Category Archives: tech

cloud computing, microsoft, tech

A post that can save you money: scheduling Azure Virtual Machines for start/stop

I have written recently about Windows Virtual Desktop, the ability to set up a virtual desktop environment on Azure at a relatively low cost, provided your users have Microsoft 365 accounts. My test setup is minimal but I have been watching the cost which is currently working out at £5.39 per day. This excludes the cost of Microsoft 365; it is purely for the infrastructure including VPN gateway, storage and VM. Bandwidth is a variable cost but almost negligible on my usage. Of that cost, the VM is around 75%. So if I could shut down the VM when not in use the savings are substantial.

It turns out this is pretty easy on Azure though it requires some plumbing. VMs do have a built-in option to shutdown on a schedule, but not to start up. To get start/stop, you need an Automation Account.

image

With the automation account created, select it, hit Start/Stop VM, then click “Learn more about and enable the solution”.  You get this dialog.

image

Here we learn that to save money, we have to spend it, on three new services: Automation, Log Analytics, and Monitor. It is not too bad though as there is a free tier for these services that may be all I need. Hit Create.

image

In this window you have to configure three sections. Nothing challenging, but note that in Configuration you set the Target Resource Group Names. No pick list here, you have to type in the names. Or use a wildcard, which is unlikely to be a good idea since by default it will start and stop ALL your VMs. The schedule is not very smart, just a daily on and off, but see below. Once done, click Create to add the solution.

All done, but what about weekends, for example. This is easily fixed if you create your own schedules. Just go into your automation account and click Schedules under Shared Resources. The wizard-created schedules are listed, and you can modify them or create new ones. It looks as if you might need 5 schedules, one per weekday, recur every week, to make your VMs not run at weekends. There is no Monday-Friday option.

More documentation here. Note that automation can also run PowerShell scripts which will be even more flexible.

Scheduling cloud resources to shut down when not in use must be one of the most effective ways to reduce IT spend.

Update: here is the outcome of my efforts:

image

The Management resource group has the runbook that performs the start/stop action. The cost of this is small. Overall cost has gone down by about £2.00 or about 40% in my case. I appreciate this is a very small test deployment, but it would support maybe 4 or 5 users without any problem and my experience shows that you can indeed make a large saving by scheduling VMs to stop when not in use.

microsoft, tech

Microsoft Financials: strategic purpose of Github, Teams and PowerApps revealed

Microsoft has announced its quarterly financial statements, reporting revenue of $30.6 billion, up 14% on the same period last year.

The story seems to be largely more of the same, which is good for the company in that all its numbers look good.

The most striking figure is 73% increase in Azure revenue. Azure is the smallest of its three self-defined segments though, though all three are similar in size. “More Personal Computing” (Windows, Surface and gaming) delivered the most revenue, followed by Productivity and Business Processes. That said, at this rate of growth Azure will soon be the biggest of the three segments.

Aside: has there ever been a dafter segment name than More Personal Computing? More than what?

Quarter ending March 31st 2019 vs quarter ending March 31st 2018, $millions

Segment Revenue Change Operating income Change
Productivity and Business Processes 10100 +1236 3979 +864
Intelligent Cloud 9649 +1780 3208 +554
More Personal Computing 10680 +763 3154 +631

The segments break down as:

Productivity and Business Processes: Office, Office 365, Dynamics 365 and on-premises Dynamics, LinkedIn

Intelligent Cloud: Server products, Azure cloud services

More Personal Computing: Consumer including Windows, Xbox; Bing search; Surface hardware

Some points to note. Microsoft reported a “material improvement” in Azure gross margin, something which does not surprise me. In my experience, the Azure Portal does a great job (from Microsoft’s perspective) in steering you towards premium services and extras, as I found when trying Windows Virtual Desktop – check my note on the VPN Gateway at $140 per month).

Office 365 is still growing, up 30% according to Microsoft’s slides. LinkedIn is also increasing revenue, up 27%.

Despite Chromebooks and mobile, Windows is still a cash cow with revenue from Windows OEM Pro up 15% year on year. Consumer revenue is down 1%.

