Installing Ubiquiti UniFi Controller on Linux Debian 10

Prerequisites

If you’re installing on Linux, be sure you have the following ahead of time:

  • A current Debian or Ubuntu OS with root access – The steps will use Debian 10
  • An account for unifi.ui.com

And that’s it. Everything else will be handled during the install process.

Installing the Controller

To get the controller installed on Linux you have many options. Ubiquiti has some instructions on how to install the controller on their website but it only covers the install for a couple of specific versions of Linux. To use Debian, use the script that has been posted on the Unifi forums by member AmazedMender16.

To start the install, first ssh into the Debian server or access the server from the console. Log in either as root or as another user that has root access and then run su.

Update the apt repos.

apt-get update

Next, install the ca-certificates and wget packages.

apt-get update && apt-get install ca-certificates wget -y

Download and run the Unifi Controller installer script. This script will handle the install of the dependencies and controller software for many different distros of Linux including the Debian 10 server we are using.

wget https://get.glennr.nl/unifi/install/install_latest/unifi-latest.sh1 bash unifi-latest.sh

You will be prompted for a few things while the script runs. First, it will ask if you want to keep the script downloaded after the install. In most cases this is not required, so you should enter n and then press enter.

Ensuring the Unifi controller software is kept up to date

You may receive a prompt to update packages during the install. Enter y and then press enter.

Confirming it’s OK to update packages

Finally, you will be prompted to add the apt repo for Unifi to update the controller from apt. Enter y and press enter as this will make upgrades serviceable through apt.

Adding the Unifi Network Controller repo to apt

Once the install completes, the script will output the version of the controller installed and the URL to use to start configuring the controller.

Configuring the Controller

Once you have the controller software installed on whatever server you are using the setting will be the same.

Go to the web address https://<ServerIP>:8443/ and you will be presented with the controller’s web portal.

Using PowerShell to Add a Network Printer for All Users of a Computer

Purpose

This brief article details the commands necessary to use PowerShell to add/install/map a network printer for all users of a computer.

Prerequisites

The below actions require the executing user to have administrative rights to the workstation in question.

Solution

Establish a Remote PowerShell session

In an elevated PowerShell session (running as administrator), run the following command;

Enter-PsSession -ComputerName HOSTNAME.FQDN

where HOSTNAME.FQDN is the fully-qualified domain name of the workstation in question.

Example: desktop01.yourdomain.com

You can actually execute this process using the short name of the computer instead of the FQDN.

Remove the network printer for all users

Once you’ve entered the remote PowerShell session successfully, run the following commands in sequence;

RUNDLL32 PRINTUI.DLL,PrintUIEntry /ga /n\\PRINTSERVER\Shared-printer

where PRINTSERVER is the NETBIOS name of your print server from which the printer is shared and Shared-printer is the shared name of the printer you’d like to add/install/map.

When this is complete, the network printer should be uninstalled/removed for all users on that workstation. This can be verified by having users logon and check their Devices and Printers window.

Using PowerShell to Remove a Network Printer for All Users of a Computer

Purpose

This brief article details the commands necessary to use PowerShell to remove a network printer for all users of a computer.

Prerequisites

The below actions require the executing user to be an administrator of the remote workstation, or a Domain Administrator.

Solution

Establish a Remote PowerShell session

In an elevated PowerShell session (running as administrator), run the following command;

Enter-PsSession -ComputerName HOSTNAME.FQDN

where HOSTNAME.FQDN is the fully-qualified domain name of the workstation in question.

Example: desktop01.yourdomain.com

You can actually perform these commands without using the FQDN, and using the short name instead.

Remove the network printer for all users

Once you’ve entered the remote PowerShell session successfully, run the following commands in sequence;

Get-WmiObject -Class Win32_Printer | where{$_.Name -eq ‘\\PRINTSERVER\Shared-printer‘}

where PRINTSERVER is the NETBIOS name of your print server from which the printer is shared and Shared-printer is the shared name of the printer you’d like to remove. This command will return the printer that you’d like to remove, if it is installed for the user running the command. Even if the user running the command does not have this printer installed, this process will still work as intended.

Get-WmiObject -Class Win32_Printer | where{$_.Name -eq ‘\\PRINTSERVER\Shared-printer‘}| foreach{$_.delete()}

again, where PRINTSERVER is the NETBIOS name of your print server from which the printer is shared and Shared-printer is the shared name of the printer you’d like to remove.

When this is complete, the network printer should be uninstalled/removed for all users on that workstation. This can be verified by having users logon and check their Devices and Printers window.

Fix Windows Mobile Device Center Hanging at Launch and Mobile Devices Will Not Connect

While Windows Mobile Device Center is largely considered a thing of the past in many environments, there are plenty of industries and situations where it is still used to connect and sync mobile devices such as Intermec scanners to other systems. With Windows 10 Update 1703, there was a change regarding svchost.exe that can cause this issue. In this blog post, I’ll explore the two changes I’ve discovered that have worked for me to resolve this issue.

Introduction

While Windows Mobile Device Center is largely considered a thing of the past in many environments, there are plenty of industries and situations where it is still used to connect and sync mobile devices such as Intermec scanners to other systems. With Windows 10 Update 1703, there was a change regarding svchost.exe that can cause this issue. In this blog post, I’ll explore the two changes I’ve discovered that have worked for me to resolve this issue.

