I've recently been looking into moving my blog away from Blogger and over to a WordPress installation.
There are a ton of options out there to get your head around, but I have finally settled at a SAAS (Software as a Service) option hosted on Amazon's Web Service platform for the time being. I am still trying to get my head around a few things before I do the final migration. I've learnt a few things about WordPress and AWS though and just wanted to document some of them here.
When you spin up the WordPress BitNami instance from the AWS Marketplace during the configuration you are given the option to download an SSH private key that can be used to securely access your environment via an FTP or SSH client etc. This comes in the form of a .PEM file. If you need to connect to your environment to modify configuration files or upload files via FileZilla this is the procedure.
Launch FileZilla
Click on Edit > Settings
Select SFTP
Click on "Add Key File" and select the .PEM file you downloaded during the AWS setup
Click OK
Now click on File > Site Manager
Create a New Site
Within the Host field enter the Public IP address of your instance
Within the Protocol Field select SFTP
Change the Logon Type to "Ask for Password"
Enter "bitnami" as the username
Click OK
When you try to connect you will be asked for a password, ignore this and continue
The WordPress BitNami main directory is located within /opt/bitnami/apps/wordpress/htdocs here you will find the wp-config.php file and all the other usual WordPress files.
I recently came across an error where nodes within a Windows Server 2012 R2 Cluster who stopped being active nodes within the cluster and continually cycled round trying to join again.
We were seeing errors:
Event 1070: Failover cluster nodes must have the ability to start the Cluster service, form a cluster (when a given node starts but no other nodes are up) and join a cluster (when a given node starts and discovers that one or more nodes are already up). This requires that certain conditions be met, for example, failover cluster nodes must run compatible versions of the operating system. Event 1145: Cluster resource <resource> timed out. If the pending timeout is too short for this resource consider increasing the pending timeout value.
Within the event log over and over again.
We did some basic troubleshooting to check network connectivity, configuration etc. One of our troublshooting steps included evicting a node and using the Clear-ClusterNode Powershell command to try and clear any configuration issues on the node. When we tried to add the node back to the cluster we were presented with a new error "Event ID: 7024 The Cluster Service service terminated with the following service-specific error: Keyset does not exist".
We did some more digging and found that the permissions on the folder and files within C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys were largely missing. This is the folder that holds the certificate keys that the cluster uses to connect. Rather than change all the 38 files individually within the folder manually we came up with this wee script:
##This grants ownership of the folder and files below it to the administrator group. takeown /f C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys /R /A
##This grants the System and Administrators accounts Full Access to the machinekey folder and all it's subfolders/files, and removes any inherited permissions icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /INHERITANCE:R /GRANT ("SYSTEM" + ':(CI)(OI)F') icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /INHERITANCE:R /GRANT ("Administrators" + ':(CI)(OI)F')
Once the permissions were set as above we were able to successfully add the node back into the cluster. And all four nodes were active again.
We've all had to lock down a workstation, server or application for security/audit purposes and wondered where to start. I recently stumbled across the Center for Internet Security (CIS) Benchmark program which provides vendor agnostic advice and tools on accessing and improving the security of servers and applications. The CIS program can help public and private organisations to meet compliance standards for FISMA, PCI, HIPAA and a lot more.
Behind the scenes of CIS there is a group of IT security experts who give their time and knowledge to help provide the information and tools that can help to benefit the rest of the IT community.
The CIS provide a Java based assessment tool that you can run on your workstations or servers to assess the potential security holes within them.
Once you download the tool from their website and run it you are confronted by a list of current benchmark standards you can run against your device. In this case I am running the tool against my Windows 10 workstation.
The next screen in the wizard is what profile you want to run against the device. These are security profiles that you can choose from depending on what level of security you are looking to achieve.
The next screen that you encounter is relating to how you would like the results reported to you. You have several options to choose from, I've found the HTML report to be the most useful so far.
Depending on what benchmarks and profiles you've asked to run the tool may take several minutes to generate. Once it has you will have a report that contains information on what your device has passed or failed on and what the implications of any failures are as well as some useful tips on how to resolve.
I recently started to use my home lab after 6months of not having any time to use it and unfortunately I had completely forgotten what I had set the password to on my KEMP Loadbalancer. Thankfully I haven't changed deleted the bal account and was able to use a simple method to get into it again...
1. Log into the KEMP console using the username pwreset
2. Use the password 1pwreset
3. The console will now indicate that the password for the bal account has been reset to 1fourall which you can now use to gain access to your loadbalancer again
KEMP Technologies was founded in 2000 in New York and they specialise in creating load balancing products. They offer hardware, cloud, virtual and bare metal load balancers.
One of the best things about KEMP is the offer a completely free version of their product, it isn't a waterdown version of their product but a fully featured Layer-7 load balancer, with only one drawback, it is throttled to 20Mbps throughput. However the free appliance can be seamlessly upgraded to a paid license at any time.
