the agile gadfly
Wed, Apr 8, 2009
At $WORK we’re starting the migration from Novell eDirectory to Microsoft Active Directory (AD) but staying with Novell Groupwise for email, which means I’ve been looking into automatic account creation in AD. I developed a system to create eDirectory accounts, NDS home directories and Groupwise accounts several years ago, which is still running. It’s a mixture of Java (eDir) and C++ (Groupwise) but with the move to AD, there’s now the real possibility of moving to C++ exclusively.
I initially had a bash at creating AD accounts using JNDI but the server’s certificate was self signed and the X500 Principal info didn’t match the server’s name, so I had to plug in the Guanxi SSL layer to get custom cert/trust handling to get round this. But it worked fine. Then I tried using the Novell LDAP libraries which also eventually worked. Interestingly, I took two different approaches to LDAP over SSL. In JNDI I used TLS while in Novell I used direct to 636, both more overhead than I care to have to be honest but it has to be done as you can only set the password over 128bit SSL.
But the issue of home directories then raised its head. At the moment, I create Novell home directories using NDAP, which is proprietary to Novell and covers the rich permissions of NDS folders but for AD I can only use ADSI to create the directories and assign the correct permissions. So that means C++. So I then tried the account creation a third way, using ADSI, which is a mixture of C++ and COM and it was a breeze compared to Java. No cert problems, no custom SSL handling. It just worked. Plus it clicked with me. Something inside started stirring. C is my “native tongue” and the more C++ I wrote, the more it came flooding back! Coupled with the fact that the Groupwise account creation stuff I wrote is in C++/COM, the decision was made for me. GADfly will be in C++.
So having plumped on a technology, the next step is to smooth the path to using that tech and that means getting build/deploy out of the way and I got a timely reminder of this from James Shore. So I’m taking a look at RAKE for building C++ apps as I cannot stand make. Back when I wrote Windows drivers, I always used Visual Studiio to build the drivers and I’ve no intention of ever using make, if I can help it, so RAKE seems an interesting alternative.
James mentions “the flow”, when you just code without a care in the world. In fact the world doesn’t exist and to get into the flow, you need more or less instant feedback on what you’re doing. Hence the transparent build/deploy cycle. You want to spend your time coding and not copying, restarting, sorting startup problems etc. You want to code, build-deploy-test, get feedback and you want the build-deploy-test to be as fast as possible, to keep the flow going. I found that in a crowded office where we used to share space with mechanical engineering, ordering BOMs over the phone and shouting at suppliers who’s native language wasn’t English, getting into the flow was almost impossible without using headphones.
I’d worked out a system of build-deploy where I’d get the test PC ready by ghosting a new OS onto it, then settle down to code for a while with the ‘phones on and when I needed to test, I could just build-dump to floppy-swivel chair-install on newly ghosted PC-test-get feedback-swivel chair-resume coding. I got into the flow so well one day that I was using the keyboard like a piano. I even gave a flourish of hands in the air as I finished the last line of some particularly interesting pointer segment crossing code when gobbling bitmaps! When you think you’re Liberace on a keyboard, you know you’re in the flow!
But how do you stay in the flow? Turn off chat for a start. kill -9 Twitterific’s pid, close email. You cannot get into the flow if you leave chat on. One minute you’re contemplating some esoteric aspect of COM, the next, you’ve got someone on chat wanting to know how to ftp. It just doesn’t work. Turn it off. It’s even worse if the chat is on another machine. I code C++/COM on the PC but the chat is on the Mac and I usually end up typing chat comments into C++ code, or using the wrong mouse and wondering why the mouse is broken, when it’s the PC mouse that is moving when I’m trying to get focus on Adium. Then the flow has gone and it’s very difficult to get it back. When you have the flow, you’ve loaded the project into main memory (your’s) but when the flow goes, when chat or twitter starts barging in, it gets swapped out, fragmented and lost and you have to spend a long time reloading it. The flow is antisocial. You must be a digital hermit. When you finish the task in hand, with a Liberace flourish perchance, then you can turn them back on and chat/tweet to the world about your achievements and you’ll have something useful to impart.
So I’m looking forward to getting back into Windows development, with its MSDN documentation, native interfaces, esoteric COM and especially C++, possibly my favourite language. I shall miss Java’s superb XML and SSL handling but as I found out, I don’t need that complexity when using ADSI. I’ll still be using Java to get the data out of our student record system as Java is unsurpassed for ease of database access (JDBC) but the main stuff will be C++. But first I must learn Rake and Boost.
Oh, I almost forgot, why GADfly? GroupwiseActiveDirectory on the fly!