Windows Admin Center Highlights

Microsoft released Windows Admin Center very recently. Apparently, this was in preview form called “Project Honolulu” for a bit, but it seems that that slipped under my radar. It’s disappointing that it did, because this solves practically of my issues with running Hyper-V server.

While you can use “Server Manager” in the RSAT tools to do a lot of remote admin tasks for Hyper-V server (and Server Core), there are still gaps that aren’t covered. Or, there are parts that you still need to load up an MMC console, powershell, or some other tool.

Windows Admin Center, in it’s current form,  covers a most of my needs for administration on Server and Server Core systems. I’ll still need to load Server Manager for some tasks, but not as frequently.

First, let’s start with install. This runs on your local machine. It runs a small webapp in your browser to manage your various servers and systems (Did I mention, it handles Windows 10 as well?). Nothing extra needs to be installed on your target systems, which is nice.

Once it is installed, it loads up your browser, and you are able to start either manually adding, or importing your systems.

Here are some highlights:

This is the main overview page. It’ll show you specs and current utilization of CPU/RAM/Network, as well as giving some minor commands like rebooting.

For Hyper-V Server and Server core systems, this next screen is a huge help. Finally, you have the ability to directly manage drivers and installed devices, without having to go through a third party tool. I know that PNPUTIL and others do give some control, but this is much easier to manage.

Want to quick check on firewall config, and tweak your rules? You can do that here:

Need to run a Powershell command, but don’t want to open up a separate powershell instance? That’s covered too! And, if you’re a more visual person, there’s an RDP client in there as well.

 

This next one is another perk for Hyper-V/Server Core users. Gotta run some Windows Updates? Pull up the Windows Update page, and select your needed patches.

Beyond those highlights, there’s some VM management stuff, and very basic storage management.

There are still some things that require RSAT tools (DHCP/AD/IIS/Storage Spaces), but this is definitely a much needed tool to have in one’s toolkit.

You can download it here.

Quick Thoughts on UNMS

As it is probably obvious by now, I run a Ubiquiti network at home. I’m using their Unifi products for Wifi, and their Edgemax series for Router/Switch as well as a Point-to-Point link. While I prefer the Edgemax series for options and features, I’ve always wished that they would have something like the Unifi management for them.

My wishes were answered with UNMS. It’s still in a very early beta, so not all functionality is there yet, but it’s got a lot of coverage so far.

Let’s dive in!

UNMS covers a lot of the non-Unifi product lines. It covers EdgeSwitch, EdgeRouter, AirMax and several of their fiber lines currently. In most cases, it does not offer full functionality for all of the individual features, but it covers enough to be useful.

At the main screen of the site, it’ll show your sites and their uptime, as well as any recent notifications or errored devices. I have 2 sites set up right now, with a VPN between them. One site has an Edgeswitch and an EdgeRouter, and the other site has an Edgerouter and 2 Airmax devices.

The drops that you see there are from the rather high latency that I have with the other site that I keep an eye on.

On the Sites screen, it gives you the option to pick which site you want to drill down into.

I’ve picked one location here, and it will show the devices attributed. You can see the hostname, model name, IP addresses, and more just at a glance. This is helpful to quickly assess a location for issues. It also will let you trigger a firmware upgrade from here. An up arrow next to the version number acts a visual aid for that.

On the “Data Links” page, you can see any links that exist between devices. Here, you can see that we have a Wireless P2P link on the AirMax devices, as well as what frequency they are using.

There are also pages to upload site photos, and to view all logs from the devices on the site.

Moving on to the main devices page, you can see all devices for all sites, with resource usage, as well as a quick update for all needed firmwares.

Let’s look at one of the routers, and see what all can be done with it.

Here, you can see all the interfaces that I’ve got configured on the router. It shows all VLANS, PPOE, and Ethernet interfaces. It does not, however, show OpenVPN at this time. It gives you a quick at-a-glance usage report for the interfaces, as well as any dropped packets that may have happened.

