All posts by Brian Pool

Install RSAT on Windows Server 2019 & 2022

There are two options on how to install Remote Server Administration Tools on Windows Server 2019. But before starting, there’s a thing you need to know, that is, Remote Server Administration Tools are included as optional features in Windows Server 2019 and may be deployed using the Add Roles and Features dialog in Server Manager. Therefore, a Remote Server Administration Tools Windows Server 2019 download is not necessary.

Method 1. Install the RSAT via Windows features

Step 1. Click Start, then find Server Manager.

Step 2. Click Add roles and features.

Step 3. In the Add Roles and Features Wizard, click Installation Type first. Then tick Role-based or feature-based installation.

Step 4. Click Server Selection, tick Select a server from the server pool, then select the server you want to install the Remote Server Administration Tools (RSAT) on.

Step 5. Click Server Roles and then Next.

Step 6. Click Features, and then check the Remote Server Administration Tools check box.

Step 7. Some required supporting features such as the Web Server (IIS) role may be required. If prompted click Add Features.

Step 8. On the Web Server Role (IIS) page, click Next.

Step 9. Click Next on the Role Services page.

Step 10. Click Install on the Confirmation page.

Step 11. Wait for the installation to complete.

Step 12. Then you can find the RSAT tools under the Tools menu.

Method 2. Install the RSAT using PowerShell

Step 1. Search for Windows PowerShell in the search box and then open it.

Step 2. Input the following cmdlet to install all tools:

Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online

✍Note: If you just want to install specific tools, for example, Group Policy Management Console, you can input the following cmdlet:

Get-WindowsCapability -Name RSAT.GroupPolicy* -Online | Add-WindowsCapability -Online

Step 3. You can input the following cmdlet to confirm the installation:

Get-WindowsCapability -Name RSAT* -Online | Select-Object -Property DisplayName, State

This article is condensed from Anyviewer.com.  It is copied here so that I can find it when I need it.

Setting Up Radius on Unifi

Guide to Setting Up a RADIUS Authentication Server for Unifi Wireless Network

Overview

This guide will walk you through setting up a RADIUS authentication server on your Windows Active Directory domain to allow staff to log in to your Unifi wireless network using their AD credentials. Additionally, we will configure certificate-based authentication for staff laptops to enable automatic WiFi logins. We will also configure VLAN assignments so that students using RADIUS authentication are assigned a different VLAN than staff.


Step 1: Install and Configure Network Policy Server (NPS) on Windows Server

  1. Install NPS
    • Open Server Manager on your Windows Server.
    • Click Manage > Add Roles and Features.
    • Select Network Policy and Access Services and then Network Policy Server (NPS).
    • Complete the installation.
  2. Register NPS with Active Directory
    • Open NPS via Server Manager > Tools > Network Policy Server.
    • Right-click NPS (Local) and select Register Server in Active Directory.
    • Confirm the registration.
  3. Add a RADIUS Client (Unifi Controller)
    • Expand RADIUS Clients and Servers in NPS.
    • Right-click RADIUS Clients, select New.
    • Set a Friendly Name (e.g., “Unifi Controller”).
    • Enter the IP address of your Unifi AP Range. (e.g, 10.66.4.1/22)
    • Set a Shared Secret (you’ll need this later in Unifi settings).
    • Click OK.

Step 2: Configure Network Policy for Staff and Student Authentication with VLAN Assignments

  1. Create a New Network Policy for Staff
    • Expand Policies, right-click Network Policies, and select New.
    • Name the policy (e.g., “Staff WiFi Authentication”).
    • Click Next.
  2. Specify Conditions
    • Click Add and select User Groups.
    • Choose Domain Users or a specific AD security group (e.g., “Employees”).
    • Click Next.
  3. Configure Authentication Methods
    • Select Microsoft: Protected EAP (PEAP).
    • Click Edit and select a valid certificate (see Step 3 for issuing a certificate).
    • Ensure EAP-MSCHAPv2 is checked.
    • Check Wireless – IEEE 802.11 in the NAS Port Type
    • Click Next.
  1. Configure VLAN Assignment for Staff
    • Under Settings > Standard RADIUS Attributes, add:
      • Tunnel-Medium-Type: Set to 802 (Wireless).
      • Tunnel-Pvt-Group-ID: Enter the VLAN ID for staff (e.g., “50”).
      • Tunnel-Tupe: Set to Virtual LANs (VLAN)
    • Click Next and Finish.
  2. Create a New Network Policy for Students
    • Follow the same above but changing the AD group and VLAN.

