Windows 10 (1803) UEFI Autounattend.xml network installation.

In Windows 10 version 1803 a new installation prompt has been added. As such in pass 7 oobeSystem, you need to add input locale Component which is located in amd64_Microsoft-Windows-International-Core_neutral.

One other thing that I have changed in the newer version of the Autounattend.xml is that the installer now formats the drive to boot as UEFI and the install.wim (Windows image) is located on my network. Custom wim files over 4GB will not fit on a FAT32 formatted flash drive. As such because you are now grabbing the installation image of the network you may need to inject network drivers into the boot.wim image in the sources folder on the flash drive/installation media. This will allow the installation media to connect to the network and grab the windows installation image from a shared folder. Note that there are two images in the boot.wim file, index 1 and index 2, you want to inject the network drivers into the index 2 in the image file which is the Microsoft Windows Setup image.

C:\>dism /Get-ImageInfo /ImageFile:c:\temp\bootwim\boot.wim

Deployment Image Servicing and Management tool
Version: 10.0.17134.1

Details for image : c:\temp\bootwim\boot.wim

Index : 1
Name : Microsoft Windows PE (x64)
Description : Microsoft Windows PE (x64)
Size : 1,394,055,012 bytes

Index : 2
Name : Microsoft Windows Setup (x64)
Description : Microsoft Windows Setup (x64)
Size : 1,553,327,748 bytes

The operation completed successfully.

DISM GUI no longer seems to support the latest version of Windows 10 either, so all DISM commands need to be performed from the Deployment and Imaging Tools Environment.

Mount the boot.wim and perform the following commands to add the network driver(s) to your image. Note in the above example that the image is 64 bit so only 64 drivers are required for your hardware.

C:\>dism /Mount-Image /ImageFile:c:\temp\bootwim\boot.wim /Index:2 
/MountDir:c:\temp\mount

Deployment Image Servicing and Management tool
Version: 10.0.17134.1

Mounting image
[==========================100.0%==========================]
The operation completed successfully.

C:\>dism /Image:c:\temp\mount /Add-Driver:c:\temp\drivers\64 /Recurse

Deployment Image Servicing and Management tool
Version: 10.0.17134.1

Image Version: 10.0.14393.350

Searching for driver packages to install...
Found 1 driver package(s) to install.
Installing 1 of 1 - oem1.inf: The driver package was successfully 
installed.
The operation completed successfully.

C:\>dism /Unmount-Image /MountDir:c:\temp\mount /Commit

Deployment Image Servicing and Management tool
Version: 10.0.17134.1

Saving image
[==========================100.0%==========================]
Unmounting image
[==========================100.0%==========================]
The operation completed successfully.

As you can see they are 3 simple commands and with the Recurse switch you can add multiple network drivers to the image if you have varying pieces of hardware deployed on your network.

Below is an example of an UEFI Autounattend.xml used to install windows from the network.

  • In pass 1, windowsPE, the Autounattend.xml, formats 2 drives in the machine, a primary one and a secondary one.
  • Also in pass 1 the image is then installed from a network location using domain credentials. You need to make sure the account has read permissions to the network location. The image is installed to disk “0” partition “4”.
  • In the specialize pass, pass 4, the machine is added to the domain using the “joinadmin” account using the Microsoft-Windows-UnattendedJoin component.
  • Finally in version 1803 of windows maybe even 1709 a new installation component was added that asks for Network and Locale information, you can fill this in using the Microsoft-Windows-International-Core component in pass 7

