Should I upgrade to Windows 10?

There’s been plenty of hype around Windows 10 and rightly so. First things first, if you received a notification advising you can upgrade to Windows 10 seriously consider the following:

  • Have you backed up all critical information on your device so in the event your upgrade fails you can access these files?
  • Are all applications that you use on your device compatible with Windows 10?
  • Do all your peripheral devices (WiFi card, graphics card, monitor etc) have Windows 10 drivers?
  • Do you have a rollback plan (performed an image backup of your machine to external media)?

Win10Upgrade

Here are a few thoughts from my experience on upgrading my laptop to Windows 10:

  • I performed an in place upgrade to Windows 10 Enterprise from Windows 8.1 Enterprise. I downloaded the ISO, mounted it and ran the setup.exe . I left my laptop to grab some lunch, came back after 30 minutes and the upgrade appeared to complete successfully. Awesome.
  • I restart my laptop so I can install any unknown drivers for the laptop and I get the black screen of death similar to what other users were getting in the technical preview. I tried the usual fixes (BIOS, safe mode, system restore) to no avail.
  • Time for a rebuild.
  • Created bootable USB Windows 10 device and installed a fresh copy of Windows 10. I restarted my laptop and reviewed device manager for any unknown drivers.
  • To my surprise, Windows 10 had installed all up to date drivers necessary for my laptop without me having to hunt down anything (impressive) including my Biometric Synaptics Fingerprint scanner.
  • 75% of upgrades at our office failed resulting in staff needing to rebuild their machines from scratch.

Think twice before that upgrade. Stay tuned for what my thoughts are on Windows 10!

Fortigate – adding additional IP’s for PPPoE connections

Here in Australia we receive IP blocks for PPPoE connections. Since the IP is dynamically assigned to us we can’t manually add a “secondary IP” like you would with a static connection.

So what do you need to do?

Configure an IP pool!

  1. Go to Policy & Objects > Objects > IP Pools
  2. Specify whether it’s IPv4 or IPv6 and give a name
  3. Leave the type as Overload (unless you have a requirement to use the other types)
  4. Enter the additional IP’s given to you from your ISP
    Configuring IP Pools in GUI
  5. Now that you’ve configured your IP pool you can allocate inbound services to those additional IP’s. Configure your VIPs, VIP groups, and policies to use these additional IP’s and of course Test!

Enabling multiuser in Reckon Accounts 2015 after an upgrade

Reckon Reckon’s gonna get a reckoning? So it’s end of the financial year here in Aus and that usually means updates to your accounting software (inventory, payroll, invoicing etc). Time to upgrade to Reckon Accounts 2015, piece of cake right? ….

No.

After several painstaking hours trying to figure out why Reckon wouldn’t just “upgrade” and following the release notes to a tooth I was starting to really lose my mind.

Here’s my setup:

  • Reckon data file on file server (Server 2012 R2)
  • Front end client on Remote Desktop server published as a RemoteApp (Server 2012 R2)
  • File accessible from RemoteApp via mapped network drive (leveraging DFS)

I won’t bore you with the details of troubleshooting and I’ll get right to the answer. DFS… Reckon does not like DFS. As you may know Reckon uses a .nd config file that resides in the same directory as your company files and every time I tried opening the file via the mapped DFS drive or from within the software and attempted to enable multi user mode, BOOM, I get a H202 error and the .nd file would change the FilePath to the DFS path e.g. \\domain.local\dfs\reckon\file.qbw where as it needs to be the local path of the file server.

// This is QuickBooks configuration File. It exists while users are connected
// to a company file. Do not delete this file yourself. QuickBooks may not
// operate correctly IF you manually delete this file.
[NetConnect]
ServerIp=192.168.x.x
EngineName=QB_SAM _24
ServerPort=10177
FilePath=D:\Reckon\File.QBW
ServerMode=1
FileConnectionGuid=

To regenerate what the .nd file should be, on your file server open the Reckon Database manager, add the folder of where your company file is and hit scan. The .nd file will update and have the correct location.

So what are the high level steps for getting this bad boy to work:

  • Install file server on file server.
  • Run the database scan (updates .nd file).
  • Install client on workstation/terminal server and any tax table updates.
  • Open file from terminal server using UNC \\fileserver\reckon. Note: Do NOT open using the mapped drive with DFS. This will not work.
  • Upgrade the file to the latest version.
  • Enable multiuser using file > switch to multi user mode.

Fortigate Troubleshooting Cheatsheet

For all you Fortinuts out there I’m hoping this cheat sheet will help you as much as it’s helped me 🙂

CPU Utilisation

diag sys top

Fortigate Top Processes

Diagnose Sessions

diag sys session…
diag sys session filter <see below screenshot for options>

 

E.g.
diag sys session filter dport 443 –> displays sessions that have a destination port of 443

diag sys session list –> displays sessions that match the filter

diag sys session clear –> clears sessions that match the filter

 

Fortigate Session Filter

Network troubleshooting commands

execute ping <ip or hostname>

execute traceroute <ip or hostname>

execute telnet <ip or hostname> <port>

 

Network troubleshooting

Running a packet trace

diag sniffer packet <interface> <filter> <verbose level logging>

 

Where

  • Interface:  Network interface to sniff
  • Filter: Flexible logical filters for sniffer (or “none”).
    For example: To print UDP 1812 traffic between forti1 and either forti2 or forti3
    ‘udp and port 1812 and host forti1 and \( forti2 or forti3 \)’
  • Verbose logging:
    1: print header of packets
    2: print header and data from ip of packets
    3: print header and data from ethernet of packets (if available)
    4: print header of packets with interface name
    5: print header and data from ip of packets with interface name
    6: print header and data from ethernet of packets (if available) with intf name

E.g.

diag sniffer packet any ‘port 5060’ 6

Run a packet trace

Running debug for traffic flow

1) Clear debug results and output to console

diag debug reset
diag debug enable
diag debug console timestamp enable
diag debug flow show console enable
diag debug flow show function-name enable

 

2) Set a filter and start the debug trace

diag debug flow filter <filter>
diag debug flow trace start <number>

 

E.g.

diag debug flow filter port 5060

diag debug flow trace start 1000

 

3) Force stop the trace and reset the results

diag debug flow trace stop
diag debug reset

Debug flow

Get the system status

Get the system status including Fortigate version, hostname, operation mode, HA status, system time.

get sys status

Get the system performance status

Get the system performance status including CPU, Memory, network utilisation, uptime.

get sys performance status

Enjoy! 🙂

Configure IE 10/11 startup settings (registry)

I had an issue configuring the way Internet Explorer started up at a client site. They use an intranet home page and every time someone closed their current browsing session and reopened internet explorer, the software would hang momentarily then reopen the tabs they recently closed down. The option in IE is under Tools > Internet Options > General as below

IE Startup Options

Easy enough right, definitely. Now for a single user this isn’t such a big deal but as a sys admin running Windows 7, Server 2008 R2 infrastructure environment for several hundred users group policy would be the answer, right? I had a hard time looking around for the adm or admx files and tried leveraging the Internet Explorer Administration Kit to no avail. I didn’t have a Windows Server 2012 server onsite. So what’s the easy answer? Registry 🙂

They details of the entry are as follows

Key Name: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\ContinuousBrowsing
DWORD Name: Enabled
Value: 0 – Start with home page, 1 – Start with tabs from the last session

IE Startup Registry

So amend this via GPO (add a user policy registry entry or logon script) and voila!

 

4 handy features in Windows 10

So what happened to Windows 9? I guess 7, ate, 9….. (insert cicada noises). Put that aside, let’s start fresh. Windows 10 preview is here. So what’s so special about Windows 10. Here are 4 handy features that I personally like from Windows 10.

  1. Revamped Start Menu
    Windows 10 Start Menu
    Here you can pin, unpin, resize, move, uninstall within the one menu. In my opinion, this is a key feature for people to adopt to the new OS. They’ve integrated “Metro Apps” with the regular Windows applications very well in this version.
  2. Task View (multiple workspaces)
    Windows 10 Task View
    This is pretty much Ubuntu’s workspaces with a Windows twist. Similar to the principle of tabbing in web browsers, task view allows you to separate different functions for when you use the computer. As an example, your first task/workspace may be used for emails and office applications only, your second task/workspace may have a line of business application running, and your third task/workspace can have your web browsing. Here you can manage your activities in different spaces.
  3. Home folder in Windows Explorer
    Windows 10 Home
    Now you have a home folder that has all your favourite folders as well as frequent folders that you access.
  4. Copy and paste in command prompt
    Windows 10 Copy and Paste
    My personal favourite. Copying and pasting in command prompt. Now you can press ctrl+C and ctrl+V to copy and paste into command prompt. None of this ^v business 🙂

We’ll get into the server/client bits and pieces in another post that is still to come 🙂

Intel NUC – Next Unit of Computing

Next Unit of Computing. A sweet, little device that packs a punch, uses minimal power and can fit it in the palm of your hand (note: requires pretty massive hands).

So what can you do with it? Thin client, test lab, HTPC, NAS, i.e. whatever you want to do with it.

What will I do with it? I have three uses: Day to day PC, HTPC and Steam Box.

