Thursday, January 25, 2007

SAN problems.

It's has been a busy January for me. In December 2006, we had severe issues with our SAN (and just before the Christmas holidays too) where we suffered outages that spanned a week with the root cause being the Fibre Channel switches resetting themselves at the same time. This caused our Storage Management servers to attempt to take over from each other causing a never-ending loop.

Apparently there was a bug in the firmware of the switches which caused them to reset. An upgrade of the firmware for the switches were necessary and was planned for the weekend of Jan 20th, 2007.

The morale of the story is even though you are setting up high availability and redundancy, make sure not to forget to ensure that the redundant components are "timed" differently. So there is now an outstanding work request to have one of the Fibre Channel switch reset several months so that its "reset cycle" is different from the other one.

Tuesday, January 09, 2007

Daylight Savings Time 2007

Just in case this has not been emphasized enough, it is critical that IS organizations in Canada and the US start to look at the upcoming DST changes (scheduled to be in effect March 11, 2007) and seriously start the planning for the patches/upgrades that needed to be applied. At my organization, we have multiple databases and versions, application servers, E-business Suite, PeopleSoft and other third party software plus on top of that we have various OSes including Linux, Windows and Unix. The patch/upgrade is not restricted to your software and OSes but includes any devices that utilizes time (e.g. network switches, firewalls, routers, etc.).

Oracle has the following Metalink articles for Databases & Middleware and Oracle Applications (including E-Business and PeopleSoft).

Sunday, January 07, 2007

Microsoft Vista/Acer/AMD giveaway

I've been following the "scandal" surrounding the Microsoft-Acer-AMD giveaway to various bloggers. There have been a lot of negative reaction to this giveaway with some bloggers actually receiving "death threats"! The gist of these negative reactions was that the blogger has been offered a bribe and taken the bribe. Well, things are not as black and white as it seems.

If the blogger is able to provide an unbiased review and disclose fully that the laptop was a "gift" sent by Microsoft to be used for review purposes, I don't see anything wrong with that. It becomes a problem if full disclosure was not stated as that would implied that the reviewer is biased because s/he has been paid a "fee". Even if the reviewer is biased and that is known from the outset, that would not be a problem at all and nobody would be interested in hearing from someone who is so biased (yeah, right!).

The thing that I can see that seems to create these issues was the fact that the readers of the bloggers expect the blogger to be unbiased and probably hold them to the same standards as journalists.

All in all, I wish Microsoft would provide me with a high-end laptop containing Vista and SQLServer 2005 for me review :D

Monday, January 01, 2007

Taking a page from Tom Kyte...

As the number of blogs and websites that I frequent grows, I am finding it tedious to keep my blog roll up to date and thought I would take a page out of Mr. Kyte and use an entry posting instead which I can edit easily and have my blog template point to that entry.

