Tuesday, March 4, 2014

Enabling Remote Volume Management with PowerShell

I run a build server that's fully virtualized using Microsoft Hyper-V Server 2012 Standalone, and I'm in the process of upgrading to Hyper-V 2012 R2.

One step I've always had to do is to enable Remote Volume Management. I could probably do this in AD, but old habits die hard.

I went into "netsh advfirewall" on the new server and it gave me a message:

In future versions of Windows, Microsoft might remove the Netsh functionality
for Windows Firewall with Advanced Security.

Microsoft recommends that you transition to Windows PowerShell if you currently
use netsh to configure and manage Windows Firewall with Advanced Security.

Type Get-Command -Module NetSecurity at the Windows PowerShell prompt to view
a list of commands to manage Windows Firewall with Advanced Security.

Visit http://go.microsoft.com/fwlink/?LinkId=217627 for additional information
about PowerShell commands for Windows Firewall with Advanced Security.

Certainly, there must be a way to do this with PowerShell.

My translation of the trusty:
netsh firewall advfirewall set rule group="Remote Volume Management" new enable=yes

Is the following:

Get-NetFirewallRule -DisplayGroup "Remote Volume Management" | Set-NetFirewallRule -Enabled True


Wednesday, November 6, 2013

PowerShell script for finding iOS 6.1 devices using ActiveSync your Exchange server

NOTE: I originally wrote but never finished this entry back in February, when iOS 6.1 came out.

iOS 6.1, released earlier this month (in February) (and also 6.1.1), had a fairly severe bug in how it interacts with Exchange 2010 SP1 and later.This is documented by both Apple and Microsoft.This caused Exchange logs to grow very quickly, as well as additional CPU load and memory use.

My Exchange deployment is fairly small, 75 users.Even still, I took a look and was surprised just how fast our logs were growing. About 1/2 GB per hour with only 10-15 devices on iOS 6.1, and I'm not even sure all of them were causing the problem.

I decided to take this opportunity to see if I could use PowerShell to find a list of users with iOS devices running version 6.1. A quick search, and some simple filtering, and here's a one-liner that can be run from the Exchange Management Shell (EMS) in Exchange 2010. Note this cmdlet will not work in Exchange 2007.

Get-ActiveSyncDevice | Where-Object -FilterScript {$_.DeviceUserAgent -like "Apple*" -and $_.DeviceOS -like
"iOS 6.1 *"} | Sort-Object UserDisplayName | Format-Table DeviceType,DeviceOS,FriendlyName,UserDisplayName -AutoSize



I chose to sort by UserDisplayName, the best user-identifying field I could find on an Object returned by Get-ActiveSyncDevice, since some users have an iPad and iPhone. I'm sure someone with better PowerShell-fu could pipe this to something that would spit out a list of email addresses, or maybe even send out an email to upgrade.

This allowed me to inform only those users causing the problem, rather than the whole company. It also enabled me to easily verify once everyone had updated.

PowerShell rocks. Haven't used it? I strongly suggest checking out the following on Microsoft Virtual Academy:
- Getting Started With PowerShell 3.0 Jump Start
- Advanced Tools Scripting with PowerShell 3.0 Jump Start

The first series starts off a little slow for experienced command shell users, but these videos are well worth your time (as is learning PowerShell).

Tuesday, March 27, 2012

A quick openvpn "oops" moment

I learned a quick, silly lesson today. I run some servers that tunnel using openvpn to facilitate our single sign on. I've migrated one before, and at the time, I foolishly did not create a new certificate/key pair for the new server and re-used the old one. During the point of the migration where I had both servers online at once, the two openvpn clients kept fighting - one connected, the other disconnected, and so forth, until I figured it out.

This time - I did things right - I generated a new certificate. HOWEVER, The subjects of the certificates were still the same, so they were being assigned the same IP address. This caused basically the same situation. Fortunately this time I was a bit quicker to realize. Make sure you differentiate your subject names when using openvpn. In general, you would already be doing this, but in the case of moving a server hosting a given domain from one box to another, since the domain name being served is the same there is an inclination to just type the same domain name in...don't do it. Make sure it's unique. Thanks for the forum post which lead to my answer, Jan Just Keijser!

I'm not sure if just the OU or CN must be different, or if both should be different. I erred on the side of caution and made sure both were distinct. I falsely assumed only the certificate itself had to be unique, but that's not the case.


