Frank's Activity Log

Development

• IdM separation abandoned until after PeopleSoft roll out. Unable to find logic bug
• Working on incorporating the Engines into "all in one" model to be ready for PeopleSoft_Engine.pl

Posted by at 12:10 PM | Permalink | Comments (0)

Admin

• remake a blog as requested by staff
• in depth email discussion concerning CN field in a consultant entry

Development

• Testing continues... almost got it!

Posted by at 9:32 AM | Permalink | Comments (0)

Admin

• respond to blog request -- already created, what do they really need?
• SAMBA on AIS web machines
• Tech Park design meeting
• ERP Consultant added
• space problem on /rack1c

Development

• Geoff working on PeopleSoft_Engine.pl
• Debug IdM code further...
• Document problems back to PeopleSoft with the feed files

Posted by at 11:37 AM | Permalink | Comments (0)

Admin

• Footprints -- new table doesn't work with IE... uniPress is looking at it
  • first problem -- the javascript was looking for the end of the table and getting confused because we ended it and started a new one. So, made our table a subtable to fix that problem.
  • second problem -- IE doesn't grok HTML comments! Had to remove the comments that outlined where we modified the code
• place order for GeoTrust cert block -- 10/2 Year cert block

Development

• LDAP IdM Separation
  • Real-Time (live updating) isn't going to cut it for the batch nature of the current feeds. Tests are running 90 minutes just to get ready to process the authoritative feeds. Have to re-write for a full on batch process. It is quite possible that the problem is related to Net::LDAP inefficiencies, but time does not remain to allow re-development in python.

Posted by at 6:37 AM | Permalink | Comments (0)

Admin

• LDAP update turned back on
• aisweb https site is not responding... fix the page BB is going after per Mr. G
• Add physical plant director to the no-quota list

Development

• coding finished and testing begins on IdM separation
• Processing of catcard and account data is successful -- AUTH data next

Posted by at 8:11 AM | Permalink | Comments (0)

admin

• Active Directory feed broke because one of the entries contained a second fax number.
  • Asked the Active Directory team to confirm AD has restricted the fax attribute to a single value
  • Updated the OpenLDAP to AD conversion script to only send the first fax attribute value until we figure out the reason for the problem

Posted by at 8:04 AM | Permalink | Comments (0)

Admin

• disable automatic LDAP updates to prevent the possibility of data destruction from the banner upgrade
• Footprints -- login page updated
• Footprints -- mail recovery problem
• Footprints -- open issue with UniPress about the powered by logo blocking the links put on the login page
• MAIL - mbx conversion for financial aid office

Development

• IDM Separation
  • SIS Engine finished
  • HRS Engine written
  • more work on IdM_process.pl

Posted by at 7:33 AM | Permalink | Comments (0)

Mastering the Maze

• Copyright in Academia: Excellent!
• What are they building and where do I park?: Excellent!
• Strange Quirks and Perks: disappointing

Development

• CATalyst asks about HRINT076... and I don't know what that is
• LDAP: more work on IdM separation

Posted by at 8:05 AM | Permalink | Comments (0)

Admin

• DNS Update per request
• recycle named on ns2 -- what the heck was wrong to begin with?
• SSL Cert for AIS web application server placed for installation

Development

• IdM separation
  • finish up the preparations section of the daily script

Posted by at 7:22 AM | Permalink | Comments (0)

Admin

• LDAP: change bdb log file handling to reduce space usage

Development

• LDAP IdM Separation

Posted by at 10:07 AM | Permalink | Comments (0)

Admin

• CATalyst: examine another test file for the list of netids
• update recovermail script to deal with folders that have spaces in their name
• ERP Consultant account updated
• Assist the controller's office with following the CATalyst directions for testing the interface

Development

• update the Parking and Transportation feed for another request
• IdM separation

Posted by at 8:12 AM | Permalink | Comments (0)

Admin

• CATalyst: retrieve and examine HRINT064 file, send concerns back to CATalyst
• CATalyst: Install footprints group file for their testing.
• Calendar: Transfer an existing calendar account to another person -- required modrdn to change the cn and unidssync to resync the ldap and calendar databases
• Remove ability of users to remove themselves from the web directory, per

Development

• LDAP: Identity Management (IdM) process, refinements

Posted by at 7:18 AM | Permalink | Comments (0)

Admin

• LDAP: Student Employee error, found and fixed.
• APC Power strips arrived -- moved to machine room
• Team Meeting
• Team Building Initial meeting

Development

• LDAP IdM process refinement

Posted by at 10:06 AM | Permalink | Comments (0)

Admin

• fix ldap stats report problem on calendar server
• Oops in the ldap update on the test server (sigh)
• New certificates for aiswebt installed
• verbal lashing from management for yesterday's emails re FERPA and my personal pain at the way I was treated by it
• Respond to account services about complaint from customer on account expiration message
• RSA C0607626 -- send off pam.d directory files for sshd auth
• test benefits statement page doesn't work after new certificate (above) -- going after the name cardinal which went away with the hardware replacement 10 days ago -- oops... it hasn't worked for 10 days and cannot work!
• More FERPA discussions
• Samba request for giraffe -- did it in Feb... why did they ask again?
• Transportation and Parking feed (from LDAP) complaint -- discovered a missing "i" so the search was not case insensitive like it was supposed to be. Fixed, new files sent.
• Samba request for giraffe
• RSA C0607626: FIX! -- only change for SecurID on RHEL4 is edit the /etc/pam.d/sshd file -- do not change any other files on the system! YIPPEE!!!
• one more bug in the Transportation and Parking feed (from LDAP) found and squashed
• Another ERP consultant run through the LDAP/AD magic closet
• Start documenting the IdM process

