How to enable SSL connection in the Active Directory Server?

Certificate Services

Certificate Services is included with Windows Server 2003 but not installed by default. The service is used to issue and manage certificates for a Public Key Infrastructure (PKI).

Certificate Services allows a computer running Windows Server 2003 to receive requests for certificates from users and computers, verify the identity of a requestor, issue and revoke certificates, and publish a Certificate Revocation List (CRL).

Install the IIS Service

In order to install the CA you will first need to install IIS on a Windows Server 2003 computer.

1. Click Start > Control Panel > Add or Remove Programs.

2. In Add or Remove Programs, click Add/Remove Windows Components.

3. Under Components, click on Application Server (but do NOT select it) and press on the Details button.

4. In the Application Server window click to select IIS and click Ok.

5. Click Next

Enabling LDAP SSL Connection through Certificates:-

1. Log on as a member of both the Enterprise Admins group and the root domain's Domain Admins group.(Administrator)

2. Go to Settings > Control Panel > Select Add/Remove Programs > Click Add/Remove Windows Components.

3. In the Windows Components Wizard, select the Certificate Services check box. A dialog box appears to inform you that the computer cannot be renamed and that the computer cannot be joined to or removed from a domain after Certificate Services is installed. Click Yes, and then click Next

4. Click Enterprise root CA and then click next

5. Give the common name (LDAPCertificate) for the CA, and then click next

6. In the Certificate Database Settings page, Click next

If you have IIS Server then the Pop up will be displayed to stop IIS Service. Click “Yes” Enable ASP Pages, by click “Yes”

7. When the installation process is completed click Finish.

8. Restart your machine (DC)

Download Microsoft Support Tools from the Microsoft site.

Download: http://www.microsoft.com/downloads/details.aspx?FamilyId=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D&displaylang=en

Install Microsoft tools and Go to Start > Run > cmd > ldp.exe > Open

Server: DC Machine Address Port: 636, SSL

2. How to establish a connection between LDAP clients to AD Server?

We can establish SSL connection between LDAP client and AD Server with the help of importing trusted root CA certificate into the client’s environment.

AD Server Side:

1. Start Microsoft Management Console (MMC).

2. Add the Certificates snap-in that manages certificates on the local computer

3. Expand Certificates (Local Computer), expand Trusted Root Certificate authorities

4. Select LDAPCertificate > Right Click > select All Tasks ( Export )

5. “Welcome to Certificate export Wizard” , click next

6. Select Cryptographic Message Syntax Standard PKCS #6 Certificates (.P7B format) , select include all certificates in the certification path if possible option , Click Next

7. Give the file name ( LDAP ) ,Click Next button

8. Click finish export wizard

Client:

1. Copy LDAP.p7b file from AD Server and paste it in the Client machine

2. Double click to open P7b certificate and select LDAPCertificate

3. do right click and select install option to install Third party certificate authority

4. Follow the instruction to complete the process.

Install Microsoft tools and Go to Start > Run > cmd > ldp.exe > Open

SSL Connection works …!

Turning off ping responses in RHEL5

There are so many processes to block ICMP ping in RHEL5. This process is about “How to block ICMP packets through Kernel Configuration?”

Persistent system configuration : sysctl -a (Lists all current kernel settings)
Settings a /proc value dynamically : sysctl –w (Kernel settings)
Reloading Kernel settings : sysctl –p

To block ICMP packets : /proc/sys/net/ipv4/icmp_echo_ignore_all
: Search for sysctl –a grep net।ipv4।icmp_echo_ignore_all

set the value
Sysctl –w net.ipv4.icmp_echo_ignore_all=1

Ping “IPAddress”
PING 192.168.x.x (192.168.x.x) 56(84) bytes of data.
No response...

Sysctl –w net.ipv4.icmp_echo_ignore_all=0

PING 192.168.x.x (192.168.x.x) 56(84) bytes of data.
64 bytes from 192.168.x.x: icmp_seq=1 ttl=64 time=0.889 ms

--- 192.168.x.x ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 0.079/0.261/0.889/0.315 ms

If you want to make this persistent across reboots..!

Edit /etc/sysctl.conf
Search for net.ipv4.icmp_echo_ignore_all
Change the value to 1 or 0 as per your requirement.
Update your system kernel settings : Sysctl –p
Shutdown –r now

Ping “IPAddress”
PING 192.168.x.x (192.168.x.x) 56(84) bytes of data.
No response ...

Creating a Private Repository In RHEL5 and installing Packages with yum

To create a private repositroy in RHEL5 the following package should be installed in your system.

Createrepo *.rpm file - To know the package is installed in your system or not ?
rpm –qa grep createrepo* (or) rpm-q createrepo
To install it : rpm –ivh createrepo*।rpm

rpm –qa grep yum* (or) rpm-q yum
To install it : rpm –ivh yum*.rpm (All Packages)


Run command createrepo –v /package/RPMS
(Put all your packages in /var/www/html/(Create Directory for RPM packages) and start your http server by executing the command service httpd start or chkconfig –level 12345 httpd on
Or
Put all your packages in var/ftp/pub/RPMS and start your ftp server with service vsftpd start or chkconfig –level 35 vsftpd on)

Ex:- createrepo –v /var/www/html/RPMS
Do http://localhost/RPMS/ (firefox)

You have created a repoistory.

