Cool Tools

license:  GPLv2

The Certificate Creation script recreates the certificates on OES1, OES2, and OES 11 servers using a Personal Information Exchange File. With an additional parameter it will also restart all the necessary services. The following information is obtained in the script execution process.

Platforms Supported:

32 and 64 bit OES1, OES2, and OES 11 are currently supported.

Script Process:

1. Prechecks are done to verify if the current certificates are good.
2. The following files are backed up with the date and time appended.
   /etc/ssl/servercerts/servercert.pem /etc/ssl/servercerts/serverkey.pem /var/lib/novell-lum/x.x.x.x.der /etc/opt/novell/SSCert.pem //OES1 /etc/opt/novell/certs/SSCert.pem //OES2 and OES 11
3. Creation of new Certificates
   /etc/ssl/servercerts/serverkey.pem /etc/ssl/servercerts/servercert.pem /etc/opt/novell/SSCert.pem //OES1 /etc/opt/novell/SSCert.der //OES1 /etc/opt/novell/certs/SSCert.pem //OES2 and OES 11 /etc/opt/novell/certs/SSCert.der //OES2 and OES 11 /var/lib/novell-lum/x.x.x.x.der
4. Postchecks are done to verify if the new certificates are good.
5. Reloads services (optional but recommended)
   owcimond nldap namcd apache2

Installation Instructions for Version 2 & 3:

1. Download certificate-creation-3.0.tbz
2. Open a Terminal window and type “su”
3. Enter root’s password
4. Extract the script from the tarball
   #tar –xjvf certificate-creation-3.0.tbz
5. Make the script executable.
   #chmod 755 certificate-creation.sh
6. Delete current eDirectory certificates.
   
   1. In iManager, go to Novell Certificate Access -> Server Certificates.
   2. Select the server you plan on recreating the certificates on (looks like a magnifying glass)
   3. Select all certificates in the list and click delete.
7. Delete the SAS Service Object.
   
   1. In iManager, go to Novell Certificate Access -> SAS Service Object.
   2. Select the server you plan on deleting the SAS Service object on (looks like a magnifying glass).
   3. Check the box next to the SAS Service object and click delete.
8. Go to the terminal opened in step #2 and type "ndsconfig upgrade". This will create new eDirectory certificates for this server.
9. Export the Personal Information Exchange File using iManager.
   
   1. In iManager, go to Directory Administration -> Modify Object
   2. Select the SSL CertificateDNS - YourServerName certificate object, which by default is in the same eDirectory context as your server object and click OK
   3. Go to the Certificates tab of the certificate object and click Validate. It should come back as Valid.
   4. Select Export.
   5. Select "Export private key" and "Include all certificates in the certification path if available."
   6. Assign the private key a password. This will be used to protect the private key while it is being transferred. This password will be removed in a future step.
   7. Save the resulting pkcs12 file (Personal Information Exchange format) to a secure location on your server. The default file name is cert.pfx
10. Run the certificate-creation.sh script
    #./certificate-creation-3.0.sh -f /directory/fileName.pfx -c o=Organization -l -r

Installation Instructions for Version 1.x:

1. Download certificate-creation-1.1.tbz
2. Open a Terminal window and type “su”
3. Enter root’s password
4. Extract the script from the tarball
   #tar –xjvf certificate-creation-1.1.tbz
5. Make the script executable.
   #chmod 755 certificate-creation.sh
6. Export the Personal Information Exchange File using iManager.
   
   1. In iManager, go to Directory Administration -> Modify Object
   2. Select the SSL CertificateDNS - YourServerName certificate object, which by default is in the same eDirectory context as your server object and click OK
   3. Go to the Certificates tab of the certificate object and click Validate. It should come back as Valid. If not, there is something wrong with your Certificate Authority and you should rectify this problem and regenerate the certificates before continuing.
   4. Select Export.
   5. Select "Export private key" and "Include all certificates in the certification path if available."
   6. Assign the private key a password. This will be used to protect the private key while it is being transferred. This password will be removed in a future step.
   7. Save the resulting pkcs12 file (Personal Information Exchange format) to a secure location on your server. The default file name is cert.pfx
7. Run the certificate-creation.sh script
   #./certificate-creation-1.1.sh -f /directory/fileName.pfx -c -r

Fixes and Enhancements:

Version 1.1
1. The script will now check if your are root
2. OES2 x86_64 is now supported
3. A relative path to the .pfx file can now be used.

Version 2.0
1. This script will now do pre and post checks to see if the certificates are good or bad
2. Color was also added for easier reading

Version 3.0
1. No longer displays the password when the ldap search throws an error

Note: Using a –h will display other parameter options if desired. AttachmentSize certificate-creation-1.1.tbz2.85 KB certificate-creation-3.0.tbz4.96 KB

• Open Enterprise Server Cool Solutions

license:  Freeware

Install ZENworks Image Engine on USB using UNetBootin

Quick tool to install the bootcd.iso (ZENworks 11.1), using Unetbootin, onto a USB Pen Drive.

UNetbootin is an excellent tool to create bootable USB Pen Drives. In this guide I use UNetbootin to put the bootcd.iso file onto a USB Pen Drive and then use this instead of using a CD.

Out of the box this installation script will create a bootable USB, with UNetbootin launching the ZENworks Imaging engine. From this you can pull images from a Proxy Server, launch a preboot script and pull images from the local USB Pen Drive.

Read the settings.txt and PrebootscriptUSB.s files (attached) to see more.

This only takes about 5-10 minutes, all depending on how much you want to do from the USB Pen Drive. Reading this will probably take longer than the execution :)

Things you need:

The files attached (USBIMAGE.zip)

Bootcd.iso: from your own environment or get the latest Imaging Driver Update from http://download.novell.com
(the Bootcd.iso attached to this, is from the ZCM11.1 sept. driver update. So if you are on this version, no need to replace it)

A Windows PC with PowerShell 2.0

Software used: UNetbootin: free download from http://unetbootin.sourceforge.net

Inspiration found at: http://www.novell.com/coolsolutions/tools/18294.html

Novell ZENworks 7/11 documentation.