Posted by at 7:46 AM | Permalink | Comments (0)

Admin

• OpenLDAP nightly update broke...
  • WebCT feed was removed and the comparison generator did not like the fact that 100% of the entries were removed.
  • The Parking and Transportation feed was placed in production but the ftp control file was not created with the required blank line following the macro.
  • The Active Directory feed was very slow to generate the list of changes -- turns out it is the horrendously slow algorithm for dealing with the "member" attribute.
• More negotiation concerning the new privacy attribute and what it will or won't do.
• More email exchanges concerning the IBM water cooled rear doors
  • Interesting thing is it is just a big passive radiator, but it does put water from top to bottom at the rear of the rack!

Posted by at 8:36 AM | Permalink | Comments (0)

Admin

• Run the process to notify ~6600 accounts they will be removed on June 1.
• Update samba config on frog
• PeopleSoft privacy in LDAP
  • Add new privacy attribute to ldap config and roll it around the server cluster
  • Update the DCE adduser script to populate this new attribute
  • Update the nightly LDAP update process to initialize this new attribute
  • Update the AD feed code to use this new attribute
  • Update the UVM Directory web app -- to allow people to set attribute value

Posted by at 7:27 AM | Permalink | Comments (0)

Admin

• AD feed problem again... group with more than 10,000 members...
• LDAP - feed to Transportation and Parking... work on it
• SecurID - attempt to install the PAM 5.3.4 on an RHEL4 system -- it doesn't work!
  • Open C0607626 with RSA
• SSH - open hole in the firewall for ais web test system to allow one machine to get in
• LDAP - more work on the IdM separation.

Posted by at 8:55 AM | Permalink | Comments (0)

Admin

• Accept delivery of WrightLine rack for Waterman machine room. Door insert was damaged by delivery company during the trudge through the building. WrightLine will replace the insert (next week).
• LDAP: code new feed for Parking and Transportation and see if it is what they want
• Brief meeting to discuss ds4800 storage drawers and where they are to go.
• rack1a space problem
• Adjust electrical work order to put in a second 30A circuit for the new rack
• Obtain readings of the present 30A circuits where some of the ds4800 drawers will go.
• Presentation from HP about their blade offerings

Posted by at 10:18 AM | Permalink | Comments (0)

Admin

• uvmdir's crontabs are not running on the new giraffe
  • query team about thoughts
  • change shell from tcsh to bash
  • run scripts by hand
• Re-run script on moose to feed DCE/zoo account data to LDAP
• Re-run LDAP scripts now that have data from SIS and HRS to work with
• Alert AD support to re-run their nightly dump to allow for a new update run from LDAP
• Go VOTE!!!
• Re-run AD update code, thanks to Geoff for dumping the AD contents again
• Investigate how to determine and remove old semaphores on linux (Stupid calendar code)
• Create perl script to run daily to purge any semaphores that have not had an operation performed in more than seven days.
• Re-run the account creation process on moose now that it has a decent list of things to do.
• LDAP - three "Student Employee" errors in the HRS feed -- found and added
• SUN reseller meeting -- Solaris 10 capabilities, storage...
• LDAP - more work on the IdM modularization...
• eMail discussion with Parking/Transportation re a feed from LDAP to their process

Posted by at 6:14 AM | Permalink | Comments (0)

Admin

• Consultant account LDAP entry updated so it can be provisioned in AD
• Growing concerned about how the SHM just keeps inching upward. Will it stop or will we have to figure out a way to find and remove dead items as the original solution for the calendar problem found??
• Search web logs for error in .htaccess file for an account
• ERP delivers first sample of batch feed from PeopleSoft into LDAP
• SecurID problem with SSH.COM's ssh 3.2.9 client... prompts are not presented correctly... no fix!
  • Options: PuTTY or ssh from zoo.uvm.edu
• Cobble together an example of what the feed from LDAP back to PeopleSoft might look like and inform Don of where to pick it up.

Posted by at 12:53 PM | Permalink | Comments (0)

Admin

• Run the nightly LDAP update script by hand one step at a time to verify that it all works and the new database system is sending information that makes sense.
• It did all work (took about two hours to run though) and all happy
• Re-enabled the cron entry to run this stuff automatically

Posted by at 4:51 PM | Permalink | Comments (0)

Admin

• After giraffe hardware replacement SecurID didn't work on either machine. Needed to go in and tell the SecurID server that neither Agent had received its SecurID Node Secret yet, and since the agent on the old machine was so back level, change the agent definitions to list the servers for the old hardware (new name) and remove same from the new hardware (old name) then regenerate the sdconf.rec files for both agents.

Posted by at 5:48 PM | Permalink | Comments (0)

Admin

• Clean out another raft of comment spam on this blog...
• Disable nightly LDAP updates in preparation for Giraffe upgrade
• LDAP - generate engine tester and test for SIS engine

Posted by at 7:21 AM | Permalink | Comments (0)

Admin

• LDAP - Documentation, modules....

Posted by at 8:17 AM | Permalink | Comments (0)

Admin

• LDAP - work on modularization to support PeopleSoft addition

Posted by at 9:59 AM | Permalink | Comments (0)