Step 3: Set Up a Certificate Authority for Device Authentication

  1. Install Certificate Services on Windows Server
    • Open Server Manager > Add Roles and Features.
    • Select Active Directory Certificate Services.
    • Install Certificate Authority (CA) and Network Device Enrollment Service (NDES).
  2. Create a Server Certificate for NPS
    • Open Certification Authority.
    • Right-click Certificate Templates, select Manage.
    • Duplicate the RAS and IAS Server template.
    • Name it “NPS Certificate”, enable Server Authentication.
    • Issue the certificate for the NPS server.
  3. Enroll Certificates for Staff Laptops
    • Open Group Policy Management.
    • Create a new GPO (e.g., “WiFi Cert Deployment”).
    • Navigate to Computer Configuration > Policies > Windows Settings > Public Key Policies > Automatic Certificate Request Settings.
    • Add Computer Certificate Enrollment Policy and apply it to staff laptops.

Step 4: Configure Unifi Controller for RADIUS Authentication

  1. Access Unifi Network Controller
    • Open the Unifi Controller.
    • Navigate to Settings > Profiles > RADIUS.
    • Click Create New RADIUS Profile.
  2. Add RADIUS Server Details
    • Set Authentication Server to your NPS server’s IP.
      • Set Port 1812 and enter the Shared Secret
    • Set Authentication Server to your NPS server’s IP.
      • Set Port 1813 and enter the Shared Secret
    • Set Accounting Server to your NPS server’s IP.
      • Set Port 1645 and enter the Shared Secret
    • Set Accounting Server to your NPS server’s IP.
      • Set Port 1646 and enter the Shared Secret
    • Click Save.
  3. Assign RADIUS Authentication to WiFi
    • Go to Settings > WiFi.
    • Create a new WiFi network.
    • Set Security to WPA2-Enterprise.
    • Choose the RADIUS Profile created earlier.
    • Save and apply settings.
    • The clients will now connect with their AD Username and Password to the VLAN specified in the NPS Policy.

Step 5: Test and Deploy

  1. Test AD Authentication
    • Connect a device to the WiFi.
    • Enter an AD username and password. (try staff or student)
    • Check NPS logs for authentication success and correct VLAN assignment.
  2. Test Certificate Authentication
    • Ensure a staff laptop with a certificate automatically connects.
    • Verify in the Unifi Controller that authentication was seamless.
  3. Monitor and Troubleshoot
    • Check Event Viewer > NPS Logs for errors.
    • Verify RADIUS settings in Unifi.
    • Ensure Group Policy is applied correctly.

Conclusion

You have successfully configured a RADIUS authentication server with Active Directory integration and certificate-based authentication for staff laptops. Additionally, VLAN assignments allow staff and students to be placed on separate networks automatically based on their authentication group.

JSON issues when securing Llama with Nginx

It looks like your issue might stem from one of the following causes:

Possible Causes and Fixes:

  1. Misconfiguration in Nginx Reverse Proxy

    • If Nginx is improperly handling WebSockets or HTTP requests, it could be modifying or breaking JSON responses from your Llama 2 API.
    • Fix: Ensure your Nginx configuration includes proper proxy settings:
      nginx
      location / {
      proxy_pass http://localhost:PORT; # Replace PORT with your Llama 2 API port
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;

      proxy_buffering off;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      }

  2. Certbot HTTP-01 Challenge Interference

    • Certbot might have temporarily modified your Nginx config and is interfering with normal operation.
    • Fix: Try restarting Nginx after Certbot finishes:
      nginx
      sudo systemctl restart nginx
  3. Mixed Content Issue (HTTP vs. HTTPS)

    • If the AI server is still using HTTP but Nginx is serving HTTPS, responses might be malformed.
    • Fix: Ensure the Llama 2 backend API is also running with HTTPS or use proxy_redirect:
      nginx
      proxy_redirect http:// https://;
  4. JSON Response Encoding Issue

    • If Nginx is interfering with response headers, ensure JSON content-type is correctly set.
    • Fix: Add:
      nginx
      proxy_set_header Content-Type application/json;

Next Steps

  • Check the Nginx logs:
    nginx
    sudo journalctl -u nginx --no-pager --lines=50
  • Verify Certbot logs for potential misconfigurations:
    bash
    sudo cat /var/log/letsencrypt/letsencrypt.log
  • Try disabling Nginx temporarily and directly accessing the AI server to confirm JSON responses are correct.