Configuring yum package manager

Create a file in /etc/yum।repos.d for your repository.

Enter the following infromation
[RHEL RPM Repositroy ]
Name = private
Baseurl= URL of RPM packages (http://localhost/RPMS)
Enabled=1
Gpgcheck=0 or 1 (local system 0 ) or (GNU Public license if gpgcheck is 1)

Test it with ...yum list anypackage
You can install your packages by typing ....yum install *anypackage*

Troubleshooting concepts: Linux: Setting up a static IPAddress

System to configure static networking rather than Dynamic IPAddress
Before going to set static addressing , Please note down the following things in your network

1. IP Address of the machine
2. NETMASK and GATEWAY
3. Routing ( Default via 192.168.1.x dev eth0)
4. nameserver in the /etc/resolv.conf

1. search domain.com
2. nameserver 192.168.1.x

Bring down your network .....with ifdown eth0
Change the contents of /etc/sysconfig/network-scripts/ifcfg-eth0

Device=eth0
BOOTPROTO=None #( Don’t forget to change it from dhcp to none)
ONBOOT=yes

#Add IPAddress here :
IPADDR=192.168.1.x
#Add NETMASK
NETMASK=255.255.255.0
#Add GATEWAY
GATEWAY: 192.168.1.x

Make sure that your hostname is correct.
Open your /etc/sysconfig/network and check your hostname
HOSTNAME=Example

Verify that hostname can be resolved with out using DNS
127.0.0.1 localhost.localdomain localhost
192.168.1.2 example example.example.com

Bring up eth0 ...............ping machine...............it works ...!
Restart your machine with : shutdown -r now
ping machine.........it works...!

Zombie Process

Zombie process is an inactive computer process, according to wikipedia article, "…On Unix operating systems, a zombie process or defunct process is a process that has completed execution but still has an entry in the process table, allowing the process that started it to read its exit status. In the term's colorful metaphor, the child process has died but has not yet been reaped…"

So how do I find out zombie process?

Use top or ps command:
# top
OR
# ps aux awk '{ print $8 " " $2 }' grep -w Z

Output:

Z 4104

Z 5320

Z 2945

How do I kill zombie process?

You cannot kill zombies, as they are already dead. But if you have too many zombies then kill parent process or restart service.

You can kill zombie process using PID obtained from any one of the above command। For example kill zombie proces having PID 4104:

# kill -9 4104

Please note that kill -9 does not guarantee to kill a zombie process (see below for more info).

What are these zombie processes that show up in ps? I kill them but they don't go away!

Zombies are dead processes. You cannot kill the dead. All processes eventually die, and when they do they become zombies. They consume almost no resources, which is to be expected because they are dead! The reason for zombies is so the zombie's parent (process) can retrieve the zombie's exit status and resource usage statistics. The parent signals the operating system that it no longer needs the zombie by using one of the wait() system calls.

When a process dies, its child processes all become children of process number 1, which is the init process. Init is ``always'' waiting for children to die, so that they don't remain as zombies.

If you have zombie processes it means those zombies have not been waited for by their parent (look at PPID displayed by ps -l). You have three choices: Fix the parent process (make it wait); kill the parent; or live with it. Remember that living with it is not so hard because zombies take up little more than one extra line in the output of ps.

Automating the FTP Process in Linux

#!/bin/sh
# Automating the FTP Process

clear
echo "Executing FTP Transfer"
echo "Please Enter Hostname"
read Host
echo "Please Enter Username"
read USER
echo "Please Enter Password"
read PASSWD
echo "Please Enter the Path"
read Path
echo "Please Enter the name of the File"
read Name

ftp -n $Host << SCRIPT
quote USER $USER
quote PASS $PASSWD
bi
cd $Path
get $Name
bye
SCRIPT
exit 0

Unix Interview Questions

split in unix

split [ -b n | nk | nm] [-a suffixlength] [ file [name]]

time zone in unix

1. To modify the time zone check the following files.....

cd "/usr/share/lib/zoneinfo"

2. It contains contains a list of all the Time-Zone that are available.

3. If "Asia" dir is present goto step 4.

4. zic asia

5. ls Asia

6. You should see "Calcutta" when you use the above command.

7. If you find "Calcutta" goto step 5 else send email to gong_ops.

8. Edit /etc/default/init file so that it contains TZ=Asia/Calcutta

9. Reboot the workstation.

10. Use the "date" command to set the workstation time to local time.

11. date

12. date -u // this gives you the UT time.

13. You should see a difference of 11/2 hours.

Details of ram capacity with unix command

Prtconf

Finding a file in the entire file system

whereis, where

Shutdown command in unix

Shutdown

Reboot command in unix

Reboot

kill -9 used for?

kill -9 100 -165

sends the SIGKILL signal to the process whose process ID is 100 and
to all processes whose process group ID is 165.

