Skip Ribbon Commands
Skip to main content

Helping Prevent Technological Defenestration.

November 01
How to Request a Large File using Seafile

In addition to sending large files outside your organization, you can use SeaFile to receive large files that do not get through email systems. Here’s how:

Log in to Seafile by visiting www.falconitservices.com, click on support, then on the Seafile Transfer icon.

image

Log in to SeaFile using your user name and password. If you do not have one, contact the helpdesk to request one.

image

Click on the create library icon if you wish to create a special library for these files. Note: DO NOT encrypt the library, otherwise you will not be able to share it with others.

image

Clikc on the share icon next to the library.

image

Select upload link, then click on the generate button. You can add a password if you want anybody uploading to this library to be required to enter a password.

image

A hyperlink will be created that you can send to the person who is going to upload the files to your library. You can copy and paste the link to send via Email or you can click on the send button to have SeaFile send the link via Email.

image

The recipient will receive an email from postmaster at cloud.falconitservices.com, similar to the one shown below:

image

Clicking on the link will take them to an easy to use, upload page.

image

The default size is 500MB, which is quite large. If you need additional transfer limits, please contact the helpdesk for an increase.

October 31
BSOD after P2V or Disk2VHD Conversion caused by Storport RAID or other Hardware Drivers

After converting a Dell 310 Server with an S100 software raid to a virtual machine using Disk2VHD, the image would not boot up, even in safe mode.

In safe mode, I noticed that the BSOD appeard right after trying to load storport.sys. I had to remove these drivers in order to fix the issue.

Here is how you can fix hard disk and RAID drivers from your porevious hardware crashing your new virtual machine.

First, boot into safe mode by pressing the F8 key on startup.

Make a note of the last driver to load prior to BSOD system crash.

image

Next, boot into recovery mode by launching startup repair or by pressing F8 during boot then selecting the repair your computer option.

image

Log in as the local admin.

image

Open the command prompt.

image

The Recovery Media is drive X:. You will need to find your operating systems’s drive letter. use the command BCDEdit to locate the drive letter of your Windows OS partition. In the case below, the OS is on drive letter D:

image

Use the following command to get a list of 3rd party drivers:

Dism /image:D:\ /Get-Drivers (includes 3rd party drivers)
You can also add the /all switch if you suspect that a Windows driver may be causing the BSOD
Dism /image:D:\ /Get-Drivers /all (includes all drivers)

image

Use the get-driverInfo switch for additional information

Dism /image:D:\ /Get-DriverInfo /Driver:oem1.inf

image

Use the following command to remove the offending driver:

DISM /Image:D:\ /Remove-Driver /Driver:oem1.inf

image 

Restart the Windows image.

If you continue to have problems, run Checkdisk, SFC Scan and Image Restore using the following Commands:

Chkdsk D: /r

SFC /scannow /offbootdir=D:\ /offwindir=D:\windows

October 11
How to use Seafile to Send Large Files

Files greater than 5 Megabytes typically do not go through when sent by email. Seafile is an easy way to transmit files to others, while breaking the 5MB barrier. To use Seafile you will need a user name and password. If you do not have one, please contact our helpdesk.

To begin, navigate to www.falconitservices.com and click on the support link. From support, click on the Seafile icon.

image

Log in to SeaFile.

image

Click on New Library and give the library a name.

image

Click on the library link, then upload your files by clicking on the upload icon. Select the files and begin the upload process.

image

Once you have finished uploading all your files, go back to the main libraries.

image

Click on the share icon that appears when you hover your pointer over the library.

image

You can optionally password protect the file (you will need to give the recipient the password) and  select a finite number of days that the files will be made available for download.

image

When finished, click the generate button.

image

A link will appear with the download URL. You can either copy the link and email it to the recipient(s) or simply click on the send button.

image

Enter the recipient’s email address, the click submit.

image

The recipient will receive an email similar to the one below.

image

When the email link is selected, it will take them to a Web page where the files are available for easy download.

image

February 28
How to Connect a Cisco SPA 525G VoIP Phone Using WiFi

Note: Although the  Cisco SPA 525G supports WiFi, it’s recommended to use an Ethernet cable. WiFi is less reliable and is prone to dropping packets, which can cause the voice quality to degrade.  The farther you are from the WiFi transponder, and the more devices that connect and utilize the available WiFi bandwidth, the higher the chances that the voice quality will encounter jitter.

