WebCT

You are currently browsing articles tagged WebCT.

No Hiding From Blackboard

May 6, 2009 in Blackboard Vista by Ez | 2 comments

Some former WebCT (bought by Blackboard) customers switched to ANGEL rather than move to Blackboard products. PDF Apr 14, 2009 Today, Blackboard announced it is buying ANGEL. You can run, but you cannot hide from Blackboard.

Some light reading for you…

  1. Learning, Together ANGEL Learning and Blackboard® have decided to join forces.
  2. Blackboard Plans to Buy Another Rival, Angel Learning | Chronicle.com
  3. Why HigherEd is rejecting Blackboard … | Laura Gekeler
  4. Open Thread on Blackboard/ANGEL Merger | mfeldstein.com

So the options left are…

  1. Blackboard-WebCT-ANGEL
  2. Moodle
  3. Desire2Learn (currently in patent troubles with Bb)
  4. Pearson eCollege
  5. Sakai

Related posts

Session Oddities

April 22, 2009 in Blackboard Vista by Ez | No comments

One of the clients we host complained about losing their session. Blackboard recommended we switch how our load balancer is handling the session persistence. Before agreeing to do that, we decided to use Blackboard’s script to determine if there is a problem before trying to fix something which may or may not exist.

An acceptable number of sessions showing on multiple nodes of a cluster is less than 5%. When I ran the test, I found 35.8% matched this criteria. But wait just a second, this seemed like an extraordinarily high number. I ran a second test for an identically configured cluster on the same hardware to find only 4.3%. Why are these so different?

Most cases of this “duplicated session” I spot checked were 1 hit for autosignon on another node. Blackboard confirmed these happen before the user has logged in, so they could appear on the other node. So I ran the test again ignoring these autosignon requests and found we were down to 7.2%. Close to acceptable but not quite.

 Similar to autosignon, the editonpro.js appeared in the majority of the cases I spot checked as the sole hit another node. Once, I removed those from the test, I was down to 0.7%. My control cluster was down to 1.4%. 

One would hope the the script used to determine the amount of duplicate sessions would ignore or remove from the data set the known false positive log entries. 

One would also hope the script instructions (requires login to Blackboard help site) would help users account for these false positives. I did leave a comment on the instructions to hopefully help the next person who has to do this.


Related posts

LMS Security

March 9, 2009 in Blackboard Vista by Ez | No comments

This morning there was a flurry of effort to locate an article called “Hacking WebCT.” My coworker was able to locate it. We were disappointed. 

The main points of the article were:

  1. Lazy administrators make compromising user accounts easy.
  2. Lazy instructors make getting questions for assessments easy.

These apply to any LMS. So, here is some advice to counter the issues raised in this article.

 

Accounts

Default passwords are the bane of any system. Make users change them. (Yes, this increases support tickets.) This usually comes about because the administrators did not integrate the LMS authentication with LDAP, Kerberos, or CAS  which allows for central management of accounts. Central management of accounts means fewer accounts are likely to sit around with easily guessed intially imposed credentials. 

Linking many services together also raises the exposure should one account account me compromised. Enforce decently strong passwords. Too strong and frequently changed password will encourage users to employ means of remembering passwords which defeat the point. Passwords probably should not ever be just birthdays.

Not sure what advice to provide about the potential of a student installing a keylogger on a computer in a classroom?

 

Assessment Cheating

A long availability period (like a week) provides opportunities for enterprising students to exploit the issues with passwords to see and research questions in advance. Instead, a quiz with a short availability period like an hour means less time to go look at the other account, record the questions, research them, then go back into the proper account and take the assessment.

Instructors should use custome questions. Students can obtain questionss provided by publishers in ePacks or with textbooks from previous students, the same textbooks the instructor received, or even web sites online which sell the information. 

High stakes testing ensures students are looking to cheat. When the value of questions is high, these easier methods than knowing the material ensures a war between students and instructors over cheating. Of course, lowering the value of the questions increases the workload of the instructor. 
:(


Related posts

Better CE/Vista Web Server Log

February 26, 2009 in Blackboard Vista, unix by Ezra F | No comments

Some support tickets are more easily solved by knowing both user behavior and environment. An often helpful piece of information is what web browser they used. To add this, shut down the cluster, edit /VISTA_HOME/config/config.xml with to include the cs(User-Agent), and start the cluster. This line will need to appear for every node. At startup, the nodes will download a new copy of the file. 

 <elf-fields>date time time-taken c-ip x-weblogic.servlet.logging.ELFWebCTSession sc-status cs-method cs-uri-stem cs-uri-query bytes cs(User-Agent) x-weblogic.servlet.logging.ELFWebCTExtras</elf-fields>

Command: 
cp config.xml config.xml.bak
sed -s s/bytes x-/bytes cs(User-Agent) x-/g config.xml.bak > config.xml

Probably this could be edited in the Weblogic 9.2 console. I haven’t looked yet.


Related posts

Mail From Address

January 29, 2009 in Blackboard Vista by Ezra F | 3 comments

It appears CE/Vista has several locations for defining the email addresses it uses for SMTP.

  1. $WEBCTDOMAIN/config/config.xml:
    mail.from=
    From address for messages sent.
  2. $WEBCTDOMAIN/customconfig/startup.properties: 
    WEBCT_ADMIN_EMAIL=
    Some internal errors have a mailto: prompt to contact the server administrator.
  3. $WEBCTDOMAIN/serverconfs/log4j.properties: 
    log4j.appender.EMail.To=
    Report fatal errors.
  4. $WEBCTDOMAIN/serverconfs/log4jstartup.properties: 
    log4j.appender.EMail.To= 
    Report fatal errors.
  5. $WEBCTDOMAIN/webctInstalledServer.properties: 
    WEBCT_ADMIN_EMAIL=
    Installer picks up this value for populating #2 and possibly #3 and #4.
  6. $WEBCTDOMAIN/webctInstalledServer.properties: 
    MAIL_ORIGIN= 
    Installer picks up this value for populating #1.

What really disturbs me is the Vista 8 installer created log4j properties files with the  SMTP server set up for miles.webct.com and sending from vista.monitor@webct.com? I cannot seem to find anything in the Vista 8 documentation or wiki or Google index about the “Vista Trap Notification” subject line, from address, or SMTP address which the log4j appender appears to be designed to send. 

This Vista Trap Notification appears designed to send an email to the address any time a fatal error is encountered. That’s fine. Just use the smtp host and From address requested in the installer. 

Don’t get me started about giving end users a mailto: prompt to report errors.


Related posts

How Not To Break a Frame

January 7, 2009 in Blackboard Vista by Ez | 1 comment

Correct:

<script language=”Javascript” type=”text/javascript”>
if (top != self)
{
top.location = window.location;
}
</script>

Incorrect:

<script language=”Javascript” type=”text/javascript”>
if (top != self)
{
top.location = “/webct/urw/lc18361011.tp0/logonDisplay.dowebct”;
}
</script>

The problem with incorrect is the address used here is not the address in the location bar.  The one in the location bar has the values required to login. Instead I get something which causes users to be unable to login. Example: So we send someone to http://westga.view.usg.edu. They get redirected to another address in which we provide the glicid, insId, and insName. Correct breaks the frame and gives the browser back the same address. Incorrect breaks the frame and gives the browser back a different, non-functional address. Bad. Bad. Bad.

WebCT Vista 3 used the Correct JavaScript which just passes back the addresas used. Blackbord Vista 8 for some reason changes what worked to Incorrect.

Yay for first day of classes.
:(

UPDATE 1:

It gets better… Bb Vista’s Custom Login and Institution List pages are unaffected (aka use the Vista 3 style JS). Only going to the generated logon page, loginDisplay.dowebct, has the issue.


Related posts

Course Management Systems are Dead!

January 6, 2009 in Blackboard Vista by Ez | 3 comments

Heh. Blackboard Vista is headed for a brick wall? Who knew?

7. Course Management Systems are Dead! Long Live Course Management Systems! Proprietary course management systems are heading for a brick wall. The combination of economic pressures combined with saturated markets and the maturing stage of the life cycle of these once innovative platforms means that 2009 may well be the year of change or a year of serious planning for change. Relatively inexpensive and feature-comparable open source alternatives combined with some now learned experience in the process of transition from closed to open systems for the inventory of repeating courses makes real change in this once bedrock of education technology a growing possibility. As product managers and management view these trend lines, I think we might see incumbent players make a valiant effort to re-invent themselves before the market drops out from underneath them. Look for the number of major campuses moving (or making serious threats to move) from closed systems to open ones to climb in the year ahead. The Year Ahead in Higher Ed Technology

It is true the big player in proprietary CMS / LMS / VLE software has lagged in innovation for quite a while. Remember though Blackboard bought WebCT and kept around the other product while hemorrhaging former WebCT employees. That alone kept them extremely busy not to lose every customer they bought. The next version, Blackboard 9 should be available soon. That is the litmus test for their future success.