Mount a cdrom on a different system and get access

mount -r -Fhsfs /dev/device/cdrom

Various filesystems

ext2 default file system for many Linux distributions

ext3 ext2 + journaling, which means that no fsck is required after a power failure

reiserfs, xfs newer file systems, similar to ext2, but improve on various aspects
(journaling, speed, size, efficiency)

iso9660 used by most cdroms

proc special virtual file system, none of the files actually exist, but they are
created by the kernel on the fly, eg cat /proc/filesystems contains a list of
supported file system types on the current system

devfs virtual file system for devices (see below)

msdos dos file system, with 8.3 file names only

vfat win95, 98, 2K, XP file system, supports long file names

ntfs read-only support for NTFS (as used by NT, 2K, XP)

os

what is Zombie process?

When a program forks and the child finishes before the parent,
the kernel still keeps some of its information about the child in case
the parent might need it - for example, the parent may need to check
the child's exit status. To be able to get this information,
the parent calls `wait()'; In the interval between the child terminating and
the parent calling `wait()', the child is said to be a `zombie' (If you do `ps',
the child will have a `Z' in its status field to indicate this.)

how do you prioritize a process?

with nice command

Run Levels in Linux

The Linux OS like Windows runs "services." There are times when you may want some or all installed services to run. This is where "runlevels" are used. Runlevels are used to specify different configurations of running services. The chart below shows a basic outline of the standard init levels.

Init Level	Comments
0	Runlevel 0 is reserved for the "shutdown" phase. Entering init 0 from the shell prompt will shutdown the system and usually power off the machine.
1	Runlevel 1 is usually for very basic commands. This is the equivalent to "safe mode" used by Windows. This level is usually only used to asses repairs or maintenance to the system. This is a single-user mode and does not allow other users to login to the machine.
2	Runlevel 2 is used to start most of the machines services. However, it does not start the network file sharing service (SMB, NFS). This will allows multiple users to login to the machine.
3	Runlevel 3 is commonly used by servers. This loads all services except the X windows system. This means the system will boot to the equivalent of DOS. No GUIs (KDE, Gnome) will start. This level allows multiple users to login to the machine.
4	Runlevel 4 is usually a "custom" level. By default it will start a few more services than level 3. This level is usually only used under special circumstances.
5	Runlevel 5 is everything! This will start any GUIs, extra services for printing, and 3rd party services. Full multi-users support also. This runlevel is generally used on by workstations.
6	Runlevel 6 is reserved for "reboot" only. Be carefully when running this command. Once you have entered init 6, there is no stopping it!

What is Running and When?

There will be a time when you want to know what services are running, and the different runlevels they are specified in. You can use a simple command to display a list of all runlevels and services used by them. The text below shows the output of the chkconfig --list command.

[root@roswell root]# chkconfig --list

microcode_ctl   0:off   1:off   2:on    3:on    4:on    5:on    6:off

gpm             0:off   1:off   2:on    3:on    4:on    5:on    6:off

kudzu           0:off   1:off   2:off   3:off   4:on    5:off   6:off

syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off

daytime:     off

echo-udp:    off

echo:        off

services:    off

time:        off

time-udp:    off

cups-lpd:    off

sgi_fam:     on

tftp:        off

ktalk:       off

swat:        on

Notice that each services is followed by columns for each of the 6 runlevels. Now of course there will also be a time when you need to make changes to a specific runlevel. Using the output from above, let's say we want to turn on lisa for runlevel 5. You can do this using the command shown below:

[root@roswell root]# chkconfig --level 5 lisa on

[root@roswell root]# 

If no errors are reported, you must have correctly entered the syntax of the this command. Notice that you must have 2 - signs before level. The opposite is also true. Let's now say that we don't want lisa to start everytime we boot the machine to init 5. You can turn that service off by entering the reciprocal of the previous command show below:

[root@roswell root]# chkconfig --level 5 lisa off

[root@roswell root]# 

More info is also available about runlevels from the manual pages. You can view the man pages by using the command:

[root@roswell root]# man init

[root@roswell root]# 

INIT(8)               Linux System Administrators Manual              INIT(8)

NAME

       init, telinit - process control initialization

SYNOPSIS

       /sbin/init [ -a ] [ -s ] [ -b ] [ -z xxx ] [ 0123456Ss ]

       /sbin/telinit [ -t sec ] [ 0123456sSQqabcUu ]

DESCRIPTION

  Init

       Init  is  the  parent  of all processes.  Its primary role is to create

       processes from a script stored in  the  file  /etc/inittab  (see  init-

       tab(5)).   This file usually has entries which cause init to spawn get-

       tys on each line that users can log in.  It  also  controls  autonomous

       processes required by any particular system.

