rebelpeon.com

Category: life

  • Bitwarden ssh-agent on WSL2

    With the recent-ish announcement of Bitwarden being able to store SSH keys, I’ve been playing around to get it to work in my WSL2 Ubuntu host. While I normally use a windows machine, I do a lot in WSL2 for dev & ops.

    As 1Password has had this functionality for awhile, many of the references are from that (or even the built-in openssh functionality of windows).

    Configure and enable the the windows ssh-agent functionality as per the Bitwarden instructions. Once that is complete, you will be able to access keys stored in Bitwarden from Powershell via

    ssh-add -L

    In powershell, install npiperelay (I used chocolatey, but you can use whatever, just get where the exe is installed so you can modify the script later)

    choco install npiperelay

    In WSL2, install socat

    sudo apt install socat

    In WSL2 create a script that will rebind the ssh-agent. I save this as ~/scripts/agent-bridge.sh.

    export SSH_AUTH_SOCK=$HOME/.ssh/agent.sock
ss -a | grep -q $SSH_AUTH_SOCK
if [ $? -ne 0   ]; then
    rm -f $SSH_AUTH_SOCK
    ( setsid socat UNIX-LISTEN:$SSH_AUTH_SOCK,fork EXEC:"/mnt/c/ProgramData/chocolatey/lib/npiperelay/tools/npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork & ) >/dev/null 2>&1
fi

    Make the script executable

    chmod +x ~/scripts/agent-bridge.sh

    Edit your ~/.bashrc and add the following line at the end

    source ~/scripts/agent-bridge.sh

    Restart your shell and then you should be able to list your current keys with ssh-add -l!

  • INDEX MATCH Lookups in Excel

    Yes, this is my world now, but in an effort to help others not waste time like I did…

    If you are creating an INDEX MATCH formula in excel to do a multi-conditional VLOOKUP, Do NOT use tables or table columns.  If you do use them you will #N/A results. For whatever reason it only works with non-table arrays.

    And there goes 2 hours of my life I will never get back.

    *EDIT 5/15/2017*

    Well, I was running Index(Match) for awhile, but my-oh-my is it a painful query.  Instead, for what I was doing, it’s just easier and faster to concatenate and vlookup.

  • SQL Waits

    Best script and info on SQL waits – http://www.sqlskills.com/blogs/paul/wait-statistics-or-please-tell-me-where-it-hurts/

  • Enable Enterprise Library Cache Performance Counters

    These instructions are to enable the cache counters on a server where you have deployed code, and not installed Enterprise Library explicitly.  This works for 4.1, but did not work with 3.0 a few years ago.

    1. Run InstallUtil against the Common and Caching dlls
      1. %WINDIR%Microsoft.NETFrameworkv2.0.50727InstallUtil Microsoft.Practices.EnterpriseLibrary.Common.dll
      2. %WINDIR%Microsoft.NETFrameworkv2.0.50727InstallUtil Microsoft.Practices.EnterpriseLibrary.Caching.dll
    2. Update the web.config to include the following items:
      1. <configSections><section name=”instrumentationConfiguration” type=”Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.Configuration.InstrumentationConfigurationSection, Microsoft.Practices.EnterpriseLibrary.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35″ /></configSections>
      2. <instrumentationConfiguration performanceCountersEnabled=”true” eventLoggingEnabled=”false” wmiEnabled=”false” applicationInstanceName=”” />
    3. Counters should show up on the server as Enterprise Library Cache Performance Counters

  • Quadcopter Research and Education

    Understanding Electric Power Systems – Part 1

    Understanding Electric Power Systems – Part 2

    Understanding Electric Power Systems – Part 3

    Understanding Electric Power Systems – Part 4

    Understanding Electric Power Systems – Part 5

    xcopterCalc

    Airplane motor combos: Estimate Electric Motor & Prop Combo

  • SharePoint 2010 Image Sync to AD

    Similar to previous identity management issues with SharePoint (I hate you FIM!), I just ran into another issue the other day.  There is a requirement to have SharePoint 2010 be the place where users can managed their profile information, but the most important thing is to have images sync to AD so they can be used in Lync and Outlook.

    The guys on the ground were pulling their hair out, as they had followed the instructions from two corroborating sites.  Unfortunately, even with all of that setup, images were not being successfully added to AD.

    Knowing how much fun FIM is, I did a bit of banging prior to arriving on site and found an article that sounded very similar to the issues they were having.  Turns out it was the answer, but I’m going to duplicate a bit of it here just in case it disappears.

