I’ve been using Google Drive to sync files for some time now, because it’s great having 15GB of storage sitting in the cloud that I can access anytime. I’m not here to point out the merits of having a google account that needlessly and continually asks me to come back to my google+ account, and yes I find it annoying that gmail now separates my mail into confusing tabs that really don’t have any meaning to me. That little rant is for another article. Today, I’m going to show you how to get the green tick marks back on your google drive to show that all your files are syncing.
When I had google drive, I found I needed more cloud storage, so I installed Skydrive and most recently installed the Synology Cloud Station product. What this does is make my bottom toolbar look like it threw up as I have close to 20 icons sitting in the corner. Call me OCD, but I need to see all my icons and having them hidden drives me bananas. The problem with Windows Explorer is that it only allows for 15 slots for icon overlays. What does this mean? When you put more changing icons (such as the aforementioned skydrive, google drive that requires icons change to green for synced, red for unsyncable, or yellow or whatever color) you’re using up that 15 slot overlay. In my case, my Google Drive puked and turned all the folders and files inside into normal looking icons – which normally wouldn’t be a problem, but I couldn’t see if any files had problems getting up to the cloud. Here, I’ve compiled an easy to follow fix should you encounter the same situation.
These instructions are for Windows 7, and I’ve heard they work on Windows 8 as well.
1. Run Regedit and navigate to HKEY\LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
2. Find these 3 entries: ‘GDriveSharedOverlay’, ‘GDriveSyncedOverlay’ and ‘GDriveSyncingOverlay’
3. Add a prefix ahead of them: ‘0GDriveSharedOverlay’, ‘1GDriveSyncingOverlay’ and ‘2GDriveSyncedOverlay’, so it should look like this now:
4. Reboot your PC and take a look at your google drive icons – they should all re-appear with the green ticks:
You will have to repeat these steps over time, or whenever you overfill the 15 icon buffer limit on your Windows machine -so keep that in mind.
In part 1 of this tutorial, I stepped through configuration of the Cisco Equipment and configuration of the Network Policy Server with Certificate. In this tutorial, I’ll show you how to tie it all up in Group Policy.
This tutorial already assumes you have the following:
*Group Policy objects SPECIFICALLY for laptop computers
*CA certificate created
Group Policy can make your life easier especially if you have a large environment. It’s important to have a good, CLEAN Active Directory free of clutter or orphaned objects (re: objects you don’t know about). I suggest separating your computer accounts by PC and Laptop, laptops will get the wireless group policy while the PC’s won’t as they are typically hard lined into a RJ45 Jack.
First, create a new GPO: give it a meaningful name
Once created, drill down into Computer Configuration->Windows Settings->Wireless Network (802.11) Policies and create a new Windows Vista (AKA Windows 7-8) Policy. Tailor this to your needs, you can easily create a Windows XP Policy as the screens are very similar.
Create a Policy Name, I gave mine simply ‘Corporate Wifi’. I also used the Windows WLAN configuration utility. This means if you’re using the Dell connect utility or the HP connection manager this Group Policy will not work. Again, depending on the laptops you’re configuring you’ll have to make adjustments. This guide assumes you’re formatting laptops with standard Windows Operating Systems with no additional bloatware.
After giving it a policy name, add an Infrastructure network (on the bottom).
The Profile Name will be what shows the client is connected to – this means you have the opportunity to give your SSID another name to your internal employees. For this example, I have an SSID of ‘Super-Secret-Wireless’, but the Profile name is simply ‘Wifi profile’. When your users connect to wireless, they will only see they are connected to ‘Wifi profile’.
Click the Security Tab to change your SSID’s security settings. I’m using WP2-Enterprise authentication with PEAP and a certificate. To choose the certificate, click on Properties beside your authentication method.
Ensure you’re validating the Server Certificate, then put a checkmark on the certificate you created in the first part of this tutorial. To ensure you clients have the certificate, you can use a GPO to install the certificate for you automatically.
Once you’ve added the profile, you’ll see it as one of the SSID’s in your associated Vista wireless policy
That’s about it. As long as your client has the certificate, and you force a GPUPDATE they should be connected to your new wireless without your need to touch every laptop.
The last tutorial was done on Server 2012, these screen caps were done from a 2008 server. Don’t worry, most of the content is still the same across both operating systems.
As specific as that list is, much of what Cisco offers with older IOS versions still holds true. The authentication model still works, particularly the 802.1x configurations. From the get go, you will have to create a new certificate if it’s not a Domain Controller. This link explains in depth creation of a Certificate for use on a PEAP authentication model. If you do have a domain controller, you can use the domain certificate for this purpose.
