Cloud

Deploying Team Viewer with Intune

Sticky 17 Comments

The scenario: you have computers that are only bound to AzureAD and you need to deploy a customized version TeamViewer to those computers. Me too! Here’s what I did.

Create the Custom Module & Policies

Log into to www.teamviewer.com

On the left hand side of the screen, choose Design & Deploy

You’ll see two tabs: Custom Modules and Policies.

The Policies tab has the custom settings used by the client (such as whitelisting, auto-starting, and auto-adding to groups).

Each custom module can only use one “Policy,” but each policy can have all possible settings. If you need to create a new policy, use the “Add policy” button at the top of the screen.

To change a policy, click the edit button next to the one of the policies. (The “enforce” checkbox for each setting prevents the end-user from being able to change that setting). These policies are checked by the client during installation.

Once the policy is setup, go to the Custom Modules tab. Create a new module with the Add Custom Module button or click the edit button on a existing module.

Customize the look of the TeamViewer app however you’d like.

Make sure the TeamViewer policy selected is the correct one from the Policies tab and you’ve selected the group you would like the devices added to under the “Automatically add computers to a group in your Computers list.”


Copy the API token and the Configuration ID. You will need these when creating the app in Intune.

Click the “Download MSI” link as well. Without any options, this MSI will just do a basic TeamViewer Host installation. Only when passed your configuration ID and API token during installation will it give you the customized client and add itself to your TeamViewer groups.

Package the Installer

The MSI file will come in a zip file; unzip it. Inside you will find two more folders: Full and Host. Go into the Host folder and copy the TeamViewer_host.msi file into another folder. I named mine “teamviewer-host”. Make sure there is nothing else in that folder.

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or a command prompt and run:

IntuneWinAppUtil.exe -c <folder with the msi it in> -s TeamViewer_Host.msi -o <where you want the package file saved>

So for me, I had IntuneWinAppUtil.exe on the desktop and wanted the package file there as well, so I ran:

.\IntuneWinAppUtil.exe -c .\teamviewer-host\ -s TeamViewer_Host.msi -o .

Once you have done so, you will have a file called TeamViewer_Host.intunewin that can be uploaded to Intune.

Create & Deploy in Intune

Go to https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the TeamViewer_Host.intunewin file you created (Firefox may have trouble doing the upload. If so, use another browser)

On the Program step change the install command from:

msiexec /i "TeamViewer_Host.msi" /q

To:

msiexec /i "TeamViewer_Host.msi" /qn CUSTOMCONFIGID=[configuration id] APITOKEN=[API Token] ASSIGNMENTOPTIONS="--grant-easy-access"

(Don’t include the brackets [ ])

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type. Intune will automatically enter the correct MSI Product code. Keep “MSI Product version check” as “no” so that the app won’t re-install if upgrades are done on the client side.

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download the TeamViewer Host app as well as place an icon called TeamViewer on the desktop.

That’s it! Your custom TeamViewer host should install on the selected devices and be ready for remote management.

Intune

Deploying AutoDesk AutoCAD with Intune

15 Comments

AutoDesk’s AutoCAD is the next piece of software I’m deploying via Intune that was clearly never designed to be. It took a few tries, but I believe I’ve got the process down. I hope this makes your life much easier!

The directions here are for AutoCAD, but they should apply to any of the AutoDesk products (Architect, etc.).

Update: AutoDesk has changed how their packaging works for AutoDesk 2022 products. You must create a deployment from their website rather than the downloaded installer. I’ll have an updated guide for AutoCAD 2022 over the summer! https://knowledge.autodesk.com/customer-service/network-license-administration/network-deployment/creating-deployment/create-deployment

Create the Custom Installation Package

Log into the AudoDesk management site at https://manage.autodesk.com

Download the AutoCAD 2019 x64 installer.