    1. You have correctly configured FIM to sync the images correctly as per the TechNet article linked above (“sites”).
    2. Looking in the IIS logs of the mysite (or whatever name is accurate) web app, you see 401.1 214807254 and/or 214807252 errors on anonymous users accessing the thumbnail jpegs.

    What you need to do is log into the box where FIM is running as the FIM user sync account.  From there, add your mysite URL to the intranet zone in IE.  Re-run the sync and it should work.

    The reason is that the error IIS log error is because FIM is not passing the credentials as it is being challenged.  By adding the mysite to the intranet zone, it will automatically send credentials and not wait to be prompted (unless a GPO has overridden this setting).

  • United System Wide Upgrades

    As I can’t find this nicely spelled out anywhere, here are the economy fare class codes that you need to book to ensure you can use your system wide upgrades on any flight: Y, B, M, E, U, H, Q, V, W.  And for Business: J, C, D.  This is especially true for those of us flying in and out of Australia…

    http://pss.united.com/web/en-US/content/mileageplus/awards/upgrade/default.aspx

    2 http://www.united.com/web/en-US/content/booking/flight/fareClass.aspx

     

  • nopCommerce Install

    The other day I was playing around with nopCommerce.  There was some talk about it internally, and I thought I’d see what it was all about.  I didn’t get very far, and realized the installation instructions were definitely missing a few steps.  The guys over there have outlined most of the steps in the documentation, but they’ve forgotten a few:

    1. Ensure that your worker process (what the AppPool runs under) has the ability to create a database if you check the box Create database if it doesn’t exist.
    2. How to access the installation page.  You need to browse to http://site/views/install/default.aspx

    There are other OWASP and scalability best practices that I may go into later if I really dig down further, but three that immediately come out:

    1. Unencrypted DB Connection string info
    2. compilation debug=”true” being set in the web.config
    3. Single DB

  • SharePoint 2010 User Profile Sync: stopped-extension-dll-exception

    Well, it’s good to see that User Profile Sync can be better in 2010 than it was in 2007.  However, there are definitely some issues still.

    The first one, which is something we just noticed was that the User Profile Sync jobs were constantly failing.  Unfortunately, there isn’t really a good way to know without going into the MIISClient program to look at the errors.  Basically, if you think, for whatever reason, profile sync is not working, open up the MIISClient.exe (Program FilesMicrosoft Office Servers14.014.0Synchronization ServiceUIShell) as the farm account and take a look to see if everything is a success.

    For us, we were seeing all the MOSS-{guid} jobs failing with the error stopped-extension-dll-exception as you can see below.

    Based on the lovely error message, I’m still amazed that I was able to isolate this issue (event logs reported that CA was being accessed via a non-registered name).  However, it turns out it is because of alternate access mappings (AAMs) for the central admin (CA) website.  Normally, SharePoint sets up the AAM for CA as the machine name you first install SharePoint on to.  However, we changed the AAM to be a more friendly name.

    When you update the “Public URL for Zone” for the CA website, it does not propagate the change into the MIISClient.  This causes the MIISClient to not correctly access the CA APIs for the user profile sync (or at least I am imagining this is the case).

    Fix it with the following steps:

    1. MIISClient.exe as the farm account.
    2. Tools > Management Agents (or click the Management Agents in the bar)
    3. Right-click on the MOSS-{guid} management agent and select Properties
    4. Go to the Configure Connection Information section in the left-hand pane
    5. In the connection information box, change the Connect To URL to be the same URL as listed as the “Public URL for Zone” for your CA in the AAM configuration.
    6. Re-enter the farm account username and password for good measure
    7. Save the configuration
    8. Run a full profile sync from CA

  • New Home Server Setup

    I’ve been meaning to do this for awhile, but I haven’t found a suitable replacement until recently.  I am decommissioning the server at home.  It’s loud, large, and sucks down a lot of power for what I use it for (windows home server).  It was nice because I could quickly and easily spin up some VMs and poke around, but I’ll still be able to do that.

    Instead, I picked up a Synology DS1511+ NAS.  This little appliance is pretty darn slick.  It can pretty much do everything I was doing, in a smaller, quieter, and cooler form factor.  Since it uses an Atom processor, it runs a fairly familiar flavor of Linux, so you can do quite a bit with it.  Plus, a lot of the default stuff it comes with is quite nice!

    I’ll be throwing up a few copy/pastes on the site so that I can quickly re-reference.  Oh, and there’s another SharePoint article in the works too.  Busy, busy!