Warning, I can't guarantee this works on all USB pen drives. And do remember that under this process the drive will be cleaned, so backup any data you may have on it before starting.

All the files in this guide are located in C:\USBIMAGE\

Step one

Extract the attached files to "C:\" (Very important the path is "C:\USBIMAGE\")

Step two

If needed, paste your own bootcd.iso file to "C:\USBIMAGE\"
(tested with iso files from 10.3.3, 11.1a, 11.2)

If you want to edit the settings.txt file, use the file (template) from "C:\USBIMAGE\setting\". I've edited this, so it works with local imaging from the USB Device.

You can then manually add it to the bootcd.iso, using eg. MagicISO. Or just leave it in the setting folder, the file, from "C:\USBIMAGE\setting\", will automatically be copied to the USB during installation.

Step three

Add, if any, your own images and/or prebootscripts.

If you want to pull images from the USB, you can use the "PrebootScriptUSB.s" script file as your template. If you want to pull images from a PROXY, just active the PROXY part.

Place your images (.zmg files) in the folder "C:\USBIMAGE\IMAGES\IMG\"

If you use addon-images, you could place them in the addon folder. All depending on how you want the structure. I place mine in this folder, as you can se in the attached example of a preboot script.

Place your preboot-script (.s file) in the folder "C:\USBIMAGE\Scripts\PreBoot\"

Feel free to use my example and modify it so it fits your demands.

Step four

Connect the USB Pen Drive to your PC.

Warning! You must only connect one USB device to the PC. All content on it will be erased.

Step five

Run the installation.

Execute the file: C:\USBIMAGE\RunScript.bat

This will run a PowerShell script. This formats the drive, runs UNetbooting and copies the edited and needed files.

Just follow the few instructions on the screen :)

The windows should look like this:

Click to view.

When the window is closed your done.

Now your USB Pen Drive is ready.

Enjoy!

Note: if you experience any problems with the detection of the USB Pen Drive during boot, you should look into the syslinux.cfg file and change this part so it fits your device:

install=hd:/dev/sdb1 root=/dev/sdb1

(Could instead be "install=hd:/dev/sdb root=/dev/sdb")

Any ideas of enhancement regarding this tool is welcome.

AttachmentSize usbimage.zip65.82 MB

• Cool Solutions

license:  GPL

During DSfW configuration, you are provided with an option to select the installation of DNS. For the first domain controller (DC) of the forest root domain, this is done by default. For all the additional domain controllers (ADC), the DNS configuration in OES2SP3 is optional. However, after DSfW configuration on the ADC, if you need to configure DNS on the ADC, it cannot be done using YaST. The script provided here enables you to configure DNS on the ADC in a post-configuration manner.

This script can be run on an ADC in scenarios like:

1. The ADC in OES2SP2 upgraded to OES2SP3, and DNS server is to be configured
2. The ADC already in OES2SP3 code level and it is not already configured as a DNS server.

   The script does the following operations:

   1. Configure DNS by running "dns-inst". This installs DNS on the ADC.
   2. Add the ADC's DNS server object to the forward zone and reverse zone objects in the dNIPZoneServers attribute.
   3. Add the forward and reverse zone object to the dNIPZoneList attribute of the ADC's DNS server.
   4. Add the NS record for the ADC's DNS server to the forward zone.
   5. Update the "xad.ini" configuration file for "DNSSERVER" and "DNS Master" entries, as it changes after the DNS configuration on the ADC.
   6. Update /etc/resolv.conf with "nameserver" referring the local server IP.
   7. Restart the novell-named. Re-start is attempted twice. Even then if it still doesn't come up, restart it after the script execution is complete.
   8. All the DNS related contexts and administrator FQDNs are read from the install registry (xad.ini and XAD::registry perl module).
      The passwords are read from the environment variables. More information is provided below.
   9. The execution logs appear on console as well as goes to /var/opt/novell/xad/log/dns_config.log.

The script need be executed by exporting the following environment variables or can be given inline during the execution of the script ;

The example of command line execution of the script is:

# NDSEXISTINGADMINPASSWD=<tree-admin-password> DOMAINADMINPASSWD=<domain-admin-password> perl ./configure_dns_adc.pl

The script accepts two environment variables:

NDSEXISTINGADMINPASSWD - Tree Administrator password

1. In case of name-mapped (NM), it is the tree administrator password.
2. In case of non-name-mapped (NNM), it is the Forest Root Domain (FRD) administrator password.

DOMAINADMINPASSWD - Domain Administrator Password.

The DNS configuration on a ADC provides the mechanism for load balancing between domain controllers. Also this helps in the scenario when the PDC role transfer/seizure need to be done. With DNS server also present on the ADC, the new PDC will be completely functional as a primary domain controller.

AttachmentSize configure_dns_adc.pl.txt7.68 KB

• Open Enterprise Server Cool Solutions

license:  GNU

download url: https://github.com/jlodom/FLAIM-Database-For-OS-X/zipball/master
home page url: https://github.com/jlodom/FLAIM-Database-For-OS-X

FLAIM is a very scalable, quite fantastic database technology. However, it is sorely neglected outside of Novell / Attachmate. This Cool Solution is an effort to make it slightly more available by fixing some problems compiling it on OS X. The original source had accommodations for OS X, but there were compilation errors which I have fixed in this fork.

You can find my modification to the FLAIM source to allow it to compile on recent versions of OS X at this GitHub page: https://github.com/jlodom/FLAIM-Database-For-OS-X

Novell / Attachmate uses FLAIM as the basis for eDirectory GroupWise. Additionally, the Church of Jesus Christ of Latter-day Saints has used FLAIM in its legendarily large genealogy recording.

The main page for the open source FLAIM is at http://sourceforge.net/projects/flaim/ Unfortunately, both the maintainers have left Novell and so the Sourceforge page is stagnant, which is why this fork exists instead of simply submitting patches. It is worth noting that FLAIM is very much in active development inside of Novell, but copying new work over to the open-source branch is not a priority. That said, the core of the code has not changed as it is a mature format.