My suggestion would be to copy and paste the below text into a blank text file and save it as an .xml extension. Then take that and open it in Windows System Image manager.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="windowsPE">
        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <UserLocale>en-CA</UserLocale>
            <UILanguageFallback>en-CA</UILanguageFallback>
            <SystemLocale>en-US</SystemLocale>
            <InputLocale>en-US</InputLocale>
            <UILanguage>en-US</UILanguage>
        </component>
        <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DiskConfiguration>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Order>1</Order>
                            <Type>Primary</Type>
                            <Size>250</Size>
                        </CreatePartition>
                        <CreatePartition wcm:action="add">
                            <Order>2</Order>
                            <Type>EFI</Type>
                            <Size>100</Size>
                        </CreatePartition>
                        <CreatePartition wcm:action="add">
                            <Order>3</Order>
                            <Size>128</Size>
                            <Type>MSR</Type>
                        </CreatePartition>
                        <CreatePartition wcm:action="add">
                            <Order>4</Order>
                            <Extend>true</Extend>
                            <Type>Primary</Type>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Order>1</Order>
                            <PartitionID>1</PartitionID>
                            <Format>NTFS</Format>
                            <Label>Recovery</Label>
                            <TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID>
                        </ModifyPartition>
                        <ModifyPartition wcm:action="add">
                            <Order>2</Order>
                            <PartitionID>2</PartitionID>
                            <Label>System</Label>
                            <Format>FAT32</Format>
                        </ModifyPartition>
                        <ModifyPartition wcm:action="add">
                            <Order>3</Order>
                            <PartitionID>4</PartitionID>
                            <Label>SOCO</Label>
                            <Format>NTFS</Format>
                            <Letter>C</Letter>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>0</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
                <WillShowUI>OnError</WillShowUI>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Extend>true</Extend>
                            <Order>1</Order>
                            <Type>Primary</Type>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Label>Storage</Label>
                            <Format>NTFS</Format>
                            <Order>1</Order>
                            <Letter>D</Letter>
                            <PartitionID>1</PartitionID>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>1</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
            </DiskConfiguration>
            <UserData>
                <ProductKey>
                    <WillShowUI>Never</WillShowUI>
                </ProductKey>
                <AcceptEula>true</AcceptEula>
                <Organization>Some Company</Organization>
                <FullName>Some Company Inc.</FullName>
            </UserData>
            <EnableFirewall>false</EnableFirewall>
            <EnableNetwork>true</EnableNetwork>
            <ImageInstall>
                <OSImage>
                    <InstallTo>
                        <DiskID>0</DiskID>
                        <PartitionID>4</PartitionID>
                    </InstallTo>
                    <InstallFrom>
                        <Path>\\server\IT\WIM\Win10-image.wim</Path>
                        <Credentials>
                            <Domain>domain.local</Domain>
                            <Password>MyP@ssw0rd!</Password>
                            <Username>netadmin</Username>
                        </Credentials>
                        <MetaData wcm:action="add">
                            <Key>/IMAGE/NAME</Key>
                            <Value>Windows 10 Pro</Value>
                        </MetaData>
                    </InstallFrom>
                    <WillShowUI>OnError</WillShowUI>
                </OSImage>
            </ImageInstall>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <BluetoothTaskbarIconEnabled>true</BluetoothTaskbarIconEnabled>
            <ComputerName>DTPC-0032</ComputerName>
            <TimeZone>Mountain Standard Time</TimeZone>
            <ShowPowerButtonOnStartScreen>true</ShowPowerButtonOnStartScreen>
            <RegisteredOrganization>Some Company</RegisteredOrganization>
            <ProductKey>VK7JG-NPHTM-C97JM-9MPGT-3V66T</ProductKey>
            <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
            <RegisteredOwner></RegisteredOwner>
            <OEMName></OEMName>
        </component>
        <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Identification>
                <Credentials>
                    <Domain>domain.local</Domain>
                    <Username>joinadmin</Username>
                    <Password>MyP@ssw0rd!</Password>
                </Credentials>
                <JoinDomain>domain.local</JoinDomain>
                <MachineObjectOU>OU=DesktopOU,OU=ComputersOU,DC=domain,DC=local</MachineObjectOU>
            </Identification>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <VMModeOptimizations>
                    <SkipWinREInitialization>true</SkipWinREInitialization>
                    <SkipNotifyUILanguageChange>true</SkipNotifyUILanguageChange>
                    <SkipAdministratorProfileRemoval>true</SkipAdministratorProfileRemoval>
                </VMModeOptimizations>
                <HideEULAPage>true</HideEULAPage>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <ProtectYourPC>2</ProtectYourPC>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
            </OOBE>
            <UserAccounts>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>BAAcwADAAcgBCEAUAAcwG8Ak=</Value>
                            <PlainText>false</PlainText>
                        </Password>
                        <Description>Local User Account</Description>
                        <DisplayName>LocalUser</DisplayName>
                        <Group>Administrators</Group>
                        <Name>User</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <TimeZone>Mountain Standard Time</TimeZone>
            <RegisteredOrganization>Some Company</RegisteredOrganization>
            <RegisteredOwner>IT Department</RegisteredOwner>
        </component>
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-CA</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-CA</UILanguageFallback>
            <UserLocale>en-CA</UserLocale>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:d:/iso/install_w10_1803.wim#Windows 10 Pro" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
Advertisements