RUNLEVELS

       A  runlevel is a software configuration of the system which allows only

       a selected group of processes to exist.  The processes spawned by  init

I truncated the rest of the manual entry above. Using runlevels is must for every Linux user. The init file configuration are stored in the /etc/inittab file. By editing this file, you can change the default runlevel upon boot up. The output below shows the inttab file:

[root@roswell root]# vi /etc/inittab

#

# inittab       This file describes how the INIT process should set up

#               the system in a certain run-level.

#

# Author:       Miquel van Smoorenburg, 

#               Modified for RHS Linux by Marc Ewing and Donnie Barnes

#

# Default runlevel. The runlevels used by RHS are:

#   0 - halt (Do NOT set initdefault to this)

#   1 - Single user mode

#

# inittab       This file describes how the INIT process should set up

#               the system in a certain run-level.

#

# Author:       Miquel van Smoorenburg, 

#               Modified for RHS Linux by Marc Ewing and Donnie Barnes

#

# Default runlevel. The runlevels used by RHS are:

#   0 - halt (Do NOT set initdefault to this)

#   1 - Single user mode

#   2 - Multiuser, without NFS (The same as 3, if you do not have networking)

#   3 - Full multiuser mode

#   4 - unused

#   5 - X11

#   6 - reboot (Do NOT set initdefault to this)

#

id:3:initdefault:

# System initialization.

si::sysinit:/etc/rc.d/rc.sysinit

l0:0:wait:/etc/rc.d/rc 0

l1:1:wait:/etc/rc.d/rc 1

l2:2:wait:/etc/rc.d/rc 2

l3:3:wait:/etc/rc.d/rc 3

l4:4:wait:/etc/rc.d/rc 4

l5:5:wait:/etc/rc.d/rc 5

l6:6:wait:/etc/rc.d/rc 6

# Trap CTRL-ALT-DELETE

ca::ctrlaltdel:/sbin/shutdown -t3 -r now

# When our UPS tells us power has failed, assume we have a few minutes

# of power left.  Schedule a shutdown for 2 minutes from now.

# This does, of course, assume you have powerd installed and your

# UPS connected and working correctly.

pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"

 # If power was restored before the shutdown kicked in, cancel it.

pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"

Notice the line above that I have highlighted in red:

id:3:initdefault:

This specifies the default runlevel for the system. This means that every time the system reboots; it will bring up init 3. You can easily change this to whatever runlevel you want. Just be sure not to change the numeric value to 0 or 6! The two most common values are 3 and 5.

Accessing Windows share from Linux command prompt

Three forms of invocation do not actually mount anything:

mount –h prints a help message;

mount –V prints a version string; and just

mount [-l] [-t type] lists all mounted file systems (of type type).

The option -l adds the (ext2, ext3 and XFS) labels in this listing. See below. Since Linux 2.4.0 it is possible to remount part of the file hierarchy somewhere else.

mount --bind olddir newdir After this call the same contents is accessible in two places.

This call attaches only (part of) a single filesystem, not possible submounts. The entire file hierarchy including submounts is attached a second place using

mount --rbind olddir newdir

Since Linux 2.5.1 it is possible to atomically move a subtree to another place. The call is

mount --move olddir newdir

How do I Access Windows share from Linux command prompt? I would like to be able to access shared folders on Windows machines from my Linux system.

There are two ways. Use command line tool called smbclient or you can mount windows shares the mount command. Another option is use GUI tools. Please refer previous articles about access windows share from Linux:

( a ) Mount Windows share using mount command

This is simple way to share data between windows and linux system. You would like to access MS-Windows share called //windowsserver/sharename by mounting to /mnt/win directory under Linux system. Type the following command (replace username, windows server name, share name and password with actual values):

For most types all the mount program has to do is issue a simple mount(2) system call, and no detailed knowledge of the filesystem type is required. For a few types however (like nfs, smbfs, ncpfs) ad hoc code is necessary. The nfs ad hoc code is built in, but smbfs and ncpfs have a separate mount program. In order to make it possible to treat all types in a uniform way, mount will execute the program /sbin/mount.TYPE (if that exists) when called with type TYPE. Since various versions of the smbmount program have different calling conventions, /sbin/mount.smb may have to be a shell script that sets up the desired call.

# mkdir -p /mnt/win

# mount -t smbfs -o username=winntuser,password=mypassword //windowsserver/sharename /mnt/win

# cd /mnt/win

# ls –l

For the share //windowsserver/sharename to be automatically mounted at every system start (after reboot), insert an option in the file /etc/fstab:

# vi /etc/fstab

Append following line (written in a single line)

//windowserver/share /mnt/win smbfs auto,gid=users,fmask=0664,dmask=0775,iocharset=iso8859-15, credentials=/etc/sambapasswords 0 0

Next create the password file /etc/sambapasswords:
# vi /etc/sambapasswords
Now add following content:
username = winntuser
password = mypassword

Save and close the file. Make sure only root can access your file:
# chown 0.0 /etc/sambapasswords
# chmod 600 /etc/sambapasswords

Installing and Configuring Apache Tomcat web server

Step 1: download Java from Sun Java’ site and install Java and set the JAVA_HOME and PATH Variables properly by opening a DOS window and typing "java -version" and "javac -help". You should see a real result both times, not an error message about an unknown command.

