Raspberry Pi FTP server

I’ve been trying to resurrect my SIP-connected Cisco 7940 as part of a review of our home telephony arrangements. In order to do this, I’ve had to configure the TFTP capabilities on my home infrastructure server (i.e .my Raspberry Pi). Previously, I’d served the phone configuration from a Windows TFTP server (long since gone) and the phone had just kept going with the old settings. Now, with configuration changes required, I’ve started to use dnsmasq for TFTP as well as DNS and DHCP (actually, that had always been configured, but without any files on the Pi to serve from TFTP)!

So, how to easily transfer the files? FTP to the rescue. I followed the Pi My Life UP guide to install vsftpd on my Pi, which meant using the following commands:

  1. Update packages and install vsftpd:
    sudo apt-get update
    sudo apt-get install vsftpd
  2. Edit the vsftpd config with sudo nano /etc/vsftpd.conf, making sure it has the following entries:
    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    local_umask=022
    chroot_local_user=YES
    user_sub_token=$USER
    local_root=/home/$USER/ftp
  3. Create the folder to use for FTP and set the permissions:
    mkdir /home/pi/ftp
    mkdir /home/pi/ftp/files
    chmod a-w /home/pi/ftp
  4. Restart the FTP service with sudo service vsftpd restart.

After this, I could easily upload the files I needed to the folder that I’m serving TFTP from (/home/pi/ftp/files) – although for some reason the FTP server was listening on port 22 (not 21), and then distribute my new phone configuration…

Why Microsoft customers don’t need to worry about EU-US Safe Harbour/Harbor

When European Courts judged the 15-year-old EU-US Safe Harbour/Harbor treaty to be invalid last October, Internet news sites started to report how terrible this was for EU companies placing data into cloud services offered (mostly) by American companies. For some, that may be true, but that assumes Safe Harbour is the only protection in place.

This week, IT news sites are at it again. The Register (the tabloid newspaper of IT news sites) has an article titled Safe Harbor 2.0: US-Europe talks on privacy go down to the wire but the actual URI belies a much more dramatic title of “Safe Harbor countdown to Armageddon”. Sensationalist at best, some might even say irresponsible.

I’m no lawyer but, for my customers, who are implementing Microsoft cloud services, there seems to be nothing to worry about and I’ll explain why in this blog post. Of course, Microsoft is just one of many cloud services providers – and for others there may be valid concerns.

The United States Export.Gov website currently displays the following text regarding Safe Harbor:

“On October 6, 2015, the European Court of Justice issued a judgment declaring as ‘invalid’ the European Commission’s Decision 2000/520/EC of 26 July 2000 ‘on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce.’

In the current rapidly changing environment, the Department of Commerce will continue to administer the Safe Harbor program, including processing submissions for self-certification to the Safe Harbor Framework. If you have questions, please contact the European Commission, the appropriate European national data protection authority, or legal counsel.”

EU Model Clauses trump Safe Harbour

Microsoft President and Chief Legal Officer, Brad Smith, issued a statement on 6 October 2015. Quoting from that article:

“For Microsoft’s enterprise cloud customers, we believe the clear answer is that yes they can continue to transfer data by relying on additional steps and legal safeguards we have put in place. This includes additional and stringent privacy protections and Microsoft’s compliance with the EU Model Clauses, which enable customers to move data between the EU and other places – including the United States – even in the absence of the Safe Harbor. Both the ruling and comments by the European Commission recognized these types of steps earlier today.

Microsoft’s cloud services including Azure Core Services, Office 365, Dynamics CRM Online and Microsoft Intune all comply with the EU Model Clauses and hence are covered in this way.”

There’s also a follow-on post which talks in general terms about the wider issues and privacy beliefs but the key point is that Microsoft offers EU Model Clauses within its contracts, which go beyond Safe Harbour. Microsoft also has an FAQ on the EU Model Clauses that is worth a read.