CredSSP, Windows RDP connection error.

Recently Microsoft changed the security in regards to Remote Desktop connections. This was to address a vulnerability that existed with RDP that allowed an attacker to take complete remote control of a Windows PC.

With this came some security changes and you will need to add a registry entry to your machines if you get Security Connection errors in Windows OS and Server OS when you try and use RDP to connect to an older remote machines. When I say older I mean Windows 7 and Server 2008, Windows 8.x might be affected as well.

For more information on CredSSP see this Microsoft article: https://support.microsoft.com/en-ca/help/4056564/security-update-for-vulnerabilities-in-windows-server-2008

In Windows 7 the error looks like the following…

win7

In Windows 10 the error is a little more detailed and looks like this…

To get past this issue all you need to do is add the following registry entry to your machine.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]
“AllowEncryptionOracle”=dword:00000002

Alternatively here is a reg file in a zip file that you can just run. Make sure you reboot after adding the registry entry.

https://drive.google.com/file/d/13vDjZQqwEGZYNL5wnbig5iOzOs26EKn-/view?usp=sharing

I created a group policy on my Domain to push this registry entry to all computers.

Disabling Automatic Updates on Server 2016

The server 2016 GUI does not provide a means to disable Windows Updates and by default the updates are set automatically download. There is a spot for updates in the GUI but it is a placebo. If you wish you can disable Windows Updates and run them manually at your hearts content, you need to do this via the sconfig text based applet.

Do the following. Start Powershell as admin and run the sconfig command. This is the server configuration text based applet.

Once you have run this applet option 5 is for Windows updates. For productions server the Manual option is probably the best choice.

A pop up will notify you of the changes once selected and from here on in all your updates will have to be downloaded and installed manually.

Virtual Machine Queues and Broadcom NIC Issues

Broadcom network adapters have a very big issue in Windows with Hyper-V. The issue is so big that at one point a year or so ago when I deployed a new Hyper V server with Broadcomm NICs my domain users were unable to use VPN properly due to a crippling network latency. I’m sure Broadcom is aware of this problem and the issue is documented all around the internet. The problem are Virtual Machine Queues, and on Broadcom network adapters they delay traffic to the VM and create latency issues.

There is a quick fix for that though. All you need to so is disable Virtual Machine Queues on your network adapter. It takes 5 min to fix.

To fix it, start up Powershell as an Administrator, then check to see if VMQ is enabled on your adapters, specifically anything by Broadcom.

Run the following command;

Run the Get-netAdapterVMQ

If you see True in the Enabled column, disable VMQ with the following command;

Disable-NetAdapterVmq -Name 'Adapter Name'

See the below example for reference. I even included an error where my name of the adapter wasn’t being caught because there was a space in the name. Use single quotes on the name to avoid this.

Windows PowerShell
Copyright (C) 2014 Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> Get-netAdapterVMQ

Name                           InterfaceDescription              Enabled BaseVmqProcessor MaxProcessors NumberOfReceive
                                                                                                        Queues
----                           --------------------              ------- ---------------- ------------- ---------------
Front End                      Microsoft Network Adapter Mu...#2 True    0:0                            16
Embedded LOM 1 Port 4          Broadcom NetXtreme Gigabit Eth... True    0:0              16            16
Embedded LOM 1 Port 3          Broadcom NetXtreme Gigabit E...#2 True    0:0              16            16
Embedded LOM 1 Port 2          Broadcom NetXtreme Gigabit E...#4 True    0:0              16            16
Embedded LOM 1 Port 1          Broadcom NetXtreme Gigabit E...#3 True    0:0              16            16
Back End(PA)                   Microsoft Network Adapter Mu...#3 False   0:0                            0
Back End(NeoTech)              Microsoft Network Adapter Mult... False   0:0                            0


