Windows – Michael Groff

Home Lab 2.0

Michael — Fri, 01 Mar 2019 00:22:12 +0000

This post will serve as the 10,000 ft overview of my environment and what it all consists of. I plan to follow up this post with a series of smaller posts breaking down my Home Lab into the following sections:

(as I update these blog posts, links will appear and become active)

Home Lab Servers & Storage
Home Lab Routing & Switching
Home Lab Access Points
Home Lab Surveillance
Home Cat6 Cable Wiring

Home Lab Servers & Storage

In this post I go into details about the server and storage that I use in my Home Lab environment.

The current hardware I use is:

Dell PowerEdge R710 SFF & LFF
Dell PowerEdge C2100
Dell PowerEdge CS24-SC (Essentially a 2950)
Dell PowerEdge R510 LFF

The operating systems that I use are:

VMware esxi 6.5
VMware esxi 6.7
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
FreeNAS 11.1 (U7 if you care)

I have purchased or otherwise acquired some Gen10 and Gen11 Dell PowerEdge Servers throughout my years in IT. I enjoy having a Home Lab to work in and learn new things without repercussions of really messing something up. In my environment, nuke and pave is not frowned upon at all. I do my best to say up-to-date and using the latest and greatest trial software, but due to the hardware I am running, that goal comes with some limitations.For instance, my C2100 servers simply cannot be upgraded beyond esxi 6.5. The processors are not compatible with esxi 6.7. However, I was able to upgrade my vCenter Server to 6.7 and still have it manage my 6.5 hosts.

Most of my servers are running Windows Server 2019, but some are still running 2016 as I havent had the time or need to update them. (Such as DC’s and DB’s)

My Storage devices are all PowerEdge Servers running FreeNAS. I set them up with FreeNAS and configure the iSCSI service for MPIO to my esxi hosts. I find it is a set-it and forget-it type of thing. I am subscribed to some FreeNAS emails and RSS feeds, so I look out for OS updates and install them accordingly.

Home Lab Routing & Switching

In this post I will cover all the networking equipment that I use in my home lab and how I use it.

The networking hardware that I use is:

Unifi USG-PRO-4 (Gateway)
Unifi US-24 (Switch)
Unifi US-8-150 (Switch)
3 x Dell PowerConnect 7048P (Switch)
Netgear ProSAFE GS108Ev3 8-Port

For most of my networking equipment, I run Ubiquiti Unifi equipment. This is marketed as “Enterprise” networking equipment, but imho, it is far from “Enterprise”. I would place it solidly in the “prosumer” line of networking equipment. Dont get me wrong, their WAP’s are pretty awesome. But their switching and routing devices leave much to be desired. Their GUI is quite pretty and you can do enough to get by through it, but for really advanced setups, you are required to edit a json file. Often the editing of the json file is unsupported and a PITA the figure out.

For the rest of my networking equipment, I run some classic Dell PowerConnect switches. I run the 7048P’s. For the most part, I dont need the PoE feature, but for under $150 per switch, I couldnt not get the PoE feature. I just disable it on the ports where it is not needed. The language is pretty similar to Cisco so getting by in command line is my preferred way to manage these.

Oh, and I have a Netgear managed 8-port switch. This little guy has kept up with the other two brands of switches afaic. I like the little guy and it works great as an under the desk switch.

Home Lab Access Points

In this post I will cover the Access point that I use in my home, discussing wiring, port and physical placement.

The hardware access points I currently use are:

Unifi UAP-AC-PRO
Unifi UAP-AC-M-PRO
Unifi UAP-IW-PRO

For all my Wireless, I trust in the Ubiquiti Unifi line. They are a great “prosumer” product at a price that I can afford. And they definitely do their job for my home needs. I have even installed these at a few businesses with very solid results.

Home Lab Surveillance

In this post I will cover my Home Surveillance Solution using my Home Lab equipment.

Some of the equipment I use is as follows:

Home Server (Sometimes virtualized, sometimes standalone)
BlueIris NVR Software
Reolink IP Cams
- RLC-410
- RLC-411
- RLC-420
- RLC-423
HikVision IP Cams
- DS-2CD2142FWD-IS 4MP
Ring Pro Doorbell

When I first got into the surveillance game, I was purchasing Hikvision IP Cameras from a specific re-seller in my area. Since then, Reolink has become quite a mainstream prosumer product and I can get them from Amazon. So as of late, all of my Reolink cams have been purchased from random amazon sales.

