Author: [email protected]

  • DPM 2019 – Invalid Product Key

    While installing System Centre Data Protection Manager 2019 (DPM 2019) and setting your product key, you might get an error message:

    The DPM product key is invalid. (ID: 858)
    
    Enter a valid DPM product key.  The product key is locate don the back cover of the data protection manager product DVD

    We’ve found that if you have copied the key from MVLS or similar and then pasted directly into the setup, it fails with the above error. If you simply type the same key instead, it works fine!

  • Setting up a VirtualBox dev environment

    This article runs through the process of setting up a VirtualBox dev box on Windows host machine.  It was written with Laravel in mind, but the steps should apply to most circumstances. I don’t go into actually installing Laravel, there are plenty of guides out there for that!

    Mainly I wanted to achieve:

    • Ubuntu 64bit virtual machine.
    • A networking environment that would work regardless of the network I was conected to.
      • One network to allow the VM to access the internet
      • One network that would have a statically assigned IP that I could connect to from my host machine (SSH, HTTP, etc.)
    • Shared folder that auto mounts, configured to allow me to access the dev files directly on my host machine.

    Setting up the Virtual Machine

    I assume you are capable of setting up a basic Ubuntu Virtual Machine, the only difference to the defaults are the networking options.

    Set up a basic Ubuntu Virtual Machine, I used the 64bit build, but that isn’t specifically required.

    Set “Adapter 1” attached to to “NAT”.  Enable “Adapter 2” and set attached to to “Host-only Adapter”.

    Configuring the network adapters

    Once you are at the CLI run:

    sudo nano /etc/network/interfaces

    and to the end of the file add:

    # Host-only Network
    auto eth1
    iface eth1 inet static
    address 192.168.56.2
    netmask 255.255.255.0
    network 192.168.56.0
    broadcast 255.255.255.255

    and then reboot.  You should now be able to ping the box at 192.168.56.2.  If not check the config for your Host-only network and adjust the IP address as necessary.  If you are going to run multiple boxes at the same time adjust the address to avoid conflicts.

    It might be a good time to install an SSH Server so that you can SSH remotely to perform the remaining tasks:

    sudo apt-get install openssh-server

     Configuring the Shared Folders

    Basic steps here are:

    • Install the VM Guest Additions
    • Set up the shared folder on the host and in VirtualBox
    • Configure the shared folder on the Virtual Machine and set it to auto mount

    I found several guide to doing this online, most suggesting you add the mount point to your fstab file to auto-mount at boot, this wouldn’t work for me, resulting in an “unable to mount” message at boot, so I used the startup file instead, as below.

    Install the VM Guest Additions

    First install DKMS

    apt-get install dkms

    Then, mount the Guest Additions ISO in VirtualBox, located at C:\Program Files\Oracle\VirtualBox.

    On the virtual machine mount the ISO, change location to the CDROM folder and launch the installer:

    sudo mount /dev/cdrom /media/cdrom
    cd /media/cdrom
    sudo sh ./VBoxLinuxAdditions.run

    Then reboot the box

    Set up the shared folder on the Host

    Create a directory on the host to share.

    In VirtualBox edit the box properties and choose the Shared Folder tab. Select Machine Folders and click new, set the Folder path to the folder you just created and give the share a name.

    On the virtual machine edit the start script file:

    sudo nano /etc/rc.local

    and add

    sudo mount -t vboxsf Shared_Folder_Name /mnt/test

    above the exit 0 line.  You’ll need to set /mnt/test to your mount location (Ensure this exists first!) and set Shared_Folder_Name to your shared folder name.

    You can add as many shared folders as you like here, one to a line.

     

  • Showing link status messages in SSH sessions on Cisco switches

    When debugging issues, specially if you’re not 100% sure which port a specific devices is plugged into, I like to see the link status messages in my SSH console.

    002449: *Jul 1 15:23:35.434: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4/32, changed state to down

    By default Cisco switches will not show link status messages in the SSH console session (or any console messages for that matter).

    To switch them on is a two stage process.

    1. First, turn on terminal monitoring.  This enables basic messages to be shown. (This command must be ran at the enable command)
      en
      terminal monitor
    2. Second, run the logging command with the event link-status global.  This switches on logging of all link-status events across the switch. (This command must be run at the configure terminal command)
      conf t
      logging event link-status global

    Done.

  • Configuring Ubuntu SMTP Server

    This post details the process to create a standalone SMTP server on Ubuntu 12.04.4 LTS using Postfix.

    As Microsoft do not provide basic SMTP services with Office 365 that will work with some of our services we had a requirement for a standalone SMTP server internally on our network. We only needed the ability to send email from various devices (Scan to email from Ricoh photocopiers, email services from our MIS service, etc.) so this process does not cover setting up a mail server to receive email.  As we restrict access by network we are not using any form of authentication on the SMTP server currently.

    I suggest you configure the box to point to external DNS servers (Google’s 8.8.8.8 and 8.8.4.4 work great) rather than your internal servers so as to avoid having issues with missing MX records for your internal domain.

    Also I suggest you follow the details configure shorewall firewall before following the steps below to configure a basic SMTP server.