All the documentation you could ever want is on the original SourceForge page. There is also very good documentation included with the source.

I have not yet gotten XFLAIM (FLAIM 5.x) compiling on OS X as it is not a priority for me -- although it has a few modern advantages over existing FLAIM, my interest is understanding the FLAIM 4.x branch as the classic technology is more relevant to my work life.

If you are compiling FLAIM on non-OS X Unix or Windows, you are probably better off just using the original source without my changes, unless you encounter compilation errors in which case some of my light work might be valuable.

• Cool Solutions

license:  Donationware

Console2

This is a simple application that can replace some small iManager/Designer/ConsoleOne/dxcmd functions.

The main goal is to collect all the functions that I use the most in one application.

New in 2.0:
+ Added support for sending XDS documents to IDM. Replicates the following
dxcmd functionality:
Submit XDS command document to driver
Submit XDS event document to driver
Queue event for driver
To use it connect to a IDM server, click "Show IDM Driver", select a driver,
click IDM in the menu, click "Send XDS to IDM".
You can type in a XDS document directly in the textarea or you can select a
XML file containing XDS events. The XML must be valid.
For each operation type in the file (add, modify, delete etc.) the program
will submit a separate XDS document to IDM.

* The "Job Manager" can now set trace attributes on a job (trace level,
trace file, trace file size)

* Updated Logback to v1.0, SLF4J to v1.6.4, Apache Commons Lang to v3.1,
Jasypt to v1.9, UnboundID LDAP SDK to v2.3.0

- Code improvments/refactoring

* Changed "Custom LDAP filter" search functionality. Write it directly into
the value text field.

- Improved error messages.

+ You can copy the DN of the selected object in the "Found objects" list to
the clipboard by pressing CTRL+C or right clicking and selecting
"Copy to clipboard".

* Profiles can now be deleted in "Multiple Tree Check"

* Added checkbox "Ignore aliasObject" to "Multiple Tree Check" to prevent double
results when having two objects named the same and one of them is an alias.

+ "Multiple Tree Check", after checking the login you can now click on a button to
the far right seek (looking glass) to bring up a simple LDAP Browser and look at
the object that was found.

+ Removed UPC from the Console2 name.

+ Added a "Restart driver" button and menu item

+ Added support for connecting to IBM Tivoli Directory Server (TDS)

Use this software at your own risk.

No warranty is provided. If you don't like it, don't use it.

If you find it useful you may donate using the PayPal button in the application.

Known Issues:
* The simple paged result control used for the "Migrate from IDV" function doesn't
seem to work on NetWare 6.5.SP8 with eDirectory 8.8.4
Haven't tested it with a newer version of eDirectory on NetWare.

* The main GUI isn't threaded which means if you do something like click on "Show IDM Drivers" which performs a search like (objectClass=DirXML-Driver) it looks like the program has hanged while it's actually working, waiting for a reply from the server. This can take a couple of minutes if the tree has alot of objects (tested with over 1 million objects it took about 2 minutes 30 seconds on an "old" PC (AMD Athlon 64) with a 5400 rpm disk where the Object Class attribute wasn't indexed), but it will respond eventually.

* The IDM extended operations don't work reliably on 64-bit eDirectory where the ndsd process has allocated a large amount of memory (tested with 2-4GB).
The operation fails with the following error in DSTrace:
10:34:37 40D0B940 LDAP: DoExtended on connection 0x6dd41a00
10:34:37 40D0B940 LDAP: DoExtended: Extension Request OID: 2.16.840.1.113719.1.14.100.7
10:34:37 40D0B940 LDAP: malloc of 9 bytes failed
10:34:37 40D0B940 LDAP: Unable to alloc data memory in NLDAPSetResponseBer
10:34:37 40D0B940 LDAP: Sending operation result 0:"":"" to connection 0x6dd41a00

System Requirements:
Client:
Oracle Java JRE 1.6.0_21 or higher
If you are going to save profiles I recommend the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 which can be downloaded
from here (near the bottom of the page):
http://www.oracle.com/technetwork/java/javase/down...
Client tested on Windows XP SP3 and Windows 7 x64.
It /should/ work on "any" platform with the correct JRE.

Serverside requirements:
eDirectory with LDAPS (Encrypted LDAP only)
Tested with:
IDM 3.6.1 on Linux
eDirectory 8.8.5/8.8.6 on Linux
It /should/ work with IDM 3.5.0 or higher but I haven't tried (if using IDM functions).

Features:

* Profiles for multiple eDirectory trees which you can save/load
- The logon password can be encrypted before the profile is saved
# Since v1.1 Console2 supports connections to Active Directory as well.
* Profiles can be moved between computers using the Export/Import function
* Saved profiles can be deleted
* IDM functions
- List IDM drivers
- Show/change driver status on different servers (Use the Change Server button to connect to another IDM server and use the Initial server button to return to the original server you connected to)
# Show if a driver is started/stopped/disabled etc.
# You may start/stop drivers
# Show startup settings, autostart, manual, disabled
# You may change the startup settings
# Restart driver button (v2.0)
- Show/change driver trace level
- Show/change driver trace file size (v1.5)
- Show/change driver trace path (v1.5)
- Get driver statistics (v1.0)
# Cache size
# Number of events in the cache
# Better interface coming in next version - only displays the XML at the time
- Show if the driver object password, remote loader password and application password is set
# Clear/set the application password
# Clear/set the remote loader password
# Set the driver object password
- Initiate a "migrate from identity vault" feature
# Enter a valid LDAP filter and select the driver on which you want to initiate the migrate on
# You may also enter a base DN if you want
# You can choose to resync only associated objects, only unassociated objects or both (standard) (v0.92)
# You can choose to delete the association value when resyncing (v0.92)
# You can choose the mode of operation, Simple Paged Results or Asynchronous search (v1.0)
# You can set the page size for simple paged mode (v1.5)
# You can use the synchronous method (v1.5)
# You can pause the resync process for X seconds every Y entries (v1.9)
# Statistics on how many entries were resynced and the time it took (v1.9)
- Manage Named Passwords (v1.5)
# Currently in "beta" mode
- Manage IDM jobs (v1.5)
# Currently in "beta" mode
# Set job trace level (v2.0)
# Set job trace file path (v2.0)
# Set job trace file size (v2.0)
- Send XDS documents to IDM (v2.0)
# Replicates the following dxcmd functionality:
* Submit XDS command document to driver
* Submit XDS event document to driver
* Queue event for driver
# Type in the XDS XML directly or read from a valid XML file
# For each XDS operation in a file (add, modify, delete etc.) the program sends a separate XDS document to IDM
* Universal Password funtions
- Using the search box on the main screen you can search for users and retrieve Universal Password information
# You can see the Effective password policy for the user
# You can see if Universal Password is enabled for the user
# You can see if the Universal Password is set
# You can see if the Universal Password history is full
# You can see if the NDS password matches the Universal Password
# You can see if the Simple Password matches the Universal Password
# You can see if the Universal Password is older than the NDS password
# You can see if the Simple Password is set
# You can see if the Simple Password is in cleartext
# You can see if the NDS password matches the Simple Password
# You can see if the Universal Password confirms with the password policy
# You can assign password policys to objects (v1.5)
# You can delete the Universal Password or Simple Password from objects (v1.5)
# You can set the Simple Password on objects (depending on password policy) (v1.5)
# You can read the Simple Password from objects (v1.5)
* Login settings functions
- After clicking on a user in the search results box you can use the tabs to change login settings, click Save to apply the new settings
# View/change Login Disabled
# View/change Login Activation Time
# View/change Login Expiration Time
# View/change Grace Login settings
# View loginTime and lastLoginTime
# View/change Password Expiration Time
# View/change various Password settings
# View/change Locked By Intruder
# View Intruder attempts/address/intruder reset time (Only the IP-address is handled correctly)
# View the pwdChangedTime and pwdFailureTime attributes (v1.1)
* Test username/password on multiple trees at once (v0.92)
- Multiple Tree Logon Check, try to logon to up to 5 trees at once to verify that the password is correctly synced
# Since v1.1 you can connect to Active Directory as well.
- Select if want to use SSL or not (per connection) (v1.1)
- Select if the system is eDirectory or Active Directory (v1.1)
- Enter another attribute name to use for each connection besides the default
one in the combobox. If the field is left empty it will use the default. (v1.1)
* Active Directory support (v1.1)
- Display the following timestamp values in readable format:
# lastLogonTimestamp
# lastLogon
# pwdLastSet
# lockoutTime
# badPasswordTime
# accountExpires
- After searching for a user and clicking on the search result you can use
the AD tab to see/change the following:
# Enable/disable the account.
# Unlock the account if it's locked out.
# Set/unset "Password not required"
# Set/unset "Password never expires"
# See if the password has expired.
# Set/unset that the user must change password on next login.
* Attribute viewer (v1.1)
- By doubleclicking on a search result or pressing enter on the keyboard you
can bring up a simple attribute viewer that display all attributes including
operational attributes.

Console2 use Java libraries from:
* Novell
- JLDAP
- DirXML
- NMAS
* UnboundID LDAP SDK
* Jasypt
* Apache
* SLF4J
* Logback

Thanks to: Novell, UnboundID, Jasypt, Apache, SLF4J, Logback!
Changelog format inspired by Novell PWM: http://www.novell.com/communities/node/12216/pwm-v155

Uses icons from http://www.oxygen-icons.org/ and http://www.aha-soft.com/
All free icons listed on this page are licensed under a Creative Commons Attribution-Share Alike 3.0 License. This means that you can freely use these icons for any personal and commercial purposes (software interfaces, online services, blogs, templates etc.). However, you should include a link to www.aha-soft.com in your credits.

License: Donationware
You may not sell this software.

THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

AttachmentSize console2_v2.0.zip4.92 MB

• Cool Solutions

license:  Demo

download url: http://www.kvy.com.ua/products/rtmnemesis/
home page url: http://www.kvy.com.ua

RTMNemesis program scans the most current log file of SuperLumin Nemesis proxy and creates the following statistics in real time:

• User IP addresses.
• Last URLs of web sites visited by users and the history cache of these URLs for each user. You can set any quantity of URLs in this cache.
• Last access time to these sites
• Total users loading from the start of the program
• Current users loading for the last parsing of the program
• Type of HTTP packets passing via the proxy
• Hierarchy codes of these packets
• Program's start time
• Seconds left until the next log reading
• Average HTTP loading of the proxy for 5 min, 1 hr and 20 hrs

You also can:

• Sort information in the columns
• Connect to selected web sites to see where your users were
• Look through the history cache of these web sites for several cycles of the program
• Define the DNS name (or workstation name) of the user workstation, if the HTTP proxy authentication is turned off
• See users, who tried to get access to forbidden websites (403 HTTP code). In this case the program shows these users by yellow background in the main window and gives the signal to the PC speaker
• Set a time period when the program will not parse the access log
• Create HTML reports for the main and the History modes
• Create reports for all websites that your users are visiting at the moment. The program forms two kinds of reports: the report of websites and the report of visitors of these sites
• Get IP information using Whois service (Useful for identifying IP addresses accessing reverse proxy)

Full information about the program: http://www.kvy.com.ua.

• Open Enterprise Server Cool Solutions

license:  GPL home page url:  www.itux.co.za

As we know, 90% of OES problems can be traced back to one of the services in the OES stack not running, thereby affecting the services lower down in the stack.

I created this script to present a Menu so a basic administrator can log into the server and run the menu, then follow simple menu prompts to check for apparent issues with OES services, networking and eDirectory objects/users

See the screenshot below, then download the script and try it yourself!

Click to view.

