Bulk User Management

The Desire2Learn conversion process strips our Blackboard Vista sections of students and instructors. Our clients naturally want instructors and designers enrolled in the migrated courses (BbVista sections are D2L courses). So obviously we had to enroll them. The options were the XML (Holding Tank) format or the CSV (Bulk User Management) format. I helped a… Continue reading Bulk User Management

The Long Problem

We encountered a vexing issue where sections did not appear for the class list for students. We confirmed the students were properly enrolled. We confirmed the current date was between the dates for learning contexts and terms. We confirmed the access was granted to the students. Still, the sections were not showing, but the usual… Continue reading The Long Problem

Mail Delivery Background Jobs

Only 8 years into running this product and I still learn something new about it. Monday there was an event. Two nodes became responsive at about the same time. The other ten nodes did their jobs and transferred session information to the nodes taking on the sessions. Most were so busy they did not respond… Continue reading Mail Delivery Background Jobs

Project Gutenberg Lorem Ipsum

There is a Java vulnerability where an attacker can exploit the hash predictability. The exploit is apparently easier when the content is larger. So the workaround is to limit the size of HTTP POST requests. Weblogic’s 10.3 config.xml has a max-post-size which does this. The handling of when the condition is reached is pathetic. It closes… Continue reading Project Gutenberg Lorem Ipsum

Back Door Restore

Humans make mistakes. Our clients’ administrators some times do very bad things without malicious intent. The “Deny Access” button is too close to the “Delete” one. About 160 student accounts were deleted. The hypothesis came to me that sections keep data when a student is removed. Maybe it keeps the data when a student’s account… Continue reading Back Door Restore

DSID-0C090334

Working with our clients on LDAP configuration almost invariable starts with SSL certificates. Self-signed, intermediate, and take up a while. The two tools, openSSL and keytool have become my friends. Working with a network admin for the client, I finally saw the legitimate certificate correctly signed by the intermediate certificate not the self-signed. This means I… Continue reading DSID-0C090334

HtmlSecurity.config

If you are a CE/Vista admin, then you should probably be aware of $WLDOMAIN/serverconfs/HtmlSecurity.config. This file has the regex code for blocking inappropriate input by users to exploit forms. Say a student wants to write a mail message to another student with JavaScript to execute malicious code to hijack a session. One of the regexes… Continue reading HtmlSecurity.config

Pick Up Line

(I will never use.) My name’s Vista. Can I crash at your place tonight? Noticed at geekpickuplines. Especially funny for me because the product I run is the Blackboard Learning Management System Vista Enterprise. We just call it “Vista”. (Yes, very confusing when Windows Vista users want to know the compatibility of Vista with Vista. The… Continue reading Pick Up Line

OpenSSL Handshake

One of the questions we ask our clients initiating an engagement to help them setup external authentication from our LMS to their server is, “What is the certificate authority for your SSL certificate?” We have been burned by people purchasing certificates from authorities Java does not support. (And the support is indeed limited compared to say,… Continue reading OpenSSL Handshake