In the earnings call CEO Satya Nadella called out Teams as “bringing together everything a team needs” (well, apart from a proper shared calendar).

CFO Amy Hood remarked on what she called “strategic areas” by which she means I think areas that drive adoption:

We will invest aggressively in strategic areas like Cloud through AI and Github, Business Applications through Power Platform and LinkedIn, Microsoft 365 through Teams, Security, and Surface as well as Gaming.

Note that Github is seen as a way of persuading developers to use Azure services, and note also the important attached to the Power Platform. Power platform? Here it is:

The Power Platform is today comprised of three services – Power BI, PowerApps and Flow … It is a system that enables users to do three key actions on data that help them drive business: Analyze, Act, and Automate. We do this with Power BI, PowerApps, and Flow, all working together atop your data to help EVERYONE, from the CEO to the front-line workers, drive the business with data.

says CVP James Phillips.

The piece that particularly interests me is PowerApps. Microsoft spent years looking for a modern successor to Visual Basic, app development within reach of non-specialists (kind-of). In PowerApps it believes it has the answer:

PowerApps is a “citizen application development platform” – allowing anyone to build web and mobile applications without writing code. The natural connection between Power BI and PowerApps makes it effortless to put insights in the hands of maintenance workers, teachers, miners and others on the frontline, in tailored and often task-specific applications

says Phillips.

So if VB was a driver for Windows adoption, then PowerApps will push you towards Microsoft’s cloud-hosted business applications.

microsoft, office 365, tech

Microsoft Planner: a good task management solution for small teams?

It is a common scenario for any team: you have projects which break down into various tasks, and you need to assign tasks to team members with deadlines. The low-tech solution is that you have a meeting, you assign the tasks, and each person organises their time in whatever way works for them. A calendar entry with a reminder, perhaps, or a task entry with a reminder, if you use Outlook and Exchange or Office 365.

But what if you want a project-level view of how the tasks are going? Again there are low-tech solutions like Excel spreadsheets or even a whiteboard on the wall. Of course there are software solutions as well. On Microsoft’s platform (which is the subject of this post) you could use Microsoft Project. A user license for Project Online Professional is currently £22.60 per month, though, more than double the cost of an Office 365 Business Premium account (£9.40). Even a team member license (Project Online Essentials) is £5.30. It seems a big leap in cost, and is more than many businesses need in terms of features.

There is an alternative, which is Microsoft Planner. This is one of those Office 365 apps that is not all that well known, and it comes for free with most Office 365 plans. It gives you basic project management, with the ability to assign tasks to team members.

You can find Planner by logging into Office 365 and choosing Planner from the All Apps view.

image

Once Planner opens you can create a plan.

image

I advise a careful look at this dialog before clicking Create plan. If you have one big project, such as perhaps a new product you are developing, a plan dedicated to that project makes sense. If you have multiple small projects though, it would be better to have a single plan to contain multiple projects. The reason is that plans have a relatively high overhead. Each plan by default creates an Office 365 group and an Office 365 Sharepoint site. This could easily become a maintenance nightmare. Within a plan though, you can have multiple buckets, and each bucket can contain multiple tasks.

Note also that you can use an existing Office 365 group. It might make sense to create the group first, if only to get a sensible name. By default, the group gets the game of the plan. Only one Sharepoint site is created per group, so this is more lightweight (phew!).

After thinking this through you hit Create plan. The plan is created and you can get on with adding tasks, the base unit of a plan.

A few things about tasks:

– they have due dates

– they are assigned to one or more team members

– they can have checklists of sub-tasks which you check off

– they can have attachments

– they have a status of “Not started”, “in progress”, or “complete”

image

Tasks can be grouped into buckets (a good idea). Once you have a few tasks you can view charts showing progress and a schedule showing when task completion is due.

image

When members are assigned a task, they get an email notification.

image

And as I mentioned there is Sharepoint site which can have all sorts of junk added to it.

image

Now a few observations. Planner looks useful but as so often with these Microsoft apps, there are things that make you want to bang your head against the nearest wall. The most obvious problem is that Planner tasks do not integrate with Outlook tasks. The best you can do is to export the plan schedule to an Outlook calendar. Guess what is the top user request for Planner?

image

From here we learn of an added complication, that Outlook tasks are being replaced by Microsoft To-Do. Inevitable perhaps but I like Outlook tasks and the fact that everything is in an Exchange mailbox, and therefore easy to manage.