AttachmentSize oeshealthcheck.sh_.zip2.2 KB

• Open Enterprise Server Cool Solutions

license:  Free for all

This is a very simple PERL script that may be quite useful when working with delimited text files, especially for those of you who write/maintain Delimited Text drivers in IDM. You can use it in a few different ways:

• Convert a file from one delimiter to another
• Parse a file to make sure each field has quotes around it (instead of only those with spaces)
• Recreate your file but only specific columns
• Recreate your file with the columns in any order you want
• All of the above combined

If you're good with the Linux command line tools, combine this script with grep, sed, awk, wc, etc. to do all sorts of things. I wrote it so that I could quickly look through a large CSV file I get from our HR system and return only the fields I want. For example, using this script and other built in tools I can quickly figure out how many active employees we have within a specific business unit without having to load the CSV into a database and query it that way.

The script was written for Linux, but seems to work in Windows too (tested using Active Perl base installation).

CSV Parser v1.0.2 - Parse data from a delimited text file. Usage: csvparser.pl -c [file] Required: -c | --csv [File] Specify a CSV with the input data Options: -i | --inputdelim [char] Input file delimiter (Default: ",") -o | --outputdelim [char] Output using different delimiter (Default: ",") -f | --fields [#,#,#,#] Fields to print (base 0) - Order will be maintained. (Default: All) -q | --quotes Include quotes around the fields (Default: Off) -h | --help Help! -d | --deubg Enable debugging info AttachmentSize csvparser.pl.txt6.53 KB

• Cool Solutions

license:  Free

This script will provide the user quota information from an OES Linux NSS volume.

It will create four files for processing and four output files that contain the quota information.

Default output is in megabytes and can be changed by modifying the SIZE variable.

Columns are in this order: USEDSPACE QUOTAAMOUNT PERCENT NAME

Steps to use:

1. Extract the quota-list.tgz file with "tar xzvf quota-list.tgz"
2. Then make quota-list.sh executable "chmod +x quota-list.sh".
3. Execute the quota-list.sh script as the "root" user and supply the volume name and column sort order.

Example output:

SERVER:/path # ./quota-list.sh Enter the volume name name in all CAPS VOL1 Enter the column to sort by 1=USED 2=QUOTA 3=PERCENT 2 Quota summary without modification has been sent to /tmp/UserInfo-VOL1-111201-summary-original Quota summary of all users has been sent to /tmp/UserInfo-VOL1-111201-summary Quota summary of only assigned users has been sent to /tmp/UserInfo-VOL1-111201-summary-assigned-quotas Quota summary of only assigned users and no unknown (deleted) users /tmp/UserInfo-VOL1-111201-summary-assigned-quotas-no-unknown-users Unknown (deleted) users are taking 128 AttachmentSize quota-list.tgz1.77 KB

• Open Enterprise Server Cool Solutions

license:  GPLv2

The iPrint Notification Script will allow you to identify when both the Driver Store and Print Manager go down on a server. It will notify you either by text message or email. The script will also attempt to restart the print services to get it operational.

Installation Instructions:

Note: The iPrint Notification Script works with both OES2 and OES11.

1. Download iprintnotify.tgz
2. Open a Terminal window and type “su”.
3. Enter root’s password.
4. Extract the script from the tarball.
   #tar –xzvf iprintnotify.tgz
5. Make the script executable.
   #chmod 755 iPrintNotify.sh
6. Edit one or more of the following variables at the top of the iPrintNotify.sh script
Example: EMAIL_ADDRESS="joe@mycompany.com" EMAIL_ADDRESS="" Example: TEXT_ADDRESS="8011231234@txt.att.net" TEXT_ADDRESS="" #If there is a Driver Store running on this server, then the setting should be "YES" otherwise put "NO" Example: LOCAL_DRIVER_STORE="NO" LOCAL_DRIVER_STORE="YES" #If there is a print manager running on this server, then the setting should be "YES" otherwise put "NO" Example: LOCAL_PRINT_MANAGER="NO" LOCAL_PRINT_MANAGER="YES" LOGFILE="/tmp/iPrintNotify.log"
7. Run the iPrint Notification Script now or setup a cronjob to run the script.
   #./iPrintNotify.sh -c

Setup Instructions for crontab:

1. SSH or telnet into the root account.
2. At the prompt, type in 'crontab -e'. This will open up your crontab file, or create a new one if it doesn't exist.

When this file opens, you will see other cron jobs listed in here, or if you haven't any - you'll see a bunch of lines with '~' on them.

3. Use the cursor to go down until you can't move the cursor down any more. This is where you start your new line. Press 'o' to insert a new line.
4. Press 'o' to insert a new line. If you want to edit a line, press 'i'.
5. Create a crontab entry that fits your needs and enter at this time.
Here are some examples: Set to run every minute of every hour of every day * * * * * /[Location of Script]/iPrintNotify.sh > /dev/null Set to run every five minutes of every hour of every day */5 * * * * /[Location of Script]/iPrintNotify.sh > /dev/null Set to run every 30 minutes of every hour of every day */30 * * * * /[Location of Script]/iPrintNotify.sh > /dev/null
6. Press the 'esc' key to exit out of edit mode.
7. To save the changes and exit, type the following in: :wq

If you want to exit without saving changes, type in: :q!

8. Once you have exited, to view the new entry in your crontab file type crontab -l in at the prompt. This will list the contents of your crontab file.

AttachmentSize iprintnotify.tgz1.13 KB

• Cool Solutions

license:  GPLv2

The eDirectory notification script will allow you to identify when eDirectory goes down on a server. It will notify you either by text message or email. The script will also attempt to restart eDirectory to get it operational.

Installation Instructions:

Note: This script assumes a single instance of a root-based installation of eDirectory so multi-instance and non-root instance functionality will not work. The eDirectory notification script works with both OES2 and OES11.

