Kiosk mode is quite useful, if you have some machines that you want to put in a public area for visitors to use, or for machines that are used in displays etc. Or if you have some older PC’s that you just want to repurpose as internet terminals or ‘point of sale’ box’s.
Essentially it’s a system that delivers a virtual VMware View desktop to a PC or Thin client without the need to authenticate to the connection server. Kiosk authentication is disabled by default, so you need to run a few commands to get it enabled.
Solution
Before starting you will need a Virtual Machine ready to be used for the Kiosk machine. You might want to create this machine with a “nonpersistent” disk.
Note: Alternatively you can create a user that matches the MAC address of the client machine and auto generate a password like so, (this assumes the thin client or PC’s MAC addresses is 3C:4A:92:D3:12:1C).
4. Then allow this connection server to accept kiosk connections with the following command;
[box]vdmadmin -Q -enable -s PNL-CS[/box]
Note: Where PNL-CS is the name of my VMware Connection Server.
5. You can view the settings configured on this connection server with the following command;
[box]vdmadmin -Q -clientauth -list[/box]
6. While still on your connection server open VMware View Administrator, and create a ‘Pool’ for your Kiosk machine.
7. Manual Pool > Next.
8. Dedicated > Next.
9. vCenter virtual Machines > Next.
10. Next.
11. Give the pool an ID and Display name > Next.
12. Select the machine you are using as the source for the Kiosk machine > Next.
13. When the pool is created > Entitlements.
14. Add in the group that you created in step 1 > OK.
15. Just check on the ‘desktops’ tab and make sure the machine is listed as ‘available’.
Step 3: Connect to the Kiosk Machine
16. Now from your client machine or thin client, you can execute the following command to open the kiosk session.
Note: In a live environment you may want to make the host machine or thin client automatically log on and put this command in the ‘startup’ folder, or call it from a startup/logon script so the machine will boot straight into the kiosk virtual machine.
17. All being well you should be presented with the kiosk VM machine, note you no longer get the normal VMware View tool bar etc, it will behave as if the machine is in front of you.
Related Articles, References, Credits, or External Links
I long time ago this site was hosted in my dining room, on a PC under my desk. I was running Windows and IIS. When I moved the site to a hosted Apache Linux server, I discovered that Linux is a little more rigid on its rules for file extensions. For example in Windows .JPG and .jpg is the same thing, but on a Linux box that’s NOT the case.
As I’ve used the Windows Snipping Tool a lot in the past my older images have a .JPG or .PNG extension, if your websites URL’s point to filename.jpg, then the URL will work in Windows but it WON’T work on a Linux web server (in my case Apache).
I fixed all the broken URL’s a long time ago, but the file extensions remained. This annoyed my Technical OCD, so this afternoon I decided to rename all the .JPG files to .jpg, and all the .PNG files to .png.
Note: I changed all the URL’s with a a simple file and replace in Dreamweaver.
Solution
To rename all the files in a folder simply use the ren or the rename command;
[box]
ren *.JPG *.jpgNote: If you wanted to change all the extensions to something else that's fine too e.g.
ren *.htm *.txt
[/box]
The limitation is you cannot do the same if you have folders and subfolders, you need to rename all the file extensions recursively. To do that use the following syntax.
[box]
forfiles /S /M *.JPG /C "cmd /c rename @file @fname.jpg"
Note: As Above, if you wanted to change all the extensions to something else that's fine too e.g.
forfiles /S /M *.JPG /C "cmd /c rename @file @fname.jpg"
[/box]
So to fix my problem I only needed two commands.
Related Articles, References, Credits, or External Links
I’ve covered setting up NDES at length in the past, but what happens when your issued certificates expire? If you are using them for all your VPNs what then? Well thankfully you can get your devices to automatically re-enroll and before they expire, for example to renew the cert at 80% of its lifetime you would use the following;
However, there is a problem, if you are using Server 2008 there’s a hot-fix (and you need to make the following change as well) I’m on Server 2012 and mine was failing.
Solution
1. On the server running the NDES Server role > Open the registry editor and navigate to;
Create a new 32bit DWORD Value called DisableRenewalSubjectNameMatch and set its value to 1 (one).
2. Also ensure the certificate that you are using or NDES, has the following settings, here I’m using a custom template called NDESTemplete, If you are using the default one it will be called ‘IPSec (Offline request)‘. On the Subject Name tab make sure ‘Supply in the request’ is selected.
3. On the ‘Issuance Requirements’ tab, ensure ‘CA certificate manager approval’ is NOT selected.
Related Articles, References, Credits, or External Links
In part two we built our reference machine and took an image of it using WDS. Now to automate the deployments we need to create some unattended answer files, these will answer all the questions that the Windows 8 machines will ask while they are building. We will take those files and import them into the WDS server we configured in part one. Finally to make sure everything is working we will deploy Windows 8.
Solution
Download and Install the Windows Assessment and Deployment Kit for Windows 8
1. We used to have the WAIK for Windows 7, now this has been replaced with the ADK. (download link).
2. It’s a MASSIVE download, it will take a long time.
Create a WDS Distribution Share
1. On a drive that has some room (Approx 5GB should be fine,) create a folder.
2. Launch the System Image Manager.
3. In the top left section > Right click ‘Select a Distribution Share’ > Select ‘Create Distribution Share..’
4. Navigate to the folder you created earlier.
5. Now you don’t need to do this next part, but I copy the full contents of the Windows 8 DVD into this folder as well.
6. Like so.
7. Then in the bottom left section > Right click > ‘Select Windows Image..’.
8. Navigate to the Windows 8 Media > Sources Directory > Select ‘install.wim’.
Note: The install.wim MUST match the version you are going to deploy, it’s no good pointing to a Windows 8 Pro image if you are going to deploy Windows 8 Enterprise.
9. Select the version you are going to deploy > OK.
10. This is normal, select yes to create a catalog file. It will take a while, it has to mount the image, interrogate it and create all the components. Now would be a good time to put the kettle on.
Create the Unattended file for WDS (WDSUnattended.xml)
This unattended file will be just for the WDS settings, it will not be applied to the image you are going to deploy. It sets the keyboard and language settings for WDS to use, then it gives the credentials to connect to WDS, and wipes all the partitions from the target machines hard drive. It then repartitions it ready for deployment.
WARNING: As reiterated below, the disk configuration settings below will wipe the target machines drive of ALL partitions, even manufacturers rescue partitions. If you are imaging machines anyway this should not be a problem, but don’t email me to complain of you lose the recovery files for a laptop/PC while you were practicing!
1. Create a new answer file.
2. The components may not start amd64 (if you are deploying x86 images) and some of the numbers might be different on yours. But the main titles of the components will be the same. Locate Microsoft-Windows-Internationa-Core-WinPE.
3. Add it to Pass 1. If you are unfamiliar with SIM, you add a component (or a sub component) to one of the ‘Passes’ in the center, then you can select that component (or sub component) and set the values for its settings in the top right hand section. The SIM builds an XML file in the background which will become the unattended answer file.
4. You will now see this component under pass 1, select it and set the following settings. (These are for my local English Great Britain settings, you may need to change your settings according to your locale).
Wiping the Targets Hard Drive and Partitions with WDS
6. Locate the Microsoft-Windows-Setup component > Disk Configuration sub component.
7. Add to Pass 1.
8. Right click > Insert New Disk.
9. Expand > Disk > Create Partitions > Right click > ‘Insert New CreatePartition’.
10. Select the DISK.
Disk ID = 0 WillWipeDisk = true
11. Select the Partition.
Extend = true Order = 1 Type = Primary
12. Right click ModifyPartition > Insert New ModifyPartition.
13. With the new ModifyPartition selected.
Action = AddlistItem Active = true Extend = false Format = NTFS Label = SYSTEM Letter = C Order = 1 PartitionID = 1
Select Partition to install Image to
1. Locate the WindowsDeploymentService sub component, (also in Microsoft-Windows-Setup).
2. Add to Pass 1.
3. Expand Image Selection > Install To.
Disk ID = 0 PartitionID = 1
4. Expand Login > Credentials.
Domain = {Your domain name i.e. petenetlive.com would be PETENETLIVE). Password = {Of a user with administrative rights – IT WILL GET OBFUSCATED*). Username = {Of a user with administrative rights).
*I used to say ‘encrypted‘, but thats NOT the case, they are simply Base64 encoded.
Attach the Answerfile to the WDS Server
1. Save the file you have just created.
2. Place it in your Remoteinstall folder in the WdsClientUnattend sub folder.
3. Launch the Windows Deployment Services management console > Expand Servers > Right click your server > Properties.
4. Client tab > Tick to enable unattended installation > I’m deploying x64 bit images so next to that option > Browse.
5. Navigate to and select the file you have just created > Open > Apply > OK.
Create the Unattended file for Your Image (OOBEUnattend.xml)
1. Create a new answer file.
2. Locate the Microsoft-Windows-Shell-Setup component.
3. Add to Pass 4.
4. With the component selected.
ComputerName = * CopyProfile = true (Unless you don’t want to copy the profiles from your source image). ProductKey = Your 25 character Windows 8 unlock code Note: Only put in a code of you are deploying with MAK keys or Retail Keys, if you are planning on using KMS leave this option blankRegisteredOrganization = Your business name. RegisteredOwner = Your owners name. ShowWindowsLive = false {now depreciated for Windows 8} TimeZone = GMT Standard Time Note: For other time zones see here
Automatically Join the Domain
1. Locate the Microsoft-Windows-UnattendedJoin component
2. Add to Pass 4.
3. With Identification selected.
JoinDomain = {Your domain name i.e. petenetlive.com would be PETENETLIVE). UnsecureJoin = true
Set the Image Language and Keyboard Settings
4. Locate the Microsoft-Windows-International-Core component.
Set the Local Administrator Password and Add a Local Administrator
Note: The local admin account is disabled by default, so here I’m setting the local admin’s password, and then creating a new local admin user called Sysadmin.
1. Locate the Microsoft-Windows-Shell-Setup component > UserAccounts sub component
2. Add to Pass 7.
3. With AdmnistratorPassword selected set the password value.
4. Right click LocalAccounts > Insert New LoacalAccount.
5. With LocalAccount selected.
Action = AddListItem Description = Sysadmin DisplayName = Sysadmin Group = Administrators Name = Sysadmin
6. Then set the password value.
7. Save the answer file.
8. Save the file as OOBEUnattand.xml
Attach the Answer file to the Windows 8 Image
1. Launch the Windows Deployment Services Management console.
2. Locate the Windows 8 Image you are attaching the answer file to > Right click > Properties.
3. Tick the option ‘Allow image to install in unattended mode’ > Select File > Browse.
4. Select the OOBEUnattend.xml file you created earlier.
5. Note: It makes a copy of the file and stores it elsewhere calling it ImageUnattend.xml (watch out for this if you need to edit the answer file and nothing changes!)
Deploy Your Windows 8 Image.
1. Boot your target machine to the network via pXe > Press F12 to boot from the WDS.
2. Install an Image.
3. Select the image you want to deploy.
4. After the install, the machine should reboot and present you with a domain logon.
5. And your programs and settings will be pre-configured.
Related Articles, References, Credits, or External Links
My wife asked me how to do this today. I don’t use Excel much, most people think because I work in IT I know everything about all software packages, and they are surprised when I’m asked questions like this, and I say ‘I don’t know I’m a network engineer’.
But seeing as it was for the better half, I fired up Excel and worked it out. (This must be worth at least a cup of Tea!)
Solution
Step 1 – Create the source Data
1. Select the sheet that you want to populate the drop down list from, or create a new one and call it something sensible.
2. Type all your values into a column.
3. Select the column (you can select the cells but then if you add any new data it wont be added to the drop down).
4. In the ‘Name’ Section give the range a name i.e. garment, then press Enter.
Step 2 – Create the Drop Down List
1. Select the sheet that you want the drop down box to appear on.
2. Select the Cell where you want the drop down.
3. On the ‘ribbon’ select data.
4. Data Validation.
5. Settings tab.
6. Change allow to ‘list’.
7. Set Source to ‘={the range name you used above}’ OK.
8. The drop down (list box) will be created.
Related Articles, References, Credits, or External Links
AnyConnect, is great for users, but most of them are not used to typing full URL’s into their browsers. Modern browsers will prefix your URL with ‘http://’ for you. That’s brilliant most of the time, but AnyConnect and SSLVPNneed to go to ‘https://’.
Wouldn’t it be good if your users typed vpn.petenetlive.com into their browsers, and instead of the browser ‘helpfully’ changing that to http://vpn.petenetlive.com, and it giving you an error message, the ASA redirected the traffic to https://vpn.petenetlive.com automatically?
Solution
There is just one command to do this for you, and it’s ‘http redirect outside 80‘. Below I’ve enabled it then saved the change.
[box]
Sent username "pix"
Type help or '?' for a list of available commands.
PetesASA>
PetesASA> enable
Password: ***********
PetesASA# configure terminal
PetesASA(config)# http redirect outside 80
PetesASA(config)# write mem
Building configuration...
Cryptochecksum: ac21d44c 109662c4 66495572 e5a106c7
49756 bytes copied in 3.540 secs (16585 bytes/sec)
[OK]
PetesASA(config)#
[/box]
Related Articles, References, Credits, or External Links
Lovers of iTunes will say, just put your new music in the “Automatically Add to iTunes” folder,
Automatically Add to iTunesFolder Location
MAC OSX Music iTunes iTunes Media Automatically Add to iTunes
Windows: C:Users{user name}MusiciTunesiTunes MediaAutomatically Add to iTunes
Well that’s great, but I like to keep my music organised by artist alphabetically. I also like to organise things myself. What if you want to download some mp3 tracks from a source other than the iTunes store! Or you have torrented down some (completely legal) tracks you want to add to your music collection? Or I have TONS of music I want to add, and I want to keep that on my USB drive, what then?
Why can’t there simply be a button to “re-sync” your music from your folders? Because as usual if you don’t do things the “Apple Way” then tough, they are not interested.
2. You might struggle to find it once its installed! Open Windows explorer and navigate to c:Program files (x86)iTunes Library Updater and run the ITLUgui.exe file. (If you plan on using this a log I’d right click it, and select send to Desktop (create shortcut). Add in your folder(s) and select Start.
3. To Automate: Edit the batch file that comes with the software (iTLU.bat), by opening it in notepad, and change the folder path from mine to yours.
4. Then to sync, simply run the batch file.
Related Articles, References, Credits, or External Links