≡ Menu

We recommend staying away from fancy online password managers so Password Safe is our long-time go-to solution for securing logons. If Passwordsafe is part of your kit on OS X (or Ubuntu, Red Hat, et cetera) this will be useful.

Install wxPython:

brew install wxpython

Download Loxodo for OS X or (even better):

git pull https://github.com/sommer/loxodo.git

(you did remember git is context sensitive right?)

To run, cd into the location of loxodo.py and execute:


We prefer to execute from command line, so in /usr/<username> create a symbolic link:

ln -s  /usr/local/some/obscure/location/loxodo.py /Users/<username>/loxodo.py

Now one can open a terminal to run:

<computername>:~ <username>$ ./loxodo.py

“Cristoph Sommer’s pure Python Password Safe v3-compatible Password Vault Loxodo is a thing of beauty, especially when accessing the same v3 psafe archive file from multiple operating systems.”

“Renowned security technologist”[1] Bruce Schneier, author of many books designed Password Safe for simple and secure password management. Password Safe is maintained at https://pwsafe.org/.

From git the source is open.

On Windows, each formal release of  Password Safe is digitally signed with the project administrator’s gpg key. To verify the signature, use this public key (key fingerprint = A703 C132 8EAB C7B2 0175   3BA3 9194 6451 5CCF 8BB3).

Posted by: Jon H. Williams
[1] https://pwsafe.org/index.shtml

SQL Server tuning

If SQL Server is part of your kit, this will be interesting:

“If you do a lot of query and index performance tuning, you’re going to love the improvements in this month’s release of the First Responder Kit.”

First Responder Kit is from Brent Ozar Unlimited® via @BrentOzarULTD



Unable to Assign Access Control in Shared Services for HFM

Oracle Enterprise Performance Management System, Release or below
A right-click on an HFM application in Shared Services, throws an authentication error. The server is unable to process your request. Please have an administrator restart the Web server.
Click “OK”.
Click “Finish”.
Right click again on the HFM application in Shared Services. Assign Access Control seems to begin to work.
Logout, and back in, to Shared Services; The problem recurs.
This error indicates the EPM System was not properly shutdown during the last restart. The HsvDataSource.exe for the particular process and the CASSecurity hang and hold the memory. Manually clearing the HsvDatasource.exe process(es) and CASSecurity.exe process(es) will clear the holding memory which allow communication like “assign access control”.


Shutdown HFM completely on all servers, including the processes HsxService.exe, HsxServer.exe, and HsvDatasource.exe, then kill process(es) CASSecurity.exe.
Restart HFM.


The related error message will be like:

URI: http://servername.mycompany.com:port/hfm/security/securityAssignmentWizard.asp
Code: -2147023174
Description: An error occurred processing the result from the server.
Actor: Hyperion.HFMErrorHandler.1
Trace: Error Reference Number: {8CDD5ED5-C012-423B-843E-FAE0FB3F2403}
Num: 0x800706ba;Type: 0;DTime: 6/18/2013 7:18:18 PM;Svr: servername;File: CHITRegistryWrapper.cpp;Line: 1116;Ver:;
Num: 0x800706ba;Type: 0;DTime: 6/18/2013 7:18:18 PM;Svr: SERVERNAME;File: CHFMwHITRegistry.cpp;Line: 777;Ver:;

The environment is stable (Assign access control worked previously).
One can access all the HFM applications.
One can (re-)register the HFM applications.

Prevention: Modify the shutdown script to verify the processes HsxService.exe, HsxServer.exe, and HsvDatasource.exe end, and to verify CASSecurity.exe ends.

external links

None at this time


simplify SQL Server installation

“SQL FineBuild makes it easy for anyone to produce a best-practice installation and configuration of SQL Server.

“Simplify the time needed to deploy any of the following builds:

Main Instance Server Build – for multi-drive servers (clustered or non-clustered)

Additional Named Instance Server Build – adds another SQL Server instance to a server

Workstatiodrive[sic] desktop machines

Client Tools Only Build – just the tools, to allow remote administration of SQL Server

“There are five members of the FineBuild family:

  • SQL2016 FineBuild to install SQL Server 2016
  • SQL2014 FineBuild to install SQL Server 2014
  • SQL2012 FineBuild to install SQL Server 2012
  • SQL2008R2 FineBuild to install SQL Server 2008 R2
  • SQL2008 FineBuild to install SQL Server 2008
  • SQL2005 FineBuild to install SQL Server 2005

“All of these can be downloaded at FineBuild V3.2.1
source: http://sqlserverfinebuild.codeplex.com/




external links

Source for this is the original author in a SQL Server Central post about replication.
Get more information about FineBuild from discussions on CodePlex.



managing mixed environments with MobaXterm

connect from Windows clients to Linux servers

MobaXterm Professional provides full X server and SSH support in a portable (no install required) customized (no unwanted games nor tools) application.

connect from Linux servers to Windows clients

Diligent system administrators usually isolate the EPM system servers completely from the Internet, allowing no direct connections. The recommended practice is to download and validate more than 20GB of Oracle EPM source software and patches to a client desktop before transferring to the EPM servers. By running MobaXterm on a Windows client, secure connections, rapid file transfer and remote terminal access is straight-forward from the Windows client to Solaris/Linux servers AND from Solaris/Linux servers to the Windows client.


