We're running WHD and MySQL on a Windows server.
I'm curious, of those running MySQL, what's your backup strategy? Because MySQL is not vss-aware, our DPM solution isn't a viable option.
Thanks for the input.
↧
Backing up WHD and MySQL
↧
java.lang.NullPointerException fix or workaround?
We get this every day in our installation and suspect it might be linked to WHD coming to a complete halt daily.
After we get this exception in our install, within roughly 40 min WHD will stop responding to HTTP requests. We end up rebooting the server to expeditiously get WHD back online. This happens about twice a day. We have roughly 12,000 clients, and 40 tech/admins. The server runs reasonably fast before this happens, then it grinds to a halt and it is sudo reboot time. Our server runs on AWS and started this when we moved to AWS from Mac OS X (big mistake for other reasons).
Interestingly enough, I just reproduced the problem on the live online demo.
Anyone know how to prevent this? Some kind of workaround or even a fix for the problem?
↧
↧
Outlook Server returned a 401 status
I am having an issue which I did not have while testing. can anyone please help help
An error last occurred at 7/24/14 11:01 am while attempting to retrieve e-mail from XXXXXXXXXXX
The server 'outlook.xxxxxxxxxx.com' returned a 401 status, indicating the provided username/password is not authorized to access the Exchange Web Services site.
Please see FAQ for troublshooting tips.
Please send any Exchange-related support questions to exchangesupport@webhelpdesk.info.
javax.mail.MessagingException: Error while attempting to retrieve root folder list.;
nested exception is:
com.macsdesign.util.exchange.ews.EwsUtils$EwsException: The server 'outlook.admirationfoods.com' returned a 401 status, indicating the provided username/password is not authorized to access the Exchange Web Services site.
Please see FAQ for troublshooting tips.
Please send any Exchange-related support questions to exchangesupport@webhelpdesk.info.
at com.macsdesign.util.exchange.ews.EwsRootFolderProxy.getSubfolderList(EwsRootFolderProxy.java:143)
at com.macsdesign.util.exchange.ExchangeFolder.list(ExchangeFolder.java:87)
at com.macsdesign.util.exchange.ExchangeFolder.getFolder(E...
Please check the e-mail account settings and the mail server for any problems. E-Mail will be checked again in 5 minutes, or when e-mail settings are updated to make a successful connection with your mailbox. Settings for this e-mail account are at Setup > E-Mail > Incoming Mail Accounts.
↧
Java Heap Size
Hello -
I had a user submit a ticket we almost overlooked. The user had an attachment on the submitted e-mail that was around 160mb, and the HD system reported the error to our HD staff in the Messages section, so we were able to retrieve the email and create a ticket for the issue. Otherwise this issue would have been missed.
Our instance of WHD is running on Server 2012R2, 8gb total memory. In the WHD.conf the memory is set as follows:
MINIMUM_MEMORY=256
MAXIMUM_MEMORY=2048
MAXIMUM_PERM_MEMORY=512
The error message in WHD is:
The helpdesk was unable to read an email with the subject: "************" in email account *********** due to the following error:
Java heap space
Please remove this message from the inbox and, if possible, send it as an attachment to exchangesupport@webhelpdesk.info.
I'm also going to do as the error message suggested, but maybe someone out there has a solution for this or has seen it before.
Thanks!
↧
How to use Apple Remote Desktop 3.8 with WHD
My problem is this...how do you utilize ARD with WHD when WHD is running on a windows machine and ARD is running on a mac server?
The help file with WHD states: As of version 3.3, Apple Remote Desktop uses a local SQLite database to store report data. This means that Apple Remote Desktop must be installed on the same machine as Web Help Desk to sync inventory data.
Any help would be appreciated.
↧
↧
Cannot authenticate with outgoing/incoming gmail server
HI
We are using Business apps for gmail as our email. under email set-up, incoming mail server settings, i've checked the ssl box. set the listening port to 993, and used simple authentication as per google instructions,
turned on imap in the account and everything. yet, the application cannot authenticate with the gmail server..? Am i missing some thing here..?
↧
Parent/Child Tickets and Custom fields
It appears that there is well documented approaches to link a parent ticket to a child ticket. You also have data that is propagated in the parent ticket to flow down to child tickets. Is there a method to populate the data at the child ticket level and have it appear on the custom fields from the child tickets?