A KEMP appliance is extremely easy to set up and get running within a virtual environment and can be managed via a web browser session. A great resource available from the KEMP Technologies website is templates to help you configure certain load balancing services, such an Exchange 2010/2013/2016, Microsoft RDS, VMware Horizon View, MobileIron MDM and Dell Wyse VWorkspace to name a few.
With the free version support is limited to the KEMP Community forums, templates and excellent install guides. But this hasn't been a hindrance in the home lab or small office installations I have encountered. However, should you need it there are options you can buy to provide telephone support.
As I'm sure you are all aware MS Ignite this year was held in Atlanta in September for those of us not lucky enough to be there in person Microsoft have kindly put the session online via YouTube so we can view them. With over 1000 sessions it can be a daunting task trying to figure out which ones to watch and which ones not to. I've put together a list of six sessions I really enjoyed watching and think would be of benefit to you guys as well.
Mark has had similar sessions at TechEd and Ignite in previous years and they are always very informative. He gives an insight into how the SysInternals tools can help to troubleshoot issues with malware, error messages, blue screens of death, and much more.
I've been catching up with some of the sessions from MS Ignite via the on demand function and one of the interesting events I tuned into was the "Discover what's new and what's coming from Microsoft Outlook" with Julia Foran, Allen Filush and JJ Cadiz.
Within the session they talked about how they have used customer feedback to help develop a better more intuitive and productive tool.
The new features that should be starting to roll out to Office 365 subscription users in the new few months are as follows;
Focused
They received a lot feedback about the Clutter facility and how emails were getting lost in there when users forgot to check there so they have introduced the Focused view that will help to show a user on opening Outlook the important emails while the not so important emails will go into the Other view. This feature can be seen in this video:
@mentions
Within emails you will now be able to use the @ symbol and then type someone's name to help bring to their attention something in particular within that email. This will be especially useful within emails that have many recipients. It's very like the mentions facility that Twitter and Facebook currently utilise so the hope is that users will be able to adapt to this new feature easily.
Shared Calendars
One of the major issues we're all aware of if we've used calendars within an organisation is that shared calendars can be a pain to set up, access and view. This is set to change. Microsoft have put a lot of effort into developing a better and easier to manage system. The ability for an end user to share their calendar with a colleague has now been simplified and easy to understand. Accepting that invite to be able to view a shared calendar is much more initiative and grants instant access.
It used to be the case that you could only view a shared calendar from your Outlook client and that wasn't reliable all the time, but now you will be able to see your colleague's calendar from your Outlook client, your OWA session, or your mobile device (iOS, Android and Windows). Which is a great move and will be extremely handy for the one the go worker.
The free/busy time availability has also had some development. Microsoft have made it that Outlook will learn the top 50 users that you schedule meetings with and help to populate their free/busy information instantaneously. No more waiting on Outlook to find and display that info which was unreliable, it will now be available immediately, blink and you'll miss it loading! And the even better news is that you will be able to see the free/busy information on the go, so if you are trying to schedule a meeting from your mobile device you will get feedback on your meeting attendees availability there and then.
Others
There are also some other features coming along, which include the ability to see a small preview of any image files you are attaching to emails, so you can see if you're sending the right one.
Outlook will be easier to set up on first run if you have signed into the device with your Office 365 account, which will be music to IT Administrator ears.
If you receive an email regarding flight information or an online order Outlook will render all the useful information; flight number, check in details, tracking number, etc at the top of the email so that it easy to find and see.
The future definitely looks bright for the features and functions of Outlook and I look forward to seeing them rolled out. If you would like to hear more and see these features in action please take a look at the MSIgnite session at https://myignite.microsoft.com/videos/4076
Also if you would like to participate within the development of Outlook please visit Outlook Uservoice and give Microsoft your feedback.
Looking for a laptop backpack is always a daunting task. i-Stay is a UK brand that launched in 2012, part of their brand is a non-slip bag strap that has received commendation from The Royal College of Chiropractors. The non-slip straps have the potential to help users avoid any aches and pains that come with carrying a heavy load.
i-Stay is0402
I have been using the i-Stay laptop/tablet backpack (is0402) for several weeks to travel to and from work. The bag was easily able to accommodate my laptop, charging cables, mouse, mobile phone, pens, notepads, water bottles and wallet with ease. The non-slip straps did their job in helping to secure the backpack on my back/shoulders and it felt quite comfortable with everything loaded in it.
There are various pockets at the front of the backpack to help you store your smaller items in easy to reach compartments. There is also a strap at the back that can be used to hook over your roll on luggage if you were travelling.
As the i-Stay brand is relevantly new it isn't instantly recognisable as a laptop bag, which is a good selling point for a commuter. I did try to fit all my work gear and a change of clothes into the bag and wasn't able to, it's not as large as my Swissgear Synergy.
i-Stay is0402
The i-Stay is0402 is a good bag if you are travelling too and from a regular place of work and the bag feels like a quality product. I would definitely recommend this bag to someone.