1. Download edirnotify.tgz
2. Open a Terminal window and type “su”.
3. Enter root’s password.
4. Extract the script from the tarball.
   #tar –xzvf edirnotify.tgz
5. Make the script executable.
   #chmod 755 eDirNotify.sh
6. Edit one or more of the following variable at the top of the eDirNotify.sh script
Example: EMAIL_ADDRESS="joe@mycompany.com" EMAIL_ADDRESS="" Example: TEXT_ADDRESS="8011231234@txt.att.net" TEXT_ADDRESS=""
7. Run the eDir Notify Script now or setup a cronjob to run the script.
   #./eDirNotify.sh -c

Setup Instructions for crontab:

1. SSH or telnet into the root account.
2. At the prompt, type in 'crontab -e'. This will open up your crontab file, or create a new one if it doesn't exist.
   When this file opens, you will see other cron jobs listed in here, or if you haven't any - you'll see a bunch of lines with '~' on them.
3. Use the cursor to go down until you can't move the cursor down any more. This is where you start your new line. Press 'o' to insert a new line.
4. Press 'o' to insert a new line. If you want to edit a line, press 'i'.
5. Create a crontab entry that fits your needs and enter at this time.
Here are some examples: Set to run every minute of every hour of every day * * * * * /[Location of Script]/eDirNotify.sh > /dev/null Set to run every five minutes of every hour of every day */5 * * * * /[Location of Script]/eDirNotify.sh > /dev/null Set to run every 30 minutes of every hour of every day */30 * * * * /[Location of Script]/eDirNotify.sh > /dev/null
6. Press the 'esc' key to exit out of edit mode.
7. To save the changes and exit, type the following in: :wq
   If you want to exit without saving changes, type in: :q!
8. Once you have exited, to view the new entry in your crontab file, type crontab -l in at the prompt. This will list the contents of your crontab file.

AttachmentSize edirnotify.tgz698 bytes

• Cool Solutions

license:  N/A Prerequisites:

IMPORTANT: Although the ZCM Server Log Parser is at version 11, you may still use it to parse logs from 10.3.x

You must have the Java JRE or JDK installed on the machine you are running the tool from. Either the JAVA_HOME or the ZENWORKS_HOME environment variables must be set.

On Windows, if JAVA was installed at C:\Program Files\Java\jdk1.6.0, to set the JAVA_HOME directory run:

set JAVA_HOME=C:\Program Files\Java\jdk1.6.0

On Linux, if JAVA was installed to /opt/java/jdk1.6.0, I would run:

export JAVA_HOME=/opt/java/jdk1.6.0

Features:

1. Can parse the services-messages.log and loader-messages.log
2. Counts the number of instances of a particular web service based up on the name in brackets. For example any message prefixed with [Assignment Web Service] will be tracked as an "Assignment Web Service" call.
3. Any web service that logs in the following format will be tracked based upon average duration for a specified time interval:
   [DEBUG] [4/1/11 9:12:11 AM] [] [] [] [ complete, time: ms...] [] []
4. Can track cache evictions, maximum cache size and average cache sizes if cache logging is enabled.
5. Tracks the number of exceptions found in the logs by the specified time intervals.
6. Tracks the number of restarts of either the ZENLoader or ZENServer service.
7. Can produce both a bar and a line graph for the number of web services found as well as the web service durations.
8. Parses multiple log files at the same time.
9. Parses the backup .zip files generated when a log reaches the size limit specified in ZCC
10. Can union the results of multiple log files (.zip and .log) from both ZENworks Loader and ZENworks Server services.
11. Can increase the precition of the data generated from days (default) to hours or minutes
12. Can focus on a specific time interval in the logs and only report on that interval.
13. Can focus in on a user specified number of more prevalent web services for both counts and web service durations.

Generated Results:

Currently, the log parser generates results files for several different stats:
Web Service Counts - the number of times a web service log entry is encountered. This is not necessarily the number of times a device requests information from a web service, but this count is directly proportionate to the number of request being made.
Web Service Times - this is the duration that any given web service method call may last prior to returning the requested content back to the client.
Exceptions - how many times each type of exception occurs
Restarts - how often a service restarts,
Cache Usage - how many items are in the each server-side cache and the evictions. IMPORTANT: This will only show up if cache logging has been enabled. This will happen by default if the log level is set to DEBUG.

The results files that are generated from the ZENworks Log Parser will use the log filename as the prefix for the results file names, so if the log filename is "services-messages.log" the results files will be:

services-messages.log-exceptions.csv
services-messages.log-wscount.csv
services-messages.log-wscount_bar.jpg
services-messages.log-wscount_line.jpg
services-messages.log-wstimes.csv
services-messages.log-wstimes_bar.jpg
services-messages.log-wstimes_line.jpg
services-messages.log-cacheinfo.csv

The .csv files are files with comma separated values. These are easily imported into spreadsheets or even databases. The .jpg files are the graphs of data. This makes it particularly easy to quickly spot trends or problems.

AttachmentSize zenworkslogparser.zip2 MB

• Cool Solutions

license:  gpl v2

This bash script will parse the trustees kept in the NCP trustee_database.xml file (media/nss/VOLUME/._NETWARE/.trusteee_database.xml) for the supplied NSS volume and create a script that will remove the trustees using the "ncpcon rights" commands.

WARNING: Make sure to backup your trustees before running the ncpcon-remove-VOLUME.sh script with the "metamig" utility.

Save Example (backs up all NSS VOL1 metadata):

metamig save VOL1 > metamig-bu-VOL1.txt

Restore Example (restores only trustee NSS VOL1 metadata)

metaming restore VOL1 -m t < metamig-bu-VOL1.txt

Steps to use:

1. Extract the ncp-remove-trustees.tgz file with "tar xzvf ncp-remove-trustees.tgz" Then make ncp-remove-trustees.sh executable.
2. Execute the ncp-remove-trustees.sh script as the "root" user and supply the volume name.

