As you may have heard, the lab is switching to a new system for time tracking. More announcements on that will be coming from others as we get closer to the switchover date, including training information.
In order to use the new app, there’s a piece of software (Citrix Receiver) that you need to have installed. We’ve already installed it on all the Macs we manage. If you self-manage your machine, however, it’s easy to install. The simplest way is to visit https://appgateway.anl.gov with your browser. It will detect if you have the app and offer to install it if necessary. Right now, this URL is only accessible from inside Argonne — I’m looking into whether or not this is intentional as I was led to believe this was an “access anywhere” solution.
The software is available for Mac, Windows, Linux, Android, and iOS. (To install for Android or iOS, use the Google Play store or Apple App store and search for “Citrix Receiver”).
Documentation related to Dayforce can be found on Inside Argonne at http://inside.anl.gov/tools/applications/dayforce including links to login to the system. You won’t be able to login to Dayforce until the division has been switched to use it, but there’s an “Inside Argonne” app there you can test things out with.
Specific instructions on the Citrix software can be found at http://inside.anl.gov/tools/applications/citrix-gateway including instructions on installing in Windows, Mac OS, Debian-based systems, and RPM-based systems. If using a mobile client, after opening the Citrix Receiver software, point it at https://appgateway.anl.gov for app and login information.
This work has been postponed to Wednesday. Sorry for the short notice.
In a very confusing method of observing Valentine’s Day, some resource calendars are being migrated from the soon-to-be-retired Zimbra server tomorrow during the day. If you have any reservations or changes to make on these calendars, please get them in place today. Tomorrow during the day they will be moved to Exchange, and we’ll send out pointers to instructions on the new calendar location and procedures after the migration is complete.
The list of calendars being migrated are:
MCS Travel/Absence calendar
MCS Wireless Modem reservation calendars
MCS Projector reservation calendars
MCS Loaner Laptop reservation calendars
Please see the note below regarding a Flash Player update to address a vulnerability that is currently being exploited. For administrative users whose systems are managed by us, we’ll get you up to date. This notice is for all those who manage their own machines.
Adobe has released an Emergency Patch for Flash on all platforms on Feb 4.
Windows and Macintosh should update to Adobe Flash Player 188.8.131.52.
(Exploits ARE available and targetting MacOS machines too.)
Linux should update to Adobe Flash Player 184.108.40.2066.
Google Chrome has Flash built in so needs to be updated the lastest patch level.
Internet Explorer Versions 10 and 11 also have built in Flash and have patches available.
There are currently exploits in the wild on this and appear to be picking up speed on distribution.
Please get updates installed on your systems as soon as possible.
We will be updating the DNS Blacklist, Web Proxy and Email gateway with signatures as bad stuff is found. Be aware that things are changing faster than anyone can react to insert filters or blocks.
Notifications are now enabled to all recipients and senders of blocked attachments. This is rudimentary and will be fine-tuned tomorrow. More details as I get them…
This is a followup to the announcement this weekend, also available here: http://mcssys.wordpress.com/2014/02/01/sending-and-receiving-attachments-may-not-work/
A quick update on how things are progressing with the problem of e-mail attachments being silently dropped. The Cyber and email teams in CIS met today to go over the problem. I just got off the phone with them and we discussed what’s happening.
* They’re putting through a change today that will stop blocking some of the problematic attachments that are low threat (such as shell scripts, for example).
* Notifications are indeed broken. If the system were working as expected, items would not have been blocked silently. If it were working as designed, one of two notifications would be triggered. For internal to internal messaging, the sender of the blocked attachment would have received a notice the attachment was blocked. For external to internal messaging, the recipient would have received the message minus the attachment, and received instructions on how to go about getting the attachment released. CIS don’t know why this is failing, but it is still an issue and they’re actively looking into it.
* We discussed alternatives to this that would accomplish the goal of protecting users and machines from malware while not hampering work. That’s an ongoing process, obviously, but there are already clear avenues we can pursue that are being investigated. Ideally, for anything that *does* get blocked, it would result in the recipient being able to retrieve the blocked item in a self-service method and in a timely fashion.
I’ll continue to keep everyone posted. Thanks to all who reported this issue. CIS is quite upset and apologetic about the inconvenience this caused — silently dropping mail is never a good thing.
It seems that the Exchange server almost all of us are using is blocking attachments that have executable files. What this means is that if you receive a file (including a ZIP file) that contains a windows executable, or even an executable shell script, it’ll get blocked. It’s supposed to notify you of this, but that appears to not be working reliably at the moment.
I’m working with CIS on this (from both a policy and execution standpoint), but in the meantime if you don’t get an email you were expecting, it may be because it contains a “forbidden” attachment. In these cases, until we figure this out, you should work with the person sending the attachment to get the file via some other method, such as sharing via a file service (box.com, Dropbox, Google, etc.) or send to an alternate account.
I’m really sorry about this — if I could turn it off right now I would, trust me. We’ll figure it out, though, and I’ll keep working with everyone involved to make sure the solution works for all sides. Please continue to let me know any issues you do come across. Thanks.
Please see the following announcement from CIS. The only thing that seems to affect CELS is the telephone system work and some Argonne web applications being patched. Argonne Business Systems will be inaccessible on that Saturday.
IT Maintenance Weekend Coming January 17-19
Major maintenance activities are planned for the weekend of January 17-19. Work will commence at 5:00 pm on Fri, 1/17 and continue through 7:00 pm on Sun. 1/19. Expect that any laboratory network and core IT services may be effected throughout the weekend. Please note;
- All telephone systems will be down for resiliency testing between 6:00 and 7:00 pm Friday. This includes emergency phones and 911 services. A PA announcement will be made when this happens. In the event of emergency, employees should contact emergency services from their cell phones (630-252-1911).
- All telephone systems will be down for resiliency testing. A PA announcement will be made. ~15 min. outage expected
- All voicemail services down. ~2 hr. outage expected
- Web applications down for patching
- Building 201, network outage much of the day
- do not expect to have network access or get to your desktop computers in Bldg. 201 on Saturday
- Wireless networks, rolling outages throughout the day
- Many business systems & SCADA down for the morning
- Login servers down in the afternoon, majority of business application inaccessible
- Web applications server upgrade, ~2 hr. outage expected
- Most everything back to normal by early morning
- Full verification throughout the day
Due to the treacherous conditions, a number of the Systems team are working remotely today. We’re online and accessible, but any activities requiring in-person actions might be delayed. As always, report any issues to email@example.com.
Thanks, and stay safe (and warm)!
At 5:00pm today there will be a brief outage of all the WordPress sites on press3.mcs.anl.gov including those below. This is so applied security updates can take effect. The outage is expected to only last a few minutes and an all clear will be sent when the server and sites are back. If this outage poses a problem please email firstname.lastname@example.org so we can work with you on it.