Quoting again from the 6 October 2015 statement:

“We wanted to make sure all of our enterprise cloud customers receive this benefit so, beginning last year, we included compliance with the EU Model Clauses as a standard part of the contracts for our major enterprise cloud services with every customer. Microsoft cloud customers don’t need to do anything else to be covered in this way.”

That suggests to me that customers who have signed up to Azure Core Services, Office 365, Dynamics CRM Online or Intune since early 2014 already have greater privacy protection than was afforded by Safe Harbour – and that protection meets the EU’s current requirements. In short, Microsoft customers don’t need to worry about Safe Harbor (sic).

An example of how to engage customers on social media

Almost every day, I see a branded account somewhere using Twitter as a broadcast medium, rather than as a tool to engage two-way conversation with customers. Indeed Matt Ballantine (@ballantine70) called Twitter out on this one…

Then there are the accounts that are named something like @BrandnameHelp, which vary tremoundously in the amount of “help” they offer (although creds are due to @TMLewinHelp and @7DigitalHelp who have both helped me out recently with problem orders).  @BTCare and @AmazonHelp are less impressive, in my experience.

@NatWest_Help picked up on this, slighty sarcastic, tweet from yours truly:

@LondonMidland does a great job of dealing with disgruntled travellers, including gems like this, with childrens toys to illustrate the issue (sometimes real pics too – it’s easier to be sympathetic of problems getting to/from work when you can see flooded tracks/fallen trees/damaged trains from fallen overhead wires, etc.):

There are whole books on this written by people who know far more about customer service and marketing than I do but I’d like to call out one example of what I see as a great use of social media…

Yesterday evening ago, I tweeted about a very amusing Volkswagen ad, noting that my recent car purchase might have been from them had the local dealership not been so completely useless at selling me the car I wanted…

Full credit to @UKVolkswagen, they picked up on this and said “can we help”, later following through with an email address to send more details to. The resulting email response was less impressive, suggesting I should supply a phone number if I wanted a response (I didn’t want a response, but my mobile number was already in the email…).

But what really impressed me, and showed:

  1. Excellent social media monitoring skills (clearly tracking disgruntled customers with rival brands); and
  2. An ability to use social media to engage and potentially attract new custom

was the Twitter conversation I had with @ToyotaGB this evening.

It was too late, as I’d already bought a Volvo (I may have mentioned that once or twice on Twitter…) but still excellent use of social media. Other brands could learn a thing or two…

Short takes: file and folder management from the command line

Turning more open tabs and notes into mini-blog posts…

Some Unix commands when working with directories

A couple of months back, I wrote about having to hurriedly back up my Mac after the file system got corrupted

Along the way I had to pick up some Unix commands that were previously outside my vocabulary… worth noting here for future reference:

Force deleting a folder on Windows

I’ve been cleaning down a PC that is no longer needed for regular use, but we’re hanging onto as a spare PC. I figured the quickest way would be to remove some user profiles but Windows Explorer was having difficulty with some temporary files in the AppData folder structure.  After a while, I fell back to a trusty cmd prompt…

rd /s /q foldername

The equvalent for a file is del /f /q /a filename.

Thanks to Techverse for pointing me in the right direction.

Encrypting Windows 10 with BitLocker

In common with many small business owners (indeed any business owner, it could be argued), my wife needs to be sure that her customer’s data is adequately protected. In her case that means professional cloud services for email (Office 365) and PC backup (Azure) but the data on the PC needs to be protected too…

All major operating systems come with whole drive encryption technologies these days – and for Windows that feature is BitLocker.

When we replaced my wife’s PC a few months ago, I picked what seemed a good small business laptop from Lenovo – a Thinkpad E550 – and, by and large, I’ve been pleased with the purchase.  Somewhat frustratingly though, the PC shipped with Windows 8 (not Pro) and so it has been updated to Windows 8.1 then to Windows 10 Home. That meant that, when I attempted to encrypt the drive by right-clicking in File Explorer, there was no Manage BitLocker option (and the BitLocker Settings stub in Settings, System, About didn’t do anything). Folder-level encryption with the Encrypted File System (EFS) was similarly unavailable (although greyed out, rather than invisible), even when I tried to manually enable it with sc config EFS start= demand.

Whilst there are alternatives available, my support model for my wife’s PC is KISS (“keep it simple, stupid”), as the last thing I need whilst I’m consulting with my own customers is to be worrying about support issues with family devices, so I decided to stick with the technology that’s built into Windows. That meant an upgrade to Windows 10 Pro.

Thinking $99 isn’t too bad a price to pay (after all, this is a business expense for my wife)… I clicked Settings, Update & Security, Activation, Go to Store, only to find that it’s £99.99 in the UK – a £33, or 50%, uplift at today’s exchange rates. By this point I’m starting to feel a little ripped off… although I’m not sure if I’m more annoyed with Lenovo selling a small business PC with an inadequate version of Windows, or Microsoft for only putting encryption in the high-end Windows versions…

Windows 10 Edition upgrade completed

The final point to remember is that not all PCs have a Trusted Platform Module (TPM) chip.

BitLocker error on PC without a trusted platform module

That’s not a problem if you’re prepared to use a USB flash drive as a startup-key. It just needs a little policy change (run gpedit.msc, then Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Bit Locker Drive Encryption\Operating System Drives\Require additional authentication at startup) after which you can work through the BitLocker encryption process as usual but with an extra choice whether to use a USB key or enter a password:

Allow BitLocker without a compatible TPM

Choose how to unlock your drive at startup

Compact and bijou – my home office!

As the Christmas holidays draw to a close (and they have certainly rushed by), I’m reminded to write about how I spent my previous “holiday”. October half term was a busy one as we swapped my eldest son’s bedroom and our home office, redecorating and refitting along the way… or, as I wrote on Facebook at the time:

“1 half term: 9 days of DIY; 3 visits to IKEA; 40+ boxes of flat-packs; 2 trips to the tip; a car full of cardboard; 11 sacks for the bin men…

…a new (smaller) office for us and two happy boys – one with a much bigger bedroom!

Back to work for a rest tomorrow!”

Now, where’s the relevance of all that for my blog? Well, I thought I might write some notes on how we converted the smallest bedroom in the house (approx. 2.15×2.59m) into a reasonable workspace for two people.

Decorating

First up – making good any damage to walls, etc. A plasterer once recommended Gyproc Easi-Fill to me and it’s wonderful stuff. Easy to work with, and sands to a smooth finish.

Next, white paint.

It wasn’t that I didn’t believe Garry Martin’s comment on an earlier post, more that I’d had limited time to prepare and that I thought I’d support a local business instead of my usual decorators merchant. Hey, ho!

Luckily Homebase had an offer on Dulux white emulsion, although I actually used a couple of coats of their own-brand high opacity paint in the end…

Fitting out

With the room repainted (albeit taking more time than I hoped), my attention could turn to fitting things out. My previous office had a length of IKEA Pragel kitchen counter installed as a desk (my son has it in his bedroom now). IKEA don’t make that counter any more, but they do make some good table-tops  (Linnmon) that are very reasonably priced (and also a lot lighter to carry, because the centre filling is basically cardboard – not chipboard).

I needed to cut the table-tops to fit the room and make an L shape, and I also decided to fix them to the wall – lengths of 50x25mm (planed) timber screwed to the wall as battens did the trick there (no need to paint as they are out of sight), with strategically-placed IKEA Adils legs and some brackets to fix the table-tops to the battens (and to hold the table-tops together). The Linnmon tops are also pre-drilled with holes for the Adils legs, which makes things a little easier.  I found some good advice for setting the desk height too.

