Creating a File Share with PowerShell and Windows Server Core

Sometimes you just need to create a file share.

With Windows Server Core, you don’t have all the old GUI tools that we’re all used to. So you have to make do with PowerShell and the old fake DOS prompt. Fortunately, with a little help, it’s pretty easy.

First, create the folder you want to share. In this case, c:\share

Next, modify the ACL to grant the DOMAIN\File Server Admins group full control

$sharepath = "c:\share"
$Acl = Get-ACL $SharePath
$AccessRule= New-Object System.Security.AccessControl.FileSystemAccessRule("DOMAIN\File Server Admins","full","ContainerInherit,Objectinherit","none","Allow")
$Acl.AddAccessRule($AccessRule)
Set-Acl $SharePath $Acl

Finally, create the share and grant everyone full access.
NET SHARE sharename=c:\share  "/GRANT:Everyone,FULL"

Done.

5 Reasons to Consider Leaving Apple

Remember when everyone had to have an Apple product — an iPhone, Macbook, or iPad? Look at how fast things changed. Android has been leading the tablet and smartphone market and crushing Apple for years now. So what does this mean for Apple?

#1 – Apple is now Apple, circa 1997.

Apple is trying to “me-too” its way back to success with its Apple Watch. We already have fitness bands that tell time. Apple’s desperate desire to “innovate” has ironically had the opposite effect — they’re just copying the success of others. It’s the same mistake they made in the late 1990’s after firing Steve Jobs. They copied IBM and almost went bankrupt. When Steve Jobs returned, Apple made a comeback.
But Steve Jobs is dead. This sounds harsh, but the fact is that Apple never did well without him. I remember owning Apple stock when it was $6 a share. That’s six dollars. With Jobs gone, it’s back to the 1990’s in terms of leadership.

#2 – Apple is falling behind.

Their initial success with the iPhone was because they got it to market faster than Google got Android out. Android predates the iPhone, but most people don’t know that and frankly don’t care. The iPhone got there first so Apple won.
Fast-forward several years. Samsung released an Android version of the Apple Watch before Apple did. They copied Apple before Apple could even get their own product out the door! Bottom line: Apple has lost its competitive edge.

#3 – Apple picks fights it can’t win.

Apple has notoriously sued other companies for various things. Now everyone else is suing apple for patent infringement and a slew of other offenses, and some of them have pretty strong cases. Their fat bank account makes it a prime target for litigation, which only detracts from its ability to provide valuable products and services.

#4 – Their products spy on you.

This isn’t news, and Apple certainly isn’t the only company with espionage built-in. But they really don’t like the idea of “hackers” poking around iOS. With Android and, to a lesser extent, Microsoft products it’s trivial for an experienced security professional to figure out what information is being collected. iOS can be jailbroken and analyzed just as well, but woe unto those who receive an update and have their iPhone bricked because they dared to jailbreak.

#5 – Apple’s leadership is alienating its customers.

In 2014 CEO Tim Cook famously said that those who aren’t of a particular political persuasion should sell Apple stock. He also said that he doesn’t always consider return-on-investment (ROI) when making business decisions. Perhaps people have different reasons for owning stock, but the most common is to get a return-on-investment. But it’s also more than that. People also buy Apple products to get a return-on-investment, whether its financial, emotional, or something else. Tim Cook’s comments indicate that he isn’t interested in serving customers in this way.

Is it too late for Apple?

Flexibility is a vital aspect of any technology. If it isn’t flexible, it can’t change rapidly to meet business or personal goals. Apple just might be turning back into the rigid, sluggish, and expensive relic it was in the late 1990’s. Just think of how AT&T is today. That could change, of course, but their ecosystem is set up in such a way that the longer you’re invested in their products, the harder it is to leave. Maybe we should take Tim Cook’s advice until Apple can get its act together.

Building Windows Server with Puppet and Chocolatey

Forget using scripts and group policies to configure a new Windows Server machine. Using Chocolatey and Puppet, you can do it faster & easier than ever (and it’s more fun too). This is especially true if you’re using a Server Core installation and don’t have a GUI to help you along. Oh, and if you don’t know Puppet, you really should watch my course Puppet Fundamentals for System Administrators on Pluralsight 🙂

Assign IP address using PowerShell:

$ New-NetIPAddress –InterfaceAlias "Ethernet" –IPAddress "192.168.51.29" –PrefixLength 24 -DefaultGateway 192.168.51.8

$ Set-DnsClientServerAddress -InterfaceAlias “Ethernet” -ServerAddresses 192.168.50.20, 192.168.50.21

Install Chocolatey:

$ set-executionpolicy unrestricted
$ iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))

Restart PowerShell

Install VMware tools

$ choco install vmware-tools

The server will automatically restart.

Rename server

$ rename-computer -newname newservername

Reboot

restart-computer

Join to domain
add-computer -domain benpiper.com

Reboot again
restart-computer

Install Puppet
choco install puppet

Configure Puppet
Configure c:\programdata\puppetlabs\puppet\etc\puppet.conf

Generate puppet certificate
puppet_interactive

Sign puppet certificate on puppet master
puppet cert sign newservername

Apply appropriate profiles to server. Remember to restart the Puppet master if you change your Hiera configuration.

Run Puppet agent
puppet_interactive

Verify
puppet resource dism
puppet resource package

My Twitter Philosophy

In recent months, especially since the launch of my Pluralsight courses, I’ve been more active on Twitter (By “active” I mean I log in once or twice a week). During this short period, I’ve made a few passing observations about this strange place called Twitter:

1. “A lot of people follow me for a few days then unfollow me if I don’t follow them back”

There are so many things wrong with this. Following someone just so they’ll follow you back is selfish. It’s pretty obvious these folks are just using others to increase their follower count. They follow 5,000 people and have 4,999 people following them. Yeah, not impressed. Seeing this doesn’t make me think that person is influential. It makes me think they’re obsessive. Continue reading

Citrix Web Interface 5.4: Error occurred while making the requested connection

I recently ran into a bizarre issue with users not being able to launch applications from a very old Citrix Presentation Server 4.0 farm when trying to launch from Citrix Web Interface 5.4. They were getting the eminently unhelpful, “An error occurred while making the requested connection.”

In the web interface application logs, I noticed this:

An error of type IMA with an error ID of 0x80000003 was reported from the Citrix XML Service at address (servername)

And this:

The farm MyFarm has been configured to use launch references, but a launch reference was not received from the Citrix XML Service. Check that the farm supports launch references or disable launch reference requests.

To resolve this, I modified C:\inetpub\wwwroot\Citrix\XenApp\conf\WebInterface.conf on the Web Interface servers and changed the RequireLaunchReference directive as follows:
RequireLaunchReference=Off
(It was set to On)

And it worked. Supposedly, that directive must be set to Off when using Web Interface 5.4 with PS 4.0. But, I’ve been running for years with it set to On and it worked fine until recently. Another Citrix mystery.

Want more Citrix tips and tricks? Watch my course Citrix NetScaler 10: Design and Deployment!

Net Neutrality is a Scam

One of the biggest scams of the Internet is in full swing right now. You may have heard of it. It’s called “net neutrality.”

Fundamentally, net neutrality is about preventing Internet service providers (ISPs) from throttling or blocking traffic or providing paid prioritization of certain content. In addition, specific rules proposed by the FCC Chairman Tom Wheeler would allow the FCC to arbitrate peering disputes between carriers. Traditionally, carriers have connected each other’s networks with each other for a nominal cost or none at all. The idea being that the mutual benefit of using each other’s network for transit is payment enough. The proposed FCC rules, however, will turn this once amicable transaction into a litigious battleground that could result in the destabilization of the Internet’s backbone.

I recall an article from a 1997 issue of Wired magazine which predicted the collapse of the Internet would be caused by increased growth without the infrastructure to support it. That never happened, in part due to technical innovation which kept up with growth, but also because ISPs and backbone carriers were able to throttle traffic during peak times to ensure everyone could have reasonably fast and reliable internet access.

