Saturday, February 17, 2024

Hyper-V Cluster Node Keeps Randomly Going Down

Over the last few weeks I had an issue with a Hyper-V Cluster node randomly going down causing issues with my Hyper-V cluster.

Looking at the event logs it looks like it is an issue with the network driver.  It was giving a number of errors including mac address duplication and non-operational status in the logs as shown below.






A few different things were done to try resolve the issue, such as a driver re-install, driver update, and a SFC scan.  However the problem persisted for a randomly continuing over a day or two coming on and offline normally for a few hours then dropping and reconnecting.  What I had to do to resolve the issue was in the cluster manager put the node offline then uninstall the network driver; do an offline disk check then reinstall the network driver.  Once that was done and the cluster node came back up and has been stable ever since.



Thursday, February 15, 2024

How to setup a Rustdesk server

To see a video of the Rustdesk installation visit https://www.youtube.com/watch?v=t7UobpjDsRY and if you like the content please like and subscribe.



What is rustdesk? Rustdesk is an open source remote access and remote control computer software, allowing maintenance of computers and other devices.  For years I have used the free version of teamviewer to help family/friends with various computer issues but in the last few years teamviewer has cut the number of sessions you can have along with how long you can have those sessions for.  I have used the enterprise version of teamviwer and it is full of great features which I would say if you can afford to get teamviewer you should it will make your life a lot easier.  If you can't than rustdesk is a really good alternative.

For a while I was using the free server provided by rustdesk but a few events reciently like a host suspension and a major ddos attack against their server have encouraged me to spin up my own rust desk server.

I have done this a few times now; and there are things in the server setup process where if you deal with them before hand it will make your setup go really well and quite quickly.  So the when deploying a rustdesk server this is how I now do the setup and deployment.

Questions that must be answered!

  1. Where is the server going to live, what is the IP address and what is the server's name?

    This seems self-explanatory but is really important; especially if you don't want to be messing with host files and other things in Linux.  Decide where the machine will live on what network and what the name will be.

    So for example, the machine is going to live on a SMB network where the ip address is 192.168.2.0/24, with a reserved IP of 192.168.2.137 and a name of rustdesk.smb.ca (smb is the company's registered domain)

  2. What is the hypervisor?

    For this setup I will be using Microsoft Hyper-V as our hypervisor platform of choice.

  3. VM OS?

    For this setup I will be using Ubuntu Server 22.04 LTS

Steps for installation.

First setup your VM and set the network adapter to a static address.


Get the static address and assign that to your router.  If you are wanting to give it a reserved address then go ahead and do the install but be sure to setup the DNS to what you want it to be; as it is difficult to change it later.



Once done start the install of the system.  For the install you will want to do a minimum system install and you will want to also allow for ssh access along with the install of the live patch system and powershell


Be sure to make the server name what you want it to be on your network.  It is difficult to change the name after the fact.


Once installed run your updates and I like to install the linux firewall ufw and vim.

Now we can setup the server and install rustdesk.  There is a good guide on https://github.com/techahold/rustdeskinstall  which is more/less the guide we are going to use to install the server.

Steps:

  1. Configure the firewall

    ufw allow proto tcp from YOURIP to any port 22
    ufw allow 21115:21119/tcp
    ufw allow 8000/tcp
    ufw allow 21116/udp
    sudo ufw enable

  2. download and run wget https://raw.githubusercontent.com/dinger1986/rustdeskinstall/master/install.sh
    chmod +x install.sh
    ./install.sh

    You will want to setup the server with DNS for the first option and also include the http server for the second option when you run though the installer.  For the DNS you should keep with the fomat "Servername.domain" so if my machine is called rustdesk it will be rustdesk.domain

    ****IMPORTANT****

    The installer will give you a summary which will include your login for the webserver and the public key for the rustdesk client so users can connect to your rustdesk server.  Be sure to either write down this important information or take a screenshot.

  3. After the install has finished you should reboot the vm and run the update script for rust desk
After the reboot the site should be accessible on your lan via DNS and/or IP at port 8000 so if my DNS was setup as rustdesk.smb.ca; the webhost will be access at http://192.168.2.137:8000 or http://rustdesk.domain:8000



Now update your firewall to allow access to the rustdesk ports and so you can use your rustdesk from anywhere on the internet.

I have a WAN rule with the following (the rustdesk is an ip alias)


and I have a floating rule with the same information


Now we can add our server settings to the rustdesk client.


To do that you need to open rustdesk go to -> Setting -> Network and unlock the settings if required.


After you input your server settings if everything has been setup properly your rust desk will show as ready


Now you will only be able to connect to other users who are connected to another server or the public one provided by rustdesk; you will not be able to assist them.



References:

https://rustdesk.com/docs/en/self-host/rustdesk-server-oss/install/#set-up-your-own-server-instance-manually

https://rustdesk.com/docs/en/self-host/

https://github.com/rustdesk/rustdesk-server-demo

https://github.com/rustdesk/rustdesk-server

https://www.reddit.com/r/rustdesk/comments/17yevvf/rustdesk_self_hosted_setup_guide/

https://rustdesk.com/docs/en/dev/build/web/

https://github.com/techahold/rustdeskinstall



Friday, January 12, 2024

Setting up and Customizing a Windows 11 Start Menu without Microsoft Intune

This post will give you everything you need to customize the windows 11 start menu.  Now typically this is done with intune and Microsoft decided to significantly change the way it handles the start menu and changed it from using an xml file to using a JSON file which is to be used with intune.  Now if you don't use intune; you have a problem.  However this post will go though the options and making a start menu for your Windows 11 clients.  A plus for this is that you don't have to make changes or worry about how it will affect your windows 10 clients.