1. Select My Computer Icon on your Desktop, do right click and select the properties option.
2. Select Advanced Tab and select Environment Variables, In the System Variables > Click New Button and Enter your JAVA_HOME=Path of the installed java on your machine Ex: c:\jdk 1.5 and Save it.
3. Go to PATH in the System Variables, edit it and add PATH Variable PATH=*;C:\Jdk 1.5\bin;
4. Open the Dos Prompt and type java –version [Enter], you will see the following output

O/P: java version "1.5.0_01"

Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_01-b08)

Java HotSpot(TM) Client VM (build 1.5.0_01-b08, mixed mode, sharing)
&
Javac


O/P: Usage: javac

where possible options include:

-g Generate all debugging info

-g:none Generate no debugging info

-g:{lines,vars,source} Generate only some debugging info

-nowarn Generate no warnings

-verbose Output messages about what the compiler is doing

-deprecation Output source locations where deprecated APIs are used

-classpath Specify where to find user class files

-cp Specify where to find user class files

-sourcepath Specify where to find input source files

-bootclasspath Override location of bootstrap class files

-extdirs Override location of installed extensions

-endorseddirs Override location of endorsed standards path

-d Specify where to place generated class files

-encoding Specify character encoding used by source files

-source Provide source compatibility with specified release

-target Generate class files for specific VM version

-version Version information

-help Print a synopsis of standard options

-X Print a synopsis of nonstandard options

-J Pass directly to the runtime system

Step 2:


1. Go to http://jakarta.apache.org/builds and download and unpack the zip file for the latest version (4.1.24 or 5.0 as of last revision of this page).
2. Start the Startup.bat from the tomcat installed or unzipped directory.
   

Jan 9, 2007 2:59:10 AM org.apache.coyote.http11.Http11Protocol init

INFO: Initializing Coyote HTTP/1.1 on http-8080

Jan 9, 2007 2:59:10 AM org.apache.catalina.startup.Catalina load

INFO: Initialization processed in 2140 ms

Jan 9, 2007 2:59:10 AM org.apache.catalina.core.StandardService start

INFO: Starting service Catalina

Jan 9, 2007 2:59:10 AM org.apache.catalina.core.StandardEngine start

INFO: Starting Servlet Engine: Apache Tomcat/5.0.30

Jan 9, 2007 2:59:10 AM org.apache.catalina.core.StandardHost start

INFO: XML validation disabled

Jan 9, 2007 2:59:10 AM org.apache.catalina.core.StandardHost getDeployer

INFO: Create Host deployer for direct deployment ( non-jmx )

Jan 9, 2007 2:59:10 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Processing Context configuration file URL file:C:\Program Files\Apache Sof

tware Foundation\Tomcat 5.0\conf\Catalina\localhost\admin.xml

Jan 9, 2007 2:59:14 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Processing Context configuration file URL file:C:\Program Files\Apache Sof

tware Foundation\Tomcat 5.0\conf\Catalina\localhost\balancer.xml

Jan 9, 2007 2:59:15 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Processing Context configuration file URL file:C:\Program Files\Apache Sof

tware Foundation\Tomcat 5.0\conf\Catalina\localhost\manager.xml

Jan 9, 2007 2:59:16 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Installing web application at context path /jsp-examples from URL file:C:\

Program Files\Apache Software Foundation\Tomcat 5.0\webapps\jsp-examples

Jan 9, 2007 2:59:17 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Installing web application at context path from URL file:C:\Program Files

\Apache Software Foundation\Tomcat 5.0\webapps\ROOT

Jan 9, 2007 2:59:17 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Installing web application at context path /servlets-examples from URL fil

e:C:\Program Files\Apache Software Foundation\Tomcat 5.0\webapps\servlets-exampl

es

Jan 9, 2007 2:59:17 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Installing web application at context path /tomcat-docs from URL file:C:\P

rogram Files\Apache Software Foundation\Tomcat 5.0\webapps\tomcat-docs

Jan 9, 2007 2:59:17 AM org.apache.catalina.core.StandardHostDeployer install

INFO: Installing web application at context path /webdav from URL file:C:\Progra

m Files\Apache Software Foundation\Tomcat 5.0\webapps\webdav

Jan 9, 2007 2:59:17 AM org.apache.coyote.http11.Http11Protocol start

INFO: Starting Coyote HTTP/1.1 on http-8080

Jan 9, 2007 2:59:17 AM org.apache.jk.common.ChannelSocket init

INFO: JK2: ajp13 listening on /0.0.0.0:8009

Jan 9, 2007 2:59:17 AM org.apache.jk.server.JkMain start

INFO: Jk running ID=0 time=15/31 config=C:\Program Files\Apache Software Founda

tion\Tomcat 5.0\conf\jk2.properties

Jan 9, 2007 2:59:17 AM org.apache.catalina.startup.Catalina start

INFO: Server startup in 7672 ms

3. Change the DOS memory settings. If you get an "Out of Environment Space" error message when you start the server, right-click on install_dir/bin/startup.bat, select Properties, select Memory, and change the Initial Environment entry from Auto to at least 2816. Repeat the process for install_dir/bin/shutdown.bat.
4. Set the CATALINA_HOME variable. Optionally, set CATALINA_HOME to refer to the top-level Tomcat installation directory.
   

Set the CATALINA_HOME environment variable to refer to the top-level directory of the Apache Tomcat installation (e.g., C:\tomcat 5.0). This variable identifies the Tomcat installation directory to the server.

If you want to change the Port from 80 to 8080 just add the following steps

To change the port, edit install_dir/conf/server.xml and change the port attribute of the Connector element from 8080 to 80, yielding the result below. (Note that the exact class name of the Connector varies in different Tomcat versions. It was called HttpConnector in earlier versions of Tomcat 4.)

Connector

className="org.apache.coyote.tomcat4.CoyoteConnector"

port="80" ...