This is a self-reminder blog post / post of shame. DOH!

Tuesday, March 20, 2012

World Time Buddy - an awesome timezone website

As the company I work for grows and has more users in remote areas of the globe, knowing what time it is for everyone gets tricky. We're in the US on the East Coast, but have employees in California, Hawaii, Germany, France, India, Ukraine, and other locations. A very simple site I found that does the best job I've seen is www.worldtimebuddy.com - hands down.

 Here is a sample of one I configured in around a minute and then bookmarked and shared:

















 I couldn't get a larger image to work well in this theme so to see this for yourself use this link.

It may not have the fanciest name or super sleek graphics, but its display of information is amazing. Above we see that:
  • It displays current times clearly for all timezones I care about in an easy to read/compare way. 
    • Everything is vertically aligned with readable values for easy comparison
    • I see whole-hour times for a 24 hour period
    • I see current exact times
    • I see offsets (+4, -6, etc) from my home time zone
    • It shows the current date in each time zone in an easy to follow way
    • It shows business hours, night hours, and late night hours in different colors
  • It alerts me to upcoming time changes - in this case, Europe's daylight savings equivalent happens 4 days from now
  • I can remove a timezone I no longer need with one mouseclick
  • I can change my home timezone with one mouseclick
  • Not visible in the above screenshot, but visible with the mouse cursor is the ability to drag and drop re-order timezones in any way I choose. I put mine in ascending order, but that isn't enforced, it was my preference. 
  • I can click link icon in the top right corner to get a link to the site containing my customizations, easily bookmarkable and shareable with coworkers.
  • New timezones can be added by using an autocompletable field (just start typing a city or country name)
I love the simple yet useful way it displays the timezones.If there is one area for improvement it would be a customized interface for mobile devices - you get the same, full webpage from a mobile device. It's still usable but the hover-able timeline does not work. Since it displays all of the hours it isn't strictly necessary, as you can still see the same information it just doesn't give it that extra focus if you want to pick a time for a meeting for people in vastly different timezones.

If you deal with multiple time zones a lot, definitely check out World Time Buddy.

Thursday, January 26, 2012

How to Ruin a Perfectly Good Evening

Open your brand new SSD (Samsung 830 series 128GB)

Marvel with excitement at the iPhone-like packaging and eagerly image your old drive (Intel 80GB G1 SSD) onto the new one with Clonezilla - 15 mins and booted into Windows 7 on the new SSD. This is where I should have stopped - oh what a fool I was to continue.

Side-track to find out why PC basically hangs for 1-2 mins after login and discover it is Microsoft Security Essentials misbehaving - story for another day - 20 mins ...


Everything has gone smoothly so far - run AS SSD and ogle the new benchmark numbers. Uh oh. offset 31K bad? Great. I recall that I never fixed this on my Intel SSD and that is why, so I foolishly decide to try and fix it. I find an answer at lifehacker.


Download GParted and install on my trusty multiboot USB drive - I actually already had a GParted livecd on there but decided to throw Parted Magic on there to see what that was like.

Create a Windows 7 Repair Disc (directly from my copy of Windows 7 Home Premium I'm running at home). Wait, no, side-track and test out lightscribe to make a fun label for it first.

Discover that lightscribe software service needs to update. Do that. Find a label maker software - oh, already had one in some software suite - great. Hmm, it won't let me select my CDRW as my lightscribe driver...it will apparently only accept the lowest lettered optical disc drive. Wow. That's good engineering (Cyberlink LabelPrint). Re-map drive names so DVDRW drive comes first. Burn lightscribe label - remember why I haven't burned a lightscribe label in 6 years - because it takes way too long. Finally, let Windows create/burn a windows 7 repair disc.

Boot into Parted Magic and shift my partition forward a few MB, wait 15 mins, then shift back 1 MB, per Lifehacker instructions. Success - now, Windows will no longer boot because it's confused. (This is expected)

Boot up my freshly burned Windows 7 repair disc. I'm greeted with the following:







The windows recovery disc I burned from the copy of windows I am trying to repairing is incompatible with itself. Yes, that's right - incompatible with itself.

Do some quick searches and come up short. Decide screw it - I'll just reinstall Windows 7 on my SSD. Insert my Windows 7 Upgrade DVD (Family Pack - likely the source of all my pain!) Format the drive, select it - realize that Windows 7 RTM does not create "100MB" partition which has possible side-effect of aligning partition properly (same issue w/ original SSD install I think...). Decide to try and manually create partitions back in GParted and then let Windows 7 try to install.