If your looking at wanting to make a custom Windows 10 start menu you can find that info here https://optionkey.blogspot.com/2018/02/upgrading-active-directory-for-windows.html

In Windows 11 to change to position of the start menu you can do with with a registry entry.

Add a registry Entry called "TaskbarAl" the key goes here 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Value name = "TaskbarAl" the l is a L

It is a DWORD 32bit setting, where 0 is aligned to the left and 1 is centered.





Now for customizing the start menu you setup it up like you would for Windows 10.  Customize it up as a single user then run the powershell command.  Now this has been designed to work specifically with intune and making it work without intune takes some work but here is how you do it.

Export-StartLayout -Path "C:\Layouts\Win11Layout.JSON"

 The result is the following JSON:

{"pinnedList":[{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Google Chrome.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Edge.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Firefox.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Horizon 7.5.6.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Adobe Acrobat.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Word.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Excel.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\PowerPoint.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Publisher.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\OneNote 2016.lnk"},{"packagedAppId":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"},{"desktopAppLink":"%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\File Explorer.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\VLC media player.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\paint.net.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Notepad++.lnk"}]}

Open windows explorer and paste the following URL in the explorer

%LocalAppdata%\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState

It will take you to a folder and copy the start2.bin to a location where you can apply it with your ad controller; I put it in the NETLOGON folder on my AD Controller, if you need it to be local put it in a folder that is local.



Now we are going to have AD add a registry entry on our clients and there are two of them, we are going to add them to the User Configuration section of group policy.


The first one we are going to make is called "ConfigureStartPins_ProviderSet"


HKEY_LOCALMACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Start

It is a DWORD 32 bit value and the value should be set to 1.

Now we need to make a new Registry entry called "ConfigureStartPins"

Here is where we will be adding the JSON we got from the start menu.


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Start

In the value data we paste the JSON we exported out earlier.

{"pinnedList":[{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Google Chrome.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Edge.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Firefox.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Horizon 7.5.6.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Adobe Acrobat.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Word.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Excel.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\PowerPoint.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Publisher.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\OneNote 2016.lnk"},{"packagedAppId":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"},{"desktopAppLink":"%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\File Explorer.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\VLC media player.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\paint.net.lnk"},{"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Notepad++.lnk"}]}

Next we need to make a file to copy the start2.bat to the user profile when you login; I called the file startmenu.cmd and I am running it from the same location from the start2.bat which is in the NETLOGON folder, and we are going to put in the following code which we will run at logon.

copy "\\$DOMAIN\netlogon\start2.bin" "%LocalAppdata%\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState" /Y

This will replace the default start2.bat file with the configured one.

In group policy I am putting the following in the Scripts section of User Configuration


\\$domain\SysVol\$domain\folder\startmenu.cmd

Now on login your windows 11 clients will have a custom start menu.
References:

Sunday, January 07, 2024

TrueNAS Server Setup

I setup a new TrueNAS system to work with my lab server for storage.  The system is running on an older platform an Intel Haswell 1150.  The system has 32 GB of ram and as you can see below the system only has 6 sata ports.  I put in a Matrox 10Gig card for connecting my server 2022 system to the iscsi target so that left me with one PCI Express port to add a raid card or a card for additional sata ports. 



Now I am a big VANTEC fan, I have purchased a lot of enclosures and adapters from them over my IT career and they have worked really well and I came across this nice little card.

https://www.vantecusa.com/products_detail.php?p_id=286  it was at my local computer retailer memory express https://www.memoryexpress.com/Products/MX00120961 where it is retailing for $59.99.




This card requires at least a Gen3 4x PCI-E port, I know my board supported Gen3 PCI-E so I thought I would give it a try.

Initially I had issues getting TrueNAS to boot with the system encountering re-scan errors when trying to initialize the card.

(noperiph:ahcich3:0:-1:ffffffff): rescan already queued

After some troubleshooting; I determined that it had to do with the system cold booting because after a couple of reboots the system would boot and recognized all the drives.  I also noted that the card did not initialize until just before they system was about to boot.  The system registered all my drives, I have 3 SSD drives on the motherboard SATA ports and the rest of my 3+ TB drives running off the card.

So for the disk setup I have a 120GB SSD boot drive, 40Gig SSD Z-Log Drive, and 120GB SSD Cache Drive.  The rest of the drives are NAS drives mostly WD REDS and two 3TB seagate iron wolfs.  


I setup a SMB share to test how the system might perform


Though a 1Gig network the samba share registered the following through put


When I setup the iSCSI target on my lab server I will update this but for now I am pretty happy about this and anyone looking for an inexpensive controller for TrueNAS, I would  defiantly recommend this controller if your on a budget.  The throughput on the NAS is pretty much max out on my 1Gig network, and the NAS did not sweat a bit!











Hyper-V Cluster Node Keeps Randomly Going Down

Over the last few weeks I had an issue with a Hyper-V Cluster node randomly going down causing issues with my Hyper-V cluster. Looking at th...