For our new employee hiring process we have a parent ticket with about 15 child tickets that are automatically launched when certain tickets have been closed. We have propagated many custom fields from the parent to the various child tickets. This process appears to work very well. What I can't seem to figure out is how do I get the information that was populated into a Child Ticket to filter back up to the parent ticket. If I have all the custom fields I want to use outlined in the Parent ticket how can I get the child to populate those fields? Does anyone have a method to make this happen?
↧
Tickets not showing up in a timely fashion
Almost all of my techs have complained of an issue where tickets are not showing up in the ticket list until hours after they were created. The tickets may show a creation time of 830AM but do not actually show up in the ticket list until 11AM or Noon.
Has anyone else seen this issue?
↧
WHD for Employee Lifecycle Tracking
Currently we have a separate DB for tracking employee's; their roles, managers, assets. I would like to investigate centralizing this in WHD, but want to find out if this an appropriate tool to use in this capacity.
We already sync with AD, but if we have a helpdesk workflow to provision a user account how would we have that record exist first in WHD and then have it align with the resulting AD account that would be created...
Is anyone using WHD for this purpose? If so, how are you doing it?
Thanks!
Andy E.
↧
↧
12.4 Release Candidate features
We just got this email regarding :
-----
We have recently reached Release Candidate (RC) phase for our next release Web Help Desk 12.4. This release contains many improvements focused on security and stability such as:
Security improvements
- Improved security across the application for FIPS-mode SSL connections, namely:
- HTTP over SSL connections
- Microsoft® Exchange, IMAP, POP3, and SMTP over SSL
- WMI and other asset discovery connections over SSL
- LDAP over SSL
- SolarWinds Network Performance Monitor (NPM), Server and Application Monitor (SAM), and Network Configuration Manager (NCM) integration over SSL
- User password hashes, integration password hashes, and other static data such as database custom fields and stored credentials
- Detection and indication of system cryptography status
- Automatic migration of all stored passwords for stronger and more secure cryptography
- Oracle® Java™ 8 support
- Over 100 bug fixes that hugely improve the stability of the application
-----
Let me just say, if I could drop this product, I would do so in a heartbeat. It's not my call though. ~4 years have passed since the acquisition. I was so enthusiastic after the acquisition and even participated in feedback sessions with some folks at SolarWinds when they first got acquired. Years later and nothing drastic has changed (we've had 3-4 major releases since then? ). The updates are far and few in between and then you get releases like 12.4 which focus on features that are not transparent or useful for techs (not to put down security, but it is quite ridiculous that's all we're getting). Are you kidding me? I normally try to be understanding, but this is so unacceptable on so many levels. They say that they get feedback on features customers want aren't all shown here. But just look at what's been implemented from the requests here: https://thwack.solarwinds.com/community/tools_tht/web-help-desk/web-help-desk-feature-requests/content?filterID=contentstatus[published]~objecttype~objecttype[idea]~ideaStage[2]
And then look at the release notes for the last couple of versions: http://www.solarwinds.com/documentation/webhelpdesk/docs/releasenotes/whd-12-3-0.htm
Actions speak louder than words here. You can say what you want regarding how hard developers are working on improving this or that, but prior to the acquisition there was a much more rapid release of new features so one would think things would have improved with a bigger company supporting the product. This product has been such a disappointment.
↧
Included Tomcat
Any chance you can update the included Tomcat to version 7.0.60 or higher? The included 7.0.59 has a plethora of vulnerabilities. We upgraded to 12.4 RC today and ran a Nessus scan:
Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK)
Description
According to its self-reported version number, the Apache Tomcat service listening on the remote host is version 7.0.x prior to 7.0.60.
It is, therefore, affected by the following vulnerabilities :
- A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an unexpected handshake, to crash the daemon, resulting in a denial of service. (CVE-2014-3569)
- The BIGNUM squaring (BN_sqr) implementation does not properly calculate the square of a BIGNUM value. This allows remote attackers to defeat cryptographic protection mechanisms. (CVE-2014-3570)
- A NULL pointer dereference flaw exists with dtls1_get_record() when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571)
- A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allows a remote attacker to trigger a loss of forward secrecy from the ciphersuite. (CVE-2014-3572)
- A flaw exists when accepting non-DER variations of certificate signature algorithms and signature encodings due to a lack of enforcement of matches between signed and unsigned portions. A remote attacker, by including crafted data within a certificate's unsigned portion, can bypass fingerprint-based certificate-blacklist protection mechanisms. (CVE-2014-8275)
- A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)
- A flaw exists when accepting DH certificates for client authentication without the CertificateVerify message.
