Friday, September 15, 2017

I´m speaking at Social Connections 12 in Vienna

I got a nice email yesterday evening from the Social Connections team, letting me know that my abstract was accepted.

My session has the title
"We hired hackers to hack us; A case study about cloud-based authentication and security in IBM Connections"

In this session I´ll be talking about a case study where I will show how we (Item Consulting) integrated the cloud-based third-party authentication mechanism, Auth0, into IBM Connections, and you will learn about the hack attempt and what the hackers were able to find out.
Did they manage to hack IBM Connections?


Here´s the link to the agenda: https://socialconnections.info/12-agenda/
And here´s the link to my session: https://socialconnections.info/sessions/hired-hackers-hack-us-case-study-cloud-based-authentication-security-ibm-connections/

Thursday, September 14, 2017

IBM Connections Desktop Plugin folder sync issue - now solved

I had an issue with the IBM Connections Desktop Plugin.

IBM introduced the "My Drive" and the ability to sync folders and sub-folders some months ago, and this seemed to be working fine when I connected the plugin to on-prem installations of Connections.
I was able to sync folders, files and sub-folders.

But then, I attempted to connect to the IBM Connections Cloud.

Here I was able to sync files, but when I attempted to sync folders, those just would'nt appear in the "My Drive" section of the windows explorer.

I reached out to the eminent Skype-team, but no one else had seen this error before.

I also attempted an install of the plugin on Windows 7 and Windows 10, but the same issue occured.

So, I started a PMR on the issue (#37584,756,000).

During the PMR, I learned that there is a debugging tool for the plugin, which is a standalone windows application located at the plugin install directory (C:\Program Files\IBM\Connections Desktop Plugins\DITrace.exe).
By starting this, you see the entire log for authentication and syncing when you reproduce the issue.

This is a great tool, which showed us that there were authentication issues to the cloud, which made only single files able to sync to the My Drive, not folders.

And the reason for this happening? I was logged into my customers cloud space as a Guest User!!
If I tried as a proper user, syncing of folders worked as it should.

So, this was a bug in the plugin. And was only affecting Guest User accounts in the Cloud.

If you see the same issue, the newest plugin available now has a fix for this. (Dated 08. September 2017).
So download the newest plugin from the Cloud here: http://public.dhe.ibm.com/software/dw/ibm/connections/IBMConnectionsMSDesktop.zip


The Trace the the ditrace.exe file gave me was btw, which led IBM to find the solution and provided a fix:

(1436,3972) 07/04/2017 07:35:17:989 2 CAuthenticator::Authorize CloudAuthExt - calling authorize with url: https://apps.ce.collabserv.com, uid: 'user.name@customer.no, and pw.isEmpty(): 0
(1436,3972) 07/04/2017 07:35:17:990 2 CAuthenticator::Authorize Beginning cloud auth using url: 
https://apps.ce.collabserv.com
(1436,3972) 07/04/2017 07:35:19:260 3 CAuthenticator::Authorize calling transport:getRequest for url: 
https://apps.ce.collabserv.com/eai/auth/basicMobile
(1436,3972) 07/04/2017 07:35:19:346 3 CAuthenticator::Authorize transport:getRequest returned rc 401 for url: 
https://apps.ce.collabserv.com/eai/auth/basicMobile
(1436,3972) 07/04/2017 07:35:19:349 1 CAuthenticator::Authorize 401 received. Bad pw or userid for this non-federated user against URL: 
https://apps.ce.collabserv.com/eai/auth/basicMobile
(1436,3972) 07/04/2017 07:35:19:350 2 LFServer::handleAuthorizationExtensionAuthorize-{864B3A20-AC5D-4109-A55F-A1BD2FA6BDE9} 0x80040191, httpCode 401, struserid (err): Incorrect user login or password.