I recommend creation of a an RAS-IAS certificate and pushing the certificate via GPO, namely as you can change the expiration date of the certificate (like 10 years in the future if you really want).
First, configure the NPS:
You’ll need the IP address of the WLAN controller (this example is 192.168.50.250) , configure the shared secret as you’ll need it for the Cisco WLAN.
For the properties portion, use RADIUS Standard. You can choose a specific Cisco device – but for this example and setup the RADIUS Standard works.
Next, click on Connection Request Policy, we’re going to create a new policy to use this server as the RADIUS authentication server
Give your Policy a meaningful name and make sure it’s enabled
For the Overview, make sure you check “Grant Access”, otherwise your clients will not connect. You don’t have to specify the network access server for this example.
Under Conditions, enter the IP of the Cisco WLC as an NAS IPv4 Address type. When IPv6 becomes available, you’ll see how this will change.
For Constraints, choose Authentication Methods, and add in Microsoft: Protected EAP (PEAP). Make sure it has the same checkmarks as the ones below:
Highlight and click Edit… on the PEAP properties. Here is where you want to ensure you have the proper Certificate. Earlier in this tutorial, I mentioned using an RAS-IAS certificate over a domain issued certficate as the expiry date can be lengthened by a wider margin. In your dropdowns, you should see this one, and your domain certificate (if this is a domain server). If you’re having trouble deciding which certificate is which, Run the Windows Certification Authority and look at your issued certificates, the Certification path shows the name. Use the appropriate one you want. You should have only 1 option for EAP type: MSCHAP-V2.
Next, log into your Wireless Lan Controller to do additional configuration. For this example, I’ve already created by Wireless network and given it an SSID (longer steps are involved for that of course). From the WLC main page, navigate to the Security Tab, and along the left hand side choose RADIUS->Authentication. Add a new Server Address, here I’ve plugged in the IP of my Windows NPS. Keep the default port 1812.
For my Cisco IOS version, I had to change my Session Time out value to 24 hours (86400 Seconds) as it was dropping every few minutes. Older Cisco IOS versions don’t have this issue- could be something to do with Server 2012 polling. Your mileage may vary.
After adding in the IP of your NPS server, click on the SSID you want to use authentication, and choose the ‘Security’ Tab, in the sub tabs choose ‘Layer 2’, choose WPA+WPA2 for the type of security.
Next, choose ‘AAA Servers’. For the first server, it should populate to the IP of our NPS server we did in a previous step. The port will show up as 1812 (the default value) as well. Make sure to use LDAP authentication to the same server, or the IP address of your domain controller if your NPS lives elsewhere. Note the port changes for LDAP versus RADIUS NPS.
Save your changes and you should now have a functioning WPA wireless using RADIUS for authentication. There are a few caveats here; you need to EXPORT the certificate used for authentication from the NPS server, and IMPORT into your Windows Laptop, then configure wireless to use said certificate and Windows domain.
Part 2 will cover adding the certificate and wireless network via Group Policy.
After purchasing a Synology DS-413J to replace my DNS-323 device, I wanted to repurpose the old NAS into a backup server. In my mind, I pictured using a Richcopy or Robocopy scheduled task from a Windows machine to talk to the 2 devices. As it turns out, both the NAS’s can speak the same language (linux) and there’s a handy little tool that takes a couple steps to do, but is well worth the effort if you want re-purpose a DNS-323.
cd/mnt/HD_a2/ffp/start
sh sshd.sh start
chmod a+x sshd.sh
Issue this command so you’re not just stuck with the busybox-only prompt:
usermod -s /ffp/bin/sh root
Change the default directory in ssh to something more familiar:
usermod -d /mnt/HD_a2/ root
That’s the most condensed version of Funplug I can give you guys, there’s lots of more minute details, but for now that will do to get what’s necessary: RSYNC and SSH services on the DNS-323.