If an Ethernet cable is not available, follow these instructions to connect the SPA 525G via WiFi:

Press the setting button as indicated below.

image

Scroll to and select the network configuration settings.

image

Change the WiFi to the ON setting and press the set button to save the changes.

image

image

Select Wi-Fi configuration as shown below.

image

and then select wireless profile.

image

Press the scan button to look for SSID’s.

image

image

Once found, select the desired SSID and press the connect button.

image

Select the security mode and cipher type that your WiFi device uses for security, then enter the shared WiFi passphrase.

image

Save the settings when you have finished. Select the profile that was just created and press the connect button.

image

Once you have successfully connected, the status WiFi inducation will show the signal strength and the red X will disappear from the network icon.

image

January 28
Hyper-V Migration | Move Hyper-V Guest on Workgroup (Non Domain) Hyper V Server

Hyper-V Live migration is not supported in a workgroup environment, but you can move a Hyper-V guest from one server to another relatively easy. Just copy the VHD file from the source server to the target server and then create a new VM guest on the target server using the VHD file.

Make sure that you merge any snapshots before proceeding. Having a snapshot will not allow you to create a new VM using the VHD file. Following best practice, you should never have snapshots on productions servers anyways!

To begin, gracefully shut down the Hyper-V guest OS on the source server and locate the VHD file. If you are not sure where the VHD file is located, open the Hyper-V guest settings and look in the hard drive media settings.

image

Next, create a shared folder on the target server where the VHD file can be copied to. Note that copying large files over a network share can take a long time. You can opt to copy the file to a USB drive and then move it to the target server to expedite the process, if you have physical access to both servers.

Use copy/paste, Robocopy or Richcopy to move the VHD file to the target server.

image

As you can see in the image above, a relatively small  VHD server file copied over a 10/100 Ethernet can take several hours

Once the VHD file can been copied, open the Hyper-V manager on the target server and create a new virtual machine.

image

Follow all the steps you normally would when creating a new VM, until you get to the step to create the virtual disk.

image,

Choose ‘use an existing virtual hard disk’ as shown above the in the connect virtual hard disk option.

Click browse and select the VHD file that was copied to the target server.

image

Navigate to the Hyper-V manager on the target machine and start the newly created VM and Voila!

image

If the source server is on the same network, make sure to remove or delete the old Hyper-V guest so that someone does not start it accidentally.

December 28
How to View the Name of Your Windows Computer

Hold down the Windows key (image below) on your keyboard and press ‘R’.

image

When the run box appears, type msinfo32 as shown below and press OK.

image

The system name will appear as shown below.

image

June 13
Configuring Asterisk to use Cisco Unified CP-9971, CP-8961 IP Phones

Although not officially supported, Cisco CP 8961 and 9971 phones can be easily configured for use on FreePBX, Elastix and most Asterisk PBX systems. This step by step guide will provide the provisioning configuration details. The steps are:

  • Configuring Asterisk to allow TCP protocol for use on specific IP phones.
  • Setting up a DHCP server with TFTP option 150.
  • Setting up a TFTP server.
  • Configuring extensions in Asterisk.
  • Creating XML configuration files for the IP phones.

For this post, we will be using Elastix 2.5, Windows DHCP and SolarWinds TFTP server, however you can adjust according to your own product preference. We will be using Cisco CP-9971 and CP-8961 with firmware version 9.3 however other Cisco UC phones will work as well. Note: you should have at least firmware 9.0 installed on the phones in order to use SIP protocol and work with Asterisk.

Configuring Asterisk to use TCP

To configure Asterisk to allow the use of TCP in transport, log in to the Web UI and navigate to the Asterisk file editor. Locate the sip_general_custom.conf and add the following lines:

tcpenable=yes
tcpbindaddr=0.0.0.0

image

After you save the changes, locate sip_notify_custom.conf and add the following lines:

udpbindaddr=0.0.0.0
tcpenable=yes
tcpbindaddr=0.0.0.0
callcounter=yes

image

When finished, click save and the reload Asterisk.

Configuring the TFTP Server

Download and install the TFTP Server of your choice or download and install a free TFTP server from SolarWinds by clicking here. 

image

Inside the default TFTP folder (c:\TFTP-Root if using Solarwinds), create a file using Windows notepad. Name it ‘dialplan.xml’ and copy/paste the text below to the file.

<DIALTEMPLATE>
     <TEMPLATE MATCH="91.........." Timeout="0"/>
     <TEMPLATE MATCH="911" Timeout="0"/>
     <TEMPLATE MATCH="\*.." Timeout="0"/>
     <TEMPLATE MATCH="[1-8].." Timeout="1"/>
     <TEMPLATE MATCH="*" Timeout="5"/>
< /DIALTEMPLATE>

 

image

When you have finished, save the file and make sure that the TFTP server is running.

image

 

Configuring the DHCP Server

Next, we will need to configure our DHCP server to use option 150 so that the IP phones obtain the IP address of the TFTP server from the DHCP server. The Cisco IP phones will use the TFTP server to download and install their respective provisioning configurations.

