I need to containerize a service that talks to a SAP system. The service is written using Spring Boot.
I have a document that performs steps manually on Linux Machine which will help to connect to the SAP system. The steps it follows are:
Download required files
Switch to the USer
Unpack those files
Create Sym Link
Prep the certs and key
Generating the PSE
Add the SAP Root and intermediate certificate to the PSE and many more.
I'm thinking to write a Dockerfile that included all the above steps. Don't know of any other alternatives for now.
Few Queries:
Is it a good idea to write a Dockerfile that has all the steps which we do any Linux machine manually which will also help me containerize the service which talks to the SAP system.
Is there any other alternatives or libraries available to achieve the same.
Does the docker file already exist which will help me to connect to the SAP system.
How can I configure SAP SNC in my application using Dockerfile.
Can someone help me?
Appreciate all your help! Thanks in advance!
If you have a Java-based Spring app you can utilize SAP Jco library which can be used to connect to SAP system externally. The configuration steps are described here:
https://help.mulesoft.com/s/article/Enabling-SNC-in-SAP-connector
It is given in Mulesoft help but the main points will be the same for any Java-based system.
The most important JCo parameters that need to be set up for SNC:
Parameter
Name
Description
jco.client.snc_mode
SNC mode
1: SNC is activated 0: SNC is not activated
jco.client.snc_lib
SNC library path
Specifies the path and file name of the external library. The default is the system-defined library as defined in the environment variable SNC_LIB. Example: C:SAP\J2EE_Engine\SAPCrypto\libs\apcrypto.dll
jco.client.snc_qop
SNC level
Specifies the level of protection to use for the connection. 1: Authentication only 2: Integrity protection 3: Privacy protection (default) 8: Use the value from snc/data protection/use on the SAP application server 9: Use the value from snc/data_protection/max on the SAP application server
jco.client.snc_myname
SNC name
Specifies the SNC name. This parameter should be set to ensure that the correct SNC name is used for the connection. Example: p:CN=SAPJ2EE, O=MyCompany, C=US
jco.client.snc_partnername
SNC partner
Specifies the SAP application server's SNC name. It can be found in the SAP profile parameter snc\identity\as. Example: p:CN=ABC, O=MyCompany, C=US
Related
I am trying to register my bluetooth SDP service in C++ linux as shown here: Example 4-9. Describing a service
Where or how can I check exactly that the service is registered? I've tried viewing all services while running bluetoothctl or sdptool browse commands but service with my UUID is not shown there.
I've also tried changing the service group (not sure how it is called) in sdp_uuid16_create(&rootUuid, PUBLIC_BROWSE_GROUP) call to, for example, sdp_uuid16_create(&rootUuid, SERIAL_PORT_SVCLASS_ID) and searching with sdptool search SP as it is shown here Bluetooth Profiles but it does not take any effect.
When I run discovering services program (first paragraph on the site) on my other PC, it finds the service pretty fine.
The document you linked to is refering to a version of BlueZ that most systems don't run anymore.
Many of the tools it refers to (such as hciattach, hciconfig, hcitool, hcidump, rfcomm, sdptool, ciptool, and gatttool) were deprecated by the BlueZ project in 2017.
There is also the following SO question talking about the changes that have happened to BlueZ: Bluetooth SDP - where is sdpd?
Libraries such as https://github.com/nettlep/gobbledegook are examples of using the new D-Bus API in C.
The BlueZ documentation for the APIs are available at:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/doc
I've managed to check all local SDP records by typing sdptool browse local. In this case I can see my record the lowest in list:
Service Name: Service Name
Service Description: Service Description
Service Provider: Service Provider
Service RecHandle: 0x10010
Service Class ID List:
UUID 128: aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
"Serial Port" (0x1101)
Protocol Descriptor List:
"L2CAP" (0x0100)
"RFCOMM" (0x0003)
Channel: 1
Profile Descriptor List:
"Serial Port" (0x1101)
Version: 0x0100
We have to install our CA certificates on end user iOS devices manually or pushed the certificates though MobileIron service for our users. After successful installation of CA Certificates only, our App Users can benefit our services.
