User called to say Audio/Video devices were failing to pass through to MS Teams. Under Settings > Devices listed “None” across the board:
Checked the local workstation and found the HDXTeams.exe was not running (should start automatically when Teams in Citrix launches)
Logs are here: %userprofile%\AppData\Local\Temp\HDXTeams
Solution: I had to disable built-in microphone and speakers – one or both of these were the problem:
Test and Download App
#Downloads the Docker File from Dock Hub
dock pull %dockerusername%/%dockername%:latest
#Runs the Docker File on port 80 if the container is active on port 3000 ( Test go to http://localhost )
docker run -p 80:3000 %dockerusername%/%dockername%:latest
#List current dockers running
docker ps -a
#Stop the container by id ( found from above )
docker stop ad5b49ba5476
#Clear Stopped Containers
docker container prune
Upload App to Azure
**Create an Azure Container or reuse an existing one**
**Run the below in Azure Shell**
#Show credentials for login and save username and password
az acr credential show --name %azurecontainer%
**Run on Docker PC**
#Login to Azure Docker
docker login %azurecontainer%.azurecr.io --username name %azurecontainer%
#Tag docker for upload
docker tag %dockerusername%/%dockername% name %azurecontainer%.azurecr.io/%dockername%:latest
#Push Docker to Azure
docker push name %azurecontainer%.azurecr.io/%dockerusername%/%dockername%:latest
Run in Azure
#Create Azure Service plan
az appservice plan create --name %serviceplanname% --resource-group %azureresourcegroup% --sku S1 --is-linux
#Add Docker App to Azure Service Plan
az webapp create --resource-group %azureresourcegroup% --plan %serviceplanname% --name %appname% --deployment-container-image-name %azurecontainer%.azurecr.io/%dockername%:latest
#Set the details to access the Docker
az webapp config container set --name %appname% --resource-group %azureresourcegroup% --docker-custom-image-name %azurecontainer%.azurecr.io/%dockername%:latest --docker-registry-server-url https://%azurecontainer%.azurecr.io --docker-registry-server-user %azurecontainer% --docker-registry-server-password %passwordfromshowcredential%
#Make the app live on its specific port e.g. 3000
az webapp config appsettings set --resource-group %azureresourcegroup% --name %appname% --settings WEBSITES_PORT=3000
Test the app
A SIEM Alert noticed lots of traffic transferring from a computer to IP’s in this range 18.104.22.168/24 ( amazon cloudfront)
Tracing down the app on the computer using Netstat showed this was Chrome.exe
Tracing down the task manager inside of Chrome showed it was this process
Utility: Network Service Looks to be one of the process’ the chrome browser sends and receives network traffic through , But I can’t tell you exactly what , but it is needed !
- Install a new NPS Server ( cannot be existing as MFA will take over existing requests such as Wifi! )
- Installed Azure AD NPS Plugin and Enroll in Azure AD
- Add a Radius Client to the NPS server of the IP ( VIP ) of the Netscaler
- Add the Radius server in Authentication – Set Timeout to 10Seconds , set Password to MsChapv2 Set NASID to MFA
- NPS Server Policies
Recently I got hold of a Fortinet Lab FG-100D. The Fan in this unit is around 50db and not suitable for a lounge. The device is not licensed and out of support so I could ‘tweak’ it!
The quietest 4-Pin ( sending feedback back to to the Fortinet of fan speed so it can adjust ) 40mmx 20mm fan I could find was a NF-A4x20 with 15db of noise , however much-reduced airflow!
The NF-A4x20 comes with a different fan plug then the Fortinet Socket. The connect should match the other size , however a little pressure helps the fortinet socket accept this!
The good thing about this fan is it also comes with a LNA ( Low noise adapter ) a cable that drops down the (voltage) speed of the fan. The 100D also has two power fan points. I was able to put the LNA on the original fan, then readjust the fans like below. I ran both for a week however sometimes the old fan would whir up, so I ended up disconnecting the original and left the NF-A4x20 and it has been stable!
Work out how much Space
work out bandwidth
- It is not a good idea to target the primary and backup copy job to the same repository as this negates the 321 rule and if an issue was to occur on that repository the primary and secondary copies of data would be lost.
- Instead it would be better to use a primary repository configured with ReFS and then have a secondary location configured with Windows Deduplication (Compression should be off instead of auto).
- It is not generally considered a good idea to have deduplication for the primary backup chain as this effects performance and increases RTPOs.
- The actual space savings depend on the change rate of the source data and the types of chains that are used on the ReFS repository. Also ReFS savings don’t show when viewed through file explorer. To learn more about checking the files savings please take a look at these links;
- Some limitation worth mentioning are Windows deduplication is for 4TB files so larger files will not be completely deduped. Also GFS doesn’t show ReFS savings until the point is synthesized as up to this point it will only shows as an incremental and changed blocked cannot be reused by ReFS pointers.
I needed to allows N-able Take Control
The guide online showed that we had to whitelist *.mspa.n-able.com , however the firewall could not whitelist Wildcard address. The static address’ are
VERBOSE: PowerShell meta provider initialization failed.
VERBOSE: PowerShell meta provider initialization failed.
PackageManagement\Import-PackageProvider : No match was found for the specified search criteria and provider name
‘NuGet’. Try ‘Get-PackageProvider -ListAvailable’ to see if the provider exists on the system.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\22.214.171.124\PSModule.psm1:7302 char:25
+ … $null = PackageManagement\Import-PackageProvider -Name $script:Nu …
+ CategoryInfo : InvalidData: (NuGet:String) [Import-PackageProvider], Exception
+ FullyQualifiedErrorId : NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.ImportPackageProv
Run this before
To enabled TLS 1.2, you may need to run this before
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12