Now, almost 20 years later, we’re looking at potential regulation that will micromanage how ISPs manage and build out their networks. As a network engineer, I understand the need to throttle or simply block certain types of traffic. But unfortunately, the technical facts have gotten lost amidst the raw politicization of the net neutrality debate. I recently saw a graphic put out by the pro-net neutrality group “Battle for the Net” that shows a picture of the United States Senate and a caption that asks, “Does your state have the Internet’s worst enemy?” It then proceeds to list all the Senators that are supposedly trying to “kill Net Neutrality.” And this is the problem with the net neutrality movement. It’s purely political and devoid of any thoughtful technical or practical discussion. Organizations like Battle for the Net don’t bother to make a case for net neutrality. They assume that it is an absolute good and that being for the Internet means being for net neutrality. The discussion has devolved from a debate into a marketing battle plagued by word games and politics. Net neutrality advocates have adopted the language that this is “a battle for the Internet” and an effort to “keep the internet open.” Apparently, by breaking decades of precedent and giving the FCC more power to control what Internet service providers do, the Internet will somehow become better. The narrative they put forth is that the big bad cable companies with their zillions of dollars are trying to make end users’ Internet experience slow and expensive, and are fighting valiant efforts to “keep the internet free” (Nevermind the fact that the cable companies gave us broadband Internet and brought us out of the dial-up era to begin with.) This David versus Goliath theme is great for stirring emotions, but it falls flat in the face of a little bit of scrutiny. Google, whose income is more than double that of Comcast, is strongly in favor of “net neutrality” regulations. So is Netflix. And Facebook. Regardless of where you stand on net neutrality, one thing is certain: this is not about big money corporations versus the gentle folks of the Internet. It is about giant corporations duking it out for power, control, and government favor. As usual, the politics of net neutrality has turned the debate into more of a sporting event where everyone roots for his own team no matter what. But it’s actually worse than that. If you’re against net neutrality, some will perceive you as being anti-Internet or against Internet freedom. I find this both amusing and disturbing. Amusing, because the notion that giving the FCC unprecedented regulatory power over the Internet will somehow increase freedom to be absurd. And disturbing, because so many have blindly taken sides on this debate without an understanding of its implications or what it’s even about.

One such implication is privacy. How will the FCC ensure that ISPs are complying with the new regulations and not throttling or blocking certain types of traffic? The only way to know is by looking at the traffic, which can only be done with detailed logs of what an ISP’s users are doing. This goes beyond what websites you visited or how many gigabytes you downloaded. This gets down to individual connections. What IP address and port did you connect to? What protocol were you using? Certainly, these things can be logged now, and in fact probably are. But the difference is that, as of now, the FCC has no authority to demand such logs. With net neutrality regulations in place, they will, and they will also have the power to exact fines if ISPs fail to retain logs for a certain period of time. So, you will be able to BitTorrent without restriction, but Uncle Sam is probably going to know about it. Of course, this is already happening with the NSA pretty much spying on everything. But again, the difference is that instead of spying secretly, the collection of your Internet activity will be open and shameless. That may not bother you. Honestly, it doesn’t really bother me. The point is that net neutrality regulations come with some pretty long and tangled strings attached. And it’s wise to unravel them and see where they lead before throwing in your support for the wolf in sheep’s clothing.

How Knowledge Can Kill IT’s Value

IT people often intentionally withhold knowledge from those outside of IT. There are different reasons for this — some good and some very bad.

One reason IT folks withhold knowledge is that they believe the best way to learn is to teach yourself. After all, that’s how many of them learned. Unlike many others in business, most IT folks didn’t attain their skills through traditional education. They were self-starters when it came to their own education and taught themselves much of what they know. Such an approach has served them well, so they believe it will serve others well also.

While well-intentioned, this attitude is detrimental in business. Companies don’t hire IT people to mentor others to be like themselves. Rather, companies hire IT people to leverage their knowledge, skills, and expertise to achieve business objectives.

Contrast IT with the Legal department in this regard. People in Legal don’t withhold knowledge when asked. They are quick to “give the answer” and engage in discussion not only about Legal matters, but how those matters relate to the rest of the business. They aren’t threatened by sharing what they learned from their years in law school and real-world experience. But IT people often are reluctant, even averse to such self-exposure.

The reasons behind this apprehension when it comes to sharing knowledge aren’t important. It’s not your job to untrain this bad habit. What’s important is that the people you hire don’t try to hoard the “keys to the kingdom.” When you are interviewing candidates, make sure you find out whether a potential employee is willing to share his or her knowledge and expertise with others openly and candidly. If he’s not, politely show him the door.

An IT organization is only as good as the sum of its parts. Folks who hold tightly onto their knowledge like Frodo holding onto the One Ring are dragging your IT organization down and inhibiting the value it can provide. Don’t let that happen. Expect and demand open dialogue, widespread sharing, and consideration of the needs and objectives of the business. If IT can’t do that, it might as well not even be a part of the business.

Creating a Linux LVM Logical Volume on an iSCSI SAN

Recently I had an Oracle database server used by some developers that was running out of space on its data volume mounted at /u02. The volume was a simple MBR volume (think fdisk), so it couldn’t be non-destructively extended without using a third-party utility like gparted. That would have been fine, but rather than leave the volume as MBR, I decided to create a new iSCSI SAN-backed Logical Volume Manager (LVM) volume, which can be extended and resized pretty easily.

In this post, I’ll show you how to create a logical volume stored on an iSCSI SAN. Even though I did this on Red Hat Enterprise Linux 6.5 (RHEL), these steps should work on any distribution of Linux. Continue reading