Working with igloo, variables, and coding

 I've been asked to setup an email form to tie into Igloo, and for the most part setting up Igloo for a SAML connection was pretty easy, (I'll do a post on that later) but for this email form setup getting some of the variables out of igloo was more tricky; especially since I am not to familiar with the platform, or how it works.  I hope this post will help other coders who need to do work on an igloo system without having to get the developer account or just found it as frustrating as I did trying to break the system down.  I haven't come across a good document for how to do these particular kind of things on Igloo's site but you do have to be approved by igloo to access customer care and the developer section of the site.  In my option they don't have a good web only quick start guide.  So I hope this will help some users of the platform.  If you don't have a igloo login, the only thing accessible is the guides-ebooks page on their website.

https://www.igloosoftware.com/resources/guides-ebooks/

So you have to have an account (probably with admin access) to get more info and access to the igloo support forums.  When your logged in you will see something like this menu.

If you go to the Igloo support link, you will get to see the following resources.

Developer KB

https://customercare.igloosoftware.com/support/developers/kb

Community Forum

https://customercare.igloosoftware.com/support/developers/community

API Reference

https://customercare.igloosoftware.com/support/developers/api_reference

For working just with a webform and trying to get some info from the user to me wasn't very intuitive and working with the platform wasn't intuitive but it is workable once you know how things are done.  Now a requirement for this form is that I can't use an iframe, and needs to be native to igloo.  So in this case the email form was setup as a start it was setting up an email form, where it sends data to a helpdesk system but I don't want the user to have to type in their email again because they are logged into the intranet and I should be able to get this information.

So after doing a lot of googling I came across an obscure reference on the community forum.  https://customercare.igloosoftware.com/community/developer_questions/is_there_a_quick_way_to_get_the_current_user

So not being familiar with igloo I looked at the comments, and seen the question about referencing the object (since I wasn't using the API) I thought it was referenced though the WYSIWYG editor like some other CMS/LMS systems.  I was wrong.

So I tried using {Igloo.currentUser.id} in the HTML page where the form was, and that didn't work.  nothing was displayed and I couldn't get/find any kind of documentation for what I was looking for except from this reference.  I gathered that I had to probably use javascript to access it; however the way igloo is setup you have to really plan how you want to work with.  After viewing source and finding this snipe of code.

 I figured that I have to be able to access this the same way I just have to figure out how to use javascript to access the info.  I found it is best to work in two tabs when doing this in Igloo.  One to have the HTML editor open, the other to have the javascript editor open.

HTML Editor

Javascript Editor

  So I did a test with document.write in the javascript editor in igloo. which broke the page I was working on but I did see the variable get written to the screen!  Yay!?

document.write(Igloo.currentUser.id);

So after setting up some HTML elements I came up with this.

document.getElementById('name').setAttribute('value',Igloo.currentUser.name);

document.getElementById('userid').setAttribute('value',Igloo.currentUser.namespace);

//Display just the first name. (does a split based on the space in the name)

const title=Igloo.currentUser.name;

const firstName=title.split(' ')[0];

document.getElementById('staffName').innerHTML = firstName;

This javascript allows me to get the email because the email has the same convention as the namespace, I can put a note with the user's name with instructions or a note for the email form when they land on the page.

So in short, for any web dev's who are just throwing something together quickly, here are the igloo JavaScript variables for getting some user info.

Igloo.currentUser.name

Igloo.currentUser.namespace

Igloo.currentUser.href

Igloo.currentUser.id

Igloo.currentUser.hasphoto

Igloo.currentUser.memberkey

Setting up your own VIOP System

 A while ago I had setup a voip system using Ring Central.  Now the cost of having a service like Ring Central, isn't outrageous but it isn't inexpensive either.  I also know a few people who were wanting a "LAN" line for their kids, and shaw and Telus are charging between $20 - $40 per month for a basic phone depending on what services you are subscribed to which is outrageous.  

SHAW Phone Cost

Telus Phone Costs

So I started to do some reading about opensource pbx systems, and really liked freepbx, and am currently playing with it in a VM in my Lab.  With all phones going network based with either a cellular base or an office voip phone, you don't have "lan lines" in that sense anymore.  I had the good fortune of getting a hold of a Cisco SPA504G on the facebook marketplace for $20, and they range from $20USD to $150 on ebay.  You will also need a POE injector which can run from $15 - $100 depending on what you want to buy.  I got the TP-Link 150S which worked well for this.

I intend to finish my work with freepbx, but I needed to get something up and running pretty quick and was told that in canada, VOIPMS would be a good provider to use for a cloud based PBX.  It has a great wiki for configuring devices.

To get the phone up and going you have first signup for a VOIPMS Account, and get it verified.  Once that is done to get things going right away you will want to "add funds" from the Finances tab and pick a DID number (phone number).  The minimum is $15USD purchase.

