As noted in the Phonebook registration instructions, it is very difficult (if not impossible) to change a BlazerID/Phonebook alias once it has been set. The BlazerID is used for authentication by a number of services, as well as the forwarding mechanism for your @uab.edu e-mail. If your BlazerID changes, then all these services have to be changed as well; and all e-mail to your former @uab.edu address becomes undeliverable, creating headaches for your correspondents and the maintainers of any discussion lists to which you belong. If you simply desire a new @uab.edu address, you can accommoplish this by registering a mail-only alias, as described here.

Published in FAQ - Infrastructure

Setup Autodiscover for Outlook 2007 while on the UAB domain

  1. Open Outlook 2007. If the Outlook 2007 Startup Wizard displays automatically, on the first page of the wizard, select Next.

  2. Then, on the E-mail Accounts page of the wizard, select Nextagain to set up an Email account.

  3. On the Auto Account Setup page, Outlook will try to automatically fill in Your Name and Email addresssettings based on how you’re logged on to your computer.

     

  4. After you select Next on the Auto Account Setuppage of the wizard, Outlook will perform an online search to find your email server settings.

     

  5. This is what you will see when it finds the information about your Account automatically. Select Next.

     

  6. You will now be able to select Finish and open Outlook.

 

Setup Outlook 2007 while NOT on the UAB domain

  1. Open Outlook 2007. The Startup Wizard will display automatically. On the first page of the wizard, select Next.

  2. On the E-mail Accounts page of the wizard, select Nextagain to setup the account.

  3. Finally, just above the Account Settings button, select Add Account. You will see the Auto Account setup page. You will need to enter information for the fields Your Name, Email address (i.e. This email address is being protected from spambots. You need JavaScript enabled to view it. ) and Password (BlazerID). Once all information has been entered, select Next.

NOTE: If you are not sure if you are on the UAB domain, please check out our FAQ on how to determine that.

Published in FAQ - Infrastructure
January 01, 2012

Email Best Practices

  • Use our tested clients and browsers - The clients that have been tested and approved for working with Exchange 2010 are Outlook 2003, Outlook 2007, Outlook 2010, and Outlook 2011 for MAC using Exchange. Mozilla Thunderbird, Apple Mail, and Windows Mail have been tested using SSL IMAP and SSL POP3. Other mail clients have not been tested but may work using settings similar to those published above. OWA web-based mail has been tested on the latest versions of Internet Explorer, Firefox (Windows and OS X), Safari (Windows and OS X), and Chrome (Windows and OS X).
  • Use Autodiscover but verify - Autodiscover automatically configures user profile settings for clients running Microsoft Office Outlook 2007 or Outlook 2010, as well as supported mobile phones. Other clients may support a form of Autodiscover for setting up your email account but in our testing you might have issues with pulling and sending your email. So, the best practice is to verify proper settings before you use the client.
  • Use cached Exchange mode or non-cached Exchange mode - Laptops should run in cached Exchange mode; desktops should run in non-cached Exchange mode.
  • Wipe data from lost smartphones in Outlook Web App - If you lost a mobile device for which you had Active Sync setup, you can log into OWA (https://mail.ad.uab.edu) to wipe it (Options > Mobile Device > Wipe all devices). If you are not in a situation where you can access Outlook Web app, call the AskIT helpdesk immediately at 996-5555.
  • Wipe data from IPhones, Ipads, and other Apple devices – You can do a remote wipe on your Mobile Me account by going by to this Help Article: Mobile Me remote wipe for IPhone. Otherwise, call the AskIT Helpdesk immediately at 996-5555.
  • Signature blocks - It is important to keep email signatures brief and professional (i.e. no graphics and no unusual fonts).
  • Avoid performance issues with your email client – To avoid issues with emails not being sent/received and performance issues in your email client of choice, we recommend following a weekly or monthly clean out of your email to make sure you do not have any issues. There is a FAQ to help you in looking at issues with email overflow.
  • Use Outlook Out of Office Assistant - To set up an out of office reply, it is best to use the Out of Office Assistant (Tools > Out of Office Assistant). The Out of Office Assistant is also now available through Outlook Web Access (Options > Out of Office Assistant). If you have questions, contact AskIT (205-996-5555 or This email address is being protected from spambots. You need JavaScript enabled to view it. ).
  • Use Resource accounts and entity aliases for functions rather than personal accounts - Contact AskIT (205-996-5555 or This email address is being protected from spambots. You need JavaScript enabled to view it. ) if you need to set up a resource account. To setup your Entity aliases, you will need to talk with the departments’ Bluepage administrator. You can find your Bluepage admin by going to http://www.uab.edu/directory and typing in your Department name in the search field and enter. Then select directory contacts to find the person that does the editing and creating of entries in your department.
  • Consider shared calendars - For management of calendars among multiple individuals, users should set up a distribution list and add the individuals to that list. That distribution list can then be added as a delegate for the calendar.
Published in FAQ - Infrastructure

No anti-spam technology is 100 percent effective.  If a spam or phishing message gets through the spam filter, you can report it to AskIT and we will help use it to improve the spam service.