Open Windows DHCP server MMC and right click on the IPV4 server and select set predefined options.

image

Click add and give the option a name and a description. Select IP address as the data type and 150 as the code.

image

Add the TFTP server’s IP address to the value field and click OK.

image

 

Configuring Extensions and Phones

 

 

1. Creating/configuring the phone extensions in the Elastic UI

From the Elastix Web UI, navigate to PBX->Configuration->Extensions. Select to add a generic SIP device.

image

Enter the extension number and relevant information, then save the settings. Go back and edit the extension and look for the transport option.  If your version of asterisk has this transport option, you can set TCP here and skip the next step.

 

image

Submit your changes and apply the configuration.


2. Setting up the extension to utilize TCP instead of UDP

If you Asterisk version does not allow you to change the extension transport type from the extension edit GUI, you can do it in the sip_custom_post.conf file. Navigate to Tools->Asterisk File Editor and locate the sip_custom_post.conf file.  Add the extension of your phone using the following syntax:

[EXT#](+)
transport=TCP

In the example shown below, there are three extensions in our lab setup that will use the CP-9971 phone, so we added them to the sip_custom_post.conf file. This will force these extensions to use TCP  transport, a requirement for the CP-9971 IP phone.

image

Save and restart the Asterisk PBX.

Configuring the Cisco IP Phone

On your Cisco IP phone, select phone information from the applications menu.

image

Note these two important pieces of information: the Host Name and the Active Load. Write them down, you will need them both.

image

On the server that has TFTP installed, open Windows notepad and copy/paste the XML text shown below.

 

