Posts in Category "General"

CSO EMEA1 – DATE (21 May 2015)

We’re currently investigating an issue on EMEA1 cluster that is impacting customer meetings.

Few issue reports we have :

  • Connectivity lost during meeting / users drop out of rooms
  • Rooms do not launch
  • Also: telephony profiles associated with rooms are disabled.

We are investigating aggressively and will follow up shortly.

 

** Update **  –  The cluster is stable now. We’re not seeing any further connectivity issues.

Note : Telephony profiles Issues is still being investigated as a separate incident. More updates to follow shortly.

** New Update **  – All issues including Telephony profiles have been resolved now !

 

FLV video files are playing back in fast forward mode (too fast) while upload to Adobe connect

After making recording offline (FLV), the video files are running in fast forward mode was discovered as an issue with Adobe flash player version 17.0.0.166. This issue is now fixed and a new version of flash player (17.0.0.188) is public. If you are facing issues with FLV video files running too fast than please update your flash player to 17.0.0.188.  Please note that, both old and new FLV files may depict this behavior.

You can download the latest flash player from here:  https://get.adobe.com/flashplayer/

On-premise Connect Installation Hangs Connecting to the Database

Symptoms: Installing with clean images on servers, the Connect Installation with the appropriate local Administrator permissions seemed to be successful but upon clicking “Done” its hangs indefinitely. Restarting the services does not help and the Connect Configuration Console on the local Connect server will not come up. Rebooting the VM will not bring Connect up. In the error.log, it reads:

“Start up error: java.lang.Exception: invalid backup folder: \\connectsharedstorage\connect.” START_UP    START_UP_ERROR….

Note: replace connectsharedstorage\connect with your UNC path to shared storage.

Solution: This error indicates that shared storage is expected by the database but is not configured on the Connect server. This may inadvertently be overlooked during an upgrade instance when a new server (perhaps with a new OS) replaces an older server. The fresh Connect installation, upon pointing to an existing upgraded database that has possibly been updated by script or maybe by the older server image, is expecting shared storage to be in place, but it is not yet configured on the new Connect server. To get past this, edit the Shared Storage entry in the PPS_Config table of the Connect Database to “NULL” and restart the services.

CSO NA11 – DATE (14 May 2015)

The application VIP NA11 is currently down. It may not affect ongoing meetings, but currently the web app VIP is being redirected to the status page. We are investigating aggressively and will follow up shortly.

 

** UPDATE ** – Issue has been repaired at 10:58 AM PST.

Offline FLV Archives Fast-forward during Playback

With Flash Player version 17.0.0.169, the Nellymoser audio codec used within Connect offline FLV Meeting archives played automatically in fast forward. This issue is resolved in the latest Flash Player.

The solution is to install Flash Player version 17.0.0.188 (or later depending on when you run into this issue) and all effected Connect FLV meeting archives will play normally.

https://get.adobe.com/flashplayer/

 

 

 

The begin screen-sharing button in Connect is obscured by the task-bar when resolution on a laptop screen is set to 1366×768

The begin screen-sharing button in Connect is obscured by the task-bar when resolution on a laptop screen is set to 1366×768. You will see this happen, if you use a laptop with 1366×768 screen resolution, attempt to share your screen in Connect. The effect is that the start screen sharing button is hidden behind the Windows task bar at the bottom of the screen:

Small Res - High DPI

The expected behavior is for the start screen share button to be accessible.

The workaround options are to either move the task-bar or change the screen resolution in order to expose the button, but since the start screen-sharing button is already highlighted or in focus albeit unseen, if you simply hit the enter key, screen-sharing will begin. Keep in mind that 1366×768 is the default screen resolution for some laptops.

Note: This is only reproducible in high DPI mode and it is not limited to the Connect Screen-sharing dialog. See how the basic operating system “Save As” dialog exhibits similar behavior at the same resolution:

Small Res - High DPI Windows Dialog

Configuring Secure SQL with Connect

It may be prudent to secure the connection between the Adobe Connect application servers and the SQL database.

Begin with the SQL server and then move onto the Connect server(s); if your SQL server is shared then begin with a change request to the DBA who has charge over the shared SQL environment. If your SQL database is already secure, you may skip Part I.

Part I. Securing the MS SQL Database Server:

First open the Certificates snap-in:

1. Open the MMC console, click Start, and then click Run; In the Run dialog box type:  MMC
2. From the  File menu, click Add/Remove Snap-in….
3. Click Add, and then click Certificates. Click Add again.
4. You are prompted to open the snap-in for the current user account, the service account or for the computer account. Select the Computer Account.
5. Select Local Computer, and then click Finish.
6. Click Close in the Add Standalone Snap-in dialog box.
7. Click OK in the Add/Remove Snap-in dialog box. Your installed certificates are located in the Certificates folder in the Personal container.