Installer from the AutoDesk website

There’s 4 levels of installer we’ll be dealing with.
1) The installer you download AutoDesk’s website. This is just a self-extracting, compressed version of the actual installer. I’ll call this “the downloaded installer.”
2) The actual installation files that get extracted. I’ll call this “the extracted installer.”
3) The installation package you’ll create from the extracted installer. I’ll call this the “installation package.”
4) The intunewin file you’ll generate that actually gets uploaded to Intune.

Run the downloaded installer to extract the installation files.

Go to the extracted installer folder and run setup.exe .

Choose “Create Deployment.”

The AutoCAD 2019 Installer

Give your deployment a name without any spaces. This name will automatically be used to create the installation .ini file that will contain the setup information such as your serial key. You’ll need to know this name later.

You can only create a deployment to a network share. Since we’re using Intune, this isn’t relevant, so we’ll pick the hidden C: drive share to specify your local computer. Choose \\localhost\c$\users\[your username]\Desktop\autocad .

Disable the “Create a network log file” since this won’t be running off your LAN.

The AutoCAD 2019 Installation Packager Creator

Choose which components you’d like to install. If your users are not administrators on their machines, I’d recommend disabling AutoDesk Desktop since they won’t be able to use any of its functionality.

If you’re using a license key and serial, enter it.

Wait for the installation package to be created.

Package the Installer

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool to your Downloads folder from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

Open Windows Terminal or PowerShell. Change directory into the directory just above the autocad folder you create for the network installation.

For me that’s:

cd ~/Desktop

Tell the Intune prep tool to create a package from the autocad directory, use the Setup.exe located in the img folder, and save the package to your current directory:

~/Downloads/intuneapputil.exe -c .\autocad\ -s img\Setup.exe -o .

The package will be named setup.intunewin . Since that’s not very helpful, rename it to something that is.

mv setup.intunewin autocad2019.intunewin

Create & Deploy in Intune

Log in to Intune device management at: https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the autocad2019.intunewin file you created.

On the Program step change the install command to:

Img\Setup.exe /W /q /I Img\[deployment name].ini /language en-us

In my case, it’s:

Img\Setup.exe /W /q /I Img\autocad2019.ini /language en-us

(you can double check the name of your ini file by looking in the autocad\img folder)

For the uninstaller, this is a bit of a kludge since it only uninstalls the main component, not the rest. For me, this is sufficient. You can customize yours by checking out all of the options in the autocad\sms_sccm scripts\[deployment name]_Uninstall.txt file.

msiexec /uninstall {28B89EEF-2001-0409-2102-CF3F3A09B77D}

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type and enter the product code for AutoCAD 2019: {28B89EEF-2001-0409-2102-CF3F3A09B77D}

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download and install AutoCAD 2019. Alternatively, you can assign it to user groups and those users can install AutoCAD from the Company Portal app.

That’s it; good luck!

-Adam

Azure, Intune

Deploying Minecraft Education Edition With Intune

Leave a comment

Another day, another app to deploy! Today it’s Minecraft Education Edition. If you’re looking to deploy the desktop version of Minecraft Education Edition using nothing but Intune, you’ve come to the right spot!

Package the Installer

Go to https://education.minecraft.net/get-started/download/ and download the Windows Desktop Edition to your Downloads folders.

Make a new folder in your Downloads folder called “MinecraftEducation”.

Open Terminal or PowerShell and change directory int your Downloads folder.

cd ~/Downloads

Extract the Minecraft Education Edition exe into the new folder by running following command in Terminal or PowerShell, replacing [user] with your username. I found the command only worked for me when I used the full path to the extraction location.

.\MinecraftEducationEdition_x86_1.14.50.0.exe /extract C:\users\[user]\downloads\MinecraftEducation\

This will extract the .msi and cab for Minecraft Education as well as the installer for the Visual C++ 2017 redistributable.

