Multizone | All our technotes
If we've published it, you can find it here.
Backing up Windows 11
Why bother?
Over the years, countless people have asked me to revive a Windows laptop or desktop after losing vital data. Asking, “Where’s your backup?” feels cruel when you already know the answer — there isn’t one. macOS users tend to fare better thanks to Apple’s seamless Time Machine feature, but Windows users still get caught out. Surely Windows 11 has reasonable backup tools? I wasn’t certain, but since I’ve been using a Windows 11 laptop for a project, I decided it was time to find out.
TL:DR – Windows 11 includes capable backup options. You won’t think about backups until the exact moment you desperately wish you had one. Do yourself a favour: get an external drive larger than your PC’s internal storage. Connect it, then enable all three backup tools included in Windows 11. That way, you’re protected if your machine fails or your data vanishes.
You’ll need an external drive — I opted for a Samsung T7 Portable SSD, 1 TB. Optionally, add an external USB DVD writer if your system lacks an optical drive, so you can create a bootable System Repair Disc for recovery.
- Details
Redesigned but so many inconsistencies remain
Now that version 14 is out, the macOS system settings redesign that first appeared in macOS Ventura can be considered settled.
Many things have changed, and while many remain the same, some things are better and others are worse. Today I needed to make some System Settings changes and found it difficult. Perhaps it is me, having grown up with macOS System Settings and all its quirks over the last more than twenty years but there seem to be a couple of hurdles now that weren't there before. But I do note that other operating systems tinker with settings screens too and all seem to face the same problem of how to organise infrequently used choices that can have quite an impact for the behaviour of the OS in a way that doesn't get in the way of getting things done.
TL:DR — System Settings in macOS is a halfway house between what was there before and something inspired by iOS/iPadOS but it is not very intuitive. Setting up a power schedule requires an obscure command from the terminal now. Thats progress? Sharing and other important functionality is hard to find or gone. Power schedules in particular is now relegated to the terminal via the obscure pmset command.
- Details
The reason for doing this was that a client asked me to help with some enterprise software in Amazon Web Services (AWS). I haven't touched Windows Server in anger for over a decade and really never imagined I ever would again. This is despite long ago being one of the first Microsoft Certified Systems Engineers in the UK. My certification has long expired and I have absolutely no intention of taking it again but this is an interesting project in an industry vertical I know well, with people I really like. So I thought I'd build out my own private Windows Server infrastructure on AWS first, in order to see what I was letting myself in for.
What I was able to do
- Set up a FREE tier eligible AWS account with a new domain name and email address.
- Install Windows Server 2019 in an Amazon EC2 instance, securely.
- Install Internet Information Server, Microsoft's venerable web server.
- Add a Let's Encrypt SSL certificate, trusted and supported by all major browsers.
- Set the Let's Encrypt SSL certificate to auto renew through a scheduled task.
- Replace Internet Explorer (IE) with Chrome as the default browser on the Server because IE is so utterly unusable now that it is laughable that it is provided with Windows Server at all.
TL:DR — It is relatively simple to set up a FREE Windows Server based web server with a Lets Encrypt SSL certificate in AWS EC2. There are a few hurdles to jump over but once you get past them it works fine.
- Details
Read more: FREE Windows web server with a Lets Encrypt SSL certificate in AWS
How to ensure that AWS data that must be hosted and accessed in one specific AWS region is protected effectively?
A project I am working on has data that must be hosted in one specific AWS region for regulatory reasons. AWS is a worldwide service and certain elements of it such as the root user, and users set up using Identity and Access Management (IAM) are globally provided and cannot be region restricted. However it is possible to deny access to specific AWS features based on the requested AWS Region using an AWS Organizations service control policy (SCP). IAM provides control over users and roles in individual accounts, and is itself managed by the AWS root user account which should be used sparingly and carefully. AWS Organizations expands that control to the member accounts level by giving you control over what these accounts can do.
Organising your member accounts in AWS into AWS Organisations is good practice and is especially useful for delegating control for budgetary, security, or compliance needs, for example in different departments or separately budgeted development teams, while retaining overall governance through management accounts with responsibility for consolidated billing, security and governance. AWS Organizations is a no-charge feature of AWS, the only cost really is the investment in time in designing and setting it up to match the structure of your organisation.
What I was able to do
- Create an organization and organizational units (OUs) in it
- Create a member account inside an OU
- Enable all policy categories in AWS organizations
- Create service control policies (SCPs) that apply to member accounts in the OU
- Confirm in the AWS Consol that those policies were working correctly
TL:DR — AWS Organisations is a powerful way to provide more granular access to AWS features. It requires the creation of member accounts, which are different to IAM accounts and the root account. Once you set it up it is easy to adjust to meet any future AWS budgetary, security, or compliance needs. And its FREE to use.
- Details
Before you start!
This is how I fix my Virgin Media not very smart modem.
TL:DR — This is really for me. YMMV
- Details
MS Teams is one of those tools that sometimes, no matter what your preference, you have to use. While there are other great alternatives like Google Meet and other not so great alternatives like Zoom, its just one of those things you can't control as often clients or suppliers or customers will have a preference. The build of MS Teams published on Wednesday, August 31, 2022 was at last a universal binary and on initial inspection and use in a meeting worked just fine on my M1 based Mac Studio.
TL:DR — This isnt a finished product. I didn't see anything missing apart from the 'About MS Teams' dialog, but it came direct from GitHub and was built on Wednesday, August 31, 2022 so don't install it if you care about such things. Teams from the standard release pages fully supports Mac computers with Apple silicon now. This note was written when it didn't.
- Details
Looking for some essential best practices
Needing to brush up on Amazon Web Services (AWS) knowledge of best practice for standing up a service using AWS. I thought I'd just curate the best of what I found in case it was useful to someone else.
Before you start!
You'll need an AWS account - why not sign up - theres a free tier and much is free in the first year.
TL:DR — Looking for a quick refresh on AWS - here you are - you're welcome!
- Details
- The dead Macs walking — Mac computers you shouldn't buy
- Android 13 pushed to AOSP
- Using Raspberry Pi Imager on macOS
- VMware macOS guest support discontinues
- Mozilla Firefox on ChromeOS via Flatpak
- Microsoft Windows NT, Hardware Compatibility List
- Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International
- Managing U.S. tax info with Google
- App Store Connect Errors
- WWDC 22 Day 1 - iOS 16
- Corporate strategies
- Lotus 1-2-3 for Ubuntu 22.04 linux