Still, the good news is that it says In Development.

Other limitations? Well, Planner is very basic. You cannot even have dependent tasks. You cannot set status to show the degree to which a task is complete, which even Outlook tasks can do. No Gantt charts either. Or features like milestones, cost tracking, risk assessment, time management, templates, prioritisation, projections, or other such features.

In fact, you cannot even export to Excel, the second most requested feature (the team is working on this too).

image

You cannot help but wonder if Microsoft does not want to make Planner too good, lest it cut into lucrative Project sales.

If so, this is to my mind wrongheaded. For every Project sale lost, there would be three sales won for Office 365 if it came with an excellent project management tool built in. There is also the problem of duplicated effort. Why not get the Project team to develop Project Lite for Office 365, limited by lack of some of the more advanced features, but with a smooth upgrade path, rather than making an alternative product which is still not fully ready?

Still, Planner is free with Office 365, and worth being aware of if you can get it to do what you need.

software development, tech, visual studio

Stack Overflow survey shows leap in popularity for Visual Studio Code

Stack Overflow has released the results of its annual developer survey. I took a quick look, comparing the figures to those for 2018.

The survey is based on results from 88,883 developers from 179 countries. 400 responses were excluded because they took less than 3 minutes to complete!

A few things caught my eye.

Visual Studio Code is the most popular development tool, with over 50% of developers saying they use it. This is up from 34.9% last year. Visual Studio (which I guess includes Visual Studio for Mac) is second but has gone down from 34.3% to 31.5%.

image

Visual Studio Code is an amazing success; it is only four years old. What is the benefit to Microsoft though? There must be some benefit via the branding and gentle steers towards Microsoft services such as Azure; but this is mainly about Microsoft delivering a great free and open source developer tool and getting kudos in return.

Few other technologies have moved by such a dramatic amount. JavaScript remains top in languages but slightly down, 69.8% to 67.8%. Python is gently up, 38.8% to 41.7%. C# slightly down, 34.4% to 31%. Swift is down a bit, 8.1% to 6.6%, which is a little surprising to me.

TypeScript is up from 17.4% to 21.2%. Another impressive open source project from Microsoft and the great Anders Hejlsberg (Object Pascal, Delphi, C#, TypeScript).

In frameworks, last year StackOverflow had a single category for .NET Core (27.2%) while ignoring .NET Framework. This year it has 23.7% for .NET Core and 37.4% for .NET – no trends are therefore visible but next year perhaps.

There is an overly broad platform category including everything from Raspberry Pi to WordPress to AWS. I do not have much confidence in these figures, but notice that AWS is up from 24.1% to 29.5%, Google Cloud Platform up from 8% to 12.8%, and Azure up from 11% to  11.9%. Not good figures for Azure, now third behind AWS and Google. But Microsoft can take comfort from Windows, supposedly up from 35.4% to 50.7%.

Both Android (29% to 27%) and iOS (15.5% to 13%) are down slightly. I do not think this is meaningful movement but it does suggest that mobile app development is not longer a big growth area; perhaps there is more attention being paid to server apps.

microsoft, Notes from the field, tech, windows

Hands on with Windows Virtual Desktop

5 Comments

Microsoft’s Windows Virtual Desktop (WVD) is now in preview. This is virtual Windows desktops on Azure, and the first time Microsoft has come forward with a fully integrated first-party offering. There are also a few notable features:

– You can use a multi-session edition of Windows 10 Enterprise. Normally Windows 10 does not support concurrent sessions: if another user logs on, any existing session is terminated. This is an artificial restriction which is more to do with licensing than technology, and there are hacks to get around it but they are pointless presuming you want to be correctly licensed.

