In this new blog post series I’ll be looking at (normally a selection of 3) cool articles, news and other blog posts that I find interesting during the day. For this week we have PowerShell tricks, a detailed article on securing the Windows Firewall and an (old but very interesting) write up on the woes of network administrators when everything goes wrong.
PowerShell tricks: Splatting
New to me (always learning!) this trick allows you to populate the parameters for a PowerShell cmdlet in a table (makes for much neater formatting) to then pass into the cmdlet as a single object.
Endpoint Isolation with the Windows Firewall
The Windows Firewall may seem like a bit of a beast from time to time but this article makes some great points on how to build out a set of secure policies that can apply to pretty much any environment.
All systems down
A true disaster story – quite old (2003) but really worth a read to see what lessons you can take home.
Bit of a crazy issue when deploying a new Ruckus wireless network – in first suspecting an issue with the controller software or perhaps some kind of access control list blocking traffic it turns out that the default Windows Firewall rule for allowing NPS traffic is broken in some fashion.
Having tried this (and it working fine) on Windows Server 2012 R2/2016 it really does appear to be isolated to Server 2019.
Discovering this came about with a few traffic captures combined with the wonderful NTRadPing tool. The fix is to manually create the rule, see the screenshots below on how to do this.
A bit of an odd post but given this bag is proving so very handy I thought it worth it!
Having started a new job at the beginning of the year it was evident that I would need to carry around a bit more kit with me than previously, with Christmas just around the corner it was the perfect time to do a little research into cable organiser bags. After a fair bit of time on Amazon I came around to the BUMB Cable Bag in the ‘small’ size –
https://www.amazon.co.uk/Cable-Electronics-Accessories-Organizer-Handle/dp/B01FCZUWNM.
After 3 months of use this bag has really proven itself with a others in the office ending up buying one as well! In particular I’ve liked-
- The durable material and zips, haven’t had a jam or any sign of damage in daily use
- The bright colour trim around the edge of the bag – goes well with the yellow/gold interior of my laptop bag making it super easy to see at night
- The big loop on the side making it easy to grab ahold of when jammed in amongst all the other kit in my laptop bag
- All the interior pouches are big enough for the cables I have
It’s always a pleasure to run a presentation and at this years Oxford and Cambridge Colleges IT Conference has definitely been one of the highlights covering a new hobby – running all kinds of IoT applications on the ESP8266 micro-controller.
When running CLI commands against an HPE Aruba (previously ProCurve) switch that have long outputs you have likely encountered the line below.
— MORE –, next page: Space, next line: Enter, quit: Control-C
Although handy – on occasion you might need to turn this off. To do so simply run the command (no need to be in config mode for this) below.
no page
Note that this will only turn off paging for the current session so if you log out or reboot the switch you’ll need to run the command again. Equally so to turn paging back on simply run the command below.
page
While iterating through an issue with our Ruckus SmartZone (with Ruckus R510 Access Points) controllers I was looking for a way to see when the Access Points had applied the new configuration; lone behold it’s quite easily done through both the CLI and the GUI.
Anyone who has used the new SmartZone controllers will know all too well that’s it’s not the fastest GUI to work with – thus if you have the option I’d suggest you go with the CLI method which is very responsive (and much more consistent!).
Via the CLI
Via the GUI
So over the last few hours I’ve been making some config changes to our Eaton UPS Network Management Cards that require the magical ‘Reset Communication’ button to be pushed in the web interface (one day I must get the management software!). To help speed up the process (or at least know when I should reload the page) I timed the process; so as more of a reference to myself than anything else the results are…
Web interface will respond and provide an authentication prompt: About 2 minutes 10 seconds after button push
Web interface will display all UPS data: About 2 minutes and 30 seconds after button push
After a great many years since Custom RemoteFX RDS Farm it’s time for something new! After much discussion and looking at the working practices at my current place of work we’ve decided to go all in with RDS and to support that we’ve got 3 new servers to run it on.
2x 1U rack mounts to go in our main server room with 1x tower for our DR room.
Photos below!
For a little while now we’ve had issues with the uniFLOW Server service (version 5.3) not starting in a timely fashion (2hrs+).
After a harrowing tale of working with their support going in circles looking at issues with SQL Server and suchlike we worked out that the issue seemed to be caused by stale files at ‘C:\Program Files (x86)\Common Files\NT-ware Shared\ActiveJobs’ some of which were many months old or 0KB in size.
Ultimately the solution was to stop the Uniflow Service (force quit it using Task Manager if it’s still in a broken ‘starting’ state) and then delete the contents of that folder with the exception of the readme_activejobsfolder.txt file (which mentions that you shouldn’t do anything to these files!) and then start the uniFLOW Service service (which started up in a few minutes).
While provisioning some new Ruckus R510 WAPs onto our SmartZone 100 (5.0.0.0.675) we’ve had a number of cases where the WAPs will reboot for their firmware update but will not proceed beyond that point. In particular the PWR and CTL lights stay lit but the radio lights do not come on at all.
Looking in Access Points > Affected WAP > More > Tunnel Diagnostics (we’re using AP tunnelling) I note errors along the lines of
ifconfig: gre1: error fetching interface information: Device not found
cat: can’t open ‘/proc/rksgre/gre1/stats’: No such file or directory
cat: can’t open ‘/proc/rksgre/gre1/cache’: No such file or directory
cat: can’t open ‘/proc/rksgre/gre1/cfg’: No such file or directory
cat: can’t open ‘/sys/kernel/debug/qca-nss-drv/stats/*’: No such file or directory
The solution thus far has been pretty simple – factory reset the WAP by pressing and holding the RESET button in the back for 6+ seconds. It’ll go through a process of about 5-10 minutes and thus far have been coming back in a functional state.
Has this page helped you? Was it worth the cost of a Coffee? If so click here to donate £1.80 to the myworldofit.net coffee fund via PayPal.