   Where you execute the script from will be where the ncpcon-remove-VOLUME.sh script will be located. Other files needed for processing are /tmp/trusteepath-VOLUME.txt and /tmp/trusteename-VOLUME.txt (delete them when you no longer need them)

   The ncp-remove-trustees.sh script will not remove any trustees from the volume. You have to execute that output script for trustees to actually be removed. This lets you see what it is going to do before you execute ncpcon-remove-VOLUME.sh

3. Add the execute permission to ncpcon-remove-VOLUME.sh
4. Run the ncpcon-remove-VOLUME.sh script.

AttachmentSize ncp-remove-trustees.tgz874 bytes

• Open Enterprise Server Cool Solutions

license:  partial free

download url: http://smedens.dyndns.org/pub

Built in .NET
Needs a 32-bit gw-client installed.

GWmod version: 1.02
Easy to list and modify various things in GroupWise
Copyright © 2011 gwbojjan

usage: gwmod <dompath> <function> <switch> <object> <value> i.e: gwmod x:\gwdom\ list -a admin -name -phone list -a <user> -name Return username -dname Distinguished name -given Given name -last Last name -title Title -depart Department -descript Description -vis Visibility -ldap Ldap Authentication-value -admindef1 Admindefined Field 1 -admindef2 Admindefined Field 2 -dom Domain -poa PostOffice -phone Phonenumber -expdate ExpireDate -accountid AccountID

• Cool Solutions

license:  GPLv2

The Printer Driver Auto Association Script for iPrint allows you to automatically associate a driver to either a specific manufacturer or make/model of a group of printers quickly and easily.

Example of uses:

Example 1:
A company plans on rolling out Windows 7 on workstations and needs drivers associated to each of the 500 printer agents currently found on the print manager. In this situation if the majority of the printers were HP, the Printer Driver Auto Association Script would be able to associate the HP Universal Printer driver to all printers of manufacturer type HP automatically.

Example 2:
A company has 20 printers of a specific model. In this situation, the script would only associate the specific driver chosen to that specific model of printer.

Step #1 - Install and download the latest version of the Printer Driver Auto Association Script utility

Note: Printer Driver Auto Association Script supports OES 2 and 11.
1. Download printer_driver_association-1.0.tgz
2. Open a Terminal window and type “su”.
3. Enter root’s password.
4. Extract the script from the tarball.
   #tar –xzvf printer_driver_association-1.0.tgz
5. cd to the PrinterDriverAssociations folder.
   #cd PrinterDriverAssociations
6. Make the script executable.
   #chmod 755 PrinterDriverAssociation-1.0.sh
Step #2 - Run the Printer Driver Auto Association Script utility

Option A: Generate a file containing the list of printers matching a specific manufacturer or model

1. On the terminal run the Printer Driver Auto Association Script to generate just the file.
   #PrinterDriverAssociation-1.0.sh -g
2. This will create a file in the current working directory containing the printers identified during the script execution.
   A log file named associations.log will be generated in the /var/opt/novell/log/iprint/ directory.
Option B: Generate the printers file and auto associate the chosen driver to the printers found in the file.
1. On the terminal run the Printer Driver Auto Association Script to generate just the file.
   #PrinterDriverAssociation-1.0.sh -f <filename.txt> -g
2. This will create a file in the current working directory containing the printers identified during the script execution. It will then execute the file and associate the driver chosen during the script execution.
   A log file named associations.log will be generated in the /var/opt/novell/log/iprint/ directory.
Note: Using a –h will display the help menu.

AttachmentSize printer_driver_association-1.0.tgz4.56 KB

• Cool Solutions

license:  GPLv2

The iPrint Synchronization script assumes two OES Linux iPrint servers with similar configurations exists. These two servers may have a similar configurations as a result of running the iPrint Duplication Script. While those two iPrint configurations were identical at the time the iPrint Duplication Script was run, changes are likely to occur on the production print manager server. These changes could be, but not limited to:

• create a printer
• delete a printer
• change a print driver association
• upload a new print driver
• change IP address of a printer agent
• change any attribute of a printer agent

After executing this iPrint Synchronization Script on the back up iPrint server, the changes made to the production print manager server will be synchronized to the backup server at a time interval decided by you. Additionally, there is an option to configure a notification system so you are emailed or sent a text message when the production print manager is unavailable.

This tool consists of the iPrint-Sync script and iPrint-Sync.conf. The iPrint-Sync.conf requires input prior to running the iPrint-Sync script. For an explanation and demonstration of the purpose of this tool, how to complete the iPrint-Sync.conf, and see how the script is run, go to http://www.youtube.com/watch?v=qzO2QNH5sZI

Installation Instructions:

Note: The iPrint Synchronization Script supports OES 2 and 11.

1. Download iprint-sync-1.1.tgz
2. Open a Terminal window and type “su”.
3. Enter root’s password.
4. Extract the script from the tarball.
   #tar –xzvf iprint-sync-1.1.tgz
5. cd to the iPrint-Sync folder.
   #cd iPrint-Sync
6. Make the script executable.
   #chmod 755 iPrint-Sync-1.1.sh
7. Open the iPrint-Sync.conf file and fill out the values for synchronization
8. Run the iPrint Synchronization Script and answer the questions.
    
   Setup notification or synchronization at some specific interval.
   #./iPrint-Sync-1.1.sh -c
    
   Run the iPrint Synchronization tool immediately.
   #./iPrint-Sync-1.1.sh -ksb
9. Your iPrint system should now synchronized.

AttachmentSize iprint-sync-1.1.tgz8.16 KB

• Open Enterprise Server Cool Solutions

license:  None

This is a simple script that checks the mounted NSS volumes and purges all deleted files.

There is no need to change the script when a new volume is created or and old one is deleted.

Even in a clustered environment when a cluster-server has not always the same volumes mounted.

#!/bin/bash Dirlist=$(dir /media/nss) for direc in $Dirlist ; do ncpcon purge volume $direc done AttachmentSize purge.zip207 bytes

• Open Enterprise Server Cool Solutions

license:  freeware What is this

This small tool will give you the following advantages:

• No need to unregister from the zone, before resealing the workstation
• No more messing around with various ZAC commands
• Your workstations will always have the latest version of the agent, that your infrastructure supports, when reinstalled

Requirements

The tool require that .Net is included with the base image, since the tool will not download the complete version of the agent, since that is a huge little bugger, due to the .Net runtime.