Intel Core i5-13600KF Review

The Intel Core i5-13600KF is a standout processor in Intel’s 13th Gen lineup, offering a compelling blend of performance and value. Priced at $180, it features 14 cores—comprising 6 Performance-cores (P-cores) and 8 Efficient-cores (E-cores)—along with a 24MB cache. This configuration delivers robust performance across a variety of applications.

In gaming scenarios, the i5-13600KF excels, often matching or surpassing higher-tier processors. TechPowerUp’s review highlights its impressive gaming performance, noting that it achieves frame rates comparable to more expensive CPUs.

User feedback further underscores the processor’s strengths. A Best Buy customer review praises the i5-13600KF for its power and efficiency, noting that it handles demanding tasks without bottlenecking high-end GPUs.

For those seeking a processor that balances cost and performance, the Intel Core i5-13600KF is a compelling choice. Its combination of high core count, substantial cache, and competitive pricing makes it suitable for both gaming and productivity tasks.

For a detailed breakdown of the i5-13600KF’s specifications, you can visit Passmark’s CPU Database.

Note:  This review is part of a classroom project.

References: 

https://www.amazon.com/dp/B0BCF5CZ16?tag=cpubenchmark-20&linkCode=osi&th=1&psc=1#customerReviewshttps://www.bestbuy.com/site/reviews/intel-core-i5-13600kf-13th-gen-14-cores-6-p-cores-8-e-cores-24m-cache-3-5p-to-5-1-ghz-lga1700-unlocked-desktop-processor-grey-black-gold/6521198https://www.cpubenchmark.net/cpu.php?cpu=Intel+Core+i5-13600KF&id=5059https://www.cpubenchmark.net/cpu_value_available.html

My Fortnite Experience

I am an avid Fortnite player and love the game, but my PC was recently ruined by my little brother and I had to start from scratch with a donated PC. First of all, for you newbies, what is Fortnite? According to CoPilot, “Fortnite is a trendsetting multiplayer online battle royale game developed by Epic Games. In this intense survival experience, players drop onto an island map alongside 99 other competitors. The goal? To be the last person standing. As you explore the island, you’ll scavenge for weapons, gear, and resources while constantly navigating shrinking safe zones. What sets Fortnite apart is its unique building mechanics: you can construct structures—towers, walls, and more—to defend yourself or gain tactical advantages. Whether you prefer solo play or teaming up with friends, Fortnite offers various modes, including Duos, Trios, Squads, and even a building-focused Team Rumble. So, whether you’re a seasoned player or a newcomer, Fortnite’s dynamic gameplay and ever-evolving world await!” (“Microsoft Copilot Conversation on Fortnite,” 22 Apr. 2024)

The system requirements of Fortnite are relatively low, thankfully.  The replacement PC I have has the recommended specs for the CPU but has no GPU, and I only have $150 to meet the recommended GTX 660.  I opted for the GeForce 1650, which is the best I could find in my price range.

PNY GeForce® GTX 1650 for $149.99

The PNY GTX1650 is 49% better than the recommended GTX 660.  While this video card is only ranked 258 on the passmark rating, it will easily play FortNite.

The GTX1650 GPU is made by Nvidia and has a 1410MHz core clock with 896 CUDA cores.  The 4GB od GDDR6 runs at a bandwidth of 192GB/s.

The PCIe interface is slightly older and is PCIe 3.0 with APIs still supporting DX12 and OpenGL4.6.  It only pulls 75 Watts of power and has a single 6-pin power connector. It has a DVI, HDMI, and Displayport outputs and takes 2 slot spots on the back of my PC.
Overall my new setup seems to be playing Fortnite again very well.  I am far enough over the recommended settings, even at my $150 budget, that the experience has me back on the leaderboard.

Note:  This review is part of a classroom project.

Works Cited

PNY GeForce® GTX 1650, www.amazon.com/. Accessed 24 Apr. 2024.

PNY GeForce GTXTM 1650 4GB gddr6 dual fan. PNY Technologies Inc. (n.d.). https://www.pny.com/geforce-gtx-1650-gddr6-df

“Microsoft Copilot Conversation to proof final draft.” Microsoft, 24 Apr. 2024.

“Microsoft Copilot Conversation on Fortnite.” Microsoft, 24 Apr. 2024.


I used CoPilot to review the post above by asking “Please review the following blog post and give me any inputs to improve it.” and then dropping in the text.  Here is its reply.