PS C:\Windows\system32> Disable-NetAdapterVmq -Name Front End
Disable-NetAdapterVmq : A positional parameter cannot be found that accepts argument 'End'.
At line:1 char:1
+ Disable-NetAdapterVmq -Name Front End
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Disable-NetAdapterVmq], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Disable-NetAdapterVmq

PS C:\Windows\system32> Disable-NetAdapterVmq -Name 'Front End'
PS C:\Windows\system32> Disable-NetAdapterVmq -Name 'Embedded LOM 1 Port 1'
PS C:\Windows\system32> Disable-NetAdapterVmq -Name 'Embedded LOM 1 Port 2'
PS C:\Windows\system32> Disable-NetAdapterVmq -Name 'Embedded LOM 1 Port 3'
PS C:\Windows\system32> Disable-NetAdapterVmq -Name 'Embedded LOM 1 Port 4'
PS C:\Windows\system32> Get-netAdapterVMQ

Name                           InterfaceDescription              Enabled BaseVmqProcessor MaxProcessors NumberOfReceive
                                                                                                        Queues
----                           --------------------              ------- ---------------- ------------- ---------------
Front End                      Microsoft Network Adapter Mu...#2 False   0:0                            16
Embedded LOM 1 Port 4          Broadcom NetXtreme Gigabit Eth... False   0:0              16            16
Embedded LOM 1 Port 3          Broadcom NetXtreme Gigabit E...#2 False   0:0              16            16
Embedded LOM 1 Port 2          Broadcom NetXtreme Gigabit E...#4 False   0:0              16            16
Embedded LOM 1 Port 1          Broadcom NetXtreme Gigabit E...#3 False   0:0              16            16
Back End(PA)                   Microsoft Network Adapter Mu...#3 False   0:0                            0
Back End(NeoTech)              Microsoft Network Adapter Mult... False   0:0                            0

WMI Filtering in Group Policy

Item level targeting is great and all, it works well for granular targeting. But with Item Level Targeting you are limited to only Active Directory components.

WMI or Windows Management Instrumentation consists of a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification.

What if I told you you could set up policies that that allow you to target specific users, specific user names, specific hardware, and specific software. Even specific hardware types. You could deploy hardware specific drivers on your domain using WMI flitering.

It’s actually pretty slick, and far superior to anything that SNMP can offer. It is a very powerful tool set for a Sys Aadmin. The level of control for WMI filtering is absolutely amazing and robust. But is it secure? Well that depends, it can be, if you follow best practices there is no reason it shouldn’t be.

WMI filters are similar to SQL queries, for example…

select Version, ProductType from Win32_OperatingSystem where
 ((Version like "10%") and (ProductType = 1))

The above version 10 followed by the wildcard character will select Windows 10 and Server 2016 operating system versions. ProductType = 1 means the desktop OS version, where as type of 3 would mean the server OS version. Finally ProductType = 2 means that the machine is a Domain Controller.

select Version, ProductType from Win32_OperatingSystem where
 ((Version like "6.1%") and (ProductType = 1))

The above is for Windows 7.

select Version, ProductType from Win32_OperatingSystem where
 ((Version like "6.3%") and (ProductType = 3))

Finally the last one is Server 2012 R2.

Note that the name space that this is available in, is root\CIMv2.

If you want to find and query WMI you can use the official tool available from Microsoft, it’s called The WMI Code Creator tool and it’s available here. If the link is dead just search for it. An alternative to this is the NirSoft SimpleWMIView available here, and Wmi Explorer available here.

WMI Code Creator looks something like the following. It allows you to browse all the WMI possibilities and search for property values of WMI classes. For obvious reasons you will need the .NET framework installed on your machine.

 

Creating a WMI Filter is simple. Open up your Group Policy Management application, expand your domain and at the bottom you should have a folder named WMI Filters. In this folder you can also see a collection of WMI Filters and which policies they are applied to.