– You can use Windows 7 with free extended security updates to 2023. As standard, Windows 7 end of support is coming in January 2020. Without Windows Virtual Desktop, extended security support is a paid for option.

– Running a VDI (Virtual Desktop Infrastructure) can be expensive but pricing for Windows Virtual Desktop is reasonable. You have to pay for the Azure resources, but licensing comes at no extra cost for Microsoft 365 users. Microsoft 365 is a bundle of Office 365, Windows InTune and Windows 10 licenses and starts at £15.10 or $20 per month. Office 365 Business Premium is £9.40 or $12.50 per month. These are small business plans limited to 300 users.

Windows Virtual Desktop supports both desktops and individual Windows applications. If you are familiar with Windows Server Remote Desktop Services, you will find many of the same features here, but packaged as an Azure service. You can publish both desktops and applications, and use either a client application or a web browser to access them.

What is the point of a virtual desktop when you can just use a laptop? It is great for manageability, security, and remote working with full access to internal resources without a VPN. There could even be a cost saving, since a cheap device like a Chromebook becomes a Windows desktop anywhere you have a decent internet connection.

Puzzling out the system requirements

I was determined to try out Windows Virtual Desktop before writing about it so I went over to the product page and hit Getting Started. I used a free trial of Azure. There is a complication though which is that Windows Virtual Desktop VMs must be domain joined. This means that simply having Azure Active Directory is not enough. You have a few options:

Azure Active Directory Domain Services (Azure ADDS) This is a paid-for azure service that provides domain-join and other services to VMs on an Azure virtual network. It costs from about £80.00 or $110.00 per month. If you use Azure ADDS you set up a separate domain from your on-premises domain, if you have one. However you can combine it with Azure AD Connect to enable sign-on with the same credentials.

There is a certain amount of confusion over whether you can use WVD with just Azure ADDS and not AD Connect. The docs say you cannot, stating that “A Windows Server Active Directory in sync with Azure Active Directory” is required. However a user reports success without this; of course there may be snags yet to be revealed.

Azure Active Directory with AD Connect and a site to site VPN. In this scenario you create an Azure virtual network that is linked to your on-premises network via a site to site VPN. I went this route for my trial. I already had AD Connect running but not the VPN. A VPN requires a VPN Gateway which is a paid-for option. There is a Basic version which is considered legacy, so I used a VPNGw1 which costs around £100 or $140 per month.

Update: I have replaced the VPN Gateway with once using the Basic sku (around £20.00 or $26.00 per month) and it still works fine. Microsoft does not recommend this for production but for a very small deployment like mine, or for testing, it is much more cost effective.

This solution is working well for me but note that in a production environment you would want to add some further infrastructure. The WVD VMs are domain-joined to the on-premises AD which means constant network traffic across the VPN. AD integrates with DNS so you should also configure the virtual network to use on-premises DNS. The solution would be to add an Azure-hosted VM on the virtual network running a domain controller and DNS. Of course this is a further cost. Running just Azure ADDS and AD Connect is cheaper and simpler if it is supported.

Incidentally, I use pfsense for my on-premises firewall so this is the endpoint for my site-to-site VPN. Initially it did not work. I am not sure what fixed it but it may have been the TCP MSS Clamping referred to here. I set this to 1350 as suggested. I was happy to see the connection come up in pfsense.

image 

Setup options

There are a few different ways to set up WVD. You start by setting some permissions and creating a WVD Tenant as described here. This requires PowerShell but it was pretty easy.

image

The next step is to create a WVD host pool and this was less straightforward. The tutorial offers the option of using the Azure Portal and finding Windows Virtual Desktop – Provision a host pool in the Azure Marketplace. Or you can use an Azure Resource Manager template, or PowerShell.

I used the Azure Marketplace, thinking this would be easier. When I ran into issues, I tried using PowerShell, but had difficulty finding the special Windows 10 Enterprise Virtual Desktop edition via this route. So I went back to the portal and the Azure marketplace.

