Download the following packages:
Install the downloaded packages and the libnsl library:
# dnf install oracle-instantclient18.5-basic-188.8.131.52.0-3.x86_64.rpm oracle-instantclient18.5-devel-184.108.40.206.0-3.x86_64.rpm oracle-instantclient18.5-sqlplus-220.127.116.11.0-3.x86_64.rpm
# dnf install libnsl (ensure x86 and not i686)
Download and install the EPEL repository:
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
Install PHP and OCI8:
# dnf module list php
# dnf module enable php:remi-7.4 -y (if you get the following message: “The operation would result in switching of module 'php' stream '7.2' to stream 'remi-7.4’”)
# dnf module reset php (enter “y”)
# dnf module enable php:remi-7.4 -y
# dnf install -y php php-cli php-common php-fpm php-pear gcc curl-devel php-devel zlib-devel pcre-devel php-pecl-http systemtap-sdt-devel
# export PHP_DTRACE=yes
# setenforce 0
# echo "instantclient,/usr/lib/oracle/18.5/client64/lib" | pecl install oci8-2.2.0.tgz
# echo extension=oci8.so >> /etc/php.ini
# echo extension=oci8 > /etc/php.d/20-oci8.ini
# systemctl restart php-fpm
# systemctl restart httpd
Servers should be:
LDAPS = 636
LDAP = 389
Account Username format for AD:
Password for satellite.ldap.svc
Groups base DN: OU=Groups,OU=Satellite,OU=Services,OU=SSG,OU=UConn,DC=grove,DC=ad,DC=uconn,DC=edu
LDAP filter: (objectClass=User)
Satellite needed the following box checked:
“LDAP users will have their Satellite 6 account automatically created the first time they log into Satellite 6”.
Trying to shutdown an old web server from the late 1990’s that had it’s guts transplanted onto a newer system around 2003 and again around 2009. As you can imagine there are accounts and files that are like those items in your junk drawer, they beg the question…why is this here?!
In an attempt to determine last use of accounts we combined some log analysis with some unix timestamp forensics to prove that no one really needs this anymore!
The log analysis was pretty easy, track non-robot traffic to determine which accounts were being accessed and at what frequency and volume. The timestamp wasn’t difficult just had to isolate which files we wanted to analyze. Using the `stat`, `find` and/or the `ls` commands make this easy. In case you are not aware of this Linux/Unix stores a number of timestamps for each file. These timestamps store when any file or directory was last accessed (read from or written to), changed (file access permissions were changed) or modified (written to).
Three times tracked for each file in Linux/Unix are:
- access time – atime
- change time – ctime
- modify time – mtime
Aside from using atime, ctime or mtime, the easiest way to get the information we are looking for is using the `stat` command:
# stat /home/myhome/file1
Size: 1498906 Blocks: 2928 IO Block: 4096 regular file
Device: fd01h/64769d Inode: 3414009 Links: 1
Access: (0664/-rw-rw-r--) Uid: ( 500/ myhome) Gid: ( 500/ users)
Access: 2016-01-26 12:53:01.309089993 -0500
Modify: 2013-07-15 10:28:05.241847000 -0400
Change: 2013-07-15 10:28:05.315848001 -0400
If you are looking for a large set of files that have been accessed/modified/changed before or after a specific date then using the `find` command is your best bet.
For single files or a small set of files the `ls` command is probably easier.
For information on how to use atime, ctime and mtime with `find` and `ls` refer to the man page for the specific command.