As you can see from the screen shot above, you can setup a number of settings, such as voicemail, caller id, hold music, etc.  This was a little tricky to setup, it is much simpler to use ring central for setting it up but it wasn't to bad setting up the calling features I wanted on the phone and on the VOIP.MS account.

Configuring settings on VOIP.MS also requires making changes on the VOIP phone your using, so in my case Cisco SPA504G.

So first thing is first you must setup and verify your VOIP.MS Account.

VOIP.MS has a number of tutorials which are accessible on their youtube channel; I like being difficult and read though the wiki but did get to where I needed to go.

The first thing I would recommend setting up is the cloud then configure the phone and adjust on either as you see fit.  So if you go to DID Numbers -> Manage DID, you will get options for configuring your number, such as selecting the Server for your cloud host.  I selected Vancouver because it is the closest one to Edmonton.

One thing you will want to change is the default ring time which I believe was 60 seconds, I set mine to 30, and you will want to associate the voicemail to the DID once you have voicemail setup.

To setup voicemail, you tie it to a DID, the wiki was an excellent resource for the setup, once I setup the voicemail number (it can be anything up to 10 digits) a password and you can setup if you want to skip it because I am setting this up as a home phone I did choose to skip it.

Now that your voicemail is configured you can go and associate the voicemail with the DID (DID Numbers -> Manage DID).  Save your settings.  Once configured, you go to your voip device for PBX server and configure the settings you want to use.  On the Cisco SPA504G it is accessed by the WebUI.

To make the changes you want to make to the phone you will want to click on the Admin Login 

 

The Admin login give you many more settings that you don't get in user mode.  We will be editing the Phone, and Ext 1-4.  In Phone we want to put *97 in the voice mail number which will take us directly to our voicemail box we configured with our voicemail box we made for our DID.  I also changed the short name for line key 1 to the phone number I am using with VOIP.MS

Then in Ext 1 I put the proxy url I want to use provided by voip.ms DID Numbers -> Manage DID (in my case vancouver2.voip.ms) and put the SIP number in the user id and your VOIP.MS Password in the password field.

Since I only have one line on my VOIP.MS account, I disabled lines 2 - 4 but that is up to you if that is something you want to do.  The end result is your voicemail button going to your voicemail without requiring a password, displaying your number. Which makes the phone easy to use for everyone.

Windows 7, Intel Software RAID, Boot BCD Error

 I had setup a computer about 10 years ago for a medical research study.  It was done for a specific piece of software.  It was setup with a NVidia 660, i5 2500, 12GB of RAM and 2 x 1TB Drives in a software RAID 1.  I've had to go in twice before, once to replace a failed drive, and to reset the administrator password.  This time I got a call because the system would not boot.  The issue was described to me that when the computer tried to boot into windows it blue screened and immediately reboot.  I made an onsite visit to inspect the system and did see the issue.  So I started the investigation by looking at the BIOS, sata settings and discovered it had been set to AHCI.

Once I changed the SATA mode back to RAID, the system still refused to boot, Windows recommended booting off the install disk and running a repair.  So I booted into the disk and ran the startup repair.  

As shown above we see the boot dvd sees the Windows disk, and detected an issue with the BCD file, but when you go to run the repair after a few minutes the recovery system says it failed to repair the BCD file.

Even after running a disk and file system check; the issue remained and the system was still unbootable.  What I eventually did was break the software raid; after doing that, and leaving one disk offline, the system booted.  After the system booted, I shut the system down and reconnected the mirror drive.  The system continued to boot properly and started to rebuild the software raid.

Meraki MX64 Review

 

I have had the good fortune in being able to have a look at the Meraki MX64 router/security appliance from Cisco.  Since I use PFSense I was interested in see what this locked down proprietary appliance was all about.  At my work we are using Meraki Switches and have been very happy with them, they are easy to setup, configure, manage, and the web based management system gives you a wonderful single pane of glass to view everything.  I was interested in seeing if the router was as easy to setup and manage.

Like all Cisco Meraki products, you add the device by going to the Network-Wide menu and go add device as shown below.

Then press the claim button on the right most side of the screen across from the search box.

You will get a popup asking for the serial number of the device or the order number(s).

Then put in the serial number, if you don't have the order or email you can find the serial number located at the bottom of the device

After that you will need to add the license for the device which would come from your provider.  If you don't have a license you only have 14 days in which you will be able to use the device before getting a license.

Select "add another license"

Input the license provided by your provider.  Select the operation License more devices (as we are adding the router to our meraki cloud)

Once that is done you will have a few side bar menu called Security & SD-WAN if you didn't have a meraki router before.

After getting the device registered, it took a while for the dashboard to recognize it but to be fair I have it going to the internet though my PFSense firewall, it did eventually make a connection.  One thing I will note is it did come with a network preconfigured in the device probably supplied to our vendor when they sent it over at our request.  For example it would have came on a non configured vlan 192.168.0.1/24 setup with DHCP which I would already have on my meraki network.

After getting the device connected, The network setup is located under the Addressing & VLANs menu

By default the device comes in routed mode and single lan setting.

