Categories
Servers

DPM 2019 – Invalid Product Key

While installing System Centre Data Protection Manager 2019 (DPM 2019) and setting your product key, you might get an error message:

The DPM product key is invalid. (ID: 858)

Enter a valid DPM product key.  The product key is locate don the back cover of the data protection manager product DVD

We’ve found that if you have copied the key from MVLS or similar and then pasted directly into the setup, it fails with the above error. If you simply type the same key instead, it works fine!

Categories
Uncategorized

Setting up a VirtualBox dev environment

This article runs through the process of setting up a VirtualBox dev box on Windows host machine.  It was written with Laravel in mind, but the steps should apply to most circumstances. I don’t go into actually installing Laravel, there are plenty of guides out there for that!

Mainly I wanted to achieve:

  • Ubuntu 64bit virtual machine.
  • A networking environment that would work regardless of the network I was conected to.
    • One network to allow the VM to access the internet
    • One network that would have a statically assigned IP that I could connect to from my host machine (SSH, HTTP, etc.)
  • Shared folder that auto mounts, configured to allow me to access the dev files directly on my host machine.

Setting up the Virtual Machine

I assume you are capable of setting up a basic Ubuntu Virtual Machine, the only difference to the defaults are the networking options.

Set up a basic Ubuntu Virtual Machine, I used the 64bit build, but that isn’t specifically required.

Set “Adapter 1” attached to to “NAT”.  Enable “Adapter 2” and set attached to to “Host-only Adapter”.

Configuring the network adapters

Once you are at the CLI run:

sudo nano /etc/network/interfaces

and to the end of the file add:

# Host-only Network
auto eth1
iface eth1 inet static
address 192.168.56.2
netmask 255.255.255.0
network 192.168.56.0
broadcast 255.255.255.255

and then reboot.  You should now be able to ping the box at 192.168.56.2.  If not check the config for your Host-only network and adjust the IP address as necessary.  If you are going to run multiple boxes at the same time adjust the address to avoid conflicts.

It might be a good time to install an SSH Server so that you can SSH remotely to perform the remaining tasks:

sudo apt-get install openssh-server

 Configuring the Shared Folders

Basic steps here are:

  • Install the VM Guest Additions
  • Set up the shared folder on the host and in VirtualBox
  • Configure the shared folder on the Virtual Machine and set it to auto mount

I found several guide to doing this online, most suggesting you add the mount point to your fstab file to auto-mount at boot, this wouldn’t work for me, resulting in an “unable to mount” message at boot, so I used the startup file instead, as below.

Install the VM Guest Additions

First install DKMS

apt-get install dkms

Then, mount the Guest Additions ISO in VirtualBox, located at C:\Program Files\Oracle\VirtualBox.

On the virtual machine mount the ISO, change location to the CDROM folder and launch the installer:

sudo mount /dev/cdrom /media/cdrom
cd /media/cdrom
sudo sh ./VBoxLinuxAdditions.run

Then reboot the box

Set up the shared folder on the Host

Create a directory on the host to share.

In VirtualBox edit the box properties and choose the Shared Folder tab. Select Machine Folders and click new, set the Folder path to the folder you just created and give the share a name.

On the virtual machine edit the start script file:

sudo nano /etc/rc.local

and add

sudo mount -t vboxsf Shared_Folder_Name /mnt/test

above the exit 0 line.  You’ll need to set /mnt/test to your mount location (Ensure this exists first!) and set Shared_Folder_Name to your shared folder name.

You can add as many shared folders as you like here, one to a line.

 

Categories
Cisco

Showing link status messages in SSH sessions on Cisco switches

When debugging issues, specially if you’re not 100% sure which port a specific devices is plugged into, I like to see the link status messages in my SSH console.

002449: *Jul 1 15:23:35.434: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4/32, changed state to down

By default Cisco switches will not show link status messages in the SSH console session (or any console messages for that matter).

To switch them on is a two stage process.

  1. First, turn on terminal monitoring.  This enables basic messages to be shown. (This command must be ran at the enable command)
    en
    terminal monitor
  2. Second, run the logging command with the event link-status global.  This switches on logging of all link-status events across the switch. (This command must be run at the configure terminal command)
    conf t
    logging event link-status global

Done.

Categories
Linux Server

Configuring Ubuntu SMTP Server

This post details the process to create a standalone SMTP server on Ubuntu 12.04.4 LTS using Postfix.

As Microsoft do not provide basic SMTP services with Office 365 that will work with some of our services we had a requirement for a standalone SMTP server internally on our network. We only needed the ability to send email from various devices (Scan to email from Ricoh photocopiers, email services from our MIS service, etc.) so this process does not cover setting up a mail server to receive email.  As we restrict access by network we are not using any form of authentication on the SMTP server currently.

I suggest you configure the box to point to external DNS servers (Google’s 8.8.8.8 and 8.8.4.4 work great) rather than your internal servers so as to avoid having issues with missing MX records for your internal domain.

Also I suggest you follow the details configure shorewall firewall before following the steps below to configure a basic SMTP server.

