The shocking Truth about the current state of your Data: How to built a fully encrypted file server with ZFS and Linux to avoid data loss and corruption

Do you know if all the Data on your File Server is OK?

Unless you are already using ZFS, Btrfs or ReFS you don’t. If your file server is a couple of years old, there is a very good chance that your Data is NOT OK.

Your server hardware might tell you everything is OK but that does not really tell you much because none of your monitoring systems check the actual data.

ZFS on the other had knows if your data is ok and can even repair it. I upgraded my file server recently. All the old disks that were still in the pool at the time were OK according to their SMART values. yet look what the monthly check told me:Scrub results of my Old Server almost 2 MB of Data had to be repaired. Just think about that: In just one month almost 2MB of data got corrupted. And right now you don’t know if your server has similar issues. If you did not know it yet this particular issue has a name: Bit Rot and it gets worse the older your current hardware is and more likely the larger your disks are.
You might not realise it but 2MB is a lot of data. It can be an important document or picture. Or it can be that it is just 2MB of a huge CAD file that is totally unreadable without those 2MB.
Granted my old server is quite a bit of an extreme example because I postponed the upgrade quite a bit longer than I originally wanted to. And the disks in it were not meant for this workload.

But I have seen quite a few that storage servers or NAS boxes remained almost untouched until a disk failed or they were full. So old hardware is not all that uncommon, especially at home and in the SMB market.

Now you might think setting up a new file server is easy right? You could just take Server 2012 with ReFS and Storage pools and be done with it.

Technically that is correct, but even in Windows there is really quite a bit more to consider. That being said I want to make the case for Open Source because for this purpose it is simply better than Windows.
In particular I want to show you how to build your file server with ZFS and Linux, two proven Open Source technologies. When you are done the Server will integrate nicely into your windows environment. Your users will not know the difference and you don’t have to get headaches from trying to license Windows correctly.

Continue reading The shocking Truth about the current state of your Data: How to built a fully encrypted file server with ZFS and Linux to avoid data loss and corruption

How to eliminate spam and protect your name with DMARC

 If you are reading this you are probably making my life harder

E-Mail sucks! Your users just keep clicking the links in those damn phishing mails. And you can’t do anything about it. Hell somebody might be sending spam in your name and you have no idea about it. Let me blow your mind: You can solve these problems, for free. And I will introduce you the tools you need.

The cure to your E-Mail headaches hides behind three small acronyms:

  • SPF: Sender Policy framework, tells others which mail servers are authorized to send E-Mail for your domain.
  • DKIM: Domain Keys Identified Mail, uses encryption and DNS to verify an E-Mail sender and that it was not altered in transit
  • DMARC: Domain based Message Authentication, Reporting and Conformance. Builds on SPF and DKIM and implements a policy and reporting system around them

Continue reading How to eliminate spam and protect your name with DMARC

Setting up an Active Directory authenticated Mumble Server

Basic Setup

Setting up a Mumble server is fairly simple, but I had a few problems to get it to play nice with my Active Directory. And since there wasn’t exactly a great deal of documentation on the subject, I figured that I should write a short How To. Continue reading Setting up an Active Directory authenticated Mumble Server

Rescuing Data from a Buffalo Link Station with failed a RAID

Recently I was confronted with a Buffalo LinkStation which had a failed RAID0. The data on it was important, and the customer did not have any current backups. The were a lot of huge red flag warning signs that seemed to suggest a disk possibly going bad, but the the guy at the customers location that doubled as IT happily ignored those. Buffalos willingness to support this problem extended to replacing bad hard disks, since all data on a failed RAID0 is considered irrecoverably lost by them. That was not entirely unexpected to hear of a tier one support worker though.
I did a little digging and found out, that those LinkStations use some fairly common tools under the hood. So I agreed to have a look, but made it clear that I might not be able to get anything back. The customer wanted me to try anyway and I got a good amount of the data back. The Article describes how. Continue reading Rescuing Data from a Buffalo Link Station with failed a RAID

How to reset a lost password for your only Windows Domain Admin

The Problem

A while ago somebody came to me with a problem. A bunch of Services on their Server stopped working. The admin password in the documentation didn’t work. The Server in question was a SBS with a bunch of additional software that was critical to the business. My questions for Backups were answered with silence.

Continue reading How to reset a lost password for your only Windows Domain Admin

King.com claims the rights to the word “Saga” in Video Game Titles

I apologize in advance about this rant, but I need to get this off my chest.

I seriously hope this is a bad joke. But from this fairly convincing forum post it seems like King.com not only claims this word to be its trademark.

It looks like they want to sue Stoic Studios for infringing on this trademark with their really great game The Banner Saga. Continue reading King.com claims the rights to the word “Saga” in Video Game Titles

OpenVPN and subsonic Server changes

I retired the old OpenVPN Server.

If you have still been connecting with the old VPN Server, shoot me an E-Mail and ill set you up with access to the new server.

I will also disable all old (non ldap) accounts in subsonic in the new year. If you still have an old account and want to keep using it, E-Mail me.

You will be able to use the new account for:
– E-Mail ( you will get a username [at] skelleton [dot] net address)
– Owncloud (online File/calendar/contac sync) you could use that like Dropbox
– Subsonic
– This blog (for commenting and accessing internal areas)
– VPN authentication

E-Mail and Blog access will be given to every account, the rest off the stuff you can choose as you need. You won’t have to use the E-Mail actively, but it will be used for internal stuff.

Installing Oracle Linux and Apex

Recently I had to set up an Oracle Apex Server. Unfortunately the Apex Installer is delivered only as Windows 32 Bit installer and as a Linux 64 Bit RPM package.
Since I did not have any 32 Bit windows running, and neither any Linux system, that normally uses RPM packages, I decided to give Oracle Linux a try as base for an Oracle APEX Server.

What is Apex?

APEX is a rapid application development tool from Oracle. It lets you design, implement and deploy database applications with a very easy to use web gui. For common task like showing reports or creating forms for data entry you can use one of the many prepared templates. With APEX you could create an entire application around your database with little to no knowledge of any programming or scripting language.
If you need more specialised pages, then the default templates offer to you , you can build a page from scratch with any combination of predefined elements, custom PL/SQL code and custom javascript / HTML code.

Continue reading Installing Oracle Linux and Apex

Debian Wheezy E-Mail Relay for multiple Domains and IMAP Server with Postfix Dovecot and Fetchmail

One of our customers needed a way to use multiple mail domains. He already had a SBS2011, The Exchange Server on it was configured for the primary E-Mail Domain of the Company. The E-Mails from this Domain were fetched with the POP3 connector and all outgoing Mail was sent to the smart host of the E-Mail Provider.
The additional E-Mail Domains required a similar setup.
Unfortunately Exchange does not allow you to change the smart host for outgoing E-Mail based on the sender. There are third party Exchange addons, that do provide this ability, but I preferred to solve the problem with a Linux Mail Server. The configuration I will describe to you is fairly basic and the scenario it is used in is somewhat special. But the Article will still give you a fairly good impression on how to get a basic Mail Server running and how all the different pieces work together.

Continue reading Debian Wheezy E-Mail Relay for multiple Domains and IMAP Server with Postfix Dovecot and Fetchmail