This blog has become stagnant. I’ve moved it off of Squarespace to this WordPress archive for anyone that still finds the information useful. By far the most popular post I’ve ever written was the one on Converting a PFX to a JKS. Which to this day gets a respectable 30 hits a day despite it being written in 2009. Thanks to anyone who ever read the site regularly. The site never really had much direction and spent a lot of time trying to figure out what it wanted to be. In the end, after reviewing every post, it seems the main topic was technical issues that Windows System Administrators face in the field. Travel and wine, two other things that interest me, made there way in as well. I’ve moved away from day to day tech work personally and am now in an engineering role, which I think is one of the reasons I posted less. I don’t think this is the end of blogging for me. I intend to start a new project in 2012 which will not involve server technology. Thanks again for reading and have a good night!
Author Archives: steven
Thoughts on the Social Crash
I recently read a very thought provoking article by Julien Smith. I absolutely agree with his thoughts, especially where he points out, that the only people that will be affected are the people that have a vested interest in Social Media.
For a quick experiment, I started writing names of anyone I’ve known offline for over five years. I chose 5 years real time as a base because these are people I’ve known long before the advent of twitter. I’d like to be clear that I mean, really know these people, on a personal level. I suspect the numbers would be different if say I used names of people I met elsewhere online over the last two years, but I have a suspicion the numbers would scale accordingly. I gave myself a time limit of three minutes. I came up with 36 individual names. I then went through and tallied the services these 36 use. The numbers came out like this:
Facebook: 27 (75%)
Twitter: 7 (19.4%)
FourSquare: 5 (13.8%)
Gowalla: 0 (0%)
A Blog (any platform other than FB or Myspace): 5 (13.8%)
I should also note here. That two of the FB accounts have no posts, they were created for the sole purpose of listening. No contribution is ever made. One of the twitter accounts exist, but has never made a single tweet and has no followers.
My point is, there are tons of people out there who are not into social media. They do not know what social media is or can care less about it. They still use the internet the “old” way. E.G: banking, research, anonymous browsing, shopping, forum lurking. The social media bubble will only affect people who have a vested interest in it. My group of people would probably be upset if Facebook bombed and shut off, but then would just go back to email, or phone calls, to keep in touch. The other services would go unnoticed, except by the people that use them.
Direction of the blog
In the very near future I am going to rework this blog. I’ve garnered a significant amount of traffic from a number of posts I wrote on the topic of Secure Socket Layer certificate conversion. I wrote the posts because, like others, I found the lack of decent documentation on the subject. Finding well-written documentation was mostly an impossible task. Most documentation I found was written horribly and typically buried deep in overwhelmingly technical talk. Lets face it Systems Administrators are typically not the best writers. Although the SSL posts, and a number of other technical tutorials I’ve written net me a respectable amount of hits per day, writing tutorials about SSL Certs and server problems is not something I’m passionate about.
The information is obviously still relevant so I am not going to delete it. I intend to move all the tutorials to an archived section of the blog, but I will be closing out the comments. I will also not be updating or writing any more tutorials. I’m not sure how long this transition will take, since I have to go in and update the links and such but the Server Administration section will be moving to a less visible part of the site.
Export A PFX File From Windows
Exporting a SSL certificate as a PFX will allow it to be imported on any other server running Windows or Linux. To export a certificate using Windows:
1)Click Start.
2)Click Run.
3)Type “mmc” without quotes.
4)Press Enter.
A box will come up.
5) Click File.
6) Click Add/Remove Snap-in.
7) Click the Add button.
8) Scroll down till you find the container that says Certificates.
9) Highlight Certificates and press add.
10) Click on Computer Account then Next.
11) Select local computer then finish.
12) Click close on the box below it.
13) Click Ok.
Certificates (Local Computer) should now be seen under the Console root. Expand certificates and then expand personal. Locate the certificate that will be exported.
14) Right click on the certificate and go to all tasks export.
15) Click next.
16) Select Personal Information Exchange, Include all certificates in path, and enable strong protection.
17) Enter a password (you will need this to do the import).
18) Save it to wherever.
19) Then close out of everything and copy the file to the other server. Importing is different depending on the Operating System and other factors. For windows the above steps can be used to Import a certificate.
Great Parks In Texas To Take Younger Kids
I’ve got this question a number of times recently so I thought I would share my typical answers here. Kid friendly means a lot of things to different people. To me it’s a place where you can take the kids that is not necessarily completely devoted to hiking, and has other activities to keep them entertained. Many a parent has taken a trip to Lost Maples only to end up carrying a sleepy kid after about a mile into the trail. If my nephews are anything like other kids then Dinosaur Valley State Park would be one of my top choices. I like this park for a number of reasons; The park has model dinosaurs they can look at, fossils and tracks they can interact with, and a river to fish and play in, and for those that enjoy hiking, a nice bit of backcountry with primitive camping.
Garner State Park: You won’t find dinosaurs here, but there are Basketball courts, Mini-Golf, Paddle Boats, Cabins, a large trail system, and a big river. The cabins are nice for a family that wants to be outdoors but needs some amenities.
Goose Island State Park: Teach them to catch a fish. I remember going out and leaning to fish at a very young age and having a blast. The best part about using the park is that you do not need a fishing license to fish there. There is not much else to do here beyond fishing, but Corpus Christi is about an hour away and offers plenty of other attractions.
SharePoint 2010: There Was An Error In The Callback
Thanks to a recent customer I have a new troubleshooting tidbit for SharePoint 2010′s people picker. Thanks to Microsoft and a fellow technician for the help with this. If the People picker returns a call back error when searching for accounts in a remote domain in a one way trust take the following steps:
1. Ensure that the AD trust is working correctly. This can be done in Active Directory Domains and Trust on the Domain Controller.
2. The Farm Account should be a member of the local machine’s administrator group.
3. On the “HKLM\Software\Microsoft\Shared Tools\Web Server Extensions\14.0\Secure” registry key ensure the following permissions are in place and are being inherited in the sub-keys
* WSS_WPG Read permission
* WSS_Admin_WPG Full Control
* WSS_RESTRICTED_WPG_V4 Full Control
4. Get and copy the peoplepicker-searchadforests property value via stsadm command:
stsadm -o getproperty -url <URL> -pn peoplepicker-searchadforests
5. Clear the peoplepicker-searchadforests property value via stsadm command:
stsadm -o setproperty -url <URL> -pn peoplepicker-searchadforests -pv “”
6. Rerun the password encrypt command with different password:
stsadm -o setapppassword -password <NewPassword>
NewPassword can be anything you want.
7. Set the peoplepicker-searchadforests property value via stsadm command:
stsadm -o setproperty -url <URL> -pn peoplepicker-searchadforests -pv “domain:domain.local;domain:domain2.local,domain\username,password”
Texas Hill Country Wine Trail December 2010
I just recently returned from a trip to a number of wineries in Texas. I’ve done this specific trip for three years now and hit a number of them randomly throughout the year. The list of wineries grows each time, which is great since I’m always on the lookout for a good new wine. I believe the first time I went on the trail there were 21 wineries now there are 27. Overall the industry appears to be growing, which is great considering the vast majority of the producers are small operations the equivalent size of a microbrewery. Most don’t distribute to large retailers, which makes the experience at the tasting room all that more important and the wines subject to more scrutiny to collectors and wine lovers.
This post is going to be a bit lengthy and a bit unconventional. Since I’ve been doing this for a while, I’ve decided to list and discuss what I consider to be the top five wineries out of the 50ish I’ve been to over the last three years. Then for everyone’s entertainment, scrutiny, or whatever; I’ve posted the raw un-edited scribbles (tasting notes) I wrote on my iPad while at some of the wineries.
-
Grape Creek
- I love the wine here especially the Petite Syrah. The Cabernet Sauvignon is an excellent choice as well. The wine definitely does speak for itself. The tasting experience is not as personalized here, primarily due the amount of traffic they get being right in the middle of the 290 wineries and all. Sometimes I feel rushed when I’m there in the tasting room. But sitting out on the patio with a bottle by the fountain is extremely relaxing.
Perissos
- The Winemaker and his family are awesome. I’ve enjoyed a number of long conversations with them about everything from wine to the latest Cannon cameras. The vineyard dogs are also completely lovable. The experience here is more intimate than something you would find out in Fredericksburg. I love most of the wines made here.
Pillar Bluff / Texas Legato
- The Winemakers are actually brothers and own wineries literally right across the vineyard from each other. Gill, from Pillar Bluff also remembered us on site, which was very nice considering we only make it out there twice a year. Both wineries have some great stuff, but the Enology 101 from Pillar and the Petite Syrah from Legato stand out the most to me.
Rancho Ponte
- These wines stand out. Whenever I’m in Fredericksburg and have finished at Grape Creek, this place is next on the list. The wines have a distinctly unique flavor. The tasting room is made in the shape of a barn, but don’t let that fool you, the wine is serous. The Triple M Blend is by far my favorite here.
Retreat Hills
- The gem of the Bluebonnet Wine Trail in east Texas. This is a must go for some of the best wines the eastern region has to offer. Their wines have won a ton of medals in various competitions, and when you taste them the reason will be clear. The Blazin’ Blush is definitely a winner.
Now on with the scribbles.
Brennan Vineyards
- 08 Viognier — Dry, pear. Only one I really liked here.
- 08 Malbec — Light, mineral, cherry
- Cabernet Sauvignon — Not as hot or complex as most. Light finish.
- St. Red — Merlot and Syrah blend. Very dry, slightly sour. Smooth finish. Not very impressed.
- Syrah — Peppery and earthy. Did not taste like a Syrah.
Rising Star Vineyards
- 09 Chardonnay — Light, lacking Oak, sour.
- 07 Syrah — Extremely thin. Watery. Missing most elements of a Syrah. Didn’t like it.
- Wines overall lacked complexity.
Alamosa
- 05 El Guapo — Spicier than the 04, the 04 is still an excellent choice. In fact I still have two in the cellar. Earthy and spicy with a wonderful complexity. I picked up the 05 this time around.
- 07 Syrah — Hot with an aftertaste that lingers. Good wine.
- Palette — Light, mineral, soft finish. Good dinner wine to pair with non-spicy foods.
Fiesta Winery
- Home Sweet Home — Zinfandel. Smells like candied fruit.
- Syrah — I really didn’t think Syrah when I tasted it. It was missing the tannins and was way too sweet.
- Tempranillo — Peppery and spicy. Very nice finish. Ended up buying it.
Pillar Bluff
- Enology 101 — Cab / Merlot blend. Light, Earthy, and mineral. Picked up a bottle.
- Viognier — Peaches, apricot, and mango.
- White Merlot — A seasonal wine. Only 30 cases produced. Bought a bottle to have on Christmas.
- Kitty — Orange Muscat fortified with brandy. Too sweet for me, but the sweet wine lovers in the group loved it.
Texas Legato
- Chardonnay — Very smooth.
- Family Reunion — Spicy, cinnamon.
- Cabernet Sauvignon — Not as spicy as most. Low on tannins. Blended with Malbec.
- Petite Syrah — Delicious. I picked up a bottle.
Flat Creek
- 08 Syrah — Medium tannins. Oaky.
- 09 Pinot — Tart with. Light fruity flavor. I typically don’t care for Pinot, but this was pretty good so I got a bottle.
- 09 Bucking Horse — Cabernet Sauvignon. Cranberries, Cherries, smooth, light finish.
Fall Creek
- Chardonnay — Not dry enough for me. Very fruity and fresh.
- Muscat — Way less sweet than most Muscat’s’ I’ve tried, which for me was kind of a nice change. Tart with a bit of Lemon.
- Gotas de Oro — The winemaker is an extremely nice guy. The wine is great for Muscat lovers and the sweet wine crowd. Too sweet for me though.
- Cabernet Sauvignon — Light oak, mild tannins, dry finish. I liked it, but opted for a bottle of something else.
- Merlot — Surprisingly, this was what I went with. Light oak, heavy dry finish. I really liked it.
- Sweet Red — Alcoholic cool aid. Heavy sugar.
Perissos
- Petite Syrah – Winner. Great taste.
- Cabernet Sauvignon – Winner. Highly Complex, Spicy.
Spicewood Vineyards
- Semellon — Mellon, light finish,
- Chardonnay — Mostly citrus, light oak.
- Sauvignon Blanc — Grassy, sweet, very citrus. To sweet for me.
- Merlot Rose — Big on the nose, light on taste. Hint of strawberry, not very complex.
- Merlot — liquorish, cherry, very dry.
- Syrah — Coffee, semi-dry, smooth.
- Zinfandel — Not as hot or peppery as most I’ve had.
Bell Springs
- Just opened in July
- Grapes sourced from California.
- Pinot Grigio — Citrus, apricot, smooth finish.
- Malvasia Bianca — Grapefruit, smooth, light, wet finish.
- Chardonnay — Not very dry, fruity, light oak, slight spicy finish.
- Nebbiolo — slightly dry, slightly spicy.
- Dripping Sweet — Peach, smooth. Not as sweet as the name implies, which was nice. Good wine to sip on a hot day.
- Cab Franc — typically cab franc is used as a cutter for blending. This is a 100% cab franc. Smooth, little spice, cinnamon, mild tannins. I picked up a bottle of this.
- Merlot — Oak, semi-dry, smooth.
Driftwood
- Sangiovese — Cherry, dry, lingering spice.
- Merlot — Light and watery.
- Lone Star Cab — A sipping red wine. Not very complex. Light and smooth.
- Alamo Red — Merlot / Cab / Syrah blend. Semi-dry, oak, not very spicy.
- 05 Cabernet Sauvignon — Semi-dry, fruity, peppery aftertaste. Picked up a bottle.
William Chris
- 09 Merlot — Dark cherry, semi-dry, light finish.
- 09 Malbec — Slight spice, semi-dry
- 09 Hunter — Late harvest grape, very smooth.
Grape Creek
- Missed the Petite Syrah again. New batch in March.
On Writing With The iPad
Staring at a blank page can be one of the most daunting aspects in writing. I find it hard to just start most of the time. Maybe it’s fear of starting off weak. Or maybe I don’t like the sound of it when read aloud. Whatever it is, just start and let the thoughts flow. It can always be edited later.
Inspiration can come at a moment’s notice. With so many distractions around, I sometimes find myself writing in some awkward places. I’ve blogged before about using the iPad as a mobile blogging platform, so I won’t go too much into that again here; however I have found an app that addresses some of the shortcomings of the keyboard. It’s called iA Writer. It has a next word last word function, and arrow keys! It makes editing so much better. Instead of poking around hopelessly with my fingers, I can precision correct with the cursor. If they added “<", ">“, and “/” to the extended keys for quick access, and added Google Docs integration it would be the best thing yet.
Kentucky Bourbon Trail Nov 12th – Nov 15th 2010
I recently returned from a trip to Kentucky, where I completed the Bourbon Trail. The trail consists of six distilleries: Four Roses, Heaven Hill, Jim Beam, Maker’s Mark, Wild Turkey, and Woodford Reserve. Much like the wine trails of Texas, which I’ve written about previously, the bourbon trail has a passport for an added incentive to visit all six distilleries. Each distillery will stamp your passport and once all six are complete, the passport can be mailed off for a free t-shirt so you can show off your awesomeness to the lesser refined drinkers of the world.
If I had to choose where to base a repeat trip out, I would fly out to Louisville, but stay at a hotel out in Bardstown. It’s closer to all the distilleries than Louisville. Also make a point to plan ahead on this one, especially if traveling on a weekend. The distilleries open later and close earlier on Sundays and in the case of Jim Beam cannot sell or serve tastings on Sundays due to local laws. Another thing to point out is there are plenty of distilleries that are not on the trail, but are in the area, and worth checking out. Buffalo Trace immediately comes to mind. If your planning on going I would say take two days for dedicated travel and devote three, preferably weekdays, to distillery and bar hoping. Especially if you’re interested in the deluxe tours offered by some of the facilities or interested in seeing some of the off-trail sites.
We stayed in Louisville at the Brown Hotel. The Brown hotel dates back to 1923 where it was a center for the local affluent. The architecture is distinctly English Renaissance. Marble floors, antique cherry furniture, and extremely lavish woodworking that includes inlaid relief ceiling tiles. It’s the first time I’ve ever had dinner on the top of a piano that was playing live music. It was definitely a unique experience for the books. The bar also stocks 50 different types of bourbon and 40 wines. Although the primary reason for going was bourbon, I enjoyed the Petite Syrah, Zinfandel, Malbec, and Cabernet Sauvignon. Normally I would have done some wine tasting notes, but since this wasn’t a wine tour, I decided just to enjoy it for what it was and not bother with busting out the notebook. The Brown also has the most down to earth, and just generally cool, bar tending staff I’ve ever had the pleasure of meeting. Just to be clear, the Brown is not a budget hotel, look to drop around $250 USD a night in the off season. During the Kentucky Derby rooms can be as much as $1000 USD a night. It is however awesome and even if you’re not going to stay there, you should at least hit the restaurant and order the dish made famous there called The Hot Brown.
Interesting side note on this trip Mike and I both got mild food poisoning from a Reuben sandwich on day one. That made for an interesting evening.
The mini tour of Heaven Hill is a bit of a waste. The guide walks you through the museum, and spends very little time on it. You can show yourself through as it is and spend time reading everything. The only advantage of taking the tour is the single free tasting at the end. The actual distillery is located off the site and they don’t give tours. There is a replica display in the museum, but that’s it. If you’re planning a trip and can’t hit all the distilleries on the tour then skip Heaven Hill. They also offer a deluxe tour where they take you to the warehouse and offer an expanded tasting. For a separate fee, a local history bus tour is available. The mini and deluxe tours are free.
Wild Turkey was not in production while we were there, but the tour of the facility was still good. They are actually in the process of moving to a brand new distillery which will spin up in December 2010. So for those of you looking to see the original I advise getting out there soon. Out of all the tours at all the distilleries, our guide at Wild Turkey was the most knowledgeable and thorough.
The grounds at Makers Mark are beautiful. All the buildings are Victorian in architecture, jet black with red doors and red window shutters. As an added bonus, they were decorated for Christmas so all the windows had wreaths with red accent bows. Couple that with the beautiful Kentucky countryside in fall, and it makes for a wonderful visual experience.
I’ve discovered that my target bourbon is in the 85 – 95 proof range anything over that is too hot for me. Makers Mark 46 was by far the best I had. Second, although not from a distillery on the tour, but from the historic Talbott Tavern in Bardstown, was Pappy Van Winkle. The hardest to swallow was the Sam Houston. A unique feature of the bar is a bourbon flight. For $25 USD one can get 5 shot glasses filled with any bourbon the bar stocks. This is great from a taster’s perspective because the bar currently stocks 45 unique types and, according to the bartender, will be expanding to over 50 by Christmas.
If I had to give out awards:
- Best Tour: Wild Turkey
- Second Best Tour: Woodford Reserve
- Most Interesting Facility: Makers Mark
- Second Most Interesting Facility: Woodford Reserve
- Most Scenic Grounds: Makers Mark
- Favorite Drink on Tour: Makers Mark 46
- Favorite Drink off Tour: Pappy Van Winkle
Cisco ASA: Port Forwarding RDP using ASDM
There are two pieces that need to be in place for this to work. The first is a NAT rule that tells the ASA where the traffic needs to go. The second is an ACL rule that allows traffic to pass through the firewall. The steps contained in this post were done using ASDM 6.0.
To get started Launch ASDM and sign in.
- From the ASDM Home screen click Configuration.
- Click Firewall.
- Click NAT Rules.
The wording of the menu is somewhat confusing, but we need to add a Static NAT rule on the inside interface.
- Click Add and choose Add Static NAT Rule.
- The Original Interface should be set to Outside and the Source should be set to the IP of the device that you will be RDPing to.
- The Translated Interface should also be set to Outside and to Use Interface IP Address.
- To accommodate RDP Enable Port Address Translation for TCP and set the Original Port and Translated Port to 3389, unless you have modified RDP to run on an alternative port, which I recommend.
- Be sure to save and write to running-configuration.
Here is a screenshot of what it should look like:
Now that NAT is taken care of, we need to add a firewall rule to permit the traffic.
- From the ASDM Home Screen click Configuration.
- Click Firewall
- Click Access Rules
- Click Add Access Rule
- The Interface needs to be set to Outside
- The Action should be Permit
- For source you have some choices. You can either let the source be any IP on the internet or a certain sub-set of IP addresses. The latter is considered more secure, but for this example I will assume you are a road warrior and need access from any IP address. In this case set Source to any.
- Destination should be Outside.
- Service should be tcp/3389. It will only be different if you have changed your RDP port on the Server.
- You can choose to add a description like “Remote Desktop rule.”
- You can also choose to enable logging on the rule.
- Be sure to save and write to running-configuration.
Here is a screenshot of what it should look like:
