Oracle Password Expiry – Sandbox Server

Avatar
by Lisa

Oracle 11g seems to ship with password expiry enabled — which is a very good thing for production systems. I’ve even written some code to maintain our system account password (scripts are grabbing the password from a not-clear-text storage facility anyway, so it wasn’t a big deal to add an n-1 password and move the current stashed password into the n-1 column, change the account password, and stash the updated password in the current password location … now my system ID password is updated by a monthly cron job, no one actually knows the password {although anyone could find it, so I would run the password cycle script when individuals leave the group}). But I’m a lot lazier about this stuff in my sandbox. Proof of concept code has clear text passwords. But the server is bound to localhost & there’s no real data in, well, anything.

I started seeing lines in my error log indicating the password would expire. Aaaand that’s how I learned that password expiry was enabled by default now.

[Sat Apr 18 07:42:59 2020] [error] [client 127.0.0.1] PHP Warning: oci_connect(): OCI_SUCCESS_WITH_INFO: ORA-28002: the password will expire within 7 days in /var/www/vhtml/…/file.php on line 191, referer: …

I’m going to disable password expiry because it’s a sandbox. For a real system, obviously, this may not be a stellar idea.

select USERNAME, ACCOUNT_STATUS, PROFILE from dba_users where USERNAME = 'SampleUser';

 

USERNAME ACCOUNT_STATUS PROFILE
SampleUser EXPIRED(GRACE) DEFAULT

 

Note the account status “EXPIRED(GRACE)” — that’s why I am getting the error shown above. Grab the profile name — it’s a sandbox, so 99% sure it’s going to be ‘DEFAULT’ and alter that profile with an unlimited password expiration:

alter profile <profile_name> limit password_life_time UNLIMITED;

Except that didn’t actually stop the error. Turns out you’ve still got to change the password once the account has been flagged as expired (or let the password expire and then unlock the account … but I was looking at the log because I’m debugging something, and I wanted the error to stop *right now*).

alter user SampleUser identified by N3W_P@s5_w0rD;

 

Chickens!

Avatar
by Lisa

Here are the chickens we want to order. I had put together a list based on research and talking to other people. Then I let Anya go through the hatchery’s website and pick the chickens she liked. Then I showed her where to find info about how many eggs they produce, if they are good in hot and cold weather, how friendly they are. We went through her list & eliminated birds that didn’t want to be in the cold, weren’t friendly, or only produce an egg a week. She really wants a white leghorn, but they say it’s not a good breed for cold weather. All but one of the ones I added were dropped because of lower egg production or less friendly personalities, so she was OK with removing some of her favorites from the list because sooooo many of mine got removed too.

Now we just have to wait until August for them to arrive! There’s evidently been a run on both chickens and seeds as people encounter runs on, well, everything at the grocery store.

Name Breed Eggs-Low Eggs-High Climate Personality Egg Size Eggs Baby Adult
Astra Austra White 208 260 Heat and Cold Hardy Quite, tame and docile Large Austra White Day Old Austra White Chicks For Sale at Meyer Hatchery, Your Premier Poultry Source
Sunshine Buff Orpington 200 280 Very Cold Hardy Docile, Quiet & Affectionate Large Buff Orpingtons lay large light brown eggs Day old baby Buff Orpington chicks Beautiful and fluffy Buff Orpington hen
Tilly Columbian Wyandotte 180 Very Robust, Cold Hardy Generally Docile Large Columbian Wyandottes lay lots of brown eggs every year. Shop Meyer Hatchery for your day old baby chicks! We ship nationwide year-round. Columbian Wyandotte Hens are a beautiful mix of mostly white with black accents.
Queenington Green Queen 208 260 extremely hearty in all climates Friendly, Docile, Good Pet Large Green Queen Green Queen
Soaring Eagle Black Jersey Giant 180 200 very cold hearty Calm & Easy Going Medium Black Jersey Giants are a sustainable heritage breed that lays brown eggs. Black Jersey Giant Hens have black feathers and willow or black legs and feet.

 

Protesting the Protests

Avatar
by Lisa

There are some people protesting the stay at home orders – I see videos from outside of DeWine’s daily briefings, and several other states seem to have similar problems. Apart from the question of astroturfing, problem is that there’s very little opportunity for counter-protests. When you go to DC, there are PETA people counter-protesting the people looking to fund medical research (animal testing). There are vegans counter-protesting people looking to increase subsidies in the meat industry. I’ve never seen an abortion protest that didn’t have both sides represented.