Prerequisite: MobaXterm Professional
This post describes the process that I use to setup MobaXterm Professional. The cost is negligible as we remove components undesirable in client environments (e.g., games, port scanner, network packet capture, http server, NFS server, et cetera).

In addition, we will add plugins (e.g., httperf, Curl, and DnsUtils like dig or  nslookup).

The Home Edition is free, subject to MobaXterm terms and conditions, but somewhat limited and excludes professional support.


[click to continue…]


easy alias to show all files in OS X

From Ian Lunn:

… All I need do now is type showFiles and hideFiles whenever I need to show/hide OS X’s hidden files. Here’s how you can do it too.

How to set up an alias for AppleShowAllFiles. Edit ~/.bashrc:

alias showFiles='defaults write com.apple.finder AppleShowAllFiles YES; killall Finder /System/Library/CoreServices/Finder.app'
alias hideFiles='defaults write com.apple.finder AppleShowAllFiles NO; killall Finder /System/Library/CoreServices/Finder.app'


OSX: the first 30 minutes

After your Apple® arrives, what next?

The very first things one should do on OS X are system updates, Homebrew setup, install Java,  install GNU system tools, , install favorite editor, setup the shell & configure the bash_profile.

System Update

Before you start the 30 minute timer…

Connect to the Internet
Unplug everything except the power supply (no external drives, no usb keyboards/mice, etc.)

Select ‘’ > ‘About This Mac’ > ‘Software Update’

Install all available updates.
[click to continue…]


loading calculation manager from a prompt file

CalcMgrCmdLineLauncher.cmd replaces CmdLineLauncher.cmd

Not much has changed between Business Rules and Calculation Manager when using the CmdLineLauncher for loading with a runtime prompt file.


The solution to using CalcMgrCmdLineLauncher.cmd with Runtime Prompts AND getting multiple values passed in to work as they have previously.

Create a string value in variable manager of Calculation Manager
Create the substitution variables in the application (Planning in this case)
Process the rule from command line like: CalcMgrCmdLineLauncher.cmd [-f:passwordFile] /A:appname /U:username /D:database [/R:business rule name | /S:business ruleset name] /F:runtime prompts file



Host key verification failed when reconnecting ssh

This is a desired and expected behavior to guarantee a secure connection. When running a temporary SSH server on Windows, it can be repetitive.


Begin by starting the SSH server in MobaXterm on Windows where the source software was downloaded
'Servers' > 'Start SSH/SFTP Server' > 'OK'
From the Linux server, ssh into the Windows Server
'ssh WindowsUser@WindowsServer.where.SourceSoftwareIsDownloaded.com'
Alternately, attempt an rsync to rapidly transfer and verify the source software and patch archives (this requires some fiddling to get right).
'rsync -Ivvvrtz -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" --progress WindowsUser@WindowsServer.where.SourceSoftwareIsDownloaded.com:/drives/l/ /u01/hyperion/installer'

Some time later, when you attempt to repeat the process, ssh will fail with error like:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /home/<user>/.ssh/known_hosts to get rid of this message.
Offending key in /home/<user>/.ssh/known_hosts:3
RSA host key for <servername> has changed and you have requested strict checking.
Host key verification failed.

This is caused by stopping and restarting MobaXterm on the Windows server; The SSH Server fingerprint will change.

Delete the offending key (the location of known_hosts will vary):
sed '3d' -i /var/lib/sss/pubconf/known_hosts  
sed -i -e 3d /home/<user>/.ssh/known_hosts

Note: the sed command is worth learning.

[click to continue…]


Patch 17529887 successfully applied or NOT

Fun with whether or not Patch 17529887 successfully applied

tested with file V44215-01
The README for Patch 17529887: (Release Patch Set Update (PSU): 17529887)  indicates you can apply to and that there are no prerequisites beyond the usual Visual C++ 2005 Redistributable Package.

This is not exactly the case, as various Windows OS prerequisites impact whether the patch is applied successfully.

As others have noted, the ADF patches often do not truly apply. I have applied the superpatch on nearly a dozen systems without having any issues so was surprised to finally see the ADF patch deployment failure today.

A new interesting quirk came up as well, when installing the patch with local accounts on a multi-node system. The Microsoft (R) Windows Script Host will fail to process vbscripts like:

D:\software\17529887\custom\scripts\create_version_history.vbs(32, 1) Microsoft VBScript runtime error: Path not found

The intrepid Windows administrators had not set up Windows with cohesive Region and Language settings.


Rollback the patch

D:\Oracle\Middleware\EPMSystem11R1\OPatch\opatch rollback -id 17529887 -oh D:\Oracle\Middleware\EPMSystem11R1 -jre D:\Oracle\Middleware\jrockit_160_37

Check that Region and Language settings match the System Locale. This was corrected by changing the Region and Language setting from “English (United Kingdom)” to “English (United States)“.

Reapply the patch.

Verify after restart that the expected versions are picked up and showing in Workspace > About.



external links

None at this time