In no particular order:
Oracle-related Blogs
Tom Kyte's Blog - No further introduction needed.
AskTom - Not a blog but a Q & A and officially endorsed by Oracle (or at least Oracle Magazine).
Jonathan Lewis' Blog - again, no futher introduction needed. Jonathan recently started blogging and has already posted a number of very entries (things that makes you go "Huh? I didn't know that and I should experiment further to see how things works").
Eddie Awad's Blog - Based in Portland, Oregon; Eddie was "Blogger of the Year 2006".
Tim Hall - Based in the UK and movie-bluff (esp. the kung-fu kinds); Tim was "Oracle Ace of the Year 2006".
Kevin Closson - Hardware/Platform and Clustering topics related to Oracle Databases.
Lewis Cunningham - Guide to Oracle Technology.
Doug Burns - Doug loves his stuffed animals.
Peter Scott - Manager and DW/BI interests.
Pythian Group Blog - Oracle-focused consulting firm.
Lisa Dobson - Newbie DBA and worth the read.
David Alderidge - Mr. Oracle Sponge and DW "specialist".
Mark Rittman - BI "specialist" and social coordinator for Oracle bloggers :)
Amis Blog - A company-owned blog similar to Pythian.
Steven Chan - Oracle Applications Director. If you are involved in Oracle E-Business, then this is a definite blog for you.
Chris Foot - A Senior Oracle DBA and Oracle ACE
Andrew Clarke - Radio Free Tooting...on things Oracle
Steve Karam - Oracle consultant and calls himself the Oracle Alchemist.
Niall Litchfield - Frequent poster of various blogs and also comp.databases.oracle.server newsgroup.
Pete Finningan - Oracle Security specialist. Wrote a few books.
Howard J Rogers - Aussie-based but British-born Oracle Education instructor amongst others. I love his dry wit.
Bruce Schneier - I don't think Bruce needed any introduction but an expert on security (esp. encryption)
Rob Vollman - Another Canadian blogger.
Fairlie Rego - Another Australian-based Oracle blogger. Great stuff.
Jeff Hunter - Oracle, MySQL and other IT-related stuff.
Andy Campbell - Stuff that he should have known and that we should know too :D
Herod T - Yet another Oracle DBA and Canadian, eh.
Dimitri Gielis - I met Dimitri at the OOW2006 Bloggers' Meetup and he's an interesting person and heavily into APEX.

Non Oracle-related Blogs
Ririan Project - Interesting blog with interesting posts. Makes you think.
Ken's Blog - A fellow IT blogger who is currently involved in an IT company based in China. Mostly to do with Open Source Software.

Websites
Oracle OTN - If you are involved in Oracle and don't know about Oracle's OTN, then you are not involved in Oracle.
Oracle Metalink - Restricted site but easy enough to get access to.
Oaktable - "Experts" in Oracle technologies...the membership has grown over the years.
ZDnet News - US-based Technology-related news. Publishes eWeek, InformationWeek amongst others.
The Register - UK-based Technology-related news.

Updated: Jan 2/2007

Some observations over the last few weeks

This is a multi-entry post dealing with three points:
a) the Dizwell site. Most of you, if you don't already know, Howard Rogers decided to shut down his Dizwell site citing time constraints and also frustration with readers who seems to either can't follow directions or who seems to be demanding that they be spoon-fed with knowledge and refusing to learn/experiment on their own. There were several posts by other bloggers which indicated that HJR had a change of mind and decided to bring back Dizwell (and I sincerely hope he does as it is a very source of valuable Oracle information for the Oracle community) but when I last looked, it was still unavailable although instead of getting a "Page not found" error I got the following.


It seems that the error page also displayed the password used (erased in my picture) which I think is a security breach for if the error occurred not because of an invalid password but some other misconfiguration, then in essence, Drupal had just given the keys to whatever is in the MySQL database.

b) Oracle password hashes. David Litchfield has posted an entry to freelist containing C code which demonstrate that it is possible to get Oracle passwords if you know hashed passwords (stored in DBA_USERS) and the associated AUTH_SESSKEY and AUTH_PASSWORD from sniffing the packages on the network. Thanks to Paul Wright for pointing out the entry. I have yet to try out Litchfield's code to verify but that would mean that the hashed passwords stored within the database has to be protected and restricted. The question is how and what the impact would be.

c) There is a recently new blog called OracleBrains whose aim was to provide a source for Oracle information. I applaued the intention but I find it lacking in that it seems to restate stuff that are in the Oracle documentation and I find that a lot of the posts do not explain why but only show how which is as dangerous as certain things/changes should only be attempted after verification and under certain conditions. For example, their post on Oracle roles did not explain why you would get an error after you have switched role within your session and I could not be bothered to leave a comment on their blog as it required logging in with a WordPress account (another account to track). I for one is puzzled by their comment setup as it seems to referred back to the posting instead of showing the comments left by the readers and the folks at OracleBrains will post responses to these comments as another blog entry which is confusing as anything since you are now trying to following multiple postings dealing with the same subject/topic. Now this entry is not meant to criticize OracleBrains but to suggest some improvements as I am for more Oracle resources to be available on the Internet.