Right click this folder and select New…

Give your Filter a name and Description, then click Add.

Finish by clicking OK and Save. You have now created a WMI Filter for Server 2016 all versions.

Now you need to apply the filter to a policy. Locate a policy in your Manager, and in the right pane on the bottom under WMI Filtering now you can select the filter you just created.

That’s pretty much it, you can play around with the WMI Code Creator and see that you can do some very granular filtering with this. You can create filters based on OS, CPU, Disk drives anything that you can think of. This is a very powerful tool and if you’re familiar with SQL queries you should have no trouble coming up with some complex filters.

Specific Host Name:

root\CIMV2 – Win32_ComputerSystem – DNSHostName = ‘YourHostname’

 

As a side note if you are a C# .NET developer you can also benefit from WMI using the System.Management namespaces in Visual Studio. You will need to add a reference to it in your Visual Studio project. This allows you to query Microsoft Operating System hardware and retrieve statistics from said machine.

Sample C# Code:

 ManagementObjectSearcher processor = 
 new ManagementObjectSearcher("root\\CIMV2", 
 "SELECT * FROM Win32_PerfFormattedData_Counters_ProcessorInformation");
 foreach(ManagementObject query in processor.Get())
 {
 coreValues.Add((string)query["PercentProcessorTime"]);
 }

My Home Theatre

It’s been a hiatus… I’ve been a bit busy lately, it’s summer time and all… I’ve been enjoying the beautiful weather with my family but I feel like I’m due, so here we go!

Home Theatre! This topic interest me big time, ever since I bought my “new” house 5 years ago I had been planning to do something nice in terms of an entertainment space. The space I had in my mind was a bit different then your typical audio/videophile types dream of but it’s what I dream’t of at this stage in my life.

I will be the first to admit that this post is late to the game, and I anticipate to upgrade my projector and receiver to native 4k within the next 6-8 months. I have my eye on you Optoma UHD60!

Coming from my previous house (a shoebox) I had a big room to actually call my mancave, a 25’x16′ room. The picture below is pretty unflattering… and it only shows the room from one angle, but this is all I could find for the time being… This was a couple days after we moved in. In hindsight I should’ve taken more before and after photos for this project.

mancave_before-1

Here is the original conceptual design of what I envisioned the room to actually become.

mancave-schematic

First step was to build the A/V closet and shelving, the closet did not exist originally so I had to rip out some drywall and attach into the existing framing. Here is a before picture of where I put the closet in.

AVcloset-before

Here are some pictures of the AV closet build out. The shelf design I found on another site, if I can find it again I will give them a kudos link, man is it a solid design – homemade shelf that can hold a ton of weight and gear. All of the supplies for the shelf I purchased at Canadian Tire and Rona. All of the cabling, connectors, wall plates and in ceiling speakers I purchased through Monoprice.

 

Here are pictures of what it looks like today, don’t mind the mess I have a few kids.

Projector Mount

If you look at the projector mount picture below you’re probably saying wow that’s a crazy mount is this guy a nutcase? Actually it’s pretty much mandatory in my mind to design something like this if the projector is going to be installed in a basement like setting.

When I originally mounted the projector I was truly a newbie… I affixed it directly on the floor joists, what a mistake. The feedback was vicious and the projector was bouncing like no tomorrow… and when it started to bounce it really didn’t recover quickly since there was nothing to absorb the movement that reverberated off the joists.

This is something I came up with through trial and error, this works for me, it doesn’t eliminate movement entirely, if my kids are bouncing off the walls upstairs it will shake, but it’s absorbed quickly by this design and I can rest well knowing that my investment is safe. To date I have almost 5000 lamp hours using this rig and the projector and lamp still lives on.

