Using the Cloudflare API to provide free Dynamic DNS with Windows and Powershell

This post details my switch over to using Powershell and Cloudflare to update a DNS record to a server’s current IP. This effectively emulates dyndns for this host – except it’s free.

There are a load of other options out there, which even include some simple-but-quite-clunky apps for domain registrars like NameCheap; but installing third party software is not the route I want to take.

I previously had my target domain (let’s call it targetdomain.com) hosted on a Linux box, and used SSH to update the DNS settings via a Windows server. This worked well for three years without a blip – but was clunky. I was using a scheduled task to start a bat file, which then ran Putty to run the shell script…to update a config on a server which was only hosting the domain to serve this purpose.

Although the scheduler>bat>shell tasks have been running well for years, it’s time to simplify!

I’ve been using Cloudflare for years, and set aside time to write a script to use their service for this purpose. As it turns out, people have done this for years – so I’ve taken one off the shelf.

Continue reading “Using the Cloudflare API to provide free Dynamic DNS with Windows and Powershell”

INACCESSIBLE_BOOT_DEVICE, courtesy of Intel Rapid Storage Technology drivers (14.5.0.1081)

Note to self: do not update Intel Rapid Storage Technology drivers on a HP Proliant ML10v2, unless I really, really need to.

I’ve become complacent when throwing drivers at devices and this is a reminder how easy it is to break things. I recently added a TPM to one of my servers and one of the fixed drives is classified as removable by Windows, which means I can’t use the TPM with it. There’s at least two ways to fix this, either install Intel RST drivers and configure it through the console, or change some registry keys to force them to fixed drives.

Continue reading “INACCESSIBLE_BOOT_DEVICE, courtesy of Intel Rapid Storage Technology drivers (14.5.0.1081)”

Integrating QlikView into SalesForce SFDC with SSO – forcing TLS1.1 or higher

Integrating some QlikView screens into Salesforce, and using Salesforce to authenticate your users is actually very simple. Joe Bickley from Qlik wrote about setting up Salesforce SSO back in 2012 – and I thought I’d have a go.

The only road block encountered along the way was Salesforce’s decision to disable TLS 1.0. They have a number of very good reasons, including the famous Poodle vulnerability. It meant I experienced the error below:

UNSUPPORTED_CLIENT: TLS 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.

on

AppExchangeAPI.GetUserInfoResult userInfoResult = binding.getUserInfo();

This isn’t yet a mandatory change for production organisations, but it will be by 22/07/2017. Any development organisation will have it enabled by default, without any method for disabling. Other services do not have a disable date at the time of writing this post.

Uh oh, things aren’t well with SFDCLogin.aspx

Continue reading “Integrating QlikView into SalesForce SFDC with SSO – forcing TLS1.1 or higher”

Installing a SSL certificate to Qlik Sense Enterprise on Windows Server 2012 R2

Updated on 22/12/2017 to add two other ways of generating a CSR (see below).

In this post I’m going to look at how quick and easy (and cheap) it is to procure and install a SSL certificate on your Qlik Sense deployment. This assumes you are starting with only the self signed certificates, and that you want to use a certificate generated by a signing authority for use on an externally facing site.

A couple of things to note:

  • I’m using Qlik Sense Enterprise 3.1 with a single-node deployment using the default settings
  • You have a choice of verification methods – I chose to use DNS by adding a CNAME (pointer) to my chosen domain, and managed this through a linux DNS host. You can also verify through email or http (placement of a file)
  • I’ve used a basic certificate from PositiveSSL that offers only domain validation (DV). Certificates offering greater levels of protection and assurance are also available
  • The server is running Windows Server 2012 R2 with IIS 8, which is up-to-date with the latest updates at time of writing (January 2017)

 

On a clean installation of Qlik Sense Enterprise, you’ll note that the domain fails SSL validation in most browsers. Why? Because the certificate is one that has been generated by your server, and not by a “trusted” certificate authority. Have a read of this page about Certificate Authorities if you’re after further detail.

Continue reading “Installing a SSL certificate to Qlik Sense Enterprise on Windows Server 2012 R2”

Qlik Sense and general port troubleshooting on Windows Server 2012 R2

One of the beauties of Qlik Sense Enterprise is that it can be installed on nearly any Windows machine, with very few pre-requisites.

One of the drawbacks is that you may then be tempted to load it onto a multi-purpose box, or at the very least, one with a number of core Windows roles installed (especially if you’re just testing).

Uh oh, it's a 404
Uh oh, it’s a 404

This post is going to offer some quick ways of resolving port clashes, and working out what’s binding where without changing the core Qlik Sense Enterprise installation.

Continue reading “Qlik Sense and general port troubleshooting on Windows Server 2012 R2”