Please Reset My Password

Yesterday I was faced with logging into a website I knew the username and password, while I didn’t “own” this information of my wife’s, we share almost everything (except pizza, she isn’t cool with sharing pizza) I thought I would login to save her time. Of course our account was locked which resulted in a call. While I had all the info they required, username, password, account number, last four of social, the helpful person on the other end decided not to reset based off my “male” voice because my wife’s name is female. While I understood, I was frustrated since I had what they wanted and I didn’t get what I want. I thought to myself, this business set their requirements and decided, hey, just because you sound like a dude, no way. Frustrated or not, we cordially hung up the phone and I gave up.

This got me processing, no longer are passwords over the phone or e-mail a way to reset in a secure way. I know what you are thinking, what if I can’t get in, I need to call someone. The beauty of technology means that, no, you don’t need to call anyone. While very few companies have deployed two factor authentication, most of the world relies on remembering 2-3 passwords which people use for everything (You know who you are). Kids birthdays or the ever more important family pet.. This puts one important factor on the table, a single password can turn your life upside down.

As you and I have seen the past few years, everything is hack-able (NSA Hacked?) and it’s scary to me and should be to you too. I know, there are a billion people out there, no way am I the one, unfortunately what if you are? Just like you would never get in a car accident?

While I can talk all day about this, here are some articles in regards to services being “hacked” and how they may affect you in some way.

Dropbox 68 Million Users Passwords on the Internet
Target Credit Card’s Stolen
NSA Hacked? (Valid?)
Twitter, 33 Million Passwords
11 Data Breaches that Stung US Consumers

So reading these, is your twitter or Dropbox password the same as your banking password?

I just want to get you thinking about the what if? If someone cleans out your bank account, you ok with that? Or signs up for a new credit card? Trust me, it can happen to you and it takes time, effort and money to fix it.

While I talked long enough, let’s get to the part where I tell you how to fix this…

Let’s focus first on passwords since this is the easiest change.

  • When possible, use a tool like 1Password, Keypass, etc (Recommendations). Change your passwords to complex passwords when possible and unique for each website or service. Even the shopping sites since most save your credit card info.
  • Update your security questions… Mother’s maiden? “Bob Loblaw”. A product like keypass has a notes section where you can store a non-traditional security question note. Just don’t forget your keypass password.
  • Enable two factor authentication. What the hell is that you say? If you have a mobile phone with text / SMS capabilities, you tell the service or website the number, they text you at login (Usually only once if it’s the same computer or phone). Why is that secure you say? Anyone else recieving text messages to your number? It’s an additional security layer that I personally like and enable when possible (Even on wordpress). While not everyone has this, it’s generally under the password change or security section of a website.
  • On a more extreme route, use unique usernames, again I know… crazy. However with a tool, this becomes relatively easy.
  • Credit monitoring, most of these services are junk, like an extended warranty the cost outweighs the real benefit here. Most banks provide services like this as part of their offerings, see if you can get it for free.

Now credit cards… Most people really don’t understand how credit cards work, and with the recent ATM and credit card skimmers, it’s more evident this is going to become common place.

  • First and foremost, you aren’t secure unless you utilize chip technology in your card. That 1/4 inch little chip on the front, while real’ pretty, is a way to encrypt your transaction, and this is good. FAQ about chips.
  • Use your iPhone, android or accompanied watch to pay at the terminal. Again, your credit card data is stored encrypted and uses token technology, read more about it. To add an additional layer here, you need a eye (no pirates please) or finger (If you use your toe, wear sandals) even use the service.
  • Paypal. It’s been around for a long time. Not all sites accept this method, however because of the technology, your banking info is never sent to the merchant. They also have iPhone apps that support some secure payment transfers. Read more here.

From a consumer perspective, these are what I believe are the best and easiest options for you. Security is becoming an important part of life, more so than ever before, so keep an eye out and change your password from “password” to “Password1”.

 

 

Advertisements

ML110 G6, Please Don’t Die

In a recent post I talked about my purchase of a ML110 G6. Well, purchase is a strong word, I would call it free as it appears to be the result of a known “bug” with these machines where they just fail / die / power off  without notice or event. Great, I found a winner… The replacement server I received has been rock solid, so let’s not start off on the wrong foot yet.

A few go(ogle)d searches and found the following..

http://community.hpe.com/t5/ProLiant-Servers-ML-DL-SL/HP-Proliant-ML110-G6-Breaks-down-offen/td-p/4786107

http://community.hpe.com/t5/ProLiant-Servers-ML-DL-SL/HP-Proliant-ML110-G6-Breaks-down-offen/td-p/4786107/page/2

https://social.technet.microsoft.com/Forums/en-US/fc303b36-91be-4335-9d7e-2e13e43b0f3f/server-stops-answering-suddently?forum=smallbusinessserver

Summary of suggestions..

  • Patch firmware, drivers and BIOS
    • Possibly a BIOS vs. Hardware resource issue
  • Use HP memory specific to this model
    • Duh, why does HP have to be that picky
  • Use a HP array in lieu of the B110i on-board
    • HP P212 or P410 models?
  • Motherboard Rev C instead of A
    • Possibly, considering there are different revision makes you consider
  • New Motherboard
    • No warranty…
  • Power supply under powered
    • Possibly, however why drop out once in a while and not all the time
  • Disable Memory Interleaving
    • You lose half the memory as this won’t utilize both channels
  • Buy something else
    • I think this may be the answer

For me, I noticed improvement when I did the following. Meaning, failures once in a while vs. multiple times daily..

  • Patch firmware, drivers and BIOS
  • Use a HP array in lieu of the B110i on-board
    • HP P212

Preforming the above alone improved the machine dramatically.

Ilo responds, however it does not respond to any of the virtual power commands, screen is dead, which screams hardware issue. So I am still having to hard reset once in a while, now it’s just less frequent. And when the machine is under heavy load, i.e. CPU 100% for long period of time or a lot of network transfer, it has a 6TB RAID on the P212, it dies more frequently.

Strange enough the second server I received has not died once since initially booting. Considering the unstable machine is a secondary server I may look into this again one day, for now it’s on the list… Or just buy another one and use this one for possessed parts works too.

Hyper-V Replication

I recently decided my home server was a little much for my needs. While the dual Xeon and 48GB of memory was ample for me years ago, I find I spend less time at home and more time at work in regards to testing. Because of that, I of course got excited and delved into looking at new hardware.

I liked the ML150 G6 I had been using, so I opted into purchasing two ML110 G6, same design and build, however only a single Xeon and capped at 16GB of memory. With SSD so cheap, disk isn’t and shouldn’t be a concern for anyone.

Of the two I purchased, one was the “main” machine, holding the 16GB of memory I needed for a few VM’s and a single build of SP. The other held disk resources, admin and the replica partner… aw, they are getting married! The replica housed much more disk space and way less memory. In the event of a failover, it would keep the lights on, relatively speaking, albeit slow due to the RAID5 and 6TB volume the VM’s were sitting on. I wasn’t too worried as it would only take a few hours to rebuild it all anyways.

After installed Windows 2012 R2 and getting Hyper-V up and running with the exact same configuration. Replication setup was relatively simple, painless and easier than I expected since my time with VMware had shown it shouldn’t be “that easy”. The steps to configure a partner in the same domain involved a few simple steps, selecting a server and some easily understood configuration options. They were in the same domain, plus, I used CredSSP, plus plus, all other settings were best recommendation and made sense to me, plus plus plus.

And now on to the not-so-fun-parts.. Some things I didn’t like…

  • Because I am picky about paths being the same between servers, I ended up completing the following list so that all the disks and configuration was in the same path. I know… why do I do this, I blame the internet or too many cartoons as a kid.
    • replicating to replica server
    • removing replication on replica server
    • re-setup replication to original primary server
    • replicate from replica to primary
    • removed replication
    • cleanup up replication on initial replica server
    • Re-setup replication

Overall, a good and quick experience. Now my VM’s are relatively safe (meh, who needs backups) from disaster.

SharePoint 2016, New Features?

With SharePoint 2016 right around the corner, I will try to post when I find relevant information and updates. I have been working with the RC1 for a while, and with RC2 out, it’s like a better party…

Some of my person favorites so far are… while I don’t see anything extreme, I like where things are going with SharePoint. It’s no surprise that Microsoft is pushing cloud, and some of these new features play into that imitative. However, those wanting and/or needing to stay on premises can appreciate the need for new features, otherwise, what is the point to upgrade?

Durable links
Encrypted Connections
Hybrid in SharePoint 2016
Information Rights Management
SharePoint business intelligence
SharePoint Search

New and improved features in SharePoint Server 2016 Release Candidate

https://technet.microsoft.com/en-us/library/mt346121(v=office.16).aspx

eature Description More information
Access Services New Access features are available when you deploy Access Services in SharePoint Server 2016 Release Candidate . For more information, see Access Services.
Compliance features New compliance features for SharePoint Server 2016 Release Candidate include the document deletion and in-place hold policies. For more information, see Compliance features.
Customized web parts The compile time for customized XSLT files used for Content Query, Summary Links, and Table of Contents Web Parts is improved. NA
Document Library accessibility SharePoint Server 2016 Release Candidate includes new document library accessibility features. For more information, see Document Library accessibility.
Durable links Resource-based URLs now retain links when documents are renamed or moved in SharePoint. NA
Encrypted Connections SharePoint Server 2016 Release Candidate supports TLS 1.2 connection encryption by default. For more information, see Encrypted Connections.
Fast Site Collection Creation The Fast Site Collection Creation feature is a rapid method to create site collections and sites in SharePoint. For more information, see Fast Site Collection Creation.
Filenames – expanded support for special characters SharePoint Server 2016 Release Candidate now supports using some special characters in file names that were previously blocked. For more information, see Filenames.
Hybrid in SharePoint 2016 Hybrid in SharePoint Server 2016 Release Candidate enables you to integrate your on-premises farm with Office 365 productivity experiences, allowing you to adopt the cloud at your own pace. For more information, see Hybrid in SharePoint 2016.
Identify and Search for sensitive content SharePoint Server 2016 Release Candidate now provides the same data loss prevention capabilities as Office 365. For more information, see Identify and search for sensitive content in both SharePoint 2016 and OneDrive documents.
Image and Video previews You can now preview images and videos in SharePoint Server 2016 Release Candidate document libraries. For more information, see Image and Video previews.
Information Rights Management SharePoint Server 2016 Release Candidate provides Information Rights Management (IRM) capabilities to secure information by encrypting and securing information on SharePoint libraries with OneDrive for Business. For more information, see Information Rights Management.
Large file support SharePoint Server 2016 Release Candidate now supports uploading and downloading files larger than 2,047 MB. For more information, see Large file support.
MinRole MinRole is a new feature in SharePoint Server 2016 Release Candidate that allows a SharePoint farm administrator to define each server’s role in a farm topology. For more information, see MinRole farm topology.
Mobile experience SharePoint Server 2016 Release Candidate offers an improved mobile navigation experience. For more information, see Mobile experience.
New controls for working with OneDrive for Business SharePoint Server 2016 Release Candidate provides controls at the top of your personal document folders that make common tasks in OneDrive for Business more accessible. For more information, see New controls for working with OneDrive for Business.
New Recycle Bin in OneDrive and Team sites SharePoint Server 2016 Release Candidate adds a link for the Recycle Bin in the left navigation area of the OneDrive and Team sites. NA
Open Document Format (ODF) SharePoint Server 2016 Release Candidate adds support for Open Document Format (ODF) files to use in document library templates. For more information, see Open Document Format (ODF) available for document libraries.
Project Server New Project Server features are available in SharePoint Server 2016 Release Candidate. For more information, see Project Server.
ReFS file system support SharePoint Server 2016 Release Candidate now supports drives that are formatted with the ReFS file system. For more information about the ReFS file system, see Resilient File System Overview andResilient file system.
SharePoint business intelligence SharePoint Server 2016 Release Candidate now supports SQL Server 2016 CTP 3.1 and the Power Pivot add-in and Power View. For more information about SharePoint business intelligence, see Power Pivot add-in and Power View are now available to use with SharePoint Server 2016 Beta 2.
SharePoint Search SharePoint Search Server Application has significant changes to its deployment. For more information, see SharePoint Search Server Application.
Sharing improvements SharePoint Server 2016 Release Candidate has many new sharing improvements available. For more information, see Sharing improvements.
Site Folders view SharePoint Server 2016 Release Candidate provides a new Site Folders view that lets you access the document libraries in sites that you’re following. For more information, see Site Folders view.
Sites page pinning This new feature helps you see and follow sites. For more information, see Sites page pinning.
SMTP Connection Encryption SharePoint Server 2016 Release Candidate supports sending email to SMTP servers that use STARTTLS connection encryption. For more information, see SMTP Connection Encryption.
SMTP ports (non-default) SharePoint Server 2016 Release Candidate adds support for SMTP servers that use TCP ports other than the default port (25). For more information, see Use SMTP ports other than the default (25).
Web Application Open Platform Interface Protocol (WOPI) You can now rename files, create new files, and share files from within the WOPI iframe on the browser page. NA