Configuring the MX64 for use with VLANS is pretty easy, change the lan setting to VLANs then add the VLASs using the "Add VLAN" button.  It is easy and very straight forward.  I have left the deployment settings the same but I changed the Single Lan Setting to VLAN and setup the following.

1. Setup VLAN 1 with a subnet of 192.168.0.0/24 - MX IP 192.168.0.1 (DHCP Served By Meraki MX)
2. Setup VLAN 2 with a subnet of 192.168.10.0/24 - MX IP 192.168.0.10 (No DHCP)
3. Setup VLAN 3 with a subnet of 172.32.0.0/24 - MX IP 172.32.0.4 (No DHCP)

I then setup the ports

- WAN port goes to my LAB network 192.168.182.0/24 the MX has an ip of 192.168.182.50

- Lan 3 I have going to my laptop with 2 VLANs attached.  Lan 2 is setup as the NATIVE VLAN which has no DHCP Server 

When I plugged my laptop into port 3 which as a native vlan of VLAN2 which has no DHCP server on that network I got a 169 address.  When I changed my VLAN on my laptop to access VLAN 1; the output of ipconfig from my laptop where DHCP is being server by meraki mx I got the following:

PS C:\Users\Trevor Tye> ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Lenovo-P52s

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter vEthernet (Default Switch):

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . :(Preferred)

   IPv4 Address. . . . . . . . . . . : (Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.240.0

   Default Gateway . . . . . . . . . :

   DHCPv6 IAID . . . . . . . . . . . : 1006638429

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-4D-16-AA-48-2A-E3-1A-77-16

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                       fec0:0:0:ffff::2%1

                                       fec0:0:0:ffff::3%1

   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter vEthernet (Internal Network):

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : (Preferred)

   Autoconfiguration IPv4 Address. . : 169.254.38.103(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.0.0

   Default Gateway . . . . . . . . . :

   DHCPv6 IAID . . . . . . . . . . . :

   DHCPv6 Client DUID. . . . . . . . :

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                       fec0:0:0:ffff::2%1

                                       fec0:0:0:ffff::3%1

   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter vEthernet (External Switch):

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : (Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.20(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : July 7, 2021 1:24:49 PM

   Lease Expires . . . . . . . . . . : July 8, 2021 10:42:26 AM

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . :

   DHCPv6 Client DUID. . . . . . . . :

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : optionkey.ca

   Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8265

   Physical Address. . . . . . . . . : 18-1D-EA-2F-AE-59

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #5

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 4:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #6

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : TAP-Windows Adapter V9

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)

   Physical Address. . . . . . . . . :

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

PS C:\Users\Trevor Tye>

In my lab network I have a subnet of 192.168.1.0/24 on the static route I setup a route to go to 192.168.1.0 from 192.168.10.1.  For clarification my laptop is plugged into Port 3 on the switch which has a a native vlan of VLAN2 which has no DHCP services.  Below is the appliance status menu showing the connected ports.

I had set the virtual switch on my laptop to VLAN1, demonstrating that VLANs work because VLAN 1 is being served DHCP by Meraki MX.  The Static route I setup seems to be working as the ping test below shows pinging both the gateway and my workstation on the 192.168.1.0/24 network from 192.168.0.20

PS C:\Users\Trevor Tye> ping 192.168.1.1

Pinging 192.168.1.1 with 32 bytes of data:

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.1:

    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

Control-C

PS C:\Users\Trevor Tye> ping 192.168.1.250

Pinging 192.168.1.250 with 32 bytes of data:

Reply from 192.168.1.250: bytes=32 time<1ms TTL=64

Reply from 192.168.1.250: bytes=32 time<1ms TTL=64

Reply from 192.168.1.250: bytes=32 time<1ms TTL=64

Reply from 192.168.1.250: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.250:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

The DHCP tab is nice as it shows the amount of IP's used and the uplink tab also gives some "nice to know information".

There are a lot of features I would like to play with but it looks like I would need multiple mx appliances, such as setting up the firewall rules, and VPN, it looks like it would be easy to do and setup.

Firewall:

VPN (Site 2 Site)

VPN Client

The Meraki MX comes with the typical router features such as URL allow/deny listing, content filtering, traffic shaping (with some nice defaults), but also has some nice integrations having quick access the the WiFi Splash page, VPN, threat detection (and Cisco Umbrella or use to be known as OpenDNS) and intrusion detection.  In my opinion this would be great to have if your a smaller business or franchise with lots of locations, a service management company, or an organization you are looking to reduce the load of your IT staff and/or your staff are not technically inclined and/or have a limited experience with routing, setting up VPN servers or are very familiar with firewalls with different VPNs.  In my lab this was very easy to setup, and get working, I find there is more power with PFSense, and this would be fantastic solution if your going all in.  That is the thing though you have to go all in on Meraki.  Depending on your budget, and what your organization is wanting to do it can be quite the asset.