Please note that these instructions refer to the original spam message.  The instructions must be followed by the recipient of the original spam message.  Forwarded copies are often unusable regardless of how they are saved.  Follow the instructions below to save a copy of the message in its original format. Note:  Some versions of Outlook offer two options to save an .msg file - one is "Outlook Message Format," the other is "Outlook Message Format - Unicode." You should not select the unicode format, as this could cause problems when you save and submit the file.

Microsoft Office Outlook 2007/2010

  • 1. Open Microsoft Office Outlook.
  • 2. Double-click to open the email message that you want to save.
  • 3. From the File menu, select Save As.
  • 4. The Save As pop-up window displays. Select Outlook Message Format from the Save as Type drop-down list.
  • 5. Select the folder in which you want to save the message. Note: the file name is provided by default. You can change this if you would like.
  • 6. Click Save. The message is saved with an .msg file extension.
  • 7. Right-click the saved .msg file(s), and click 'send to compressed folder' (.tar, .tar.gz, and .zip formats are acceptable). Note: You must compress the file before sending it as an attachment.
  • 8. Create a new mail message and send the saved message as an attachment to This email address is being protected from spambots. You need JavaScript enabled to view it. with a subject of "Spam Report."

Microsoft Outlook Express

  • 1. Open Microsoft Outlook Express.
  • 2. Double-click to open the email message that you want to save.
  • 3. From the File menu, select Save As.
  • 4. The Save Message As pop-up window displays. Select Mail (*.eml) from the Save as type drop-down list.
  • 5. Select the folder in which you want to save the message. Note: the file name is provided by default. You can change this if you would like.
  • 6. Click Save. The message is saved with an .eml file extension.
  • 7. Right-click the saved .eml file(s), and click 'send to compressed folder' (.tar, .tar.gz, and .zip formats are acceptable). Note: You must compress the file before sending it as an attachment.

Apple (Mac) Mail

  • 1. Select the message you want to save.
  • 2. From the File menu, select Save as ...
  • 3. In the pop-up window, select the format Raw Message Source
  • 4. Save with a file name including a .txt or .eml extension
  • 5. Right-click the saved .txt or .eml file(s), and click 'send to compressed folder' (.tar, .tar.gz, and .zip formats are acceptable). Note: You must compress the file before sending it as an attachment.

Other Mail User Agents

Save the email that you want to report as a text file. Make sure that the message is as close to its original format as possible.  Your mail client might allow you to save rendered text, as well as the original source -- it is the original "raw source" that is needed. Make sure the original email headers are intact and included in RFC-822 format.  Typical file name extensions are .eml and .txt

Published in FAQ - Infrastructure

ActiveSync Setup Procedure 

For Android, iPhone, Windows Mobile, and other devices


With most mobile devices, you will need to adjust specific settings to set up ActiveSync/Exchange. These settings are interchangeable on any device you have that uses ActiveSync to integrate your email.


The settings are:

  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Password: your Blazerid password
  • Server: mail.ad.uab.edu
  • Domain: UAB
  • Username: Blazerid
  • SSL: turn this setting on


Please follow the instructions that correspond with your mobile device type (Android, iOS, or Windows mobile phone) to complete email setup for your operating system.


Android

  1. Open your Applications.
  2. Select Settings.
  3. You should see Accounts or Accounts & Sync depending on your exact device. Select one.
  4. Select Add Account.
  5. You should now see an option for Corporate or Exchange or ActiveSync/Exchange. Select one.
  6. You will now see the field's Email Address (e.g. - This email address is being protected from spambots. You need JavaScript enabled to view it. ) and Password (e.g. - BlazerID password). Enter those now, and select Next. You may need to additional information if the phone cannot be set up automatically. Additional info:
    1. Exchange mail server: mail.ad.uab.edu
    2. Username: blazerid


iOS (iPad/iPhone/iPod)

  1. Select Settings.
  2. Select Mail, Contacts, and Calendars.
  3. Select Add Account.
  4. Select Microsoft Exchange.
  5. You can now type your Email Address (This email address is being protected from spambots. You need JavaScript enabled to view it. ), Username (BlazerID), and Password (BlazerID password).

Windows Mobile Phone

  1. On Start, scroll left to the applications list, select Settings, and then Email & Accounts.
  2. Select Add an account > Outlook.
  3. Select the Email address box, and then type your This email address is being protected from spambots. You need JavaScript enabled to view it. for your Exchange Server email account.
  4. Select the Password box, and then type your BlazerID password.
  5. Select Sign in.