  1. Install postfix
    sudo apt-get install postfix
  2. In the installation program enter the FQDN for the server
  3. Install mailutils
    sudo apt-get install mailutils
  4. Configure the networks which will be allowed to connect, including loopback. (10.111.0.0/24 is our printer subnet)
    sudo postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/22, 10.111.0.0/24"
  5. Restart Postfix
    sudo /etc/init.d/postfix restart

The server should now be ready! If you don’t start seeing mail flow the postfix log is a good place to start:

tail /var/log/mail.log -f

Categories
Linux Server

Simple Shorewall config on Ubuntu server 12.04 LTS

Here are the steps I used to configure a simple Shorewall firewall on Ubuntu 12.04.

The firewall config below provides SSH and HTTP access only; all other ports are blocked. Obviously you can add additional services as required in step 5.

  1. Install the Shorewall firewall.
    sudo apt-get install shorewall
  2. Backup the original configuration.
    sudo cp -p /etc/shorewall/shorewall.conf /etc/shorewall/shorewall.conf.orig
  3. Copy the provided configuration for a single-interface machine.
    sudo cp -p /usr/share/doc/shorewall/examples/one-interface/* /etc/shorewall/
  4. Add rules to allow SSH and web access.
    sudo nano /etc/shorewall/rules
  5. Add the following to the bottom of the file
    SSH(ACCEPT)     net             $FW
    Web(ACCEPT)     net             $FW

    For SMTP (still allowing http):

    SSH(ACCEPT)     net             $FW
    Web(ACCEPT)     net             $FW
    SMTP(ACCEPT)    net             $FW
  6. Edit Ubuntu’s Shorewall config to allow the firewall to start.
     sudo nano /etc/default/shorewall
  7. Change startup from 0 to 1
  8. Start the firewall.
    sudo /etc/init.d/shorewall start
  9. Done!
Categories
Uncategorized

Using PhpStorm with remote documents directories

If you are attempting to use JetBrains PhpStorm in a domain environment with remote home directories you have probably ran into the following error message.

Config path '\\yourDomain\yourShare\yourUsername\.WebIde70\config' is invalid. If you have modified the 'idea.config.path' property please make sure it is corect, otherwise please re-install the IDE.

Needless to say, reinstalling will not help, and chances are you haven’t modified the idea.config.path property, however ironically this is exactly what you do need to do to fix the issue!

Having contacted JetBrains support (Who were very helpful!) I got to the bottom of this issue.  PhpStorm will not work with network locations, but it automatically picks up the documents directory from AD, which invariably will be a network location.

To force it to use another location open up idea.properties (Found in C:\Program Files (x86)\JetBrains\PhpStorm 8.0.3\bin  [change the PhpStorm version number accordingly] on Windows 7 64bit), uncomment the top two settings, “idea.config.path” and “idea.system.path” and set them to a location either directly on a local drive or on a mapped drive (Remember to use forward slashes!)  Although the error message only mentions “idea.config.path” you need to do both otherwise if you only change one of the paths you’ll get a similar message complaining about “idea.system.path”

Once done you can launch PhpStorm and it will load and work fine.

Categories
Web

Changing WordPress permalink structure on Nginx

I decided to follow Joost de Valk’s (of Yoast fame) advice for ideal permalink structure and switch my permalinks from year/month/day/postname to postname.  Of course this means that any links already out there and any search engine indexes will now point to the wrong place.  Time for some redirects!

There are plenty of guides and tools available to help you if you decide to change your permalink structure whilst using Apache with its .htaccess files to host WordPress, however I use Nginx so I needed another approach.

The redirect is actually very simple; first detect that the URL is in the format using a regular expression.

The regular expression below checks that the url contains a slash followed by four numbers, followed by a slash, followed by two numbers, followed by another slash, followed by another 2 numbers, followed by yet another slash, followed by anything.  Which will match my previous permalink structure (i.e. www.ukitblog.co.uk/2013/07/22/deploying-airserver/‎)

 ^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$

And then, take the 4th (and final) part of the URL and append it to the sites URL

rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" http://www.ukitblog.co.uk/$4 permanent;

Giving a complete rule of:

location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" {
 rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" http://www.ukitblog.co.uk/$4 permanent;
}

It’s very easy to adjust the above snippet to apply to other styles of previous redirects, give me a shout in the comments if you need any help.

Also, if the change is only temporary you can use the word redirect instead of permanent to issue a 302 temporary redirect rather than a 301 permanent redirect.

The rule just needs to be inserted in your Nginx configuration for the specific site, probably located at /etc/nginx/sites-available/domainname.tld

Categories
Application Deployment

Deploying AirServer Silently

Detailed below is the process we used to deploy AirServer (http://www.airserver.com) across our enterprise network silently.  We decided to run the Beta version (1.9), there are many features and bug fixes that were important to us, one major benefit is the new authentication methods.  So far we haven’t had any problems with the Beta version, but we haven’t been using it long!