These ‘liberate us’ protests? These are people who don’t think they should have to stay at home – they should allowed to hang out at bars, eat in restaurants, shop, party, and … oh yeah … crowd together at protests. The people who think the stay-at-home and shelter-in-place orders are important to protect their health? Seems like a far smaller portion of them would be willing to hang out in Columbus in a protest. Even if they could find masks and whatnot.

Why drive somewhere nonessential? Your car breaks down, and you’re exposed to others (and exposing them to you). You get into an accident and you’re exposed to others (and exposing them to you). Get injured in the accident and you’re adding to the patient load at hospitals. We’re not just staying at home to avoid large congregations. We’re staying at home to create less load for emergency personnel.

Did you know … you can list the members of your MS Team?

Avatar
by Lisa

Without any special Administrative rights, you can list the members of the Azure AD groups that are used in MS Teams. If you don’t already have the AzureAD module installed, install it. In Windows, this is:

Install-Module -Name AzureAD

In Linux,you’ll need the preview of Azure AD:

# To run on Linux, you need the preview mode of AzureAD
Register-PackageSource -Trusted -ProviderName 'PowerShellGet' -Name 'Posh Test Gallery' -Location https://www.poshtestgallery.com/api/v2/
Install-Module -Name AzureAD.Standard.Preview
 

Connect to AzureAD. There is a separate command to list the group owners (Get-AzureADGroupOwner). I’ve always found the owner(s) in the member list as well, but it’s technically possible to have entries unique to the owner list.

Connect-AzureAD
Get-AzureADGroup -SearchString "Group Name Here" | Get-AzureADGroupOwner -All $True
Get-AzureADGroup -SearchString "Group Name Here" | Get-AzureADGroupMember -All $True

Redirect the output to a file if you wish to use the results elsewhere, or stash the returned member list in a variable and use Get-AzureADUser to get additional information for the user records.

$objMembers | ForEach-Object -Process {get-azureaduser -objectid $_.ObjectID}

Open Source Methodologies – Design Document Driven

Avatar
by Lisa

We use design documents at work to ensure a clear understanding between the requestors, product owners, and developers. There’s a request document that outlines what they’re looking to accomplish, we produce a design document that outlines what we’re doing and how that will be accomplished. External dependencies use the design document to implement their required services — if I have a design document that says I’ll pass x (required), y (required), and z (optional) to a WSDL and end up with an object in the application database where a=x, b=y, and, optionally, c=z … they’ll whip up an endpoint that takes the parameters, performs the required actions, and builds the object I need. Once everyone is in agreement that it’s what they want, it’s reasonable (security, ROI), and possible … developers get to work. Tests are built against the documented functionality, and we know we’re done when the tests pass. If the users want something changed, the design document is amended, a quick feasibility/reason-ability review is performed, and development work commences.

I thought of this process after observing some people push PRs for major overhaults into a few open source projects only to have the PRs rejected as, essentially, not the direction “we” want to go. On the other extreme … I’ve made some changes to open source apps — in some cases, those were bug fixes, and I’ve pushed the changes back to the main project. But, when I’ve changed functionality. I’ve made those changes to address a specific need I have, and I leave the changes in my own fork. Which has the detriment of, potentially, not providing useful functionality to the main project. While it’s perfectly reasonable to put a lot of time into a major change that you need anyway (and, potentially, offer those changes back to the community) … it is terrible to put a lot of your time into something for someone else and have it rejected. And while not engaging with the project maintainers to see if they’re interested in my derivative work saves effort for me, it reduces innovation (how many people actually run through all of the forks of a project to see if anything ‘interesting’ happened elsewhere?).

Obviously, the answer isn’t for projects to accept effort just because it’s a significant investment on the contributor’s part — there should be some mechanism for ensuring what you’re about to delve into is something the project maintainers actually want. Which is what made me think of the design documents we use at work.

If a project had a design document that detailed what it waned to do, how it was doing it, and potentially a section for desired future features and functionality … it would provide a guideline to anyone looking to contribute. A change that doesn’t impact functionality (e.g. a bugfix) can be worked on and submitted for inclusion in the project as occurs normally. If you want to change something about how the application works, you first submit a PR against the design document. Outline what you want to do, how you want to do it … maybe even a quick mock-up (I use Pencil Project for mock-ups where I’m uncertain the final project will be approved, HTML web code when I know the project is a go and want a head-start on my development … but I also accept the risk that I ‘wasted’ a few hours building the design document wireframe if the project gets dropped). Want to work on one of the ‘desired future’ items? Modify the design document to include that functionality and how it’ll be implemented. Discussion about the approach refines what you’ll actually be doing, and you’ll understand if the project maintainers are interested in your contribution before dedicating hundreds of hours to development.

