Running the Pixlr Editor (or other Adobe Flash-based apps) in a modern browser

Many people will be familiar with the Pixlr browser-based image editing tool, Pixlr Editor. Unfortunately, it’s developed in Adobe Flash, a technology that’s rapidly falling out of favour with developers (about time too!) and losing browser support.

A few weeks ago, I tried to run Pixlr Editor in Chrome and found it wouldn’t work. Same for Safari. Edge gave a similar experience – in fact only Internet Explorer would play nicely!

Then I found Paulo Amaroso’s Google+ post about the issue (yes, Google+!). It seems that what I needed to do was click on the “omnibar” (the secure padlock or info button to the left of the URL in the browser) to open up Chrome settings and select Flash then Always allow on this site.

Interestingly, I’m now seeing browsers prompting me to enable Flash for the website… I suspect Pixlr have updated their website to improve the user experience.

Allow Flash for pixlr editor website in Chrome

Adopting cloud services means being ready for constant change

There’s a news story today about how Microsoft may be repositioning some (or all) of Skype for Business as Microsoft Teams (the collaborative group-based chat service built on various Office 365 services but Skype for Business in particular).

The details of that story are kind of irrelevant to this post; it’s the reaction I got on Twitter that I felt the need to comment on (when I hit 5 tweeted replies I thought a blog post might be more appropriate).

Change is part of consuming cloud services. There’s a service agreement and a subscription/licensing agreement – customers consume the service as the provider defines it. The service provider will generally give notice of change but you normally have to accept it (or leave). There is no option to stay on legacy versions of software for months or years at a time because you’re not ready to update your ways of working or other connected systems.

That is a big shift and many IT departments have not adjusted their thinking to adopt this new way of working.

I’ve seen many organisations moving to cloud services (mostly Office 365 and Azure) and stick with their current approach. They do things like try to map drive letters to OneDrive because that’s what users are used to, instead of showing them new (and often better) ways of working. They try to use old versions of Office with the latest services and wonder why the user experience is degraded. They think about the on-premises workloads (Exchange, Lync/Skype for Business, SharePoint) instead of the potential provided by the whole productivity platform that they have bought licences to use. They try to turn parts of the service off or hide them from users.

My former colleague Steve Harwood (@SteeveeH) did some work with one of risual’s customers to define a governance structure for Office 365. It’s great work – and maybe I’ll blog about it separately – but the point is that organisations need to think differently for the cloud.

Buying services from Microsoft, Amazon, Google, Salesforce, et al is not like buying them from the managed services provider that does its best to maintain a steady state and avoid change at all costs (or often at great cost!). Moving to the cloud means constant change. You may not have servers to keep up to date once your apps are sold on an “evergreen” subscription basis but you will need to keep client software up to date – not just traditional installed apps but mobile apps and browsers too. And when the service gains a new feature, it’s there for adoption. You may have the ability to hide it but that’s just a sticking plaster solution.

Often the cry is “but we need to train the users”. Do you really? Many of today’s business end users have grown up with technology. They are familiar with using services at home far more advanced than those provided by many workplaces. Intuitive user interfaces can go a long way and there’s no need to provide formal training for many IT changes. Instead, keep abreast of the advertised changes from your service provider (for example the Message Center in Office 365) and decide what the impact is of each new feature. Very few will need a full training package! Some well-written communications, combined with self-help forums and updated FAQs at the Service Desk will often be enough but there’s also the opportunity to offer access to Massive Open Online Courses (MOOCs) where training needs are more extensive.

There are, of course, examples of where service providers have rolled out new features with inadequate testing, or with too little notice but these are edge cases and generally there’s time to react. The problem comes when organisations stick their proverbial heads in the sand and try to ignore the inevitable change.

Using a VPN to watch ITV content outside the UK

Those who follow me on Twitter (@markwilsonit) will probably be aware that I recently spent some time in mainland Europe – travelling through France, Germany and Switzerland with my family. You’ll probably also be aware that one of my hobbies is road cycling – and that I like to watch the highlights from the three Grand Tours (Giro d’Italia, Tour de France and Vuelta a España) and from the Tour of Britain. With the Vuelta in full swing as my holiday started, I wanted to make sure I could still catch the highlights on ITV4!

Even with the new EU mobile roaming arrangements that mean I can use my mobile data allowance in other EU countries, I didn’t expect to be able to stream content reliably, so I took out a subscription to ITV Hub+, allowing me to download ITV programmes with the ITV Hub app (on Wi-Fi) and play back later, without ads. This worked brilliantly on the ferry to France but not so well once I was in my Paris hotel room, where the app detected I was outside the UK and denied access to content with a variety of error messages:

ITV Hub download error outside the UK ITV Hub download error outside the UK ITV Hub download error outside the UK

I was pretty annoyed – after all, there was no mention of UK-only coverage when I subscribed to the ITV Hub+ and the ITV website says:

“Where can I use a Hub+ subscription?

As long as you’re signed into your account, you’ll be able to use your Hub+ subscription almost anywhere. Watch ad-free telly on our website, download and catch up on the go on your mobile or tablet, or binge on your favourite shows with no interruptions on your Smart TV!”

but I did find the limitation in their troubleshooting guide later:

I am abroad and can’t watch videos
The ITV Hub is only available within the UK as we don’t hold international rights for all of our shows. If you’re lucky enough to be on holiday or you live abroad, you won’t be able to watch ITV Hub until you return to the UK”

After a bit of a rant on Twitter (no response from ITV, of course), I thought about using a VPN (and @JFDuncan suggested Plex).

Unfortunately, my own VPN back to my NAS didn’t work (on reflection, L2TP/IPSec was not the best choice of transport – as @GarryMartin pointed out when I originally set it up) and I was nervous about using a third party service until Justin Barker (@JustinBarker77) suggested TunnelBear:

Recommendations are always good. And TunnelBear seemed more legitimate than some of the sites I found…

At first, I didn’t have much luck – even after following TunnelBear’s troubleshooting advice for accessing content. 24 hours later though, something had cleared (maybe I had a different IP address, maybe it was something on my iPhone) and ITV Hub+ worked flawlessly over hotel Wi-Fi and a VPN back to the UK. I could download my cycling highlights for later playback and the VPN tunnel even seemed to improve the Holiday Inn Wi-Fi reliability – possibly due to QoS restrictions prioritising potential business traffic (VPN) over leisure (downloading videos)!

I did have some challenges with playback – so I put the iPhone into Airplane Mode before watching content, just in case the ITV Hub app detected I was outside the UK again, but each time I wanted to download over the next few days I enabled the VPN and all was good. I also subscribed to TunnelBear for a month’s worth of unlimited data allowance (I soon chewed through the 1GB I got for tweeting about the service!).

Hopefully, this information will help someone else who’s frustrated by paying for a download service and then finding it doesn’t work outside the UK…

Saving money by fixing household appliances, instead of replacing them!

Over the last few months, I’ve had engineer callouts to our dishwasher (7.5 years old), tumble dryer (13 years old) and washing machine (also 13 years old). All of these household appliances are heavily used but they’re also from good brands (Bosch/Siemens/Neff) and they’re generally going strong… I also managed to get them fixed for very little, in most cases… saving hundreds of pounds against the cost of a replacement.

Case 1: Dishwasher with error message E:24 or E:25

Neff’s E:24 and E:25 errors mean there’s something stopping the dishwasher from draining (generally a kinked hose, blocked filter or something obstructing the pump). Our machine would run the first few minutes of the cycle (a self-test, apparently) before failing with one of these messages.

Despite following advice on the ‘net, I couldn’t work out what it was (I gave the pipes a good clean – especially around where they outlet pipe was plumbed into the drain – and checked for objects blocking the impeller on the pump).

A £65 engineer call-out from a local firm checked the appliance over but the error returned – and so did the engineer. This time he did a more thorough job and, although he couldn’t find what had been preventing the machine from running, the error has gone so whatever it was has been dislodged and our dishes are getting cleaned (without spending a few hundred pounds on a new integrated dishwasher…). Total cost to repair: £65.

I didn’t use the video below (I used others at the time) but this is a pretty complete view of the process I followed, and I didn’t see the engineer do much more!

Case 2: Washing machine tripping electrical supply

A few minutes into the wash cycle, the electrical circuit would trip on our Bosch Classixx 1200 Express. I managed to run the drain cycle and remove the trapped washing. Then I tried plugging the washing machine into a different circuit but saw the same issue – so I knew it wasn’t a general problem with the supply but with the machine. A call to a local engineer (not the one I used for the dishwasher!) was all that was required to get this machine working again (he fitted a replacement heating element). Total cost to repair: just under £75 (including parts and labour).

Case 3: Condensing tumble dryer not heating fully and clothes damp at end of cycle

The engineer who fixed the washing machine didn’t work on condenser tumble dryers, so I had to call Siemens’ official engineers to fix our elderly TXL 733. With the engineer call-out charge and the list of parts required, I was looking at nearly £300. Definitely beyond economic repair! Reviews on new A++ energy-rated models with heat pumps were not great – so we went with another condenser (moving from C to B at least). This cost £95 for engineer call-out plus £299 for a new appliance, minus another £50 cashback (due soon) for buying another Siemens/Bosch appliance.

Incidentally, I didn’t buy from John Lewis (as I normally would) – Co-op Electrical delivered the new appliance the next day.

Case 4: Washing machine making a loud vibration noise

After paying out to get the machine fixed once, it was on borrowed time. No more engineer call-outs – at some point you have to cut your losses and buy a new appliance. For the last few washes, our machine has been incredibly noisy and after returning from holiday with a lot of loads to run, I was ready to have to buy a replacement today.

But, before ordering a new machine, I decided to search the Internet and, thanks to these two videos I found the problem – a shirt collar stiffener that had worked its way out of my shirt and into the workings of the machine!

Shirt collar stiffener extracted from noisy Bosch washing machine

Total cost to repair: £0.

Reduce, Reuse, Recycle, Replace Repair?

I may still have a teenage washing machine (and a dishwasher heading toward double digits too) but newer appliances are not built to last as long as these were. Maybe these quick and relatively cheap fixes can help others keep their appliances going for a bit longer…

Downloading multiple YouTube videos for offline playback

A few weeks ago, I wrote about a nifty utility called youtube-dl that can be used to download content from YouTube for offline playback (indeed, I’m writing this on the last day of my holidays, having played precisely none of the content I downloaded to watch whilst I was away!).

In the original post, I suggested giving youtube-dl the URL for a playlist to download all videos in the playlist. It’s also smart in that if it detects any videos that are already present in the folder, it will skip them – e.g.:

[download] Cloud Tech 10 – 3rd July 2017 – Azure Machine Learning, Jenkins, Petya detection and more-ymKSGTR55LQ.mp4 has already been downloaded

But what if you want to download lots of videos that are unrelated – or just certain videos from a large list? In my case, I wanted to download a bunch of recent videos from the Global Cycling Network (GCN) – a YouTube channel that I often watch but which has thousands of videos – I certainly didn’t want to download the entire playlist!

Instead, create a file with the download commands for the individual videos, e.g.:

youtube-dl -f 22 https://www.youtube.com/watch?v=5RsFWlvJjOg
youtube-dl -f 22 https://www.youtube.com/watch?v=O7FxZ1kFIW0
youtube-dl -f 22 https://www.youtube.com/watch?v=iOaeo3_E8R4

Rather than sitting at the terminal, running each one and waiting, save the file with a .sh extension (assuming a Unix-based OS – like MacOS) and then kick them off at once.

My file was called dl-gcn.sh but it’s no good running that from the Terminal – bash will complain.

bash: dl-gcn.sh: command not found

Instead, prefix with sh as follows:

sh dl-gcn.sh

and the downloads should run through in serial fashion, whilst you get on with something more interesting…

Combining GPX files for Strava

This morning was spent on my bike… as was a fair chunk of this afternoon… as is a fair chunk of many summer weekends, much to Mrs W’s disappointment.

My friend Andy and I put in 60 miles in the sunshine, on a big loop around Milton Keynes. It seems my route planning is pretty spot on, as it was almost the exact opposite of a charity ride going the other way around (we passed the same riders twice!). Unfortunately, my ability to “press the start button on my Garmin cycle computer” is clearly less good – I was about a mile from home and heading out of town when I realised I’d forgotten to start tracking my ride!

My OCD can’t cope with this. It would be able to cope with turning around, going back up the hill, starting the computer and starting the ride again – but not with some missing kilometres in my ride data! Luckily, Andy was also riding with a Garmin bike computer. Even though he’d also forgotten to start his, he was wearing a Garmin watch too – so I could combine his data and mine (we’d ridden side by side for the first part of the ride…).

I’ve blogged before about GPS Track Editor, which is a fantastic piece of free software. Using this, I could edit Andy’s data to just the part I had missing, then combine it with mine and merge the two tracks (the short gap doesn’t matter – Strava will straight-line the route between the two points). I also tried merging the files with a tool from gotoes.org – unfortunately, that ended up with a ride that was effectively double the length of what we rode (two loops). it would probably have worked with my edited files but I could also merge them in the GPS Track Editor…

Combining tracks in GPS Track Editor

I then deleted the original (short) ride from Strava and re-uploaded. Sorted.

Just one thing to sort out – all of the PRs I got on today’s ride (and there were a few) were recorded as second places by the second upload. No worries – Strava has a “refresh my achievements” tool. which sorted out that particular issue. Now my ride has the complete distance… and my achievements are correct too…

Providing fast mailbox access to Exchange Online in virtualised desktop scenarios

In last week’s post that provided a logical view on end user computing (EUC) architecture, I mentioned two sets of challenges that I commonly see with customers:

  1. “We invested heavily in thin client technologies and now we’re finding them to be over-engineered and expensive with multiple layers of technology to manage and control.”
  2. “We have a managed Windows desktop running <insert legacy version of Windows and Office here> but the business wants more flexibility than we can provide.”

What I didn’t say, is that I’m seeing a lot of Microsoft customers who have a combination of these and who are refreshing parts of their EUC provisioning without looking at the whole picture – for example, moving email from Exchange to Exchange Online but not adopting other Office 365 workloads and not updating their Office client applications (most notably Outlook).

In the last month, I’ve seen at least three organisations who have:

  • An investment in non-persistent virtualised desktops (using technology products from Citrix and others).
  • A stated objective to move email to Exchange Online.
  • Office Enterprise E3 or higher subscriptions (i.e. the licences for Office 365 ProPlus – for subscription-based evergreen Office clients) but no immediate intention to update Office from current levels (typically Office 2010).

These organisations are, in my opinion, making life unnecessarily difficult for themselves.

The technical challenges with such as solution come down to some basic facts:

  • If you move your email to the cloud, it’s further away in network terms. You will introduce latency.
  • Microsoft and Citrix both recommend caching Exchange mailbox data in Outlook.
  • Office 365 is designed to work with recent (2013 and 2016) versions of Office products. Previous versions may work, but with reduced functionality. For example, Outlook 2013 and later have the ability to control the amount of data cached locally – Outlook 2010 does not.

Citrix’s advice (in the Citrix Deployment Guide for Microsoft Office 365 for Citrix XenApp and XenDesktop 7.x) is using Outlook Cached Exchange Mode; however, they also state “For XenApp or non-persistent VDI models the Cached Exchange Mode .OST file is best located on an SMB file share within the XenApp local network”. My experience suggests that, where Citrix customers do not use Outlook Cached Exchange Mode, they will have a poor user experience connecting to mailboxes.

Often, a migration to Office 365  (e.g. to make use of cloud services for email, collaboration, etc.) is best combined with Office application updates. Whilst Outlook 2013 and later versions can control the amount of data that is cached, in a virtualised environment, this represents a user experience trade-off between reducing login times and reducing the impact of slow network access to the mailbox.

Put simply: you can’t have fast mailbox access to Exchange Online without caching on virtualised desktops, unless you want to add another layer of software complexity.

So, where does that leave customers who are unable or unwilling to follow Microsoft’s and Citrix’s advice? Effectively, there are two alternative approaches that may be considered:

  • The use of Outlook on the Web to access mailboxes using a browser. The latest versions of Outlook on the Web (formerly known as Outlook Web Access) are extremely well-featured and many users find that they are able to use the browser client to meet their requirements.
  • Third party solutions, such as those from FSLogix can be used to create “profile containers” for user data, such as cached mailbox data.

Using faster (SSD) disks for XenApp servers and improving the speed of the network connection (including the Internet connection) may also help but these are likely to be expensive options.

Alternatively, take a look at the bigger picture – go back to basics and look at how best to provide business users with a more flexible approach to end user computing.

Short takes: running apps from unidentified developers on a Mac; Dropbox stuck importing photos on a Mac; and virtual card numbers in Apple Wallet

A collection of snippets that don’t make a full blog post on their own…

Mac apps that won’t open because the developer is unidentified

Every now and again, I’ll download an app on my Mac that gets flagged as unsigned on my Mac (“can’t be opened because it is from an unidentified developer”. It turns out that, if you hold down the Control key at the same time as clicking its icon, you can open it.

Dropbox (Mac) stuck importing photos

I use Dropbox to upload my photos from my phone (it names them nicely for me by date!) and then copy them across to OneDrive (where I have more storage). A few months ago, I had a problem where I couldn’t upload my photos to DropBox. I’d plug my phone into a Mac, and the import would never finish. It showed a camera icon and said it was importing photos but didn’t show any progress, as though the DropBox app had hung. Looking around on the ‘net this is a common issue – but there’s no sign of DropBox fixing it…

In the end, my workaround was to upload the images directly from my iPhone, which seemed to clear the bottleneck, whatever it was…

Virtual card numbers in an Apple Wallet

Those who use their mobile phone for contactless payments (Apple Pay, etc.) may not be aware that each registered card has a virtual card number – the 16-digit card number used is not the same number as the physical card. That’s why (for example), if you touch in to pay for travel in London using contactless on a card but finish the journey with contactless on your phone, Transport for London won’t realise that the two transactions are linked.

I’m not sure how to find the full card number for the device, but you can find the last 4 digits of the virtual card number by pressing the “information icon in the lower right of Apple Wallet. That will give a whole host of information, as well as transaction history.

Device Account Number in Apple Wallet on iOS

A logical view on end user computing architecture

Over the last couple of years, I’ve worked with a variety of customers looking to transform the way they deliver end user computing services. Typically they fall into two camps:

  1. “We invested heavily in thin client technologies and now we’re finding them to be over-engineered and expensive with multiple layers of technology to manage and control.”
  2. “We have a managed Windows desktop running <insert legacy version of Windows and Office here> but the business wants more flexibility than we can provide.”

There are others too (like the ones who bought into a Mobile Device Management platform that’s no longer working for them) but the two examples above are by far and away the most common issues I see. When helping customers to understand their options for providing end user computing services, I like to step up a level from the technology – to get back to the logical building blocks of an end user computing solution. And, over time, I’ve developed and refined a diagram that seems to resonate pretty well with customers as a framework around which to build end user solutions.

Logical view on the end user computing landscape


Starting at the bottom left of the diagram, I’ll describe each of the main blocks in turn:

  • Identity and access: I start here because identity is absolutely key in any modern enterprise. If you’re still thinking about devices and operating systems – you’re doing it wrong (more on that later). Instead, the model is built around using someone’s identity to determine what applications they can access and how data is protected. Identity platforms work across cloud and on-premises environments, provide additional factors for authentication, self-service functionality (e.g. for password and group management), single sign-on to both corporate and cloud applications, integration with consumer and partner directory services and the ability to federate (i.e. to use a security token service to authenticate on-premises).
  • Data protection: with identity frameworks in place, let’s turn our attention to the data. Arguably there should be many more building blocks here but the main ones are around digital rights management, data loss prevention and endpoint security (firewalls, anti-virus, encryption, etc.).
  • Connectivity: until we all consume all of our services from the cloud, we generally need some form of connectivity to “the mothership”, whether that’s a client-less solution (like Microsoft DirectAccess) or another form of VPN. And of course that needs to run over some kind of network – typically a Wi-Fi or 4G connection but maybe Ethernet.
  • Devices: Arguably, there’s far too much attention paid to different types of devices here but there are considerations around form factor and ownership. Ultimately, with the correct levels of management control, it shouldn’t matter who owns the device but, for now, there’s a distinction between corporately-owned and user-owned devices. And what’s the “other” for? I use it as a placeholder to discuss embedded systems, etc.
  • Desktop operating system: Windows, MacOS, Linux… increasingly it doesn’t matter what the OS is as apps run cross-platform or even in a browser.
  • Mobile operating system: iOS, Android (maybe Windows Mobile). Again, it’s just a platform to run a browser – though there are considerations around native applications, app stores, etc. (we’ll come back to those in a short while).
  • Application delivery: this is where the “fun” starts. Often, this will be influenced by some technical debt – and many organisations will use more than one of the technologies listed. Apps may be locally installed – and they can be managed using a variety of management tools. In my world it’s System Center Configuration Manager, Intune and the major mobile app stores but, for others, there may be a different set of tools. Then there’s virtualised/containerised applications, remote desktops and published applications, trusted apps that run from a file share and, finally, the panacea that is a browser-delivered app. Which makes me think… maybe this diagram needs to consider add-ins and extensions… for now, let’s keep it simple.
  • Device and asset management: until we live in a world of entirely user-owned devices, there are assets to manage. Then, sadly, we have to control devices – whoever they belong to – whether that’s policy-driven device and application management, more traditional configuration management, or just the provision of a catalogue of approved applications. Then there’s alerting, perhaps backups (though maybe not if the data is stored away from devices) and something I’ve referred to as “desktop optimisation” which is really the management tools for some of the delivery methods and tools described elsewhere.
  • Productivity services: name your poison – Office 365 or G-Suite – it doesn’t matter; these are the things that people do in their productivity apps. You may disagree with some of the categories (would Slack fit into enterprise social networking, or is it team sites?) but ultimately it’s about an extensible set of productivity services that end users can consume.
  • Input/output services: I print very little but others print a lot. Similarly, there’s scanning to be done. The paperless office is still not here…
  • Environmental management: over time, this will fade away in favour of mobile device and application management solutions but, today, many organisations still need to consider how they control the configuration of desktop operating systems – in the Windows world that might mean Group Policy and for other platforms it could be scripted.
  • Business data and applications: all of the stuff above means nothing if organisations can’t unlock the potential of their data – whether it’s in the CRM or ERP system, end user-driven reporting and BI, workflow or another line of business system.
  • High availability and business continuity: You’ll notice that this block has no subcomponents. For me, it’s nothing more than a consideration. If the end user computing architecture has been designed to be device and platform agnostic, then replacing a device should be straightforward – no need to maintain whole infrastructures for business continuity purposes. Similarly, if all I need is a device with an Internet connection and a browser, then the high availability conversation moves away from the end user computing platform and into how we provide the services that end users need to access.

I’m sure the model will continue to develop over time – it’s far from perfect and some items will be de-emphasised over the years (for example the differentiation between mobile and desktop operating systems will become less important) whilst others will need to be added, but it seems a reasonable starting point around which to start a discussion.

Finding the PlanId for a Microsoft Planner Plan

Yesterday, I wrote about creating Microsoft Planner tasks from email using Microsoft Flow. At the time, my flow wasn’t quite working because for some reason Flow wouldn’t pull through the details of all of my plans.  I even deleted and recreated a plan but Flow would only show me one. And entering a Custom Value with the name of my plan in my flow resulted in a Schema error for field PlanId in entity Task: Field failed schema validation.

That was, until I found a very useful nugget of information in the PowerApps Community forums. To find the PlanId, open the corresponding Plan in a browser and the last part of the URL contains the PlanId:

Finding the PlanID for a Microsoft Planner Plan

Put that into your flow and the corresponding list of BucketIds should then be visible:

Bucket Id located based on the Plan Id

Now my flow runs and puts the plain-text contents of an email into the subject of a new task. Unfortunately, I’m still working on how to populate other fields in the task and I think I may have hit the current limits of the Microsoft Flow-Planner integration.