This allows a remote attacker to authenticate to the service without a private key. (CVE-2015-0205)
- A memory leak occurs in dtls1_buffer_record() when handling a saturation of DTLS records containing the same number sequence but for the next epoch. This allows a remote attacker to cause a denial of service.
(CVE-2015-0206)
- A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)
- An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.
(CVE-2015-0286)
- A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.
This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)
- A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)
- A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)
- A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Apache Tomcat version 7.0.60 or later.
See Also
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
https://www.openssl.org/news/openssl-1.0.1-notes.html
https://www.openssl.org/news/secadv/20150108.txt
https://www.openssl.org/news/vulnerabilities.html
https://www.smacktls.com/#freak
https://www.openssl.org/news/secadv/20150319.txt
↧
Onboarding process managed by Web Help Desk
I am looking to see if anyone is currently using Web Help Desk to manage the new hire onboarding process. If so how did you accomplish this task.
What I am trying to do is have a single ticket to start a process to provide various tasks for different technicians. We are using Web Help Desk as a centralized one stop shop to receive help. That means we are using it for all departments within our company and there will be technician for each department. An end user can go to a single spot to request help and it will get routed to the correct people.
So with our onboarding process I want certain Request Types to trigger new tickets for the various department technicians to be responsible for. Is there a method to make this happen?
↧
SCCM VNext Version 1511
We are moving to Windows 10 and need to update our SCCM server from 2012 R2 to SCCM VNext (version 1511). We use the WHD feature where we sync our SCCM database.
Does anyone know if the sync will still work properly if we update to SCCM 1511? We are running the latest version WHD 12.3.
↧
↧
SCCM and WHD integration
Hi,
We are using SCCM to discover our computer assets, but when they are imported, the Asset Type for all devices is 'Hardware'. Looking through SCCM, there is no field that captures whether the model is a laptop or desktop, and for inventory purposes, we would like to have that information for our models instead of just 'Hardware'. Is anyone aware of a solution that would allow WHD to determine this information for the asset type. I would like to avoid having a custom box that we would have to classify on each asset.
Thanks
↧
https using a wildcart certificate
Is it possible secure all Web Helpdesk traffic with an wildcard certificate? We just purchased one from Godaddy.com and Im wanting to secure as much internal information as possible with ssl. If so where would I find instructions for this?
Thanks in advance!
↧
Download & Install new Apple Push Notifications Certificate!
One of the WHD features is the ability to push notifications to your mobile phone using the Apple Push Notifications Service. This service requires a certificate which expires today. If you want to continue using these notifications you need to install the new certificate availalbe from your customer portal.
Click on License Management -> MyDownloads (under Web Help Desk licenses information) -> scroll toAdditional Downloads and click Download button next to "Apple Push Notification (APN) Certificate".
↧
For those who use the import assets feature in WHD...
I understand that WHD uses a template with a specific format to import assets. Can the fields or the column headers be manipulated or modified, as well as additional fields (columns) added to the template, and still be able to import successfully?
↧
↧
Can't add storage location to parts
I'm unable to add the Storage Location when trying to create a Parts inventory. I have several Location Names built in the Setup area, but when I click on the Location drop-down box there are no available options. Is there somewhere else that I'm supposed to build locations that I'm not aware of?
↧
Client replies are cutting off new content
We have an interesting scenario where we will send a client a list of questions via WHD email.
Scenario one:
If they reply inline but do NOT put any message at the top of their reply and reply inline. The inline notes all show up with the quoted reply.
Scenario two:
If they reply inline and do put a message at the top (such as: "See replies inline") then all we see is the "See replies inline" and the WHD process cuts off the original message.
↧
Client account portal
When a client enters a ticket then goes to History to review the status is there away to NOT allow them to see who entered the notes. In our company if someone see's a name they will contact them directly for more assistance besides our Help Desk.
Ticket 22 in the demo below shows a note being added by J. Admin. I would like to add hide that name from the clients.
↧
