POODLE has been a fairly common topic with security teams recently since Google announced the vulnerability.
There is plenty of reading available on the POODLE attack so I’m not going to go into too much detail but I’ll give a short description. POODLE is a man-in-the-middle attack which uses an attackers ability to force the protocol of the server/client communication to fall back. When the attacker can force the downgrade of the protocol to SSLv3 they can attack the weaknesses of that protocol. SSLv3 has been around for a really long time, since 1996, and has been superseded by multiple versions of TLSv1.x. TLSv1.2 is the latest version available and TLSv1.3 is currently in draft status. As these new TLS versions were released they were implemented in new servers and applications, however for interoperability all the old protocols were also left active.
So are you vulnerable? As a PeopleSoft Admin/User/Developer do you need to worry about this? Well, that depends. Continue reading
Some of you may have noticed this already but I recently saw that some of the PeopleSoft 9.2 Application media had been remastered.
- HCM 9.2 was updated on E-delivery at the end of October. It includes patches from Update Image 9. Image 9 was also released as a certified Upgrade Demo Image.
- FSCM 9.2 was updated at the end of September. It includes patches from Update Image 5 which also released as a certified Upgrade Demo Image.
- ELM 9.2 was updated in early October and contains patches from Update Image 6. As with the others it also is a certified upgrade image.
- CRM 9.2 looks updated at the end of September as well, but it does not indicate if any patches from an Update Image are included. Since there is not currently a supported Upgrade Image other than CRM 9.2.000 it would not make sense that this media include the patches. This may indicate it was updated because PeopleTools 8.53 was pulled and 8.54 added to the collection. I have not downloaded it to look.
In addition the other change I noticed was that all PeopleTools 8.53 media has been pulled. If you need something from the 8.53 media set you will need to open a non-tech SR. This seems to be a change from the previous strategy of keeping the current plus one previous Tools set available for download. I’m not on E-delivery all that often so who knows, maybe they changed that a while ago.
Either way, those looking to start upgrades or may have recently started the process using media they downloaded prior to end of September should evaluate where they are and possibly grab this new media. Jumping straight to a Update Image would be beneficial. Those looking to avoid PeopleTools 8.54 for some reason may want to avoid these though because at least HCM, FSCM, and ELM will already be 8.54 PeopleTools in the database.
I’ve finally made a new version of the DataViewer tool available for download. This new version includes new stand alone features as well. I’ve added Real Time Weblogic monitoring and an Access Log Parser. It also includes all the old charts for the Weblogic and Tuxedo monitor data files and some new ones. This version requires Java 8. I won’t be making new updates to the old version, but it will still be available for download if for some reason you can’t use Java 8. I’ve posted new screenshots on the Monitoring Tools Screenshot page. Another little improvement is the application should remember your last viewed data file and attempt to use it again the next time it is started. Same goes for the data entered on the Real Time Weblogic Monitor configuration. Download it here. And read how to use the new viewer on the DataViewer page.
As we know, with the new PeopleSoft 9.2 applications came a new method of delivering updates via PeopleSoft Update Manager. We now need to download fully functional VirtualBox images to get our patches. We can also use these images for Demo environments and specific versions are useable for New Release Demos during application upgrades. SES is even included in these images. I’ve been using VirtualBox for years, since the original innotek days. It works great for desktop use which is it’s intended use. Sure you can set it up on a server and make it work in a more enterprise environment but I wanted to deploy the images to something I already had hosting some vm’s, Linux KVM. If you want to run your images on VMWare, I recommend reading this post on running the images on VMWare. So lets begin setting up a new PUM image for Linux KVM. Continue reading
Oracle released the HCM 9.2.008 PUM Image today, Aug 19th. The ELM 9.2.005 PUM Image came out last week on Aug 12th. Finance should be out next week. These images are supposed to be delivered on the new 8.54.01 PeopleTools release. These should be an easy way for Admins like ourselves or Oracle customers in general to kick the tires on some of the new PeopleTools features and middleware components. You need to download them anyhow for patching right?
HCM weighs in at 34.7 GB while ELM is 28.4 GB. Happy downloading.
The PeopleSoft Technology Blog has announced the availability of the PreRelease notes for 8.54:
Some observations as I skimmed the document are:
- Oracle Linux 6, Win 2012, and Win 2012 R2 support added, Win 2008 (R1 not R2) dropped
- Client OS Windows 8.1 added, Windows 7 (32 bit) dropped
- WebLogic 12.1.2 added, 10.3.6 dropped
- Oracle 12, MSSQL 2014 added, Oracle 10.2.0.5, 188.8.131.52, and MSSQL 2008 dropped
- Current browsers available added (Chrome, Firefox, IE 11, Safari), IE 8 Firefox 17 dropped
- Tuxedo 184.108.40.206 added, Tuxedo 11gR1 dropped
- Still uses Java 7
- SES is 220.127.116.11, SES 18.104.22.168 dropped
- Excel 32-bit dropped
- Mobile Application Platform: Similar to the Fluid User Interface but utilizes RESTful web services
- 64-bit Development environment! App Designer, Data Mover, Change Assistant, the whole lot of them all now 64-bit. Explains the dropped Win 7 (32-bit).
- App Designer will have improved search functionality (reference, text), code auto-completion for PeopleCode, and new toolbar buttons to improve productivity
- Enhancements to App Engine tracing: split files, naming convention, program section trace, combined output of PeopleCode and SQL into the AE trace file
- Portable PS_HOME: Hard-coded paths and sym links within PS_HOME have been removed to further consolidate and allow a single PS_HOME to be shared across multiple environments
- Two new metaSQL enhancements for Oracle added. %SqlHint and %SelectDummyTable
- Also you can now use Oracle Global Temporary Tables, Materialized Views, and the new 12c container/pluggable databases which allow multiple PS databases in the same instance, some may have used GTTs and Materialized Views in the past, but now App Designer will handle them. Also, App Designer can now be used directly to partition tables and indexes on Oracle.
- Domain caching changes allowing automatic monitoring and adjusting? I’ll have to look into that one more.
- A Push Notification Event Framework, maybe we can finally broadcast a message to all users via the system.
- Several security enhancements, Oracle Secure Files for the report repository is one that jumped out at me.
- There’s a lot of other stuff, Just go read it !
Read the foll post here, or find the notes directly on MOS here
I have finally uploaded some updated versions of my monitoring tools. I’ve made only minor updates to the Weblogic monitoring tool. I created versions that work with Weblogic 9.2 and Weblogic 8.1, but they will be available by request only. The viewer has had a few items added and can now be used to open the files generated from the newly released (but not really new) app monitoring tool. Continue reading
AWStats is a great tool for parsing web server access logs of any kind. If you are not familiar with it, I recommend checking out the Live Demo to see what kind of data it can provide. I’ve been using it for a long time to provide stats on all sorts of different websites and applications (including PeopleSoft). It’s just another great tool for in any Admin’s toolbox. Normally I run it on Linux but recently I setup AWStats on IIS which was actually pretty painless. Here is what I did.
What you need:
IIS, Perl, AWStats Continue reading
I’ve been asked this question many times. What makes a good PeopleSoft Admin? What should we be looking for when interviewing? Being an Admin myself, I thought I would write about some of my general thoughts on the topic. Of course these are only my opinions and do not fit every environment or employment scenario. Continue reading
I ran into this problem with nVision a little while ago. nVision processes were going to error status on the process scheduler. A quick glance at the logs made it look like either the process was crashing or not starting at all. I logged into the Windows Process Scheduler server to take a look at Excel. Logging in as the service account that is used to run our process scheduler I looked at task manager and saw two copies of Excel which had been running, however no jobs had been run for quite a while. I killed the processes and tried to start Excel by hand and began to wait. Several minutes later Excel popped up a window stating it was starting in safe mode, probably because I killed the processes I assumed. Once it started I went ahead and closed it cleanly and tried again. Again about four minutes later it finally opened. However, this time it opened with the recover lost files pane open and displayed what I would estimate was 1500+ recovered files. I closed the pane not saving any and removing them which took some more time. Eventually I was able to shutdown Excel again. The next time I opened it, it started right up in a second. I proceeded to disable the AutoRecover feature in the Save settings in Excel Options (for 2007).
I’m not sure what caused them to show up, or if they were there all along and just finally got to the point where Excel took too long to open. Like many, I inherited this environment, but now I have one more thing to add to my environment assessment checklist for the next time.