IKEA Signum desk grommetNext came cable-management. My previous desk had used IKEA Signum desk grommets but they’ve been discontinued. Luckily they are the same size (65mm) as a spare I had from an old desk, so that could be used in my son’s room, whilst I recovered a matching set of 3 for the office.

I also used some IKEA Koppla extension leads with built-in USB ports to provide some above-desk power. Cheaper alternatives are available, but I think they look good screwed to the wall just above the desk.

Shelving came in the form of the ubiquitous Billy bookcase (re-using an existing set of shelves), added to which I put a Bestå frame with a shelf under my desk.  A Stuva wall-cupboard lets me hide away most of my clutter, and some Mosslanda picture ledges finish things off for personal odds and ends around the workspace with a Jansjö LED lamp for desk lighting.

Fixing the cupboard to the wall was a challenge. The wall it’s fixed to is just a stud wall with plasterboard and normal fixings were not really up to the task.  I picked up some 25mm GripIt fixings from my local DIY store that claim to be good for 180kgs each. These fixings (featured on Dragons’ Den) are really strong and easy to use (although drilling a 25mm hole in my wall did fill me with some trepidation at first). I haven’t tested the load up to the full weight but I can say that the cupboard is fixed really solidly now (although I did use some longer M6 bolts to make up for the gap between the back of the cupboard and the wall).

Finally, somewhere to sit. Whilst my wife prefers one of our dining chairs at her desk, I bought a Flintan swivel chair with Nominell armrests (and so far have been very happy with it).

Compact and bijou: my home office
Ignore the apparent curves on the desk – that’s just a dodgy iPhone stitched image!

What next?

I’m trying to keep as little in the room as possible but I think some more bookshelves/another cupboard are inevitable and there’s also the matter of fitting a new blind to the window (on my to-do list, already made to measure by Blinds 2 Go).  I’m also reducing the installed IT: the Cisco 7940 is no longer in use, nor is my old Fujitsu-Siemens S20-1W monitor; and I’m sure Microsoft will want their Lenovo B50 all-in-one PC back soon as I’m doing really badly at writing Windows 10 blog posts (the reason it’s loaned to me), although that means I’ll need to buy another monitor (or two). If you look closely, you’ll also see that I have some work to do tidying some of the cables under the desk…

New year, and a new(ish) role as I move back to architecture

Back in May, I moved from Fujitsu to join risual. There were many reasons for me leaving, including that I think systems integrators are in for a really rough time as they attempt to adapt to a changing marketplace; that I was unhappy with some changes being made to the organisation and to my professional community; and that I had serious concerns about the company’s strategy for working with Microsoft (a partner whose technologies have been key to large parts of my career). I also wanted to get closer to technology again, and that wasn’t really an option for me where I was.

Jumping ship to a small but growing consultancy was a risky move and a six-month probation period gave me some concern but I’ve come through that and I have to say I’ve really enjoyed the last 7-and-a-half months. Of course, there have been challenges along the way but I’ve joined a great team (or family, as the directors prefer to refer to it) – and learning just after I joined that risual had been named Microsoft UK Partner of the Year for 2015 was a special bonus. I’m working bloody hard… but I don’t mind hard work when I can see where it’s headed, that it’s worthwhile, and that I’m enjoying it.

At its heart, risual is a consultancy business. That means that everyone who joins risual joins as a Consultant. The only exceptions are the support roles, sales people and Engagement Managers. risual doesn’t hire Architects directly, regardless of previous experience and background.

We do have an Architecture team though – and, earlier this month, I learned that my application had been successful and that, with immediate effect, I was to become one of the Enterprise Architects in risual’s Business Group. Whilst I’ve enjoyed working in the Unified Communications team, I’m a generalist and the guys there are specialists with some really good (deep) skills. My work now becomes more focused on achieving business outcomes through technology, helping customers to shape their strategy and leading some of the larger projects that we have from a technical perspective.

