CS407     ipkg -force-depends install bind (provided you have configured optware for your CS407) — link —     I pretty much followed the instructions for setting up and configuring a primary DNS server, so nothing to add from my side     reverse DNS […]

./was_profile/bin/wsadmin.sh -conntype SOAP -host wcl.private.lan -port 10033 -user wasadmin -password passw0rd WASX7209I: Connected to process “WebSphere_Portal” on node wcl using SOAP connector; the type of process is: unManagedProcess; WASX7029I: For help, enter: “$Help help” wsadmin> set jvm [$AdminControl completeObjectName type=JVM,process=WebSphere_Portal,*] WebSphere:name=JVM,process=WebSphere_Portal,platform=dynamicproxy,node=wcl,j2eeType=JVM,J2EEServer=WebSphere_Portal,version=6.0.2.17,type=JVM,mbeanIdentifier=JVM,cell=wcl wsadmin>$AdminControl invoke $jvm generateHeapDump   wsadmin>$AdminControl invoke $jvm dumpThreads IBM’s support assistant (ISA) is […]

apache check Apache server version by creating a simple e.g. serverinfo.php file with following statement: <?php phpinfo(); ?> and open in your browser: http://your host/serverinfo.php. Find the version info in the Apache Version section: Apache Version – Apache/2.0.53 (Linux/SUSE) or run from the command line: /usr/sbin # apache2ctl -v Server version: Apache/2.0.53 Server built: Aug […]

gnuplot 2d edit /etc/apache2/mod_log_config.conf and add a new logformat (plots) – (“mod_log_config.conf” is referenced by “httpd.conf”) LogFormat “%h %l %u %t “%r” %>s b  “{Referer}i” “%{User-Agent}i”” combined LogFormat “%h %{%d.%m.%Y:%H:%M:%S}t %D %U” plots The characteristics of the “%” directives are: …h Remote host…{format}t time & date …D time taken to serve the request, in microseconds.…U […]

Ein weiterer Artikel, der das Dilemma Java auf den Punkt bringt: http://www.nzz.ch/nachrichten/digital/tschuess_java_1.7260496.html Stefan Betschon ⋅ Java ist der Name einer indonesischen Insel und einer unter kalifornischen Programmierern beliebten Kaffeesorte. Java ist eine Programmiersprache und eine Software, die so tut, als sei sie eine Hardware, dafür gemacht, mit Java geschriebene Programme abzuarbeiten. Java ist eine der derzeit populärsten […]

Due to a needed performance increase I bought a DS710+ and compared performance between the 2 (CS407 vs DS710+). Harddisk and RAID configuration: CS407: RAID 5 with 3 Western Digital WD5000AAKS 500GB DS710: Synology Hybrid RAID (SHR) with 2 Western Digital WD2002FYPS 2TB For both Synology NAS DSM version 3 .0-1354 was in use – […]

Startup behavior of an application: When you need to disable the auto-start option of an application go to “Enterprise Applications > Name of Application > Target specific application status”, select Application Server and click “Disable Auto Start”. To adjust the startup order go to “Enterprise Applications > Name of Application > Startup behavior” and adjust […]

When installing Microsoft Hyper-V within a VMware Workstation you cannot create virtual machines and the following error messages are shown in the event log. ‘Virtual Machine Bus’ driver required by the Virtual Machine Management service is not installed or is disabled. Check your settings or try reinstalling the Hyper-V role. ‘Virtualization Infrastructure’ driver required by […]

SQL Server version Setting up Sharepoint 2013 requires SQL server 2008 R2 (SPI) – (standalone or farm installation): The ERRORLOG (C:Program FilesMicrosoft Office Servers15.0DataMSSQL10_50.SHAREPOINTMSSQLLog) provides the version information: Microsoft SQL Server 2008 R2 (SP1) – 10.50.2500.0 (X64)

Create your own SSL CA and certificate for your Synology VPN server to be able to make use of the openvpn client for iPhone.

Active Directory Create SPN setspn -A HTTP/wasserver.private.lan ad-svc-spn Check SPN setspn –L ad-svc-spn Generate keytab Ktpass –princ HTTP/wasserver.private.lan@ad-domain -out c: keytab.file –mapuser ad-svc-spn –mapOp set –pass Password

Working with IBM products for years I thought let’s give Microsoft products a glimpse. The idea is to build a publicly facing, collaboration solution with content managed in an authoring system, workflows for publishing and users being able to self register.