I used a large piece of MDF that spans three joists, I tapped into the joists using 2 1/2″ wood screws. From there I lined up where the projector was going to be mounted and penciled in four pilot holes where the bolts were going to be installed. These four bolts affix the actual mount to the MDF base, they are 3/8″ in width in my application, the bolts are fairly long I believe around 3 1/2″. I used several washers, rubber grommets and springs as you can see from the photo, these items are doing a lot of the hard work to minimize any vibration and impact.

projector-mount

Projector

At the end of 2012 I was on the hunt for the right projector for me. I didn’t want to spend a ton but I wanted a projector that was a good bang for the buck, but mandatory was good input lag and 3D. I stumbled across the BenQ W1070 Home Theatre DLP Projector. It’s a great unit, I’ve been using it now for almost 5 years, so it’s done really, really well… no issues whatsoever.benq_w1070

 

Screen

I went the Do-It-Yourself route. After abundant research I ended up using the following for the screen paint:

Sherwin Williams ProClassic Smooth Enamel Satin Finish Extra White – 6260 UNIQUE GRAY. I don’t believe Sherwin Williams carries this formulation anymore.

Down the line I believe I will switch to an actual screen for my next projector install. Don’t get me wrong the paint is great and a money saver, but I found that it cannot cover imperfections in your actual drywall. If you look close enough you can pick up on these subtle things while the unit is on.

I used a somewhat dark color for the rest of the wall around the screen. Sherwin Williams Classic 99 Satin Finish Extra White – 6549 ASH VIOLET.

The screen is approximately 110″ measured diagonally.

Screen Frame

I used 2 1/2″ MDF trim I mitered the corners at 45 degrees and installed L shaped hinges on the back side. I primed and painted with flat black paint and used brad nailer to affix it to the wall.

Speakers

I opted for a 7.1 configuration, the front and center speakers I got a sweet deal on from Newegg, they were on clearance dirt cheap… I could not pass it up. I picked the JBL Studio 1 Series Studio 190 Front and Center speakers. For the subwoofer I went with the Klipsch KW-100, for the sides I went with Klipsch RS-62s. For the in ceiling I went with Monoprice 6-1/2 Inches Kevlar 2-Way In-Ceiling Speakers.

The in-ceiling speakers I cut a plywood template to hold the speaker since I have a drop ceiling with soft fiberglass tiles. The plywood template fits into the 2’x2′ grid and the grid take the weight of the speaker and not the tile.

For the Klipsch surround speakers, I mounted the speaker to a stud on opposing walls using a single screw.

I am not an audiophile but they sound good to me, most would recommend not mixing and matching, but really for me I was going with the best value/deal at the time as speakers can be really expensive for something better then bottom of the barrel.

AV Receiver

For the receiver I went with the Onkyo TX-NR616, I had never purchased an Onkyo before but I can say I have been really happy with it.

The receiver can not fully power my front speakers in it’s current 7.1 configuration, if I used 5.1 it can power them fully, but the sound is still good, I don’t pump it too often… just something to keep in mind if you are purchasing an AV unit.

The one issue I have had which seems to be some kind of glitch where HDMI switching stops working after the projector is turned off, it doesn’t happen all the time… it is a random thing. Simply recycling power on the receiver corrects the issue.

IR Repeater

For extending my IR remotes (satellite receiver, AV receiver, etc…) I went the cheap route. I picked up a USB powered IR repeater from Amazon – Neoteck IR Repeater Infrared Remote 1 Receiver 4 Emitters Control Kit. I just plugged it into my AV receiver’s USB port to get power, and I installed the IR receiver discreetly along the edge of my drop ceiling. It’s cheap but it does the job and I can close my cabinet if need be and not have to fight with pointing remotes directly at the device.

Home Media – Part 4 – OSMC/KODI/XBMC

This is part 4 of a series of write ups called Home Media.

Part 1 – The NAS build

Part 2 – The Setup

Part 3 – The Rip

Now that you have a whole infrastructure setup for streaming in your house, what do you do?

First thing is first, you will need some sort of hardware. Be it an old laptop, a Odroid-C2 box, an Android Box or a Raspberry Pi3. Then you will be creating two xml files called Sources.xml and/or AdvancedSettings.xml. These two files are responsible for media sources and database connections respectively. With Advancedsettings in the mix you can also add an SQL instance to your setup.

The benefit to the SQL database is that if you have multiple devices in your home, you can pause your content in one room and resume it in another. Your library info is stored in one place, the databse, and can be easily backed up and restored using software such as HeidiSQL. Library updates can be performed using headless installations of KODI and are picked up by all other devices on the network connected to the DB.