Provisioning the host pool

Once your tenant is created, and you have the system requirements in place, it is just a matter of running through a wizard to provision the host pool. You start by naming it and selecting a desktop type: Pooled for multi-session Windows 10, or Personal for a VM per user. I went for the Pooled option.

image

Next comes VM configuration. I stumbled a bit here. Even if you specify just 10 (or 1) users, the wizard recommends a fairly powerful VM, a D8s v3. I thought this would be OK for the trial, but it would not let me continue using the trial subscription as it is too expensive. So I ended up with a D4s v3. Actually, I also tried using a D4 v3 but that failed to deploy because it does not support premium storage. So the “s” is important.

image

The next dialog has some potential snags.

image

This is where you choose an OS image, note the default is Windows 10 Enterprise multi-session, for a pooled WVD. You also specify a user which becomes the default for all the VMs and is also used to join the VMs to the domain. These credentials are also used to create a local admin account on the VM, in case the domain join fails and you need to connect (I did need this).

Note also that the OU path is specified in the form OU=wvd,DC=yourdomain,DC=com (for example). Not just the name of an OU. Otherwise you will get errors on domain join.

Finally take care with the virtual network selection. It is quite simple: if you are doing what I did and domain-joining to an on-premises domain, the virtual network and subnet needs to have connectivity to your on-premises DCs and DNS.

The next dialog is pretty easy. Just make sure that you type in the tenant name that you created earlier.

image

Next you get a summary screen which validates your selections.

image

I suggest you do not take this validation too seriously. I found it happily validated a non-working configuration.

Hit OK and you can deploy your WVD host pool. This takes a few minutes, in my case around 10-15 minutes when it works. If it does not work, it can fail quickly or slowly depending on where in the process it fails.

My problem, after fixing issues like using the wrong type of OS image, was failure to join the VM to the domain. I could not see why this did not work. The displayed error may or may not be useful.

image

If the deployment got as far as creating the VM (or VMS), I found it helpful to connect to a VM to look at its event viewer. I could connect from my on-premises network thanks to the site to site VPN.

I discovered several issues before I got it working. One was simple: I mistyped the name of the vmjoiner user when I created it so naturally it could not authenticate. I was glad when it finally worked.

image

Connection

Once I got the host pool up and running my trial WVD deployment was fine. I can connect via a special Remote Desktop Client or a browser. The WVD session is fast and responsive and the VPN to my office rather handy.

image

Observations

I think WVD is a good strategic move from Microsoft and will probably be popular. I have to note though that setup is not as straightforward as I had hoped. It would benefit Microsoft to make the trial easier to get up and running and to improve the validation of the host pool deployment.

It also seems to me that for small businesses an option to deploy with only Azure ADDS and no dependency on an on-premises AD is essential.

As ever, careful network planning is a requirement and improved guidance for this would also be appreciated.

Update:         

There seems to a problem with Office licensing. I have an E3 license. It installs but comes up with a licensing error. I presume this is a bug in the preview.    

image

This was my mistake as it turned out. You have to take some extra steps to install Office Pro Plus on a terminal server, as explained here. In my case, I just added the registry key SharedComputerLicensing with a setting of 1 under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration. Now it runs fine. Thanks to https://twitter.com/getwired for the tip.

development, devops, software development, tech

Progressive Delivery: the next step in DevOps?

I attended the always-excellent QCon developer conference in London earlier this week. James Governor from Redmonk what there, presenting what he calls Progressive Delivery, the idea being that rather than rolling out continuous and (mostly) small changes to everyone, you segment your deployments. Progressive deployment, see.

image

It is not really a new idea and might even be considered a rediscovery of what we already knew: that it makes sense to deploy new stuff to a small sample first. However it is true that tools are constantly evolving, and Progressive Delivery is perhaps best seen as a necessary refinement to the Continuous Delivery concept. In particular, LaunchDarkly exhibited at QCon; the product is a feature management platform which lets you create groups of users and toggle features on or off for particular groups. Needless to say, the LaunchDarkly folk love the Progressive Delivery concept.