    1. Install postfix
      sudo apt-get install postfix
    2. In the installation program enter the FQDN for the server
    3. Install mailutils
      sudo apt-get install mailutils
    4. Configure the networks which will be allowed to connect, including loopback. (10.111.0.0/24 is our printer subnet)
      sudo postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/22, 10.111.0.0/24"
    5. Restart Postfix
      sudo /etc/init.d/postfix restart

    The server should now be ready! If you don’t start seeing mail flow the postfix log is a good place to start:

    tail /var/log/mail.log -f
    
    
  • Simple Shorewall config on Ubuntu server 12.04 LTS

    Here are the steps I used to configure a simple Shorewall firewall on Ubuntu 12.04.

    The firewall config below provides SSH and HTTP access only; all other ports are blocked. Obviously you can add additional services as required in step 5.

    1. Install the Shorewall firewall.
      sudo apt-get install shorewall
    2. Backup the original configuration.
      sudo cp -p /etc/shorewall/shorewall.conf /etc/shorewall/shorewall.conf.orig
    3. Copy the provided configuration for a single-interface machine.
      sudo cp -p /usr/share/doc/shorewall/examples/one-interface/* /etc/shorewall/
    4. Add rules to allow SSH and web access.
      sudo nano /etc/shorewall/rules
    5. Add the following to the bottom of the file
      SSH(ACCEPT)     net             $FW
      Web(ACCEPT)     net             $FW

      For SMTP (still allowing http):

      SSH(ACCEPT)     net             $FW
      Web(ACCEPT)     net             $FW
      SMTP(ACCEPT)    net             $FW
    6. Edit Ubuntu’s Shorewall config to allow the firewall to start.
       sudo nano /etc/default/shorewall
    7. Change startup from 0 to 1
    8. Start the firewall.
      sudo /etc/init.d/shorewall start
    9. Done!
  • Using PhpStorm with remote documents directories

    If you are attempting to use JetBrains PhpStorm in a domain environment with remote home directories you have probably ran into the following error message.

    Config path '\\yourDomain\yourShare\yourUsername\.WebIde70\config' is invalid. If you have modified the 'idea.config.path' property please make sure it is corect, otherwise please re-install the IDE.

    Needless to say, reinstalling will not help, and chances are you haven’t modified the idea.config.path property, however ironically this is exactly what you do need to do to fix the issue!

    Having contacted JetBrains support (Who were very helpful!) I got to the bottom of this issue.  PhpStorm will not work with network locations, but it automatically picks up the documents directory from AD, which invariably will be a network location.

    To force it to use another location open up idea.properties (Found in C:\Program Files (x86)\JetBrains\PhpStorm 8.0.3\bin  [change the PhpStorm version number accordingly] on Windows 7 64bit), uncomment the top two settings, “idea.config.path” and “idea.system.path” and set them to a location either directly on a local drive or on a mapped drive (Remember to use forward slashes!)  Although the error message only mentions “idea.config.path” you need to do both otherwise if you only change one of the paths you’ll get a similar message complaining about “idea.system.path”

    Once done you can launch PhpStorm and it will load and work fine.

  • Changing WordPress permalink structure on Nginx

    I decided to follow Joost de Valk’s (of Yoast fame) advice for ideal permalink structure and switch my permalinks from year/month/day/postname to postname.  Of course this means that any links already out there and any search engine indexes will now point to the wrong place.  Time for some redirects!

    There are plenty of guides and tools available to help you if you decide to change your permalink structure whilst using Apache with its .htaccess files to host WordPress, however I use Nginx so I needed another approach.

    The redirect is actually very simple; first detect that the URL is in the format using a regular expression.

    The regular expression below checks that the url contains a slash followed by four numbers, followed by a slash, followed by two numbers, followed by another slash, followed by another 2 numbers, followed by yet another slash, followed by anything.  Which will match my previous permalink structure (i.e. www.ukitblog.co.uk/2013/07/22/deploying-airserver/‎)

     ^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$

    And then, take the 4th (and final) part of the URL and append it to the sites URL

    rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" http://www.ukitblog.co.uk/$4 permanent;

    Giving a complete rule of:

    location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" {
     rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*)$" http://www.ukitblog.co.uk/$4 permanent;
    }

    It’s very easy to adjust the above snippet to apply to other styles of previous redirects, give me a shout in the comments if you need any help.

    Also, if the change is only temporary you can use the word redirect instead of permanent to issue a 302 temporary redirect rather than a 301 permanent redirect.

    The rule just needs to be inserted in your Nginx configuration for the specific site, probably located at /etc/nginx/sites-available/domainname.tld

  • Deploying AirServer Silently

    Detailed below is the process we used to deploy AirServer (http://www.airserver.com) across our enterprise network silently.  We decided to run the Beta version (1.9), there are many features and bug fixes that were important to us, one major benefit is the new authentication methods.  So far we haven’t had any problems with the Beta version, but we haven’t been using it long!

    If you’re struggling to get AirServer working on your enterprise network you might like to check out my earlier post on using AirServer across subnets.

