Mac OS X 10.9 OpenLDAP install, search and authentication

Bit fiddly, so thought I’d document how to get OpenLDAP installed on Mac OS X 10.9(.3), how to set up a test user and how to then both search and authenticate against that user.

Install macports from and then OpenLDAP:

> sudo port -d selfupdate
> sudo port install openldap

Backup default config files /private/etc/openldap/slapd.conf and /private/etc/openldap/ldap.conf and edit as below:

where the rootpw is generated by > slappasswd -s yourpassword

> sudo cp /private/var/db/openldap/openldap-data/DB_CONFIG.example /private/var/db/openldap/openldap-data/DB_CONFIG

> sudo /usr/libexec/slapd -d3


> ldapadd -D "cn=Manager,dc=my-domain,dc=com" -W -x -f root-ou.ldif

dn: ou=people,dc=my-domain,dc=com
objectClass: organizationalUnit
ou: people

> ldapadd -D "cn=Manager,dc=my-domain,dc=com" -W -x -f people-ou.ldif

I then added a new user via Ldap Admin Tool but could also have used Apache Directory Studio also.

Your connection should look something like this:

Screen Shot 2014-06-20 at 11.32.52

To search for a user and then have that user authenticate against the Ldap repository:

Note this is not production-ready code, there is an absence of exception handling and resource clean-up, please just use this as a template or for reference purposes!

Author:     Friday, June 20th, 2014 Code No Comments

DropWizard and transactional data access with JDBI

A while ago I was trying to work out how to do transactional data access using DropWizard’s recommended data access mechanism JDBI.

The documentation describes creating a basic DAO interface and using the SQL Object API‘s ResultSetMapper to map directly to an object as so:

However, with a more complicated scenario such as a 2-phase SELECT statement and subsequent UPDATE that requires a transaction scope for instance, the documentation was a little less forthcoming.

Turns out the solution is to turn the DAO interface into an abstract class with a concrete helper method and @Transaction boundary with abstract method implementations for the JDBI queries:

The important points to note are the “SELECT … FOR UPDATE” statements which provide locking reads before you UPDATE as well as the @Transaction annotation.

Author:     Tuesday, January 22nd, 2013 DropWizard, JDBI No Comments

The Surprising Truth About What Really Motivates Us

Dan Pink’s work on what really motivates us is really interesting, and this is a great video that explains it all in just 10 minutes.

Well worth watching, particularly if you’re even remotely involved with technically advanced initiatives such as a Software Delivery team.

Author:     Wednesday, November 7th, 2012 Agile, Management No Comments

Programmer Anarchy

Wow! I stumbled across this presentation by Fred George (Forward, ex-IBM, -TW) on my twitter feed. Stating the paradigm shift in such a bold way blew me away somewhat and really changed my opinion of the direction I was trying to take multiple teams (so the BA’s and product development teams in particular).

I set myself the goal in my current position of reading voraciously and over the last 2 years I can honestly say this presentation has had by far the most impact on my thinking and potentially the direction of the teams I work with.

Although we’ve actually tried this approach in the early project stage with the tech team at Policy Expert it was largely unconsciously – and without such a neat title as “Programmer Anarchy” sadly!!!

So we would consider ourselves an “agile” software team – 14 developers, no management hierarchy, weekly releases, lots of focus on CI, automation and testing etc etc.

And with certain features we would do technical spikes, implement frameworks or 3rd party tools without much more than a conversation with the Customer. So a bit of white-boarding and seeing what sticks to the wall, but no stories, no planning, no meetings and no documentation or velocity tracking. In fairness, this was mostly because the BA’s were struggling with their own backlog and traditional requirements were not yet ready for consumption by the development teams.

But after a while as the project gained traction with the business sponsors and the full weight of BA and QA teams were brought to bear, those features were rigorously tested and all possible outcomes and scenarios investigated.