Easiest way to run a headless installation of KODI is to use the LinuxServer.io docker container which they have created and is available from here https://github.com/linuxserver/docker-kodi-headless. This works well if you have a server at home. If you are running a Pi or Odroid device with KODI on it this might not be necessary, since these are always on low power devices. Potentially you can send all update requests to these boxes.

For Laptop and Android Boxes go to their respective app stores and install KODI. On Linux you have to install KODI manually. Head over to Kodi.TV and they have all the packages you need over there. For further installation instructions head over to the KODI wiki.

In this example I will be working with v17.x or K, code named Krypton. For the Odroid-C2 and RaspberryPi I suggest heading over to LibreELEC and grabbing the installation source from there. The equivalent LibreELEC version of KODI version 17 is 8.x. For the Odroid and RPi you will need to image the storage device, SD card or eMMC storage. On Windows use the Rufus software. Alternatively LibreELEC has built their own installation tool to install the OS on a storage device. For further installation instruction for LE suing their tool go to their wiki site. An alternative to LibreELEC is OpenELEC, this has builds for devices that Libre does not support.

Note that when you boot in to KODI for the first time, specifically LibreELEC, you should enable SAMBA and SSH. SAMBA will be useful for copying the xml files to your KODI box later on.

Installation:

Once you have installed Rufus and plugged your SD/eMMC card to your computer start Rufus and locate the drive letter that is the storage device of your choosing.

In Rufus click the drop down list and select DD Image, then to the right of it click the image icon.

Rufus will prompt for a file with a Open selection window. Select the appropriate image and click Open.

It will warn you about erasing all the data on the storage device, accept the prompt and let Rufus run through it’s thing.

Once complete close Rufus and check that your file structure of the SD card look something like the above. The storage device is now ready to be plugged into your hardware and you can proceed to boot it.

Database:

Install the database of your choice. I use MariaDB, it’s a free open source SQL software. It was forked after MySQL was bought out by Oracle. I run this in a docker on my home server. However you like to proceed pick the installation of your choice.

The docker container is available on the Docker hub and can be found here: https://hub.docker.com/_/mariadb/

To run the docker with persistent storage run the following docker commands.

First you need to pull the installation.

docker pull mariadb:latest

An alternative to the latest tag you can use the versions available on the site, 5, 10… etc. Then you will need to run the docker using the docker run command. It will look something like the follwing.

docker run -d –restart=always –net=bridge –name mariadb -v /my/own/datadir:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=SomePassword -e MYSQL_USER=kodi -e MYSQL_PASSWORD=kodi -p 3306:3306 mariadb:latest

For Unraid 6 you can use a Docker MariaDB template available here:

https://github.com/Exist2Resist/docker-templates/tree/master/exist2resist

There are 3 key commands you need to execute on the database after you have installed it. You can find the database installation instructions for various OS versions on the KODI wiki.

Make sure after you setup a sa or root user on the database you write down the password. After this log into the database and run the following 3 commands.

  1. Type in: CREATE USER 'kodi' IDENTIFIED BY 'kodi'; and press return
  2. Type in: GRANT ALL ON *.* TO 'kodi'; and press return
  3. Type in: flush privileges; and press return

These commands create a user with the name kodi and password kodi. This will be used in your KODI installations via the advancedsettings.xml file to connect to the database.

sources.xml:

The sources file is used to connect KODI to your network shares and sources for your media and music. A sources file has the <sources></sources> tags at the beginning and end of the file and should look something like the following…

smb: stands for samba, your other option would be nfs which is the file sharing protocol in linux. Also if you notice the above shares are accessible to anyone on the local network. If you want to password protect these shares go ahead but you will need to change the <path>, using the example above to smb://username:password@Tower/Music/.

The sections (<music>), name (<name>) and path(<path>) are all mandatory in the example above. Every other field is optional.

Note that if you are using a database to store the media information you do not need the sources.xml file on all your instances of Kodi. You will only need both files on the instance which updates the library and database. All other instances only need to connect to the database. The database contains a files table which has an idPath column that stores the path to the files.