Why Progressive Delivery? My first reaction is that this is about caution: if stuff breaks, let us make sure it only breaks for a few users. Then I saw that it can be equally about bold experimentation, trying new ideas with small groups so you can observe what works and what does not.

Of course you can do this anyway and in the end there is no magic in LaunchDarkly; it is still down to the developer to write the code:

image

This stuff can also easily become non-trivial; one attendee asked about managing database structure and it is obvious that not all features are equally amenable to being switched on or off for groups of users.

Still, I reckon “how do you manage features?” is a good question to add to the list when considering DevOps tools.

You can read most of what Governor talked about in his post from last year here.

android, google, honor, huawei, tech

Location Services: GPS-only no longer protects your privacy on Android 9 “Pie”, Huawei / Honor 10

4 Comments

I have an Honor 10 AI phone (among others) and this recently upgraded itself to Android 9 “Pie”. It is always good to be on the latest Android; but I noticed a change in something I care about (though acknowledging that for most people it is not top of mind).

Specifically, I am averse to sharing my location more than is necessary, especially with large organizations that want to track me for advertising and marketing purposes (hello Google!). Therefore I normally set Android Location Services to GPS-only. This means you do not have to agree to send your location data to Google in the dialog that appears when you turn on what Google calls “High Accuracy” location services. Here is what the setting looks like in Android 7:

image

I have found that Google Maps works badly on GPS-only, but other mapping apps like HERE WeGo work fine.

However, following the upgrade to Android 9 on the Honor 10 AI, my use of HERE WeGo was blocked.

image

This is coercive, in that mapping is a core function of a smartphone. And it is unnecessary, since I know for sure that this app works fine without the Wi-Fi scanning and Google data collection referenced in the dialog.

I agreed the setting but noticed another curious thing. When you switch on location services, you also make a new agreement with Huawei:

image

This is confusing. Is location services provided by Google, or Huawei?

Note also that I have little confidence in the promise that no “personal information” will be collected. The intention may be there, but history suggests that it is often pretty easy to identify the person from so-called non-personal information. It is better not to send the data at all if you care about privacy.

Huawei’s only suggestion if you do not agree is not to use location services. Or throw your device in the bin.

Having agreed all this data collection, note that you can still turn off wi-fi scanning and Bluetooth scanning in the advanced settings of Google location services. Is this respected though by Huawei? It is hard to tell.

Finally, note that Google now strongly encourages developers to use the Google Play location API rather than the Android location API.

image

This all seems like bad news if, like me, you want to minimize the location data that you share.

microsoft, tech

How Windows 10 Ransomware Protection interferes with application installs

2 Comments

Three times recently I have had install failures on Windows 10, and three times have fixed them by disabling one of its security features.

image

“Ransomware protection” does not know anything about ransomware as such, but simply blocks access to files and folders where you are likely to store documents and data. Ransomware works by encrypting your documents and demanding money (usually in the form of bitcoin) to unlock them. Therefore blocking access prevents it from working, or at least that is the idea.

I am all in favour of blocking ransomware, but unfortunately this feature may also break application installs. Worse, they tend to break in ways that do not make the problem obvious to the user.

I installed Docker for Windows, for example (actually just accepted a prompt to upgrade) and it hung on the Installing… dialog.

Another application complained about insufficient disk space.

The problem seems to be related to application shortcuts, which are created in protected folders such as the desktop. Even though the install is running with admin rights, it cannot write these files. What happens next depends on how well the installer handles unexpected outcomes. This is not really a fatal error, but may become so.

What is the solution?

The obvious answer is to turn off controlled folder access before running installers for desktop applications. You can turn it back on afterwards.

