Category Archives: Uncategorized

Oracle takes the lead. Who else is coming to the party?

I haven't heard anything since Michael Feldstein's Sept. post.

Okay, yesterday's post was incomplete at best, probably even misleading.

I continue to research this UDC identifier which is new in Banner 8, and is included in the ICGORLDI extracts we populate Blackboard CE/Vista with at Banner institutions. Its also sent with real-time events if you're using the Banner Luminis Message Broker.

My further research shows that the sourcedid unique identifier shared between Banner and Blackboard does NOT go away. Here is what the new person record looks like, IF the UDC Identifier can't be disabled (assuming your institution isn't implementing it for exchange with other 3rd party systems as your identity management solution).

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE enterprise SYSTEM "ldisp-2.0.dtd">
<enterprise>
<properties>
<datasource>SunGard SCT Banner</datasource>
<datetime>2008-04-07T09:55:09</datetime>
</properties>
<person>
<sourcedid>
<source>SunGard SCT Banner</source>
<id>529</id>
</sourcedid>
<userid useridtype="Logon ID" pwencryptiontype="SSHA"
password="{SSHA}e//kl4BSGrvZfOAKaOfMtZljVZZRUkhFMFZNRQ==">pbullet</
userid>
<userid useridtype="SCTID" pwencryptiontype="SSHA"
password="{SSHA}e//kl4BSGrvZfOAKaOfMtZljVZZRUkhFMFZNRQ==">219483726</
userid>
<userid
useridtype="UDCIdentifier">9A05007692CCEDF33CE6368F4AE8ECA0</userid>
<userid useridtype="Email ID">pbullet</userid>
<name>
<fn>Mr Peter A Bullet</fn>
<n>
<family>Bullet</family>
<given>Peter</given>
<prefix>Mr</prefix>
<partname partnametype="MiddleName">A</partname>
</n>
</name>
<demographics>
<gender>2</gender>
</demographics>
<adr>
<street>19238 Route 30</street>
<locality>King of Prussia</locality>
<region>PA</region>
<pcode>19401</pcode>
</adr>
<institutionrole primaryrole="No"
institutionroletype="Faculty"/>
</person>
</enterprise>

And here is the membership xml.

<membership>
<sourcedid>
<source>Banner University</source>
<id>1057.200310</id>
</sourcedid>
<member>
<sourcedid>
<source>Banner University</source>
<id>32723</id>
</sourcedid>
<idtype>1</idtype>
<role roletype = "01">
<status>1</status>
<timeframe>
<begin restrict = "04">2003-01-01</begin>
<end restrict = "04">2006-01-01</end>
</timeframe>
<interimresult resulttype = "MidTerm">
<mode>Standard Letter</mode>
</interimresult>
<finalresult>
<mode>Standard Letter</mode>
</finalresult>
<extension>
<gradable>1</gradable>
</extension>
</role>
</member>
</membership>

My next questions are around what Blackboard versions will do with this… create lots of benign errors and then ignore it? Choke on the import or event and refuse to process?

And lastly, if your institution IS implementing SunGard's identity management solution, what version of Blackboard CE/Vista would support that? In that case, the UDC Identifier can not be ignored by Blackboard any more than any other 3rd party apps.

And has been difficult to post to since they moved us to their new platform. The blog exists under an umbrella account to which I have "Guest Author" access and on the new platform it means I can't use Windows Live Writer any more to compose offline.

The support ticket has been open for a month now and they haven't even granted me full authorship (which would solve my problem) so I can go about my business while they figure out how to give back what they took away.

My theme song, What I like about 'me' , if you will…

This day in 1929 was known as Black Tuesday, the 3rd of the drastic market downturns that came to be known as the Crash of '29. (Hey, even though I wasn't born yet, I ponder …what does this 'mean'?)

This day in 1960 Dan and Judy Gekeler gave birth to their first born : me.

This day in 2008, other than my birthday, is also the announcement call of Blackboard's Q3 market earnings (NASDAQ: BBBB). Track the day with BBBB and Google Finance. Or, track the day with me (www.twitter.com/lgekeler). Or both.

Remember Dr. Mark Jones from yesterday's post? Well, he's part of the senior management team at Echo360. Also yesterday, Blackboard and Echo360 announced a partnership that will enable Echo360's personal version of their Lecture Capture system to be distributed FREE with Blackboard software.

I suppose that means seamless uploads to one's Blackboard CMS? And seamless playback?Probably all this seamlessness applies only to the NG product since the agreement will take effect Spring 2009. Read yesterday's announcement at Market Watch.

==================================================================

August 2, 2008

Local Fraud which occurred as a result of the May hack into 1st Source Bank, may have a broader connection. South Bend Trib Article.

==================================================================
July 8, 2008

Here is what I’ve been searching the web for, a small line to the Chicago Trib, but a big message for me (written June 5th), "A security consulting firm alerted 1st Source after discovering the breach on May 12, the day it occurred."

