#225 – PeopleSoft Security Insights w/ Greg Wendt


This week on the podcast, Greg Wendt from Appsian joins us to talk about IDP-based authentication, Zero Trust security with PeopleSoft, and some of the creative ways you can use Appsian.

Show Notes

  • Introducing Greg Wendt @ 1:30
  • IDP-based Authentication @ 3:30
  • Kiosk Security and BYOD @ 9:00
  • Zero Trust and PeopleSoft @ 11:30
  • Security Implications with Cloud Migrations @ 18:00
  • How do privacy laws affect PS Admins? @ 21:30
  • Creative uses with Appsian @ 34:00

Cloud Manager Configuration

Notes

If you haven’t installed Cloud Manager yet, watch this video first to learn how to install Cloud Manager.

  1. Install Chocolatey

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
    
  2. Install Firefox

    choco install firefox -y
    

#224 – Zen Transport


ShowNotes

#223 – Single Sign Out


This week on the podcast, we talk about switching to DuckDuckGo for searching and Kyle finds the Windows Clipboard History feature. Then Dan shares his discovery of the IB Automated Integration Tester and Kyle talks about Single Sign Out with multiple environments.

Show Notes

psadmin.conf: Elasticsearch Clusters on Kubernetes

In this session from psadmin.conf 2018, JR Bing gives an introduction to Kubernetes and then dives into why he is using it to run an Elasticsearch cluster. The session includes a great demo as well showing how PeopleSoft interacts with the Kubernetes cluster. He finishes the session with some ideas on how containers Kubernetes could be used by PeopleSoft in the future.

We released the videos as a free course so you can find the videos in one place. Head over to the psadmin.io courses page and sign up. If you already signed up for the course, you can log in and the new video will be available.

#222 – Cloud Manager 10 Review


This week on the podcast, Graham Smith joins Dan to talk about passwords and Cloud Manager 10. We discuss the new installation process, the use of Terraform and the File Storage System, and improvements to building environments.

> Watch our video on installing Cloud Manager using the OCI Resource Manager <

Show Notes

  • Password Complexity @ 1:30
  • Cloud Manager 10 Review
    • Cloud Manager Audiences @ 9:30
    • Installation via Resource Manager @ 16:00
    • Terraform as a first class citizen @ 20:00
    • OCI File Storage System @ 26:00
    • Self-Updating @ 27:30
    • Cloning Environments @ 31:30
    • Managing Nodes @ 35:30
    • Windows Support @ 39:00
    • Importing Environments @ 42:45
    • CM Wishlist @ 44:30

Signing nVision Macros

Signing nVision Macros

If you have to support nVision reports, you’ve probably had to deal with getting nVision configured on developer workstations. To develop nVision reports, you need to run Excel macros inside Excel. But, many organizations are concerned about allowing users to run any macro. Macros are often an attack vector for hackers, so running Excel macros are something that IT security often discourages.

How do we balance the need to run nVision and IT security discouraging macros? We can sign the nVision macros with a certificate from your organization so that the macros are trusted. To sign the macros, we will use tools that come with Microsoft Office.

Generate a Certificate

First, we need to generate a certificate. If you have Office 2016, you will find the selfcert.exe program here: C:\Program Files\Microsoft Office\root\Office16\

PS C:\> cd 'C:\Program Files\Microsoft Office\root\Office16' 
PS C:\Program Files\Microsoft Office\root\Office16> .\SELFCERT.EXE

Give your certificate a name, nVision, and click OK. Your certificate is stored in the Windows Certificate Manager.

Sign the Excel Macro

Next, launch nVision and sign in. If nVision hangs, you can start Excel, set the macro settings to “All Macros enabled” for now (File> Options > Trust Center > Trust Center Settings > Macro Settings), then relaunch nVision.

Once nVision has started, enable the Developer tab under File > Options > Customize Ribbon. Select the Developer option and move it to the toolbar. Next, click on Developer tab and select the Visual Basic button. In the VB Editor, click on Tools > Digital Signature and select the nVision certificate. Save your changes.

Test the Signed Macros

Before we test, make sure your Excel macro settings are correct. Under File> Options > Trust Center > Trust Center Settings > Macro Settings, select the option “Disable all macros except digitally signed macros”. Close Excel and nVision.

Last, launch nVision and watch your digitally signed macros run in Excel.

#221 – Refresh-able URLs


This week on the podcast, Jim Marion from JSMPros joins Dan to talk about their favorite coding fonts, making App Designer a better tool, HTML attributes to make PeopleSoft pages better, and how to build refresh-able URLs.

Show Notes

Cloud Manager Installation

Sign up for an Oracle Cloud Trial Account

Create SSH key

ssh-keygen -f ~/.ssh/cmtrial
cat ~/.ssh/cmtrial.pub

Create OCI API Key

openssl genrsa -out ~/.oci/cmtrial.pem -aes128 2048
openssl rsa -pubout -in ~/.oci/cmtrial.pem -out ~/.oci/cmtrial.pub
openssl rsa -pubout -outform DER -in ~/.oci/cmtrial.pem | openssl md5 -c
cat ~/.oci/cmtrial.pub
base64 ~/.oci/cmtrial.pem | tr -d "\r\n"

More information on building OCI API Keys

Allow Public Access to CM

  1. Menu > Networking > VCN > cm Subnet > Security Lists > cm_sec
  2. Add a new rule: 0.0.0.0/0 8000
  3. Add a hosts entry to access CM
echo "IPADDRESS psftcm.cm.psftcm.oraclevcn.com" | sudo tee -a /etc/hosts

Logs to view while waiting for Cloud Manager to finish.

ssh -i ~/.ssh/cmtrial opc@IPADDRESS
tail -f bootstrap/CloudManagerStatus.log
tail -f bootstrap/psft_oci_setup.log

#220 – ACM Runs


This week on the podcast, Kyle and Dan discuss using OneNote for technical documentation and why it works for them. Dan also talk about using the ACM more with the DPK and shared some of the limitations that still exist in the ACM.

Show Notes

  • JSMPros Sound Bytes @ 2:30
  • OneNote and Documentation @ 3:30
  • ACM Deployments @ 13:00
  • ACM and IB @ 17:30
  • Separating ACM Runs in the DPK @ 28:30