[Techtalk] CGI page from Accounting Server

Meryll Larkin alwanza at oz.net
Wed Jan 25 03:43:33 EST 2006 

Thanks Dan, 

I'm going to take this over to the programming list because it turns out I
could use some more specific programming advice.  

I do have one question that is a propriate for both you and THIS list,
though:  

It has to do with security settings.  In my original email I simplified....
I actually have 4 servers:  two Accounting Servers and two Intranet Servers.
I am in charge of the pair that I am using as the Developer machines but
another Sys Admin, Mary, is in charge of the pair that are going to be used
in Production "for real".  

Mary loaded and configured the Production servers but she has been having
more difficulty with preliminaries than I have, and now that I have copied a
script that works on my Intranet Server to access the Accounting Server (it
just returns "daytime" using IO::Socket - found it in a Lincoln Stein book)
to her Production Servers, I know why:  she must have some kind of security
setting (or some service turned off) that blocks inter-server access.  The
script works on my Dev Servers but not her Production Servers.

Both Accounting and Intranet servers are on the same LAN, together behind
the same hardware firewall, so the hardware firewall does NOT get involved
in communications between the two servers (except for email). 

Today I will be checking on all her services to see if any of them aren't
running that should be.  I'll also check /etc/access.deny and
/etc/access.allow and I'll flush iptables.  Do you have any other
suggestions? 

Dan, I wanted to be sure to thank you:
I had two different schemes for proceeding.  One was using a module called
MOP::Remote as the remote-server access (with DBD and DBI on the Accounting
Server Module) and the other was using DBI and DBD::ODBC with ODBC as the
remote-server access and all the scripting on the Intranet Server side.
I've been advised by one other person that the later choice is more standard
and I'm adding your vote to it, so that's the way I'll try first.  

Meryll Larkin

More information about the Techtalk mailing list