Recently in Work Misc Category

Email scams again

| No Comments

People keep reporting emails that say something like:

Dear network user,
Your account has violated a quota and will be turned off. 
To avoid this, email your login name and password to 
somebody@somewhere.com.

Signed, wou.edu administrator

To us geek types, this is obviously a scam. I just keep getting reminded that other people don't instantly spot this for what it is, even when it tells them to send their info to a non-WOU address. It can be even harder to spot when the From: address on the email is something like admin@wou.edu, or the message tells you to go to a link that looks like it's on our website but actually goes elsewhere.

So really what we need are some general rules of thumb. The first and most obvious is never, ever, ever, EVER put your password into an email message. Never. And did I mention never? Of course this means we UCS folks should never ask someone for their password except in person -- we really don't even want to get users in the habit of saying their password over the phone.

Another rule of thumb would be never trust emails from generic addresses. When we send messages out, they'll have a specific name on them, not just "admin@wou.edu" or some such.

If we agree on this among ourselves and communicate it to users, hopefully that'll help everybody.

A few weeks ago, when Brian was on vacation, some of the rest of us had a communication breakdown about creating new user accounts, and several new employees had to wait entirely too long before they could log on. This was at least partially my fault.

Brian is going to be gone again next week, but this time we won't have these problems because we've improved the process. First of all, we found out why most of the notifications were misrouted and fixed that. Also, I've added some more automation to the faculty/staff account creation system, so there's less work to do. I can't really talk about the details because that would mean giving out too many specifics about our servers, but several steps that formerly had to be done by hand now happen by themselves. The weird part was how easy it was to do, once we took another look at the process; once upon a time it had to be complicated, but thanks to various changes we've made in the last few years, a bunch of stuff was no longer needed.

Anyway it's way the heck late at night and I need to get out of here. At least the prettymail stuff is working , um, pretty well. (Yeah, this is my 2AM sense of humor.)

Air Conditioning FAIL

| No Comments

On Saturday all three air conditioning units in the server room shut down, and the place rapidly turned into an oven. Our servers put out a lot of heat, and have to be kept cool to prevent Bad Things from happening... and so when the air handlers stopped, Bad Things started to happen.

Luckily, only a couple of servers had actual hardware damage, and those didn't have anything critical on them. Several more servers shut down ungracefully or started behaving erratically. Luckily our two biggest servers, cougar and sundown, never actually crashed, but since our main network infrastructure server did, nobody could get to cougar or sundown.

Since I live so close to campus, I got called in, but it was Paul Lambert and Dave Diemer who did most of the heavy lifting. Once the major problems were cleared away, then I could do my thing. Dave was still working on three servers until the next morning, and I was up until really late babysitting the webserver, which seemed to go catatonic every few minutes for no apparent reason. We'll still be cleaning this up for a while.

Current projects

| No Comments

OK, I'm trying to get back into this blogging thing. This month my main project has been setting up a system to automatically populate Moodle courses with the students who have registered for them. Currently, if the course has an online component in Moodle, each student has to get an enrollment code from their professor and then sign on to Moodle and enter that code to enroll in the Moodle course.

To save this extra step, I've developed a system that can look at a CRN entered in Moodle, and go to Banner and get the roster of students registered in that course, then create an enrollment record for them in that Moodle course. This was a little hairy to figure out because the Moodle database doesn't just say "this student is enrolled in this course"; there's an abstraction layer I don't fully understand, but I did figure out how to use it to enroll a student.

I'm just waiting for the CRNs to be entered into Moodle, and then I can run the script. I'll set ut up to run every morning for the first few weeks of the term, to catch late adds. I don't yet have a good way to unenroll a student from a course, so the professors are going to have to handle drops on their own.

The ultimate goal is to automatically create a Moodle course component for every course listed in Banner for a given term, but that's still a ways off. I'll need to dissect the process by which Moodle course shells are created, and find a way to do that via a script.

The next major project is to clean up our user database before we move to the new LDAP, email and calendar servers sometime in the next few months. We have several thousand accounts ont he system for students who did not graduate but have not registered for any classes for two years; over the long term, we're going to delete accounts when they reach that point, but the first time we do it, we'll be getting rid of about five years' worth at once.

This will mean cleaning out a lot of disk space, too, at least hopefully. Students already lose access to their files after they leave or graduate, but a lot of that stuff is still on the system. Graduates will still keep their email addresses, as long as they log in every couple years or so, but they won't have an on-campus network login, or any file storage.

I feel like we've been running around putting out fires for so long, it'll be really nice to actually make some progress on something like this.

Oh, and I'm on Facebook now if anybody's into that. Just look for me by name; there are more Swartzendrubers than you might expect, but only one Ron who is listed as Western Oregon staff.

I've been fighting a low-level cold for a couple of weeks, and I thought I had it beaten, but last Thursday it came back and bought its friends. That pretty much shot my weekend, but I'm feeling better now and ready to get caught up on the stuff I got behind on from taking sick time.

Other than that, the main thing I'm working on now is a way to automatically create everybody a Moodle account, so we can link Moodle to the WOUPortal. In case you aren't familiar with Moodle, it's our main tool for online classes, or for adding online content to normal classes. Some of our online class stuff is still on the old WebCT server, but most of it has been moved to Moodle. To check out Moodle, go to http://online.wou.edu.

The next project is to automatically enroll students in the Moodle courses as soon as they register for the class in Wolf Web. I've figured out the basics of how to do this, but the tricky part will be to detect when people drop courses, and un-enroll them in Moodle.

General update

| No Comments

I've been busy again (who isn't, these days?) And likely to be more so until we can hire someone to replace Shaun Gatherum, who will be missed around here.

The web conversion is moving along, mostly in the hands of individual people in various departments. I'm working on a way to make the new template function on our database server; right now, a lot of our database applications like the faculty/staff directory and the account lookup system still use the old template. I can make the new template work for non-secure connections to the database, but not secure ones as yet. This may not be fixable until the database server upgrade, but we'll see.

My other big project at the moment is trying to automate Windows domain user creation. You may or may not know that your WOU network usernamer and password actually apply to two different accounts; there's the Windows Domain account, which you use to log into your computer and access network drives, and there's also your LDAP account, which provides access to your email, and your blog, and secure folders on the website, and the forums, and most anything else on any of our servers.

The LDAP account is created automatically, but until recently we have had to create the matching domain account by hand, which is a pain. However, I recently found a way to automate at least part of the process, and am looking to automate the whole thing soon. This probably won't make much difference to anyone outside UCS, except that it might free up more of our time to help you.

Site security

| No Comments

We're changing some of our web shortcuts (such as http://www.wou.edu/blogadmin and http://www.wou.edu/newmail) to use the https protocol.

This is the same protocol that is used for financial transactions on websites such as PayPal and Amazon; it means that all information you send is encrypted so that it cannot be intercepted en route.

However, this seems to have exposed a bug in our blog server; when you go to post an entry, the system returns you to the login page. If this happens, you can change the "http:" in the page address to "https:" and you should be good to go. (You may have to do this twice when posting a blog entry.)

I'm working on a fix for this, though it might wait until I get the blog server software updated.

About this Archive

This page is an archive of recent entries in the Work Misc category.

Wiki server is the previous category.

World-Wide Web is the next category.

Find recent content on the main index or look in the archives to find all content.