Category Archives: General

General stuff, usually just stuff related to networking and admin.

How to block updates in Windows 10

Microsoft Windows 10 introduces seamless update installation – but what should you do if it’s installing an update or driver that keeps breaking your PC?

On the sly, Microsoft have announced a troubleshooter to block updates that might be giving you problems – yes, you heard me, a troubleshooter.

The article in question is titled: How to temporarily prevent a Windows or driver update from reinstalling in Windows 10 and is KB3073930.

Once there, scroll past the initial few paragraphs and click:

How to block updates in Windows 10

Download the linked file, run it, select Hide Updates then select the update that keeps breaking your machine to hide it until the next driver update that supersedes that is deployed. I personally was battling with an Atheros driver issue that has caused Blue Screen Of Death (BSOD) at every update/release on my trusty old Toshiba R850-169.

-Lewis

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 4

In the previous posts in this series we went through the process of creating a cross-premises Site-to-Site VPN with Azure by gathering some information about our local network, configuring the Azure Virtual Network and gateway and finally configuring VyOS so that the tunnel connected.

Now that the cross-premises tunnel is connected, in this post we’ll run through the process of creating a Virtual Machine in Azure which will reside in the Virtual Network we created in part 2. Before we start, our current network looks as follows (no VM in Azure).

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 4

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 3

In this, part 3 of the series, we’ll implement the configuration required for VyOS to enable it to become a VPN endpoint with which we can connect to our Azure Virtual Network Gateway to form our Site-to-Site VPN.

If you still haven’t, consider reading part 1 and part 2 of this series to provide the background of our modest network and how we configure Azure to create its side of the VPN cross-premises connection. As a reminder, our network configuration looks as follows (no tunnel and no Azure VM yet).

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 3

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 2

If you haven’t read part 1 of this series, please review that before proceeding here. In part 1, I describe the network that we are starting with (mine) and how it is configured to enable routing across a virtual software router called VyOS between a home lab (a Windows domain called transishun.local) hosted in VMware ESXi 5.5 and my main “everyone’s phones are on it” network – I’ll call this the DMZ from here on. I also mention that my primary “edge” router is an off-the-shelf type on which I have installed DD-WRT which adds capabilities that permits it to perform source NAT for more than just the primary network, thereby avoiding double-NAT (bleugh!). If that’s something you’re interested in doing for yourself, it’s educational and I’m always here to answer questions should you feel the need.

As a reminder, here’s the current network before we do anything in Azure.

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 2

Configuring Azure Site-to-Site Connectivity using VyOS behind a NAT – Part 1

Introduction

This series of posts will cover the process of creating a Site-to-Site VPN from your on-premises network infrastructure in to Azure IaaS services using VyOS, hosted in a virtual machine. Typically, this results in the “hybrid” model that Microsoft are keen for you to take advantage of when you’re investing in your infrastructure. If you’re asking yourself “Why would I do this?” The answer is: to permit your business to take advantage of the benefits offered by cloud IaaS services such as giving you the ability to spin up virtual machines (VMs) quickly and easily, without the normal associated costs (in terms of both financial and time) typically involved in procuring the hardware, configuring, installing, licencing and finally, commissioning it. In short, if you want to add infrastructure to your existing network and you need it quickly, the cloud is the way to go. Think of the benefits of deploying development environments which can be spun down at the end of the day – no more power, cooling etc. to pay for and better still, you haven’t forked out for new (or had to recycle old) kit.

Yes, yes, but why are you doing this?

As a Microsoft professional, it’s in my best interests to get up to speed on Azure quickly since that is where most Microsoft platforms will likely be deployed in the years ahead. The only way to generally do that is through Technet articles and doing it myself, however, having a home centric internet connection, I’m saddled with a single IP address and limited resources. Throwing money away on blocks of IP addresses, VPN devices etc. to get experience of hybrid cloud models in Azure isn’t something I’m keen on. I needed a way to learn about hybrid cloud from my own lab, so I set about finding out if it was possible and wanted to share my conclusions with you here…long story short, I got it working.

Microsoft have their own documentation on how to set this up but it’s a little vague when it comes to setting up the on-premises side of things and they clearly state that the VPN device cannot be behind a NAT. Well, they’re wrong, it can – it just depends how the network is configured. For this series of posts, the intention here is to create an end-to-end solution using VyOS, an open source router OS that runs very happily on vSphere (and probably Hyper-V) which will host the IPSec site-to-site VPN (it will connect to Azure). I’ve been using VyOS to route between my home lab (hosted on VMware ESXi 5.5) and my main (“everyone’s phones are on it” network) for nearly a year now and it has served this very basic purpose beautifully. I discovered that Vyatta Community Edition was to be discontinued when Vyatta was acquired by Broadcom but thankfully for all of us, someone had the foresight to fork Vyatta and create VyOS.

Continue reading Configuring Azure Site-to-Site Connectivity using VyOS behind a NAT – Part 1

Raspberry Pi MJPEG at ~30fps

I’ve been tackling the Pi Camera recently and looking for the best trade off of performance, quality, bandwidth, simplicity and fields of view.

During my travels I experimented with a large number of command line options, raspivid, raspistill and VLC. I was looking for the simplest way to get to what I wanted and finally settled on the following.

First, I quickly abandoned using raspistill and raspivid – frames per second weren’t up to it at anything like a resolution I was happy with.

The idea was to use the camera for two things. First, streaming video at 1080p, second, taking screenshots each minute. To achieve that I settled on the Video For Linux 2 module that I edited in to my boot sequence by adding the following to the /etc/modules file. This loads the module so I don’t have to do a modprobe.

Then you’ll want VLC which is readily available in a repo so just:

Once they’re installed, the following command line will give you 1080p MJPEG encoded video at ~30fps. The result of this is that the stream comes down at about 50Mbps so WiFi isn’t going to cut it.

Continue reading Raspberry Pi MJPEG at ~30fps

Editing SharePoint Online User Profiles with PowerShell

Borrowing heavily from these TechNet contributors, I cobbled the following PowerShell script to enable editing of User Profile properties in SharePoint Online. Don’t just run the script blindly, it updates the AboutMe property for anyone with an email address – you’ll need to adapt what properties you want to update of course and also, this script does not update MultiValue properties but it probably isn’t too much of a leap to get to that from this either.

 

Addendum: Getting started with Azure Active Directory Sync – UPN Suffix

Addendum: Getting started with Azure Active Directory Sync – UPN Suffix

In this post we’ll explore briefly using UPN (UserPrincipalName) suffix matching when configuring Azure Active Directory Sync Services. This particular configuration may seem like the silver bullet to getting our users synchronised in to the Azure AD correctly but it could also give you more problems if you don’t consider the rest of your infrastructure and how it may rely on that UPN suffix. I’d ask that you read this entry through before actually making any changes to your on-premises AD infrastructure.

Continue reading Addendum: Getting started with Azure Active Directory Sync – UPN Suffix