Enter the Following URL http://localhost:8080(port)/index.jsp in your web browser, Tomcat home page will be displayed.

What is the difference between an application server and a Web server?

Taking a big step back, a Web server serves pages for viewing in a Web browser, while an application server provides methods that client applications can call. A little more precisely, you can say that:

A Web server exclusively handles HTTP requests, whereas an application server serves business logic to application programs through any number of protocols.

Let's examine each in more detail.

The Web server
A Web server handles the HTTP protocol. When the Web server receives an HTTP request, it responds with an HTTP response, such as sending back an HTML page. To process a request, a Web server may respond with a static HTML page or image, send a redirect, or delegate the dynamic response generation to some other program such as CGI scripts, JSPs (JavaServer Pages), servlets, ASPs (Active Server Pages), server-side JavaScripts, or some other server-side technology. Whatever their purpose, such server-side programs generate a response, most often in HTML, for viewing in a Web browser.

Understand that a Web server's delegation model is fairly simple. When a request comes into the Web server, the Web server simply passes the request to the program best able to handle it. The Web server doesn't provide any functionality beyond simply providing an environment in which the server-side program can execute and pass back the generated responses. The server-side program usually provides for itself such functions as transaction processing, database connectivity, and messaging.

While a Web server may not itself support transactions or database connection pooling, it may employ various strategies for fault tolerance and scalability such as load balancing, caching, and clustering—features oftentimes erroneously assigned as features reserved only for application servers.

The application server
As for the application server, according to our definition, an application server exposes business logic to client applications through various protocols, possibly including HTTP. While a Web server mainly deals with sending HTML for display in a Web browser, an application server provides access to business logic for use by client application programs. The application program can use this logic just as it would call a method on an object (or a function in the procedural world).

Such application server clients can include GUIs (graphical user interface) running on a PC, a Web server, or even other application servers. The information traveling back and forth between an application server and its client is not restricted to simple display markup. Instead, the information is program logic. Since the logic takes the form of data and method calls and not static HTML, the client can employ the exposed business logic however it wants.

In most cases, the server exposes this business logic through a component API, such as the EJB (Enterprise JavaBean) component model found on J2EE (Java 2 Platform, Enterprise Edition) application servers. Moreover, the application server manages its own resources. Such gate-keeping duties include security, transaction processing, resource pooling, and messaging. Like a Web server, an application server may also employ various scalability and fault-tolerance techniques.

An example
As an example, consider an online store that provides real-time pricing and availability information. Most likely, the site will provide a form with which you can choose a product. When you submit your query, the site performs a lookup and returns the results embedded within an HTML page. The site may implement this functionality in numerous ways. I'll show you one scenario that doesn't use an application server and another that does. Seeing how these scenarios differ will help you to see the application server's function.

Scenario 1: Web server without an application server
In the first scenario, a Web server alone provides the online store's functionality. The Web server takes your request, then passes it to a server-side program able to handle the request. The server-side program looks up the pricing information from a database or a flat file. Once retrieved, the server-side program uses the information to formulate the HTML response, then the Web server sends it back to your Web browser.

To summarize, a Web server simply processes HTTP requests by responding with HTML pages.

Scenario 2: Web server with an application server
Scenario 2 resembles Scenario 1 in that the Web server still delegates the response generation to a script. However, you can now put the business logic for the pricing lookup onto an application server. With that change, instead of the script knowing how to look up the data and formulate a response, the script can simply call the application server's lookup service. The script can then use the service's result when the script generates its HTML response.

In this scenario, the application server serves the business logic for looking up a product's pricing information. That functionality doesn't say anything about display or how the client must use the information. Instead, the client and application server send data back and forth. When a client calls the application server's lookup service, the service simply looks up the information and returns it to the client.

By separating the pricing logic from the HTML response-generating code, the pricing logic becomes far more reusable between applications. A second client, such as a cash register, could also call the same service as a clerk checks out a customer. In contrast, in Scenario 1 the pricing lookup service is not reusable because the information is embedded within the HTML page.

To summarize, in Scenario 2's model, the Web server handles HTTP requests by replying with an HTML page while the application server serves application logic by processing pricing and availability requests.

Caveats
Recently, XML Web services have blurred the line between application servers and Web servers. By passing an XML payload to a Web server, the Web server can now process the data and respond much as application servers have in the past.

Additionally, most application servers also contain a Web server, meaning you can consider a Web server a subset of an application server. While application servers contain Web server functionality, developers rarely deploy application servers in that capacity. Instead, when needed, they often deploy standalone Web servers in tandem with application servers. Such a separation of functionality aids performance (simple Web requests won't impact application server performance), deployment configuration (dedicated Web servers, clustering, and so on), and allows for best-of-breed product selection.

Managing Files in Linux

File management tools include those for splitting, comparing, and compressing files, making backup archives, and tracking file revisions. Other management tools exist for determining the contents of a file, and for changing its timestamp.

Determining File Type and Format

When we speak of a file's type, we are referring to the kind of data it contains, which may include text, executable commands, or some other data; this data is organized in a particular way in the file, and this organization is called its format. For example, an image file might contain data in the JPEG image format, or a text file might contain unformatted text in the English language or text formatted in the TeX markup language.