    AirServer Prerequisites

    Installing AirServer requires that you have Bonjour and DirectX 9 installed. (Even if you have a newer version of DirectX you must install DirectX 9 also, otherwise you’ll get a warning about “D3DXCompileShader” when trying to run the program.)

    We plan to install the prerequisites as part of this process, you may not need to if you’re already running iTunes and already have DirectX 9 installed.

    Bonjour

    Download Bonjour Print Services for Windows from Apple.

    Extract the contents of the executable using your favourite tool (We recommend 7-Zip)

    You do not need to install the Bonjour Print Services (BonjourPS.msi), simply install Bonjour itself (Bonjour.msi)

    We use ConfigMgr 2012 and Bonjour will deploy as an Application, so we used that.  If you want to use a package, ahve the older version of ConfigMgr or SMS, or use Group Policy to deploy your packages use the command:

    Bonjour.msi /quiet /norestart

    DirectX 9

    Download DirectX 9c from Microsoft.

    Extract the contents of the executable using your favourite tool (We recommend 7-Zip)

    Sadly the DirectX redistributable will not deploy as an Application, so if you are using Configuration Manager you’ll need to deploy it as a package.  If you’re using Group Policy for application deployment you can use the same command.

    dxsetup.exe /silent

    Installing AirServer Silently

    Once the prereqs are installed you can go ahead and install AirServer.  The command for installing AirServer silently is: (Remember to replace YOURKEY with your key to automatically activate the software)

    msiexec /i AirServer-1.9.0.msi /qn PIDKEY=YOURKEY

    Configuring the Firewall

    When you run the program for the first time you will be prompted to open up the firewall.  We don’t allow users to modify the firewall settings here, so we have made the changes globally via Group Policy.

    If you’re running a mixed 32-bit and 64-bit environment you’ll need to add two rules, one for “C:program files (x86)airserverairserverairserver.exe” and one for “C:program filesairserverairserverairserver.exe”.

    In Group Policy Management Editor drill down to “Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall… > Inbound Rules” and add the rule.

    Done

    That’s it! You should now be able to roll out AirServer to all your clients successfully.  Do let me know how you get on in the comments!

  • Using AirServer across subnets

    AirServer (http://www.airserver.com) is a great tool for mirroring iOS Devices (iPad, iPhone, iPod etc.) to your Apple Mac or PC.  Sadly out of the box it won’t work across VLANs/subnets as it requires Bonjour (mDNS, ZeroConf, what ever you like to call it) to work.

    Detailed below is the process that I used to get AirServer working across VLANs and subnets.

    Basically there is a free tool named Avahi that will, with minimal tweaking, provide a proxy for Bonjour/mDNS.  It doesn’t bridge the subnets together in the way some similar tools do which means you aren’t flooding broadcast traffic across subnets, it simply collects all the information of any Bonjour services and then rebroadcasts them as appropriate.

    The basic process requires setting up a linux box (I used Ubuntu 12.04 on a virtual machine within VMWare, but other virtualisation technologies or even a physical box would do), configuring the network interfaces, configuring Avahi and then using AirServer!

    Setting up the server

    Avahi isn’t very processor or RAM intensive.  In my setup I used 1 core and 1GB of RAM, although I suspect it will run fine with a smaller amount of memory. These instructions assume you choose to use Ubuntu, but should be similar for most distributions.

    For simplicity’s sake during the intial setup I configured the virtual machine to use a client VLAN and allowed the server to pick up a DHCP address.

    Once you’ve ran through the basic install, run the following commands to get up to date and enable SSH.

    sudo apt-get update
    sudo apt-get upgrade
    sudo apt-get install openssh-server

    At this point you can switch across to using an SSH client of your choice (As always I recommend Putty)

    Configuring the interfaces

    At this point, if you haven’t already done so, you can switch your link to the box to a 802.1q trunk.  Depending upon your configuration this may sever your link to the box via SSH so the next section need to be carried out locally.

    Use a text editor to edit /etc/network/interfaces, I like nano

    sudo nano /etc/network/interfaces

    For each VLAN you wish to use Avahi on add the following lines, adjusting as required.  The example below configures a virtual interface for VLAN 159 using DHCP for the IP addressing.

    auto eth0.159
    iface eth0.159 inet dhcp

    For the native VLAN you need to configure the physical interface.  The below example shows a static IP address assignment for the native VLAN.

    iface eth0 inet static
    address 192.168.3.230
    netmask 255.255.252.0

    Once you’ve configured all your interfaces restart the network subsystem

    sudo /etc/init.d/networking restart

    Installing & Configuring Avahi

    Simply install Avahi

    sudo apt-get install avahi-daemon

    To enable the functionality we require open the config file

    sudo nano /etc/avahi/avahi-daemon.conf

    Find the section

    [reflector]
    #enable-reflector=no
    #reflect-ipv=no

    And change it to

    [reflector]
    enable-reflector=yes
    #reflect-ipv=no

    And then restart the service

    sudo /etc/init.d/avahi-daemon restart

    That’s it!

    And that is pretty much it. if you’ve done everything right you should now be able to connect to your AirServer/Apple TV on one subnet from your iPad/iPhone on another.