<device>
    <deviceProtocol>SIP</deviceProtocol>
    <sshUserId>admin</sshUserId>
    <sshPassword>password</sshPassword>
    <devicePool>
       <dateTimeSetting>
          <dateTemplate>M/D/YA</dateTemplate>
          <timeZone>Eastern Standard/Daylight Time</timeZone>
          <ntps>
             <ntp>
                <name>pool.ntp.org</name>
                <ntpMode>Unicast</ntpMode>
             </ntp>        
          </ntps>
       </dateTimeSetting>
       <callManagerGroup>
          <members>
             <member priority="0">
                <callManager>
                   <ports>
                      <ethernetPhonePort>2000</ethernetPhonePort>
                      <sipPort>5060</sipPort>
                      <securedSipPort>5061</securedSipPort>
                   </ports>
                   <processNodeName>AsteriskIP</processNodeName>
                </callManager>
             </member>
          </members>
       </callManagerGroup>
    </devicePool>
    <sipProfile>
       <sipProxies>
          <backupProxy></backupProxy>
          <backupProxyPort>5060</backupProxyPort>
          <emergencyProxy></emergencyProxy>
          <emergencyProxyPort></emergencyProxyPort>
          <outboundProxy></outboundProxy>
          <outboundProxyPort></outboundProxyPort>
          <registerWithProxy>true</registerWithProxy>
       </sipProxies>
       <sipCallFeatures>
          <cnfJoinEnabled>true</cnfJoinEnabled>
          <callForwardURI>x-serviceuri-cfwdall</callForwardURI>
          <callPickupURI>x-cisco-serviceuri-pickup</callPickupURI>
          <callPickupListURI>x-cisco-serviceuri-opickup</callPickupListURI>
          <callPickupGroupURI>x-cisco-serviceuri-gpickup</callPickupGroupURI>
          <meetMeServiceURI>x-cisco-serviceuri-meetme</meetMeServiceURI>
          <abbreviatedDialURI>x-cisco-serviceuri-abbrdial</abbreviatedDialURI>
          <rfc2543Hold>false</rfc2543Hold>
          <callHoldRingback>2</callHoldRingback>
          <localCfwdEnable>true</localCfwdEnable>
          <semiAttendedTransfer>true</semiAttendedTransfer>
          <anonymousCallBlock>2</anonymousCallBlock>
          <callerIdBlocking>2</callerIdBlocking>
          <dndControl>0</dndControl>
          <remoteCcEnable>true</remoteCcEnable>
       </sipCallFeatures>
       <sipStack>
          <sipInviteRetx>6</sipInviteRetx>
          <sipRetx>10</sipRetx>
          <timerInviteExpires>180</timerInviteExpires>
          <timerRegisterExpires>1800</timerRegisterExpires>
          <timerRegisterDelta>5</timerRegisterDelta>
          <timerKeepAliveExpires>120</timerKeepAliveExpires>
          <timerSubscribeExpires>120</timerSubscribeExpires>
          <timerSubscribeDelta>5</timerSubscribeDelta>
          <timerT1>500</timerT1>
          <timerT2>4000</timerT2>
          <maxRedirects>70</maxRedirects>
          <remotePartyID>false</remotePartyID>
          <userInfo>None</userInfo>
       </sipStack>
       <autoAnswerTimer>1</autoAnswerTimer>
       <autoAnswerAltBehavior>false</autoAnswerAltBehavior>
       <autoAnswerOverride>true</autoAnswerOverride>
       <transferOnhookEnabled>false</transferOnhookEnabled>
       <enableVad>false</enableVad>
       <dtmfAvtPayload>101</dtmfAvtPayload>
       <dtmfDbLevel>3</dtmfDbLevel>
       <dtmfOutofBand>avt</dtmfOutofBand>
       <alwaysUsePrimeLine>false</alwaysUsePrimeLine>
       <alwaysUsePrimeLineVoiceMail>false</alwaysUsePrimeLineVoiceMail>
       <kpml>3</kpml>
       <phoneLabel>Company</phoneLabel>
       <stutterMsgWaiting>1</stutterMsgWaiting>
       <callStats>false</callStats>
       <silentPeriodBetweenCallWaitingBursts>10</silentPeriodBetweenCallWaitingBursts>
       <disableLocalSpeedDialConfig>false</disableLocalSpeedDialConfig>
       <sipLines>
          <line button="1">
             <featureID>9</featureID>
             <featureLabel>LabelName</featureLabel>
             <proxy>USECALLMANAGER</proxy>
             <port>5060</port>
             <name>EXT</name>
             <displayName>DispName</displayName>
             <autoAnswer>
                <autoAnswerEnabled>2</autoAnswerEnabled>
             </autoAnswer>
             <callWaiting>3</callWaiting>
             <authName>EXT</authName>
             <authPassword>Password</authPassword>
             <sharedLine>false</sharedLine>
             <messageWaitingLampPolicy>1</messageWaitingLampPolicy>
             <messagesNumber>*97</messagesNumber>
             <ringSettingIdle>4</ringSettingIdle>
             <ringSettingActive>5</ringSettingActive>
             <contact>EXT</contact>
             <forwardCallInfoDisplay>
                <callerName>true</callerName>
                <callerNumber>false</callerNumber>
                <redirectedNumber>false</redirectedNumber>
                <dialedNumber>true</dialedNumber>
             </forwardCallInfoDisplay>
          </line>
       </sipLines>
       <voipControlPort>5060</voipControlPort>
       <startMediaPort>16348</startMediaPort>
       <stopMediaPort>20134</stopMediaPort>
       <dscpForAudio>184</dscpForAudio>
       <ringSettingBusyStationPolicy>0</ringSettingBusyStationPolicy>
       <dialTemplate>dialplan.xml</dialTemplate>
       <softKeyFile></softKeyFile>
    </sipProfile>
    <commonProfile>
       <phonePassword></phonePassword>
       <backgroundImageAccess>true</backgroundImageAccess>
       <callLogBlfEnabled>2</callLogBlfEnabled>
    </commonProfile>
    <loadInformation>ActiveLoad</loadInformation>
    <vendorConfig>
       <disableSpeaker>false</disableSpeaker>
       <disableSpeakerAndHeadset>false</disableSpeakerAndHeadset>
       <pcPort>0</pcPort>
       <settingsAccess>1</settingsAccess>
       <garp>0</garp>
       <voiceVlanAccess>0</voiceVlanAccess>
       <videoCapability>0</videoCapability>
       <autoSelectLineEnable>0</autoSelectLineEnable>
       <webAccess>1</webAccess>
       <daysDisplayNotActive>1,2,3,4,5,6,7</daysDisplayNotActive>
       <displayOnTime>00:00</displayOnTime>
       <displayOnDuration>00:00</displayOnDuration>
       <displayIdleTimeout>00:00</displayIdleTimeout>
       <spanToPCPort>1</spanToPCPort>
       <loggingDisplay>1</loggingDisplay>
       <loadServer></loadServer>
    </vendorConfig>
    <userLocale>
       <name></name>
       <uid></uid>
       <langCode>en_US</langCode>
       <version>1.0.0.0-1</version>
       <winCharSet>iso-8859-1</winCharSet>
    </userLocale>
    <networkLocale></networkLocale>
    <networkLocaleInfo>
       <name></name>
       <uid></uid>
       <version>1.0.0.0-1</version>
    </networkLocaleInfo>   
    <deviceSecurityMode>1</deviceSecurityMode>
    <authenticationURL></authenticationURL>
    <directoryURL></directoryURL>
    <servicesURL></servicesURL>
    <idleURL></idleURL>
    <informationURL></informationURL>
    <messagesURL></messagesURL>
    <proxyServerURL></proxyServerURL>
    <dscpForSCCPPhoneConfig>96</dscpForSCCPPhoneConfig>
    <dscpForSCCPPhoneServices>0</dscpForSCCPPhoneServices>
    <dscpForCm2Dvce>96</dscpForCm2Dvce>
    <transportLayerProtocol>4</transportLayerProtocol>
    <capfAuthMode>0</capfAuthMode>
    <capfList>
       <capf>
          <phonePort>3804</phonePort>
       </capf>
    </capfList>
    <certHash></certHash>
    <encrConfig>false</encrConfig>
< /device>