Prerequisites

To resolve this issue, access to a local account on the affected device which is a member of the Local Administrators NT group is required.

Problem

When the Windows Mobile Device Center is launched, the splash screen appears and hangs at “Please wait while Windows Mobile Device Center starts…”

Additionally, if the application does launch successfully, mobile devices may show connected on the mobile devices’ screens, but the Windows Mobile Device Center will show them as “Not Connected.”

Environment

Workstations with Windows 10 Professional or Enterprise Version 1703 or newer and Windows Mobile Device Center installed. This issue is operating system architecture agnostic. Affected workstations have Intermec handheld computers seated in their dock, which is attached to the affected workstation via USB cable.

Cause

Update 1703 for Windows 10, like other Windows updates, may revert older version of .NET Frameworks to be disabled; additionally, Update 1703 also has a new feature related to svchost.exe: the services will not share by default the same svchost.exe, even they are assigned to be run within of the same group with -k option. More detailed has been described in the winhelponline.com article under the Additional Reading section of this article.

Rapimgr and Wcescomm (Windows Mobile-based device connectivity and Windows Mobile-2003-based device connectivity) are such services: they are defined to be started in the same shared svchost.exe (-k WindowsMobile). RapiMgr creates a kernel semaphore AS_ACCEPTANCE_SEMA, because it starts first.  WcesComm tries to do this too, but fails: the semaphore has been already created and should be only opened. This will fail: not enough permissions (remember: two different svchost.exe, different SID, etc). So, wcescomm is just stopped.

Solution(s)

Enabling .NET Framework 3.5 Completely

Strike Win+R on the keyboard, and in the resulting Run Prompt, type appwiz.cpl then strike the Enter/Return key on the keyboard.

In the resulting Programs and Features window, select the Turn Windows features on or off option from the navigation pane at the left side of the window.

In the resulting Windows Features window, expand the option for .NET Framework 3.5 (includes .NET 2.0 and 3.0), then ensure it’s check box is fully enabled with a check mark–not a filled square–and that you do the same for the two child items, Windows Communication Foundation HTTP Activation and Windows Communications Foundation Non-HTTP Activation, then click OK. Windows will take a few moments to enable the selected features.

At this point, it is recommended that you restart/reboot the workstation.

Adding “SvcHostSplit Disable” in the System Registry

Warning: Editing the system’s registry can be dangerous unless you know exactly what you are doing. It is advisable that if a solution exists without editing the registry, that it be the selected resolution. If editing the registry is required, always export a backup of the working registry to both the local hard drive as well as removable storage prior to proceeding. Alternatively, a System Restore Point may be set.

Strike Win+R on the keyboard, and in the resulting Run Prompt, type regedit then strike the Enter/Return key on the keyboard.

In the resulting Registry Editor window, select File from the menu bar at the top of the window, then Export to save a backup of the affected workstation’s registry. When completed, close the Registry Editor.

Open an elevated Command Prompt shell (running as administrator. This can be done by clicking the Start Menu icon on the Taskbar in the bottom-left corner of the desktop environment and typing cmd then right-clicking the Command Prompt result and selecting Run as Administrator. Note that this must be done from a local account that is a member of the Local Administrators NT group on the affected workstation. Alternatively, you may browse to C:\WINDOWS\System32 and right-click cmd.exe and select Run as Administrator.

In the resulting Administrator: Command Prompt window, paste the below commands in and strike the Enter/Return key in sequence.

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RapiMgr /v SvcHostSplitDisable /t REG_DWORD /d 1 /f1 REG ADD HKLM\SYSTEM\CurrentControlSet\Services\WcesComm /v SvcHostSplitDisable /t REG_DWORD /d 1 /f

When completed, you may close the Administrator: Command Prompt window.

Verifying Service Properties

Strike Win+R on the keyboard, and in the resulting Run Prompt, type services.msc then strike the Enter/Return key on the keyboard.

In the resulting Services window, locate the Windows Mobile-based device connectivity and Windows Mobile-2003-based device connectivity services. For each, do the following:

Right-click the desired service and from the context menu, select Properties.

In the Log On tab, ensure the second radio button is selected and that the This account: field displays Local Service. If the Local System account radio button is selected, you’ll need to change the selection to the second option and enter Local System in the This account: field. The password is blank. When complete, click Apply.

In the Recovery tab, ensure the drop-down menus for First failure:, Second failure:, and Subsequent failures: all have Restart the Service selected. When complete, click Apply.

When complete, click OK to close the Properties window for the service.

At this point, a reboot/restart of the affected workstation is required.

Upon startup, the Windows Mobile Device Center should launch normally when the Start Menu entry or desktop shortcut is clicked. Once the WMDC window is open and, subsequently, the Intermec mobile computer is docked, you should see the device begin to connect; this is indicated by a spinning green icon in the bottom-left quadrant of the Windows Mobile Device Center window. The device should then connect and use of Advantage Scan on the Intermec and Drop Utility on the affected workstation may be resumed.


Additional reading

https://social.technet.microsoft.com/Forums/office/en-US/9cab3e8e-6cc4-48e4-8ed9-d595bc83f04b/windows-mobile-device-centre

https://www.winhelponline.com/blog/view-resources-usage-each-service-svchost-windows-10/