Overall I enjoy both cams, but prefer the Reolink branded cams over Hikvision.

As for the Ring Pro Doorbell. I got it because it’s easy for the wife to use and not answer the door if she doesn’t want to. I have it on a “security device” vlan, so it is segmented off. I actually do enjoy the device. It is nice having something in the cloud separate from Blue Iris.

Home Cat6 Cable Wiring

In this post I will go through what it takes to wire up your home with Cat6 cabling. This is currently an ongoing process for me and may be for some time yet to come.
The materials you will need to complete wiring in your house are as follows:

Cat6 cabling
RJ45 Cat6 Jacks
RJ45 Boots
RJ45 Crimping tool
RJ45 Punch Down tool
Cat6 Wall Plates with Jacks
Pull String

Wiring your house is a process. If you have unlimited amounts of money, then hire a company to do it and they will charge you a few grand to go in there and get it done. They will most likely run the cables in a manner that works, but is not tech approved bc they are dudes who just know how to run cables, not why they are run or consequences of how they are run. If you are like me where money is not an endless pit of fun and you like having control over things, then you will want to take on wiring yourself. Overall you can do this for a fraction of the cost compared to contracting it out, but it will be a lot of work and sometimes, a complete, PITA. If you live in Texas like me, only plan on doing this kind of work from late October through late April… It gets hot in there.

Overall, I have found wiring my house to be quite rewarding, both financially and emotionally. I am able to “put a stamp” on my work and be proud of what I have done.

WordPress Permissions for Windows

Michael — Tue, 26 Feb 2019 03:08:00 +0000

So I have had this post sitting in the “Draft” stage for years now. Probably 3 or 4. I thought I was going to tackle this and set something definitively out there for some people to follow. And today I will finally do just that.

Here are the suggested WordPress file permissions for Windows:

RUN LINUX!

PS Script install WP manually on Server 2012 R2

Michael — Thu, 14 Jul 2016 22:23:07 +0000

This post does basically the same thing that I have already covered in my “WordPress on IIS 8.5 (Windows 2012 R2)” post, but it is a script that does literally everything for you. You will just need to add in a few of your own settings into the script, run it, and you will have a functional WP site.

First lets start of with the Features that I already have installed:

You will most likely have all of these but Telnet… INSTALL TELNET!

DisplayName                                   Name                      InstallState
-----------                                   ----                      ------------
File and Storage Services                     FileAndStorage-Services      Installed
Storage Services                              Storage-Services             Installed
.NET Framework 4.5 Features                   NET-Framework-45-Features    Installed
.NET Framework 4.5                            NET-Framework-45-Core        Installed
WCF Services                                  NET-WCF-Services45           Installed
TCP Port Sharing                              NET-WCF-TCP-PortSharing45    Installed
SMB 1.0/CIFS File Sharing Support             FS-SMB1                      Installed
Telnet Client                                 Telnet-Client                Installed
User Interfaces and Infrastructure            User-Interfaces-Infra        Installed
Graphical Management Tools and Infrastructure Server-Gui-Mgmt-Infra        Installed
Server Graphical Shell                        Server-Gui-Shell             Installed
Windows PowerShell                            PowerShellRoot               Installed
Windows PowerShell 4.0                        PowerShell                   Installed
Windows PowerShell ISE                        PowerShell-ISE               Installed
WoW64 Support                                 WoW64-Support                Installed

NOTES:

Use https://api.wordpress.org/secret-key/1.1/salt/ to generate your Salt Keys… After they have been generated, you must replace any “$” character with any other character. Not just this script, but WordPress will not work if there is a “$” character in the salt keys.
You will be asked for some variables, they are as follows:

Variable	Example
IIS Site Name	MyWordpressSite.com
IIS App Pool Name	MyWordpressSite.com
Directory Path for website	C:\inetpub\wwwroot\MyWordpressSite
Database Name	wordpress612
Database Username	wordpressuser612
Database Password	mysecretpassword612
MySQL root Password	v9gvBhTG@*b6n#^!v
FTP Username	FTPUser
FTP Password	FTPPass123!

