When Vendors Refuse to Yield

Recently, I worked closely with a specific vendor of client and server side software for multi-location point of sale systems. As the project went on, I became annoyed with the nature of the software because it was not packaged in an installation file or anything of that nature.  To “install” it, the vendor copied the files over the Internet to the point of sale workstation or server back end and into a folder.  Files are then configured by the vendor but the catch is that several of them are password protected.  The most troublesome is a client file that specifies the IP address of the server running the database, SQL Server instance name, database name, database username and database password as well as the IP address for receipt printers.

When attempting an adjustment or upgrade to our network or the machines running this software, it is necessary to contact the vendor and request support to update the password protected files or download them to a new machine.  The only other way to get the software onto another workstation or server is to copy over the folder containing the program files from a machine that already has them.  There is an interesting problem with this – when the folder is moved or copied to a new location, the unique configuration files are reset to null values.  This applies to the configuration file I mentioned in the previous paragraph regarding database connections.  One unconfigured file is enough to prevent the entire software from functioning correctly.

It appeared that there was absolutely no way around waiting on the vendor to respond with support… until today.

A little history on the problem

An organization had two branch offices, each with a point of sale machine and a server running a SQL database.  Additionally, there was another SQL server at the main office that was part of a triangle of replication between the sites.  Due to a slow Wi-Fi based internet connection at each of the two branch offices, replication routinely failed and credit card processing came to a standstill.  The bean counters at the main office were then unable to access current data to know how many beans they needed to count.

The project to rework this broken system included a new wired internet connection procured from a different ISP and consolodating the SQL servers from three to one and locating it at the main office.  The software was to be “installed” on a Windows terminal server but the vendor claimed not to support that configuration. Over a period of twelve months, I convinced them that they were wrong. They only believed me when I finally got it working and then asked me if I could forward them my documentation.

Until we could get the vendor’s cooperation, each point of sale machine ran the software locally and connected over a VPN to the SQL server at the main office.  Initial testing was very positive and the new solution was implemented at one branch office.

We were not prepared for the resulting latency experienced over the VPN. After adding an item to the point of sale shopping cart, it took 13 seconds for the item to display as in the cart.  It took over one minute to process a credit card.  At this point we were looking for an acceptable solution while the branch offices went through inventory in preparation for the start of the season.

Two of the decommissioned SQL servers still had the software and SQL Server 2008 installed (with old IP addresses too).  We planned to backup the current database and restore it to the old server.  Unfortunately, the new server running the current database was using SQL Server 2008 R2 so that was not possible.

I decided the best way to get a compatible server running with the software installed was to make a vhd file of the newly configured database server.  I installed the Hyper-V role on the old server after enabling Hardware Virtualization in the BIOS settings. After configuring the new virtual machine settings, the vhd files were attached.  After transporting the server to the branch office, we adjusted the Cisco router on site to use 10.10.0.x address space instead of 192.168.1.x.  This was necessary if we didn’t want to involve the software vendor to enter their secret code to change the IPs which could take several days to accomplish.  We successfully made that change and the server connected to the router using the same IP address it originally had at the main office which the point of sale client was configured to use.  After testing, it was determined that this was a working temporary solution. Since the second branch office was not set to open for the season until a month later, we thought we had time to complete a terminal server.

I will skip the dirty details of trying to make an application poorly written in Clarion work correctly with non-administrative accounts on a terminal server but the Microsoft Sysinternals suite program Process Monitor came in handy.

What I did to bypass the vendor

I asked the vendor about their uber-secret password several times and was told it was used on every customer’s instance of the software as an administrative maintenance protection. Well, I finally decided enough was enough. After attempting to work with that cranky vendor I decided to take matters into my own hands. I scheduled a maintenance tech to update an IP address on a client station at a branch office. Beforehand, I installed a key logger and tested it on the client machine.

I tried to keep calm during the phone call while the vendor got to work as I knew I had captured their 5 digit secret PIN code. After the call, I verified I had indeed captured the PIN code and I tested it myself. I was able to access the TCP/IP and database connection settings on all clients and the server. This allowed me to finish configuring the software on the terminal server and on the clients without involving this vendor again! Now the IP address of a receipt printer in the client terminal can be modified in 30 seconds instead of scheduling an appointment with the vendor a week in advance. You would laugh if you found out how many tens of thousands of dollars this organization paid upfront and pays for ongoing support of this software.


Posted

in

, , ,

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *