Should I upgrade to Windows 10?

There’s been plenty of hype around Windows 10 and rightly so. First things first, if you received a notification advising you can upgrade to Windows 10 seriously consider the following:

  • Have you backed up all critical information on your device so in the event your upgrade fails you can access these files?
  • Are all applications that you use on your device compatible with Windows 10?
  • Do all your peripheral devices (WiFi card, graphics card, monitor etc) have Windows 10 drivers?
  • Do you have a rollback plan (performed an image backup of your machine to external media)?

Win10Upgrade

Here are a few thoughts from my experience on upgrading my laptop to Windows 10:

  • I performed an in place upgrade to Windows 10 Enterprise from Windows 8.1 Enterprise. I downloaded the ISO, mounted it and ran the setup.exe . I left my laptop to grab some lunch, came back after 30 minutes and the upgrade appeared to complete successfully. Awesome.
  • I restart my laptop so I can install any unknown drivers for the laptop and I get the black screen of death similar to what other users were getting in the technical preview. I tried the usual fixes (BIOS, safe mode, system restore) to no avail.
  • Time for a rebuild.
  • Created bootable USB Windows 10 device and installed a fresh copy of Windows 10. I restarted my laptop and reviewed device manager for any unknown drivers.
  • To my surprise, Windows 10 had installed all up to date drivers necessary for my laptop without me having to hunt down anything (impressive) including my Biometric Synaptics Fingerprint scanner.
  • 75% of upgrades at our office failed resulting in staff needing to rebuild their machines from scratch.

Think twice before that upgrade. Stay tuned for what my thoughts are on Windows 10!

Fortigate – adding additional IP’s for PPPoE connections

Here in Australia we receive IP blocks for PPPoE connections. Since the IP is dynamically assigned to us we can’t manually add a “secondary IP” like you would with a static connection.

So what do you need to do?

Configure an IP pool!

  1. Go to Policy & Objects > Objects > IP Pools
  2. Specify whether it’s IPv4 or IPv6 and give a name
  3. Leave the type as Overload (unless you have a requirement to use the other types)
  4. Enter the additional IP’s given to you from your ISP
    Configuring IP Pools in GUI
  5. Now that you’ve configured your IP pool you can allocate inbound services to those additional IP’s. Configure your VIPs, VIP groups, and policies to use these additional IP’s and of course Test!

Configure IE 10/11 startup settings (registry)

I had an issue configuring the way Internet Explorer started up at a client site. They use an intranet home page and every time someone closed their current browsing session and reopened internet explorer, the software would hang momentarily then reopen the tabs they recently closed down. The option in IE is under Tools > Internet Options > General as below

IE Startup Options

Easy enough right, definitely. Now for a single user this isn’t such a big deal but as a sys admin running Windows 7, Server 2008 R2 infrastructure environment for several hundred users group policy would be the answer, right? I had a hard time looking around for the adm or admx files and tried leveraging the Internet Explorer Administration Kit to no avail. I didn’t have a Windows Server 2012 server onsite. So what’s the easy answer? Registry 🙂

They details of the entry are as follows

Key Name: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\ContinuousBrowsing
DWORD Name: Enabled
Value: 0 – Start with home page, 1 – Start with tabs from the last session

IE Startup Registry

So amend this via GPO (add a user policy registry entry or logon script) and voila!

 

Intel NUC – Install Wireless Card

Not sure if anyone else out there has had issues with the wireless card for the Intel NUC but I had some pretty frustrating moments with it. Bluetooth connectivity, wireless dropouts, minimal connectivity and so many other inkling bits and pieces.

There was a little hint in the product manual that made little to no sense to me. See below:

Why The Fuss?

Image 1

Here I am frantically looking for these two wires. Is it in the NUC, can’t find it. Was it in the wireless card packaging? Nope. Do I need to buy it??? Ok I may sound like a massive noob BUT I’m sure by posting this, one or two other people might find the following information useful.

It was in the NUC!!! The little ninja cables were there all along.

NUC - Wireless Wiring

Image 2

  1. Remove the lid of the NUC.
  2. On the side of where the wireless card slot is, there will be wires running underneath the board (Image 2).
  3. Pull out the wires, remove the sticky tape and plastic heads.
  4. NOW follow the instructions given to you in the manual (Image 1) and plug in the ends of the wiring to the wireless card.
  5. Download the latest drivers from the Intel site and enjoy wireless streaming from your little bundle of joy.

What do you plan on doing with yours?

 

Do you really need a strong password?

HELL YES! Anyone that does not use strong passwords are pretty much leaving their keys outside their front door with a sign saying “no trespassers”.

To give you a real life scenario that I’ve encountered, I managed the IT infrastructure for a new customer. One employee decided to use a super, awesome password (password1) and his account was compromised. His user account was used to send thousands of spam emails originating from the organisation’s mail server. The organisation’s mail server was blacklisted and other companies (customers) would no longer accept email from this organisation. They were not able to invoice orders and lost tens of thousands of dollars worth of revenue because one users password was easily compromised.

Why do you need to use a strong password?

  • People post so much information about themselves online that interests, friends, parents, birthplace, email addresses are easily attainable if you search hard enough.
  • There are machines capable of cycling through 6.2 billion password combinations every second.
  • If you use the same password for multiple accounts, don’t! It might be easier to remember but if it’s compromised, consider these other accounts gone.

I can’t enforce this enough: always use strong passwords. Strong passwords should be comprised of a combination of numbers, letters (upper and lower case), symbols etc. You can get creative and use some common words but substitute letters for numbers or symbols. Here are examples of strong and weak passwords:

  • Strong: Th!5IS@$t0ngPW,S0!$thisOne%
  • Weak: password, password123, 123456, hello

Where possible, try use a random password generator such as this, this, or this.

Protect your information 🙂

 

Installing Applications on a Terminal Server

Because of the Sophos issues that many of my clients experienced, many endpoints required a re-installation, particularly on Terminal Servers. This is a quick and easy reminder of best practices for installing applications on a terminal server.

  1. Log on to the server as a domain administrator
  2. Open up command prompt and type the following command
    change user /install
  3. Your session will now be ready to install applications that will work across all user profiles.
  4. Install the application required e.g. Microsoft Office
  5. Once you have finished the install open up command prompt again and type in
    change user /execute