 

Published in FAQ - Infrastructure
January 01, 2012

Secunia PSI

Secunia PSI is a security tool designed to detect vulnerable and outdated programs and plug-ins. These vulnerabilities expose your PC to attacks which are rarely blocked by traditional anti-virus due to the fact they exploit programs already on your computer and are therefore increasingly "popular" among criminals. Order/Download Now

The only solution to prevent these types of attacks is to apply security updates, commonly referred to as patches, to every piece of software and plugin on your system. Finding and applying these patches is a tedious and time consuming task. Secunia PSI automates identifying vulnerable software and alerts you when your programs and plug-ins require security updates. Secunia PSI will also alert you when software reaches the end of a support life cycle and may require an upgrade.

Note:  The default installation of the PSI client automatically updates Java and will automatically install updates that may cause incompatibilities UAB systems including Blackboard Vista, Oracle HR/Finance, and Banner.  

There are two methods of configuring PSI and working with automatic updates.  Please choose the appropriate one.

  1. Update Approval before Automatic Updates (Risk is not reviewing Secunia)
  2. Automatic Updates and ignoring Java (Risk is ignoring java)

Update Approval before Automatic Updates

Execute the PSI installer, click Next and then accept the License Agreement.

On the screen marked "Auto-Update Configuration" check the box "Require user-interaction before each Auto-Update"; click Next.

Click Next through the remainder of the install screens and click "Finish."

After installer finishes launch the PSI client.

The client will immediate start a scan.  Close the popup and wait for the scan to finish.



Scan results will likely show that there are insecure programs present.





Approving Updates

For software that has pending updates.  Those updates can generally be applied by left clicking the Approve Update link at the right hand side of the scan results page.  Sometimes the software cannot be automatically updated and will require the user to download and install the update manually.  In this case, clicking the update link will direct the user to the appropriate website to download the patch.

Ignore Java Updates and allow unprompted automatic updates

This configuration can leave Java as a risk that will never be identified.  However, it will automatically update many packages without user interaction.

Execute the PSI installer, click Next and then accept the License Agreement.

On the screen marked "Auto-Update Configuration" check the box "Require user-interaction before each Auto-Update"; click Next.

Click Next through the remainder of the install screens and click "Finish."

After installer finishes launch the PSI client.

The client will immediate start a scan.  Close the popup and wait for the scan to finish.



Scan results will likely show that there are insecure programs present.

View the scan results and take note of the location of the unpatched version of java and any other programs that should not be automatically updated.

Expand the Configuration menu on the left and select “Settings.”

Select the “Ignore Rules” tab at the top of the configuration screen.

Select “Create Ignore Rule” and name it java (or whatever program needs exclusion). Enter the location to the program in the box labeled “Rule Path”.

Clicking OK should immediately exclude the program from the scan list.

Finally, re-enable auto-updates for all programs that are not excluded. Select the PSI Settings tab and uncheck “Prompt before running automatic program updates.”

The computer will now update installed software automatically.

You have been directed to this page to help troubleshoot a problem with using your BlazerID and password credential.  If you were going through the password reset process when sent to this link, the system determined you likely know your password already, so resetting it will not resolve the problem.  Please review the information on this page, to see if it helps.  If you continue to have difficulty using your BlazerID, you may either return to the password reset process, or you can call us at 205-996-5555 or visit the AskIT support page at www.uab.edu/askit to open a trouble ticket.  You may also chat with a technician through the support page, or review our FAQs and other online resources for further guidance.

Did you create your BlazerID today?  If so, it may have not had time to be loaded into all of the online systems.  We generally recommend that you wait at least one hour before trying to access administrative or e-learning systems.  In some cases, it may take two or more hours, or even overnight for your credentials to be fully processed.  It cannot hurt to continue working through the rest of this page, but keep the delay in mind.

Verify your BlazerID and password.  Open the "Activate Accounts" page https://idm.blazernet.uab.edu/bid/syn and submit your BlazerID and password there.  If it returns a Success screen, then any login problem you are having is definitely not caused by a bad password.  It is possible that the Activate process may have resolved the problem you were having with your BlazerID/password, so you should try logging in again now.  If it still does not work, then continue reading below.

If the Activate Accounts screen failed: then you either entered an incorrect BlazerID or password.  To verify your ID, open and submit the "Do I Have a BlazerID" page https://idm.blazernet.uab.edu/bid/doi  - if that returns the expected result, then you probably need to return to the password reset process, or open the "Change BlazerID Password" page https://idm.blazernet.uab.edu/bid/pwd to initiate it.

