Doh.

So I looked at the webserver.log and webct.log. This wasn’t the first time I’ve looked at web server logs for users who were not logged in, so my plan was just use something this to get the session id. (The username, date, and time would vary.)

SESSIONID=`grep username webserver.log* | grep 2010-08-31 | grep 16:0[78]:[0-5] | awk -F\  ’{print $5}’`

Then use this to get the web browser.

WEBBROWSER=`grep $SESSIONID webserver.log* | awk -F\” ‘{print $2}’`

Then use this to look at anything with the same browser.

grep -A 50 $SESSIONID webserver.log* | grep -A 50 $WEBBROWSER

Yeah, I know this was reeeaaaallly hokey. The web browser could be another user. The right one might not be the next one. In this case, I was dealing with a development server, so I was more confident than normal the next action would be my user.

So the logout.dowebct had an HTTP code of 200 and a GET action. The next one was a logout.dowebct with an HTTPD code of 200 and a POST action. Bingo! The user was trying to login on a logout page. No error.

Looked in webct.log for the time and there was no error for either logout. The user had a login just seconds before the first one had the familiar “invalid gotoid” which is supposedly okay. So the logs were a dead end.

Mystified by these results, I pulled up LiveHTTPHeaders and logged out and logged in again in where it failed and another institution in development where it did not fail. The failing one was sending the login to logout.dowebct. The successful one sent it to authenticateUser.dowebct.

So I was back to thinking it was the custom login page again. Over a year ago, since I have a properties file with all the relevant data, I wrote a script to generate a custom login page templates with the values filled into them for all our institutions. I hypothesized if the problem was something in the HTML, then replacing the school’s custom login page with this template at just the logout page, ought to fix the issue. It did.

Finally, I pulled up WinMerge to compare good and bad files and found the form tag contained a widget in the name attribute only when processing the logout URI. The widget was replaced with a correct value at logonDisplay. WTH? When the same HTML file used at the logonDisplay and logout URIs, they behave very differently in processing the widget. How could this be true?  The System Administrator Guide (page 384) confirmed only a single widget works at the logout URL and not this one. Guess this means the Blackboard response would be this is behaving as designed.

Ah, well. We figured out over a year ago these widgets create problems for us. Guess that is still true.

Related posts

• Coradiant TrueSight (5)
• WordPress Error: This file cannot be used on its own. (0)
• Who are broadband users? (0)
• WebRunner (1)
• We Need a 4th Vista DBA / Technical Support (0)

Typically one-off updates from Blackboard has us run the updateWebctEar to replace classes in the war file. In a nutshell it…

1. opens the ear
2. opens the war
3. updates the class at the path
4. regenerates the war
5. regenerates the ear

Simple enough by hand, but very convenient in a script. I was glad when Bb gave us this functionality.

cd $WL_DOMAIN
./webct.sh updateWebctEar __some_class.class webct.war/WEB-INF/path/to/class

Verifying that this is in the Ear file is rather easy, but it takes a while manually. Also, one of the steps is to open the ear then search the webct.war. Well, the managed nodes cache the Ear so it kind of saves a step to look there. We run 14 clusters and worry about inconsistencies between various development clusters and between development and production. Plus, as this is a sanity check, why not check all of them? (Also, we use dsh, so checking all 140 production nodes with one command and not having to login to each saves the most time.)

The command…

1. changes directories to a location in the cache area,
2. confirms the location
3. uses the Java ARchive (JAR) tool to list (-t) verbosely (-v) the webct.war file (-f)

All put together…

cd$WL_DOMAIN/servers/node_name_regex/tmp/_WL_user/webct/
&& pwd && $JAVA_INSTALL/bin/jar -tvf */webct.war WEB-INF/path/to/class/__some_class.class

The output looks something like below. The time stamp appears to be when the server administrator added the file to the

118864 Fri Jul 23 11:25:42 EDT 2010 WEB-INF/path/to/class/__some_class.class

I’m thinking this could also be useful to scan for what updates the nodes have in the War just after we’ve installed it.

Related posts

• Tale of Defeating the Crazy Woman (1)
• Most Recent Data (0)
• Mail From Address (3)
• IMS Data Going to Wrong Place (0)
• Certification Courses (0)

Select a Date Range for the Report

Including here the most recent time the tracking was processed (which the application already displays to the server administrator in background jobs) would help the instructor know whether the data is as recent as 4:00 am or 1:00pm.