Bb9 is a newer version of Academic Suite, aka Classic. There is no direct upgrade path from CE / Vista to Bb9. There is a Co-Production upgrade path where one can run both versions side-by-side with a portal interface to access either version without having to login again. Content still has to be extracted from the old and placed in the new. (Since we are running Vista 3 and Vista 8 side-by-side now, this doedsn’t give me warm fuzzies.) This was the upgrade path some WebCT and Blackboard clients took getting from Vista 3 to 4 only to find Vista 4 was junkware. Similarly, those leaving CE4 for CE6 were frustrated by the move. So, I would predict:

  1. Those on Classic 8 now will go to Blackboard 9 ASAP.
  2. Smaller colleges on CE 8 who through turnover no longer have the people burned by the CE4->CE6 migration will probably move to Blackboard 9 this summer prior to Fall.
  3. Smaller colleges on CE 8 who still remember will migrate after AP1 (maybe a year after Bb9 release).
  4. Larger colleges on CE or Vista 8 will move some time between AP1 and AP2.
  5. Consortia groups like GeorgiaVIEW, Utah State System, or Connecticut State University System will wait and see.

That last group doesn’t take change easily. They have the nimbleness of a Supertanker cargo ship.

I am still waiting for the tweets about Moodle and Sakai, the open source alternatives, to change from in general “X sucks, but at least its not Blackboard.” to “X is the best there is.” If “at least its not Blackboard” is the only thing going for the software, then people will stay where they are to see where things go. There needs to be compelling reasons to change.

Unfortunately the cries of the students and the faculty in the minority are not enough. Most people are happy enough. They can accomplish the important things. They get frustrated that IT took the system down, data center power issues, network issues, or a performance issue. None of which go away by picking FOSS.


Related posts

Forcing Weblogic’s Config.xml

October 2, 2008 in Blackboard Vista by Ezra F | No comments

Let’s nevermind why I am working on this in the first place. Namely…

  1. the Blackboard Learning Environment Connector introduced using the hostname and port for applet URLs in Vista 8 Blackboard,
  2. Blackboard dropped WebCT’s support for using a different port for an application when behind a load balancer.
So we found out we could use port 443 as the SSL listen port because we terminate SSL on the load balancer, Weblogic would not bind to port 443, but the Vista application would be tricked into displaying to the end user what we wish.
In the past week, we have put the correct config.xml in place multiple times and found it reverts back to an older version with the port we don’t want. The first time, I was lazy and did not shut down the Weblogic admin server because… well… that was the lazy practice I had used in Weblogic 8.1 and had not had a problem. My shell record shows it was correct then. Within hours it wasn’t correct anymore.
So, we found a few things…
  1. a copy of the config.xml is stored WEBCTDOMAIN/servers/domain_bak/config_prev/,
  2. all files in WEBCTDOMAIN/config/ are pushed to the nodes,
  3. to change this value in the Weblogic console requires turning on a feature to bind to the SSL listen port.
Additionally, we think research into this would show Weblogic stores this information in memory. It will then write changes it makes to the file back to disk on the admin node (destroying our change). Managed nodes will then pick up the change.
The latest shot at this is to purge the #1 and #2 on both the admin server and managed nodes, put the right file in place on the admin nodes, and see if it reverts again.
So now I’ve got to write a script to periodically check if the nodes have the wrong listen port and email us should it change.

Related posts

Recap of Vista Stuff

August 24, 2008 in Blackboard Vista by Ez | No comments

It has been a hectic week. A recap…

Java certificate fix – Yesterday, August 23rd, the certificate distributed in various Java applets expired. The community discovered the issue and informed Blackboard who put out a fix for the more current products on August 15th. Many customers are leery of having such little lead time to test, verify, and install a fix. Well, Vista 3.0.7.17 was also reported to have the problem, but Blackboard didn’t provide a fix until the 20th after I got my TSM to verify it really still is a problem on the 18th. (The corrected 3.0.7.17.8 version was provided August 21st. Why is in the next paragraph.)