If you’re struggling to get AirServer working on your enterprise network you might like to check out my earlier post on using AirServer across subnets.

AirServer Prerequisites

Installing AirServer requires that you have Bonjour and DirectX 9 installed. (Even if you have a newer version of DirectX you must install DirectX 9 also, otherwise you’ll get a warning about “D3DXCompileShader” when trying to run the program.)

We plan to install the prerequisites as part of this process, you may not need to if you’re already running iTunes and already have DirectX 9 installed.

Bonjour

Download Bonjour Print Services for Windows from Apple.

Extract the contents of the executable using your favourite tool (We recommend 7-Zip)

You do not need to install the Bonjour Print Services (BonjourPS.msi), simply install Bonjour itself (Bonjour.msi)

We use ConfigMgr 2012 and Bonjour will deploy as an Application, so we used that.  If you want to use a package, ahve the older version of ConfigMgr or SMS, or use Group Policy to deploy your packages use the command:

Bonjour.msi /quiet /norestart

DirectX 9

Download DirectX 9c from Microsoft.

Extract the contents of the executable using your favourite tool (We recommend 7-Zip)

Sadly the DirectX redistributable will not deploy as an Application, so if you are using Configuration Manager you’ll need to deploy it as a package.  If you’re using Group Policy for application deployment you can use the same command.

dxsetup.exe /silent

Installing AirServer Silently

Once the prereqs are installed you can go ahead and install AirServer.  The command for installing AirServer silently is: (Remember to replace YOURKEY with your key to automatically activate the software)

msiexec /i AirServer-1.9.0.msi /qn PIDKEY=YOURKEY

Configuring the Firewall

When you run the program for the first time you will be prompted to open up the firewall.  We don’t allow users to modify the firewall settings here, so we have made the changes globally via Group Policy.

If you’re running a mixed 32-bit and 64-bit environment you’ll need to add two rules, one for “C:program files (x86)airserverairserverairserver.exe” and one for “C:program filesairserverairserverairserver.exe”.

In Group Policy Management Editor drill down to “Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall… > Inbound Rules” and add the rule.

Done

That’s it! You should now be able to roll out AirServer to all your clients successfully.  Do let me know how you get on in the comments!

Categories
Networks

Using AirServer across subnets

AirServer (http://www.airserver.com) is a great tool for mirroring iOS Devices (iPad, iPhone, iPod etc.) to your Apple Mac or PC.  Sadly out of the box it won’t work across VLANs/subnets as it requires Bonjour (mDNS, ZeroConf, what ever you like to call it) to work.

Detailed below is the process that I used to get AirServer working across VLANs and subnets.

Basically there is a free tool named Avahi that will, with minimal tweaking, provide a proxy for Bonjour/mDNS.  It doesn’t bridge the subnets together in the way some similar tools do which means you aren’t flooding broadcast traffic across subnets, it simply collects all the information of any Bonjour services and then rebroadcasts them as appropriate.

The basic process requires setting up a linux box (I used Ubuntu 12.04 on a virtual machine within VMWare, but other virtualisation technologies or even a physical box would do), configuring the network interfaces, configuring Avahi and then using AirServer!

Setting up the server

Avahi isn’t very processor or RAM intensive.  In my setup I used 1 core and 1GB of RAM, although I suspect it will run fine with a smaller amount of memory. These instructions assume you choose to use Ubuntu, but should be similar for most distributions.

For simplicity’s sake during the intial setup I configured the virtual machine to use a client VLAN and allowed the server to pick up a DHCP address.

Once you’ve ran through the basic install, run the following commands to get up to date and enable SSH.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install openssh-server

At this point you can switch across to using an SSH client of your choice (As always I recommend Putty)

Configuring the interfaces

At this point, if you haven’t already done so, you can switch your link to the box to a 802.1q trunk.  Depending upon your configuration this may sever your link to the box via SSH so the next section need to be carried out locally.

Use a text editor to edit /etc/network/interfaces, I like nano

sudo nano /etc/network/interfaces

For each VLAN you wish to use Avahi on add the following lines, adjusting as required.  The example below configures a virtual interface for VLAN 159 using DHCP for the IP addressing.

auto eth0.159
iface eth0.159 inet dhcp

For the native VLAN you need to configure the physical interface.  The below example shows a static IP address assignment for the native VLAN.

iface eth0 inet static
address 192.168.3.230
netmask 255.255.252.0

Once you’ve configured all your interfaces restart the network subsystem

sudo /etc/init.d/networking restart

Installing & Configuring Avahi

Simply install Avahi

sudo apt-get install avahi-daemon

To enable the functionality we require open the config file

sudo nano /etc/avahi/avahi-daemon.conf

Find the section

[reflector]
#enable-reflector=no
#reflect-ipv=no

And change it to

[reflector]
enable-reflector=yes
#reflect-ipv=no

And then restart the service

sudo /etc/init.d/avahi-daemon restart

That’s it!

And that is pretty much it. if you’ve done everything right you should now be able to connect to your AirServer/Apple TV on one subnet from your iPad/iPhone on another.