Maybe when Tracking will run again ought to be displayed to the instructor so he or she knows it will run within the hour or the next morning. That might cut down on instructors running it again and again expecting it to magically show data which won’t be available until many hours later.

Administrators some times have to pick the best operational time to run Tracking. We have direct login checks running several times per hour. When Tracking is run every hour and these checks run at the same time, the time these direct login checks took spiked. Users also complained about poor performance. So we have these run in the wee hours of the morning when users are not generally on the system.

Related posts

• User Interface v. SQL Reports and Tracking (1)
• Tracking Specific File Use (0)
• Verify Node Has War Update (0)
• Tale of Defeating the Crazy Woman (1)
• RE 2007: GeorgiaVIEW Meeting (Pre-Conference) (2)

When I saw this, I immediate thought of that conversation. (This is more or less a test to see if those people read my blog.)

(click image for larger)

Infographic by PPC Blog

Related posts

• YouTube (0)
• Writer’s Block: Google Me (0)
• Who Are You? (3)
• We Need a 4th Vista DBA / Technical Support (0)
• Watermarks (4)

• 2008 Michael Wesch who spoke on how the traditional one-to-many classroom model isn’t good for helping students learn. The two LMS products Blackboard makes continue the one-to-many model online. He advocated using free online Web 2.0 tools to aggregate the information students collectively relevant research and provide to the many-to-many class discussion.
• 2006 David Weinberger who spoke on how digitalization changes how we organize information. He was previously a contributor to The Cluetrain Manifesto, whose point was corporations need to have honest conversations with customers because we do talk to each other and discover deception.

How does DIY U continue the irony in 2010? Well, the idea is to get rid of the education model where students solely look to experts (aka professor) to provide information. Students use the abundance of information available online for free such as OpenCourseWare and use the experts to give practical application experience. An LMS is designed to place the expert (the instructor role) as the provider of the information, the exact opposite of what Anya advocates.

Ideally, Blackboard arranges these to pressure themselves to adapt to the changing landscape.

If so, then based on the 2006 keynote, Blackboard should have a culture of engineers and developers willing to frankly talk to me about the products. They should be hanging out on the email lists where I seek peer solutions offering their own given their insider access. They should be on Twitter. There are a few who do this, but they are by far rare.

I’ve already argued how the LMS is Web 1.5 not 2.0.

Maybe in 2012.

Related posts

• VLE vs PLE (0)
• The LMS is So Web 1.5 (4)
• Monopoly Fears (2)
• Everything to Everyone (0)
• Videogames in the Classroom? (0)

It pointed out my Tarski theme was a point revision behind. That has also been upgraded. No apparent problems.

No need to go mess with code. That makes me verrrry happy.

Related posts

• WordPress Error: This file cannot be used on its own. (0)
• Who Is Lurking In the Shadows? (0)
• Who Are You? (3)
• What is in a Program Description? (1)
• Week Two Almost No Twitter (3)

Besides, CE/Vista isn’t designed for administrators to assist users. Administrator roles are just to manage availability, access, and settings. It just happens that by having the ability to enroll our account(s) we can go into a section and see what the users see in many cases.

This got me thinking…. There is no official support role at the section context in CE/Vista. At best administrators can place users they control into the section to replicate the issue which can only act like other normal users. The normal roles are designer, instructor, student, auditor, and teaching assistant. Because a support role was never created, there are not any built-in useful tools for diagnosing and addressing problems the users may encounter. Instead all that work happens by those with access to the database. A couple years ago Georgia Tech gave a presentation on the support panel they created for T-Square which was designed for helping them overcome common issues in Sakai.

In CE/Vista,administrators have to rely on self-reporting (usually unreliable) or taking over accounts to see what legitimately they should be able to know to help solve problems. For example:

A student reports he could not see a section in the class list. An administrator’s verification is to check the enrollment in either the section or user views, but there is very little confidence this means anything. The student could have hidden the class, the start-end time could have briefly blipped, etc.

