Trust CA certificate in Java JDK on Mac OS X 10.11

Replace jdk1.8.0_66.jdk with your JDK version. You will need to run this for each major version you have installed (1.7, 1.8, etc.).

cd /Library/Java/JavaVirtualMachines/jdk1.8.0_66.jdk/Contents/Home/jre/lib/security/
cp cacerts cacerts.bak
sudo keytool -importcert -file myca.crt -keystore cacerts

Thank http://blog.alwold.com/2011/06/30/how-to-trust-a-certificate-in-java-on-mac-os-x/

Update Trusted CA Certificates for Eclipse Tomcat Debugger on OS X

If you run the debugger in Eclipse, it will use the Java certificate store for verifying the chain of trust of certificates. I had a problem where the Eclipse debugger wouldn't connect to a server whose certificate was signed by my CA, even though OS X trusted the CA in Keychain. Turns out you have to add it to the cacerts file in the Java folder using command line. Check it: http://blog.alwold.com/2011/06/30/how-to-trust-a-certificate-in-java-on-mac-os-x/

Log in to SQL Server Management Studio on a different domain

runas /netonly /user:domain\username ssms.exe

source: http://stackoverflow.com/a/2099401/2506843

Make your Windows domain controllers NTP servers

Thanks to the author! This works great on my Windows 2012 R2 servers for serving NTP to all the Cisco Collaboration / Contact Center components in the network.

http://htluo.blogspot.com/2009/02/ntp-network-time-protocol.html

Fix the Windows Time Service on domain controllers

Finally, a set of commands that fixes the time service on my Windows domain controllers:

http://blogs.msmvps.com/acefekay/2009/09/18/configuring-the-windows-time-service-for-windows-server/

Note that when you run the "net time /setsntp: " command, it will successfully clear the registry settings for the time service, but the console will print the command help text as though you had entered an incorrect command option.

Java ProcessBuilder has 32KB buffer, .waitFor() hangs if it isn't cleared

If you're running a simple Java ProcessBuilder, and it hangs and never returns when you start it and then run .waitFor() without running separate threads to make sure it finishes nicely, it may be because the ProcessBuilder is out of memory in its STDOUT buffer. The buffer is 32KB, so if your process returns more data than that and you're just trying to do a simple, synchronous .waitFor() call and just wait for it to return with all the data, it will never return if it hits this buffer limit. You must either consume the buffer, use threads, or redirect the output somewhere, like a temporary file. Kudos to "kjkoster" on this thread for the idead and code: http://java-monitor.com/forum/showthread.php?t=4067.

It goes something like this:

final File tmp = File.createTempFile("out", null);
try {
    tmp.deleteOnExit();

    final ProcessBuilder processBuilder = new ProcessBuilder();
    processBuilder.command("cat", filename).redirectErrorStream(true).redirectOutput(tmp);
    final Process process = processBuilder.start();
    final int exitCode = process.waitFor();

    BufferedReader reader = new BufferedReader(new InputStreamReader(new FileInputStream(tmp)));
    String line = "";   
    while ((line = reader.readLine())!= null) {
        System.out.println(line);
    }
    reader.close();
    tmp.delete();
} finally {
    tmp.delete();
}

Example context.xml for JNDI resource for MSSQL with Windows authentication

<Resource name="jdbc/mydb"
        auth="Container"
        driverClassName="net.sourceforge.jtds.jdbc.Driver"
        maxActive="100"
        maxIdle="30"
        maxWait="10000"
        removeAbandoned="true"
        removeAbandonedTimeout="60"
        autoReconnect="true"
        logAbandoned="true"
        username="username"
        password="password"
        type="javax.sql.DataSource"
        url="jdbc:jtds:sqlserver://myserver.mydomain.com:1433;databaseName=mydb;useNTLMv2=true;domain=mydomain;"
        validationQuery="SELECT 1"
        validationQueryTimeout="1000"
        testOnBorrow="true" />

eGain and Cisco Finesse - Single Sign On

The gadget that Cisco provides for eGain's OEM integration (EIM/WIM) doesn't provide single sign-on of any kind. Neither does the eGain Solutions Plus gadget that eGain provides.

