James Preston

For a little while now we’ve had issues with the uniFLOW Server service (version 5.3) not starting in a timely fashion (2hrs+).

After a harrowing tale of working with their support going in circles looking at issues with SQL Server and suchlike we worked out that the issue seemed to be caused by stale files at ‘C:\Program Files (x86)\Common Files\NT-ware Shared\ActiveJobs’ some of which were many months old or 0KB in size.

Ultimately the solution was to stop the Uniflow Service (force quit it using Task Manager if it’s still in a broken ‘starting’ state) and then delete the contents of that folder with the exception of the readme_activejobsfolder.txt file (which mentions that you shouldn’t do anything to these files!) and then start the uniFLOW Service service (which started up in a few minutes).

While provisioning some new Ruckus R510 WAPs onto our SmartZone 100 (5.0.0.0.675) we’ve had a number of cases where the WAPs will reboot for their firmware update but will not proceed beyond that point. In particular the PWR and CTL lights stay lit but the radio lights do not come on at all.

Looking in Access Points > Affected WAP > More > Tunnel Diagnostics (we’re using AP tunnelling) I note errors along the lines of

ifconfig: gre1: error fetching interface information: Device not found

cat: can’t open ‘/proc/rksgre/gre1/stats’: No such file or directory
cat: can’t open ‘/proc/rksgre/gre1/cache’: No such file or directory
cat: can’t open ‘/proc/rksgre/gre1/cfg’: No such file or directory
cat: can’t open ‘/sys/kernel/debug/qca-nss-drv/stats/*’: No such file or directory

The solution thus far has been pretty simple – factory reset the WAP by pressing and holding the RESET button in the back for 6+ seconds. It’ll go through a process of about 5-10 minutes and thus far have been coming back in a functional state.

Normally the little 8 (well 10 if you include the ‘uplink’ ports) port switches we buy end up under a desk or on a shelf but for a one off we’ve got one going in a comms cabinet. Quite luckily the HPE Aruba 2530-8G come with the ears in the box to do this (I recall seeing some models of switches with this being an additional item or needing a special shelf).

You’ll still need a place to keep the power supply but that’s nothing a few cable ties can’t sort!


Today I had the pleasure of presenting at the Oxford ICTF Conference on Multi-Factor Authentication and Password Stores with Smart Cards and YubiKeys, the video recording is online now here – https://youtu.be/WGtCxS2YFNA and the presentation can be downloaded through the link below.

A special shout out goes to the Yubico press office for providing a set of YubiKey 4s, YubiKey NEOs and Security Keys which helped fuel a very lively Q and A session!

  Presentation.pdf (5.5 MiB, 77 hits)

Yes! Yes it they do!

In preparing for a presentation to some peers in the wider IT community tomorrow I have access to some YubiKey Neo authentication keys; in doing some extra reading up on the keys I thought – I wonder if these work with the MIFARE readers (note that these are MIFARE readers not the proprietary Paxton only readers) that are part of our Door Access Control system.

Lone behold they do; in the revision of the keys we have it’s a NXP MIFARE Classic 1k chip.

Recently I was inspired to take on some more information about routing and the associated protocols. To help support that I’ve gone and bought a Mikrotik RouterBoard hAP ac from Amazon (along with a RouterBoard hAP Lite). I hope to kick out a few blog posts on it along with my learning points over the next few days/weeks.

In the meantime enjoy the photos!

Having recently changed from using PowerShell ISE to VS Code I’m still discovering all the super awesome new features of it (be sure to get a copy of the Keyboard shortcuts from this page – https://code.visualstudio.com/docs/getstarted/keybindings). To get started I’ve changed the default new file language to PowerShell (not that you can’t change it to anything else though!).

To do this follow the short guide in the screenshots adding in the line shown in the gist below.

In putting together a small RDS (Session Based) environment on Server 2016 today today I kept running across the error message below during the installation.

Failed: Unable to install the role services.

After much back and forth between forums and event viewer it turns out our default policy to disable TLS 1.0 on servers was the issue. Enabling TLS 1.0 (through the registry or with the fantastic IIS Crypto – https://www.nartac.com/Products/IISCrypto) ended up sorting the issue for us.

Thanks to the organising committee of the (Oxford and Cambridge) College IT Conference 2018 held at the RAF Museum (Hendon) for the invite to talk about PowerShell and Server Core! As promised the video from the presentation is now up on YouTube; in addition the slides as PowerPoint and PDF can be seen below.

  Presentation (PowerPoint) (28.5 MiB, 161 hits)

  Presentation (PDF) (4.9 MiB, 164 hits)

30/03/2018 Update

Microsoft have published this blog post – https://cloudblogs.microsoft.com/windowsserver/2018/03/29/windows-server-semi-annual-channel-update which clarifies the difference between the Long-Term Servicing Channel (Server 2016/2019/so on) against the Semi-Annual Channel. Do have a read!