Comment On Please, Don't Log In!

Perhaps they should setup another enterprise system to manage logons to GMV.

Holy... wow. Just wow.

This is soo broken, I don't know where to start.

In any rational system, files are locked while major batch operations are going on. This should prevent most users from getting access.

Failing that, there's usually ways of turning off user access, from sophisticated login profiles, to a $3 Radio Shack timer on the network router.

Whew, got this one just in time! I hope they have some way of measuring where in the batch process the program terminated at least... The real WTF is...that Tom B. has rights to send to All Employees? Then again, if there's no access control for during the batch, why would they bother doing control on emails...

Holy crap.

But I'm already logged in. I never log out. I thought that was the purpose of "Keep me logged in on this computer"....

Makes me want to cry. Super-scabbed-up-fragile-missive-expert-all-i-does-is cry.

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

Maybe they do business internationally. Or maybe the sales guys are trying to get orders in before a commission period ends. It really doesn't matter. This is more like declaring it a WTF that restaurants are closed at 2 AM and catch fire and burn down if anyone unlocks the door at that time.

In this case, it would be like if anyone did access the restaurant between 2am and 6am, the restaurant would not function the next day, or would function in a limited manner that would seriously impact business.

This is a WTF because if you have ever tried to get people to follow commands like these, you know 1-2 of them won't (they stay logged in, keep files open, or left for the day without releasing a database lock), and that's all it takes to bork the whole system. It makes it incredibly vulnerable to accidents, not to mention malicious intent.

Redplague:

[...] is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

Actually, it's more like leaving your restaurant unlocked at 2 AM and then complaining when something enters it and steals something, because after all you did leave a note saying "don't steal anything while we're closed". And what more can you do?

Ok, bad example, but you get the idea..

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

No, this is a nasty WTF that promises even more WTF's. You can be sure the service is implemented very poorly. You can be sure someone, somewhere will need to log in between midnight and 6 AM, as has already happened. You can be pretty sure IT isn't going to fix the problem, since they instead wrote an email.

The real WTF is that the email named the persons responsible. Was that really necessary? I don't subscribe to the "Wall of Shame" theory.

Everyone should be able to make mistakes like that without the harrasments of a BOFH.

I was brought in to resolve a similar issue.

PM: We need a way to stop users from accessing the (Enterprise Application) between 2:00 am and 3:00 am every night.
Me: Here's a script to block the entry point but we need to worry about users that login at 1:59 am (for example). What kind of authentication do you use?
PM: It's a website.
Me: Right, right... Could you ask the chief engineer if you use LDAP, database, HTAccess, sessions, cookies, etc. for authentication?
PM: No, Bob quit.
Me: I see, I'll need to look at the source code then.
PM: We don't have a copy.
Me: OK, I'll have to login to the server and look at it.
PM: You can do that!? See if you can stop the Scheduled Task when you're logged in.
Me: What Scheduled Task?
PM: There is a Scheduled Task that reboots the computer every night at 2:00 am. That's why we need to stop people from using the website. Bob had the only login and password to the server though.

That was one of the first times I made an assumption and allowed him to tell me what solution he wanted instead of what problem he had.

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

Our sales staff who work internationally would have something to say about that. In fact, even when we send out notice a week ahead of time that we're going to be taking down a server for scheduled maintenance at 3AM that *may* affect them working at that hour for about 15 or 20 minutes you wouldn't believe the complaints that end up on our desks.

Honestly, sometimes I think salespeople are worse than little children. But then I remember I have stock and it goes up the more they sell. But I still ignore their petty complaints.

Unfortunately, this isn't anything new for me. Where I work, there are all sorts of batch jobs running all the time. We're supposed to schedule anything that updates the database to run at night (it's generally just reporting during the day) because if a user is logged in, they'll lock the db and the job will sucksplode. It's not an ideal setup, not even a decent one, but it's how the powers that be have it, and we're powerless to change it (we maintain a legacy system for a company that doesn't want to maintain it themselves any longer so they can internally pursue newer technologies, but can't get rid of it because its mission critical)

Sigh.. I need a new job.

webhamster:

Honestly, sometimes I think salespeople are worse than little children. But then I remember I have stock and it goes up the more they sell. But I still ignore their petty complaints.

Also remember that they're paid on commission. If you keep them from selling stuff, you keep them from making money.

They say it's due to an ABEND, but they're just covering up the real truth: if you feed the system after midnight it turns from a harmless little cute furry thing into an evil Gremlin!

I'm not sure what the bigger wtf is... that a modern system needes to be offline like that, or that they hadnt thought to write a short shell script to replace the login page or something during the time their batch process runs.