You can download check out the progress of the script on my Github and you can download it with the following icon:

Now for the Script

<# 

    .SYNOPSIS
    Install a new WP site with all pre-reqs using pre-set variables. Can be used for additional sites.
    
    .DESCRIPTION
    This script will create a WordPress site with known-working configurations.
    Script can also be used to add additional sites as checks are in place. 
    To customize site, update custom variables as desired. 
    CAUTION - this script will overwrite a current site
        
    .OUTPUTS  
    A new wp site ready for your configuration! ;-)
     
    .NOTES
    Author: Michael Groff
    Minimum OS: 2012, 2012 R2
    PS Version: 4.0
    Date:  1/12/17
    
#>

#Checking Powershell Version

$LocalPSVers = (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\PowerShell\3\PowerShellEngine\").PowerShellVersion | Where-Object {$_ -gt "4"}

IF (-not$LocalPSVers)
{
    Write-Host "
You need to upgrade to atleast PS Verion 5 before running this script!
" -ForegroundColor Red
    Read-Host "Press enter to exit"
    BREAK
}
ELSE
{
    Write-Host "
Correct Powershell Version found, you are good to go!
    " -ForegroundColor Green
}

###
###Variables Start: 
###
#Site Name, must inclue the TLD (.com, .info, .net, etc.)
Write-Host "
The website name, must inclue the TLD (.com, .info, .net, etc.)
" -ForegroundColor Yellow
$iisAppName = Read-host -prompt "Enter the website name"
#IIS App Pool Name: 
Write-Host "
The iis app pool name, can be same as website
" -ForegroundColor Yellow
$iisAppPoolName = Read-host -prompt "Enter the iis app pool name, can be same as website"
#Site Path
Write-Host "
The suggested website root directory path is 'C:\inetpub\wwwroot\MyWordpressSite'
" -ForegroundColor Yellow
$directoryPath = Read-host -prompt "Enter the Website root directory path"
#Database Name
Write-Host "
The WordPress Database is a MySQL Database
" -ForegroundColor Yellow
$dbn = Read-host -prompt "Enter the WordPress Database Name"
#Database Username
Write-Host "
The WordPress Database User is a MySQL User
" -ForegroundColor Yellow
$dbun = Read-host -prompt "Enter the WordPress Database Username"
#Database User Password
Write-Host "
The WordPress Database Password should be a strong password, minimum 12 characters
" -ForegroundColor Yellow
$dbpw = Read-host -prompt "Enter the WordPress Database User Password"
#MySQL root password
Write-Host "
The  MySQL root password, this will create one if it doesnt exist
" -ForegroundColor Yellow
$MySQL = Read-host -prompt "Enter the MySQL root password"
#Salt Keys - https://api.wordpress.org/secret-key/1.1/salt/ (NOTE: Replace any $ that you see with another character!)
#Authentication Key
$AuthKey = "ry=,b*Gp,+1-voDYM`zq#:S_^ODN Lp9:_:&D5o6C%0SXsyi

WordPress on IIS 8.5 (Windows 2012 R2)

Michael — Sun, 24 Jan 2016 05:11:12 +0000

The Manual Installation and Configuration of WordPress and all accompanying components on Windows Server 2012 R2

WordPress “Requirements”

PHP 5.6 or greater
MySQL 5.5 or greater
The mod_rewrite Apache module

– You can find the requirements more depth directly from the WordpPress page: WordPress Requirements

We are going to use:

WordPress Version 4.3.1
PHP 5.4
MySQL 5.5
IIS URL Rewrite

NOTE: This tutorial assumes you have turned off IE Enhanced Security and Enabled downloads in IE

And that you have set up DNS correctly or modified your hosts file with your domain name

Prep

Windows Roles and Services

First we need to install the proper Windows Roles and Services, some IIS add-ons and MySQL

Roles:

Web Server (IIS) – Add features that are required and Include management tools (if applicable)

Features:

.NET Framework 3.5 Features – Add features that are required and Include management tools (if applicable) – Note: this includes .net 2.0 for PHP Manager that we will install later