Microsoft may say that if we all use Store apps or the Desktop Bridge packager the problem will not occur. The issue is related to the Windows legacy of free-for-all installations and the way Microsoft has been trying for many years (with partial success) to bring it under control. Mobile operating systems tend to be better behaved because they were designed to be locked down and to isolate applications from one another and from the operating system.

software development, tech

Adding a Visual Studio code workspace to a GitHub repository

3 Comments

Rather to my surprise, I am currently spending more of my development time in Visual Studio Code than in Visual Studio. There are a few reasons:

– I am working on a Java project and chose to use VS Code in part as a learning exercise

– I have a PHP website and have worked out a nice debugging environment using VS Code and WSL (Windows Subsystem for Linux)

– I am finding VS Code handy as a general-purpose editor

How about source control though? I guess as you would expect from Microsoft (which now owns GitHub) the git support is built in. So this is how I moved my PHP website, which was not under source control, to a private GitHub repository:

1. In VS Code, open the workspace and press Ctrl-Shift-G or click the Source control icon. Click the repository icon for Initialize Repository:

image

Then select your workspace from the dropdown and the local repository is created.

Initially all your files are in an unstaged state. Staging in git is where you define which changes will be committed in your next commit. We want to commit everything to form the initial repo, so drop down the git menu (three dots to the right of the source control pane) and choose Commit all, click Yes.

image

Type a commit message and go.

Now go to GitHub and create a new repository.

image

This is a private repository as nobody else needs to see the code for my website.

The repository is created, and right there on the default help page is the command for pushing your existing repo to GitHub.

Just open a terminal and paste the command:

git remote add origin https://github.com/[your repo name]

git push -u origin master

After the second command you will be prompted to login to GitHub. This creates an access token.

Done! If you go back to the repo on GitHub you will find it populated with your files.

A similar workflow applies if you use Azure DevOps. The choice is yours; the features of the two services are different but if all you want is source code management GitHub seems the obvious choice.

networking, tech

Linksys LPAC1750C, Cloud Manager, and the mystery of the wifi printer that would not print

I have been testing the Linksys LPAC1750C wifi access point, a mid-price unit aimed at small businesses (or owners of large homes) who want an extensible wifi network with more features than home networking gear, but at a more affordable price than Cisco or other enterprise vendors.

image

This unit supports clustering so is really intended for multiple access points managed as one system, but I have only a single access point. Still, it is enough to get a feel for how it works. In particular, I was interested in the Linksys Cloud Manager, which simplifies management and configuration. A five year license comes in the box, and setup is a snap. Just plug the access point into your switch, create an account on Linksys cloud manager, start a new network, enter the serial number and MAC address of your access point, and you are almost done. The only thing that remains is to create one or more SSIDs, which apply automatically to all the access points in your network. VLAN support means you can configure guest networks, and there are options for client isolation and splash screens so that you can display some information to guest users when they log on.

I was impressed with the ease of use, but noticed that the cloud manager has limited features compared to the local browser-based configuration screens. No RADIUS support, for example. You cannot use both, since the cloud manager takes over all the configuration. If you revert to local configuration, everything is reset.

All seemed well, except for a curious problem. I have a wifi connected printer and although it joined the network without any problem, I could not print to it. It was as if it was invisible on the network. Sounds like client isolation (where one wifi client is blocked from accessing other wifi clients), except that client isolation was off. The other odd thing was that rebooting the access point seemed to fix it, and I could print, but only for a short time before it reverted to invisibility.

I called support but no joy. You could try resetting the access point, said the tech person, once I had managed to explain the problem successfully. This wasn’t a problem I could live with, so I did the obvious thing, disabling the cloud manager and using the local configuration.

When I did, I soon spotted the issue. The cloud manager automatically applies the same SSID to both 2.4 and 5GHz radios, which is nice for simplicity but there is an unfortunate side-effect. Although they have the same name, these are really two separate SSIDs, and the LAPAC1750C applies SSID isolation by default.

image

The printer, being a few years old, does not support 5GHz wifi connections, so it connected to the 2.4Ghz radio. It was then isolated from a PC, also connected by wifi, trying to print to it directly. You could overcome this by routing printing through a server on the wired network but any direct client to client communication will not work.

The solution is to disable isolation between SSIDs but this option is not exposed in cloud manager. So in my case, cloud manager is not suitable. A shame, since within its limitations it seems nicely done.

Everything works now and printing is fine.