Some projects are interested in “bugfixes only” — which can be stated in the contributing guidelines. In this example, I developed a quick script to produce in-scope user lists. I don’t want to include other details about the identified users, I don’t want to find the first n levels of reports, etc. It’s exactly what I needed, and I’m putting it on GitHub as an example — using Python to search an LDAP directory and using recursion with back-linked attributes.

Projects that are open for collaborative contributions, though, can include the design document location in their contributing guidelines. Initial contributions are made against the design document, discussed, and approved or rejected. Once approved, code can be developed to the new design.

Microsoft Teams – Background Images

Avatar
by Lisa

Teams has had the ability to blur your background for a while – a nice way to obscure “stuff” written on the whiteboard behind your desk or hide the stack of papers and books on your desk. It isolates the foreground – hopefully you – and blurs out the background. You can now overlay the identified foreground with a background image. I currently see this feature in the desktop client – my Linux, mobile, and web clients do not have this feature.

When you are in a meeting and have your camera enabled, click on the ellipses in the meeting control bar and select “Show background effects”

Select one of the images – we’ll load custom images in a bit. Select one of the stock options and click “Apply”

Voila, you’ve been greenscreened over some stock image. One of the most useful cases I see for the background image is a call with vendors. Each individual selects their company logo as a background, and participants have a visual clue who is speaking. But that requires a custom image. Luckily, you can add custom images to the background selection.

Now that you’ve selected a stock image, you’ll have a folder on your computer that holds the image. Open %appdata\Microsoft\Teams\Backgrounds\Uploads

Copy in your custom png files

Repeat the process to select a background image in Teams, and you will see your custom image.

A small file can look blurry – a 1920×1080 image looks decent. My 150×120 little glif … not so great. Also notice that the image is inverted – a bunch of balloons or a sunny beach … works either way. My logo? I need to flip it horizontally or you see a backwards R

Note too – if you want to blur your background, that option has been moved into the background effects. It’s the upper right-hand background – right next to ‘no background image’.

When joining a scheduled meeting, you can adjust the background settings prior to beginning the call using what used to be the background blur slider.

Using ‘Meet now’, this slider does not appear. I voted for the UserVoice suggestion to have a default background setting that would apply to all video call types without one-off configuration for the meeting.

Microsoft Teams: End Meeting For All Attendees

Avatar
by Lisa

Normally, I like that Teams meetings continue after the organizer drops off. It’s a little annoying, as a meeting organizer, to need to stick around just so everyone else can continue talking. But someone may encounter a scenario where they really want the meeting to end, and there wasn’t an easy way to accomplish this. Microsoft has introduced “end meeting” functionality.

Since we don’t use Microsoft’s PSTN dial-in, I’m not sure if that has per-minute accounting that would make someone a lot more concerned about meetings continuing. Honestly, this feature seems like it’s targeted more toward the Education sector – my classroom meeting shouldn’t become a student hang-out once I’m done. (And you can still hang up to disconnect and allow the meeting to continue)

To end a meeting, click the ellipsis in the meeting control bar. Select “End meeting”.

You’ll be asked to confirm that you really want to end the meeting. Click “End” and all participants are dropped.

 

Visualization: Percent of Population Infected with SARS-CoV-2

Avatar
by Lisa

Updated graph for current infection numbers

And the states kinda like Ohio graph where I still think “distance from NYC” is a pretty significant factor in how many individuals are infected. Ohio, going on a month of kids out of school and entering week three of the shelter-in-place order, isn’t seeing the exponential growth some states with similar population numbers have encountered.

Don’t Privatize USPS

Avatar
by Lisa

Please text “USPS” to 50409 so that a letter on your behalf can be sent to your state officials petitioning to make financial support of the USPS a priority.

Privatizing USPS seems oddly short-sighted from a bunch of people supported by rural voters. Privatizing the post office may be a bit of OK for people who live up in NYC or down in Miami — they can stop subsidizing delivery out to a cabin in South Dakota that sits on 11,000 acres. Never got much mail, so I don’t know if post office had one employee whose daily route was like eight houses or if delivery was once a week. It’s *not* great, however, for large, low-population-density swaths of the country (i.e. a good bit of the Republican base).