 

Save the file as the ‘host_name.cnf.xml’ inside the TFTP folder.

For example, if the IP phone’s host name is SEPC40ACBE0C2F3 then save the file as SEPC40ACBE0C2F3.cnf.xml.

image

 

When finished, edit the file with notepad and change the fields listed below in BLUE. You can change other fields to fit your preferences; all the descriptions and options are documented in this GitHub site as well as in usecallmanaer.com.nz.

 

<processNodeName>Asterisk  IP</processNodeName> Insert your Asterisk PBX IP address or FQDN here.
<featureLabel>LabelName</featureLabel> Insert the phone label name (keep it short < 10 chars)
<phoneLabel>Company</phoneLabel> Company or department name (<10 chars)
<name>EXT</name> Phone Extension
<contact>EXT</contact> Phone Extension
<displayName>DispName</displayName> Display Name (<10 chars)
<authName>EXT</authName> Phone Extension
<authPassword>Password</authPassword> Extension Password
<loadInformation>ActiveLoad</loadInformation> Your phone’s Active Load information (it must match)

 

When finished, reset and power cycle your phone and it will be configured automatically.

image 

May 23
How to Install SeaFile for Windows with SSL Certificate Step by Step

This tutorial will guide you on setting up SeaFile on a Windows 2012R2 server and installing an SSL certificate.

Requirements

  • Windows Server 2012, 2012R2 or 2016
  • Administrative account on Windows server
  • Public static IP address
  • DNS to resolve FQDN to public IP
  • Router to forward ports 8001, 8082, 12001 to SeaFile Server
  • SSL Certificate from trusted authority (www.ssls.com)

Pre-Setup

  • Configure a static private IP address on the Windows server that will host SeaFile
  • Install the latest Windows updates
  • Disable UAC (you can enable it again after the install is completed)
  • Make sure that the server has access to the Internet.
  • Disable IE enhanced security configuration
  • Download and install 7-Zip from www.7-zip.org
  • Open ports 8001 and 8082 on your  firewall and translate 9forward) to the SeaFile server.

Log in using an administrative account, download and install python 2.7.11 32bit, make sure to use the x32 version as x64 will NOT work properly. The installation will create a folder named c:\Pythod27 by default.

Go to system properties –> advanced tab –> environment variables.

Edit the path and add:  ;c:\Python27\ to the end of the environment path.

Make sure that there is no whitespace, see example below:

image

Navigate to https://www.seafile.com/en/download and download SeaFile Server for Windows version 6.07.

Create a folder c:\SeafileProgram and extract the SeaFile tar file using 7-Zip to that location.

image

Navigate to the extracted located and execute the run.bat file.

image

Once the installation process begins, choose a disk volume where the SeaFile folder will be installed and click next. A SeaFile server icon will appear in the icon tray. Right click on it and select add an admin account. Enter an email address and password and click OK.

image

Navigate to c:\Seafile-Server\conf and open seafile.conf using a text editor.

Copy and past the following text on to the editor:

 

[database]
type = sqlite

[network]
port = 12001

[fileserver]
port = 8082

[seahub]
port = 8001
fastcgi = false

[fileserver]

# Set maximum upload file size to 500M.
max_upload_size=500

# Set maximum download directory size to 500M.
max_download_dir_size=500


[quota]

# default user quota in GB, integer only
default = 5

 

 

We will use port 8001 for the Web UI and port 8082 for the file server. You can adjust the Web UI port and quota sizes  to your own specifications but do not change the file server port 8082.

Select file-> save to save the changes.