No Wake-on-LAN from a powered-off Mac : ( Found in the iMac 27″ Environmental Report (a bit of an irony, not ?)

PREPARATION ADDC : USERS PRIVATEFIMService PRIVATEFIMMA PRIVATEFIMSPContent ADDC : SSL Three Web Server SSL certificates are needed: CN=fimservice.private.lan CN=fimportal.private.lan CN=fimspca.private.lan

it’s as simple as that: Start a powershell on your AD and run the following: $photo = [byte[]](Get-Content C:picturesoddvar.jpg -Encoding byte) Set-ADUser oddvar -Replace @{thumbnailPhoto=$photo} For more details: http://msitpros.com/?p=1036

INSTALL ./db2prereqcheck -v 10.1.0.0 yum -y install libstdc++ yum -y install libstdc++.i686 yum -y install dapl yum -y install sg3_utils yum -y install sg_persist yum -y install gnome-session yum -y install xterm yum -y install xhost yum -y install tigervnc-server yum -y install ksh yum -y install pam-devel.i686 yum install libstdc++.so.5 yum install gtk2.i686 yum […]

While using Google for private mail and calendaring, it is IBM Notes (9.0.1 FP3) for business. Calendar synchrnisation has always been a nightmare, so after some time spent on the different “solutions” out there I decided for : http://sourceforge.net/projects/lngooglecalsync/ with these main Features : Upload of Lotus Notes calendar entries to Google Calendar Schedule automatic […]

“sudo killall -HUP mDNSResponder” “dscacheutil -flushcache”

Create new certificate   sign eclipse binary sudo codesign -f -s ‘IBM Notes 9’ /Applications/IBM\ Notes.app/Contents/MacOS/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/macosx/x86/eclipse   verify eclipse binary sudo codesign -vvv /Applications/IBM\ Notes.app/Contents/MacOS/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/macosx/x86/eclipse /Applications/IBM Notes.app/Contents/MacOS/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/macosx/x86/eclipse: valid on disk /Applications/IBM Notes.app/Contents/MacOS/rcp/eclipse/plugins/com.ibm.rcp.base_9.0.1.20131002-1404/macosx/x86/eclipse: satisfies its Designated Requirement   http://www-01.ibm.com/support/docview.wss?uid=swg21686629

Linux & Mac sshd sudo vi /etc/sshd_config #Subsystem sftp /usr/libexec/sftp-server Subsystem sftp internal-sftp Match User sftpuser X11Forwarding no AllowTcpForwarding no #ForceCommand internal-sftp -l VERBOSE ForceCommand internal-sftp ChrootDirectory /chroot/sftpusr Linux yum install fuse Download the latest bindfs source tar-ball Compile & install: ./configure && make && sudo make install. vi /etc/fstab mmac.hensler.net:/Volumes/DATACUBE /mnt/ nfs defaults 0 […]

yum whatprovides */ldapsearch sudo yum install openldap-clients ldapsearch -D “cn=admin,DC=timetoact,DC=de” -w Passw0rd  -p 389 -h tta-wp85vm.timetoact.de -b “DC=timetoact,DC=de” -s sub “(objectclass=*)” ldapsearch -D “cn=admin,DC=timetoact,DC=de” -w Passw0rd  -p 389 -h tta-wp85vm.timetoact.de -b “ou=users,dc=timetoact,dc=de” -s sub “(cn=wp85admin)” ldapsearch -D “cn=admin,DC=timetoact,DC=de” -w Passw0rd  -p 389 -h tta-wp85vm.timetoact.de -b “DC=timetoact,DC=de” -s sub “(cn=wp85admins)”

yum -y install php php-mbstring php-pear yum -y install epel-release yum –enablerepo=epel -y install phpldapadmin   vi /etc/phpldapadmin/config.php $servers->setValue(‘login’,’attr’,’dn’); //$servers->setValue(‘login’,’attr’,’uid’); vi /etc/php.ini date.timezone = Europe/Zurich vi /var/www/html/index.php <html> <body> <div style=”width: 100%; font-size: 40px; font-weight: bold; text-align: center;”> <?php print Date(“Y/m/d”); ?> </div> </body> </html>   vi /etc/httpd/conf/httpd.conf Listen 8080 vi /etc/httpd/conf.d/phpldapadmin.conf # #  Web-based […]

