Tuesday, February 2, 2016

APC UPS without network card? No problem!

Long overdue project, but the "replace battery" alarm of my old acquired from computer surplus store UPS finally spurred me to action. Twenty dollars worth of sealed lead acid batteries from Battery Mart, a $10 APC 940-0024 DB-9 cable from an Amazon.com seller (I mentioned that this was an old UPS right?) and a bit of duct tape later and I have new batteries in the UPS and have the signaling cable connected to my ESXi host.

In an ideal world, I'd have a networked UPS that can signal all of my little home lab that the power is out and things should shutdown. In the real world, I don't have that. Enter APCUPSD, your standard Open Source solution for monitoring an APC UPS.

I shut down my Ubuntu Linux management virtual machine and passed through the ESXi host's serial port to the VM. A VM boot and a few tweaks to the apcupsd.conf later and APCUPSD running on a Linux VM is talking to the APC SmartUPS connected to the host.

APCUPSD has a built in network information server that allows other computers running APCUPSD to check in with the UPS status. And APCUPSD has support for Linux, Mac OS X, and Windows. A quick package policy in my Ubuntu Landscape Dedicated Server (more on that another day) and apcupsd is installed on my Linux virtual machines. A quick install on a couple Windows machines (including my gaming desktop) and APCUPSD is talking over the network to my management VM, ready to shut down VMs as the UPS runs out of batter power.

So if you don't have a fancy network UPS, this kind of setup is the next best thing. If you have clustered hypervisors, a TCP/IP to serial adapter or even a Raspberry Pi setup to run APCUPSD could get the job done.

Shortfall is while my Linux and Windows virtual machines as well as the physical machines on the same UPS will now all cleanly shutdown, my ESXi host won't cleanly shutdown. Looks like some scripting on the machine running APCUPSD that reaches out to ESXi and runs the ESXi shutdown is the preferred solution in this scenario. That's for another day, for now at least the VMs with critical data won't be running.

Wednesday, September 30, 2015

Samba 4 Active Directory Domain Controller Continues to Impress

I've been running two Samba 4 Domain Controllers for my lab environment for a few months now, and aside from an occasional quirk such as having to use RSAT on Windows 7/Server 2008 R2 and editing an .ini file when creating a new Group Policy object it has been a good setup for my lab.

Group Policy Modeling doesn't work, so I do have to be careful on what is configured in Group Policy, but I can live with that.

Last night I was working on getting pfSense configured to use LDAP authentication. Again this just worked as expected, connect to 389 on the Samba Domain Controllers and go. I took it a step further, cut a SSL certificate for my lab's Active Directory domain from StartSSL and configured Samba to use that certificate for LDAPS. Again, everything just worked as expected.

I even got Samba member servers working, really not sure why it wasn't working on my previous attempt. I'll be switching out my Windows file server for a Linux one soon.

One of my goals with the lab is to have a nice stable "infrastructure" for learning new things. Using Windows Server evaluation licensing to build the base infrastructure seemed incompatible with that, which is why Limix servers are being slotted into those places where possible. If I want to test or learn a new product, I want to set it up on a VM and get to it, not build up Active Directory and all that then get around to testing.

As a side benifit I have a nice working Active Directory, file servers, VPN, etc. for media servers and other services I want to use.

Thursday, September 3, 2015

Windows Administrators should learn PowerShell

Why should Windows Administrators learn PowerShell? My answer is a simple flow chart:

Sunday, April 26, 2015


I decided it was time to start over with my homelab, not that an ancient HP desktop with an Intel Core Duo processor was worthy of being called a homelab. It was basically my iTunes server, serving up content not in iCloud to Apple TVs, and it wasn't even doing that well.

The Parts Purchased (so far...)
The Parts on Hand
  • 2x 2 TB 3.5" HDD (7200 RPM).
  • 2x 3 TB 3.5" HDD (7200 RPM).
  • 1x 1 TB WG HDD (7200 RPM).
  • 2x 16 GB USB3 Flash Drives for VSphere Hypervisor. 
The "Build" 
The two 2 TB HDDs and two 3 TB HDDs were configured in a RAID 10 array. Not ideal having disks with different sizes, but it worked out and this is a homelab, not something mission critical. After configuring the mirrors and stripes I ended up with 5.somechange TB of RAID10 space. That will do nicely.