As a private enterprise, increasing profitability is the goal. The Post Office has studies that go into new-line-of-business ideas that are quite clever. They’re paying someone to drive by grandma’s house anyway … you pay a few bucks a month and the delivery person will ring the bell once a week to make sure grandma is OK. It’s *possible* the privatized USPS, without restriction on what they’re allowed to do and what they’re allowed to charge for their services, will branch out into a bunch of lines of business centered around “we have someone driving by there every day anyway”. But petrol is expensive, vehicle maintenance is expensive, and people are very expensive. You see anyone going with an all-electric fleet powered by on-site wind and solar? I’d guess contract workers with no benefits.

If I were operating neo-USPS, I’d become the largest interest-based advertising agency around. Sure, targeted advertising wouldn’t be as many pieces of mail as the grocery flyer that is sent to the entire postal code, but my cost per unit would go up because it’s targeted. And reducing the number of recipients cuts delivery cost. I’d probably sell ad space that I stamped onto mail transiting my system. I’m paying someone to get this delivery to you either way; why not make an extra cent by throwing an ad for a pizza chain on it? Throw a jewelry chain’s logo on the cancellation stamp. Stamps themselves are ad space. And when I don’t sell all of this ad space? I’ll donate it (tax writeoff) and have promos for non-profits.

How will mail delivery work in my neo-USPS? Specifically in rural parts of the country? I’d noticed Amazon pick-up lockers outside the one grocery store in town — that might be a way to keep a relatively local pick-up point. But it eliminates “Postal Customer” delivery … which I suspect is a good bit of the current revenue and an increased share of my new company’s business model. Turning the post office into a package delivery service probably isn’t the way to go. The model I’d follow is called “general delivery” now. I have a few friends with remote off-the-grid type homesteads outside of the carrier delivery area who use this free service. Address a letter to “Bob Smith\nGeneral Delivery\nPost Office City, State ZIP” and the letter/package sits at that post office location waiting for Bob to pick it up. The post office holds mail in the back for x days until they swing by. Which then means they’ve got to swing by the post office every so often.

Unlike PO boxes where the outer area is open 24×7 and you can open your box at 7P on the way home from work or 7A on the way to work, you’ve got to arrive when they are opened and staffed. Office in my town is staffed between 8:30 and 5 with an hour-long lunch break at 11:30 (and open 9A and noon on Saturday). But I’m certain privatized USPS will have better hours. Down side, though, is they’ll have far fewer locations. There won’t be an office five minutes from my house — it’s inefficient. There will be a few offices in Cleveland and the major suburbs. I’ll be getting my mail out of Strongsville or Parma. Maybe Brunswick or Medina. And I live in an area with decently high population density. That cabin out in South Dakota? I’d be driving up to Rapid City about two hours (each way). Four hours of driving? That’s a day right there — my quarterly “stock up in town” trip would become a monthly run.

Maple Peanut Butter Eggs

Avatar
by Lisa
Maple Peanut Butter Eggs
Print

Maple Peanut Butter Eggs

Recipe by LisaCourse: DessertDifficulty: Easy

Ingredients

  • Peanut Butter Filling

  • 1 cup chunky peanut butter (unsweetened)

  • 1/4 cup maple syrup

  • 1 tbsp vanilla extract

  • 1/4 cup all-purpose flour

  • Maple Chocolate

  • 4 oz 100% cocoa bakers chocolate

  • 2 tbsp coconut oil

  • 1/3 cup maple syrup

  • 1 tbsp maple sugar

Method

  • Line a plate with clingfilm or wax paper
  • Combine the peanut butter filling ingredients and mix to combine
  • In a double boiler, melt coconut oil
  • Add chocolate to coconut oil and melt
  • Stir in maple syrup and maple sugar
  • Take about a tablespoon of peanut butter mixture and roll into an egg shape
  • Roll peanut butter egg in chocolate to coat
  • Carefully remove coated egg from chocolate and place on lined plate
  • Once all eggs are coated, refrigerate for a few hours to solidify

Notes

  • Because coconut oil is used in this chocolate, it has a very low melting point — it’ll make a mess if you hold it in your hand as you eat it. Replacing the coconut oil with butter would raise the melting point.