SMTP Server – Add features that are required and Include management tools (if applicable) *This will not be covered

Telnet Client (you dont need it for wordpress, but you should always have this installed for testing)

Role Services for IIS: (leave the default and add the following)

Health and Diagnostics:
- Logging Tools
- Request Monitor

Application Development:
- ASP.NET 4.5 – Add features that are required and Include management tools (if applicable)
- CGI

IIS add-ons (PHP, URL Rewrite,

Open IIS, click on your server, and a pop-up box will ask you if “…you want to get started with Microsoft Web Platform…” Click Yes, then proceed to download and install the Web Platform Installer.

Close IIS and the re-open it, now you will see the Web Platform Installer

Open the Web Platform Installer and Install the following:

PHP 5.4.24, this will install:
- Microsoft Drivers 3.2 for PHP v5.4 for SQL Server in IIS
- IIS Manager
URL Rewrite

Click Finish and close IIS as we are done with that for now.

MySQL

Now we are going to Download & Install MySQL 5.5.45 and MySQL Workbench.

NOTE: If you know how to run mysql from the command line, the more power to you, this is for Windows. We are going to use a feature of my sql that incorporates a windowed GUI, hence the name

Links to Downloads: MySQL Server & MySQL Workbench

First install MySQL 5.5.45 and at the end of the installation, leave the box checked and you will enter the Instance Configuration.

Choose the Standard Configuration option, click Next

Choose the Install As Windows Service option, name it, and then click Next

Set your root password and click Next

Last click Execute

Now to install MySQL Workbench. I will let you figure this one out. Hint: Download the prerequisites.
At the end of the install, make sure you launch MySQL Workbench before you click Finish

WordPress

Download WordPress and unzip it to C:\inetpub\wwwroot, so you should see the following:

That concludes the prep for a WordPress site to be built, now we need to start the actual configurations.

Configuration

IIS Configuration

Create a new website in IIS, and fill out the fields appropriately:

Site Name: MyDomain WP Site (arbitrary, just make it identifiable)
Physical path: C:\inetpub\wwwroot\wordpress (the folder we extracted earlier)
IP address: Depends on the IP’s on your server, I have one so all unassigned is fine.
Host name: www.mydomain.com

Add in an additional binding for non-www: http, All Unassigned, Port 80, and mydomain.com

Move the Default Document for index.php to the to of the list:

Create a URL Rewrite rule as follows:

Rule Name: WordPress (or whatever you want, this is arbitrary)
Match URL:
- Requested URL: Matches the Pattern
- Using: Wildcards
- Pattern: *

Conditions:
- Is Not a File
- Is Not a Directory

Action:
- Action type: Rewrite
- Rewrite URL: index.php
- Append Query String: Check

Create another URL Rewrite rule as follows:

Type: Canonical domain name
Select the primary host name: www.mydomain.com

After both rules have been entered, your URL Rewrites should look similar to the following:

Additional, recommended configutations:

Stop your site, there is no reason to have it running.
Set up Recycling for App Pool:
- Time: 4:00 AM (or whenever your site is least active, and remove the check for Regular Time Intervals)
Edit PHP.ini file (C:\Program Files (x86)\PHP\v5.4\php.ini):
- Old Line: post_max_size = 8M
  - New Line: post_max_size = 1024M
- Old Line: ;upload_tmp_dir =
  - New Line: upload_tmp_dir = C:\inetpub\temp
- Old Line: upload_max_filesize = 2M
  - New Line: upload_max_filesize = 1000M
- Old Line: max_file_uploads = 20
  - New Line: max_file_uploads = 200
- Add Modify Permission the C:\inetpub\temp

MySQL Configuration

Open MySQL and log into the instance we created previously.

First thing you will want to do is change the default character-set-server variable to UTF8 as UTF-8 supports any language.

Restart MySQL for the settings to take, or just make sure you manually set the collation of you DB to UTF8 in the next step. (Powershell command: Restart-Service MySQL)

Next we are going to create your WordPress Database.