Not going to go into all the other options, but it does let you control routing, some services, logs, and statistics.

One main feature that I like is the backups. It will backup your devices settings on a frequency that you configure. This makes it easy to restore your settings if something goes wrong, or if you need to revert to a prior config.

It also has a built-in SSH terminal for the router which comes in handy.

Right now, the router coverage seems to be the most full-featured. The switches options are much fewer.

In case you’re curious, here’s what you get with the AirMax. It covers most of the settings at-a-glance as well. More options than the switches, but not as many as you get with the routers.

I’ll be talking more about UNMS in the days to come.

In the meantime, you can get it here: www.unms.com

What Sort of Things are Found in One’s Facebook Archive?

With all the press about Cambridge Analytica and Facebook and the amount of data that is being captured, I figured I’d take a look into what was captured of mine. I know that there are some other, similar articles that have been done on this topic, but I was curious what I’d find since I disable some of the default data settings.

So here go! My archive came in at 5.25 GB. I started using Facebook back in the beginning of 2007, so that’s a little more than 11 years of data.

After extracting, and opening up the index file, I’m greeted with my profile information. On there they have every book I’ve ever read on Goodreads (makes sense, since I share the login), my phone numbers, previous email addresses, the things I like, and all relationships. Including my one-day april fool’s day relationship, whoops! One bit that stood out was that it listed what movies I’ve seen. It’s a very short list, so I’m thinking that it’s stuff that it has parsed from checkins.

Next down on the Index is “Contact Info”. I had thought that that would be all my contact info, but it turns out that that is my PHONE’S contact list. There’s a lot of names on here that I would only have had on my cell phone, so I guess there was a sync at some point? The other surprise here is that it seems to have captured EVERY number associated with them. So for my friends who constantly changed numbers (you know who you are!), there’s 10 different numbers linked.

The link after that takes me to timeline. This is a 25 MB HTML file that took a few minutes to fully load up. Probably due to it listing out every single Facebook activity taken. This includes every song I’ve played on Spotify since the mid 2012, every status update, every wall post, and so on. Interestingly, it’s just text. No images are included. Neither are any comments or liked. However, stuff other people posted on my wall is there. Go figure.

Following that we’ve got “Photos”. This has every album I’ve ever posted, including “wall photos”. These include comments, but no likes. It also includes limited metadata on the photos. No major surprises here, though one could count the raw face recognition data of me as being somewhat interesting.

Next up we’ve got videos. Same as the photos, just with videos. I have posted very few videos on Facebook. Per this, my last one was 2014. There are videos back to 2009. So far, it seems like everything is retained forever on Facebook.

Going down the list, the next one is “Friends”. This is a ordered list of all my current facebook friends and when we became friends. Further down there are friends that I’ve requested (but they never accepted), friends that have requested me (that I’ve ignored), friends that I rejected, and friends that I’ve removed (and the dates I removed them). So that’s interesting from a historical perspective.

We then have “Messages”, and wow, do they ever! Looks like every message that I’ve ever sent or received. Some interesting things here though. First, message threads that I’ve deleted are not here. Secondly, friends who have deleted their account show up as “Facebook User” with no name attached. Most shared images are included, but not all. For me, it seems like anything older than 2015/2016 are just blank. Just to check if something was missed, I scrolled back through old conversations on Facebook itself, and they weren’t there either. Go figure. But all the text is there (and the stickers!)

Oddly, there is an entire section for “Pokes”, which has the current friends who have poked me and the streaks. Kinda pointless in my opinion, but hey, gotta love completeness.

After that, we’ve got “Events”. It’s a list of every event I’ve been invited to on Facebook, going back to 2008, complete with my response. For me, mainly ignored or declined.

The Security page is interesting. It’s a list of programs that have access to my Facebook, ranging from phones, phone applications, Spotify, and so on. It also has changes to account, like changes to passwords, security settings, and profile pictures. These seem to go back to day one.

