Friday, September 26, 2014
Wednesday, September 24, 2014
Access Management Alternatives (Part II): OpenDJ for LDAP, EUS and TNSNames
Directory Service: OpenDJ
Installation has been described in a previous part. The question now is to make OpenDJ Oracle compatible, so that it can be used with EUS and TNS names resolution. In fact, I want to be able to install and use TNS Name resolution and Enterprise User Security (EUS) as done before.Clues
One clue was already mentioned, the appearance of
$ORACLE_HOME/config/EUS/oracleContext.ldif
in the installation logs.More revealing is the existence of a file called LoadOrclSchema.sh in the OUD install directory. It will actually load three files, that will extend the LDAP Schema with the necessary Oracle Object Identifiers (OIDs - not be mistaken for Oracle Internet Directory...).
In fact, it will load the files
oidbase.ldif
oidrdbms.ldif
oidnet.ldif
.
Contents of oidbase.ldif:
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.1 NAME 'orclVersion' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.2 NAME 'orclOracleHome' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.3 NAME 'orclSystemName' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.4 NAME 'orclServiceType' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.5 NAME 'orclSid' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.7.1.6 NAME 'orclProductVersion' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
#
# Generic Container Objectclasses(prefix = orcl)
#
dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113894.7.2.2 NAME 'orclContainer' SUP 'top' STRUCTURAL MUST ( cn ) )
dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113894.7.2.3 NAME 'orclContext' SUP 'top' STRUCTURAL MUST ( cn ) )
dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113894.7.2.6 NAME 'orclSchemaVersion' SUP 'top' STRUCTURAL MUST ( cn $ orclProductVersion ) )
## add generic net related attributes
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.3.1.12 NAME 'orclNetDescName' EQUALITY DistinguishedNameMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 2.16.840.1.113894.3.1.13 NAME 'orclNetDescString' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
#
#
# Generic Objectclasses (prefix = orcl)
#
dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113894.7.2.1001 NAME 'orclService' SUP 'top' STRUCTURAL MUST ( cn ) MAY ( orclServiceType $ orclOracleHome $ orclSystemName $ orclSid $ orclNetDescName $ orclNetDescString $ orclVersion $ Description ) )
#
# Create version entries in directory
#
dn: cn=OracleSchemaVersion
cn: OracleSchemaVersion
objectclass: top
objectclass: orclContainer
dn: cn=BASE,cn=OracleSchemaVersion
cn: BASE
objectclass: top
objectclass: orclSchemaVersion
orclProductVersion: 81600
You will need to get hold of the other files yourself; not sure whether I can publish these - this one contains no copyright notice.
Private Storage
Just a little project
I just happened to be upgrading my workstation, and was left with some spare parts. I had some memory modules, an old P5 motherboard, and several AT-style enclosures.Also, I noticed my trusty Synology Diskstation began needing some larger disks. Or maybe it was time to replace it all together? Keeping up indexing my music and photos seems to become quite a daunting task, judging by the CPU load.
Xpenology!
It was while considering alternatives for my Synology, that I stumbled across xpenology. And, as I had the above mentioned spares, I decided to give it a try.Log story short: I succeeded in creating an so-called "Synology XS3612xs" on a P5B, 4GB Ram, and an old 300GB Harddisk. Performance was awesome!
Unfortunalety, my P5B gave up on the battery; it kept forgetting it's BIOS settings. Replacing it did not help, so something else must have been broken. Besides, based on the blogs BYON, DIY-NAS and BBG Zuinige Server (Energy Efficient Server), I already kind of decided for a build which should be energy efficient. After all, the NAS is powered on almost 24/7.
My hardware selection
Motherboard: It should have many SATA connectors, silent, and have a Mini ATX format.Based on Build Your Own NAS, I choose the Asus E2KM1I-DeLuxe; a complete, fanless mobo with an AMD-E2-2000 CPU, and 6 SATA6 interfaces. It can hold up to 16GB of memory in 2 slots; I used 2 of the 4 sticks I had left, totaling 8GB.
The real Synology DS3612xs gets delivered with 2GB, with an optional 4GB extra, so 8GB should be plenty. That set me back €129 - and I reused some left-overs
Case: A Fractal Design Node 304, a stylish black case with room to spare. One large, slow rotating fan. No Power Supply. Style comes with a price tag: €68
Power Supply: I opted for a Pico picoPSU-80, also because another space was a brick style PSU like used for laptops. These are quite efficient (at least the have better efficiency than an average ATX-style case with built-in PSU). Power set me back another €38
DisksI opted for 2 WB Red 3TB drives, to start with. The 304 allows 6 drives to be mounted, and that would -with current storage technology- give me a total gross storage of 30TB. Five drives (no more SATA interfaces) of 6TB each.
Using the Hybrid RAID technology, that would add up to 24TB net storage!
The drives set me back another €210.
Install
After installing the lot, the system would not boot up. I found out I needed a Pico P4 converter cable, which was clearly stated in the mobo manual - you need to power the 4 pin molex connector, or else the system will not start. Oh well, who reads manuals?After that, it was time to get DSM installed. Boring. Just follow the instructions (create a boot USB, dowmload and install Synology Assistant and DSM image off the Synology site), and create a volume.
Performance
Here are some results, I used CrystalDiskMark under Windows (V7, Professional, 64 bit), as it seems an accepted tool for disk benchmarks.Here is a test using a mapped drive (Z:)
I only have a 1Gbps connection between my workstation and the storage cabinet, with a 1Gbps router in the middle, so obviously I cannot transfer more than 1Gbps, or 100MB/sec, which seems pretty much the case, here.
The network seems to be the bottleneck, not the NAS!
For comparison, same test run against a locally attached 300GB SATA2 disk running 1,5Gbps:
The network seems to be the bottleneck, not the NAS!
For comparison, same test run against a locally attached 300GB SATA2 disk running 1,5Gbps:
Conclusion
Starting off with scrap basically, you can build a performance NAS that will allow you to store your photos, videos and music, as well as act a iSCSI target for your Oracle experiments.I decided to take it one step further, and spend a whopping €238 (yes, the molex adapter cable came at another €3-something) for a machine that goes for €2200. Storage is up to you, in my configuration (Hybrid RAID, 2 disks of 3TB each, net capacity 2.7TB) it added another €210.
The mentioned price for the DS3612xs is without storage, too. Of course it has other features, like dual ports, links aggregation, etc.
Subscribe to:
Posts (Atom)
