Loop detection – without STP

According to the documentation:

Loop protection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. When the switch sends out a loop protocol packet and then receives the same packet on a port that has a receiver-action of send-disable configured, it shuts down the port from which the packet was sent.

So it’s not doing anything fancy – just using its own protocol packet to detect loops back to the switch itself. Note this is different to Cisco’s loopback detection, which will detect a switchport looped back on itself – e.g. due to faulty wiring – but will not detect a cable run from one port to another on the same switch. Configuration is quick and easy, and it seems to work well. It should work well in any situation where you have edge ports that users might connect together, possibly via a ‘dumb’ switch that doesn’t forward STP BPDUs. These loop protection frames should be forwarded.

Let’s take a quick look at the configuration and operation on my lab switch, an HP 2910al-24G Procurve switch, running W.15.08.0012. The default configuration is for loop-protection to be disabled:

sw01pi# show loop-protect 

 Status and Counters - Loop Protection Information

 Transmit Interval (sec)     : 5           
 Port Disable Timer (sec)    : Disabled          
 Loop Detected Trap          : Disabled     


       Loop    Loop     Loop   Time Since  Rx           Port   
  Port Protect Detected Count  Last Loop   Action       Status  
  ---- ------- -------- ------ ----------- ------------ --------
sw01pi#

In my lab, I’ve run a cable between ports 21 and 22, so we can simulate a loop. Currently both ports are shut down. Spanning-tree is disabled on this switch, so if I enable those ports, we’ve got a loop, and things will get messy. Let’s configure loop protection, and then enable the ports:

sw01pi# conf t
sw01pi(config)# loop-protect 
 disable-timer         Specify the number of seconds to wait before re-enabling
                       a disabled port.The default is 0, which will prevent 
                       automatically re-enabling the port
 [ethernet] PORT-LIST  Specify the ports that are to be added to/removed from 
                       loop protection.
 transmit-interval     Set time between packet transmissions.
 trap                  Specify loop protection traps that are to be 
                       enabled/disabled.
sw01pi(config)# loop-protect 21-22
sw01pi(config)# loop-protect trap loop-detected 
sw01pi(config)# interface 21-22
sw01pi(eth-21-22)# enable

OK, let’s take a look at what’s happened with our ports:

     
sw01pi# show loop-protect 

 Status and Counters - Loop Protection Information

 Transmit Interval (sec)     : 5           
 Port Disable Timer (sec)    : Disabled    
 Loop Detected Trap          : Enabled     

       Loop    Loop     Loop   Time Since  Rx           Port   
  Port Protect Detected Count  Last Loop   Action       Status  
  ---- ------- -------- ------ ----------- ------------ --------
  21   Yes     No       0                  send-disable Down    
  22   Yes     Yes      1      2s          send-disable Down    
sw01pi#show log -r
---output truncated---
I 05/18/13 17:13:31 00077 ports: port 21 is now off-line
I 05/18/13 17:13:31 00077 ports: port 22 is now off-line
I 05/18/13 17:13:30 00898 ports: Loop Protect(62) has disabled port 22
I 05/18/13 17:13:30 00884 loop-protect: port 22 disabled - loop detected.
I 05/18/13 17:13:30 00076 ports: port 22 is now on-line
I 05/18/13 17:13:30 00076 ports: port 21 is now on-line

Pretty simple hey? One of the ports has been shut down, as expected. It has been logged, and an SNMP trap (OID: 1.3.6.1.4.1.11.2.14.11.5.1.12.1.5.6.1) has been generated. We’ve got the “Port Disable Timer” at the default of “Disabled” – this means that the port will stay shut down until we take manual action. We’d like it to re-enable after 10s, so we configure this:

sw01pi(config)# loop-protect disable-timer 10

Now if we keep an eye on the output of show loop-protect we can see the Loop Count incrementing, as the port gets re-enabled, detects a loop, and shuts down again:

sw01pi# show loop-protect 

 Status and Counters - Loop Protection Information

 Transmit Interval (sec)     : 5           
 Port Disable Timer (sec)    : 10          
 Loop Detected Trap          : Enabled     

       Loop    Loop     Loop   Time Since  Rx           Port   
  Port Protect Detected Count  Last Loop   Action       Status  
  ---- ------- -------- ------ ----------- ------------ --------
  21   Yes     Yes      0                  send-disable Down    
  22   Yes     No       5       6s         send-disable Down    
sw01pi#

So now you can set a disable timer, and once users remove the loop, their network ports will come back up, without needing any input from the local network admin. All up, this is an easy feature to configure, and should be used on all edge ports on Procurve switches.