How it works

When launched, it will do the following:

• Detect the version of the OS
• Detect the architecture of the processor (32 or 64 bit)
• Detect, if you want to download and install the client, or simply just download it
• Detect, if you want to use the standalone or the network based version
• Detect if you specified a specific download path, and if not, the current users temp directory (%TEMP%) will be used
• Detect, if you want to reboot after installing the agent. (Default is not to reboot)
• Contact a list of ZCM servers or satellites that you select, and download the ZCM agent.
• The first server on the list that responds, it will use
• The list can contain from 1 to 5 servers

Regardless of what agent is downloaded, it will be named PreAgentPkg_Agent.exe

Note that the user running this tool must be a local administrator on the workstation.

Parameters

Simply launch the tool without any parameters to see the list of parameters.

Have fun, and remember.......

This is a free tool, and as such, no support or claims can be made here.....Use at your own risk.

/Tommy, IT Quality – Denmark

See you on Novell Forums.

AttachmentSize zagntdwn.zip242.18 KB

• Cool Solutions

license:  Freeware

Sneakycat CLE and LDIF Driver
Version: 0.5 beta (2011-10-21)
Use at your own risk.

What it is.
The CLE (Command Line Execute) and LDIF Driver is a simple driver that can be used to perform tasks on a Windows server using command line utilities or scripts OR import LDIF files into eDirectory.

It can be used as a subscriber only driver OR as a publisher only driver.

Subscriber only means that there is no useful functionality on the publisher channel except a driver heartbeat. You can't use the driver to pull data into IDM, so this driver can't replace the Novell Scripting driver.

Publisher only means that you shouldn't use the subscriber part if you are using the publisher part. The publisher channel can be used for import LDIF files into eDirectory through IDM.
This is done by activating the LDIF Publisher channel in the Driver Configuration.

The subscriber channel is primarily intended to ease the creation of home directories on Windows servers.

It can be used by installing the Remote Loader on a Windows file server and then installing this driver there. Any commands executed by the driver will be executed on that server using the rights that the Remote Loader service has. Since the driver is written in Java it also works on Linux.

There are two publisher channels, one is a simple heartbeat that does nothing else.
Then there is the LDIF Publisher channel that reads from an LDIF file and converts the entries into DSML (Directory Services Markup Language) which is then converted to XDS using a stylesheet on the input transformation. You can remove the stylesheet (its-dsml) if you want to perform your own conversion instead or use the stylesheet from the SOAP-DSML driver instead.

What's new in version 0.5?
Added several new pseudo attributes that can be used on the subscriber channel, read the documentation.
Added a new publisher channel that can import LDIF files and convert them to XDS for consumption by IDM.
Changed some internal code in regard to synchronization.

How much does it cost?
Nothing, it's completely free to use but it's not open source.

Subscriber:
The driver only handles and events.
It will set the association value to the RDN of the object it processed. This can change in next version, I will probably make it optional.
It doesn't handle any other events at this time (delete, rename etc.)
You could modify the driver policy to strip the association on such events and send an add with a CommandToExecute attribute to do something.
I'll probably add support for more events in future versions.
You can send suggestions to info@sneakycat.biz

Publisher:
If you use the LDIF publisher channel and stop the driver in the middle of processing it won't remember where it stopped. Instead it will rename the LDIF file it was processing to .bak as if it had processed the entire file.

How it works.

The driver shim works by processing XDS documents received from the IDM engine. These documents must contain attributes that the driver understands.

In the current version it only handles <add> documents.

There is an attribute called CommandToExecute that can be used to execute any command line or script that you want.

There are several others attributes that must be used together to have any effect.

For usage information read the PDF that comes with the driver.

Bugs/suggestions
There is no real support but you can send me e-mail at info@sneakycat.biz and I'll try to respond.
You can also send suggestions to the same address.

I TAKE NO RESPONSIBILITY IF YOU MESS SOMETHING UP BY USING THIS DRIVER. Please read LICENSE.txt before using this.

AttachmentSize snekaycat_cle_and_ldif_driver_0.5.zip1.05 MB

• Cool Solutions

license:  GNU General Public License v2

PWM is an open source password self service application for LDAP directories. PWM is an ideal candidate for organizations that wish to “role their own” password self service solution, but do not wish to start from scratch.

PWM v1.6.0 has been released and is now available for download on the project site.

http://code.google.com/p/pwm

The history changelog is below:

v1.6.0 (October 17, 2011) build 1096

[------legend----------------] [ + Added feature ] [ * Improved/changed feature ] [ - Bug fixed/refactoring ] [ ! security bug fix ] [ ~ partial implementation ] [----------------------------] + Added turkish locale, thanks erdem.bayer! (issue #86) + Added slovak locale, thanks svacko! (issue #87) + Added hebrew locale, thanks dordorqwerty! (issue #92) + Added helpdesk module for password resets (issue #99) + Support for customizable CSS themes, and several default themes included (issue #103) + Support for SMTP authentication (issue #104) + Overhaul of the NewUser registration module, + Password field is now on initial new user password field + Form UI supports more fields in less space + Randomized DN generation + While-you-type form validation + Configurable password policy template user + Configurable minimum wait time on new user creation + Added stored token database (to PwmDB or RDBMS) for forgotten password and new user password + Updated look & feel for form tables throughout the application + UserReport module in /pwm/private/admin and from PwmCommand command line * Moved public menu options (ForgottenPassword, NewUser, Activate) to login page * Moved private menu options to /pwm/private url, and made menu visibility based on permission * Continued improvements in configmanager process - Fixed bug where unsupported browser locale results in blank page/null pointer (issue #83) - Fixed bug where non-english server locale results in configuration manager issues (issue #84) - Double-byte characters not stored properly in PwmConfiguration.xml (issue #100) - Issue where SMS Servlet Gateway URL couldn't be configured with a port number (issue #97) - Config file size limit of 50k characters increased to 10mb. - Current password required in some cases on forgotten password reset page. (issue #119)

• Cool Solutions