On Tuesday, April 7th, ALA Connect will be down as we begin the process to implement ALA’s Shibboleth single sign-on integration. Because we’re also migrating user data from Connect to iMIS (our Association Management Software that stores all of our member data), it’s a more complex process than just changing the login, which is why it will take 24 hours to complete all of the steps.
Note that this also means the 2015 Annual Conference website will also be down during this same timeframe.
Starting around 11am CDT on Tuesday, April 7th, Connect will be down while we begin the work. It will take several hours for the large amount of user data to synchronize into iMIS and make sure everything is working properly. Once we have the all clear, Connect will come back up on Wednesday, April 8th, probably around noon Central Time. We’ll then begin implementing Shibboleth, which will go live on Thursday, April 9th.
Your best bet to track our progress and get updates is by checking the @ALAConnect Twitter account, but you can also leave a comment/question here or email me (Jenny) at jlevine [at] ala.org.
We’re confident everything will go well, but we’re still accepting your well wishes and crossed fingers. See you in Shibboleth soon!
Last night, several security patches were released for Drupal and several modules. I will be working on getting these fixes applied today. The site may be slow at times or experience various performance issues throughout the day today.
Sympa is once again having severe delays. It appears that the current delay is 2 hours, but I expect it to get worse as the day goes on and lists become more active. We are actively working to put a permanent solution in place.
Secure connections to web servers have relied on the SSL and TLS protocol suites for years. The recently discovered POODLE attack has demonstrated that SSLv3 is insecure. The ALA team will have disabled SSLv3 on all of our web servers by the end of the day. We do expect some customer impact from disabling SSLv3. Some older browsers do not support the newer TLS protocol suites or have SSLv3 enabled in their browser settings by their IT departments. Some older browsers trying to reach our websites will error out with a message saying
“This webpage is not available. The webpage might be temporarily down or may have moved permanently to a new web address. Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH.“
To fix this problem, you may have to disable SSLv3 in your browser settings, enable TLS v1.0 in your browser settings, upgrade your browser to the latest version, or contact your IT department if they control your browser installation or settings.
To address industry wide security vulnerabilities, we will be temporarily disabling website logins starting at 4:00PM CST on Friday November 21st. Functionality should be restored by 5:00pm.
Once this change has been made some older browsers will be unable to login to our websites. Affected users must use a more modern browser.
There is a critical security update for Drupal that we will be rolling out tomorrow morning at 9:30am. There will be a rolling outage where a single microsite will be put into maintenance mode while the update is installed, then it is taken live after it completes. Then it will proceed onto the next microsite and repeat the process. During testing, this maintenance window has been roughly 90 seconds per site.
Our Postini spam detection software is being replaced on December 10th, 2014. To make a new solution for spam detection possible, a change in our email routing is required for ALA’s mailing lists.
Effective Thursday, November 13th, 2014, all mailing lists will have a slightly different address: email@example.com. For example, firstname.lastname@example.org will become email@example.com, firstname.lastname@example.org will become email@example.com, etc.
This means that starting on November 13th, all messages to an ALA mailing list will need to be sent to the list’s new @lists.ala.org address.
We know this is a major communication change, so please help us spread the word.
This evening, the ALA website and all microsites will be put into maintenance mode for a critical Drupal update. The outage will begin at 7pm, and I anticipate that they will be back up at 8pm. This outage will not affect blogs, wikis, Connect, nor Moodle.
Due to an issue with a function in the new IMIS upgrade, a small number of accounts have been unable to login to the website. We have resolved this issue, and all accounts should be able to login now. Users that were having problems may need to clear their browser cache and cookies. Anyone that is still having issues logging into the ALA website through Shibboleth, please enter a TrackIT ticket with a detailed report of the problem. Thank you.
The ITTS Strategic Technology Directions Report Update Fall 2014EBD#12.4 provides an update on major projects in the ITTS Strategic Directions 2014-2017 Directions Report sent to the ALA Executive Board in April 2014. The summary blog post and links to the full April 2014 ALA Executive Board report can be found on the ITTS blog at http://itts.ala.org/news/2014/05/16/ala-strategic-technology-directions-2014-2017-technology-roadmap/