The Problem: 

Disks become cluttered with legacy and temporary files which use up valuable disk space.

The Solution:

A Cleaning Script

Analysis:

If you want to analyze what is using up all your disk space,
you can use WinDirStat

Installing Ubiquiti UniFi Controller 5 on Raspberry Pi
UniFi

The next step is to install the UniFi Controller software.

Add the UniFi repository to the sources list, using the following commands:

echo 'deb http://www.ubnt.com/downloads/unifi/debian unifi5 ubiquiti' | sudo tee -a /etc/apt/sources.list.d/ubnt.list > /dev/null
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
sudo apt-get update

Install UniFi, using the following package install command:

sudo apt-get install unifi -y

*The installation takes a couple of minutes to complete, but is fully automated and includes all the prerequisite components such as MongoDB and OpenJDK Java 7.

Disable the default MongoDB database instance, using the following commands:

echo 'ENABLE_MONGODB=no' | sudo tee -a /etc/mongodb.conf > /dev/null

Without making this small configuration change, you will have two separate instances of MongoDB running; an unused default database instance, and the UniFi database instance. This is obviously not desirable on a device with limited resources, such as the Raspberry Pi.

Update to the latest release of the Snappy Java Library, using the following commands:

cd /usr/lib/unifi/lib
sudo rm snappy-java-1.0.5.jar
sudo wget http://central.maven.org/maven2/org/xerial/snappy/snappy-java/1.1.3-M1/snappy-java-1.1.3-M1.jar
sudo ln -s snappy-java-1.1.3-M1.jar snappy-java-1.0.5.jar

*This fixes a number of issues particularly with the older models of Raspberry Pi, but also brings the library well up-to-date as the version Ubiquiti includes with the UniFi package is from 2013.

Once completed, reboot your Raspberry Pi using the following command:
sudo reboot

When the reboot is complete, use a web browser to view HTTPS port 8443 on your Raspberry Pi:

https://(hostname.local/ip):8443

Updating

Before updating the UniFi Controller software, it is highly recommended that you first backup the controller configuration.

To update the UniFi Controller software to the latest version, simply use the standard Debian package update and upgrade commands:

sudo apt-get update && sudo apt-get upgrade -y

The UniFi Controller software will be updated along with all other packages installed on your Raspberry Pi.

Alternatively, if you just want to update the UniFi Controller software only, run the initial package installation command again:

sudo apt-get install unifi -y

How to Create a Master Installation Flash Drive with Multiple Versions of Windows

You’ve got your collection of Windows ISOs and maybe you’ve burned installation DVDs or flash drives for them. But why not make yourself a master installation drive that you can use to install any version of Windows?

Setting up a bootable USB Drive that includes multiple ISOs is actually pretty easy, We’re going to do it using a clever little free tool named WinSetupFromUSB, so go ahead and download the latest version of that. You can even include some non-windows ISOs on the disk, like Linux distributions and antivirus rescue disks. For a complete list of what you can include on your USB drive, check out their supported sources page. There is one important note from that page worth calling out. The tool works with single Windows ISOs from Microsoft. If you have a dual ISO that includes both the 32-bit and 64-bit versions of Windows, you won’t be able to use it. But you can always download single ISOs (one for 32-bit and one for 64-bit) and stick them both on the USB if you need to.

Next, make sure you have blank USB drive big enough to hold all the ISOs you want to install, along with a little extra space. A 16 GB drive should give you enough space for two or three versions of Windows. If you have a 32 GB drive, you should be able to fit all the versions of Windows you could want. If you want to include other ISOs as well, you might need a bigger drive.

WinSetupFromUSB is a portable tool, so there’s no installation. Once you have it downloaded, double-click the archive to extract the files a new folder. If you’re running a 64-bit version of Windows, run the executable with “x64” in the name. If you’re running a 32-bit version of Windows, run the file without the “x64” in the name.

If you already had your USB drive inserted when you launched the tool, it should be listed in the box at the top of the window. If you didn’t have it inserted already, go ahead and plug it in now and then click Refresh.

Next, click the “Advanced Options” check box.

Instead of working like a regular check box, clicking it opens an “Advanced Options” dialog box. In the Advanced Options dialog, select the “Custom menu names for Vista/7/8/10/Server Source” check box. This setting allows you to provide your own names for the folders in which the Windows ISOs are stored and the boot menu names you see when you start a computer using the USB drive. You can close the “Advanced options” dialog when you’re done.

Now comes the somewhat tricky part. You’ll be adding Windows versions one at a time. The first time you add something to the USB drive (and only the first time), you’ll want to make sure that the “Auto format it with FBinst” check box is selected. This lets WinSetupFromUSB format the drive appropriately for booting. If you know you’ll be booting a computer in UEFI mode (or if you’re unsure), then select the “FAT32” option. Otherwise, you can use the “NTFS” option.

Next, select your first Windows ISO. Select the check box next to the “Windows Vista / 7 / 8 / 10 /Server 2008/2012 based ISO” section and then click the browse button (“…”) to its right. Locate and open the ISO you want to add.

If it’s a large ISO and you’re using the FAT32 file system, you may get a notification that the file is too large and will be split in two. That’s fine, so go ahead and click OK.

Double-check that you have the correct USB drive selected at the top of the window and that the right ISO is shown in the box. Then, click “GO.”

If you’re using a large USB drive, you may get a warning asking if you’re sure that’s the drive you want to use. Go ahead and click “Yes.”

If the auto format option is enabled (and it should be for the first ISO you add to a disk), you’ll also get a warning letting you know that the drive will be formatted and anything on it will be erased. Click “Yes” to continue.

WinSetupFromUSB will now format the drive and then pop up a window where you can enter a custom folder name for the ISO that’s between 1 and 7 characters. If you don’t type anything for 30 seconds, the default will be used automatically.

A similar window will now open that lets you type a custom name that should appear in the boot menu. This time, the name can be between 5 and 35 characters, so you have a bit more room to be specific. And again, you have 30 seconds to type a new name before the default is used automatically.

At this point, WinSetupFromUSB will begin creating folders, adding the ISO to your USB drive, and adding the options to the boot menu. This can take several minutes and you can gauge the progress in the window’s status bar.

When WinSetupFromUSB is done, you’ll get a simple “Job done” confirmation window. Click “OK.”

WinSetupFromUSB now returns you to the main window. You can exit the program or you can continue adding additional ISOs to your boot disk. You’ll add additional ISOs using the same process, but there are a couple of things to keep in mind as you do it:

• When you add additional ISOs to an existing boot disk, make sure the “Auto format it with FBinst” check box is not selected. It won’t be by default when you return to the window (or when you start the program again), but it doesn’t hurt to make sure. You only want to format the disk with the very first ISO you add.
• You’ll need to click “Advanced Options” and enable the “Custom menu names for Vista/7/8/10/Server Source” check box each time you add a new ISO. Make sure you don’t forget this step before clicking Go or you won’t be able to add a custom name for the ISO to your menu.

But that’s it. Otherwise, just follow the same steps each time you want to add a new ISO to the boot disk. You don’t have to add them all in one session either. You can come back any time and add something new. When you’re done, you can boot up a computer using your USB drive (which you may be able to do even if your BIOS won’t let you) and be rewarded with a nice boot menu like this:

While it doesn’t sport the most intuitive interface, WinSetupFromUSB is lightweight and works well. And once you get the hang of adding ISOs to the package, it’s a breeze to set yourself up with a powerful boot disk that will let you install whatever version of Windows you want, as well as a number of other bootable tools.

This issue is caused by lack of not being DPI scaling aware of the Remote Desktop Client. If you open a Remote Desktop connection to a server or other computer the native resolution of the computer is used instead of the scaling to 1920×1080, so you’ll get very small icons etc.

1.

First tell Windows to look for a manifest file for an application by default. This can be done by setting a registry entry.

Open regedit and navigate to the registry key:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide
Right-click, select NEW -> DWORD (32 bit) Value
Type PreferExternalManifest and then press ENTER.
Right-click PreferExternalManifest, and then click Modify.
Enter Value Data 1 and select Decimal.
Click OK. Exit Registry Editor.

2.

Next step is to make a manifest file, , you can download it here.  Important is that you save the file in the same directory as the Remote Desktop Client executable (mstsc.exe).
“%SystemRoot%\System32\”

3.

Now try and connect with Remote Desktop again.

Drives.vbs

'Remove Drives

ON ERROR RESUME NEXT

DIM objNetwork,colDrives,i

SET objNetwork = CREATEOBJECT("Wscript.Network")

SET colDrives = objNetwork.EnumNetworkDrives

FOR i = 0 to colDrives.Count-1 Step 2
 ' Force Removal of network drive and remove from user profile 
 ' objNetwork.RemoveNetworkDrive strName, [bForce], [bUpdateProfile]
 objNetwork.RemoveNetworkDrive colDrives.Item(i),TRUE,TRUE
NEXT

'Connect Drives

On Error Resume Next

Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("Shell.Application")
brugernavn = objNetwork.UserName

' Attach Share
objNetwork.MapNetworkDrive "H:", "\\Server\Share", TRUE
objShell.NameSpace("H:").Self.Name = "Share"

' Attach User Share
objNetwork.MapNetworkDrive "U:", "\\Server\UserShare\" & brugernavn, TRUE
objShell.NameSpace("U:").Self.Name = brugernavn & "´s dokumenter"

Printers.vbs

Set objNetwork = CreateObject("WScript.Network")

on error resume next

objNetwork.AddWindowsPrinterConnection "\\Server\Printer1"
objNetwork.AddWindowsPrinterConnection "\\Server\Printer2"

objNetwork.RemovePrinterConnection "\\Server\Printer3"


objNetwork.SetDefaultPrinter "\\Server\Printer1"

FontInstall.vbs

Const FONTS = &H14&

Set objShell = CreateObject("Shell.Application")
Set objFolder = objShell.Namespace(FONTS)
objFolder.CopyHere "\\Server\Share\Fonts\HelveticaNeueLTStd-Cn.otf"

Robocopy Script 

@ECHO OFF
SETLOCAL

SET _source=\\Server1\Share1
SET _dest=D:\Shares\Share2

SET _what=/ZB /E
:: /COPYALL :: COPY ALL file info
:: /ZB :: Use restartable mode; if access denied use Backup mode
:: /SEC :: copy files with SECurity
:: /E :: Copy Subfolders, including Empty Subfolders.
:: /PURGE :: Delete dest files/folders that no longer exist in source.
:: /MIR :: MIRror a directory tree - equivalent to /PURGE plus all subfolders (/E)

SET _options=/R:5 /W:5 /XO /TEE /ETA /NDL /NP 
/LOG:RoboCopyLog.txt
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /TEE :: Output to console window, as well as the log file
:: /NFL :: No file logging - don’t log file names
:: /NDL :: No dir logging - don’t log directory names

ROBOCOPY %_source% %_dest% %_what% %_options%

blat.exe -f Administrator@email.dk -to me@email.dk -server smtpserver.dk -subject "RoboCopy Sync" -body "Robocopy script has completed" -attach RoboCopyLog.txt

:: Remember to copy blat.exe to "%SystemDrive%\Windows\System32\"

:: You can also download RoboMirror

Problem
Seen in Outlook when connecting to a mailbox on an Exchange Server, its caused by using a self signed certificate OR a purchased certificate, where the internal and external names are different.

Solution
1. On the Exchange Server > Start > All Programs > Microsoft Exchange Server {version} > Exchange Management Console.

Exchange 2016

Set-ClientAccessService -Identity <server> -AutoDiscoverServiceInternalUri https://mail.mydomain.com/autodiscover/autodiscover.xml

Set-OwaVirtualDirectory -Identity "<server>\OWA (Default Web Site)" -ExternalUrl https://mail.mydomain.com/owa -InternalUrl https://mail.mydomain.com/owa

Set-EcpVirtualDirectory -Identity "<server>\ECP (Default Web Site)" -ExternalUrl https://mail.mydomain.com/ecp -InternalUrl https://mail.mydomain.com/ecp

Set-WebServicesVirtualDirectory -Identity "<server>\EWS (Default Web Site)" -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx -InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx

Set-ActiveSyncVirtualDirectory -Identity "<server>\Microsoft-Server-ActiveSync (Default Web Site)" -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync -InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync

Set-OabVirtualDirectory -Identity "<server>\OAB (Default Web Site)" -ExternalUrl https://mail.mydomain.com/OAB -InternalUrl https://mail.mydomain.com/OAB

Set-MapiVirtualDirectory -Identity "<server>\mapi (Default Web Site)" -ExternalUrl https://mail.mydomain.com/mapi -InternalUrl https://mail.mydomain.com/mapi

Set-ClientAccessServer -Identity <server> –AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml

Set-OutlookAnywhere -Identity "<server>\RPC (Default Web Site)" -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM

Exchange 2010 and SBS 2011 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –InternalUrl https://mail.publicdomain.co.uk/EWS/Exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/OAB

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/Microsoft-Server-Activesync

Outlook Anywhere Note

If you intend to use Outlook Anywhere, you may also want to execute the following command. Particularly if you use SBS, which has a habit of setting remote.publicdomain.com as the default outside name.

Set-WebServicesVirtualDirectory –Identity ‘EXCHANGE-MAIL\EWS (Default Web Site)’ –ExternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Exchange 2007 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/oab

Set-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
For Small Business Server 2008
For SBS 2008 the commands are Different! (the following commands are for Exchange 2007 on SBS 2008 ONLY;

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/oab

et-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
Note: where EXCHANGE-MAIL is internal and mail.publicdomain.co.uk is external name

2. Then open the IIS Manager Expand Application Pools > MSExchangeAutodiscoverAppPool > Right Click > Recycle.

Note: You may have to enter the FQDN of the server rather than its Netbios name!!

After you make the additional space available in VMWare/Xen/Hyper-V, first reboot your Ubuntu server so it can see the new free space (commenter Michal, below, points out that you can avoid this restart by asking the kernel to rescan the disk with ‘echo 1 > /sys/class/block/sda/device/rescan’). Then we’ll run the GNU partition editor to examine our disk:

Outlook 2013 (PC) Manually Set up for Office 365

Follow these instructions to do so:

1. Go to Control Panel, and click Mail.
2. Click Show Profiles and then click Add.
3. Type in a friendly name for the profile, and click OK.
4. Click to select the Manual setup, and click Next.
5. Click Microsoft Exchange, and then click Next.
6. In the Server box, enter outlook.office365.com.
7. Make sure that the Use Cached Exchange Mode option is selected.
8. In the User Name box, type your name (Eg; ‘John Smith’) and then click More Settings.
9. Click the Security tab, make sure ‘Encryption’ box is unticked and choose Anonymous Authentication.
10. Click the Connection tab.
11. Make sure that the Connect to Microsoft Exchange using HTTP check box is selected, and then click Exchange Proxy Settings.
12. In the ‘Use this URL to connect to my proxy server for Exchange’ box, enter:outlook.office365.com
13. Make sure that the ‘Only connect to proxy servers that have this principal name in their certificate’ check box is selected, and enter: msstd:outlook.com
14. Click both ‘On fast networks, connect using HTTP first, then connect using TCP/IP check box, and ‘On slow networks, connect using HTTP first, then connect using TCP/IP’ check boxes.
15. Under Proxy authentication settings, click Basic Authentication.
16. Click OK twice.
17. Click Check Name. You will be prompted to login. Enter your VUW login ID followed by @staff.vuw.ac.nz (Eg; smithjo@staff.vuw.ac.nz). Tick the box for ‘Remember my credentials’ .
18. When the server name and the user name are displayed with an underline, click Next.
18. Click Finish.