Step one of problem solving is identifying the problem. When there are dozens of potential problems without any way of narrowing down the field, administrators will rightly desire more access to the system’s nooks and crannies to see what is really happening. Because it doesn’t exist in the web pages served, they look at the data stored on the web and database servers to better understand. (Really, though something like Coradiant might help here by going back to see the HTML the server delivered to the student.)

“With great power comes responsibility.” Administrators are already very powerful and can do really scary things. The ability to act as any user? Would need to be kept in a log so employees who abuse this power can be terminated quickly and easily. Even the ability to see anything other users can see could be horrible if poorly implemented.

A former boss had a difficult time with a faculty member who often accused this boss of reading the faculty’s email. The evidence was emails the faculty member didn’t remember reading had been marked as read. The huge assumptions were: 1) the faculty member would remember having read it, 2) the only people capable are this boss and the faculty member, and 3) there were not automated rules to mark the email as read. All this because someone mentioned to the faculty member the people in IT would be able to read email. Imagine the ire if faculty thought administrators could do things as them in the learning management system….

Related posts

• No related posts.

The website anonymously logged the configuration and version information from each participant’s operating system, browser, and browser plug-ins — information that websites routinely access each time you visit — and compared that information to a database of configurations collected from almost a million other visitors. EFF found that 84% of the configuration combinations were unique and identifiable, creating unique and identifiable browser “fingerprints.” Browsers with Adobe Flash or Java plug-ins installed were 94% unique and trackable.

A login is supposed to belong to an individual. Web technologies wanting to honor transactions sent by web browsers which have sent a successful login typically do so by granting that browser a token. Don’t want to enable cookies? Fine. Go somewhere else. As long as you want to use my application, you’ll have a cookie I’ll associate with a username.

All this other stuff is for fingerprinting browsers without using a login. Or maybe to identify who is using the same login? I’ve got different browsers for different logins on the same sites.

Related posts

• No related posts.

Maybe if enough clients complain, then Blackboard will start moving in the direction of supporting 11g? I’ve heard rumors of people already running 11g.

Related posts

• No related posts.

1. Dopamine: Anticipation with each click will lead to a reward leads to addiction-like behaviors.
2. Oxytocin: Lack of touch leads to feeling lonely.

For those of us seeking to feel connected, online media provides a false sense of connectedness. We feel more connected, but this is an illusion. We need the oxytocin for a true connectedness which we don’t get enough through online media. The best use of online social media is to discover the connections necessary for quality face-to-face time with people so we can get what we need. I’d say most of my current face-to-face arose from being active online.

The problem is when our interactions devolve to only being through this. Lately I’ve been thinking I consume too much media which distracts me from trying to be around people. With 592 people on my Facebook friends list, I’m probably reading too many Facebook status updates, apps, etc. Between my RSS readers (yeah, plural), I have 277 subscriptions with at the moment around 1,600 items marked for me to read. With 76 TiVo subscriptions, I’m probably watching too much television. I feel so constantly behind with these technologies I feel like I need to work through them which means I’m spending less time with people.

This isn’t really new for me. My bad habit is to invest myself too much in media by not culling enough of the subscriptions. I’m also hesitant to assert myself in other people’s lives. Some call it reticent: “reluctant to draw attention to yourself”. I’m the person who is likely found hanging around the periphery of a party. This recipe for disaster is why my resolutions usually have something about participating more in social activities. Without such goals, my only social interactions would be through work.

Related posts

• No related posts.

First run of Blackboard CE/Vista 8 Service Pack 3 Hoftfix 1 installer on a single install gave me:

Installation error. Cannot install Java as target directory already exists – /path/to/node/jdk150_13

The installer hung because it went to do a mkdir and the directory was there. It should have abandoned installing Java and moved on to the next task. Instead, it gave me an incomplete install.

No biggie. I moved the existing Java directory out of the way and moved the backup copy of the installation directory back in place. Ran the installer again. This time it failed on a new error:

Installation error. java.util. zip.ZipException: No such file or directory

Turns out the files it needed to do this JDK install were not provided in the package. Luckily everything was in the SP3 installer (why it had been there in the first place). Copied those files into where the installer had sought them. Did the same backout again. Ran the installer again.

Installation completed successfully.

Amy thinks other clients reported this same issue only affected single installs when this hotfix was released and people started using it. We didn’t pay much attention because we don’t normally do single installs.

