The HP3K Password
There are three different processes that access the HP3K and therefore three things that need updating when you change the password. Here's the three systems:
The Main Student Account System
Server
c3po
File
/home/r2d2/script
This is the classic system responsible for getting HP3K data for real students to generate accounts. The 2nd line of the file /home/r2d2/script is the password. In the future, I'd like to make the real student accounts use the new hp3k.pl based system (see below) which automatically changes the password when it expires. For now, because both are in use, expect the hp3k.pl system to change the password, and then copy that password out of /home/system/sidcopy/.hp3k.secret and put it in /home/r2d2/script.
Ssh to c3po_local not c3po. They are different interfaces and c3po_local is reachable.
Copy Hashed SID# for Rick
Server
c3po
File
/home/system/sidcopy/.hp3k.secret
Rick needed a list of valid SID#s to validate students as students. Larry, Rick and I had a long series of arguments conversations about how to do this, so don't think we haven't already been there. Anyway, I have a process that gets the SID#s and hashes them (SHA1, I think).
To get the lists, we need to interact with the HP3K, as above. I wrote a fancy script, hp3k.pl that uses expect and other wizardry to get the data from the HP3K and automatically change the password if it expires. The plan is to use hp3k.pl for main student accounts as well as Ricks SID hash needs. So, when the HP3K password expires, this thing will automatically change the password and stick it in /home/system/sidcopy/.hp3k.secret on c3po.
So, the upshot is, when the password expires, this process will change the password and get a new one and the other two processes will continue to use the old password unless you update them. This can easily lead to a lockout.
The Faculty Student Account Generator
Server
prngrabber
File
C:\MiniSoft\WS92\empfac.s92
All faculty should get student accounts. To get a list of faculty from the HP3K, Shelly write a DATAX procedure. Unfortunately, we can't do DATAX through the freevt3k interface on C3po. The only known way to run a DATAX is on the MiniSoft WS92 terminal emulator in Windows. So, I have a Windows XP virtual machine running in VMware on a Linux machine. To update the password on prngrabber, you have to set up an SSH tunnel to prngrabber and then use the vmware Server Console to connect. You need the prngrabber root password for this to work.
Connecting
You'll need to ssh into babar or celeste with port forwarding enabled, then once there, ssh into prngrabber, continuing the port forwarding. Please see Tunneling With SSH, a document I wrote for Shelly and Rick. The port you want to forward is 902. Because you'll be logging into babar or celeste as a non-root user, you won't be able to forward port 902. I usually forward port 1902 until I'm attaching to prngrabber, then I forward port 1902 to port 902 on prngrabber. This means I either have to forward port 902 on my local machine or forward port 1902 on my local machine and tell the vmware server console to use port 1902.
That probably made no sense, so here's an example that might work:
Connect to babar, tunnelling port 1902.
plink.exe -L 1902:localhost:1902 dmartin@babar.seattlecentral.edu
Once logged onto babar, connect to prngrabber tunnelling port 1902 to port 902.
ssh -L 1902:localhost:902 dmartin@prngrabber.seattlecentral.edu
Then start vmware server console. In the "Connect to Host" box, in the "Host name" field, type 127.0.0.1:1902 to make it use your ssh tunnel.
I really should write a windows script or something that makes this easier...
Editing the File
Once connected, you need to log into Windows as 'root' or 'prngrabber'. Obviously, you'll need the correct password. Once logged in, you can edit C:\MiniSoft\WS92\empfac.s92. Find the old password by looking at the beginning of the file for something like:
# Log On to HP3K TIMER 300 ONTIMER DIE WAITS "WCTCS/R060:" KBSTRING HELLO DMARTIN, SMENU.P062 KBSPEC HP_RETRNKEY TIMER 300 ONTIMER DIE WAITS " ^Q" KBSTRING XXXXXXXX KBSPEC HP_RETRNKEY TIMER 300 ONTIMER DIE WAITS "e^Q" KBSPEC HP_RETRNKEY
That XXXXXXX will actually be the old password. Then do a search-and-replace to insert the new password anywhere the old password was used.