Select the folder or command + A to select all folders command + right arrow to expand all folders command + left arrow to collapse all folders  

php.ini ; Maximum allowed size for uploaded files. ; http://php.net/upload-max-filesize upload_max_filesize = 64M ; Maximum size of POST data that PHP will accept. ; Its value may be 0 to disable the limit. It is ignored if POST data reading ; is disabled through enable_post_data_reading. ; http://php.net/post-max-size post_max_size = 64M

download & install from http://xquartz.macosforge.org/landing/ uninstall launchctl unload /Library/LaunchAgents/org.macosforge.xquartz.startx.plist sudo launchctl unload /Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist sudo rm -rf /opt/X11* /Library/Launch*/org.macosforge.xquartz.* /Applications/Utilities/XQuartz.app /etc/*paths.d/*XQuartz sudo pkgutil –forget org.macosforge.xquartz.pkg # Log out and log in https://gist.github.com/TonyMtz/714e73ccb79e21c4fc9c Windows alternative : http://sourceforge.net/projects/xming/ http://de.wikipedia.org/wiki/Xming http://www.straightrunning.com/XmingNotes/  

IBM HTTP Server SSL process simplified – IBM HTTP Server using ikeyman install IBM HTTP Server & Plugins run ikeyman (IBM Key Manager) add CA root & intermediate certificates to signer certificates create certificate personal certificate signing request forward csr to CA add signed certificate to personal certificates configure HTTP Server httpd.conf IBM WebSphere Proxy […]

1. In Server create a new trusted certificate signing request   2. Run through the signing process; receive the signed certificates (web server, intermediate certificates) Domain validated SSL certificates : https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx https://manage.www.namecheap.com/myaccount/ssl-list.asp (Apache 2)   3. Drag signed web server certificate   4. In keychain access validate certificate   5. Change the certificate for servermgrd […]

server yum install net-tools yum install wget cd /tmp wget http://swupdate.openvpn.org/as/openvpn-as-2.0.10-CentOS7.x86_64.rpm rpm -Uvh openvpn-as-2.0.10-CentOS7.x86_64.rpm enter “passwd openvpn” to set the initial administrative password, then login as “openvpn” to continue configuration here: https://10.0.1.113:943/admin client yum install epel-release yum install openvpn -y download client.ovpn from TTA site   create password.txt file with username / password add auth-user-pass […]

X11 yum install xclockyum install xorg-x11-font*yum install xauth Wireshark yum install wiresharkyum install wireshark-gnome uninstallsudo rm -Rf /Applications/Wireshark.app/sudo rm -Rf /Library/Wiresharksudo rm -Rf /Library/StartupItems/ChmodBPFsudo dscl . -delete /Groups/access_bpf

#set WASHOME export WASHOME=/opt/IBM/WebSphere/AppServer #set profileNames dmgrProfile=Dmgr01 appSrvProfile=AppSrv01 alias dmgrBin=’cd $WASHOME/profiles/$dmgrProfile/bin’ alias nodeBin=’cd $WASHOME/profiles/$appSrvProfile/bin’ alias wsadmin=’cd $WASHOME/profiles/$dmgrProfile/bin/; ./wsadmin.sh -lang jython -user wasadmin -password Passw0rd -port 8879′ alias startDmgr=’$WASHOME/bin/startManager.sh’ alias startNode=’$WASHOME/profiles/$appSrvProfile/bin/startNode.sh’ alias startCNX=’$WASHOME/profiles/$appSrvProfile/bin/startServer.sh IC5_server1′ alias startAPPL=’$WASHOME/profiles/$appSrvProfile/bin/startServer.sh APPL_server1′ alias stopNode=’$WASHOME/profiles/$appSrvProfile/bin/stopNode.sh’ alias stopDmgr=’$WASHOME/bin/stopManager.sh’ alias stopCNX=’$WASHOME/profiles/$appSrvProfile/bin/stopServer.sh IC5_server1′ alias stopAPPL=’$WASHOME/profiles/$appSrvProfile/bin/stopServer.sh APPL_server1′ alias logDmgr=’tail -f $WASHOME/profiles/$dmgrProfile/logs/dmgr/SystemOut.log’ alias logNode=’tail -f $WASHOME/profiles/$appSrvProfile/logs/nodeagent/SystemOut.log’ alias […]

sudo timedatectl list-timezones sudo timedatectl set-timezone Europe/Zurich sudo timedatectl