Nope - Windows 7 will not install on it. Error 80300024. Excellent. No real useful info found.

Remove fancy new SSD and put back in old Intel one. Admit defeat for now.




4 hours after I started - blog about it, back at square one.

Thursday, November 3, 2011

20 Years of VIM

VIM has now been out for 20 years. Ars has a nice article on it. It is my editor of choice on *nix based systems, but things weren't always that way. I remember when I first used vim (it may have even been an earlier clone, but probably not vi itself) , I hated it - it didn't make any sense. I was in highschool at the time, probably 14 years old. At the time I used pico since it was similar to MSDOS' EDIT.

It wasn't until I was in college that I truly got an appreciation for vim. I saw one of my professors using it to write code, and he was so incredibly fast it amazed me. It got me interested in how to use vim. Once you take the time to learn a few things about how it works, it's very useful. I still am a vim novice, I know enough to "miss" certain features when I am not using vim, but not enough to be a jedi master of vim (I'm a long ways away from that).

I'm going to take this anniversary as an opportunity to learn some new tricks in VIM. I wouldn't be surprised if I sum up some of the most frequent commands I use in a future post.

While I don't think software should generally have a steep learning curve, in the context of an editor for highly technical users, it makes sense to invest your time really learning an editor. The Pragmatic Programmer tells us to Use A Single Editor Well for a reason - there are real productivity benefits. I'm curious how many users take the time to learn an advanced editor like vim, emacs, or the ins and outs of something like Textmate. 


I think being under active development after 20 years is a pretty awesome accomplishment in software. How many projects have that kind of life span these days? A toast to you, VIM! To another 20 years of active development!

Tuesday, November 1, 2011

It's PragProWriMo again

It's November 1st. That means it's Pragmatic Programmer Writing Month (PragProWriMo) time again. Itself a spin off of National Novel Writing Month (NaNoWriMo).This will be my third year trying to participate in my own way.

My goal for the month is not to write a book. I take this as an opportunity to encourage myself to blog about technical topics every day for the month. Over time, my blog has become at the very least a resource for myself to find solutions or answers to simple problems I've encountered previously. I find writing every day for a month is both challenging and rewarding.

I lot has happened since last year. My job role has changed, my whole life has been changing (thanks to Jesus Christ), and I just got married last month. I've yet to determine what I will write about this month.

For tonight, I will just state a simple piece of technology that improves my world. Technology often advances just for the sake of advancement, and I'm not always sure a given new technology noticeably improves my life. Occasionally, I'll see something and go wow - why didn't this happen earlier. Why isn't this a feature of every widget? What's one of those things? The dripless pour spout on my new electric kettle. How many times have liquids (hot or otherwise) been spilled on countertops, on hands, everywhere, because a container has a spout that's prone to dripping everywhere? Somebody took the time to design one that DOES NOT DRIP regardless of how slow you tilt it. No messes because you poured too slow, or poured too fast to avoid a drip from pouring too slow.

And where is it on the features list? Not even listed on the vendor's website. It was listed on the box somewhere, though. (but isn't why I bought it - I wanted the programmable temperatures as I'm an avid tea drinker and boiling isn't enough flexibility)

Why doesn't every pitcher-like container have a no-drip spout? How many years do you think it will be until every new product has it? It saddens me that it may be quite some time. (5 years, 10 years, more?)

I find this "small touch" feature that is easily overlooked since the user can just deal with having to tread carefully and pour exactly right, or drip and spill liquids, maps over fairly well into the software world. Too often we let the user just deal with stupid, simple, easily fixable problems. We could fix them, but we don't spend the time. These type of problems agitate me more and more as I work with technology. Focusing on the small stuff MATTERS. It makes an IMPACT. This no-drip spout pitcher impresses me more than any other piece of technology I've seen this year - even more than Siri (which is really, really cool). I think more companies need to focus on the small details - it's something I believe Apple does quite well. Focus on no-drip pour spouts. Delight users with that simple, saves-you-10-seconds every day type of boring feature. Nothing frustrates me more than wasting my time on something easily fixed or automated.

I bet not a lot of people get excited about no-drip pour spouts - but I do. That's how I roll.