As of now i don’t see any option to install CA Certificates on iOS device which is located in AWS Device Farm before running my appium tests.
is there any way to to add and active certificate?
We have to install our CA certificates on end user iOS devices manually
Can you use remote access for testing? You should be able to manually interact with devices. Though admittedly not sure of what is required to install a certificate. I would be worried about the relatively thin cleanup process Device Farm does.
https://docs.aws.amazon.com/devicefarm/latest/developerguide/post-test-and-cleanup.html
Note
It is possible for data to persist between sessions in some cases, especially if you make use of the device system outside the context of your app. For this reason, and because Device Farm captures video and logs of activity taking place during your use of each device, we recommend that you do not enter sensitive information (for example, Google account or Apple ID), personal information, and other security-sensitive details during your automated test and remote access sessions.
This article suggests that this would need to be done using the settings app. If automation is needed then the Appium tests can automate the settings app as discussed in this other article(not tested).
https://appiumpro.com/editions/66
I believe the latest appium xcuitest driver has released support for installing certificates on iOS devices provided you have certain command line tools installed.
https://github.com/appium/appium-xcuitest-driver#mobile-installcertificate
I'm creating a Django web application that'll assist in barebone server deployments, where a bare bone server will PXE boot to a custom LiveCD to send a cURL command to register itself to a DRF REST API.
When Django receives the POST request it'll start a Go app remotely that'll find the bare bone server based on entries in the REST API then start configuring the server. What would be the best way to identify/introduce the bare bone server to my Go server?
My thought is either to use a parser parameter to identify the server then Go will pull the bare bone server info from the REST API or add a Boolean field in the REST API and the Go app will look for entries that are TRUE then flip it to FALSE when it starts setting up the bare bone server.
Would that be the best way to get this done or is there a better way?
Actually, PXELINUX comes with an identification mechanism based on the systems MAC dress and the configuration can be customized accordingly. Since you need to do accounting of your bare metal servers anyway (port security anyone? ;) ), you should know the MAC dresses of all the interfaces on your bare metal servers anyway.
Your directory usually looks like this (path prefix may be different).
/srv/pxe/pxelinux.cfg/default
Now what happens is that your system starts up, sends a DHCP Request and gets an offer containing the DHCP options "next-server" and "filename". When the system selects said offer, it will connect to the "next-server" and request "filename", usually pxelinux.0. Here is your first potential hook: Write a tftp server which deals with the request and registers your system.
Now pxelinux.0 is executed , it will read the above config file. But here is the thing: Say the Mac address of the system is 23:67:33:5a:cc:e8, and the file
/srv/pxe/pxelinux.cfg/23-67-33-5a-cc-e8
exists, this will be read instead. Which is your second hook: the request will be logged by tftp.
Regardless of wether the default or a system specific config file is used, basically we are talking of GRUB config file. Assuming you use Kickstart to install the system, it will look something like this
default linux
prompt 0
timeout 1
label linux
kernel /images/yourdistro/vmlinuz
ipappend 2
append initrd=/images/yourdistro/initrd.img console=ttyS0,115200
Now, here is the thing: you have several possibilities to execute a custom program on boot:
Append the path to your executable to the append parameter. By convention, the Kernel will send all parameters it does not know to pid 1. Though I have not tested wether systemd adheres to the convention and simply executes a parameter it does not know in turn, I assume as much.
cron. Most cron implementations nowadays support the #boot time definition.
the init system, be it either systemd or openrc or good ol' SYSV init.
Last but not least, how to configure the machine. I strongly suggest against reinventing the wheel. I had quite similar requirements in a (closed source) project. We used kickstart to do the basic system installation and simply shot a curl command after reboot to Ansible Tower, triggering the more detailed configuration. Since we had a DHCP server with the MAC, an IP reserved for said MAC and a hostname readily configured (dnsmasq, caugh, caugh), that was not much of a problem. Basically, all we had to do manually is to register the MAC address and assign an IP and a hostname, then fire up the machine.