In order to get the ESX hypervisor installed the ESX installer needs to be modified to include the driver for the TS440's on board NIC. The VIB file for the network driver can be downloaded from Lenovo's TS440 Support Page and the ESX ISO can be customized with ESXi-Customizer.

With the disks installed and configured, RAM inserted, and customized ESX installer burned everything was smooth sailing. ESX installed to my USB stick, got configured, and I was up and running.

The Naming Scheme
I don't get to give my servers at work fun names. They are all LOCATION-SERVICE-NUMBER or something similar. (HQADDS01 for Active Directory at HQ...) In my home lab, with "limited" resources, one administrator, and no corporate rules, I decided my naming scheme would come from Transformers. Not the Michael Bay version, but the classic Generation 1 Transformers from my childhood. (And more recently, the excellent War for Cybertron and Fall of Cybertron games that I thoroughly enjoyed on my XBox360.) 

Since itouthouse.net and itouthouse.org are just redirects to itouthouse.com, I don't have any worries using cybertron.itouthouse.net for my internal network. Thus, my ESX host is now named metroplex.cybertron.itouthouse.net.

The VMs
Any homelab is going to be...fluid, but I have a few ideas on what the various VMs will be.
  • Wheeljack: This will be my personal Windows Virtual Machine. Eventually I'll be playing with VT-D and GPU pass through to see if I can get some gaming working. This is what the SSD, 1 TB HDD, and SilverStone bracket are for. These will be directly connected to the motherboard's SATA connectors. I discovered that the Lenovo TS440 doesn't have enough power connectors to add two drives not in the hot swap bays in addition to the internal optical drive, this is a problem to address later. At least I have USB optical drives handy until I figure it out.
  • Teletraan I: A Linux VM running Samba as an Active Directory Domain Controller.
  • Teletraan II: Why have only one Active Directory Domain Controller when you can have two? 
  • Blaster: A Windows VM with some storage and running iTunes. It's only job is to replace my HP desktop that is serving up iTunes content to my Apple TVs. 
  • Rewind: Ubuntu Desktop running CrashPlan. Sole purpose is to be a CrashPlan server for friends and family. I could have gone headless but decided I didn't want to play with CrashPlan enough to get it running headless. 
  • Skyfire: Windows File server. Joined to Active Directory of course. 
  • Jetfire: Linux File server. Had some issues getting Linux file serving working the way I wanted, so went with Windows Server running in eval mode to work on other stuff. Eventually will circle back and get Samba working the way I want and replace the Windows file server.
  • Perceptor: Monitoring server if I feel the need. 
  • Ironhide: pfSense firewall/VPN. Maybe something other than pfSense. 
  • Wreck-Gar: Windows 10 Technical Preview.

Wednesday, September 10, 2014

Apple Keynote Podcast Feeds

I wanted the direct links to the downloads to throw the latest keynote on a network share. I didn't find the direct links to Apple's feeds anywhere with a quick search, so I extracted them from iTunes. Here they are for you.

Friday, September 5, 2014

Uninstall Dropbox Script

The script simply searches for DropboxUninstaller.exe and if found, runs is with the /S switch. Time consuming script as it searches the hard drive. This could be done better...but meh.


' Search computer for Dropbox installation and uninstall Dropbox if found.
' Created by Andrew Zbikowski  
' Version: 2013-06-10_01
' Tested against Dropbox version 2.0.23 
Option Explicit

' Objects
Dim objShell, objWMI, objFile
' Collections
Dim colFiles
' Strings
Dim strFileQuery, strComputer, strUninstallCmd

Set objShell = WScript.CreateObject("WScript.Shell") 

strComputer = "."
Set objWMI = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")

strFileQuery = "SELECT Name FROM CIM_DataFile WHERE filename = 'DropboxUninstaller' AND extension = 'exe'"

Set colFiles = objWMI.ExecQuery(strFileQuery)

if colFiles.Count > 0 Then
For Each objFile in colFiles
On Error Resume Next
strUninstallCmd = Chr(34) & objFile.Name & Chr(34) & " /S"
objShell.Run strUninstallCmd,0,True ' Run uninstaller, wait for it to finish. 
End If


Tuesday, October 30, 2012

Managing Your Photo Collection

A few months ago I decided to rework my workflow for importing, managing, and sorting my photo collection. Since our daughter was born the number of pictures we take with digital cameras and iPhones has exploded. Previously my workflow consisted of tag all the faces when the photos are imported, flag the good ones, and create smart albums in iPhoto that included a date range for every month.