2015’s seen a lot of change as I rediscovered what it is I want to do and how to enjoy work again. 2016 looks like it will be the year I consolidate and build on my experience to drive my career forward. I’ve certainly got an increasingly-full diary with a challenging project to move a Government department to the Microsoft cloud, interspersed with some interesting business consulting engagements – and that’s just the next couple of months!

So, with that little update, I’m signing off for 2015. For everyone who reads this blog and the constant stream of tweets @markwilsonit, I’d to thank you for your support and to wish you all the best in 2016.

Short takes: SharePoint/Delve and shortlinks; CESG guidance on Office 365; removing Sway from the App Launcher

So, it’s Christmas Eve and I’ve run out of annual leave this year so I’m still working… looks like everyone else has gone home though so I’m really just clearing down my mailbox, searching for Inbox Zero nirvana. As I do, there are lots of little snippets that I might like to remember, so here’s a little Christmas compilation…

SharePoint, Delve and short links

We have a URL shortener at work and one of the things it’s really great for is taking reallyreallylongandundigestibleurisfromsharepoint and making them risu.al/short. Unfortunately Alex Eggar, who leads our Business Productivity group, highlighted to me that I’m better off using SharePoint’s sharing functionality… otherwise Delve won’t know what’s going on…

There’s loads of information on Delve for Office 365 administrators and Paul Olenick (SharePoint MVP) has an interesting post the describes more about Delve. What I haven’t managed to get clear in my head yet is why a short URL bypasses the Office Graph… I’m still accessing the content… but I’ll leave that one to the experts!

CESG Guidelines for use of Office 365 at OFFICIAL

I had an interesting meeting with a customer recently, discussing how their Office 365 implementation aligned to UK Government (CESG) guidelines. Whilst they are guidelines, and this customer is only loosely affiliated with the Government, the CESG guidance on Office 365 could be considered as a useful benchmark.

The guidelines are available on the gov.uk website. Currently they include:

Turning off the App Launcher tile for Sway

As I wrote a couple of months ago when describing how to selectively remove tiles from the Office 365 App Launcher, disabling Sway in Office 365 didn’t used to remove the tile from the launcher. Since earlier this month, that behaviour has been changed with more details in Microsoft knowledge base article 3075256.

Encouraging adoption in enterprise social networks

In my job, consulting with many organisations who are adopting Microsoft products and services, including Office 365, I have a lot of discussions about Yammer and other modern communication methods (e.g. Sway).

Many have already had pilots with Yammer and found it didn’t work for them. Some are smart enough to realise that it wasn’t Yammer at fault but a lack of executive sponsorship. Adapting a new medium for communication takes time; it needs a cultural shift. If your boss uses it, you might consider giving it a try (although when I had a team, my experience at getting them to use Yammer was best described as mixed). But if your boss’ boss uses it, or the CEO, and the internal communications team are are using it instead of email, then you might stand some chance of success – because, as well as executive sponsorship, it needs critical mass (which means people need a reason to visit).

Of course, the platform itself has to be usable. In my last place the corporate social platform was Newsgator (which was awful), coupled with an old version of SharePoint and, aside from the teams whose job it was to evangelise its use, it was pretty much ignored. In fact, so much so that other social networks popped up in their own bubbles: the sales community were using Salesforce Chatter; although Yammer actually seemed to gain more traction in some areas (via an external network hosted by Microsoft for partner engagement) because there was something of value there for people.

So, we need executive sponsorship, critical mass, and a usable platform, with content that people value. But there’s something else too – people have to stop using the old methods in parallel.

Recently, I witnessed one organisation where someone posted some infomration on Yammer and it got a flurry of activity/commentary on the original post (so far so good). Then someone else sent an email to a distribution group to highlight the same information. That sender might not have seen the original post but email isn’t a good way to share links about new products. Some (myself included) may consider it as just unsolicited bulk email (spam) but spam that’s sent from inside the organisation. To make matters worse, because Office 365 Clutter doesn’t filter out email from people in your management chain, that email will never be filtered.