UniFi Enterprise Wireless

It’s been a while, hello blog…

Wireless… god send or pitfall into invisible death… you get to decide. Either way, my iPhone doesn’t come with a gigabit ethernet port so wireless it is.

While my 2 wireless routers / access points were doing the job, I wanted a single SSID and enough power for more than 6-10 devices without drop outs. Configuring multile SSID’s wasn’t painful, it was the absence of UPnP or other media services on the access point in which “things were slow”, that’s networking terms for you not-IT foks.

With a little help from Go(ogle)d I found UniFI, Ubiquiti Networks, and it appeared to meet my needs.

  • Multiple WAP’s capable of distributing my SSID
  • Central management, i.e. software
  • Support more than the standard 10 device limit on residential units
  • Give me more power on configuration

My first time around with this, being a novice to this system was not as easy as my second round.

First time for everything…

A year ago I installed and configured this for a small business. I removed the 3 wireless routers they had, installed the management software on a tablet that was stuck in the office and behold… happiness for the masses. In an office of 3-8 the wireless kept ticking with approximately 3-8 mobile phones, 3-5 laptops, Apple TV, Wireless Printers and a Guest wireless for their clients. No issues, drop outs, just happiness.

On the configuration site, I ran into an issue with the Java requirement as it wasn’t installed in a specific directory and the AP decided to fail to connect to the management controller so some manual putty and a little help from support (Who were awesome) I was back up an running in an hour.

In lieu of the setup the first time, it appeared the build I downloaded was pre-production or just not tested. Either way, it may have put some people off which is a big no-no in the consumer world. In all, it was a 3 out of 5 experience.

All Good Things Come To Those Who Wait…

Yes, a movie reference, and one of my favorites.

My second time around, was me, at home, deciding to spend more than $19.99 on a wireless router/AP. I decided I had enough and with the potential of at least 10 wireless devices without company over meant.. Mo money, Mo money, Mo money.. (See, I did it again)

Once the management software was downloaded and installed, way easy the second time, I was off an running. I had already plugged in the AP into an ethernet port and power outlet. The included adapter does not require a PoE ethernet switch. It found it, configured it and within 15 minutes wireless was online and ready to go. The software and install this time around was much cleaner, prettier and wizard like which made everything a breeze. Plus now I can plug in another AP and get further coverage. I won’t need to however as I am now getting wireless out in the street and down the block where as before it was minimal past the front door. I was happy, my family was happy.

In the end, would I recommend this to the average person, meh… still on the fence with that decision. Anyone with an engineering brain or a free Saturday night could get this up and configured on their own. And with support a phone call away I wouldn’t be scared even if I was a monkey, no offense to the monkey’s of course. The question for me is, who really needs this? Hotels? Businesses? Those who don’t want to spend tons of money on Cisco products? Yes to all. With security a big issue and wireless a constant reminder of how un-secure our technology is, the question becomes to Ubiquiti, Cisco and others, how secure can you make it and how easy will it be. Being that Ubiquiti is a newcomer to this world, security experts may be quick to brush off a non-Cisco product. Yet, keep your eyes and ears open for this company as based on a cost vs. ROI variable, they are looking like the Costco of the wireless world.

