SHIFT-WIKI - Sjoerd Hooft's InFormation Technology
This WIKI is my personal documentation blog. Please enjoy it and feel free to reach out through blue sky if you have a question, remark, improvement or observation. See below for the latest additions, or use the search or tags to browse for content.
AIX LDAP authentication on eDirectory
Summary: ALthough AIX is by now on version 7.3 I find these old pages so fascinating I decided to keep them. On this page I'll show you how to configure AIX if you need authentication from eDirectory. This page is for AIX 5.3.
Date: Between 2010-2013
Refactor: 21 December 2024: Checked formatting.
This is a tutorial on how to setup AIX local authentication through LDAP on eDirectory. The version eDirectory that is being used is 8.8.4 which is installed on a NetWare 6.5 SP8 server. This server is for testing purposes and installed with NetWare 6.5 SP 8. The AIX version being used is 5.3 TL 6 FP 7 (5300-06-07-0818). This server is also for testing purposes but (because it's a POWER architecture based OS) can't run inside VMware and is running as a LPAR inside the production network. To be able to use the LDAP from the NetWare server I had to use port forwarding inside vmware and add a static route in AIX.
NOTE: During testing I had to change the NetWare test server for a NetWare production server. I found out you need to LUM enable users which is not so easy on a NetWare only environment. In my production environment the schema was already extended with the correct schema.
See AIX Info for more information about static routes on AIX. See VMware Cheatsheet for more information about port forwarding in VMware Server.
The steps taken are:
- Extend the eDirectory schema to support the AIX NIS ldap schema.
- Install the client software on AIX
- Configure the LDAP client software
- Enable users to authenticate through LDAP
If everything works successful we'll try these configurations to enhance our solution:
- Automatically create home directory and profile for new users
- Make sure users can su to root
- Make sure users can use sudo
Oracle Start And Stop
Summary: How to start and stop Oracle.
Date: Around 2013
Refactor: 8 March 2025: Checked links and formatting.
Script: Bash: AIX: Oracle RMAN Backup
Summary: How to handle Oracle backup and restore through rman.
Date: Around 2013
Refactor: 8 March 2025: Checked links and formatting.
#!/bin/bash # set -x ### Script Variables WHATAMI=`basename $0` BASEDIR=`dirname $0` ### Oracle Variables ORACLE_HOME=/opt/oracle/product/10.2 ORACLE_BASE=/opt/oracle ORACLE_SID=<sid> ### Offsitecopy Variables GZIP=/usr/bin/gzip TAR=/usr/local/bin/tar . "$BASEDIR/mail.txt" . "$BASEDIR/offsitecopy.func" HOSTNAME=`hostname` HOSTNAME_SHORT=`hostname -s` BCKROOT=/var/backup/oracle BCKPDIR=${BCKROOT}/rman_backupdir RMANDIR=${BCKROOT}/rman_workdir RMANLOGDIR=${BCKROOT}/rman_logs RMANLOGFILE=${RMANDIR}/rman_backup.log RMANCROSSLOGFILE=${RMANDIR}/rman_crosscheck.log BACKUPFILE="${BCKPDIR}/${HOSTNAME_SHORT}_${ORACLE_SID}-RMAN_`date +%Y%m%d%H%M`.tgz" LOGFILE="$BCKPDIR/logfile_`date +%Y%m%d%H%M`.log" TOUSER="syncuser" TOHOST="syncserver.company.local" TODIR="/srv/syncdata/Oracle/${HOSTNAME_SHORT}_${ORACLE_SID}" DOCOPY="0" RMANRESULT="0" ZIPRESULT="0" ### Export Required Variables export ORACLE_SID ORACLE_BASE ORACLE_HOME BCKROOT BCKPDIR RMANDIR BASEDIR removeFunction() { echo "Removing old backup files from ${RMANDIR}" rm ${RMANDIR}/* } mailFunction() { if [ "$1" == "RMAN" ]; then echo "RMAN backup was not created succesfully, consult ${RMANLOGDIR}/rman_backup.log on ${HOSTNAME}" | mail -s "Failed $1 Backup" $MAILTOFAIL fi if [ "$1" == "ZIP" ]; then echo "Tar or zip was not created succesfully, consult ${BACKUPFILE}.log on ${HOSTNAME}" | mail -s "Failed $1 Backup" $MAILTOFAIL fi if [ "$1" == "SUCCESS" ]; then echo "RMAN backup was succesful, but the RMAN was not copied to the syncserver" | mail -s "RMAN Backup Succeedded, but not copied!" $MAILTOFAIL fi removeFunction } failFunction() { echo echo "RMAN Result = $RMANRESULT" echo "ZIP Result = $ZIPRESULT" echo if [ ! "$RMANRESULT" == "0" ]; then echo "RMAN backup was not created succesfully..." echo "Please consult `tput bold``tput smul`${RMANLOGDIR}/rman_backup.log`tput sgr0`." mailFunction RMAN fi if [ ! "$ZIPRESULT" == "0" ]; then echo "Tar or zip was not created succesfully..." echo "Please consult `tput bold``tput smul`${BACKUPFILE}.log`tput sgr0`" mailFunction ZIP fi removeFunction exit 1 } copyFunction() { if [ "$ZIPRESULT" == "0" ]; then if [ "$DOCOPY" == "1" ]; then offsitecopy "${BACKUPFILE}" "$TOUSER" "$TOHOST" "$TODIR" "$LOGFILE" "$WHATAMI" "$HOSTNAME" "$MAILTOSUCCESS" "$MAILTOFAIL" removeFunction else echo echo "Copy to offsite location is not enabled." echo "Modify the script under Offsitecopy Variables to enable offsitecopy" echo mailFunction SUCCESS fi else failFunction; fi } zipRman() { if [ "$RMANRESULT" == "0" ]; then echo echo "Tar-zipping RMAN backup and logs..." $TAR -cf - ${RMANDIR} | $GZIP > ${BACKUPFILE} ZIPRESULT=$? copyFunction else failFunction fi } rmanBackup() { echo echo "Starting RMAN backup now for Oracle Database ${ORACLE_SID}..." echo "${ORACLE_HOME}/bin/rman target / "cmdfile=${BASEDIR}/oracle_rman_backup.cmd"" ${ORACLE_HOME}/bin/rman target / cmdfile=\"${BASEDIR}/oracle_rman_backup.cmd\" > ${RMANLOGFILE} RMANRESULT=$? sleep 5 mv $RMANLOGFILE $RMANLOGDIR zipRman } rmanCrosscheck() { echo echo "Starting RMAN crosscheck now for Oracle Database ${ORACLE_SID}..." echo "${ORACLE_HOME}/bin/rman target / "cmdfile=${BASEDIR}/oracle_rman_crosscheck.cmd"" ${ORACLE_HOME}/bin/rman target / cmdfile=\"${BASEDIR}/oracle_rman_crosscheck.cmd\" > ${RMANCROSSLOGFILE} sleep 5 mv $RMANCROSSLOGFILE $RMANLOGDIR } rmanCrosscheck rmanBackup echo echo "INFO - RMAN backup finished" echo
As you can see, there is an external reference to offsitecopy and mail.txt. Both are described in Bash: Function: Offsitecopy.
Oracle RMAN Restore
Summary: How to work an Oracle RMAN restore.
Date: Around 2013
Refactor: 8 March 2025: Checked links and formatting.
If you've created a RMAN backup and have created a pfile backup you'll also want a way to restore this.