No, no, no, no! Post once, on the right medium*. Yammer for information sharing/comments on a topic that might run and run; instant messaging for messages that require a response… instantly (the clue’s in the name) and stop abusing email (which, incidentally is an asynchronous communications mechanism to which you should not require, or even expect, a response). As for voice mail, SMS, etc. Well, who knows… anyway, I’m supposed to be writing about getting people using enterprise social networks here – not a lecture on communication methods (and I know one size doesn’t fit all).

So, that’s my view – which you might agree with, or you may not. But it’s been cathartic to have a little online rant and at least it means I’ll get at least one blog post up this month! For another view, take a look at what the Yammer team at Microsoft shared with me – a 2012 Office blog post on Deploying a Successful Enterprise Social Network: Best Practices From the Field.

 

Mark Wilson is an increasingly busy, grumpy and ranty man, who wants to reduce the volume of email arriving in his Inbox…

* I do have to admit that, on occasion, I have been known to email a group of people and say “please reply to my thread on Yammer”, because I knew a lot of them didn’t use it but I wanted everyone to see the replies withough creating a Reply All email storm. This is not good.

Recovering data after OneDrive for Business “ate” my OneNote notebooks…

Yesterday, I wrote about troubleshooting OneDrive for Business. What I didn’t write about though was the problems that a simple repair to OneDrive for Business (acting on advice to resolve some sync issues on my client) caused for me…

The OneDrive for Business repair operation works as follows:

  • Disconnects all libraries that were experiencing sync problems.
  • Reconnects these libraries. This means Repair downloads and syncs the current server version of each library, as if you were syncing for the first time.
  • Creates an archive copy of any file that had unsynced changes and places these files in a library folder under C:\users\username\OneDrive for Business archives\.

So, if you are using that full 1TB of storage… you’d better have a good network connection to pull the entire contents of the library from the cloud (which is why the next version of the OneDrive client has selective sync).

In my case, I’m only using a few GB but, because I moved my entire Documents folder to OneDrive a few months ago, my OneNote notebooks were part of the data that was pulled down from the cloud.

I rely heavily on OneNote – I stopped using paper notebooks when I left my last job, as my everyday device is a Surface Pro 3 (which I find ideally suited to note-taking) – and here’s the lesson I learned:

OneNote and OneDrive for Business do not (always) play together nicely.

It should work – there’s even Microsoft advice for moving a OneNote notebook to OneDrive (and the same process works for OneDrive for Business) but it seems the mistake I made was to move all of my files in Windows Explorer. Whilst researching this blog post I’ve found Microsoft’s OneNote syncing best practices (KB2819334) and what I should have done is move the OneNote notebooks from within OneNote…

After the OneDrive for Business repair, I was left with a .ms-one-stub file which Explorer reported as being 1KB in size. 6 months of notes had disappeared – and opening OneNote didn’t follow the stub and magically pick up my notes. I felt physically sick. I thought I had two copies – one on the PC and one in OneDrive for Business. But no, OneDrive for Business was my backup – and it had “eaten” my work.

Luckily, there was another backup copy. It wasn’t current, but it was only a couple of days out of date, rather than starting from scratch. I found that OneNote stores a copy of notes in C:\Users\username\AppData\Local\Microsoft\OneNote\15.0\Backup.

That location has a folder for each notebook. Each folder contains a OneDrive recycle bin (OneNote_RecycleBin) and copies of  my .one files for each section, with a date when the backup was taken – for example project.one (On 22-11-2015).one. I’m not sure when the backup is taken (I’ve made changes to sections today that are still not reflected in the OneNote backup, but losing a couple of days is vastly superior to losing 6 months.

Even with the new information about the correct way to sync OneNote to OneDrive for Business, I’m not sure I completely trust it. From now on I’ll be making a third copy to another location…