In general terms, we started to make the following observations, pretty consistently across teams and features:

  • very robust software, perhaps overly so – in 8 months since launch we have not had a single high-priority bug*
  • good planning of development tasks and iterations but poor planning around the requirements pipeline
  • non-technical resources aren’t comfortable with the agility mindset and require prescriptive ways of working
  • subsequent inefficient processes and interactions – coordinating resources becoming almost a job in itself
  • focus to the nth degree on refining features – without measurement of return on investment
  • oh, and the familiar scene of a CEO who wanted software delivered faster ;o)

* whilst I’m not advocating building rubbish software, if you’re a developer in a commercial environment it’s good to think along the lines of accounting for every keystroke [courtesy dom farr for the quote]

I don’t wholeheartedly subscribe to the approach outlined, but then perhaps that depends on context? As we work in the financial services industry – which is regulated – I would be horrified or at the very least not very confident of releasing software with no test cases. And that doesn’t begin to describe the leap of faith the business would have to take!

But we certainly have “story tyranny”, head-down developers who are decoupled from the actual business, one or two software features that have little commercial value, fairly large applications in terms of LOC (certainly more than the order of 100 lines as mentioned). We also have a number of frustrated developers. And no doubt some of our colleagues share this frustration too!

So although we’re already running with some of the approaches outlined ie. no management hierarchy, focus on refactoring, continuously pushing our boundaries, we are going to try and adopt an even less structured approach and see if we can cut the overheads and layers of communication and process that just aren’t adding anything to our bottom line.

It’ll take quite an investment from the more senior developers on board, and perhaps some additional trust from the business teams, but I’ll almost certainly post up on our experiences, either positive or negative…

[Additional link to both the presentation and slideshow on InfoQ]

Author:     Tuesday, February 21st, 2012 Agile, Development, Lean, Management No Comments

Puppet certificate issues

Lots of posts on t’internet about this one and difficult to know which apply.

To rectify an error on the client of type: “please remove certificate from server and regenerate it with the current key”, for puppet 2.6.6, use the following to remove said certificate from the puppet master:

sudo puppet cert --clean <client node address>

Author:     Wednesday, February 1st, 2012 Code, DevOps No Comments

Agile Database dot com

Have added some new features to my agile database framework and decided to release as a slightly more professional undertaking – say hello to Agile Database dot com.

The code’s hosted on GitHub so please feel free to take a look and let me know if you have any feedback or issues.

I’m going to add a section on Usage shortly, and probably delete the old code hosted on this blog, but aside from that I don’t have much of a plan for a roadmap. Certainly multi-database / OS support without having to refactor the scripts would be beneficial. Please feel free to let me know if you have any other ideas!

Author:     Wednesday, September 14th, 2011 Agile, Database, Development No Comments

What is a Hacker?

Hacker: Someone who thinks outside the box. Someone who discards conventional wisdom and does something else instead. Someone who looks at the edge and wonders what’s beyond. Someone who sees a set of rules and wonders what happens if you don’t follow them. - Bruce Schneier, courtesy @hackerchick

I like this definition so much because it’s clearly nothing to do with writing code, and can (should?) be applied elsewhere…

Author:     Friday, August 19th, 2011 Code No Comments

Capistrano prompt for input

To prompt for user input, us:

set(:user) { Capistrano::CLI.ui.ask("User name: ") }

The above is “lazily evaluated”, so if you want an immediate prompt do not pass the block to set(), instead use:

set(:user, Capistrano::CLI.ui.ask("User name: ") )

Author:     Wednesday, August 17th, 2011 Capistrano, Code No Comments

Policy Expert

This is our phase II Policy Expert launch, mostly static content and user guides etc but the full phase III launch of Home Insurance product is coming soon…

Author:     Monday, April 25th, 2011 Code No Comments

Amazon RDS DB Instance Sizing Guide

For anyone else who can’t find the Amazon RDS DB Instance Sizing Guide!! Grrrrrr… here it is! ;o)

Author:     Monday, April 18th, 2011 Code No Comments