2. Configuration of RSYNC requires some small knowledge of text editor vim or ‘vi’ as the busy box package has. First, SSH in with the root account, and create a new file named rsyncd.conf in the /mnt/HD_a2/ffp/etc directory:
login as: root
root@DNS323's password:
root@DNS323:/mnt/HD_a2# cd/ffp/start
root@DNS323:/mnt/HD_a2/ffp/start# sh rsyncd.sh status
rsync not running
root@DNS323:/mnt/HD_a2/ffp/start# cd ..
root@DNS323:/mnt/HD_a2/ffp# cd etc
root@DNS323:/mnt/HD_a2/ffp/etc# vi rsyncd.conf
The contents of rsyncd.conf should look like the below:
# /ffp/etc/rsyncd.conf configuration file
max connections = 2
secrets file = /ffp/etc/rsyncd.secret
use chroot = false
read only = no
list = false
strict modes = false
hosts deny = *
timeout = 600
dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
*.mkv *.avi *.mpg *.jpg *.rar
pid file = /var/run/rsyncd.pid
[File Backups]
hosts allow = 192.168.0.1/24 #your local network IP range
read only = false
gid = backup
uid = backup
auth users = backup_user
path = /mnt/HD_a2/Backup_directory #Path of Backup on DNS unit
I’ve highlighted the lines you’ll need to change:
hosts allow = This is the IP Address range of your local network, the above example is for a standard Class C network, make the appropriate changes to yours. The /24 denotes the type of subnet mask you’re using. /24 pertains to a standard 255.255.255.0, this typically will fit your home network. Otherwise, here’s a cheat sheet on subnets.
auth users = This user has to be created through the DNS-323 web server. You can stick with the standard ‘Admin’ account if you want, but for security purposes it’s a good idea to have a separate one for backup jobs.
path = is the path on your DNS-323 of where you’re going to backup your data.
3. After saving rsyncd.conf, you’ll have to create a new file, rsyncd.secret:
root@DNS323:/mnt/HD_a2/ffp/etc# vi rsyncd.secret
Contents of rsyncd.secrets is very short as it contains the username and password of your backup user authenticated from rsynd.conf:
#One line per user; a User ID:(colon)then password
backup_user:password
The command is just one line, username:password. This is where you fill in the username and password created in the web interfaced of your DNS-323, and specified rsyncd.conf.
root@DNS323:/mnt/HD_a2/ffp/etc# sh /mnt/HD_a2/ffp/start/
rsyncd.sh status
rsync not running
root@DNS323:/mnt/HD_a2/ffp/etc# sh /mnt/HD_a2/ffp/start/
rsyncd.sh start
Starting /ffp/bin/rsync --daemon --config=/ffp/etc/
rsyncd.conf
you can also run
sh rsyncd.sh status
To see if the Rsync service has been started properly. I would also recommend making sure that Rsync starts up with the DNS323 on each reboot or power off
Now we configure the Synology to backup to RSYNC services on the DNS323
*New Screenshots compatible with DSM 6.2.3 added Jan 21, 2021*
4. After logging into DSM, goto Hyperbackup, open the backup wizard to open a new job. Choose ‘Data backup task’
For the Backup Destination type, choose RSYNC
For the backup settings, configure the Server type as ‘rsync-compatible server’, enter in the pertinent details of your DNS323. It should look similar to the screenshot below. For port, just keep the default 873. The Backup module, make sure to use the exact same “Path” from the rsyncd.conf file.
ie. path = /mnt/HD_a2/Backup_directory
Backup module = /mnt/HD_a2
Directory = Backup_directory
After you hit, next DSM will test the connection for you. As long as you’ve configured the RSYNC on the DNS-323 and started the service, DSM should pick it up. After you choose your backup selections, make a schedule; set it and forget it.
Items to keep in mind *Rsync is not hailed for speed!. On average RSYNC only travels at around 1.5-4MBps.
*Synology Hyperbackup cannot run simultaneous jobs. This means if you’re backing up a lot of data, it will take a while! Plan Accordingly, take offline backups to USB, whatever your use case scenario might be.
I always thought that Windows 7 would automatically switch to the next fastest connection. I’d been trying to figure out why it seems to stick with a wireless connection even after connecting a network connection. Turns out, Windows 7 eschews speed for reliability.
I especially found this annoying when, after booting and automatically being connected to the wireless I plugged into CAT5 and tried transferring a file from my NAS only to see my wireless connection hitting the ceiling at 3.5MBps second. Luckily, I’ve found a solution that’s beencoveredin otherplaces, but I like to put my own spin on things:
1. Goto Control Panel -> Network and Sharing Center, click on Change adapter settings
2. From the adapter menu hit ‘alt’ to bring up the Windows File editing menu, and you’ll see the super-hidden ‘Advanced’ column that’s been evading you all these years. Then to Advanced Settings…
3. This brings you to a listing of connections by priority. Notice that Wireless is along the top, or first in priority. Simply move the Local Area Connection to the top or just above the wireless connection. Hit OK.
4. All done! Now the next time you boot up with wireless, and plug in a wired connection Windows 7 will automatically switch to the ‘fastest’ connection!
There’s a slight bug with the Exchange 2010 server, in that it automatically remaps any shared mailboxes you’ve used when the client is either Outlook 2007 or 2010.
If you’re mapped a mailbox in the past, an automapping feature kicks in and puts the mailbox back on your profile, even if you’re starting out with a brand new profile. To disable this, you have to log into your exchange server and issue some commands from the Exchange Powershell:
Once a mailbox is disabled from the Exchange 2010 console, it shows up in the disconnected mailboxes after the nightly maintenance. Sometimes however, a company can change it’s mind at the last minute and decide to either hire someone back and that’s when the IT admin has to bring that disconnected mailbox back within the hour.
Instead of waiting around for the nightly maintenance to occur, you can force your Exchange 2010 server to pick up the mailboxes almost immediately.
1. First and foremost, re-enable the user’s Active Directory account, as it has all the proper SSID’s and is actually the name you want to restore.
2. Check the disconnected mail, if you just disabled it you likely will not see it
3. if you don’t see it there, you’ll have to manually do the mailbox cleanup (commonly known as maintenance. Open up a Exchange power shell and issue the cmdlet:
Get-MailboxDatabase | Clean-MailboxDatabase
Be careful with this command, as it cleans all your mailstores. If you have only one mailstore you want to run this command on, you have to use:
Clean-MailboxDatabas “Your Database Name”
4. Once you’ve done that, refresh your disconnected mailboxes and you should see the mailbox you want to reconnect:
5. From here, right click and reconnect the mailbox you want!
When you have to remote desktop to a Windows based server or computer, your default option is RDC protocol. This is a useful utility if you’re connecting to one computer at a time. So what if you need to connect to ten or more? Do keep in mind, not all those computers have the same credentials, and saving all those .RDP files to your desktop will get very cumbersome.
As you can see from the screencap directly from MS techblog, the application lets you open multiple RDC connections at a time giving you full control over: inherited credentials, gateway settings for VPN connections, individual display settings, individualized local resources… the list goes on. Super handy utility when I was building a new virtual environment with Hyper-V; after creation of the VM, I put in the server name with full credentials and saved it under the proper group.
I’ve used other tools similar to this such as the RSAT tool that felt unfinished, as well as RoyalTS, VisionAPP, and Terminals. All these programs worked well for what I used them for, but each had their own little quirks and last minute features such as screen-shot ability. The part I like the most about RDC Manager from Microsoft is the price: completely free. Plus, it just feels like it goes with the rest of the Windows experience, from the toolbars to the menus it definately feels like a MS product.
So if you need to remote to a hell of a lot of computers and like a freebie that’s right from Microsoft, give it a shot.
If you have an Excel heavy group of users, you will likely come across this issue. This happens when someone merges an existing excel file with another one, creating a super excel file that has links and formatting all over the place. When an excel workbook has too many different combinations of formatting, it freaks out and you get the error message above when you try to change formatting of a cell.
This file cleans up the offending excel file by cleaning up whatever nasty bits of information are corrupting the data. I’ve tested this tool, and it looks like it only cleans up formatting, leaving all data and formulas alone. After running the tool, the file became editable again!
From a Windows perspective, you kinda need Windows remote desktop protocols. Even if you don’t know what it does, your IT admin uses this on a daily basis if he/she is running a Windows based environment.
Remote Desktop in a nutshell is the ability to “drive” another Windows based computer remotely. So what happens when you’re trying to connect to a Windows computer, from a non-Windows computer?
I ran across this when working on a super old Windows 98 computer. As used as I was to many Windows 7 commands, taking a quad leap backwards felt as unnatural and old fashioned as you would think. I’ve even memorized the command line to bring up the remote desktop protocol from run line:
mstsc -v: thebigoldserver.somecompany.com
See? Nice and simple. But the command prompt on the Windows 98 computer simply gave me the error that such a command did not exist.
Once I realized that it wasn’t 1998, I had to rethink my approach. So, how could I connect to a server without the RDP program?
2x Client. This little guy is touted as an RDP solution (thus the anti-citrix bandwagon). The great thing about 2x is that it does not require any older version of RDP to work (as many software vendors tend to do: repackage their software using existing run times).
I’m also an avid visitor of portableapps: programs that can run directly from a USB stick. The website offered the 2x client as a portable application. Onto the USB stick it went, along with a few other useful utilities.
2x works with OS X, android and multiple distributions of Linux as well. So there really is another way to get around the RDC protocol.
.jpg)