The file tool analyzes files and indicates their type and -- if known -- the format of the data they contain. Supply the name of a file as an argument to file and it outputs the name of the file, followed by a description of its format and type.

$ file /usr/doc/HOWTO/example.gz [Enter]

/usr/doc/HOWTO/example.gz: gzip compressed data, deflated, original

Filename last modified: Sun Apr 26 02:51:48 1998, os: UNIX

Changing File Modification Time

Use touch to change a file's timestamp without modifying its contents. Give the name of the file to be changed as an argument. The default action is to change the timestamp to the current time.

To change the timestamp of file `example' to the current date and time, type:

$ touch example [ENTER]

To specify a timestamp other than the current system time, use the `-d' option, followed by the date and time that should be used enclosed in quote characters. You can specify just the date, just the time, or both.

To change the timestamp of file `example' to `17 May 1999 14:16', type:

$ touch -d '17 May 1999 14:16' example [ENTER]

To change the timestamp of file `example' to `14 May', type:

$ touch -d '14 May' example [ENTER]

To change the timestamp of file `example' to `14:16', type:

$ touch -d '14:16' example [ENTER]

Splitting a File into Smaller Ones

It's sometimes necessary to split one file into a number of smaller ones. For example, suppose you have a very large sound file in the near-CD-quality MPEG2, level 3 ("MP3") format. Your file, `example.mp3', is 4,394,422 bytes in size, and you want to transfer it from your desktop to your laptop, but your laptop and desktop are not connected on a network -- the only way to transfer files between them is by floppy disk. Because this file is much too example to fit on one floppy, you use split.

The split tool copies a file, chopping up the copy into separate files of a specified size. It takes as optional arguments the name of the input file (using standard input if none is given) and the file name prefix to use when writing the output files (using `x' if none is given). The output files' names will consist of the file prefix followed by a group of letters: `aa', `ab', `ac', and so on -- the default output file names would be `xaa', `xab', and so on.

Specify the number of lines to put in each output file with the `-l' option, or use the `-b' option to specify the number of bytes to put in each output file. To specify the output files' sizes in kilobytes or megabytes, use the `-b' option and append `k' or `m', respectively, to the value you supply. If neither `-l' nor `-b' is used, split defaults to using 1,000 lines per output file.

To split `example.mp3' into separate files of one megabyte each, whose names begin with `example.mp3.',

$ split -b1m example.mp3 example.mp3 [Enter]

This command creates five new files whose names begin with `example.mp3.'. The first four files are one megabyte in size, while the last file is 200,118 bytes -- the remaining portion of the original file. No alteration is made to `example.mp3'.

You could then copy these five files onto four floppies (the last file fits on a floppy with one of the larger files), copy them all to your laptop, and then reconstruct the original file with cat (see Concatenating Text).

To reconstruct the original file from the split files, type:

$ cat example.mp3.* > example.mp3 [Enter]

In this example, the rm tool is used to delete all of the split files after the original file has been reconstructed.

$ rm example.mp3.* [Enter]

Comparing Files

There are a number of tools for comparing the contents of files in different ways; these recipes show how to use some of them. These tools are especially useful for comparing passages of text in files, but that's not the only way you can use them.

1. Cmp: Comparing two files to see if they differ.
2. Diff: Showing the differences between files.
3. Patch: Applying a difference report to a file.

Determining Whether Two Files Differ

Use cmp to determine whether or not two text files differ. It takes the names of two files as arguments, and if the files contain the same data, cmp outputs nothing. If, however, the files differ, cmp outputs the byte position and line number in the files where the first difference occurs.

To determine whether the files `test’ and `example' differ, type:

$ cmp test example [ENTER]

Finding the Differences between Files

Use diff to compare two files and output a difference report (sometimes called a "diff") containing the text that differs between two files. The difference report is formatted so that other tools (namely, patch---see Patching a File with a Difference Report) can use it to make a file identical to the one it was compared with.

To compare two files and output a difference report, give their names as arguments to diff.

To compare the files `exscript.old' and `exscript.new', type:

$ diff exscript.old exscript.new [ENTER]

The difference report is output to standard output; to save it to a file, redirect the output to the file to save to:

$ diff exscript.old exscript.new > exscript.diff [ENTER]

In the preceding example, the difference report is saved to a file called `exscript.diff'.

The difference report is meant to be used with commands such as patch, in order to apply the differences to a file. See Info file `diff.info', node `Top', for more information on diff and the format of its output.

To better see the difference between two files, use sdiff instead of diff; instead of giving a difference report, it outputs the files in two columns, side by side, separated by spaces. Lines that differ in the files are separated by `|'; lines that appear only in the first file end with a `<', and lines that appear only in the second file are preceded with a `>'.

To peruse the files `test' and `example1' side by side on the screen, with any differences indicated between columns, type:

$ sdiff test example1 | dev [ENTER]

Patching a File with a Difference Report

To apply the differences in a difference report to the original file compared in the report, use patch. It takes as arguments the name of the file to be patched and the name of the difference report file (or "patchfile"). It then applies the changes specified in the patchfile to the original file. This is especially useful for distributing different versions of a file -- small patchfiles may be sent across networks easier than large source files.

