DSID-0C090334

Working with our clients on LDAP configuration almost invariable starts with SSL certificates. Self-signed, intermediate, and take up a while. The two tools, openSSL and keytool have become my friends. Working with a network admin for the client, I finally saw the legitimate certificate correctly signed by the intermediate certificate not the self-signed. This means I… Continue reading DSID-0C090334

OpenSSL Handshake

One of the questions we ask our clients initiating an engagement to help them setup external authentication from our LMS to their server is, “What is the certificate authority for your SSL certificate?” We have been burned by people purchasing certificates from authorities Java does not support. (And the support is indeed limited compared to say,… Continue reading OpenSSL Handshake

LDAP Fiasco

Last week I logged into the ticket management system to look at updates to cases overnight and saw a pop-up for a “widespread issue”, basically two school, involving LDAP. So I looked up the case. The two schools were on the same cluster. Most likely the problem was on my end, which sucks. Security people… Continue reading LDAP Fiasco

New Root CA

One of our clients introduced a new LDAP server for authentication. Like a good partner, they implemented it in the test environment, found it did not work and alerted us to the problem. They also informed us the problem would be the new Thawte Root CA was not implemented on many operating systems and applications.… Continue reading New Root CA

Email Harvesters

I missed the story about brothers convicted of harvesting emails the first time. Well, I noticed a followup. Back around 2001, the CIO received complaints about performance for the web server. So, I went log trolling to see what the web server was doing. A single IP dominated the HTTP requests. This one IP passed… Continue reading Email Harvesters

Preserving CE/Vista Settings

I’ve been asked for notes about this a few times. So here’s a blog post instead. 🙂 A coworker is working on scripting our updates. We lost the Luminis Message Adapter settings in applying the patch to the environment we provide to our clients. Fortunately, those settings are maintained by us not our clients. So… Continue reading Preserving CE/Vista Settings

LMS Security

This morning there was a flurry of effort to locate an article called “Hacking WebCT.” My coworker was able to locate it. We were disappointed.  The main points of the article were: Lazy administrators make compromising user accounts easy. Lazy instructors make getting questions for assessments easy. These apply to any LMS. So, here is some… Continue reading LMS Security

MH Operations

We have been getting these messages for months. Some good folks at Blackboard have caused them to stop for a while, but they just resume. Probably it is multiple cases of the same issue. LDAP Issues: Dear Valued Customer, The MH Operations team has determined that your MH application server(s) are not able to communicate… Continue reading MH Operations