SharePoint Saturday Twin Cities

Yeah, I spoke in front of people. I was asked if I would speak at SharePoint Saturday Twin Cities, discuss options and recommendations on Cloud vs. On-Premises, what works, what doesn’t, blah.. blah… blah. I did my research, made some awesome visio diagrams, charts and graphs. In the end I felt even though I spoke for 30 minutes, it was a success and wasn’t nerve racking in the end. I have always felt comfortable speaking to people, it’s in my nature. And honestly, people get nervous, screw up, say the wrong thing and I am sure I did the same. However, I did enjoy my time at SPSTC.

As always, I got to work with an awesome team of peers. Without them, I don’t think I would have succeeded. As a whole, I feel we got the information everyone was looking for with success.

Website: http://www.spstc.com/
Presentation: http://1drv.ms/1GBNiQo

SharePoint 2016 RTM Install

While I am generally excited about SharePoint 2016, going through an RTM build of any Microsoft product is not without issues. Going through the install, I will list out any issues that I find to mitigate troubleshooting for the next lost soul or any major differences.

In lieu of the Windows Server, active directory and SQL (Maybe?) install, just focusing on SharePoint for this one. Think single server… maybe because I am lazy, also due to the fact this won’t be anything but a playground for a few months.

//////////////////////////////////////////////////////////////////////////////////

Prerequisite Install
Error: Update for Microsoft .NET Framework to disable RC4 in Transport Layer Security (KB2898850): Installation error

2015-10-06 12:38:36 – Check whether the following prerequisite is installed:
2015-10-06 12:38:36 – Update for Microsoft .NET Framework to disable RC4 in Transport Layer Security (KB2898850)
2015-10-06 12:38:36 – The following file does not exist:
2015-10-06 12:38:36 – C:\Windows\servicing\Packages\Package_41_for_KB2898850~31bf3856ad364e35~amd64~~6.3.1.2.cat

Result: Missing file. Download (Link). Installed manually. Ran the prerequisite installer, completed successfully.

//////////////////////////////////////////////////////////////////////////////////

Default folder is 16.0

C:\Program Files\Microsoft Office Servers\16.0\Data

//////////////////////////////////////////////////////////////////////////////////

Still have the 14, 15 and 16 folder

SP2016_Folders

//////////////////////////////////////////////////////////////////////////////////

Database Access Account.. previously the account executing psconfig.exe was used to access the server and create databases and apply access. Now the account is specified inside the wizard.

And yes, using SQL Alias here, SQL is pointing to the local machine.

SP2016_SQL_New_Farm

//////////////////////////////////////////////////////////////////////////////////

MinRole Options

SP2016_MinRole

I choose custom, mostly because I want to see what I get from it. Without listing what MinRole provides for the other options.

As I suspected, there were no additional options in the PSConfig wizard. Most of you should be selecting custom to get the most out of server infrastructure. However, for you medium to large organizations that may have dedicated Search or DistCache servers, my hats off to you.

//////////////////////////////////////////////////////////////////////////////////

Same old story… Microsoft, please let us name our databases. You let us for some, not all, if inconsistency is what your looking for, you win. DBA Fail.

SP2016_Admin_DB

//////////////////////////////////////////////////////////////////////////////////

After install, admin DB needs an upgrade. Ran PSConfig, no change. Look into this later…

SP2016_Admin_DB_Compatible

Yup, needs upgrade.

SharePoint_AdminContent_9d149a75-48fd-4d01-b14e-78fe5414b515
Microsoft.SharePoint.Administration.SPContentDatabase
5
Needs Upgrade

//////////////////////////////////////////////////////////////////////////////////

Role conversation, back to the initial install, choose wisely.

Central Admin > System Settings > Servers (Section) > Convert Server Role in this Farm

SP2016_Server_Role_Convert

/////////////////////////////////////////////////////////////////////////////////

They added port specification and SSL to outgoing SMTP

SP2016_SMTP

/////////////////////////////////////////////////////////////////////////////////

Servers in compliance. Whew!

SP2016_Compliance

/////////////////////////////////////////////////////////////////////////////////

No default content sources.

SP2016_Search_Sources

/////////////////////////////////////////////////////////////////////////////////

I am not seeing any major changes in the UI. I have more investigation to do on the backend services which will likely be a separate post.