So, for those of us who had duplicate transactions on May 4th – No, we can not say the bank’s delay in returning the money that it wrongfully encumbered (in my case for over 72 hours), was due to investigations into a security breach.

==================================================================

Missed this one from The International Herald Tribune on June 18th. Finally some quotes from the FBI!

==================================================================
June 24, 2008

Other banks just turned off debit cards without notifying customers?

==================================================================

June 23, 2008

Regional ATM frauds tied to 1st Source Bank breach: Fox 28 News Here.

==================================================================

June 17th and 18th 2008

Several local bank customers report fraudulent withdrawals. Some wondering if it could be related to the First Source Security breach discovered May 12th. WNDU report here. WSBT’s report here gives more detail on the current theory that the First Source breech targeted debit cards and PIN numbers of other institutions using First Source’s ATM machines.

==================================================================

June 10th, 2008

Good questions: http://spylogic.net/index.php/item/275

==================================================================

June 3rd, 2008

I found this quote interesting relative to the May 4th incident in which a couple hours of that Sunday’s transactions were submitted twice (and not by the vendors).

"Seitz wouldn’t disclose the size of the debit card file, but says the bank is reissuing all cards, which are MasterCard-branded, as a precaution. 1st Source also is offering customers free credit-report monitoring for a year. Seitz would not say whether the hackers broke into the server only on May 12. " (emphasis mine). From Digital Transactions

==================================================================

May 31, 2008

WSBT Story Breaks

There’s more to it than this. In the explanation I was given via telephone yesterday, the event of Sunday May 4^th (where over 100+ debit transactions during a 3 hour period caused ‘double-dipping’ of accounts) was DURING THE TIMEFRAME of the hack.

If the hack occurred May 12^th, then the 72 hours it took the bank to credit my account (and others) for the 2^nd ‘accidental’ (?) transaction has no excuse.

James Seitz, Senior Vice President of Electronic Banking, earlier had implied to me that the May 4^th event essentially boiled down to a regional slow-down of the internet due to several theft incidents concerning AT&T copper (which I don’t believe was live copper anyway, from accounts I’ve read). That’s what he said.

From my point of view, Database Administrators must’ve re-applied transaction logs without pruning them, and done so as a remediation. But as a remediation to what initial event

Meanwhile, yesterday’s phone call with Mary Chmiel (incredibly nice lady, frank and to the point, does customer service well), another Senior Vice President, seemed to indicate that the company MasterCard initiated the re-application of transactions which caused those of us shopping on that May 4^th Sunday to have our transactions debited twice. But why? Why did MasterCard do it?

That is not clear to me. Of course, I haven’t received my letter yet. Maybe this afternoon’s mail will explain it to me.

==================================================================

"Just Leave"

May 24, 2008

==================================================================

United States Postal Service and First Source Resource Cards?

After running for gas and calling Pat, I went out again, to the Edison Road US Post Office. My Resource Card swiped, the postal employee says, "I’m sorry. There was a problem with your card." Now I’m savvy. I don’t freak. I just sigh in a dejected sort of way. Can you run it as a credit card? She can. This errand is done. Now it’s bank to phone the bank.

Are these two incidents related? Julie at Maple Lane branch says no. The USPS point of sale system regularily has problems with First Source Resource Cards. Now I want to know if the US postal service POS system regularily has problems with ALL debit cards, or only with First Sources’ and if so, why?

==================================================================

"INVALID PIN" at the Pumps

Thursday May 22, 2008

Last night my car was running on fumes, so this morning -without breakfast, because I was out of yogurt and needed to buy it at Martin’s as well- I left the house early (about 7:15am), headed down to the local Martin’s supermarket /gas station , ran my debit card through at the pump, and …

Not again. Not again!

Only this time First Source had really done it. The pump displayed "Invalid PIN." Maybe I’m protein deprived? I tried again. Really, I knew already it would never work, it was the disbelief that First Source Bank’s electronic systems could possibly have another problem in such as short time span… So, I hit it again. Four times. I gave up. It was true. The PIN that has worked for me for over 2 years suddenly one day becomes invalid.

I called Pat Hayes at Maple Lane Branch. She didn’t know but she’d call the Resource Center and get right back to me. Hanging up I felt a pang, I hoped I wasn’t the albatross around her neck. By now all First Source employees probably all have printed cards taped to their cubicles advising them to put on their best customer face and simpering voice if Laura Gekeler calls in, then write up a form 1-800-CUSTOMER-RAGE-REPORT in triplicate to send to management. So Pat probably didn’t direct me to the Resource Center herself, as she might have, but eased the pain by not transferring my call.

She calls back and I apologize for causing more trouble, to which she replied in her very down to earth way, that policy dictates the Branch rep. call the Resource Center. (whew…she’s just being her normal nice self, maybe I don’t have an alert circulating the bank about me).

But THEN she says the Resource Center tells her the system was down from 4am to 7am this morning and that any customers using their debit cards during this time now have to have their PINs reset. I said, "Pat… I couldn’t have been at that pump any earlier than 7:10am this morning." But what I really meant was, "Pat, the Resource Center doesn’t have their facts straight yet." Again.

==================================================================

May 4th

They call this an upgrade?

The saga continues… I suppose Sunday May 4th was just the precursor …my Sunday transaction was double-dipped when the vendor on whom First Source Bank relies for its online banking system, accidentally re-applied transaction logs without pruning them. Perhaps this was in preparation for the big upgrade that took place Wed?

Can’t have been good. Today, Friday May 9th, there are still ramifications from the process that was supposed to make it possible for me to see and to use in real-time funds I transfer over the web from savings to checking… Instead, I can’t even login!

One of my past blog posts on recent customer service and information systems snafus at First Source Bank elicited this comment,

"Laura- If you don’t like your bank then leave. If you are unhappy I am sure your bank dosen’t enjoy your constant complaining about them. There are plenty of other banks in town. Just leave!

Posted by: Heather | May 22, 2008 at 03:19 PM"

Okay, Heather, here’s why I am not just leaving….

1. Of the 12 years I’ve been a First Source Bank customer, 11 of them have been very good. Before I sign the divorce papers, I’d like to try counseling first.

2. I believe some companies genuinely want to hear how they can do better and are willing to prove they can. I’m not ready yet to say First Source Bank isn’t one of them.

3. I never thought I’d need an exit strategy from my Bank, from direct deposit of paychecks and from automatic bill pay. I’ve now developed such a plan and can execute it if need be. It would suck if I had to, but I’m now prepared.

Every morning when we volunteers arrived, the Guatemalans had been waiting for us for hours… lined up outside. When we were in place to receive them, this man, Dave McClure, would whistle. I captured it.

Although the decision was finalized last March, Reuters reports on the Consortia today:

“Pursuing an enterprise-class hosted solution was the goal of our institutions,” said Kurt Snodgrass, Vice Chancellor for IT and Telecommunications for the Oklahoma State Regents for Higher Education. “After extensive evaluation, it was determined that Desire2Learn’s solution would enable Oklahoma Higher Education to leverage a consortia model as well as the capabilities of the statewide research network. The key factor involved in the decision-making was functionality and Desire2Learn set itself apart from the others. More importantly, the outcome is a true partnership between our institutions and Desire2Learn – all in an effort to meet the online learning needs of Oklahoma students.”  Read complete Reuters article here.

History of CMS Selection Process at Oklahoma State. Any comments on their process?

I’ve been doing this for a long time … but when I read the install guide for Bb Vista 4.2, my interpretive filters must’ve been clogged. I could’ve sworn it wanted me to use a separate script to upgrade the 3rd node of our small three node cluster. We have two node development and preproduction clusters, so I had no environment to practice the upgrade on.

Stupid. Stupid. Stupid. Eventually I figured out you only need to use the serverConfig.sh if you are ADDING a node over 2. Node 3 or Node 53 would  be installed with that script. But not upgraded. If the cluster already knows about the node, if it’s an upgrade, this script is superfluous.

The documentation has tended to  be unclear on its use of the language Upgrade vs Install either … It also tends to confuse actions done on the Admin node versus Managed Nodes.

It’s a good thing we’re professionals here. Many claim we don’t read at all. For pete’s sake, we claim we don’t read at all. RTFM we tell each other.

If this stuff from Bb is an example of the reading material I have to look forward to, is it any wonder we just make it up as we go? Figure it out ourselves?

I know. I should’ve asked someone.

Oh well. I installed the 3rd node today the regular way. Three months after the fact. I did an application only, upgrade, and I slapped AP2 and a Hotfix on without restarting in between since the rest of my cluster was at that level. Of course you also have to know all the undocumented features like the size of the database field for the Admin DNS name, so put the IP address in startup.properties instead if your DNS name is overly long; and find a copy of the missing wlstProfile.py , slap that into your /WebCTDomain. Don’t forget your SSL cert paths get wiped out of your Chat-Serverconfig.xml. Oh, and the classpath for the Weblogic patches in startup.properties needs changing too; still refers to weblogic 8.

And you thought I was cussing in print, didn’t you?…

No, literally. Literally- according to some reports, the AP2 upgrade that fixes SO much, actually may break the display of pages if the page contains a Web Link whose description (title) of a Web Link (URL) contains a number sign, a semi-colon or an ampersand. Thus:  # ; &   (!!!!)

Please comment on this site if you’ve observed this phenomena or, even better, if you’ve found a workaround.

We will be testing here at Notre Dame this coming week. I’ll post our results.