BTW: There’s not enough difference between  COMPLETE and INCOMPLETE to catch the attention of a person while the installer output is throwing 20 lines a second to the screen. FAILED would be better.

Related posts

• No related posts.

Thinking about this article I read over the weekend, specifically this point.

Closed and proprietary systems are not about learning they are about management. If we want to engage students in learning on the web we need permeable membranes that connect, not walled gardens that contain. [Un]packing the Learning Management System

I’ve read claims for years the Learning Management System are more purchased for their management capabilities and less around the learning. LMSes are about providing the tools for the faculty and administrators to manage their online classes. The people who have to sign the contract and pay the bill are administrators. Some may have former careers as teachers or technicians. So they buy what they know: something which does a good managing.

There is a movement for the networked study model. The approach to school I saw my peers in the early days of the Internet take was not a single model but an amalgam of professor-to-student lecture, networked study, and independent study. Different students demonstrated preferences for models which they thought most beneficial per topic. Doesn’t seem like there is one right answer.

Where these discussions seem to fail is in arguing the scientific data around what is or is not effective. I hate how people mention The ECAR Study of Undergraduate Student and Information Technology in these discussions. Especially when they fail to mention students primarily use the technology for activities other than course work (page 8).

Related posts

• No related posts.

Tests after applet patch in development reported chat failures. Chat uses an applet, so I was concerned and investigated the problem. The usual culprits were not affected.

1. setEnv.sh had WEBCT_CONFIG_OPTIONS set to start chat on correct nodes.
2. customconfig/ChatServer-config.xml had SSL key in correct location.
3. SSL key was the correct key.
4. SocketServer logs were not rolling every minute.

So chat looked correctly setup on our end.

On the web server nodes where chat runs, I changed directory into the logs directory. Now that I looked in SocketServer logs for a web node running chat, I noticed some lines had “user” in them. I guessed the value after user was the id in the person table for the user who experienced the error. It was easy enough to look for that id in the database and confirm my guess.

This first grep of SocketServer log isolates the sixth item between colons teases which is that person id. The second grep reports the whole line including the time stamp.

grep “[0-9]-user” SocketServer.??????????.log | awk -F\: ‘{print $6}’ | sort | uniq
grep “[0-9]-user” SocketServer.??????????.log

With the results of the first grep just above, replace the numbers in bold with a comma delimited list.In the database I looked for these ids with this SQL. Substitute your own id numbers in bold. They turned out to be the id numbers for users experiencing the problems. I recognized the accounts as people who had been testing.

select lc.name, p.webct_id, p.id from person p, learning_context lc

where p.learning_context_id = lc.id and p.id in (99999,999999)

order by lc.name, p.webct_id

/

It looked like in production still had some of the same errors. The one session I profiled appeared to show the errors in chat start about 2 hours after the last action by the user in the webserver.log. This is the time the TCP profile cuts off the chat.

The cause of these more frequently on development in chat turned out to chat having a 5 minute profile instead of the correct 2 hour one. Now everything is consistently having this problem when users let their sessions expire.

Hopefully they are just leaving their windows open on personal computers and not public spaces.

Related posts

• No related posts.

Only this of all eight domains started showing an HTTP 500 error (Internal Server Error). I dreaded having to go through and determine why. Turns out it was easier than I thought…. In Dreamhost’s panel, the domain was still configured to use PHP4. When I changed it to use PHP5, the WordPress started working again.

I would have thought part of an upgrade would be to change this configuration. At least it was just a simple change and not digging through code and logs.

Related posts

• No related posts.

[Blackboard] disputes local reports that the installation of its technology at the school was hacked. “It was actually not a hack, unless you consider the fact that the 9-year-old took the teacher’s username and password from the desk a hack,” said Michael Stanton, Blackboard’s senior vice president of corporate affairs told IDG.

If tricking someone into divulging credentials (known as social engineering) is a hack, then taking it “from a desk” is equally a hack. In both cases, the victim thinks the information is secure. However, it has been unknowingly compromised.

In the case of writing down passwords, security professionals admonish users from doing it for exactly the results of this nine year old, Kevin Mitnick, and others willing to exploit lazy users.

Related posts

• No related posts.