From the same directory, edit the ccnet.conf file and change the SERVICE_URL to your own FQDN.

image

When finished select file –> save.

Adding SMTP Mail Send

Navigate to SeaFileProgram-> SeaFile-Server-6.0.7\seahub\seagub and right click on the settings.py file. Select edit with IDLE.

Locate the email sending section and modify according to your SMTP server requirements. You can copy/paste the lines below to add the fields to the file as shown.

EMAIL_USE_TLS = False
EMAIL_HOST = 'smtp.example.com'        # smtp server
EMAIL_HOST_USER = 'username@example.com'    # username and domain
EMAIL_HOST_PASSWORD = 'el-password'    # password
EMAIL_PORT = 25
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER

image

If you do not have access to an SMTP server, you can add SMTP to the SeaFile server by following these steps.

Go to the add roles and features wizard and add the SMTP server feature as shown below.

image

Open IIS 6 from the administrative tools menu, right click on the SMTP server and start the service.

image

Right click on the SMTP virtual server once again and select properties. Click on the access tab and then on relay restrictions. Add 127.0.0.1 to the list of authorized relay hosts.

image

Go back to c:\SeaFileProgram\Seafile-Server-6.0.7\seahub\seahub and edit the settings.py file. Modify the settings as shown below:

#################
# Email sending #
#################

SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True # Whether to send email when a system staff adding new member.
SEND_EMAIL_ON_RESETTING_USER_PASSWD = True # Whether to send email when a system staff resetting user's password.

EMAIL_USE_TLS = False
EMAIL_HOST = '127.0.0.1'        # smpt server
EMAIL_HOST_USER = 'postmaster@yourdomain.com# username and domain
EMAIL_PORT = 25
SERVER_EMAIL = '127.0.0.1'
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER

 

Select file-> save when finished, then right click on the SeaFile icon located in the icon tray and Restart the SeaFile server. Also restart the SMTP

Navigate to http://yourfqdn:8001 to log in to SeaFile.

image 

How to set up SSL Certificate on SeaFile

For this post, we are going to use a Comodo SSL certificates from SSls, so please go to www.ssls.com and create an account if you don’t already have one. We will use SSL port 4043 for this example, however you can modify the relevant settings if you wish to use the standard SSL port 443 or any other port of your choice.

To begin, create a folders on the local drive volume named  c:\inetpub\https

Go to add roles and features and select the IIS role. In the role services, remove directory browsing show shown below.

image

Install Microsoft web Platform Installer 5.0 (Web PI) from here.  In the WebPi search box, look for URL rewrite and install URL Rewrite 2.0 as shown below.

image

Click on add and then on the install button to install URL Rewrite 2.0.

Open IIS7 and expand the server sites. Select the default Web site and click bindings. Change the physical path to c:\inetpub\http.

image

Click on the server and then double click on the server certificates icon.

image

Select create new certificate and fill out the DN properties.

image

Select 2048 bit Microsoft RSA cryptographic provider and the save the certificate request text file.

Navigate to SSLs.com and select a certificate such as the one shown below.

image

After you purchase and activate the certificate, copy/paste your CSR as shown below.

image

Select the first option for Windows IIS as shown below.

image

When done, submit the CSR. After you receive your confirmation email, copy and past the text code as indicated.

image

You will soon receive your certificate by email as an attachment. Copy/past or save the attachment on to the SeaFile server and extract the contents.

Open IIS7 and select complete certificate request.

image

Point the file name to the extracted certificate and give the file a friendly name such as SeaFileCert.

image

Add a new site and point the path to the HTTPS folder we previously created in inetpub. Select HTTPS binding and select the SSL certificate we created. Change the port to 4043 and then click OK.

image

Copy, paste and save the following text file in c:\inetpub\https\web.config file.

 

<configuration>

    <system.webServer>

        <rewrite>

        <rules>

        <rule name=’seafhttp’ stopProcessing=’true’>
        <match url=’seafhttp/(.*)’ />
        <action type=’Rewrite’ url=’http://localhost:8082/{R:1}’ appendQueryString=’false’ logRewrittenUrl=’true’ />
        </rule>

        <rule name=’Reverse Proxy’ patternSyntax=’ECMAScript’ stopProcessing=’true’>
        <match url=’(.*)’ /> 
        <action type=’Rewrite’ url=’http://localhost:8001/{R:1}’ logRewrittenUrl=’true’ />
        </rule>

        </rules>

        </rewrite>

    </system.webServer>

</configuration>

 

Go to your SSL site and double click on URL rewrite.

image

It should open a new window as shown below without any errors.

image

Next, go to c:\seafile-server\conf and modify the ccnet.conf file to show the correct URL.