 

Your blog post provides a solid introduction to Fortnite, especially for newcomers. Let’s break down the key points and offer some suggestions for improvement:

  1. Introduction to Fortnite:
    • You’ve done a great job explaining what Fortnite is. The description covers the basics, including the battle royale concept, island map, and the goal of being the last survivor.
    • Consider adding a brief mention of the game’s vibrant art style and the ever-changing in-game events that keep players engaged.
  2. Unique Building Mechanics:
    • Highlighting Fortnite’s building mechanics is crucial. You’ve touched on it, but you could expand a bit more. Mention that players can construct walls, ramps, and platforms on the fly, allowing for creative strategies and intense battles.
    • Explain how building structures can be used defensively (blocking enemy shots) or offensively (gaining high ground advantage).
  3. Game Modes:
    • You’ve mentioned Duos, Trios, Squads, and Team Rumble. Consider briefly describing each mode:
      • Duos: Teams of two players.
      • Trios: Teams of three players.
      • Squads: Teams of four players.
      • Team Rumble: A large-scale mode focused on building and combat.
    • Emphasize that Fortnite caters to both solo players and those who enjoy teaming up with friends.
  4. System Requirements:
    • You’ve covered the system requirements well. However, consider organizing this section into bullet points for clarity.
    • Add a sentence about how Fortnite’s optimization allows it to run on a wide range of hardware, making it accessible to many players.
  5. PNY GeForce GTX 1650:
    • Good choice! Mention that the GTX 1650 strikes a balance between affordability and performance.
    • Clarify that while it’s ranked 258 on the PassMark rating, it still handles Fortnite smoothly.
    • Briefly explain what CUDA cores are (they assist with parallel processing).
  6. Technical Details:
    • Expand on the PCIe interface. Explain that while it’s PCIe 3.0, it’s still compatible with modern motherboards.
    • Mention that the single 6-pin power connector makes it easy to install.
    • Add a sentence about the card’s compact form factor, which suits various PC builds.
  7. Conclusion:
    • Wrap up by emphasizing that the PNY GTX 1650 is a budget-friendly choice for Fortnite players.
    • Consider adding a positive note about how the game’s dynamic updates keep it fresh and exciting.

Overall, your blog post provides valuable information. With a few tweaks, it’ll be even more engaging for readers. Keep up the great work!

Level Up Your Game with Kingston FURY Beast DDR5 RAM

 It’s Freakin’ Insane!

Yo, gamers! Tired of your PC lagging out like your grandpa’s dial-up internet? Want frames so smooth you could butter them on toast? Then ditch your dusty DDR4 RAM and get ready to unleash the beast with Kingston FURY Beast DDR5 memory!

This ain’t your average RAM upgrade, it’s a full-on performance overhaul that’ll leave your old setup whimpering in the corner. We’re talking speeds that’ll make your games feel like they’re on fast forward, load times that vanish quicker than your lunch money.

But hold on, there’s more! This beast ain’t all bark and no bite. Kingston FURY Beast DDR5 rocks something called “ODECC” tech, which basically means it protects your data like a mama bear guards her cubs. No more crashes or stutters, even when you’re pushing your PC to the limit. Plus, it’s got this sweet heatsink that keeps things cool under pressure, so your RAM won’t throttle down like a car with a busted radiator.

And let’s not forget the looks! This RAM ain’t just fast, it’s stylish too. With a sleek design and optional RGB lighting, you can personalize your rig to match your gamer vibes. Whether you’re feeling like a neon ninja or a blackout assassin, there’s a Kingston FURY Beast DDR5 setup that screams “you.”

So, here’s the deal: if you’re serious about gaming and want the best performance your money can buy, then Kingston FURY Beast DDR5 memory is the upgrade you need. It’s like having a cheat code for your PC, giving you the edge you need to dominate the competition and level up your game like a boss. Trust me, once you experience the beastly power of DDR5, you’ll never go back. Just don’t say I didn’t warn you – your friends might accuse you of hacking when they see how smooth your gameplay is!

Note:  This review is part of a classroom project.

Resources:

https://www.kingston.com/en/memory/gaming/kingston-fury-beast-ddr5-memory

https://gemini.google.com/

AMD Ryzen 3 3200G Review

The  Ryzen 3 3200G is a low-level processor made by AMD for the lower-priced market.  Currently available on Amazon for $93, I would not recommend this CPU for any mid to high-end user.  Although it has integrated graphics and includes the CPU cooler, the overall benchmark score is fairly low with a Passmark score of only 7144 at the time of this posting.

Experience:  Most games were extremely laggy with this processor if they installed at all.  Basic web browsing was fast and responsive.   Word processing and office tasks were also snappy and responsive.  The system I tested this on had 8GB of RAM and Windows 10 was installed on a SSD.  The CPU cache on this processor is comparatively low and I would not suggest limiting the system RAM below 8GB or putting your OS on a traditional HDD.

