Loading ...

Category: Storage

Zero Trust – Trusted Vendors

This is the second in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the vendors you purchase network equipment from. 

Trusted Vendors

Trusted vendors are those who supply workstations, servers, routers, switches, power protection, software, and anything else connected to your network. Here are some questions that you should be asking yourself:

  • Do you know who makes your network equipment, servers, computers, and software?
  • Do you know the way to contact their support and have current account access information?
  • Do you have current warranties / support contracts on hardware and software?
  • Is the hardware able to perform at the level needed?
  • Are you purchasing software from those who meets industry standards?
  • If a subscription, how much are you paying and are you on the correct plan for your needs?
  • When is the last time you upgraded your software and hardware?
  • Have you budgeted for the next upgrade?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

Tier 3 / Co-Managed IT- Macrium Reflect Restore to Synology VM

This was a strange one, but I have done it now more than once for a Tier 3 / Co-Managed IT client. They use the Macrium Reflect software to do image backups of client servers. They are looking to virtualize these servers going forward and wanted to know if it was possible to restore from Macrium Reflect to a Synology VM. Here is the process that we found to make it work:

Assumptions

  1. We assume that you already have a Synology device setup and functioning properly.
  2. We assume that you already installed the Virtual Machine Manager app on the Synology
  3. We assume you already went through the initial setup wizard of the Virtual Machine Manager app
  4. We assume that you have been backing up the server and have a valid image backup file
  5. We assume you know the network path to these backup files
  6. We assume you already know (and possess on the Synology) the required amount of CPU, Memory, and HDD space.

Process

  1. Create Macrium Reflect bootable Rescue media
    1. Open Macrium Reflect
    2. Click on the Restore tab
    3. Open Other Tasks on the left hand side
    4. Choose Create bootable Rescue media
    5. Browse to where the current backups are stored and save it there (this makes finding everything easier later)
    6. Click Build (You may need to install some pre-requisites to make this possible, but Macrium Reflect with prompt you for it)
  2. Create Virtual Machine
    1. Open the Synology Virtual Machine Manager app
    2. Click on Image
    3. Click on the Add button
    4. Find the Macrium Reflect Rescue media and add it to local storage
    5. Click on Virtual Machine on the left
    6. Click the Create button
    7. Choose the Microsoft Windows option (if appropriate)
    8. Select the proper storage amount
    9. Give it a name, CPU, Memory (as needed)
    10. Give it the needed storage amount(s)
    11. Leave it connected to the default network
    12. Download the Synology Guest Tools if needed.
    13. Select Macrium Reflect Rescue media for the ISO file for bootup
    14. Do not start the automatically
    15. Edit the VM and change it to start from the CD ROM
    16. Power it on
  3. Restore from backup
    1. Connect to the VM
    2. Wait for Macrium Reflect Rescue media to boot (this can take awhile)
    3. Click on the blue computer icon at the bottom
    4. Click on the Map Network Drive icon
    5. Type in need information and click OK
    6. Go back to the Macrium Reflect window
    7. Click on Browse for an image or backup file to restore
    8. Find the appropriate file in the newly mapped network drive
    9. Click on Restore Image
    10. Select the target drive(s)
    11. Click Next, Finished
    12. Wait for restore to complete (this will take a long time)
  4. Prepare restored image
    1. Once completed, click on the ReDeploy restored image to new hardware
    2. Add drivers if needed
    3. Accept any drivers it finds
    4. Accept the default options
    5. Finish the wizard by closing
    6. Power off the VM
    7. Edit the VM Storage to make the disk a SATA controller instead
    8. Edit the VM Others to make the BIOS UEFI
    9. Edit the VM Network to Not Connected
    10. Power on the VM
    11. Login and install the Synology Guest Tools from the attached CD-ROM drive
    12. Power off the VM
    13. Edit the VM Network to use the default connection
  5. Power on the VM if you are ready to deploy

If your company is looking to virtualize your servers or take them to the cloud, then contact us to setup migration evaluation.

Tier 3 / Co-Managed IT- Synology DNS Server loses Domain Name Resolution

Got a email from one of our co-managed IT / Tier3 / managed RMM clients that was having issues with DNS resolution. The network consists of a Synology NAS acting as Domain Controller / DNS Server and a VM on the Synology that runs the clients main application. Several of the workstations were having an issue where they could not browse to the IP address (\\192.168.0.11\sharename)of the application server at one time and could not browse to the UNC path (\\servername\sharename) of the same server on another day. First tried setting the external forwarders to Google DNS and the Forward Policy to Forward First, but the problem resurfaced. So we dug deeper into the DNS settings and found the following:

If you look closely the IP address of the server is 192.168.0.11 and the records for DNS servers associated with the domain above and below it point to servers outside the subnet of the application server (10.0.0.2). Upon further investigation this DNS server address was blocked by the firewall because it was an old IP address scheme that was no longer in use. The current good DNS server IP addresses are 192.168.40.10 and 192.168.0.10.