The fix for Vista 3 required us to be on 3.0.7.17.8 (hotfix 8 which we had not yet applied), had references to the “webctapp” directory (in Vista 3 it is applications), and distributed a webct.sh script to add updateWar which didn’t work with Vista 3. FAIL. Thankfully we have modified War files in the past, so adding the updates was more work and accomplished before Blackboard provided a corrected version.

To see the Java certificates in Windows: Control Panel > Java > Security > Certificates. The Blackboard ones are verified by Thawte (the Certificate Authority). The old one is issued to Blackboard. The new one is issued to dc.blackboard.com.

Vista 3.0.7.17.8 – This hotfix was released a couple weeks ago. However, since the priority has been the migration to Vista 8, this was on hold. The previous problem made us step up and throw this into production. The testers went to heroic efforts to get this and the certifcate fix tested. Testing was mixed.

  1. Losing session cookie because of Office 2007 in Internet Explorer. Happened less often post fix, but still happens in some cases.
  2. Autosignon MAC2. Mode to allow insecure MAC works to give the one school using it time to correct update their portal to use MAC2. Originally the plan was to let them work out MAC2 in test.

Slammed by our users…

  1. systemIntegrationApi.dowebct – The school using the autosignon wanted to have the correct consortiaId to create the MAC. Some time back in January they started calling this any time users tried to login because a handful (guess was ~12) have had their username changed. So the autosignon failed. Yes, they were sent us 25,000 requests in a busy day (about 20% of the queues were working on these during the day) to handle potential 12 problems in a term. FAIL.
  2. pmSelfRegister.dowebt – One of the clusters started to have issues. Two nodes went crappy. I looked at the Weblogic console and found all of the failing nodes had no free spots in the queues. 90% of the queues were working on these. Much of this is because the requests were hanging around for at least 4800 seconds (an hour is 3600 seconds). At about 6000 seconds the cluster recovered when the queues cleared.I think the queues cleared because I changed to false a couple settings:
    • Allow users to register themselves as a Student in a section = false
    • Allow users to register themselves as an Auditor in a section = false

    As I recall, we only had about 22 queue spots open (out of 308) across the whole cluster. We got lucky.


Related posts

webctbackup

August 14, 2008 in Blackboard Vista by Ez | No comments

John made a good point… While telling Blackboard about this is pointless, the community at large ought to be aware of another undocumented workspace issue. I found an 8GB .bak in the /u01/app/nodeA/weblogic81/webctbackup on the active JMS node. Taking out user accessible nodes is okay in my book as with 18-20 of them in our clusters, we can lose one and no client would ever know. Mail, chat, learning context administration and other services in CE/Vista fail without a functional JMS node.

An administrator did a template reassignment with “Force archive before template reassignment” set to true. For some reason the file was placed on the JMS node. It should have been deleted. However, it was not. I caught it in time as another large file was dropped within 10 minutes of me deleting the first. I only caught it time because I was at my desk working (not in meetings, at home, or asleep).

This came within one GB of completely filling up the file system. We do not have huge hard drives on these nodes, just 3 times the size we need except for this. Nor do we allow the nodes accrue a ton of logs or junk.

Maybe this is something Blackboard has resolved this for future versions like Vista 4 or 8. Maybe one day we will have official or unofficial documentation about this kind of stuff.

The answers I anticipate from Blackboard:

  1. This is functioning as designed. I bet composing the archive requires something from the JMS node, so it must reside there. The JVM is too small as is /var/tmp, so the file system is the best place.
  2. Use a bigger hard drive.
  3. Set “Force archive before template reassignment” to false.

Even if Blackboard agrees this is bad, then it might get fixed on Vista 8. Certainly it will not get fixed in the officially supported  Vista 3.
:(

If you want to confirm if you have the potential for this problem, then you should have a $NODENAME/weblogic81/webctbackup or a $NODENAME/weblogic92/webctbackup directory. We only have them on all four JMS nodes, but have have seen them on four (out of 76) other nodes. The other 72 nodes lack this directory. While you are at it, make sure you know about the other undocumented work spaces I have mentioned.
:)


Related posts

« Older entries