Moved blog to

The blog has moved to I was running WordPress on Apache on Debian Linux at Bytemark, but it was taking too much effort to keep everything up to date. It is cheaper and more secure to move it to

It is certainly an easy migration – very smooth and automatic.

Now I should have more time for sorting out boats!

Windows Update with PowerShell

We generally connect to backend servers via a jump-box or bastion host. On Windows this means RDP into the jump-box, then RDP from the jump-box to the backend server. However, recently a Windows update meant that the jump-box (which had the update) couldn’t RDP to the backend server (which hadn’t got the update). No RDP => no access to update the VM to restore RDP. Lots of fun!

In that case I managed to use Remmina from a Linux box to access the backend directly; however since we are going to hit this issue again we needed a better fix.

Cue PowerShell; this is deployed via Octopus so will work when RDP doesn’t. As an additional perk it means updating becomes much easier.
Continue reading

Authenticating Linux with Active Directory using SSSD

Sometimes it is handy if users are managed somewhere other than /etc/passwd – somewhere central. Sometimes this happens to be Active Directory.

This post describes an approach on Debian Jessie against AD on Windows 2016 based on this excellent RedHat Guide’s Configuration 3 – SSSD/Kerberos/LDAP. It works very well for me. If you use a Debian-based distribution (Ubuntu, Debian etc) then hopefully it will work for you too.

I originally published this data on the Debian Wiki; I intend to expand it somewhat here.

Continue reading