Trust but Verify: JVM Memory Leaks in Cassandra

Link: http://files.meetup.com/1794037/cburroughs-cass-trust-but-verify.pdf

 

 

 

 

 

 

 

Eric Evans of acunu on CQL in Cassandra 1.0

Via @jericevans on Twitter.

Relaunching – Fall 2011

Hi all,

Just to let you know we are still here and we are moving focus on to Enterprise data analysis.

– Chris Cheyne

So you think you own your Twitter account?

So you think you own your twitter name ?

Original post from @AndyCobley: http://ac31004.blogspot.com/2011/03/so-you-think-you-own-your-twitter-name.html

Chances are you don’t, chances are you could have it taken away from you at any moment or have it changed by twitter adding an underscore to it. So what does it matter, it’s only a twiter account after all. Wrong, your twitter account can be your main online presence, your main identity that people know you by and your main contact.

Suppose you’ve spent 2 years building an international reputation, have thousands of follower, some of own are leaders in their fields, some of who are close friends. Overnight their contact books are out of date, overnight their DM messages no longer go to you but some third party, overnight any archived Follow Friday tags #FF are out of date, overnight your on line reputation has gone. And worse, think how many resources you will need to update, business cards, linkedin, Skype and thats not to mention your presence in search engines. Can’t happen here ? It can and it has.

It happened to a close friend of mine last night. She spent over two years building the @girlgeeks account, spreading words of Girl Geek Scotland to over 26 countries. Last night an organsation called @GIRLGEEKS contacted Twitter to say they had registered trademark for Girl Geeks and wanted the @girlgeeks account for themselves. This organisation only stated a couple of months ago and yet compared to the prior reputation of @girlgeeks this meant nothing, Twitter took the account and handed it to them on a plate. To make matters worse, twitter sent message to the original owner to say they where going to change their twitter name, there was no chance to respond, to argue or to appeal. They just change your name and then tell you afterwards. Oh, and they ask you to make it clear on your that your account is not associated with the brand.

As the previous owner of @girlgeeks says:

“The message from Twitter is get an International TM for your name or they’ll take it for a private ltd company”.

Just to make the effect clear, here’s what happes if you do a search for girlgeeks on google:

Clearly pointing to the old account, we’d expect to see the good work girlgeeks has been doing. if we click on we get:

Not what expected and very damaging to the original owner to the original owner of the twitter account.

This is clear case of #copywrong, its heavy handed and I suspect that Twitter have no clear idea of the damage they have done. The message is clear, you don’t own your twitter account, Twitter does.

There is an official responce from the other side here PDF

Shanna Tellerman Speech at GirlGeeks Workshop Dundee, Scotland. CEO of Wildpockets

Via Morna Simpson [ Vimeo link] at Girl Geek Scotland [ http://girlgeekscotland.co.uk/]

 

VMWare View Security Server SSL Certificate Install

How to install a SSL certificate for VMWare View Security Server

Certificate Installation – Generate and Install

Log on to system via RDP.

Start a command prompt.

Execute: –

psexec -i -s -d cmd.exe  ; this starts a cmd prompt as a system account

or security server, change the directory to C:\Program Files\VMware\VMware View\Server\jre\bin

Execute: –

keytool -genkey -keyalg "RSA" -keysize 2048 -keystore keys.p12 -storetype pkcs12
-validity 360

Note: The keys.p12 file is created in the current directory.

Run the following command to create a certificate signing request (CSR): –

keytool -certreq -keyalg "RSA" -file certificate.csr -keystore keys.p12
-storetype pkcs12 -storepass <secret>
; <secret> is your chosen keystore password

Send the CSR file (certificate.csr) to a certificate authority and request a certificate in PKCS7 format.

You will receive four .crt files.  We must combine them: –

openssl rsa -in 9963073.crt -check
openssl x509 -in 9963073.crt -text -noout
openssl crl2pkcs7 -nocrl -certfile
9963073.crt -out bob.p7b -certfile TERENASSLCA.crt -certfile
TERENASSLCA.crt -certfile AddTrustExternalCARoot.crt

Here we have: –

9963073.crt  			; certificate file received from CA
bob.p7b 			; temporary output file
TERENASSLCA.crt			; received from CA
AddTrustExternalCARoot.crt	; received from CA

Copy the contents of the file into a text editor and save it as certificate.p7.  It will look like: –

—–BEGIN PKCS7—–
MIIF+AYJKoZIhvcNAQcCoIIF6TCCBeUCAQExADALBgkqhkiG9w0BBwGgggXNMIID
LDCCApWgAwIBAgIQTpY7DsV1n1HeMGgMjMR2PzANBgkqhkiG9w0BAQUFADCBhzEL
i7coVx71/lCBOlFmx66NyKlZK5mObgvd2dlnsAP+nnStyhVHFIpKy3nsDO4JqrIg
EhCsdpikSpbtdo18jUubV6z1kQ71CrRQtbi/WtdqxQEEtgZCJO2lPoIWMQA=
—–END PKCS7—–

Run the following command to import certificates issued by CA: –

keytool -import -keystore keys.p12 -storetype pkcs12 -storepass <secret> 
-keyalg "RSA" 
-trustcacerts 
-file certificate.p7
; <secret> is your password and we've copied 'bob.p7b' to 'certificate.p7'

To configure the View Connection Server to use the new certificate, place the new certificate and copy the keys.p12 file (the keystore file) in C:\Program Files\VMware\View Manager\Server\sslgateway\conf.