SERVICE_URL = https://www.yoururl.com:4043
image
From the same directory, edit the seahub_settings.py file and add the line:
FILE_SERVER_ROOT = 'https://www.yoururl.com/seafhttp'
image

Go back to the Web Platform Installer and search for ARR, from the results, select and install Application Request Routing.

image

Select the IIS Server and then double click Application Request Routing.

image

Click on the server proxy settings link and enable the proxy.

image

Finally restart the server so that all the settings take effect and visit your new URL for a secure version of SeaFile!

image 

May 18
Sharing Files with SeaFile: Your Own Private Cloud Based Network Drive

 

Using SeaFile to Store and Share Files Securely over the Internet

 

The default SeaFile URL is https://seafile.falconitservices.com:4043 however you can request a custom login URL such as https://seafile.yourdomain.com.

Log in to SeaFile using your supplied credentials. If you are new to SeaFile, contact our helpdesk to obtain a user name and password.

image

You will be requested to change your password on first login.

image

 

Creating A SeaFile Library to Share

Once you have logged in to SeaFile,  go to Files –> My Libraries and select New Library.

image

Give your library a friendly name. Note: you can optionally encrypt the contents on the server’s disk, however encrypted folders cannot be shared with others. They are strictly used as secure storage or external backup. Encrypted libraries cannot be decrypted later on or accessed if you forget the password!

image

Encrypted folders will have a lock icon as shown below.

image

Uploading Documents to a Library using the SeaFile Web UI

Log in to SeaFile using a Web browser and navigate to My Libraries. Click on the Library you want to upload to and then click on the upload button. Select the file to upload using your computer browser.

image

 

Uploading Documents to a Library using the SeaFile Application

If you upload multiple applications or manage multiple libraries, I recommend you use the SeaFile application. It allows you to easily drag and drop files to and from Libraries and well as manage your libraries from an app on your desktop rather than having to log in to a Web interface. Call the helpdesk to have the SeaFile application installed on your desktop computer.

Double click on a library to open the file browser then drag and drop or copy/paste your files into the cloud browser. From there, they will be synchronized with the SeaFile server.

image

Sharing Files with External Sources

Log in to the SeaFile Web interface and select the library you want to share and click on the share button.

Download Link: This option creates a link that you can email others to allow them to view your library files. Adding password protection will require the link users to enter the password before they can preview the library. You can also add an expiration date which will remove the access after the date has been surpassed.

Note: It’s important to create an expiration time limit, especially if you do not password protect your link! Links that have no password and no expiration date can be indexed by search engines and your files may become compromised.

To create the link, click on the generate button, then copy and paste the link URL to send via Email or use the send feature and click submit.

image

 

Upload Link: The upload link works the same way as the download link except that it’s used to allow an external source to upload files into your library.

image

Share to User: This option allows you to share your library with other Falcon IT Services SeaFile users. This allows multiple users to share libraries using the SeaFile Web UI or the SeaFile application. Type a users email address to add the user to the share list.

December 31
Gracefully Shutting Down Windows Servers and Hyper-V During a Power Outage Using APC Network Management Card (NMC) and PowerChute Network Shutdown (PCNS)

Needless to say that a Server suddenly being turned off or losing power is a roll of the dice. Especially sensitive to abrupt shut downs are SQL, Exchange and Hyper-V Servers. For this reason, it’s extremely important to have an unattended graceful shutdown software for power outage events.

What is Needed:

Note: There are several types of UPS’, cables and software you can use to accomplish a graceful shutdown however in this post I will cover only the APC Smart UPS with NMC and PCNS because it’s a system I have been using successfully to gracefully shut down multiple servers from a single UPS, under specific conditions.

To begin, install your NMC on the SMART UPS and configure an IP address. Access the NMC using a Web browser (or Telnet if it’s Throwback Thursday).

image

image

Log in to the user interface and set up E-Mail or SNMP alerts. It’s generally a good idea to be alerted when the UPS is going to shut down the servers. This can be done from the administration –> notification menu.

image

Set up the type of alerts you want from the event actions, then set up either SMTP or SNMP for alert notifications.