If you are still running vSphere 5.0 or 5.1 in your environment, it's time to consider upgrading to 5.5 or 6.0 as VMware will end their general support of 5.0 and 5.1 on the 24th August 2016.
After the 24th August 2016 VMware will no longer issue security patches, updates or bug fixes for vSphere 5.0 or 5.1 which could have a negative impact on your server applications and hardware hosts.
Upgrading hosts within a production environment is never a simple or easy task but it's definitely one you should look into and start planning.
This script enables you to pull together the Name, Primary SMTP Address, Organizational Unit and Last Logon Time information. This information can be useful if you are trying to find out which mailboxes are being used or not. This script has been tested on Exchange 2013 only.
So I've been trying to upgrade a Lenovo v3700 SAN to firmware version 7.5.0.8 this week...
After having no success I logged a call with IBM support and have just found out that there is a bug in the software and they are hoping to get to the bottom of it soon.
So for anyone trying to install "Lenovo-StorageDisk-6099-7.5.0.8", hang fire for the time being.
The Exchange team at Microsoft have issued a warning to customers saying NOT to install .NET Framework 4.6.1 on Exchange servers.
We wanted to post a quick note to call out that since yesterday, the .NET Framework 4.6.1 has been made a recommended update on WU (Windows Update). As we have already stated in the Exchange Supportability Matrix, at this time, this version of .NET framework is not supported by Exchange. In fact, we know of some issues if it is installed.
We are working with the .NET team to ensure that Exchange customers have a smooth transition to .NET Framework 4.6.1, but in the meantime, delay this particular .NET update on your Exchange servers (information on how this can be accomplished can be found in the KB article 3133990, How to temporarily block the installation of the .NET Framework 4.6.1).
Be careful when approving any updates within your WSUS server or deployment system ensurig you do not inadvertently approve the update for your Exchange servers.
The Avision AD230 Document Scanner is a compact desktop scanner that can scan up to 40 pages a minute in 200dpi colour.
This scanner comes with a host of features and software to help meet nearly every office's scanning functions. It can hold up to 80 pages of paper at a time and can support up to US legal paper size.
The scanner can send your scans to your computer in JPEG or PDF format, both in colour or black and white. While also having the ability to scan to email or scan directly to a printer.
I used this scanner in order to send some documents over to my work and the quality and ease of doing so was very good. The quality of the scans were very acceptable as well.
Using the scanner in my small office at home was very good as it didn't seem to over heat my room, cause any additional noise when in standby or was overly loud when in use. It also folded up neatly when not in use so wasn't a burden to have on my desk.
With the scanner you get some software to use, PaperPort SE14 and Avision Button Manager V2 that helped to give you the functionality described above. The software is easy to install, friendly to use without having to read a manual and does with it says on the tin.
If your looking for a robust desktop scanner then this could easily do the job for you. It is currently available from Amazon UK priced at £299
The Avision MiWand 2 Wi-Fi scanner is a hand held scanner that can help you experience the power of a scanner while on the move. The scanner weights around 250g so is lightweight enough to carry around while on the move without it becoming cumbersome.
This portable scanner can provide scanning at a 1200dpi resolution in 24-bit true colour, whilst saving the images as either a JPEG or PDF to the micro SD card (the scanner ships with a complimentary card).
Coming with a rechargable battery, is cost effective in that department. It also has a small 1.8 inch LCD display built in which can provide a small preview of what you've scanned. Given the screen size it can help you determine if your scan has been lined up correctly but cannot help you determine any further detail.
The scanning process is fairly straight forward, after pressing the scan button you just need to start rolling the scan over your document. I did notice that even though the auto-crop function was enabled the device didn't crop off any of the excess edges so I had to edit the JPEG afterwards on my laptop.
Transferring your scans from the MiWand to your laptop or similar device can be done via the inbuilt Wi-Fi. Turning the Wi-Fi on the device turns it into a hotspot that you can connect to via the wireless on from your tablet/laptop/etc. Once you connect your default browser will automatically launch providing you with a website of the scans where you can download a copy. In order to do this you do need to disconnect from your home/office Wi-Fi connection and then reconnect once you have a copy of the scan so it can be slightly cumbersome, however it a good feature to have if you do not have a micro SD reader available.
As someone that travels quite a bit for work to various office the MiWand will come in handy when I have to scan a copy of my receipts to claim on the work expenses or need to scan documents to send/keep a copy of quickly and easily. So for mobile workers this device would definitely come in handy.
I've recently been working on applying retention policies to mailboxes and we've been doing a granular roll-out to the users. I've been using some Powershell commands to track who has the policy applied and who hasn't.
The following command will list all users who have a retention policy applied to their mailbox: