IT

How Does NBN Get To Me?

Posted on by Adam Fowler

A lot of people have asked me questions like ‘What is NBN?’ or ‘How is it different’? Many people have had no exposure to the NBN so I thought I’d take the chance to briefly show how NBN gets to my house. I’ll speak in very general terms and avoid jargon as much as I can, and define a few commonly used terms.

For starters, NBN stands for ‘National Broadband Network’ – and without going into it’s entire poor history of how it got to where it is today, there’s a few different types of NBN:

Fixed Line

Fibre To The Premises (FTTP) – This is what I have, and it’s a fibre cable run from the exchange (as in, telephone exchange) all the way to your house. It’s considered the best generally.
Fibre To The Node (FTTN) – This is another fibre cable run, but goes to a node (a cabinet somewhere in your neighbourhood, closer than the exchange), and from there goes to copper to your house (i.e. your phone line).
Hybrid Fibre Coaxial (HFC) Cable – This is the older cable that Telstra and Optus use for Internet as well as Pay TV.

Wireless

Fixed Wireless – This invovles an antenna being placed on your premises, which gets signal from a base station. Speeds are much lower (max 25mbit down) than Fixed Line options, with higher latency.
Satellite – A dish is used rather than an antenna, and your data goes via a Satellite floating above the earth. Similar download speeds to Fixed Wireless but latency should be worse.

Personally I am lucky enough to have the pinnacle of NBN options – FTTP. A delicate thread of glass runs it’s way from the exchange all the way to the inside of my house.

Since I can’t get into the exchange easily, the journey of my fibre stars running along the telephone poles (many places have it underground instead) to the one outside my house:

20150822_151438Look at all those beautiful wires!

From there, just like the old copper cable, the fibre gets strung across to the corner of the roof. The highly professional ‘metal hook with weight thingy’ keeps the cable in place:

20150822_151417Wires everywhere

From the corner of the roof, the fibre is fed down into the NBN utility box (aka Premises Connection Device – PCD). Black cable in, white cable out. What magic happens in the middle? I don’t know as I couldn’t find anything online, but it most likely draws the line between the in-premise side of the fibre, and the off-premise fibre run.

20150822_151405Upside-down NBNCo PCD

From the PCD, the cable is then run into the roof cavity to get to the NBN Connection box. You’ll need a reasonable amount of wall space, and some ventilation room for this one:

20150813_124251Left: NBN Connection box. Right: Power Supply with Battery Backup (optional)

Taking the cover off of the NBN Connection box, you can see the little blue fibre cable being fed from the white shielding, looped around and fed into the Network Termination Device. Fibre is very delicate, with the added bonus of being able to blind yourself if you look into the end:

20150813_124315NBN Connection box with cover taken off

Here’s the below view of the Network Termination Device (NTD) inside the NBN Connection box. The first two ports on the left are voice ports, for a standard telephone service. Next up are the 4 broadband ports – my blue cable feeds off to a normal ADSL type router, that works with a WAN connection (such as NBN). Beyond that is the white power cable and of course the fibre cable. Note that you can’t just plug in to any port, the ISP will enable a particular port for you to use (or in my case from Internode, they’ll tell you ‘UNI-D 2’ on the paperwork but actually have ‘UNI-D 1’ as the active port!). You can have up to 4 seperate internet connections from this, but they’ll be on 4 separate bills.

20150813_124420Lower view of the NTD

Lastly, the Power Supply with Battery Backup. This is optional, but didn’t cost me anything extra. If there’s a power outage, this will give me 12 hours or so of power to the NTD. Handy just in case (keep in mind you’ll need some sort of power for your own router too for internet):

20150813_124331Big warning on the Battery Backup

With all this in place, and a high speed internet plan, this is the sort of speed I now get:

Faster than 98% of AU! :)

Without getting too political, if you don’t have FTTP NBN, you probably won’t get it in future, instead it’ll most likely be FTTN.

For details, check out http://www.nbnco.com.au/ as they’ve got a lot of good resources around the NBN.

Happy Internetting everyone!

Outlook Cannot Send This Item

Posted on by Adam Fowler

Microsoft Outlook has a reasonably common, yet very generic error:

cannotNo Outlook, it was not helpful.

There are a bunch of reasons that can cause this error. Often, the ‘solution’ is to change the email from HTML to Rich Text or Plain Text, and move on. Or, copy/paste the entire email into a new email and move on. Neither of these are workarounds of course.

Dig a bit deeper on the web, and you’ll find some wackier reasons – the size of the logo in your signature for example. There was also a version of Exchange 2010 that caused the issue, but that was resolved.

I was running into this problem on a regular basis, and spent many hours trying to come up with a reason for the issue, and why only certain users had the issue, and on certain emails. I couldn’t reproduce on my own PC with the exact same emails, yet it was 100% reproducible on theirs. Also, if I removed the image from the user’s signature it fixed it – and it didn’t matter what image I put back in, it was always broken.

It wasn’t until I cried out for help on Twitter, and Christopher Kusek came to the rescue. After looking at a few other ideas, he pointed me towards hotfix KB3042197 with the lengthy title “ Graphics file attachment grows larger in the recipient’s email message after you change to a high DPI setting”

After reading this, I did some testing. Amazingly, the problem only occurred when the PC’s DPI setting was above 100%. Amazingly, when DPI is 125%, 150%, 200% etc, Word from inside Outlook resizes images in the HTML code based on your DPI setting. Some combination of HTML emails back and forth, and this resizing would cause the ‘Cannot send this item’ message.

Setting the DPI to 100% wasn’t enough either, as it would make the contents of the screen too small for some users. The registry setting mentioned on the KB article ‘DontUseScreenDpiOnOpen’ and setting the value to 1 (true) actually fixed it!

After some more testing, this single registry setting which you’d think would be on by default was rolled out, and the ‘Cannot send this item’ messages were no longer appearing. At least not for this particular problem!

TLDR: If Windows is set to > 100% DPI, the MS Word editor inside Outlook 2010 and Outlook 2013 will resize images by default and this can cause weird stuff to happen.

Testing Twitter Influence – Part Three

Posted on by Adam Fowler

Read parts One and Two

As mentioned in Part Two, I wanted to test how well paying $5 for a bunch of clicks to your site went. I paid another US$5 for someone selling  ‘I will do social media marketing campaign within my 9M Facebook and Twitter fans’ – sounds rather dubious.

I gave them a URL on my website: http://www.adamfowlerit.com/dirty/ which contains a cute picture of a rabbit, and waited to see what happened.

I can’t find any records of this link being shared in social media, but they somehow managed to generate a bunch of hits, over a 4 day period. Funnily enough, after this there is absolutely zero hits:

Traffic to the URLTraffic to the specific URL

The seller also created a pretty graph via Google Analytics apparently showing where the clicks came from, passing it through a shortened URL:

traffic3Google Analytics of URL traffic

I’m reasonably confident all this traffic was faked, along with the sources, browsers, countries etc. None of that is overly difficult to fake.

Thirdly, here’s the overall traffic to my website with the ‘marketing campaign’ hits rather obviously in the middle:

traffic1Overall Site Hits

Traffic after the campaign ended went back to normal. As a side note, it’s interesting to see the dips on my site over the weekend, versus the buildup during the week to Wednesday. This cycle is consistent unless I publish a popular article, or gets picked up by a news site or reddit (it occasionally happens!).

Two major points I take away from this – it’s easy and cheap to generate ‘traffic’ which appears real and varied, and don’t believe any claim in traffic or hits, even if you see the end results.

Back on the Twitter front, I’ve done absolutely nothing with @AdamFowlerITCom but it’s looking more legitimate to me. I’m getting what appears to be more real followers (or good fake ones) as well as thanks for adding people to a list from an automated method:

twitter1Twitter Notifications

I think I’ve set out what I planned to achieve – showing that it’s very easy to build up an appearance of having huge numbers of followers, and unless someone digs deep it will appear to be legitimate after you get real followers on the account too. Also, fake traffic is incredibly cheap to generate – so take everything with a grain of salt.

Rolling back from a bad KB Update

Posted on by Adam Fowler

Microsoft releases buggy patches now and then (more commonly now sadly).

Today’s stuff up is KB3097877 which breaks a bunch of things, including things like causing Outlook to crash when reading HTML emails.

Best practise is to have a target group from WSUS that these patches go to first, before going company wide – but either way, you’ll want to remove the patch from the affected PCs.

How do you do this? This is my recommended safe approach:

Step 1. Disable the patch in WSUS.
Just do this now, before anyone else gets it. You’re not going to break anything by choosing the ‘Decline’ option on a patch in WSUS. Make sure you do it to each OS version or product you manage (e.g. Windows 7 32 bit, Windows 7 64 bit, Windows 8 32 bit etc).

Step 2. Test uninstalling the patch manually
Before you go nuts and try to fix all the things at once, do a quick test or two. If you manually uninstall the patch, does it successfully uninstall? Reboot and make sure the PC seems happy (check event viewer!). Reboots may take a while doing system state backups and rolling back the patch.

Step 3. – Set WSUS to Uninstall the patch.
It’s a bit counter intuitive to approve a patch to then set it to remove, but that’s how WSUS works. Find the patch by searching for the KB, and once you right click ‘Approve’, you’ll get the option to choose ‘Approved for Removal’. Make sure you’re targeting the correct Computer Group. If you can’t use WSUS, work out how to get your PCs to run a command like this: “wusa /uninstall /kb:3097877 /quiet /norestart” – without the /norestart, they’ll restart :)

Step 4 – Test Windows Update uninstall
Test another PC’s ability to use Windows Updates to uninstall the patch. ‘Checking for updates’ either through the Windows Update GUI or the good old ‘wuauclt /detectnow’ command will do the trick. Similar to Step 2, check it uninstalls and reboot. You can also check C:\Windows\WindowsUpdate.log to make sure it’s happy (this doesn’t apply to Windows 10 as that log doesn’t exist).

Step 5 – Trigger your PCs to check for Windows Updates
Depending on your group policies, Windows Updates will check at certain intervals and may auto download or auto patch. Easiest thing to do is trigger all your PCs to check Windows Updates now. There’s an easy PowerShell way of doing this here, but requires WinRM to be enabled – you should have this on if you want to be able to do a bunch of cool stuff to your PCs. Otherwise, try psexec which will have the same result. This can take a long time to do! Optional component – WOL your PCs first.

Step 6 – Reboot
Now that you’re ready to clean up, test reboot a PC or two and make sure the patch goes away. If that happens, then schedule all your PCs to reboot. You should have a way of doing this already – SCCM can do it well, you can create a once off scheduled task and push that out to PCs, or a bunch of other ways.

Step 7 – Report in WSUS
WSUS has some nice client reporting options. Search for the KB again, right click and choose ‘Status Report’. This is usually not too lagged in it’s information, and you can check to make sure none of your PCs have the update any more. If there’s only a few, it may be easier to manually fix the remainder.

Capture

Happy cleaning up!

 

Identifying and Counting Office 365 Cloud vs On Premises Users

Posted on by Adam Fowler

How do you easily identify Cloud and On Premises users in your Office 365/Azure AD instance? With PowerShell of course!

Prerequisite – Windows Azure Active Directory Module

Using the ‘get-msoluser -all’ command, you can find all your users in Office 365/Azure AD. Getting the results of which users are cloud only based, or synced via an on-premises LDAP such as Active Directory may not be easy at first glance.

If you expand out all the details possible from a user, the fields are as follows:

get-msol1

None of these are obvious to indicate where the account is primarily located.

After a quick comparison of an on-premises account and a cloud account, I noticed the ‘ImmutableId’ was blank for the cloud users. I found a great blog post about what the value was for here, which proved my guess – the value corresponds to the ‘objectGUID’ of the account, which cloud-only accounts don’t use.

Based on that, the rest is simple. Here’s some example commands:

get-msoluser -all | where immutableid -eq $null
Get a list of all cloud only accounts

get-msoluser -all | where immutableid -eq $null |fl
Get all cloud only accounts with all values

get-msoluser -all | where immutableid -ne $null
Get all synced on-premises accounts (e.g. DirSync, Azure AD Connect, ADFS)

get-msoluser -all | where immutableid -eq $null |measure
Show a count of how many cloud only accounts

get-msoluser -all | where immutableid -eq $null | export-csv cloudusers.csv
Export the list of cloud only accounts to a csv file