For further detail on the sources xml you can head over to the KODI wiki, http://kodi.wiki/view/Sources.xml

Note that with the database in the mix you should enable the option to wait for network before starting KODI. This is only available in OpenELEC and LibreELEC builds of KODI. I have not been able to find this in the vanilla KODI, but that should not matter as more than likely these installations will usually run on a box that requires manual KODI start anyways.

advancedsettings.xml:

The advanced settings file has the <advancedsettings></advancedsettings> tags at the beginning and end of the file and below is an example of what the advancedsettings.xml should look like. This file is very fickle and it has a lot of options it can take. Use the example below as a starting point.

<videodatabase> and <musicdatabase> point to an sql instance via the IP address username and password. Default port for sql is always 3306.

Also if you want to pause and resume your playback at different locations in your home, include the <importwatchedstate> and <importresumepoint> tags and set them to true under the <videolibrary> tag. Under the same tag <backgroundupdate> updates the library without any popups of notifications. <recentlyaddeditems> sets the amount of new items that will be visible under the TV Shows and Movies sections. Default I believe is 25, you can set this to whatever.

In version 17+ of KODI the cache tag is pretty important. If you are experiencing the odd buffering interruption while watching content from your file server set this option and have all content buffer.

In previous versions of KODI this option was set under the network tag. Sections 2.8.4 and 2.8.3 of the Advancedsettings.xml wiki, respectively.

Cache buffers the file in memory instead of the local storage. If you notice a lot of stutter on your streams, especially with version 17 if you add this sections the performance should greatly improve. Mind you if you have terrible internet and you are using external or http video sources there are no guarantees. If want to do this you will need to do some math first, use this bit calculator if you’d like, don’t trust google they mess the calculation and conversion up badly. But more on that later.

The cache section looks something like the following.

<cache>
<buffermode>1</buffermode>
<memorysize>477184000</memorysize>
<readfactor>10</readfactor>
</cache>

Buffer mode with value of 1 will cache any content streamed in KODI. Local or remote it doesn’t matter.

Memory size is where you will need to do some converting and calculating. So the max memory size depends on your system and this value can not exceed a third of your max free memory. So if your device is running while playing content with 300 MB of free memory your max memory size should be 100MB or 104857600 bytes. If you don’t adhere to the 1:3 ratio rule, there is a high probability that your box will crash.

Read factor is the speed at which the content gets buffered at or read into memory at. If a files average bit rate is 6MB/s, with a read factor of 10 the file will be read at 60MB/s into the cache buffer. Average bit rate multiplied by the read factor. Take your network bandwidth into consideration when calculating this. If not specified the default is 4.

For further details on the advancedsettings xml you can head over to the KODI wiki http://kodi.wiki/view/Advancedsettings.xml

File placement:

If you enabled SAMBA and SSH on your KODI device you can navigate to the Userdata share of the device and place both xml files there. Even though you don’t need both it is recommended that you do. The network name or IP will be required for you to navigate to the shared folder. You should have enabled SAMBA when you set up your KODI box. During said setup you gave the installation a name, if you kept it default navigating to \\LIBREELEC via file explorer should bring up the box’s shares.

Open up the Userdata folder and you should see some folders and 4 xml files.

Place both the XML files in here.

Alternatively you can SSH into your box using putty or similar software. Default user name is root and the password is libreelec.

Once in there you can use either vi or nano to create both the files and paste the contents. The location of where the file should be stored are as follows.

/storage/.kodi/userdata/

You can create the files manually by performing the following commands in SSH.

nano advancedsettings.xml

Then paste the contents of the file into the window and click ctrl + x, this will prompt you if you want to save the file, type in y and hit enter to confirm the file name.

Repeat the same for the sources file.

A very important step, you will need to set KODI to wait for the network when it boots if you are using a db connection. If you do not do this your library will not populate.

In your add-ons select the LibreELEC Configuration add on.

Then set the Wait for network… option and set it to 10 second. There has not been an instance where 10 seconds has not been enough for me.

Your KODI box should now be ready to go, reboot and enjoy.