CentOS 7: firewalld systemctl disable firewalld systemctl stop firewalld systemctl status firewalld systemctl start firewalld sudo firewall-cmd –permanent –add-service=ssh sudo firewall-cmd –permanent –remove-service=ssh sudo firewall-cmd –permanent –add-port=4444/tcp sudo firewall-cmd –permanent –add-service=http sudo firewall-cmd –permanent –add-service=https SELINUX vi /etc/sysconfig/selinux  

sudo vi /etc/exports /Volumes/DATACUBE -alldirs -network 10.0.29.0 -mask 255.255.255.0 Once /etc/exports has been created, nfsd(8) will automatically start up and start serving the exports. sudo nfsd checkexports sudo nfsd status sudo nfsd restart nfsd service is enabled nfsd is running (pid 70334, 8 threads)   sudo vim /etc/fstab mmac.hensler.net:/Volumes/DATACUBE/ /mnt nfs defaults 0 0 mmac.hensler.net:/Volumes/DATACUBE/Media/Movies […]

yum install nfs-utils nfs-utils-lib showmount mmac.hensler.net vi /etc/fstab mmac.hensler.net:/Volumes/DATACUBE /mnt         nfs     defaults        0 0

INSTALL FTP yum install vsftpd chkconfig vsftpd on service vsftpd status useradd ftpuser passwd ftpuser CREATE FOLDER mkdir -p /disk3/ftpstuff chmod 767 disk3/ chmod 777 disk3/ftpstuff CREATE GROUP groupadd ftpusers CHANGE GROUP FOLDER chgrp ftpusers /disk3/ftpstuff chmod 3777 /disk3/ftpstuff ADD EXISTING USER usermod -a -G ftpusers ftpuser vi /etc/vsftpd/vsftpd.conf anonymous_enable=NO chroot_list_enable=YES chroot_list_file=/etc/vsftpd/chroot_list # If userlist_deny=NO, […]

Use crontab -e to edit scheduled tasks, e.g.: 0 2 * * * rsync -av –delete –log-file=”/mnt/backup/logs/ic-ic.rsync.log” /opt/ /mnt/backup/ic-ic/

PS1=”[\u@\h \W] \[$(tput setaf 2)\]MMAC \[$(tput sgr0)\]\\$ ” alias ll=’ls -alp’ alias l=’ls -alph’ alias mc=”. /usr/local/opt/midnight-commander/libexec/mc/mc-wrapper.sh”

in wp-config.php set : define(‘ALTERNATE_WP_CRON’, true); define(‘DISABLE_WP_CRON’, false); define(‘WP_CRON_LOCK_TIMEOUT’, 900); to allow updraftPlus to run automatically.

#!/bin/bash # # Run-level Startup script for the IBM DB2 instance # # chkconfig: 345 91 19 # description: Startup/Shutdown IBM DB2 instance DB2_HOME=”/opt/home/db2inst1/sqllib” DB2_OWNR=”db2inst1″ # if the executables do not exist — display error if [ ! -f $DB2_HOME/adm/db2start -o ! -d $DB2_HOME ]  then  echo “IBM DB2 startup: cannot start”  exit 1  fi […]

yum install net-tools for ifconfig hostname hostnamectl -h –help              Show this help –version           Show package version –transient         Only set transient hostname –static            Only set static hostname –pretty            Only set pretty hostname -P –privileged        Acquire privileges before execution –no-ask-password   Do not prompt for password -H –host=[USER@]HOST  Operate on remote host Commands: status                 Show current hostname settings […]

Create image 1. format SD Card 2. create sparsbundle 3. copy sparsebundle to SD VMware 4. create custom virtual machine 5. Remove Sound Card, USB Controller, Printer; set to 4 processor cores, 1536 MB Memory; reduce disk size to 16GB; set CD / DVD to start from CentOS iso; set network interface to no bridging […]