If you haven’t already, download a copy of the Microsoft Win32 Content Prep Tool to your Downloads folder from https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool

From Windows Terminal or PowerShell run:

IntuneWinAppUtil.exe -c <folder with the msi it in> -s <name of the .msi file extracted to MinecraftEducation> -o <where you want the package file saved>

I had IntuneWinAppUtil.exe in the Downloads folder, Minecraft version 1.14.50.0, and wanted the package file in my current folder so I ran:

.\IntuneWinAppUtil.exe -c .\MinecraftEducation\ -s MinecraftEducationEdition_x86_1.14.50.0.msi -o .

If you have a newer version of Minecraft, just use the name of the .msi file in your MinecraftEducation folder.

Once you have done so, you will have a file called MinecraftEducationEdition_x86_1.14.50.0.intunewin that can be uploaded to Intune.

Create & Deploy in Intune

Go to https://endpoint.microsoft.com

Choose Apps->All Apps

Click the Add Button

Choose the App Type “Windows app (Win32) then click Select at the bottom of the screen.

Choose the MinecraftEducationEdition_x86_1.14.50.0.msi you created.

Choose 64bit Windows 10 under the Requirements

Under Detection Rules choose “Manually configure detection rules”

Click + Add

Choose MSI for rule type. Intune will automatically enter the correct MSI Product code. Keep “MSI Product version check” as “no” so that the app won’t re-install if upgrades are done on the client side.

No Dependencies are needed.

Finally, assign it to whatever device groups you need. Devices in those groups will automatically download Minecraft Education Edition.

That’s it! Enjoy Hour of Code!

Linux

Borderlands 3 on Linux

Leave a comment

I was struggling to get videos working on Borderlands 3 on Linux through Steam and Proton. Without the videos, there are parts of the game you are unable to get past.

I found pieces to the puzzle on Proton DB (https://www.protondb.com/app/397540) but there were still some tweaks I had to make.

YMMV, but this is what worked for me on Kubuntu 20.04 with Radeon Graphics.

Make sure you have told Steam to run all Windows games in Proton 5.

Run the game:

Before you can install the media foundation workarounds you need the Proton setup for the game to have run. That’s easily done by just running Borderlands 3 once and then exiting out once you’re at the title screen.

Install the prerequisites: 

sudo apt install git cabextract python2 libudev1

Download and install media foundation workaround

Note that anywhere you see “Proton 5.0” you’ll need to use whatever the latest version number of proton is or the version you specified if you’re having the game run with a specific version.

mkdir ~/Downloads/bl3-mf/
cd ~/Downloads/bl3-mf/
git clone https://github.com/z0z0z/mf-install.git
cd mf-install/
WINEPREFIX="$HOME/.steam/steam/steamapps/compatdata/397540/pfx" PROTON="$HOME/.steam/steam/steamapps/common/Proton 5.0" ./mf-install.sh -proton
cd ..

Download and install the media foundation cab workaround

At the time of this post, the installer seems to be pointing to a file on Microsoft’s website that doesn’t exist anymore. These steps will download a working file manually and rename it to what the script expects. If you see a 404 error, you can ignore. If not, then the script has been fixed to point to a good location now.

sudo ln -svf /usr/lib/x86_64-linux-gnu/libudev.so.1 /usr/lib/x86_64-linux-gnu/libudev.so.0
git clone https://github.com/z0z0z/mf-installcab.git
cd mf-installcab/
wget http://download.windowsupdate.com/msdownload/update/software/svpk/2011/02/windows6.1-kb976932-x64_74865ef2562006e51d7f9333b4a8d45b7a749dab.exe
mv windows6.1-kb976932-x64_74865ef2562006e51d7f9333b4a8d45b7a749dab.exe windows6.1-KB976932-X64.exe
WINEPREFIX="$HOME/.steam/steam/steamapps/compatdata/397540/pfx" PROTON="$HOME/.steam/steam/steamapps/common/Proton 5.0" ./install-mf-64.sh -proton
cp mfplat.dll "$HOME/.steam/steam/steamapps/common/Borderlands 3/OakGame/Binaries/Win64/"

That’s it; see you on Pandora!

Linux

FIX: Plasma 5, Konsole, & TMUX

Leave a comment

The Problem:

I recently fired up Konsole and tried using tmux when I suddenly realized that Control-B wasn’t working.

Plasma, in one of their recent updates, seems to have added an “Add Bookmark” global shortcut to all Plasma apps mapped to Control-B. While it’s active, Control-B in Konsole won’t get sent to tmux, but will instead keep adding bookmarks to the Konsole Bookmarks menu.

The Fix:

Open System Settings
Under “Workspace” choose “Shortcuts”
Select “Standard Shortcuts”
Find “Add Bookmark” in the list
Change the Shortcut to Custom, then don’t assign a key sequence. This will set it to none.

Once changed, tmux should immediately start working again

Uncategorized

Fix Unity Editor Crashing In KVM

2 Comments

Or: How to fix Unity error 0x0000142

I wish I could re-find the Unity Community article where I found this solution so I could credit the original source. If I find it I’ll link here.

Anyway, if you’re here you might be getting error 0x0000142 trying to run Unity Editor 2019.2.x in a virtual machine in KVM (or another hypervisor).

The culprit is openimagedenoise.dll

The fix is simple: Install any version of Unity Editor 2019.3.x (either directly or from the Unity Hub) and copy openimagedenoise.dll from the Unity Editor 2019.3.x folder to the Unity Editor 2019.2.x folder. Overwrite the existing file.

If you’re using Unity Hub that’s:
From: C:\Program Files\Unity\Hub\Editor\2019.3.0b4\Editor\openimagedenoise.dll
(Replace 2019.3.0b4 with whatever 2019.3 version you installed)
To: C:\Program Files\Unity\Hub\Editor\2019.2.18f1\Editor
(Again, replace 2019.2.18f1 with whatever 2019.2 version you’re using)

That’s it! Run Unity 2019.2 and everything should just work.

Windows

Fixing the Windows 10 Photos App

Leave a comment

I recently upgraded a whole bunch of Windows 10 desktops to build 1903. There were almost no issues, but I found a that more than a few had trouble with the Windows Photos app afterwards.

Here’s the collective wisdom I’ve found on how to fix it:

The Windows 10 Photos app is installed per user, so make to sure to log into the computer as the user having the problem.

First, remove the broken Photos app:

Open PowerShell (not as administrator)

Get-AppxPackage Microsoft.Windows.Photos | Remove-AppxPackage

Once it’s gone, you can re-install it from the Microsoft Store:

Open the Microsoft Store app

Search for Microsoft Photos

Click on the app, then click Get

If asked to sign in, you can click “No Thanks”

Click “Install”

After 15-30 seconds, Photos will begin to download.

That should do it!

KDE, Linux

Adventures in Plasma Land

Leave a comment

Or, can a man fall in love with KDE, 20 years later

KDE has never been able to capture my heart. I remember trying KDE 1.1 or so on Madrake Linux 6 in the late 90s. It just never clicked for me. I opted instead for Enlightenment. Ever since then, I’ve tried it every year or so to see if I could understand peoples’ love for it. I didn’t fall for KDE 3.5 that so many people remember fondly, or KDE 4, which people recall much less fondly. I’ve peeked in on KDE Plamsa 5 during it’s development, but it never was able to bring me in. But here I am, in 2019, about 20 years since I started using Linux, and I’ve giving KDE Plasma 5.16.4 a go!

Background

So, why now? Well, as I said, I try KDE every now and then. Something about it always draws me in, before turning me off again. I recently ended up down an internet rabbit hole following articles on Plasma mobile, Qt Python bindings and even Qt C# bindings for .Net Core (and I love me some C#). I wondered: “Could Plasma, Plasma Mobile, Qt, and C# be the epic combo of my dreams?” Let’s find out!

Setup

I’m running KDE Plasma 5.16.4 on KDE Neon Linux. Neon is based on Ubuntu 18.04 LTS using KDE’s own, and constantly updated, repos for Plasma itself. I figured as long as I’m giving a fair shake, I ought to go right to the source. (As I’ve written this article, I’ve upgraded across a few versions of 5.x Plasma)

I’m running it on my trusty desktop with a Core i7 920, AMD Radeon RX 560, 12 GB RAM, a 512 GB SSD, and a HiDPI monitor at 3840×2160. It’s my daily driver at home for general computing, gaming, and game development.

I’m also running the X11 version of Plasma, rather than Wayland. I did some testing and Wayland seems to be particularly fluky with AMD graphics, though remarkably stable on the Intel-graphics based laptop I tested on. Your mileage may vary.

KDE System Info

Window Dressing

At work I use a Mac, so having the close, minimize and maximize icons on the left just keeps my flow going. I really thought this was going to be one of those “sorry, can’t do with Plasma” things. Oh, how wrong I was! In face, Plasma lets you customize all the icons on title bar.

Titlebar icon placement is handled by the “Look and Feel of Windows Titles” settings menu.

Bluetooth

I was able to connect a Bluetooth Microsoft Arc Mouse and my Apple AirPods without any difficulty whatsoever. Major bonus in my book!

Scaling

One of things I love about Plasma is the decimal-based resolution scaling. Wheres the GTK-based desktops I’ve used require scaling at 1x, 2x, 3x, etc., Plasma allows you too choose, for example, 1.5x. This is a huge improvement for HiDPI displays.

The caveat is, you’re probably not going to be running all Qt apps. Invariably, you’ll also run some GTK apps as well. These will ignore your scaling. This was the case for me with Unity Editor.

Luckily, there’s an easy fix!

Open kmenueditor

Find the app you need to scale

Prefix the command with: GDK_SCALE=2

Multiple Displays

While this isn’t an issue for me on my main computer, I did want to see how Plasma handled multiple monitors in case I’m able to get a 2nd display at home someday. Using a test laptop with Intel-based graphics I had no problem at all running Plasma with two 4K monitors daisy chained with DisplayPort.

Extra Surprises

PSD Previews

One of the things that drives me crazy about Nautilus is that it doesn’t support the preview of PSD files out of the box. Perhaps there’s a plugin or setting somewhere, but not that I could find. I was thrilled to open a folder with a whole slew of PSD files and see previews of them working by default.

Latte Dock

If you’re a lover of docks like I am, I can’t recommend Latte Dock highly enough! Latte Dock is integrated beautifully into the Plasma ecosystem, with all the fun stuff like pinning and app actions. For example, the Spotify app will give you playback options right from the dock icon.

Issues

Media over SMB

Dolphin (KDE’s file manager) does fantastic job of browsing SMB shares. It’s handy to be able to view shares without actually mounting them, but there’s quite a few drawbacks. Most frustrating was getting media to play when double clicking the file. I was eventually able to get it to work with VLC by using the snap version and dragging/dropping the file into the VLC window, but this still required me putting in my username and password for each video. My recommendation: mount the share, and everything works fine. I found smb4k recommended in a forum for this, and it does a fantastic job. Just make sure to exclude it’s default mount point, ~/smb4k, from your backup jobs.

Discover

Discover is Plasma’s app installation and system update tool. It’s gotten much better over the years (and even since I began writing this article), but can still be finicky.
For example: if I search for ‘kmenu,’ I get nothing. It’s not until I search for ‘kmenuedit’ that I get a search result. I just seems by now that I should be able to do a partial search and good results.

Wherefore art thou kmenuedit?
Oh, there you are.

I will say this about Discovery though, it’s ability to handle both apt and snap versions of packages is very convenient!

KRDC

KRDC is a Qt-based remote desktop app for Plasma. It works great on a regular-resolution displays, but has some strange scaling issues for me on a HiDPI display and AMD graphics. I like to have a bunch of remote desktop sessions open at once, so I’ll typically have the remote desktop display be the current size of the client window. This works great in Remmina (the GTK equivalent of KRDC), but with KRDC I can never get it working quite right. (See below)

My old Windows VM and Plex server, before I migrated it to Ubuntu

Verdict

I’m sold! I started this article about four months ago wondering when I’d switch from Plasma back to Budgie. Now, I can say without a doubt that Plasma will remain my desktop of choice for the foreseeable future. Great job Plasma team!

Linux, Ubuntu, ZFS

ZFS on Ubuntu server

1 Comment

Ubuntu Home Server Setup Part II

Welcome to Part II of my Ubuntu Home Server build! In Part I, I did a very basic Ubuntu Server install. In this part, I’ll be creating a ZFS pool and volumes to store all my data on.

Other parts of this guide can be found at:

Home Server With Ubuntu

Setup

I’ll be setting up a server with 8 physical drives.

Disk 0: SSD for OS

Disk 1: SSD for ZFS Intent Log (improves write performance)
(read fantastic information about it here: http://nex7.blogspot.com/2013/04/zfs-intent-log.html)

Disk 2: SSD for L2ARC caching (improves read performance)

Disk 3 – 7: HDDs for ZFS Pool (where all my data with be stored)

Quick disclosure: I’m *far* from a ZFS expert. From what I’ve gleaned, this should suffice for home / small business use. If you’re planning something enterprise-grade, find an expert!

Install Ubuntu

Perform a regular Ubuntu server installation, or use an existing server.

SSH Into the server, rather than using the console. You’ll want to be able to copy and paste when you setup the zpool.

Install ZFS

sudo apt install zfsutils-linux

Create the ZPOOL

I’ll be using RAIDZ (which is like RAID-5) to get redundancy on my disks without losing too much usable space.

ZFS offers many other options, like RAID0, 1, 6, etc. Use whichever is appropriate for your workload.

It is very strongly recommended to not use disk names like sdb, sdc, etc. Those might change across reboots.

Many of the articles I’ve read suggest using UUIDs . However, my experience on Ubuntu Server is that these are not assigned to blank disks. Therefore, I will be using disk paths instead.

These are verbose and a bit of a pain to type, but they make sure you know exactly what disk you are referring to should you need to swap drives in the future. They will also not change on reboots.

To see your installed disks run:

ls -lh /dev/disk/by-path

My output looks like

adam@normandy:~$ ls -lh /dev/disk/by-path
 total 0
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:00:1f.2-ata-5 -> ../../sr0
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:0:0 -> ../../sda
 lrwxrwxrwx 1 root root 10 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:0:0-part1 -> ../../sda1
 lrwxrwxrwx 1 root root 10 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:0:0-part2 -> ../../sda2
 lrwxrwxrwx 1 root root 10 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:0:0-part3 -> ../../sda3
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:1:0 -> ../../sdb
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:2:0 -> ../../sdc
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:3:0 -> ../../sdd
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:4:0 -> ../../sde
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:5:0 -> ../../sdf
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:6:0 -> ../../sdg
 lrwxrwxrwx 1 root root  9 Jul  8 09:06 pci-0000:02:00.0-scsi-0:0:7:0 -> ../../sdh

I chose to install Linux on my 1st drive (sda). I’ll be using sdb for the ZIL, sdc for L2ARC, and sdd, sde, sdf, sdg, and sdh to for the data pool.

First, I’ll setup the data pool. This is where SSH is handy, since you can copy/paste your paths from above.

In my example below, I’m naming my pool “data.” You can use a different name if you’d like. If your setup is like mine, you’ll create one pool with many volumes in it.

I’m using drives with 4k physical sectors, so I’m adding the option: -o ashift=12
This should increase performance, but at the cost of total storage space. You an remove this option if you don’t think it’s a good fit for you.

sudo zpool create data -o ashift=12 raidz /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:3:0 /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:4:0 /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:5:0 /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:6:0 /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:7:0

To confirm this worked, run:

zpool list

You should have something like:

adam@normandy:~$ zpool list
NAME   SIZE  ALLOC   FREE  EXPANDSZ   FRAG    CAP  DEDUP  HEALTH  ALTROOT
data  18.1T   238K  18.1T         -     0%     0%  1.00x  ONLINE  -

Next I’ll tell ZFS to use sdb as the ZFS Intent Log

sudo zpool add data log /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:1:0

Then I’ll tell ZFS to use sdc as the L2ARCH cache

sudo zpool add data cache /dev/disk/by-path/pci-0000:02:00.0-scsi-0:0:2:0

If I run zpool status, I should see my data, ZIL, and cache drives

adam@normandy:/data/download/secure$ zpool status
  pool: data
 state: ONLINE
  scan: none requested
config:

        NAME                               STATE     READ WRITE CKSUM
        data                               ONLINE       0     0     0
          raidz1-0                         ONLINE       0     0     0
            pci-0000:02:00.0-scsi-0:0:3:0  ONLINE       0     0     0
            pci-0000:02:00.0-scsi-0:0:4:0  ONLINE       0     0     0
            pci-0000:02:00.0-scsi-0:0:5:0  ONLINE       0     0     0
            pci-0000:02:00.0-scsi-0:0:6:0  ONLINE       0     0     0
            pci-0000:02:00.0-scsi-0:0:7:0  ONLINE       0     0     0
        logs
          pci-0000:02:00.0-scsi-0:0:1:0    ONLINE       0     0     0
        cache
          pci-0000:02:00.0-scsi-0:0:2:0    ONLINE       0     0     0

errors: No known data errors

Create the Filesystem

Now that the zpool exists, we can create filesystems on top of it.
A pool can have multiple filesystems. I’ll create one for media, and one for virtual machines (because that’s what I need).

sudo zfs create data/media
sudo zfs create data/vm

To confirm it was created correctly run:

zfs list

And it should look something like this:

adam@normandy:~$ zfs list
 NAME         USED  AVAIL  REFER  MOUNTPOINT
 data         210K  14.0T  36.7K  /data
 data/media  35.1K  14.0T  35.1K  /data/media
 data/vm     35.1K  14.0T  35.1K  /data/vm

I would also suggest the following tweaks. Combined, they increased my zfs throughput 50-100%! They were recommended by https://unicolet.blogspot.com/2013/03/a-not-so-short-guide-to-zfs-on-linux.html and https://www.servethehome.com/the-case-for-using-zfs-compression/ as I searched for solutions to my less-than-stellar zfs performance.

zfs set xattr=sa data/media
zfs set atime=off data/media
zfs set compression=lz4

All of your zfs filesystems are automatically mounted. 

adam@normandy:~$ mount
...
data on /data type zfs (rw,xattr,noacl)
data/media on /data/media type zfs (rw,xattr,noacl)
data/vm on /data/vm type zfs (rw,xattr,noacl

You can use them just as you would any mounted filesystem. That’s it!

Linux

Basic Ubuntu Server Installation

4 Comments

This is Part I (the boring part) of my Ubuntu Home Server install.

Other parts can be found at:

Home Server With Ubuntu

For anyone who’s installed Ubuntu Server before, there’s not much here for you. I’m putting this here for anyone starting out with Ubuntu and for the sake of completeness.

Also, my 1st warning: this is the setup I think will serve me best for my particular situation. It may not be the best for you, and, while it’s somewhat redundant, it certainly isn’t “enterprise-grade.” You were warned ?

In the steps below, anytime you see something in brackets, replace it with the correct value for your system, without the brackets.
For example, if you see:
ssh [username]@[ip address]
You should really enter something like:
ssh me@192.168.1.1

Why Ubuntu?

All the major Linux distros are awesome. You really can’t go wrong! For servers, I’ve typically gone with Centos in the past (and on this Ubuntu server will be many Centos virtual machines). However, there is one reason I’ve decided to go with Ubuntu in this instance: ZFS. Ubuntu has ZFS baked in, whereas Centos and Fedora require recompilation of kernel modules after major OS upgrades. Since I want this box to be as turnkey as possible (if it goes down, my internet will go down as well), Ubuntu it is!

Installation

First, download the Ubuntu Server iso from Ubuntu. I’ll be using the 18.04 LTS release, since I prefer to stick to LTS releases for critical infrastructure.

https://ubuntu.com/download/server

Next, either burn the iso to a DVD or image it to a flash drive. If you use the flash drive method, I recommend Fedora Media Writer. It’s available for Windows, MacOS, and Linux, and will image pretty much any Linux distro to USB.

https://getfedora.org/en/workstation/download/

Once you’ve got a bootable DVD or flash drive, boot from it. Most servers and workstations will tell you which key to press on the keyboard to get to your BIOS/UEFI boot menu.

After booting, choose *Install Ubuntu Server.

Choose your language.

Choose your keyboard layout.

Choose Install Ubuntu.

I’m going to use DHCP for now and set static IP later when I configure the virtualization networks for KVM. If you need to configure a static IP, you can do so here.

If you use an internet proxy, set it here.

Choose the default Ubuntu mirror.

I prefer to use LVM in case I need to resize partitions in the future.

I’ll be using one SSD as a boot volume. Choose whichever drive you’ll be booting from. I’ll be using all of the rest of the drives for ZFS, so I’ll leave them as they are for now.

By default, Ubuntu will only use 4GB of your drive for the root partition. Since all of my other data will live my ZFS volumes, I’ll expand the volume to use the whole 1TB.

To change the size of the root volume, use the down arrow to chose “ubuntu-lv,” press Enter, then choose “Edit.”

Ubuntu will helpfully tell you the max size you can set the partition to. Enter that number and choose “Save.”

Choose “Done.”

Let Ubuntu know your name, your computer’s name, the username you’d like to use, and the password you’d like to use.

You now have the option of installing a secure shell server. This will allow you to log in remotely. I’ll be installing this.

You also have the option of installing some other services. You can always install these later. I’ll be skipping them and just choosing “Done.”

When the installation has finished, choose “Reboot Now.”

Remove the bootable DVD or flash drive and press Enter.

Log In

Once the server has rebooted, you can log in to the server itself or via SSH (if you installed SSH).

If you need to find out your server’s IP address for SSH, log in via the console and run the following:

ip address

Then on the computer you are using to SSH into the server run:

ssh [username]@[ip address]

Updates

Before anything else, let’s make sure everything is up-to-date.

sudo apt upgrade

Once that has completed, you may need to reboot.

sudo reboot

KDE On a Server?

Let’s get right to it: it’s not considered security-wise to install a GUI on a server. However, I’ll be using things like Handbrake and Virtual Machine Manager, so I’ll be putting on KDE. To add a bit of security and save memory, I’ll manually start KDE when I need it.

To install just the very minimum of KDE (you can always add the other bits later), run:

sudo apt install kubuntu-desktop --no-install-recommends

I’m also going to install a couple other KDE apps to make my life easier. KDE’s Konsole terminal and the dolphin file manager:

sudo apt install konsole dolphin

If you want all of KDE, and have it start be default, you can simply run this instead:

sudo apt install kubuntu-desktop

If GNOME is more your thing, you can install it with:

sudo apt install ubuntu-gnome-desktop

If you install just the minimum KDE, your server will still boot in console mode. To start KDE, simply log in and run:

startx

Since I’ll often want to use the UI remotely, I’m also going to install a package called xrdp. This will serve a desktop over the RDP protocol so I can get a desktop remotely:

sudo apt install xrdp

This will install xrdp, configure the service to start automatically, and start the service. Once it’s finished, you can connect to your server’s IP address via any remote desktop app and use the same username and password you use to log in locally.