ALL SECTIONS FROM HERE ON ASSUME THE ACTIVATE ACCOUNTS SCREEN WAS SUCCESSFUL

Unable to access the BlazerNET portal (blazernet.uab.edu)

The most common problem with logging into BlazerNET is that you must be an incoming, active, or recently active employee or student in order to access it.  If you were admitted as a student today, or are a recent hire (see Oracle section below), then it may take overnight for the system to recognize you as being active.  If you are an alumni who needs a transcript, please visit http://www.uab.edu/transcript instead.

Unable to access Blackboard Learn e-learning system (www.uab.edu/bblearn)

You will not be able to access your courses until the first day your class begins.

Unable to access the Oracle Administrative System (HR & Finance)

If you are a recent hire (new UAB employee), then all paperwork must have cleared and all workflow steps must have been completed so that you are officially an active employee.  If your paperwork completed today, then it will probably be tomorrow before you can log in to Oracle (or BlazerNET).

Published in FAQ - Infrastructure

 

Mac OS X Lion – FileVault (Whole Disk)

The official Apple support article can be found at: http://support.apple.com/kb/HT4790

PGP Warning!

When Lion is first installed, the hard drive is separated into a utility partition and an OS partition. Because of the way that PGP works, it is expected to break when partitions are manipulated and therefore users are discouraged from upgrading to Lion if PGP is installed or if the disk is encrypted with any other software.

Using FileVault

In the Lion operating system Apple’s FileVault has been upgraded to a full disk encryption solution, as opposed to the protected Home directory that was used in previous versions of the operating system. To enable FileVault, open the System Preferences application and click on the Security & Privacy menu.

If you decide to turn on FileVault, you will first receive a recovery token that can unlock the drive in the event that your password doesn’t work. The recovery key should either be stored in a safe place, or sent to Apple for safe keeping.

 Recovery Key

If you choose to send the whole disk recovery key to Apple, you must create three security questions that are used by Apple to encrypt your recovery key. The answers are case sensitive so be sure to type them just as you would remember them.

Recovery Key Storage

Immediately after the recovery token options are set, the system will reboot and a valid passphrase will be required in order to unlock the drive and start the operating system. When you sign back in to Mac OS, you will receive a dialog like the one below that attempts to estimate the time remaining on the drive encryption.

Drive Encryption Time

Retrieving your recovery key from Apple

If you forget your login password for an OS X Lion FileVault-encrypted drive, and you had chosen to store your recovery key with Apple, you may contact AppleCare and request retrieval of your recovery key. Typing in the wrong login password three times will produce a note under the password field which states, "If you forgot your password, you can… …reset it using your recovery key."

Click the triangle-button next to that message to reveal the Recovery Key text field (which replaces the password text field) and AppleCare contact information, along with your computer's Serial Number and a Record Number. You will need to provide these two pieces of information in order for AppleCare to retrieve your recovery key.

Upon successful retrieval and entry of your recovery key, you will be prompted to change your login password. After changing your login password, it is also recommended that you change your FileVault recovery key and upload the new one to Apple.

Changing your recovery key

In the Security & Privacy system preference, under the FileVault tab, click "Turn Off FileVault…" to disable FileVault. After FileVault is off, FileVault will begin to decrypt your drive. Once decryption is complete, you'll be able to click the "Turn On FileVault…" button. Doing so will allow you to enable unlock-capable users, will show you a new recovery key and will give you the option of sending this new key to Apple. The old key sent to Apple will not be able to unlock your newly-encrypted disk. If you need to retrieve your recovery key from Apple, only the new one will be retrieved based on the Serial Number and Record Number displayed to you in the login window.

Migrating a FileVault-protected Home from an earlier version of Mac OS X

If you are using FileVault in Mac OS X v10.6 Snow Leopard, you can install OS X Lion and continue to use your FileVault-encrypted home directory in the same way you did in Snow Leopard. OS X Lion considers your earlier version of FileVault encryption to be "Legacy FileVault". With a Legacy FileVault encrypted home directory, opening the Security & Privacy preference pane will cause the following dialog to appear, alerting you that "You're using an old version of FileVault":

 Legacy File Vault

You may continue to use OS X Lion with Legacy FileVault, but you cannot enable Legacy FileVault for other user accounts in OS X Lion. If you turn off Legacy FileVault, the Legacy FileVault tab will disappear and you can then choose to enable OS X Lion's FileVault 2 (disk encryption).

Encrypting Time Machine

Time Machine works properly on Lion, but more importantly it allows you to encrypt the backup. Once a drive has been prepared and encrypted in Lion, it can’t be mounted on any operating system that’s older than Lion because of the encryption.

Encrypting Time Machine

 

Encrypting Time Machine

Published in FAQ - Infrastructure