Turns out the stale DNS records were the problem. Made the needed changes to the DNS records and things are working great.

If your company needs a little extra help running the IT department, then contact us to setup a co-managed IT evaluation.

Simple Lightweight File Sync – Backvp2

backvp2 - Grants Pass, OR

Simple Lightweight File Sync – Backvp2

Not sure if you have seen the same but it seems that techs who do server replacement work are using Distributed File System (DFS) to sync the file shares between two servers. This is overkill in my opinion and I recently found a simple lightweight file sync tool called Backvp2 from Switzerland. Now I setup similar shares on the new server then run this software from the new server. Configuring the target and destination are super easy and the syncing happens flawlessly. If there are issues with sync it has handy error codes that made troubleshooting file permission issues simple in a recent migration. I highly recommend it for all techs.

Synology Active Directory Server

Synology Active Directory Server - Grants Pass, OR

Recently provided some assistance to a local IT company that exclusively uses Synology devices instead of servers for their clients. They approached us to create Group Policy objects based on this new feature of the Synology. The Synology Active Directory Server app is based on the Samba 4 Protocol, here are some details of available features:

  • Support for Windows RSAT
  • Support for TLS domain controller certification
  • Support for custom NetBIOS domain names
  • DNS auto registration
  • Support for single domain controllers

Account & Privileges

  • Group membership and policies
  • Roaming user profiles
  • Account single sign-on
  • Home folder support

Security & Access Control

  • Kerberos-based authentication
  • Password reset via email
  • Password strength policies
  • Account lockout policies

Domain Clients

  • Microsoft Windows 7 and above
  • Linux

Take Aways

Here are some basic take-aways from our experience creating these Group Policy Objects (GPO) on the Synology Active Directory Server.

  1. Need to install Remote Server Administration Tools (RSAT) on the most up-to-date desktop or server OS version in the organization to allow for best compatibility with all earlier OSs when creating GPOs
  2. Need to modify Synology Active Directory Server control panel Domain Options to allow Domain Admins to have admin access – without this you will get Access Denied every time a GPO is attempted to be added
  3. Windows Servers, Active Directory and domains are not dead, they are just becoming a “Container” which makes them much cheaper for small businesses to adopt.

If your company is utilizing a Synology Network Attached Storage device and would like the functionality of an Active Directory domain, then contact us for assistance.

Missing Western Digital MyCloud Drive

Recently took over an account from another tech and was informed by the client that their Western Digital MyCloud drive was unreachable and they had not been able to access their files shared their with the computers in the office for some time. Since the MyCloud is just a simplified Network Attached Storage (NAS) device for the home / SMB market, I decided to go onsite and find out what was causing the issue.

How to find a missing MyCloud

I first investigated the shortcuts that were sitting on the desktop to figure out what was going wrong with the drive or if there were some bread crumbs as to where it was previously. Found one called Dashboard which pointed to an IP address on their current subnet that went nowhere – this was likely the former IP address of the device. Found a shortcut to the “Public” folder which pointed to an IP address that was on another subnet than theirs – this was likely from a setup before another network change and had not been removed since then. Found another shortcut to the “Public” folder which pointed to the same IP address on their current network  as the Dashboard shortcut, so this confirmed that this was the last known IP address.

Ran a network scan using my personal favorite, SoftPerfect Network Scanner, to discover what was on the current subnet and if the MyCloud was still functional at another IP address. Found that the IP address for the device had changed to another similar address, so figured that it was getting its IP address from DHCP and when the old address lease ran out it just grabbed another one from the router. Checked the router and found that indeed the DHCP table contained the IP address for the device, so added a DHCP reservation to the router for that devices MAC address mapping it to the old IP address to make the broken shortcuts work again. Tested opening the dashboard and “Public” folders successfully which thankfully still had all of their information intact.

The final thing to do was to correctly set permissions within the device for each of the users and corresponding user folders within the device to allow them to connect and “backup” their documents to the device like they were used to. Although I would not recommend using this type of device to any of my clients, it was good to get this company backup up and running successfully. If your company is using Western Digital MyCloud drive for shared file access or are considering adding file shares to your network, then contact us for assistance.

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

    Something went wrong, try refreshing and submitting the form again.