Use the MMC snap-in to install the certificate on the server:

  1. Click to select the Personal folder in the left-hand pane.
  2. Right-click in the right-hand pane, point to All Tasks, and then click Request New Certificate….
  3. The Certificate Request Wizard dialog box opens. Click Next. Select Certificate type is “computer”.
  4. In the Friendly Name text box you can type a friendly name for the certificate or leave the text box blank, and then complete the wizard. After the wizard finishes, you will see the certificate in the folder with the fully qualified computer domain name.

You are done now with installation of certificate on the SQL server, next you will need to export the certificate so that the same can be imported in the Connect application server.

  1. Open MMC, and then locate your certificate in the Personal folder.
  2. Right-click the certificate name, and then click Open.
  3. Review the Certification Path tab. Note the top most item.
  4. Navigate to the Trusted Root Certification Authorities folder, and then locate the Certificate Authority noted in step 3..
  5. Right-click CA, point to All Tasks, and then click Export.
  6. Select all the defaults, and then save the exported file to a location where the Connect application server can gain access to it.

Configure SSL encryption in the MS SQL instance:

1. On the SQL server start menu open Microsoft SQL Server>Configuration Tools> SQL Server Configuration Manager:

SQLsecure1.fw

2. Expand SQL Server Network Configuration, then right-click Protocols for MSSQLSERVER, and choose Properties. Select the Flags tab and change the Force Encryption setting to Yes.

sqlserverencryptionstep2

3. Under the Certificate tab, choose the certificate created earlier from the drop down list:

SQLsecure4

The database is now ready for secure connection with the Connect application server.

Part II. Configure the Connect application server to support a secure SQL connection:

Importing the certificate onto the Connect application server

  1. Copy the certificate from MS SQL Database server to the Connect application server(s) or to an accessible share.
  2. Navigate the Connect application sever by using the MMC snap-in, and then browse to the Trusted Root Certification Authorities folder.
  3. Right-click the Trusted Root Certification Authorities folder, point to All Tasks, and then click Import.
  4. Browse, and then select the certificate (.cer file) that you copied in step 1. Select the defaults to complete the remaining part of the wizard.

Create a Trust Store

1.  Be sure to have java installed on your Connect application server; at the command prompt, navigate to the bin directory of your JRE, and execute the following command:

keytool -import -file  <certificate file path> -alias firstCA -keystore <any name for trust store>
Note: This step will queue for a password, create and record a password for future reference.

2. In the ConnectProSvc.conf in the appserv\conf directory, add the following entries in the list of JAVA arguments:

wrapper.java.additional.28=-Djavax.net.ssl.trustStore= <path of Trust Store file created in step 1>
wrapper.java.additional.29=-Djavax.net.ssl.trustStorePassword=<password you created in step 1>

Configure the secure connection in Connect:

1. In custom.ini file under the root Connect installation directory, add the following entries:

DB_ENCRYPTION_METHOD=SSL
DB_VALIDATE_SERVER_CERTIFICATE=true

2. Cycle the services or reboot the server:

Adobe Connect Service
Flash Media Service

Note: For secure LDAP or LDAPS with Connect and for additional granularity around the paths and keystore see the following tech-note: Configure Connect Directory Services to use LDAPS

Security scans flag FMS used in Adobe Connect

Multiple Adobe Connect on-premise customers have informed us that some of their security scans are reporting that the version of FMS used in Adobe Connect is unsupported. There are no known open security issues in the version of FMS used in Connect today. The FMS components that are embedded in Adobe Connect on-premise deployments are fully supported under the maintenance and support agreements for Adobe Connect.  If any vulnerabilities are discovered in these components of Adobe Connect, they will be addressed per the guidelines of those support agreements.

Reducing the Number of Ports Listening on an Adobe Connect Server

Some ports that are not being used can be shut off:

Port 1111 is listening as part of the Flash Media Administration Service.  It does not serve any needed function and may be shut off as part of hardening or simply conservation of resources.

Note: Do not confuse the Flash Media Administration Service with the Flash Media Server or FMS, while the former is unneeded, the latter runs the Meeting server.

Port 2222 may also be closed. The Flash Media Gateway (FMG) service may be listening on that port if is was installed with Connect. If you are not using FMG for Unified Voice Telephony, then you may shut off that service as well.

Shut off and set to manual or disable either of both under the services MMC:

fig04

You may also quickly use commands to stop the ports instantly from listening; go to the command prompt with elevated permissions:

  • Run net stop fmsadmin (or sc stop fmsadmin)
  • Run net stop fmg (or sc stop fmg)
  • Run netstat -an|find “1111” or netstat -an|find “2222”to make sure they are down (or sc query fmsadmin or sc query fmg )

Compliance and Control features reset to default after uploading a new license file

Title :   Compliance and Control keeps getting reset after uploading a new license

Problem: Compliance and control settings may get reset when you upload a new license file on your Adobe Connect server install.

Environment: Licensed

Reason/Error Message of behavior: This is expected behavior and is working as designed.

Possible Solution: If it is necessary to re-upload the license file, a possible solution is to save these settings somewhere either by taking a screen shot or creating a spreadsheet and reapply them later once the license has been uploaded.

Contact Support with any questions : http://helpx.adobe.com/adobe-connect/connect-support.html