Right-click on the blank space under the test DB and choose Create Schema…

Give your Schema/DB an appropriate name, I will use mydomainwpdatabase

Next, create a user for that database. I will use mydomainwpdbuser, and give that user full permissions to the Schema/DB that you just created. It will look similar to the following:

And that concludes the database configuration, we are almost done, just a couple more steps.

WordPress Connection Configuration

Navigate to C:\inetpub\wwwroot\wordpress and copy your wp-config-sample.php in the same folder, then rename it wp-config.php

Then you will need to make the following changes to that file to allow your WP site to connect to the database.

========================================

// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, ‘mydomainwpdatabase‘);

/** MySQL database username */
define(‘DB_USER’, ‘mydomainwpdatabaseuser‘);

/** MySQL database password */
define(‘DB_PASSWORD’, ‘mydomainwpdatabaseuerpsswd‘);

/** MySQL hostname */
define(‘DB_HOST’, ‘localhost’);

/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8’);

/** The Database Collate type. Don’t change this if in doubt. */
define(‘DB_COLLATE’, ”);

========================================

WordPress Login

You are ready to start your site, navigate to IIS and start it up (or restart it, if it has been up this whole time). Then browse to the site in IE and set up the admin creds as you see fit.

You are done! Just log into your site and start configuring your new WordPress Site.

Additional Setup for WP

Suggested WP Plugins

Suggested WP Settings Changes

Settings > General Settings

Site Title
Tagline
Membership
Timezone

Settings > Discussion

Deselect – Allow people to post comments on new articles

Settings > Permalinks

Common Settings > Post name (or whatever makes the most sense for your site)

How to create an ESX Datastore from a Windows NFS Share

Michael — Sun, 16 Aug 2015 00:21:07 +0000

Would you like to be able to have a Datastore full of all your .iso’s and other bootable files?

Well we can accomplish that by setting up an NFS Share in Windows!

First off we are going to need to set up an NFS Share on your Windows Server. To do this you need to make sure that you have the Server for NFS Role Installed, it is listed under the File and Storage Services > File and iSCSI Services Role. If you do not already have this installed. Install it now, it will not need a reboot.

Now to set up the NFS Share.

I created a new folder on the C:\ Drive labeled: NFS-VMstorage. Right click on the Folder and chooseNFS Sharing tab > Manage NFS Sharing. Here you just simply need to check the Share this folder check box and click Apply.

NOTE: Do not use SPACES in your NFS Directories Name, you will get an error and it will not share.

*¹ And then I created a Text File in that Directory for testing, you will see this at the end.

Now get into yor vSphere Client and navigate to the Host’s Configuration tab

You are going to want to choose Network File System and click Next

And here you will put in the servers IP for the Server: field and the folder name that you created on your C:\ Drive in the Folder: field. Datastore Name is totally up to you, I use the same as the folder name for easy identification.

Verify all your settings and click Finish

Now browse the Datastore from your vSphere Client and you will be able to READ anything from that share, so your VM’s will be able to use this files to boot from, etc.

NOTE: If you want to be able to write to this folder from esx, you will need to go back and change the permissions in the NFS Sharing tab

*¹ And now you can see the test text file that I created previously. Baaaaaaaaaaaaaaaaaaaaaammmm!.txt

Or you could just avoid all of this GUI stuff, SSH in and run the following command:

Generic: esxcli storage nfs add -H NFS_IP|NFS_HOSTNAME -s Share_mount_point_on_the_NFS -v DatastoreName

My Command: esxcli storage nfs add -H 192.168.0.168 -s NFS-VMstorage -v NFS-VMstorage

EXTRA: Set up NFS with Read-WRITE Permission for ESXi Host

NOTE: I have only tested sharing with restrictive permissions (to a single box) while both the ESXi Host and the Windows 2012 Server are joined to the same Domain. I’m sure if you can get DNS to resolve, you should be fine.

NOTE II: This part did require a reboot for me.

After you have followed the steps above, log back into the server that your NFS share is on and browse to the share directory and select Properties > NFS Sharings > Manage NFS Sharing >Permissions > Add then add the esxi host with Read-Write Permissions.

After doing this I was able to move data to this datastore from other datastores. I mainly used this to house my Template VM’s for labs, but there are plenty of scenarios in which it can be useful.