Unfortunately that just wasn't sufficient with the number of photos being added to my iPhoto library. Friends and family want to see baby pictures, but when hundreds of new photos showed up with no real sorting between quality and crap it's too much. When you have a new born baby in the house this simple, share everything workflow might be all you can manage.

Fast forward three years and I'm still using the "I'm getting no sleep with a newborn" workflow. Now that I'm better rested, it might be time to improve things.  My first rule of tagging faces immediately after importing photos into iPhoto was a good one, and that part of the workflow remains. I abandoned the flagged photo idea entirely and cleared all flags from my photos.

My new workflow starts the same as my old workflow. Import photos and tag all faces in those photos. To improve photo management from this point, I decided to use iPhoto's star rating system. Each of my photos is given a rating. I made up a number of rules for defining what makes a 3 star vs. a 5 star photo. The goal of rating every photo was to have a way to sort out the good from the bad. iPhoto can use photo ratings in Smart Albums (Saved Searches), so I could keep the strategy of creating smart albums that matched faces and date ranges, but also include the photo ratings so that only good photos appear in the albums that get shared.

To start, I needed to decide what each star rating would mean. I came up with this:
  • 1 Star Rating: This is a bad photo. 
  • 2 Star Rating: Not horrible, but not worth sharing. 
  • 3 Star Rating: Average Photo. It can show up on screen savers, but it won't be shared. 
  • 4 Star Rating: Above Average and worth sharing with family and friends. 
  • 5 Star Rating: Sharing this is a no brainier. This should be in a museum.
Photo Rating Rules
  1. Start with a 2 star rating. 
  2. Add one star for a known face (of someone you like) in the photo. No extra star for people you know but don't like, and no stars for complete strangers. Add two stars if there are two or more likable people in the photo. This rule adds a maximum of two stars, so no additional stars for three or more faces. 
  3. Add one star for artistic, sentimental, or other positive photo attributes. For example, a photo of my Grandfather who passed away a few years ago usually get an extra star. 
  4. If the photo has something extra special in it, add a star.
Now each photo should have a rating of three stars or higher. Time for deductions.
  1. Remove a star for out of focus photos unless this is intentional or adds to the artistic value of the photo.
  2. Remove a star for motion blur unless this is intentional or adds to the artistic value of the photo. 
  3. Remove a star for finger covering the camera lens or other items that detract from a photo and can't be cropped or edited out of the photo. 
  4. Remove a star for other things that can't be digitally corrected such as red eye, digital artifacts, random stranger photo bombs, a dogs butt in the photo, etc. 
  5. Remove a star if if you only see the back of the main subject's head. This is optional, but I've found in most cases it's a good idea. 
The ToDo Albums
In addition to rating photos, I also have a number of "ToDo" albums created in iPhoto. When I'm importing photos I may not have time to do the retouching, cropping, etc. Instead of worrying about these tasks as I'm rating my photos, I add these photos to one of my "ToDo albums." When I have time and the inclination to work on photo fixes, all I have to do is look at the ToDo albums to find photos that need some work.

Example ToDo Albums:
  • TODO: Retouch
  • TODO: Crop
  • TODO: Incorrect Date
Dealing With No Rating Photos
My iPhoto library has thousands of photos in in, and because I'm implementing a new system those photos will not have star ratings. I could create a smart album to simply show me all my photos with a rating less than one star, but that would have shown me my entire photo collection. That would be a daunting task.

To get past what would otherwise appear to be an impossible task, I used smart albums to break up this task and create obtainable milestones. I started with early years before having a child. There were fewer photos taken in these years so doing an entire year was an obtainable milestone. For the years after my daughter was born I went with my month by month strategy for rating photos. Bit by bit my photos are getting rated and the new system is working out quite well. As I knock out a month, I simply update my Unrated Photos Smart Album and work on the next milestone.

Example Criteria for Unrated Photos Smart Album:
  • Rating is less than one star
  • Date is in the range 10/1/2010 to 10/31/2010
So far my new workflow is working out quite well, and sharing the new four and five star photos with friends and family has gone over well. No more dumps of hundreds of photos into an online photo gallery, only the best photos in my collection get seen.