...:

Redplague:

[...] is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

Actually, it's more like leaving your restaurant unlocked at 2 AM and then complaining when something enters it and steals something, because after all you did leave a note saying "don't steal anything while we're closed". And what more can you do?

Ok, bad example, but you get the idea..

Of course, some-THING will steal something from your restaurant at 2 am. It's Australia. I can see a wombat taking free food right now.

Really, this kind of would stop if more people supported the Developer experience driven class system.

I like how the email mentions the 2 users by name - the obvious subtext being, blame THEM, not US!!

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

I highly disagree. The concept of completely derailing a process of the magnitude that one yields by simply logging in is totally unacceptable. The fact that the application does that is certainly bad by itself, but flaws aside it's not exactly rocket science to lock down a machine. You could buy a home grade Intarweb router at any pc hardware retailer and restrict access at certain times during the day with a nice simple Fisher-Price interface.

I'd consider the fact that the guy "named names" a pretty big business etiquette WTF personally.

I love all of these WTF-experts. Of course this is a WTF! If the system is built so poorly such that a user logging in during a certain time will break something, the system should be preventing that, not a company wide e-mail that will probably be ignored/forgotten.

GrandmasterB:

I'm not sure what the bigger wtf is... that a modern system needes to be offline like that, or that they hadnt thought to write a short shell script to replace the login page or something during the time their batch process runs.

In CGI, assuming GNU date:

#!/bin/sh

echo $'Content-Type: text/html\n'

if (( `date +%H` >= 6 )); then

  cat login.html

else

  cat FOAD.html

fi

bsimmons is a reference to the boston sports guy?
gcarrey is a reference to gym carrey?

silly wild ass guesses are usually right?

AdT:

GrandmasterB:

I'm not sure what the bigger wtf is... that a modern system needes to be offline like that, or that they hadnt thought to write a short shell script to replace the login page or something during the time their batch process runs.

In CGI, assuming GNU date:

#!/bin/sh

echo $'Content-Type: text/html\n'

if (( `date +%H` >= 6 )); then

  cat login.html

else

  cat FOAD.html

fi

One word (depending on browser)

Bookmarks / Favorites

bstorer:

This is more like declaring it a WTF that restaurants are closed at 2 AM and catch fire and burn down if anyone unlocks the door at that time.

The local diner is open 24 hours a day, but they shoot you in the face if you try to order food after midnight and before 6am.

As the french say: "c'est la vie"

Ancient_Hacker:

..to a $3 Radio Shack timer on the network router.

Ah yes.. the ever popular solve a WTF with another WTF.

If you don't agree a $3 timer is a WTF, then you must at least agree it is a WTF in waiting.

Scenario 1: Power failure. The timer will go out of sync.. and of course by the time that happens no one remembers there being a timer on the router (and it isn't documented). They probably don't even use the batch process by now that needs to be "protected", but the few people who have attempted to log in after 12pm haven't complained to anyone that it doesn't work...

We often have to do maintenance activities between those hours, and we just boot users off the system. It wouldn't be that those guys are actually working, would it ? Just left their PC logged in ?

In SQL Server, can do a proc to check processes (SPID) and then do a KILL statement.

Jeez - don't want jobs to fail, and sales, orders don't happen - just eject the users - and go ahead with the job !


[ www.grumpywookie.com ]

There are many places where one would prefer sending an email like that rather than fixing the problem: where change control is so painful that you really don't even start to think about it...

Banks are like that

From wikipedia:

In medicine, a cathartic is a substance which accelerates defecation.

Yep, that about sums it up.

"no sales order updates, no data integrities, no
Master Stock set import, and no backup!"

NO
FUCKIN'
WAY !!!!!!!1111????

Andrew:

Of course, some-THING will steal something from your restaurant at 2 am. It's Australia. I can see a wombat taking free food right now.

A wombat eats roots shoots and leaves.

Where can I find a restaurant where I can do that?

Diamonds:

AdT:

GrandmasterB:

I'm not sure what the bigger wtf is... that a modern system needes to be offline like that, or that they hadnt thought to write a short shell script to replace the login page or something during the time their batch process runs.

In CGI, assuming GNU date:

#!/bin/sh

echo $'Content-Type: text/html\n'

if (( `date +%H` >= 6 )); then

  cat login.html

else

  cat FOAD.html

fi

One word (depending on browser)

Bookmarks / Favorites

That little script just spits out the contents of FOAD.html or login.html, it doesn't redirect. The browser will bookmark the CGI page.

That being said, one word: Cache. :-)

What I find amazing is all the comments here that assume the "GMV" application is either a network or a web site.... Nothing in the story suggests either. In fact, reading the story it seems to me that the "GMV" is a thick-client, database backed application. In which case if the thing is as WTF-ish as it seems there is probably no clean way of specifying operational hours, or denying access during certain times of day. There's your problem....

I've seen tons of crappy apps like this. Especially in the old thick client-server days. An app would grab a database or network resource and hold onto it until it was shut down, making backups impossible. Usually the app developers were stunned to learn people left their machines on at night, logged into the app. Or they couldn't understand the complexities of modern time zones.... Uhg.

-Me

I worked at a place where the web application the sales force used ran with an as/400 as the database server (to a java app of all things) and the as/400 operator would randomly start backups in the early evening. First thing, kill all database processes (db2). This would basically pull out the rug from under the appserver and generate random errors to the sales people (often resulting in corrupted customer data). For years the programmers begged to do something to cleanly allow the app to know when the database disappeared but it was denied. Eventually the as/400 folks convinced upper management to spend hundreds of thousands on an upgrade and a new backup application to "fix" the problem. Problem solved.

Microsoft Visual Source Safe works like this -- if you need to update the repository, you have to manually walk around to each users desk and ask them politely to log off and not log back in until you're done.

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

It's not really much of a WTF that the system has to go down at night. It's certainly not all that rare on older systems. However, it's a major WTF that this company has no safeguards to prevent people from logging in during these hours.

My college had a system (in charge of class schedules, financial statements, final grades, electronic transcripts, etc.) that went down every night for backups and batch processes, similar to whatever this application was...however if you tried to log in you were greeted with a message that said it was down until 6 AM and it almost certainly didn't break whatever processes were going on in the background. This is just a stupid admin (I'm not even going to call him lazy because the 'lazy' thing to do is to spend 2 minutes coming up with a solution to shut the system off at night. After this happened once, you'd think it would have been enough reason to implement this...maybe the guy is a power-tripping loon who just likes calling out users for logging in to his system after-hours against his almighty orders).

> Failing that, there's usually ways of turning off user access, from sophisticated login profiles, to a $3 Radio Shack timer on the network router.

So YOU'RE the one!

I think you'll find that most restaurants lock their doors after they close to keep people from just hanging out in the building and messing things up. Try again. This is WTF.

-:

The real WTF is that the email named the persons responsible. Was that really necessary? I don't subscribe to the "Wall of Shame" theory.

Everyone should be able to make mistakes like that without the harrasments of a BOFH.

This would inspire me to do it again the next day... and the next day... and the next day...

Until they cancel the account or (less likely) fix the crappy software or (perhaps more likely?) they stop mentioning my user name and instead start linking to my coordinates on Google Maps as well as the Yellow Pages on professional assassins. :P

I honestly don't consider this a wtf. I work as a programmer on an "enterprisey" system and we have to prevent users from logging in for maintenance on certain days - not to their computers per se, but into the end user screens. If a user has a record locked in the database, it could prevent us from running certain mission critical nighttime processes. If a user leaves a screen open that we are attempting to update or deploy a new version of, we will run into problems and usually will have to kill their sessions or delay our implementation. Bottom line - I feel it is acceptable to tell users to stay logged out in certain situations.

Vombatus:

Andrew:

Of course, some-THING will steal something from your restaurant at 2 am. It's Australia. I can see a wombat taking free food right now.

A wombat eats roots shoots and leaves.

Where can I find a restaurant where I can do that?

You can do most of that on any restaurant but I do not know how to root. Still I would not recommend the shoot-and-run approach.

Tom B is being quite a dick there, namedropping the users who caused the issue in an e-mail to all users...

and no backup!

That's the funniest bit

Do you need to lock tables when you make a report??? Aaahhhh, ok, is not Oracle... I'm sorry for you ;-)

chris:

Bottom line - I feel it is acceptable to tell users to stay logged out in certain situations.

So are you saying that the WTF described is a certain situation that just happens to occur everyday at the same time?

Redplague:

This isn't really a WTF. Who works in sales between midnight and 6 AM? Unless an employee is out to vandalize the network, it's a non-issue. Saying this is a WTF is like saying is like observing that most restaurants are closed at 2 AM and declaring it a WTF.

One of our sales guys does that. He travels in the morning, pitches in the afternoon, travels back in the evening, spends some time with his family, then he logs in and does his updates. We frequently get emails from him at 2:30 AM.

Vombatus:

Andrew:

Of course, some-THING will steal something from your restaurant at 2 am. It's Australia. I can see a wombat taking free food right now.

A wombat eats roots shoots and leaves.

Where can I find a restaurant where I can do that?

In Australia, presumably..

I think you've missed the point, the WTF here is like saying that the doors of the restaurant are kept open with people cleaning up but when you walk in at 2AM they scream at you for being too stupid to realise that the restaruant is closed.