There’s then a page for “Ads”. This has all the ad topics that Facebook thinks I’m interesting in. Some definite oddities though. There’s a city where a friend of mine lives that I’ve never been to, some movie genres I’ve never cared for, and a couple bands that annoy me. Go figure. There’s also a a list of “Advertisers with your contact info”. Nice having that info, but a little alarming.

Next to last, we’ve got “Places Created”. I’ve got 2 places that I created on Facebook back in 2010. Nothing really interesting here.

Finally, we’ve got applications. This is just a list of the applications that I’ve got installed on Facebook. No surprises here.

So, there’s a lot of stuff here. I don’t see some of the stuff that I’ve seen reported elsewhere. I’m guessing this is due to my more selective security settings. I’ll probably tighten my settings a little bit more. Honestly, a little disappointed that some of my older Messaging images are gone, but oh well.

 

 

 

Moved to Storage Spaces Entirely

For the past few years, my home server has been running two different arrays. One 8 disk RAID10 array, and a large storage spaces array. As I’ve gotten other drives over the years, I’ve stuck them in the storage spaces array for anything that doesn’t require a lot of speed.

I was using the RAID10 array for files that I wanted to access quickly, but I was running into a few quirks. Mainly, since I was using consumer drives, I’d periodically hit an issue where the controller stops responding waiting for a drive to respond. This would then crash my server, causing me much annoyance.

Since I never saw this issue on my storage spaces array, I decided to relocate all the files on my RAID10 to another drive short-term so that I could wipe the array and get the individual drives back to storage spaces.

My storage controller for RAID is a RocketRaid 2720, so I set the drives up to be JBOD and off I went. Injected them into StorageSpaces, and moved the data on over.

However, I noticed that it was still a little quirky. Did some checking on the manufacturer’s website, and realized that I should have flashed it as a plain non-raid controller.

Since I had already moved the data over, I wasn’t sure if this was feasible, so I did some tests. I moved a drive from the this array to another port that wasn’t on the controller to see if storage spaces could read it. I mainly wanted to make sure that the rocketraid wasn’t doing anything funny with the drive. Amazingly, it showed right up.

I then reflashed it to be a simple storage controller with no RAID options. After I did that, I immediately had an issue where none of the drives for showing up. I run Hyper-V server as my Hypervisor, so I had to dig into it to see what was up, while panicking that I may have wiped out a bunch of data accidentally.

Turns out, I didn’t install the drivers for the reflash. Whoops! Installed those, and all the drives showed up in storage spaces, and everything has been stable for about a week now.

 

An S7+ Woe

After running the same S7+ install since I got it a year and a half ago, I decided to wipe and reload.

I have set my tablet up to use the microSD card as internal storage, and it has given me a lot more flexibility. So, I tried to do the same with my phone, and didn’t have the same options.

Did some googling, and found an ADB command to force it in the background. I attempted it several times before returning to the Googles. It appears that Samsung “fixed” that command, and it no longer works in the newer releases.

Honestly, I like the hardware for the S7, but it’s the little software quirks like this that really turn me off to the device. I got this phone to replace my LG G4 after it succumbed to the bad circuit board issue that plagued that model. I’m up for renewal in September, so at this point, I’m not sure I’d go back to Samsung. Might just look at a “clean” Android phone.

Thoughts on Rogue Legacy

While on vacation the past week, I had some time to play some games. I only had my laptop with me, so I was limited to less graphically intense games. I had played Rogue Legacy some time ago, but never managed to win it.

I figured this was a good one to revisit, so I started a new character “lineage”, and off I went.

Rogue Legacy is a side scrolling rogue like. Its two main mechanics are persistent character upgrades and unique character traits. You collect gold as you attempt to battle the way through the castle, and after your character dies, you can use it to purchase stat upgrades, slottable runes, and equipment that are available to future characters. Expect to die a great many times before winning. 🙂

When you die, you’re given the choice of three different characters. They may be different classes, or all the same, depending on randomization. Each of the characters will have a different spell, as well as some traits. These traits range in impact, and in many cases, they can change how you play. You can have a super short character that can access areas of the castle that the normal sized (or gigantic sized) characters can’t. Or everything will be in sepia tones. This opens the door to a wide range of play styles, and by equipping different weapons or runes, you can customize your playstyle to each character type.

