“Klareringsforholdet mellom arbeidsstasjonen og primærdomenet ble ødelagt.” or “The trust relationship between this workstation and the primary domain failed.”

I added the Norwegian translation of the error message to the title as well to help any Norwegians trying to find a solution to this Windows AD issue. The root cause is that the kerberos secret on the client no longer (for some reason) matches the secret stored in the AD forest. The usual fix is to make the client rejoin the domain, however, there’s a better solution.

First you’ll need Administrator access to the client. If you’re unable to log in as an Administrator (because the computer was locked by a domain user account before the secret got borked), reboot the client without any network access. This will allow the user to log in with the cached credentials, as the client is unable to discover that its secret differs from the secret stored in the domain.

You’ll need to download the Remote Server Administration Tools for Windows 7, and install it on the client. After installing, go to Programs and features in the Control Panel, select enable / disable windows features on the left pane, and navigate through:

Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools

.. and find the choice that includes “console tools” (I don’t remember the exact name).

Start cmd as an administrator (right click, select run as administrator under Accessories), and use netdom.exe to sort the issue out properly.

netdom resetpwd /s:<server.domain.local> /ud:DOMAIN\user /pd:*

The user referenced by DOMAIN\user needs to have access to add / edit clients in the domain.

svn: OPTIONS of ‘‘: SSL handshake failed: SSL error: A TLS warning alert has been received. ()

If your svn client suddenly starts complaining about something similar to

svn: OPTIONS of '...': SSL handshake failed: SSL error: A TLS warning alert has been received. (...)

The reason might be that the host in the URL (https://example.com/ => example.com) doesn’t match the ServerName setting in the SSL host for your web server. You might not have configured this, so for Apache add:

ServerName example.com

.. and restart the server. It might just work again!

Replacement for Deprecated / Removed BaseTokenFilterFactory

When writing plugins for Solr you’d previously extend the BaseTokenFilterFactory, but at some time since I last built trunk, that changed to TokenFilterFactory – which is located in the util package of lucene instead.

Diff:

- import org.apache.solr.analysis.BaseTokenFilterFactory; 
+ import org.apache.lucene.analysis.util.TokenFilterFactory; 

...

- public class xxxxxFilterFactory extends BaseTokenFilterFactory 
+ public class xxxxxFilterFactory extends TokenFilterFactory

php-amqplib: Uncaught exception ‘Exception’ with message ‘Error reading data. Recevived 0 instead of expected 1 bytes’

I’ve been playing around with RabbitMQ recently, but trying to find out what caused the above error included a trip through wireshark and an attempt to dig through the source code of php-amqplib. It seems that it’s (usually) caused by a permission problem: either the wrong username / password combination as reported by some on the wide internet, or by my own issue: the authenticated user didn’t have access to the vhost I tried to associate my connection with.

You can see the active permissions for a vhost path by using rabbitmqctl:

sudo rabbitmqctl list_permissions -p /vhostname

.. or you if you’ve installed the web management plugin for rabbitmq: select Virtual Hosts in the menu, then select the vhost you want to see permissions for.

You can give a user (all out) access to the vhost by using rabbitmqctl:

sudo rabbitmqctl set_permissions -p /vhostname guest ".*" ".*" ".*"

.. or by adding the permissions through the web management interface, where you can select the user and the permission regexes for the user/vhost combination.

deck.ignite.js – Ignite / Pecha Kucha presentations in deck.js

After experimenting with deck.js yesterday for two presentations I had to give at a local networking meet, I decided to try to hack together a small extension for deck.js that makes any presentation an Ignite presentation. The concept is simply: 20 slides, 15 seconds for each slide – allowing you to only present the absolute minimum about a subject.

Using the extension is easy; simply download deck.ignite.js from my github repository and add a script tag that references the file after you’ve loaded the usual deck.js files (together with your other extensions):

You can also configure the delay used for each slide (Pecha Kucha presentations use 20 seconds) by setting the igniteDelay option when initializing deck:

$.deck(".slide", { igniteDelay: 20 });

You can read a more detailed description at the github project page.