Modify or create the following file: –

C:\ProgramFiles\VMware\View Manager\Server\sslgateway\conf\locked.properties

Add the following properties:

keyfile=keys.p12
keypass=<secret>

Restart the View Connection Server service.  (it is recommended to restart the machine)

The certificate will now be installed.

App-V Management MMC snap-in crashing

Do you ever have the wonderful occurrence of the MMC snap-in for the App-V management server crashing whenever you modify an application or add a new one?

A simple fix for you awaits thee via cmd.exe: –

On X86: –

REG ADD “HKLM\Software\Microsoft\SoftGrid\4.5\Management Console” /v LoadConsoleIcons /d 0 /t REG_DWORD /f

On X64: –

REG ADD “HKLM\Software\Wow6432Node\Microsoft\SoftGrid\4.5\Management Console” /v LoadConsoleIcons /d 0 /t REG_DWORD /f

The Application Virtualization Client could not connect to stream URL

[07/13/2010 14:17:03:106 MIME ERR] {tid=F98:usr=SomeUser}
Failure on Desktop Configuration Server request to URL {rtsp://SomeServer:554/} with header {Host: SomeServer
Content-Type: text/xml
AppV-Op: Refresh
} (rc 16906504-00000917).

Or: –

The server could not authorize you to access the requested data. Please report the following error code to your System Administrator.
Error Code: xxxxxxx-xxxxxx04-00000917

Ever get this? Wonder why Administrators can stream applications but users can not – yet you can telnet SomeServer 554 ?

The reason is quite simple. The users accessing the applications is denied access to the App-V management server due to its Provider Policy.

Open the App-V Management server and navigate to Provider Policies: –

Management Server - Policies

Next right-click on your policy and hit properties. It is probably called Default Policy.

Navigate to the Group Assignment tab and Add any user groups in here that you want to allow access to the App-V Management Server. You might just add ‘Domain Users’.

Restart the client machine and try logging on with the user that you were getting errors from.

App-V Group Assignment

Group policy script to install App-V Terminal Server Client

This is a small .bat file to configure in Computer Configuration -> Windows Settings -> Startup Scripts. One must modify the location of the %SOURCE% variable to reflect where your installation media is.

This is for 32-bit Terminal Server nodes. Replace the 32_BIT with 64_BIT and copy your App-V installation files off of your Microsoft Desktop Optimisation Pack 2010 media or download them from: –

[1] Visual C++ 2005 x86 here

[2] Visual C++ 2008 x86 here

[3] Microsoft Application Error Reporting (installation media) Support\Watson\dw20shared.msi

[4] XML Services 6 x86 here

— BEGIN install_appv_client.bat below —
@ECHO OFF
REM Microsoft Visual C++ 2005 Redistributable Package (x86)
SET SOURCE=\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\PREREQUISITE\visual_c_runtime\2005
START /WAIT %SOURCE%\vcredist_x86.EXE /Q /T:%TEMP%\VC2005x86

REM Microsoft Visual C++ 2008 Redistributable Package (x86)
SET SOURCE=\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\PREREQUISITE\visual_c_runtime\2008
START /WAIT %SOURCE%\vcredist_x86.EXE /Q

REM Microsoft Application Error Reporting
SET SOURCE=\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\PREREQUISITE\dr_watson
START /WAIT MSIEXEC /I %SOURCE%\dw20shared.msi APPGUID={9915D911-CC73-4122-AF4F-564F89454655} REBOOT=Suppress REINSTALL=ALL REINSTALLMODE=vomus

REM Microsoft Core XML Services 6.0
SET SOURCE=\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\PREREQUISITE\msxml60
START /WAIT MSIEXEC /I %SOURCE%\msxml6.msi REBOOT=SUPRESS /QB

REM App-V Install options FOR TERMINAL SERVERS
SET SOURCE=\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\TERMINAL_SERVERS

REM install App-V client using RTSP to the management server
REM Change your SWIPUBSVRDISPLAY to a friendly name
REM Change your SWIPUBSVRHOST to the DNS name of your App-V management server
“\\some.server.com\softwaredistribution\AppV_Client_Install_Point\32_BIT\TERMINAL_SERVERS\setup.exe” /s /v”/qn SWIPUBSVRDISPLAY=\”RGU Streaming Server APPVMGT01 RTSP\” SWIPUBSVRTYPE=\”RTSP\” SWIPUBSVRHOST=\”APPVMGT01.some.server.com\” SWIPUBSVRPORT=\”554\” SWIPUBSVRPATH=\”/\” SWIPUBSVRREFRESH=\”on\” SWIFSDRIVE=\”Q\””

Immidio Appscriber

An interesting addition to your App-V Management is Immodo’s Appscriber. The video below says more than I could say here.

A link to their homepage: Immodo Appscriber