To begin configuring shutdown, check how much runtime you have by clicking on the UPS –> Overview menu. Runtime is how much time your UPS will be able to power your systems during a power outage.

image

As you can see, the image above indicates that we have approximately 1 hour and 8 minutes after the power goes out, before our UPS batteries are completely drained. In contrast, the image below shows a different UPS with only 26 minutes of runtime. Our shutdown policies should be based on how much runtime we have, which is different for every situation. For this reason, we cannot simply use ‘default’ settings, we must study and understand how shutdown works and what variables are required, based on several important factors.

image

 

Go to the UPS Tab, this is where the important settings are entered. These settings are not as self explanatory as they seem and they are very, very important. For this reason, I urge you to read about, and fully understand these settings before proceeding. You can get detailed information about these parameters in this blog by Steve Jenkins.

UPS –> Control


The UPS control is used for a user initiated shutdown sequence. This is useful for testing or for manually initiating a shutdown sequence where the UPS signals the servers to shut themselves down gracefully.

UPS –> Configuration –> Shutdown

image

1. Low Battery Duration: The point at which the UPS sends a signal to gracefully shut down all the servers. You should set this threshold to give your servers plenty of time to gracefully shut down.

2. Shutdown Delay: This is how long the UPS will stay on after all the servers have successfully shut down.

3. Maximum Required Delay: This value is calculated by the NMC after it queries the PCNS clients. After you add/remove PCNS clients, this value will change. It’s based on how much time it thinks it will take to gracefully shut down all your operating systems.

Note: Basic Signaling Shutdown is for serial cable communication, leave it unchecked. This does not apply to what we are doing here!

4. Duration of Shutdown Sleep Time:  How long the UPS will stay off when you initiate a manual shutdown sequence manually from the control menu.

5. Minimum Battery Capacity: This is the minimum charge level the NMC will require before it turns the power back on. The capacity should be enough to sustain another shutdown sequence if the power cuts off again.

6. Return Delay: How long the UPS will stay off (and recharge) after power has been restored. This is useful because as we all know, power disruptions can be intermittent and it’s best to wait for power to be steadily restores before restating your servers.

APC Shutdown Sequence Explained via an Epic Mini Space Novella

First Officer: Captain, we’ve lost main power!
Captain: Blimey, how long will auxiliary power hold us in orbit?
First Officer: Approximately [runtime] minutes, captain.
Captain:  We have plenty of time. It takes us [maximum required delay] to evacuate the ship, so there is no need to panic! Let’s wait until we reach the [low battery duration] threshold. Maybe by then we will get our main power restored. (Pressing intercom) Engineering, this is the captain! I need power… the lives… of our crew… depend on it! 
Engineering Officer: I’m giving it all I’ve got, captain!

image

First Officer (profusely sweating): Captain, we have only [low battery duration] minutes left on auxiliary and the ship’s main power is still off-line. If we don’t evacuate now, we won’t get the entire crew out on time. Should I send the evacuation signal?
Captain: Make it so… and may God have mercy on our souls!

Hopefully that gives you a better understanding of how the shutdown process work!

PowerChute Clients Setup


PowerChute Clients – add the IP addresses of the servers you are going to gracefully shut down.

image

Now that we have configure the network monitoring card, it’s time to configure the servers.

Download and install PCNS on the physical servers you plan to gracefully shut down in the event of a power outage. Do not install PCNS on virtual servers.

image

Once the software is installed, it will open a browser and begin the configuration utility.

Select your preferred networking protocol, SCVMM support and UPS configuration. You will need the NMC user name, password and authentication phrase. Unless you have changed them, the defaults are:

User name: apc
Password: apc
Auth Phrase: admin user phrase

Add the IP address of your Network Monitoring Card (NMC) and click next…

image

The wizard will confirm the settings, then click on the apply button.

image

If you are using Hyper-V, set the duration for Hyper-V shutdown. This should be how long it takes to gracefully shut down the virtual machines. It should provide ample time for VM shutdown before the physical machine is shut down. If the example below, we set that threshold for 10 minutes (600 seconds) to give an old server plenty of time to shut down its VMs. If our low battery duration is 10 minutes, that leaves us no time to gracefully shut down our physical servers! So make sure you set this value high enough to allow graceful shutdown of your VM’s while still allowing plenty of time for your physical servers to shut down before your UPS shuts off! If you set your VMs shutdown duration for 10 minutes, then your low battery duration should be set to at least 12 minutes.

image 

After the VM shutdown duration time has been exceeded, the PowerChute software will start to shut down the physical machine.

You do not need to turn off the UPS, this action will be performed by the network monitoring card based on its settings.

image

Once the wizard connects successfully, click finish.

Please note, it’s useful to test your configuration in a lab environment before configuring these solutions in a production environment. A lab test will give you ideas of how to tweak the settings to best fit your needs.

1 - 10Next
Managed IT Services & Helpdesk

 ‭(Hidden)‬ Blog Tools