Since the security certificate on our main webserver was set to expire soon, I've been getting these email messages at webmaster@wou.edu saying "Reminder - SSL Certificate for www.wou.edu expires in 5 Days", counting down every day until the expiry date. I didn't pay attention to them at first, because I already knew the cert was about to expire. Then after we renewed the cert (Thanks, Summer!) the messages still kept showing up.
I took a closer look and found out that the messages don't even come from Thawte, our usual certificate vendor, but from some place called "certstar.com". They pretended our expiring certificate came from them, though, and told us we should renew it by clicking the handy-dandy link they provided.
Well, I wasn't born yesterday, so I didn't touch the link, but I was curious enough to go to their main site. It looks reasonably professional, but they don't secure it with one of their own certificates; they got one from Comodo instead. That's a real red flag. For all I know, they just take the money and run. Even if they have legitimate certificates to sell, it's really slimy to send those deceptive emails to people.
I wonder how many people out there have gotten fooled?
Tuesday, December 9, 2008
Thursday, December 4, 2008
User account renaming
One of the big projects I'm working on right now is user account renaming. All of a sudden, this term we've got a bunch of requests from people wanting to change their usernames; usually either because they got married and changed their name, or because it wasn't spelled right in the first place. We rarely ever got these before, and the standard answer used to be "We can delete your account and make you a new one, and if that's not acceptable, you'll have to live with your current username."
Now, though, we've got a process that can actually change a username. This is harder than you might think; a username is stored in a lot of places, and affects a lot of things under the hood of several servers, so there are lots of t's to cross and i's to dot.
For instance, changing your username means changing the location where your personal files are stored, which in turn means that several settings in your blog have to be changed, along with (of course) moving your files. We have to change your email address, the location where your messages are stored, any email aliases you may have, any email list memberships. We aren't even going to try looking in everybody else's address books to see if your old email address is in there. It's bad enough that, because of the way the Communications Express address book is stored, we have to make a behind-the-scenes change to every address record in it.
The real sticking point of all this is your online calendar, also part of Communications Express. Because Sun originally bought the calendar server from some other company, it uses a database that's pretty different from other Sun products. Partially because calendars are so interlinked with each other, and also because of some fundamental choices made by that original company, a calendar simply can't be renamed without shutting down the calendar server and rebuilding the entire database of all calendars, just in case they have any links with your calendar. I've pretty much given up on being able to do that with an automatic process. There's just too many things that can go wrong.
The good news is that almost everything else is now changeable, and most of it is automated. If you need your name changed, contact the Service Request Desk and they'll get it to me.
Now, though, we've got a process that can actually change a username. This is harder than you might think; a username is stored in a lot of places, and affects a lot of things under the hood of several servers, so there are lots of t's to cross and i's to dot.
For instance, changing your username means changing the location where your personal files are stored, which in turn means that several settings in your blog have to be changed, along with (of course) moving your files. We have to change your email address, the location where your messages are stored, any email aliases you may have, any email list memberships. We aren't even going to try looking in everybody else's address books to see if your old email address is in there. It's bad enough that, because of the way the Communications Express address book is stored, we have to make a behind-the-scenes change to every address record in it.
The real sticking point of all this is your online calendar, also part of Communications Express. Because Sun originally bought the calendar server from some other company, it uses a database that's pretty different from other Sun products. Partially because calendars are so interlinked with each other, and also because of some fundamental choices made by that original company, a calendar simply can't be renamed without shutting down the calendar server and rebuilding the entire database of all calendars, just in case they have any links with your calendar. I've pretty much given up on being able to do that with an automatic process. There's just too many things that can go wrong.
The good news is that almost everything else is now changeable, and most of it is automated. If you need your name changed, contact the Service Request Desk and they'll get it to me.
Thursday, October 23, 2008
Tap tap... is this thing on?
So, um, yeah, I haven't posted anything to my blog in way too long. Time to fix that.
Here's my current project list with a bit of explanation on each (I'll go into more detail on some of these later, because many of them won't make sense unless you're actually in UCS.)
Plus there's lots of little stuff; improving the efficiency of some of our processes, improving the programs we use to manage our user databases, looking for security holes and plugging them, and the usual ongoing tasks of website, blog server, and wiki server administration.
Future projects:
That's it for now. I'll go more in-depth on some of these later.
Here's my current project list with a bit of explanation on each (I'll go into more detail on some of these later, because many of them won't make sense unless you're actually in UCS.)
- User account renaming - Setting up a process to change people's usernames on request. Actually a lot harder than it sounds.
- User account deletion - We need a process to delete user accounts when they are no longer needed. This will be run every year or so.
- Blog server upgrade - The new version is ready for testing... check it out at http://www.wou.edu/blogadmintest.
- Course catalog information on web - We're working on a way to more easily update and display stuff like course descriptions and degree program requirements on the Web.
Plus there's lots of little stuff; improving the efficiency of some of our processes, improving the programs we use to manage our user databases, looking for security holes and plugging them, and the usual ongoing tasks of website, blog server, and wiki server administration.
Future projects:
- Rewrite Websmith - I want to redo websmith in a different programming language (PHP instead of Perl) that will allow a lot tighter integration with the website, and creation of new features.
- Automatic K: drive folders - We're planning a system (probably for next year) that will let faculty request folders on the K: drive for specific classes, and have them be automatically created. Right now we spend a lot of time doing this manually.
That's it for now. I'll go more in-depth on some of these later.
Subscribe to:
Posts (Atom)