To update the original file `exscript.new' with the patchfile `exscript.diff', type:

$ patch exscript.new exscript.diff [ENTER]

Compressed Files

File compression is useful for storing or transferring large files. When you compress a file, you shrink it and save disk space. File compression uses an algorithm to change the data in the file; to use the data in a compressed file, you must first uncompress it to restore the original data (and original file size).

The following recipes explain how to compress and uncompress files.

Compressing Files: Making files smaller.
Expanding Files: Making files bigger.

Compressing a File

Use the gzip ("GNU zip") tool to compress files. It takes as an argument the name of the file or files to be compressed; it writes a compressed version of the specified files, appends a `.gz' extension to their file names, and then deletes the original files.

To compress the file `test', type:

$ gzip test[ENTER]

This command compresses the file `test, putting it in a new file named `test.gz'; gzip then deletes the original file, `test.

Decompressing a File

To access the contents of a compressed file, use gunzip to decompress (or "uncompress") it.

Like gzip, gunzip takes as an argument the name of the file or files to work on. It expands the specified files, writing the output to new files without the `.gz' extensions, and then deletes the compressed files.

To expand the file `test.gz', type:

$ gunzip test.gz [ENTER]

This command expands the file `test.gz' and puts it in a new file called `test; gunzip then deletes the compressed file, `test.gz'.

File Archives

An archive is a single file that contains a collection of other files, and often directories. Archives are usually used to transfer or make a backup copy of a collection of files and directories -- this way, you can work with only one file instead of many. This single file can be easily compressed as explained in the previous section, and the files in the archive retain the structure and permissions of the original files.

Use the tar tool to create, list, and extract files from archives. Archives made with tar are sometimes called "tar files," "tar archives," or -- because all the archived files are rolled into one---"tarballs."

Two common options used with all three of these operations are `-f' and `-v': to specify the name of the archive file, use `-f' followed by the file name; use the `-v' ("verbose") option to have tar output the names of files as they are processed. While the `-v' option is not necessary, it lets you observe the progress of your tar operation.

NOTE: The name of this tool comes from "tape archive," because it was originally made to write the archives directly to a magnetic tape device. It is still used for this purpose, but today, archives are almost always saved to a file on disk.

Creating Archives: Creating an archive of files.
Listing Archives: Listing the contents of an archive.
Extracting Archives: Extracting the files from an archive.

Creating a File Archive

To create an archive with tar, use the `-c' ("create") option, and specify the name of the archive file to create with the `-f' option. It's common practice to use a name with a `.tar' extension, such as `example.tar'.

Give as arguments the names of the files to be archived; to create an archive of a directory and all of the files and subdirectories it contains, give the directory's name as an argument.

To create an archive called `example.tar' from the contents of the `example’ directory, type:

$ tar -cvf example.tar example [Enter]

This command creates an archive file called `example.tar' containing the `example' directory and all of its contents. The original `example' directory remains unchanged.

Use the `-z' option to compress the archive as it is being written. This yields the same output as creating an uncompressed archive and then using gzip to compress it, but it eliminates the extra step.

To create a compressed archive called `example.tar.gz' from the contents of the `example' directory, type:

$ tar -zcvf example.tar.gz example [Enter]

This command creates a compressed archive file, `example.tar.gz', containing the `example' directory and all of its contents. The original `example' directory remains unchanged.

NOTE: When you use the `-z' option, you should specify the archive name with a `.tar.gz' extension and not a `.tar' extension, so the file name shows that the archive is compressed. This is not a requirement, but it serves as a reminder and is the standard practice.

Listing the Contents of an Archive

To list the contents of a tar archive without extracting them, use tar with the `-t' option.
To list the contents of an archive called `example.tar', type:

$ tar -tvf example.tar [Enter]

This command lists the contents of the `example.tar' archive. Using the `-v' option along with the `-t' option causes tar to output the permissions and modification time of each file, along with its file name -- the same format used by the ls command with the `-l' option (see Listing File Attributes).

Include the `-z' option to list the contents of a compressed archive. To list the contents of a compressed archive called `example.tar.gz', type:

$ tar -ztvf example.tar [Enter]

Extracting Files from an Archive

To extract (or unpack) the contents of a tar archive, use tar with the `-x' ("extract") option. To extract the contents of an archive called `example.tar', type:

$ tar -xvf example.tar [Enter]

This command extracts the contents of the `example.tar' archive into the current directory. If an archive is compressed, which usually means it will have a `.tar.gz' or `.tgz' extension, include the `-z' option.

To extract the contents of a compressed archive called `example.tar.gz', type:

$ tar -zxvf example.tar.gz [Enter]

NOTE: If there are files or subdirectories in the current directory with the same name as any of those in the archive, those files will be overwritten when the archive is extracted. If you don't know what files are included in an archive, consider listing the contents of the archive first.

Another reason to list the contents of an archive before extracting them is to determine whether the files in the archive are contained in a directory. If not, and the current directory contains many unrelated files, you might confuse them with the files extracted from the archive.

To extract the files into a directory of their own, make a new directory, move the archive to that directory, and change to that directory, where you can then extract the files from the archive.

Reference: Linux Cookbook