Office 365 Groups and Teams – what, when and why?

Office 365 offers a fantastic set of collaboration tools but there are times when I wish they were just a little more tightly integrated. The basic Exchange-Skype-SharePoint trio are fine – and OneDrive is finally sorted after years of transitioning to a new client but what about Video, Sway, Groups, Yammer, Planner, etc.? Well, I recently got myself along to a Microsoft Cloud User Group event where Al Eardley (@Al_Eardley) gave a really informative talk about Groups vs. Teams – and what you should be aware of. This post attempts to merge some of the main points from Al’s talk with some other information I’ve been tracking in recent weeks to hopefully give a better idea of how these two apparently competing (but actually complementary) products can be used.

TL;DR

Office 365 Groups have been around for a while but Teams are new (at the time of writing, Teams are still in preview, having been launched in late 2016 and being lauded as “Microsoft’s Slack competitor”).

Groups vs Teams

Let’s start by thinking about the Office 365 tools we use to collaborate:

Scope Tool Notes
Me OneDrive Personal file storage
Us Teams Working as a team, to collaborate on content. On a project, bid, system, area of business
Us Groups Similar functionality but can share with partners outside the organization
Everyone SharePoint Publishing content the traditional way (can also share through Groups/Teams) with governance and approval processes. Records to keep.

Then, if we look at the features we use:

  • Distribution list – so we can easily get “stuff” to “people” using Exchange Online
  • Files – and sharing them with shared document libraries in SharePoint Online
  • OneNote – collaborative note-taking
  • Calendar – a “proper” Exchange calendar, not just a SharePoint calendar!
  • Planner – for task management; things to complete as a team, with criteria to step through, simple interface – a Kanban board like Trello
  • Landing page – that’s editable/customisable
  • News – keeping everyone informed
  • Yammer Group – because Office 365 Groups and Yammer Groups are now integrated
  • Persisted Chat – within Teams. Another way to record conversations
  • Channels – the ability to have a team with multiple channels to segregate content by project/activity
  • Connectors – the ability to include information from other sources, e.g. Twitter, Visual Studio, PowerBI, etc.

Woah! Information overload! And some of these features are in Groups. Some are in Teams. Neither has them all!

So consider this: with Groups we create a container for content, integrating various services and applying security using a common identity; Teams sit above Groups – and creating a Team creates an underlying Group. Also, Groups can be public, private or external but Teams are public/private only (there is no external sharing in Teams).

That’s the easy part – access to the features depends on the application you’re using (Outlook, Outlook on the Web, SharePoint Online, Planner, a Group site, Teams in-browser, Teams in the desktop client… etc.). We get different views of the same elements from different locations – which can feel a bit disjointed but I expect (sincerely hope) it will get better as Teams moves closer to release.

It might help to look at what goes where inside Office 365 (this information is taken from a recent webinar from AvePoint):

Skype for Business Online Exchange Online SharePoint Online Planner Yammer
  • Instant Messaging
  • Broadcast meetings
  • Teams chats
  • User mailboxes
  • Calendars
  • Group conversations
  • Group mailboxes
  • Planner task comments
  • Sites, lists, libraries
  • Office 365 Video portal
  • User OneDrives
  • Group files
  • Group notebooks
  • Teams attachments
  • Planner attachments
  • Plans
  • Buckets
  • Tasks
  • Internal networks
  • External networks
  • Yammer notes and files

So which tool has which features?

Features Groups Teams
Distribution List Yes Yes
Files Yes Yes*
OneNote Yes Yes*
Calendar Yes Yes*
Landing Page Yes Not visible
News Yes Not visible
Planner Yes Yes*
Yammer Group Yes No
Persisted Chat No Yes
Channels No Yes
Connectors Yes Yes

Items marked * in the table above are segregated by channel

Pros and cons

Drawbacks Benefits
Groups
  • Interface – disjointed navigation experience
  • Skype for Business – very little integration
  • Conversations – Outlook conversations add nothing new to collaboration
  • Yammer – there are restrictions on integration
  • Landing page – does not offer links to all features of a team (Calendar or Planner) – the page can be changed but this needs some SharePoint knowledge
  • News – is an immature feature
  • Groups are public by default (which can lead to oversharing)
  • External access
  • Android/iOS apps
  • Easy to provision (maybe too easy sometimes, unless self-service group creation is disabled)
  • Management tools are improving with controls over naming, banned words, soft-deletion, group expiration, etc.
Teams
  • Calendar – can’t invite Rooms, a Surface Hub, or anyone outside of the team
  • Skype for Business – joining meetings from Outlook does not use Teams (it opens the Skype for Business client instead!)
  • Planner – tasks in Teams planners are not available in Groups; and Teams planners are not visible in the Teams web interface or in Planner!
  • News – not available at all
  • Chat – restricted to the Team
  • Single interface
  • Skype for business integration
  • Windows and Mac apps
  • Android/iOS apps
  • Regular product updates

Further Reading

Four considerations before rolling out Microsoft Teams

Forcing iOS to send messages as text (SMS) instead of using iMessage

My wife has been on holiday overseas for the last couple of weeks. In today’s age of WhatsApp, Skype and Facetime, video calling the kids has been no problem – when she has been able to get to Wi-Fi. But what if I want to get a message to her when she’s away from data networks? And mobile roaming is still an expensive proposition…

iOS Send as Text MessageSMS (text) messages still have their place – even if my wife couldn’t respond without incurring charges, I could get a message to her (e.g. saying check your email/WhatsApp/whatever) and she could get online soon after. But my iPhone wants to send messages as iMessage to anyone it recognises as having an iCloud account.

In cases like this, all you do is compose and send the message in the Messages app as normal, letting it send as a (blue) iMessage. Then, press and hold the message and you’ll see some more options – including to “Send as Text Message” (text messages are shown in green). Select this and the message will be sent over the mobile telecommunications networks instead of the Internet.

Missing Office 365 icons after blocking untrusted fonts in Windows 10

One of my customers contacted me recently to ask about a challenge they had seen with Windows 10. After blocking untrusted fonts in Windows 10, they noticed that parts of the Office 365 portal were missing icons.

The problem

The issue is that Office 365 uses a font to display icons/glyphs (to improve the experience when scaling to adapt to different screen sizes). It appears some browsers are unable to display the embedded fonts when they are untrusted – including Internet Explorer according to one blog post that my colleague Gavin Morrison (@GavinMorrison) found – apparently Edge has no such issues (though I can think of many more issues that it does have…) – Chrome also seemed to work for me.

There’s some good information about blocking untrusted fonts on TechNet and this highlights that:

“Using Internet Explorer to look at websites that use embedded fonts. In this situation, the feature blocks the embedded font, causing the website to use a default font. However, not all fonts have all of the characters, so the website might render differently.”

The fix

So, that appears to be the issue. What’s the fix?

It seems there are two workarounds – one includes excluding processes from the font blocking (but it’s no good excluding a browser – as the most likely attack vector for a malicious font would be via a website!) and the other includes installing the problematic font to %windir%\Fonts.

Tracking down the Office 365 font

So, where do you get hold of the Office 365 font? I thought it should be part of the Office UI fabric but I couldn’t find it there, nor any reference to it in the Office developer documentation (there are some icons in the fabric – but they don’t seem to be the ones used for the Office 365 portal).

There is a site where you can select Office 365 glyphs and download a font file but I’m not sure that will address the issue with the Office 365 fonts being blocked in the portal, so some more detective work was required…

Stefan Bauer has posted quite a lot of information on the Office 365 fonts (there’s more in his “lab”) but it seems the CDN location Stefan highlights has changed. Thomas Daly found some new locations (and helpfully hosts a copy of the font on his site) but I wanted to signpost my customer to a Microsoft-provided source.

One of the locations that Thomas highlights is https://outlook.office365.com/owa/prem/16.0.772.13/resources/styles/fonts/office365icons.ttf but that results in an HTTP Error 404 now (not found). So I opened the Office 365 portal in my browser and started the Debugger. Then, I found the following line of code that gave me a clue:

<meta name="msapplication-TileImage" content="https://r1.res.office365.com/owa/prem/16.1630.11.2221454/resources/images/0/owa_browserpinnedtile.png"/>

I used that base location (up to and including the version number) with the tail end of the URI that Thomas had provided and was pleased to find that https://r1.res.office365.com/owa/prem/16.1630.11.2221454/resources/styles/fonts/office365icons.ttf got me to an installable TrueType font file for the Office 365 fonts on Windows.

I expect the location to change again as the version number is updated but the method of tracking down the file should be repeatable.

Testing my theory

Testing on one of my PCs with HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\MitigationOptions set to 0x1000000000000 resulted in Internet Explorer loading the Office 365 portal without icons and Event ID 260 recorded in the Microsoft-Windows-Win32k/Operational log:

C:\Program Files (x86)\Internet Explorer\iexplore.exe attempted loading a font that is restricted by font loading policy.
FontType: Memory
FontPath:

Office 365 fonts blocked - missing icons

After installing the Office 365 icons font (office365icons.ttf) and refreshing the page, I was able to view the icons:

Office 365 fonts installed - icons visible

Uninstalling the font locally and refreshing once more took me back to missing icons.

I then tidied up by setting the MitigationOptions registry key to 0x2000000000000 and restarting the PC, before removing the registry entry completely.

Further reading

Block programs from loading untrusted fonts in Windows 10.

Microsoft Teams: General channel syncs files by default

One of the projects I’m working on is using Microsoft Teams (and the underlying Office 365 Groups functionality) to collaborate. Teams is a new experience for me – I’ve played around with it a little but not had a lot of time to get to grips with it – though I have to say I find the whole Office 365 collaboration story a little disjointed at the moment. More on that in another post in a few days’ time (I hope…).

One thing I have found though, is that the General channel (created by default in Teams) will sync files to every team member’s device. I learned this to my cost when suddenly I found I had no disk space left. Other channels/folders in the associated SharePoint site will sync using OneDrive – i.e. only when sync has specifically been requested – but it’s worth knowing about the “General” sync. I added an empty text file to send a message to others not to save files in the General folder…

Microsoft Teams General Document Library

Teams is currently in preview and this behavior may change before release. I certainly hope so because the new OneDrive client, which finally supports SharePoint, is a much better way to sync files between Office 365 and a desktop device.

Forcepoint’s 2017 Security Predictions

Last week, I spent an evening at my local BCS branch meeting, where Scott Bullock (Cloud Trust Officer at Forcepoint Cloud) was presenting Forcepoint’s 2017 Security Predictions.

For those who aren’t familiar with Forcepoint, they were formed from a combination of Websense, Ratheon Cyber Products and Stonesoft. Most of us have heard of Websense (and maybe Ratheon) but it seems Forcepoint have a suite of email, web and data protection products. They cite metrics like 27 globally distributed data centres, 5 billion web transactions a day, and 400 million emails processed per day. Those numbers may be a fraction of those processed by Microsoft (it would be interesting to compare with Symantec) but they are still significant.

What follows are my notes from Scott’s talk. My observations are in the square parentheses [].

A look back at 2016

Before looking at the 2017 predictions, Scott took a look at last year’s score card:

  • US Elections will drive significant themed attacks – A+
  • Mobile wallets and new payment technologies introduce increased fraud risks – C
  • New GTLD domains provide new opportunities for attackers – B
    • These are mostly spelling errors on recognised sites – for example rnarkwilson.name instead of markwilson.name. With the number of GTLDs in existence now, it’s harder than ever for companies to register all of the domains associated with their brands/trademarks.
  • Cyber insurers will require more evidence for coverage – B+
    • It’s no longer good enough to forget about implementing security measures and rely on insurance.
  • DLP adoption will dramatically increase – B
    • Data loss prevention is coming back into favour [I’m not sure it ever went away…]
  • Forgotten technology will increase risks to organisations – B
    • [Technical debt is never good]
  • IoT will help but also hurt more – B
    • Worm took over DVR and DoS…
  • Social views of privacy will evolve – great impact to defenders – B

Forcepoint give themselves a B+ overall… and you can read what you like into whether that means the predictions are worth taking note of (Matt Ballantine has some comments on that in his WB40 podcast with Chris Weston where he discusses Foxes and Hedgehogs). Nevertheless, let’s see what they are predicting for this year…

So what’s in store for 2017?

  1. The digital battlefield is the new cold (or hot?) war
    • Enhanced NATO policy on collective defence (article 5 – if one nation is attacked, then will work together) could lead to military responses to cyber attack
    • The potential and consequences of misattribution could lead to destabilization of the policy.
    • Essentially, cyber warfare could have physical impacts. [Worrying]
  2. Millennials in the machine
    • The digital generation know how to mix business and pleasure – millennials bring an understanding of the digital realm into the workplace.
    • Millennials are used to over-sharing information. [So they are also used to the consequences.]
    • The potential for accidental data leakage has risen (e.g. take a picture of a whiteboard at work and it’s automatically uploaded to iCloud)
    • [I’m calling BS on this one – if indeed there is any difference in the ways that each generation uses tech – which I doubt – then it’s more likely that there is a bigger issue with Generation X and Baby Boomers not being as cyber-savvy as millennials.]
  3. Compliance and Data protection convergence
    • EU GDPR is around the corner and will come into place in May 2018
    • Businesses will redefine their organisational processes to accommodate new controls
    • The onset of new data protection controls will incur costs for businesses and that impact will be most felt by large enterprises that have not yet begun to prepare:
      • Companies need to appoint a Data Protection Officer
      • Fines can be 4% of global annual turnover…
      • Will apply on top of DPA (enforced by Data Protection Office)
  4. Rise of the corporate-incentivised insider threat
    • Corporate abuse of PII will increase; business goals will drive poor decisions resulting in bad behavior
      • Corporate-incentivized insider abuse of customer PII – is it just too tempting?
    • Regulations will further restrict corporate and personal access to digital information
  5. Technology convergence and security consolidation 4.0
    • Mergers and acquisitions change the security vendor space
    • Cybersecurity corporations are buying up smaller vendors
    • Vendors that are not consumed or do not receive venture capital funding will exit the market
    • Products will stagnate/orphans as a result of mergers and acquisitions
    • Adjustments in employee base will benefit the cyber security skills shortage
    • [Whilst I can see the convergence taking place in the security sector, I have to take this prediction with a massive pinch of salt, bearing in mind its source!]
  6. The cloud as an expanding attack vector
    • Cloud infrastructure provides an ever-expanding attack vector with possibilities for hacking the hypervisor
      • [I’d suggest this is more of an issue for so-called “private clouds” as the major players – Amazon, Microsoft, Google cannot afford a breach and are investing heavily in security – Microsoft spends over $1bn annually on security-related R&D and acquisitions]
    • Organisations will combine on premises and cloud infrastructure – a hybrid approach
      • [Yes, but this is for much broader reasons than security]
    • DOS of cloud providers will increase so ask what anti-DDoS protection they have and check that you have the right to audit…
      • [Isn’t that just due diligence?]
  7. Voice-first platforms and command sharing
    • Voice-first AI and command sharing bring a new level of convergence
    • Voice activated AI will radically change our interactions with technology
    • AI will be able to distinguish between individuals and their patterns of behaviour
      • For example it will know when you’re at home, tech in house, when to burgle you!
    • AI will influence our normal or default settings
    • The number of voice-activated apps will rise significantly in 2017 – and so will attacks
      • [I already mute Alexa in my home office when I’m working – do you really want your conversations being overheard and used for analysis?]
  8. AI and the rise of autonomous machine hacking
    • The rise of the criminal machines
    • Automated hacking machines vs. AI cyber defence machines
    • Widespread weaponisation of autonomous hacking machines will occur in 2017
    • State actors could use such systems to overwhelm rival national cyber defences
  9. Ransomware escalation
    • Ransomware is here to stay
    • Data will be held to ransom, and traded
    • Ransomware will morph to gain data exfiltration capabilities
      • Taken to another network and sold to others… pay multiple times…
  10. Abandonware vulnerability
    • Legacy tools leave holes in your defences
      • [This is not new. We call it technical debt!]
    • End-of-life abandoned software will lead to data breaches
      • Lapsed domains are bought up and used to inject code into software that phones home for updates
      • Systems are not patched
    • Businesses will start to consider the perils of abandonware
      • [And some will continue to ignore it, at their peril!]

In conclusion

Security challenges arise from the convergence of the digital and physical worlds and treating each world as insulated is an obsolete view.

The full report is available from the Forcepoint website.

A month without social media. Well, sort of…

Ben Seymour (@bseymour) made a very pertinent point in a recent Milton Keynes Geek Night talk when he said:

“At no point did I find myself wishing I’d spent more time on Twitter”

So, when one of my friends said he would give up social media for January, I thought it would be worth a try too. After all, if a brand and marketing communications Consultant can do without #socmed, then so can I!

Actually, I made some exceptions:

  • Twitter is work. It’s how I keep up to date – and how I build my personal brand (if that doesn’t sound too pretentious). Having said that I’ve been too busy for most of January to tweet much.
  • Ditto for my blog.

I turned off notifications for LinkedIn, Facebook, Facebook Messenger and some more. And then I realised how many channels I have – for example WhatsApp is one of the methods my son uses to contact me. That’ll be another exception then. Then there’s Strava. Hmm… well, I guess it’s not so much social media as where I track my activity…

The main one to drop was Facebook. So, how did that go? Really, I haven’t missed it at all. Sure, I was probably the last person in our town to know that a McDonalds is being proposed for the BP garage 2 miles up the road (which apparently has divided opinion…) but is that really so important in the great scheme of things? I did miss some contact on Messenger – but anyone who knows me well also has my mobile number…

And the biggest observation from my month of social media abstinence? Well, I watched a few series on Amazon Video (two seasons of The Man in the High Castle and Mr Robot). As my wife noted, it seems my digital addiction just switched channels…

Redirecting from one website to another

After almost 15 years working freelance, my wife is in the process of winding up her business, in preparation to start a new job in a few weeks’ time.

Unsurprisingly, that means a few IT requests for the (unpaid) IT Manager… one of which is to redirect the former company website to her LinkedIn profile.

There are a few ways to redirect websites – an HTML meta tag is often used – but with the variety of web browsers out there I wasn’t sure how current that technique is. Some would argue it’s better to sort out the re-write server-side but I don’t have that ability on this hosting platform.

Then I found a really useful thread on Stack Overflow – including this code snippet with HTML, JavaScript and fallback links:

<!DOCTYPE HTML>
<html lang="en-US">
    <head>
        <meta charset="UTF-8">
        <meta http-equiv="refresh" content="1; url=http://example.com">
        <script type="text/javascript">
            window.location.href = "http://example.com"
        </script>
        <title>Page Redirection</title>
    </head>
    <body>
        <!-- Note: don't tell people to `click` the link, just tell them that it is a link. -->
        If you are not redirected automatically, follow this <a href='http://example.com'>link to example</a>.
    </body>
</html>

That’s in place now and working nicely.

Playing around with Azure Cognitive Services

I’ve been spending quite a bit of time recently getting more familiar with some of the advanced workloads in Microsoft Azure. After all, infrastructure as a service is commodity, so I’m looking at services that can be used to drive real value for my customers (more on that in another post…).

Yesterday, was our team meeting – with all but one of the risual Architects getting together, including some coaching from Microsoft around data and intelligence services. I was particularly taken with some of the demonstrations of Cognitive Services, so I set about getting some sample code to work for me…

Building the Intelligent Kiosk sample application

First up, I needed to install Visual Studio 2015 (Community Edition is fine) – it took a while, and needed admin credentials (so a visit to our support team) but eventually it installed on my PC.

Then, I downloaded the sample code for the “Intelligent Kiosk” from Github. F5 to build the solution told me that:

A project with an Output Type of Class Library cannot be started directly.

In order to debug this project, add an executable project to this solution which references the library project. Set the executable project as the startup project.

The Intelligent Kiosk sample code is a Universal Windows Platform (UWP) app, so I ignored that message, continued with the build, and tracked down the resulting IntelligentKioskSample.exe file. Trying to run that told me:

This application can only run in the context of an app container.

And StackOverflow told me that I need to sideload the app onto my PC, by creating a package to use locally.

Installing the Intelligent Kiosk sample application

The application package comes with a PowerShell script to install it (Add-AppDevPackage.ps1), but I found I needed to follow these steps:

  1. Enable developer mode in Windows 10 Settings
  2. Restart the PC
  3. Open a PowerShell session as an Administrator and run:

Show-WindowsDeveloperLicenseRegistration

Get-WindowsDeveloperLicense

Set-ExecutionPolicy unrestricted

.\Add-AppDevPackage.ps1

Now the app is ready and available via the Start Menu…

Running the Intelligent Kiosk sample application

  1. Get some API keys (for free) from the Microsoft Cognitive Services site.
  2. Run the Intelligent Kiosk app.
  3. Go to settings and paste in your API keys.
  4. Have some fun with the demos!
Demos in the Azure Cognitive Services Sample app
Intelligent Kiosk Demos
Azure Cognitive Services Emotion Detection
Emotion detection (web image)
Azure Cognitive Services Emotion Detection
Emotion detection (live image)
Azure Cognitive Services Face Detection
Face Detection
Azure Cognitive Services Mall Kiosk
Detect age and gender, recommend a product!

Further Reading

Restoring Adobe Lightroom from backup (on a Mac)

For well over a year now, my digital photography workflow has been in tatters. The Mac that I use for photo editing had some defective memory which corrupted the file system and the “genius” at the Apple Store reinstalled OS X. Data and application re-installation relies on me though, and it just hasn’t risen high enough on my list of priorities… until now.

So, I needed to:

  1. Re-install Adobe Lightroom (and the various other tools that I use).
  2. Restore my Lightroom catalog.
  3. Repoint Lightroom to the new location of my images (I’ve given up trying to maintain enough space locally and they all now sit on a Synology NAS, backed up to Microsoft Azure).

This post may be more for my benefit than for readers of the blog but you never know… someone might find parts of it useful.

Re-installing Lightroom

Re-installing Lightroom is reasonably straightforward and these are the steps I took:

  1. Install Lightroom 5 from physical media (My Mac has no DVD drive, so I needed to use a USB-attached DVD drive).
  2. Launch Lightroom from the finder.
  3. When prompted, enter the serial number (or elect to use it in trial mode). My copy of Lightroom 5 is an upgrade, so I was prompted for the previous serial number too (from Lightroom 3 in my case).
  4. Lightroom needs to create a catalog. Let it get on with it.
  5. Lightroom then detected that an upgrade was available (5.0-5.7) and it directed me to the Adobe website, from where I downloaded 5.7.1. Incidentally, I have a feeling that these updates are the full product, and I could probably have used this for the original installation. That may be one to try next time… [Update: that’s confirmed by Lightroom Queen.]

Restore the Lightroom Catalog

Nex up, restoring the catalog. Amongst the many excellent posts from the Lightroom Queen is one titled “How do I move Lightroom to a new computer”, which is kind of what I wanted to do, except in my case it’s “How do I move Lightoom from a backup of my computer to the currently-running version of my computer”.

Starting Lightroom had created two files in ~/Pictures/Lightroom called:

  • Lightroom 5 Catalog.lrcat
  • Lightroom 5 Catalog Previews.lrdata

I made some backup copies of these, then tracked down the last versions on my backup disk and copied them to the folder.

The Lightroom Catalog Previews file can be pretty large (mine was around 37GB), so this took some time…

Ideally, I would also have restored the following:

  • Preferences, from ~/Library/Preferences/com.adobe.Lightroom5.plist
  • Presets, from ~/Library/Application Support/Adobe/Lightroom/ (there are more details about these in Lightroom Queen’s Lightroom 5 Default Locations post).

Unfortunately, these were missing from my backup (I’d had some issues backing up the Library in single-user mode), though I did find the presets on another machine and may be able to restore them later…

Helping Lightroom to find my images

Whilst I was waiting for the Lightroom catalog to copy, I started preparing for when I open Lightroom using the new (old) catalog. In my original installation, my images were in ~/Pictures/Digital Camera Photos but now the images are on my NAS. So, I created an alias for the folder on the NAS and moved that to ~/Pictures, hoping that this would look to Lightroom as though my images are in the same location…

Unfortunately, although Lightroom was able to follow this alias (symlink), it was smart enough to work out that the folders within it were at a different location – and not on Macintosh HD. Thankfully it wasn’t too big a task to select each orphaned folder in Lightroom (displaying a ? over the folder name), right click and select Find Missing Folder. Once the catalog was re-connected with the images, the ! on each preview went away and I could view the full-resolution image. More details can be found in the Lightroom Queen article I referenced earlier.

Wrap-Up

So, Lightroom is re-installed and my photos are back where I need them. Now all I need to do is sort out my workflow… and there’s the small matter of picking the best images from the 50000-odd that I’ve taken since I started using a digital camera so I can print some albums. Because, sometimes, analogue media is good.

Preventing dnsmasq from running as a daemon (service) on a Raspberry Pi

Some time ago, I wrote a post about running a Raspberry Pi as a home infrastructure server (DNS, DHCP, TFTP, etc.). Now my Synology NAS is doing that for me (well, the DNS and DHCP at least – TFTP is less critical as my Cisco 7940 IP Phone just sits there taking up desk space most of the time) so I don’t need the Pi to provide those services.

Unfortunately, when I migrated DNS and DHCP a few months ago, I just stopped the service with sudo service dnsmasq stop so, after a power outage last week, when the Pi came back up, so did dnsmasq – and having two DNS/DHCP servers on the network produced some strange results (as might be expected…).

So, to do the job properly, I ran sudo nano /etc/default/dnsmasq and changed the ENABLED=1 line to ENABLED=0. That should prevent dnsmasq from running as a service but leaves the configuration intact if I ever need to bring it back online.

A quick sudo reboot and sudo service dnsmasq status is all that’s needed to check that dnsmasq stays disabled.

dnsmasq, not running