PHP Fatal error: Uncaught exception ‘GearmanException’ with message ‘Failed to set exception option’

This cryptic message may seem rather out of place, but it usually has a very simple explaination; the Gearman server address you provided does not have a Gearman server running. Your Gearman server is down, or the address is wrong.

The reason why this is the error you’ll see is that the call to set the exception option depends on the connection being up.

There is however another possibility – if your libgearman is newer than your gearmand (which will lead to libgearman attempting to set the exception option, while gearmand has no idea what an exception option is), you’ll also receive this error. The fix is to make sure that you use the same version of libgearman as the gearmand you’re running, either by downgrading the gearman module / library you’re using, or (more sensible) by upgrading gearmand to the same version. This was the cause of the issue mentioned in the comments.

Gearman Disconnects Client or Worker Before Doing Anything Useful

If the log shows that the client connects, but then gets disconnected after sending a few REQ packets (or at another part of the exchange), the cause is probably that there is an incompability between the version of the server and the version of the client or worker. If the client or worker sends a request that the server can’t understand (if the client/worker uses a part of the protocol that wasn’t defined when the server was compiled), the server will disconnect the client or worker.

Building Gearman: cannot find the flags to link with boost thread

While running ./configure things may bail out with the message “cannot find the flags to link with boost thread”. This is cause by configure not being able to find the development version of the libboost-thread libraries on the current library path. If you’ve not built libboost from source, you probably need to install the -dev version of the libboost-thread package for your distribution.

For ubuntu this package is named libboost-thread-dev (you’ll find specific versions under names such as “libboost-thread1.46-dev”. Do apt-cache search libboost-thread to see which packages are available).

For Gentoo the package is named dev-libs/boost, so just emerge that one (thanks to J/#gearman).

Building Gearman under Red Hat Enterprise 4 (RHEL4) or older CentOS-versions

While building gearman on our older RHEL4 servers, there was two issues that surfaced:

  • The version of boost included in RHEL4 is too old (1.32) for gearman. I decided to download the new boost version (1.48.0 at the time of writing) and install it. Be sure to remove the old version with rpm -e boost-devel, so that you don’t get strange conflicts while attempting to build the benchmark tools: 
    benchmark/blobslap_worker.cc:89: undefined reference to 
`boost::program_options::options_description::m_default_line_length'
benchmark/benchmark_blobslap_worker-blobslap_worker.o(.text+0x1d9):
benchmark/blobslap_worker.cc:89: undefined reference to 
`boost::program_options::options_description::m_default_line_length'
  • Issues while trying to build the tests/ directory: 

    tests/stress_worker.cc: In function `test_return_t worker_ramp_TEST(void*)':
tests/stress_worker.cc:113: error: `pthread_timedjoin_np' was not declared in this scope
tests/stress_worker.cc:113: warning: unused variable 'pthread_timedjoin_np'
make: *** [tests/stress_worker.o] Error 1

    This can be solved by removing the whole section enclosed in the #ifdef _GNU_SOURCE
    section. Let the content in the #else-part in place. Removing this will not affect the usual (and any important parts of it) gearman distribution in any way.

The configure / make process of gearman needs a way to exclude the benchmark/ and tests/ parts of the project from being built.

Missing Content in the Awesomebar or History in Firefox

One of the workstations at work had suddenly decided to not record any history of new sites visited .. and not to show any traces of old visits. After a bit of searching I found the recipe for How to fix a corrupt localstore which mentions a few of the same symptoms, in particular that the bookmark dialog won’t show up. Stopping Firefox and then renaming localstore.rdf did however not solve anything. Luckily I had remember that somewhere someone mentioned the places.sqlite database as containing information for the location field, so after stopping Firefox again, deleting the places.sqlite file and then restarting Firefox, everything went back to normal. Yet again Firefox knows where it has been!