The castle itself consists of randomized rooms with different zones that are always positionally the same. Some rooms contain challenges to open special chests, or advanced monsters that give better loot upon defeat. Sometimes you’ll run into something that you can’t access with your current character, so you have the option of locking the castle (in exchange for 60% of the gold you gather) so your next character can take a swing.

I had a lot of fun with this game, and it’s highly recommended if you like side scrollers. Here’s a link to the Steam page.

On Hitachi Reliability

I was out of town last week visiting Colorado Springs. Towards the end of my trip, I got the alarming email alert that a drive in my RAID array was dead.

I use RAID10 for my main array since I use mainly consumer drives, and the risk with parity raid is too high to risk using them.

I ordered a replacement drive (WD Red) so that I could swap when I got home. Everything went fine.

Here’s what I replaced. Not a bad lifespan for 24×7 usage. Here’s hoping I get similar life from my RED drive. And that my 3 other Hitachi drives don’t die en masse.

Disable SMB1

In light of the recent details of SMBv1 being incredibly vulnerable  to attacks, it’d be a good idea to make sure that SMBv1 is disabled on your systems. There isn’t much reason to leave it enabled, it was deprecated in Windows Vista/Server 2k8, and unless you have an old NAS that requires SMBv1, you should be able to disable it without any harm.

The other benefit of disabling SMBv1, is that it forces your systems to use SMBv2 or v3, which perform better.

So, let’s go through how to disable it quickly and easily.

For Windows 8.1 and above, as well as Windows Server 2012 R2 and above, it’s just a simple PowerShell command.

To run Powershell as an Admin, please do the following:

  1. Click on Start
  2. Type in “Powershell” without the quotes
  3. Right click on “Powershell” and click run as administrator. Do not run Powershell ISE
  4. Click on “Allow” if a prompt comes up

Server2k12R2+

Open a PowerShell window as Admin

Remove-WindowsFeature FS-SMB1

If all goes well, you’ll get a message saying it was successful.

Win8.1+

Open a PowerShell window as Admin

Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

You’ll get a message saying that it has succeeded.

For the remaining versions of Windows, the commands are a little different.

Win8/Server2k12

Open PowerShell window as Admin

Set-SmbServerConfiguration -EnableSMB1Protocol $false

Windows Vista/7/Server 2k8/2k8R2

Open PowerShell window as Admin

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

Then restart the computer

Disabling SMBv1 is simple, quick, and highly important both from a security standpoint and a performance standpoint.

On Random Yet Consistently Timed Crashes

The past few weeks, I’ve been dealing with hard crashes on my Hyper-V server. They all happened at around the same time. Essentially, the VM would stop responding to any services past pings. If I try to use the Hyper-V console to bring it up, it would just crash. If I tried to reboot or stop the VM it would crash the host.

So, I went through the event logs on the host, and came across a bunch of errors on my Highpoint 2720 controller relating to ports not responding and driver not responding. I have a scheduled drive pair verify that was running around the time of the crash, so I assumed that there may be a chance that I had an issue with the drives on the pair.

I ran a full drive scan on the two drive pairs, and both succeeded without errors, nor were there any crashes. After that, I ran a drive pair validate, but at a different time of the day. This one succeeded as well.

Feeling thoroughly confused, I went through the event logs again, and came across an error in the host log that also coincided with the same timestamps. This error was sourced from my PCIe network card, so at that point, I start trying to figure out what could cause two PCIe cards to stop responding at the same time.

I got through the logs on the VM again, and notice some errors with the ID 129 but no details given due to a missing component. I do some Googling, and find an ancient MS forum post about this error. It was traced to an issue with VSS and similar issues with crashing VMs.

I then remember that I had a Windows Server Backup running on the VM around the same time that this was running. Disabled that, and suddenly the crashes stop.

Whoops.