I added simple single sign-on using the Finesse javascript API to retrieve the agent login credentials, but this only works for agent ID logins, and not for username logins. The issue is that the Finesse javascript API (as of version 10.5) will only return the agent ID, whether you logged in to Finesse using your agent ID or agent username. The Finesse REST API, however, will provide you with 'loginName', which will correctly return which one you used to log in with.

Here's the repository for the updated gadget:
https://bitbucket.org/juxe/gadget-egain-sso/

Unmount NFS drive in VMware ESXi

ESXi 4.x:
# esxcfg-nas -d vol_nfs

ESXi 5.0:
# esxcli storage nfs remove -v vol_nfs

Run these commands using SSH to the ESXi host to unmount an NFS drive. The post below has useful information about doing this safely.

Thanks to this post: http://www.viktorious.nl/2013/04/05/vsphere-howto-remove-nfs-datastore-from-esxi/

FireTV Stick won't connect to Cisco IOS-based wifi access points

The fix:

dot11 wpa handshake timeout 500

Enter the above command in configuration mode on the Cisco IOS-based access point.

The problem: the FireTV Stick had an update in early December 2014 (it seems, maybe it was earlier) to version 54.1.0.2_user_102018720 and units with this update will fail to authenticate when trying to connect to at least some Cisco access points. My FireTV Stick was shipped this week and it had this problem out-of-the-box. After reading the first 2 pages of the thread linked at the bottom of this post, it seems that this update made the FireTV Stick slower at finishing the WPA handshake, and this is causing it to fail on the Cisco APs that have a lower WPA handshake timeout. I'm guessing that Cisco IOS-based access points have a lower WPA timeout by default than maybe some consumer wifi gear.

Thanks to Joseph P. Mundschau on this Amazon forum thread for the solution!

Use Gmail for your eGain email server

eGain can support Gmail POP and SMTP servers with a little under-the-hood wrench work.

Start by setting up your email alias in eGain Partition Administration (http://egainserver/default) with the following settings:

Incoming Email Alias Settings
Server type: POP3
Server name: pop.gmail.com
User name: the full email address on gmail
Password: the gmail password for this email address
Port: 995
Use SSL: Yes

Outgoing Email Alias Settings
Server type: ESMTP
Server name: smtp.gmail.com
User name: the full email address on gmail
Password: the gmail password for this email address
Port: 587
Use SSL: No


Now you need to disable plaintext authentication and enable StartTLS for this email alias. You must set these options in the database using SQL. Here is the script, just change the @email variable to be equal to the email address of your alias:

DECLARE @email varchar(MAX)
SET @email = 'myEgainAlias@gmail.com'
insert into EGPL_CONFIG_PROPERTY (DOMAIN,NAME,VALUE) values ('dx.alias.'+@email,'mail.smtp.starttls.enable', 'true')
insert into EGPL_CONFIG_PROPERTY (DOMAIN,NAME,VALUE) values ('dx.alias.'+@email,'mail.smtp.auth.plain.disable', 'false')

That's it! You'll still need to assign this alias to a Workflow Start as well as your retriever instance, and restart your retriever (and probably your dispatcher) instance for your partition.

If you want Gmail to be your eGain system's notification email server, you'll need to also run these 3 queries:

insert into EGPL_CONFIG_PROPERTY (DOMAIN,NAME,VALUE) values ('dx.smtp','mail.smtp.starttls.enable', 'true')
insert into EGPL_CONFIG_PROPERTY (DOMAIN,NAME,VALUE) values ('dx.smtp','mail.smtp.auth.plain.disable', 'false')
UPDATE EGPL_PREF_GLOBALSETTINGS SET SETTING_ACT_VAL='587' WHERE SETTING_NAME = 'common.services.dispatcher.mail.notificationemails.smtpport'

Disable Cisco Finesse gadget caching

Finesse will cache your gadgets, which can present a problem if you're trying to do gadget development and testing. To turn off caching, add this URL parameter to your Finesse Agent Desktop URL:

nocache=true

So, your login URL will look something like this:

http://finesse-pub.domain.com/desktop/container/?locale=en_US&nocache=true

The easiest way to get the right URL is to browse to your Finesse Agent Desktop login page, then just add "&nocache=true" to the end of the URL. You can do this before or after logging in to Finesse.