This week I started getting this error when it starts.

Load langs.xml failed!

Apparently this happens enough, Google was able to suggest the search and pulled up a solution in the first result. Rob3C at Superuser.com recommends renaming the langs.xml out of the way and copying the langs.model.xml into place. It was thoughtful of the developers to provide a default good version on which to fall back.

I was curious what was wrong with the the file. Turns out it just ended in the middle of line 100 which is ini, a style I would not have modified. (I mainly use SQL and bash.) Also, the bad one uses the wrong end style for the language element despite it being correctly on adjacent lines. So the file is no longer valid XML. Very odd.

Related posts

• No related posts.

They use the name of people who legitimately commented. Because the scammer cannot see the real email commenter’s address, they use a different one but nothing drastically obvious as spam.

The IPs are 74.63.104.125 and 74.63.104.121. The legitimate comments have different IPs. These IPs belong to FDCServers, who provide colocation and dedicated servers. I’m tempted to send a message to the abuse email address for the company.

For now I’ve renamed the spam comments as ” (Fake)” and removed the web site. I’ll have to be more vigilant.

Related posts

• No related posts.

AC Power

Came into work early. I was paged just as I was waking up, so I thought it would be easier to deal with the issue first thing from my desk as to deal with it then restart getting ready for going into the office.

I didn’t plan on getting greeted with a message I’ve never seen before:

Your system is docked, but the AC adapter type cannot be determined. either undock or insert an appropriate adapter. strike the F1 key to shutdown. —

The AC adapter may be installed incorrectly, or the AC adapter or docking station may be defective.

Naturally the power cord was partially plugged into the dock. I guess it was enough turn it on but not enough to completely work. Easy fix to just make sure the power cord is plugged in securely.

Related posts

• No related posts.

1. “[Blackboard is] a one-stop shop where students can come and get absolutely any access to me, any access to the teaching assistants.” — Philip Wirtz
2. “[Open source] classroom management systems [like Sakai and Moodle] are becoming increasingly popular because they allow schools to adapt the software to meet their needs.”
3. “Even though Blackboard continues to grow through acquisitions, Klopfer says the company could face competition from Google in the collegiate market.”

It would have been good to have more points of view such as from schools using open source products. At least they were not completely ignored.

The Google angle seems more of a stretch. There is no reason why the existing Google Apps for Education or other similar cloud tools could not not be used for the purpose of interacting with students. Reasons for why not to do so depend on distrust of the cloud.

Related posts

• No related posts.

About 9270 of the 9613 in the yet to be rolled logs for BEA-101017 all had to do with “Invalid resource properties – specify path or object id but not both-https://site.view.usg.edu/webct/RelativeResourceManager”. Suspected these exception errors should show in the web server log with the 500 HTTP code for “Server Error”. A simple way to identify them:

grep RelativeResourceManager webserver.log | grep -w 500

Armed with the content=9999999999 value, I used grep to locate which web pages called this URL.

grep -B 10 9999999999 webserver.log | head -50

This pointed me to looking in the HTML for custom web pages. I found CSS using the offending URL as a repeating background for the headers on a navigation bar. There is a blue background color. This image displays a vertical gradient for the same blue. Essentially a fancier version which no one noticed has not worked in the past 7 months. The failure isn’t because of the CSS. This just tells the browser to call the image so if putting the URL in the address bar doesn’t work then I wouldn’t expect the browser to call it from the HTML.

What makes this worse is the image file exists in System Files where it ought to reside for this to work. Also, the URL used appears to make a difference in this case but not others. Other images used on the page work and reside in the same folder in Vista as the failing URL.

Fails: https://site.view.usg.edu/webct/RelativeResourceManager?content=99999999999
Works: https://site.view.usg.edu/webct/urw/lc999999.tp999/RelativeResourceManager?contentID=99999999999

Even worse? Both fail on the test cluster using the content id for that file in that system.

SOLVED:

Overlooked the bad variable “content=”. It should be “contentID=”. Vista doesn’t respond with something like, Content is not a valid variable for the RelativeResourceManager.

P.S. I like grep’s -w flag as it requires spaces around the word. When looking for a number in a web server log, there is a big difference between 500 and 2132500232234. Both would show up for just “grep 500″.

Related posts

• No related posts.