/* WP LOG HTTP REQUESTS */ function wp_log_http_requests( $response, $args, $url ) { // set your log file location here $logfile = plugin_dir_path( __FILE__ ) . ‘/http_requests.log’; // parse request and response body to a hash for human readable log output $log_response = $response; if ( isset( $args[‘body’] ) ) { parse_str( $args[‘body’], $args[‘body_parsed’] ); […]

functions.php /** FacetWP index attachments */ function my_facetwp_indexer_query_args( $args ) { $args[‘post_status’] = array( ‘publish’, ‘inherit’ ); return $args; } add_filter( ‘facetwp_indexer_query_args’, ‘my_facetwp_indexer_query_args’ ); /** FacetWP */ facet Template <?php return array( ‘post_type’ => ‘any’, ‘post_status’ => array(‘publish’, ‘inherit’), ‘posts_per_page’ => 25, ‘tax_query’ => array( array( ‘taxonomy’ => ‘category’, ‘field’ => ‘slug’, ‘terms’ => array(‘2016′,’2015′,’2014’, […]

/* SEARCHWP DEBUG */ add_filter( ‘searchwp_debug’, ‘__return_true’ ); /* SEARCHWP DEBUG */ => searchWP System Configuration: wp_remote_post() does not work : use alternate indexer /* SEARCHWP add alternate indexer */ add_filter( ‘searchwp_alternate_indexer’, ‘__return_true’ ); /* SEARCHWP add alternate indexer */ /* SEARCHWP XPDF EXTENSION */ function mySearchWPXpdfPath() { return ‘/Library/Server/Web/Data/Sites/xpdf/pdftotext’; } add_filter( ‘searchwp_xpdf_path’, ‘mySearchWPXpdfPath’ ); /* SEARCHWP XPDF […]

function remove_admin_menu_items() { $remove_menu_items = array(__(‘Media’)); global $menu; end ($menu); while (prev($menu)){ $item = explode(‘ ‘,$menu[key($menu)][0]); if(in_array($item[0] != NULL?$item[0]:”” , $remove_menu_items)){ unset($menu[key($menu)]);} } } add_action(‘admin_menu’, ‘remove_admin_menu_items’);

define(‘FS_METHOD’, ‘direct’); define(‘WP_MEMORY_LIMIT’, ‘128M’); define(‘WP_DEBUG’, TRUE);

create ssh keys ls -ld ~/.ssh mkdir -m 700 ~/.ssh cd ~/.ssh ssh-keygen -b 2048 -t rsa -f id_rsa -P “” // CentOS requires 2 “ chmod go-rwx ~/.ssh/id_rsa scp id_rsa.pub username@remotemachine:~ ssh username@remotemachine “cat /Users/username/id_rsa.pub >> ~/.ssh/authorized_keys” ssh username@remotemachine “rm /Users/username/id_rsa.pub” https://help.apple.com/advancedserveradmin/mac/4.0/#/apd002AE571-2E56-409A-A1F9-A71736EE9040 ssh-agent eval `ssh-agent -s` ssh-add /root/.ssh/bhr.id_rsa Enter passphrase for /root/.ssh/bhr.id_rsa: Identity added: […]

sudo vi /usr/local/etc/ddclient/ddclient.conf daemon=300 # check every 300 seconds syslog=yes # log update msgs to syslog mail=root # mail all msgs to root mail-failure=root # mail failed update msgs to root ssl=no # use ssl-support. Works with ssl library // ssl=yes default pid=/usr/local/var/run/ddclient/pid use=web server=dyndns.inwx.de protocol=dyndns2 login=bhensler password= bernhard.hensler.net,www.bme-ravensburg.de sudo /usr/local/sbin/ddclient -force sudo rm /usr/local/var/run/ddclient/ddclient.cache […]

http://brew.sh ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)” brew install mc brew install ddclient brew install mysql for yosemite : vi /usr/local/Library/brew.rb #!/System/Library/Frameworks/Ruby.framework/Versions/Current/usr/bin/ruby -W0

With DSM version 4.2-3202 certificate management has been added: Certificate Management Certificate management allows you to create a self-signed certificate or a certificate request, or import certificates to DSM for encrypted services, such as web (HTTPS), FTP, RADIUS server, and mail services. You can view info regarding your server certificate, including expiration date, issuer, and […]

Lync 2013 : Installation is pretty straight forward supported by very good installation instructions available in the net (see below). A quick comparison with IBM’s Sametime v8+ in regards to the feature set I don’t see any major differences (evangelists will disagree) – instant messaging with audio / video, web conferencing and enterprise voice complemented with […]