CPU Specifications

  • # of CPU Cores – 4
  • # of Threads -4
  • Max. Boost Clock -Up to 4.0GHz
  • Base Clock – 3.6GHz
  • L1 Cache – 384KB
  • L2 Cache -2MB
  • L3 Cache -4MB
  • Default TDP -65W
  • Unlocked for Overclocking – Yes
  • CPU Socket – AM4
  • Launch Date – 7/7/2019

Overall, as I stated earlier, I was not happy with this CPU.  There are other options far superior for near the same cost.  I would avoid purchasing this option if possible.

Note:  This review is part of a classroom project.

Resources:

https://www.amd.com/en/support/apu/amd-ryzen-processors/amd-ryzen-3-desktop-processors-radeon-vega-graphics/amd-ryzen-3-1https://shop-us-en.amd.com/amd-ryzen-5-7600x-processor/

https://www.amazon.com/AMD-Ryzen-3200G-Unlocked-Processor/dp/B07STGHZK8?th=1

https://www.cpubenchmark.net/cpu.php?cpu=AMD+Ryzen+3+3200G&id=3497

Solving Windows 10 Update Issues

Here at school, and at my home, we use an SSD for the OS and programs, and a traditional HDD for user files and data.  This requires a registry edit before a user logs on, and has worked great to save SSD space for those items that need SSD speed.

However, it appears to cause issues with major updates in Windows.  While minor updates happen frequently, major ones always fail.  I needed the major upgrade to 21H2 to make Starfall work, so it was a priority!  🙂

To fix this issue I had to do the following.

  1.  Logon with the admin account that was originally setup with windows.  This account is stored in the User folder where windows was installed.
  2. Undo the registry hack to put user folders on the D: Drive.
    1. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList] should be returned to %SystemDrive%\Users
  3. Run the following in an administrator command prompt.  In short, it repairs the Windows installation folder.
    1. DISM.exe /Online /Cleanup-image /Restorehealth
  4. Now I ran an upgrade from a flash drive with the current Windows release…and it worked!

Hope this helps anyone else with Windows upgrade issues, or more importantly, Starfall issues!

Adding a NAS Drive to a Windows 2016 Server

We recently acquired 3 IceBreaker 4936 servers from DoDCFL (for free) and were looking for the best use for these bad boys.  We landed on our CCTV setup.

They are all 36-thread servers with 256GB of RAM and 216TBs of HDDs.  While the storage isn’t blazing fast by today’s standards, it is great archival storage.

Our CCTV system is Milestone, which requires the storage drives to be local.  We decided to try and set up TrueNas on the Icebreaker to allow us to greatly enhance our storage longevity.  The RAID and TrueNAS install are covered in a separate post by my excellent Miami intern (Maverick Peck), that completed that part of the process.

After TrueNas was installed we had to first setup iSCSI on the NAS.  We tried other solutions but in the end, the only one that worked with Milestone was having the drive on the recording server connect with iSCSI Initiator.

Step 1 – On the server that is connecting to the NAS, install iSCSI Initiator.  By typing iSCSI in the start bar you will get the best match of iSCSI Initiator, simply click on it.  Click the Yes button to make it a service that starts automatically in the future.

 

Step 2 – Set up the iSCSI Share you will be using on TrueNAS.  This YouTube video capture covers the process of:

  • Setting up the Zvol storage pool
  • Configuring the iSCSI Block Share
  • Enabling the TrueNAS iSCSI Service
  • Connecting the NAS Volume to iSCSI Initiator on your server
  • Finally, setting up the new disk in Disk Management

Hopefully this helps anyone else looking to setup a NAS and getting drives mapped as local drives on their server.

Cleaning Up BSOD NTFS Issue

Occasionally a Windows system will decide to bother us with a blue screen of death.  There are a few things we can do that may (and usually does) fix the issue.

  1.  Open Powershell as an administrator and run: sfc /scannow
    • This will search for bad windows files and replace them.
  2. Now run : DISM /Online /Cleanup-Image /RestoreHealth
    • This will really do the same but replace them from Microsoft services if the above command could not fix them.
  3. Lastly, run: chkdsk /r /f
    • This will do a checkdisk on your OS drive and attempt to repair the errors.  You technically could do this first, but I got the BSOD when I did it in that order, and fixed my issue when I did it in this order.
    • You will have to do a restart to allow the chkdsk to run on the OS drive.