Print

Print

Hello Malcolm

 

The system is purely 6.2.3.23 Enterprise, we have a project to upgrade to v7 next spring.

We did migrate from 5.5 Basic to 6.2.3 Enterprise about 3 years ago and this year (may 07ish) we changed the format of the usernames slightly on the import files via snapshot, I have purged the old type usernames from the system.

Many thanks for the reply though.  

 

Best Regards,

 

Paul Beal

Server / Applications Administrator

 

Doncaster College

The Hub

N.3.720 - CITS

Chappell Drive

Doncaster

DN1 2RF

 

Office:       01302 553553 x4238

Fax:          01302 553568

Mobile:      07976384009

From: Blackboard/Courseinfo userslist [mailto:[log in to unmask]] On Behalf Of MURRAY M.R.
Sent: 24 October 2007 08:55
To: [log in to unmask]
Subject: Re: snapshot file imports

 

Hi Paul,

 

Do some passwords date from a v6 system and some from a v7 implementation?

I had some correspondence with other people on the Bb Open Source list about this. George Kroner was very helpful. He suggested that the problem arises from the fact that Bb made some changes to the hashing routines after v6, presumably to cope with the switch to double byte characters in the database.

 

Mark O'Neil suggested using a different method for v7 which worked for me:

String hashedOldPassword = blackboard.platform.security.SecurityUtil.getHashValue(oldPassword, "UTF-16LE");

Thus, as several people warned me, if you are writing a tool for deployment on a mixed (or unpredictable) v6 or v7 platform you should use both this hash and the original LicenseUtil.getHashValue() and accept it if either matched.

I hope that helps,

Malcolm.

---
Dr Malcolm Murray

Learning Technologies Team Leader
IT Service
Durham University

 

 

From: Blackboard/Courseinfo userslist [mailto:[log in to unmask]] On Behalf Of Paul Beal
Sent: Wednesday, October 24, 2007 8:46 AM
To: [log in to unmask]
Subject: Re: snapshot file imports

Hello

 

Thank you for the response.

I had already checked the ownership, encryption and format of the imported files but still at a loss why some account passwords from the import file does not match the MD5 in the database on newly created accounts.  Only thing I can think of is incorrectly entered information initially at student creation in MIS then the information is corrected at a later date, this would mean the new import file is showing the correct format where the database is showing different as the import file does not override the password field in the database.

 

I will keep investigating, thank you for the reply.

 

Best Regards,

 

Paul Beal

Server / Applications Administrator

 

Doncaster College

The Hub

N.3.720 - CITS

Chappell Drive

Doncaster

DN1 2RF

 

Office:       01302 553553 x4238

Fax:          01302 553568

Mobile:      07976384009

From: Blackboard/Courseinfo userslist [mailto:[log in to unmask]] On Behalf Of Volker Kleinschmidt
Sent: 24 October 2007 01:30
To: [log in to unmask]
Subject: Re: snapshot file imports

 

Make sure you specify in the snapshot.properties that passwords are to be encrypted by the snapshot tool, i.e. set:
encrypt.password=Y

Otherwise the tool will assume you are already supplying encrypted passwords.

Also make sure there are no spaces in the feed and it is otherwise correctly formatted.

Finally, if person.bb.controlled.fields=PASSWD is set in snapshot.properties, snapshot will not overwrite whatever is in the DB already, so it will not correct anyone's passwords, but should create the correct passwords for newly added users.

--Volker

On 10/18/07, Paul Beal <[log in to unmask]> wrote:

Hello

 

BB 6.2.3 Enterprise

 

Has anyone had any issues with the snapshot import process regarding the password fields?

 

I have found instances that the users imported details within the database i.e. the passwords that should be MD5 converted, do not appear to be converted properly.  To confirm this, I have found a non working account with a users passwords, noted the MD5, retrieved the users clear txt password, converted this to MD5 and compared and they do not match.  I also pasted the (my converted) MD5 into the users password field in the database and then logged in as the student.

Does anyone know why some accounts are not converted to MD5 correctly, it cannot be the PK that BB users as one I have created locally works.

 

Any thoughts as we have a number of students whose accounts look normal in the snapshot file, but some accounts will not log in with the password format.

I was thinking that maybe the BB database requires a unique entry for the password field so that any subsequent same entries might be modified by BB in some way to produce a different MD5, would this be possible?

Also, our feed comes from MIS, should at the time of data input, the password field is incorrectly entered, null entry or a default one entered then modified at a later date, this would mean that on the initial account creation the details are wrong but are correct on a later import, this would explain why the MD5 is different from the actual one.  Our password fields are a convoluted string of DOB and username and are BB owned as not to over right on the next days imports.

 

Any thoughts?

 

Best Regards,

 

Paul Beal

Server / Applications Administrator

 

Doncaster College

 




--
Volker Kleinschmidt
Client Support Engineer
Blackboard Client Support