I am trying to install an MSExchange 2016 in an EC2 instance from scratch without success. By from scratch, I mean I start from a new EC2 instance without any AD yet installed.
I am not very familial with Windows Server. I got a lot of problem during the installation. By digging the web, I fixed a lot of them, but I think there is something I miss to succeed in my installation. Any help would be greatly appreciated
Here is the procedure I followed:
I created an EC2 Windows Server 2012RC2 instance
I created a simple Active Directory in AWS.
I provided the AD DNS to my Windows Server (via Network and Sharing Center, properties of Internet Protocol v4)
I joined the server into that AD (Via Control Panel > System and Security > System, change computer workgroup to the domain defined in my AWS Simple AD)
Restart computer
Log into the server as Administrator, with the AD domain
Download Exchange from here
Set-up the active directory, as in this procedure: https://judeperera.wordpress.com/2015/07/24/step-by-step-guide-for-installing-exchange-server-2016-preview/
The Step 4.1. of that procedure indicates to execute the following code
Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
When I execute it, I get the following error:
I do not understand what I need to do/fix to continue the installation.
Thanks in advance for your help!
The issue you are encountering is that Simple Directory is not an Active Directory product, it is powered by Samba v4. What you need is to setup a Microsoft Active Directory (Enterprise Edition) or Microsoft AD, which is powered by Windows Server 2012 R2. The Simple AD is powered by Samba v4 and is simply Active Directory compatible but does not support the added schema features which are needed by Exchange Server 2016.
The other option is to back away from hosting your own instance of Exchange server and instead take a look at AWS WorkMail. It is an exchange like service which supports active sync with Outlook 2007+ and all current mobile smart devices such as Android and iOS. I currently use this and it took a lot of the headache out of managing my own mail server as the complexities are offloaded to the AWS environment and all you need to do it add mail accounts and group addresses.
Either option should solve your issue.
I'm trying to install a legacy VB6 client on a Windows 7 (64-bit) machine that can talk to a DCOM server written in Visual C++. I know I need to run CLIREG32 and pass it the .VBR file as a parameter. I'm trying it like this:
clireg32 myvbrfilehere.vbr -s <ip address> -d -l
It seems to run without a hitch, but I think I should be able to search the registry and see the IP address i entered as a parameter. So something tells me I'm missing something during this command. (I've also tried adding -t mytypelibrary.tlb but that doesn't help either)
Any thoughts on using this ancient technology? I'm not in a position to rebuild everything right now. I'm starting to get desperate...
Thanks
There is at least limited information in Microsoft article Q155939.
(Archived copy.)
Paraphrasing the useful parts:
Q155939: HOWTO: Use Clireg32.exe for Remote Automation
Article: Q155939
Last Modified: 31-JUL-1999
-------------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Visual FoxPro for Windows, versions 5.0, 6.0
-------------------------------------------------------------------------------
SUMMARY
=======
This article provides an explanation of Clireg32.exe and how it is used for
remote automation.
MORE INFORMATION
================
The Clireg32.exe component allows you to register an OLE server (.exe) remotely.
It differs from the Remote Automation Connection Manager (RacMan) in that the
server does not need to be located on the machine registering it. The Setup
Wizard handles the maintenance of registering remote servers for you.
NOTE: Remote servers and Clireg files are stored in the \Windows\Olesrv\
directory, which is similar to Visual Basic if it is installed via the Setup
Wizard.
The Clireg32.exe program takes a number of parameters. The only required one is
the name of the .vbr file (generated with the server during build):
Clireg32 myexesvr.vbr
In order to fully register a remote server, you must provide the network name,
network protocol, and security access. Clireg32 prompts you with a dialog box if
these options are not passed. For a list of all the parameters, simply execute
Clireg32.exe by itself.
Copyright Microsoft Corporation 1986-2002.