Here are the specs for the little beast I bought:

  • Intel NUC Kit i5-4250U HD Graphics 5000 2.5in SATA PC
  • Intel Dual Band Wireless-AC 7260 802.11ac Wi-Fi + Bluetooth adapter (more on this here)
  • Kingston 8GB 1600MHz DDR3 CL11 SODIMM RAM KVR16LS118
  • Samsung 840 EVO mSATA 120GB SSD
NUC - Intel NUC Box

What will you make?

The guys and glory of the mighty NUC!

The guts and glory of the mighty NUC!

mSATA SSD for the win. It's as tiny as an SD card!

mSATA SSD for the win. It’s as tiny as an SD card!

NUC - Wireless and NUC

I’ll be preparing a guide on how to setup and configure the NUC and also give you an insight of how I’ll be using mine!

Subscribe on the right side of the page for up to date info!

Intel NUC – Install Wireless Card

Not sure if anyone else out there has had issues with the wireless card for the Intel NUC but I had some pretty frustrating moments with it. Bluetooth connectivity, wireless dropouts, minimal connectivity and so many other inkling bits and pieces.

There was a little hint in the product manual that made little to no sense to me. See below:

Why The Fuss?

Image 1

Here I am frantically looking for these two wires. Is it in the NUC, can’t find it. Was it in the wireless card packaging? Nope. Do I need to buy it??? Ok I may sound like a massive noob BUT I’m sure by posting this, one or two other people might find the following information useful.

It was in the NUC!!! The little ninja cables were there all along.

NUC - Wireless Wiring

Image 2

  1. Remove the lid of the NUC.
  2. On the side of where the wireless card slot is, there will be wires running underneath the board (Image 2).
  3. Pull out the wires, remove the sticky tape and plastic heads.
  4. NOW follow the instructions given to you in the manual (Image 1) and plug in the ends of the wiring to the wireless card.
  5. Download the latest drivers from the Intel site and enjoy wireless streaming from your little bundle of joy.

What do you plan on doing with yours?

 

WSUS – Throttle Bandwidth Utilisation

Just had an issue today where I approved WSUS updates for maintenance and came to the realisation that as soon as you approve new updates WSUS automatically begins to download them. Here I am trying to isolate why the browsing internet, reviewed the gateway, noted download traffic was massive from the WSUS server, logged on and noticed…. akamai.

WSUS - Akamai

 

Yep, I didn’t even realise (noob I know) but I’ve found a way to manage the downloads by WSUS (and other Microsoft services that are chucking a sneaky). BITS is a sneaky little service that most people may not even realise is affecting the performance of their internet use. Here’s an acrostic poem I prepared earlier:

Background
Intelligent
Transfer
Service

All we need to do is throttle the amount of bandwidth the service uses during a certain time frame.

  1. Open Group Policy Management
  2. Browse to Computer Configuration > Policies > Administrative Templates > Network > Background Intelligent Transfer Serice
  3. Double click Limit the maximum network bandwidth for BITS background transfers
    WSUS - BITS GPO
  4. Enable the settings and configure as per your requirements
    WSUS - BITS GPO Details
  5. Hit OK, associate the GPO to your WSUS server.
  6. If you want it to take effect immediately, logon to the WSUS server and run a gpupdate /force
  7. You’ll notice the bandwidth utilisation drop within seconds.

 

TL;DR: Configure GPO to throttle BITS utilisation and force update on WSUS server.

 

 

 

 

Batch script to determine 32 or 64 bit Windows Operating Systems and perform an action

I think that’s the longest title I’ve ever made! Anyway, if you’re like me and need to work on different Windows Operating Systems and would like to distinguish between architecture types when executing batch scripts, then you’ve come to the right place.

Check out the below script and use it to make your life easier:

@echo off
::Written by Samontech

SET Version=Unknown

wmic os get osarchitecture | FINDSTR /IL “32” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”32″

wmic os get osarchitecture | FINDSTR /IL “64” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”64″

ECHO The OS architecture of Windows found is %VERSION% bit

IF %VERSION% == “32” GOTO OLD
IF %VERSION% == “64” GOTO NEW
::If no versions are found go to UNKNOWN
GOTO UNKNOWN

:OLD
ECHO Execute script for 32 bit OS
***Insert awesome script work here!
GOTO FINISH

:NEW
ECHO Execute script for 64 bit OS
***Insert awesome script work here!
GOTO FINISH

:FINISH
ECHO Script executed successfully
GOTO END

:UNKNOWN
ECHO OS Architecture Unknown

:END

It’s very similar to my batch script which deletes temporary files on all Windows Operating systems, but, use your imagination and put it to use e.g. upgrading Adobe Reader, Adding Registry keys, the list goes on!