How to use a Fritz! Box 7490 as a WIFI Extender

Since fibre just recently became available in our neighbourhood I just got it installed about a month ago and has been enjoying it.

The location in the house where I had the fibre box set up was in the living room as I wanted to hook it up to the gaming console. I didn’t know what to expect with the Vodafone TV but I it actually allowed me to get rid of the dish tv satellite receiver and just use broadband to view tv shows. Anyway because of the location of the new router some parts of the house are not getting good wifi coverage.

Since I switched internet provider I was left with the old modem/router.

In this tutorial basically we are going to connect the old router to the new router. The old router will act as access point and that allowed me to extend the wifi coverage in the house.

Steps:

Boot up the Fritz box router and connect it to your computer using a LAN cable.

Open your browser and go to the default setup URL which is http://fritz.box

If you do not remember your password which is provided by the ISP, simply click on forgot password link to reset. The router will reboot after.

Once logged you’ll get an overview of your system. Click on the Internet menu on the top left to start configuring your router.

 

Click on the Internet and select Account Information. On the section Internet Service Provider. Select Existing connection over wireless LAN.

 

The Wireless LAN devices will be listed, select your wifi network and under Security add your wifi password and hit Apply.

 

When you hit Apply the system would reboot the first time and assign the router a new IP. You can access the new IP eg. 192.168.88.1 or simply visit http://fritz.box

Next set the a new Wifi name. Notice the option gives you 2.4 GHZ and 5-GHZ frequency band. (The router as far as I can tell can only connect to 2.4 ghz frequency on my new router so setting up 5Ghz here won’t really matter, you would still be on the 2.4 ghz band). Hit Apply to save the changes.

Click Security under WLAN to setup the Network Key password and hit Apply.

Hit Apply and you are done. Disconnect the LAN cable and search for the new Wifi in your network.

 

 

Pros : You can extend the wifi signal in your house

Cons: It can only connect to the 2.4 GHZ channel frequency which is the slower band. I get into the range of 20-40 mbs.

 

Hopefully this is useful to somebody out there. Happy surfing.

 

Passed the Identity & Access Management Designer Certification (Achieved System Architect)

Just passed my last required certification which is the Identity and Access Management Designer to finally become Salesforce Certified System Architect. What a journey and accomplishment. My study method seems to be working and would like to share my methods and notes.

The method :
At the start of the 2nd part of thIs year(2018) I made a goal to start the Technical Architect journey and get certified every month . The method I’ve been doing is really easy, I book a date one month in advance and spend at least an hour or two reading the materials I need. I use a technique called Pomodoro using an online tool kanbanflow.com and concentrate on learning a concept. I try to do this at least everyday either before bed or if I missed it for that evening I try to get up early in the morning. So far this has worked great for me as this made me consistent.

Exam takeaways
Now about the Identity and Access Management exam. This is like the rest of the exam which is 60 + 5 extra multiple choice question. You are given 120 minutes and passing is 65%.
Honestly this was a hard exam. Best if you have done implementation of it. I wasn’t that confident I would pass the exam when I hit the Submit button.

Trailhead: Identity and Access Management Designer
Go over this trialmix and nail down it to 100%. – https://trailhead.salesforce.com/users/00550000006yDdKAAU/trailmixes/architect-identity-and-access-management

Authentication and Authorisation – basically who you are (credentials) and what you are allowed to do
Different OAuth Flows:
  • User Agent Flow
  • Web Server Flow
  • JWT Bearer Token Flow
Idp and SP Initiated Flow
  • Heaps of questions on IDP initiated and SP Initiated Flow (3-4)
  • Idp Initiated SAML is when from the IDP system you are trying to access the system enabled for SSO
  • SP Initiated SAML is when you are coming from the service provider and asking authorization from the Idp.
  • Which SSO flow can be used for deep Linking
  • Use of Entity Id and Login URLs
Connected App and Managing Policies
  • Different types of scopes for OAuth and when to use them
  • Refresh Token Policy
  • User Provisioning – keeping users in sync
  • Custom Connected App Handler
2 Factor Authentication and Login Flows
  • When to use 2 factor and how login flows can be used for different scenarios
SSO Settings and My Domain
  • JIT User Provisioning
  • Login
  • Auth Providers
Federated SSO
Delegated SSO
Social SSO
Security
  • Login IP ranges
  • Trusted IP uses
Canvass Apps
Identity Connect
App Launcher
Auth Provider Setup
Active Directory
I’ll continue to enrich this post as I recall some of the other stuffs.

How to Setup Social Single Sign On in Salesforce

On this tutorial. I’ll walk through to the steps needed to setup Social Single Sign On with LinkedIn to Salesforce.

Do the following Salesforce steps first then we run over next LinkedIn steps.

Login to Salesforce and go to Setup and search for Auth Provider

When creating an Auth Provider – you can have Salesforce auto manage the values for a Auth Provider.

    • Select the Provider and Provide Name and URL Suffix
    • On the Registration Handler section click on Automatically create a registration handler template – you would need to edit this later
    • Hit Save.
    • Create an Account, then make sure the Account Owner has a role assigned
    • Next, let’s edit the AccountHandler auto generated for us.
    • You can grab the code from github and replace the handler – https://github.com/olopsman/salesforce-identity-registration-handler/blob/master/RegistrationHandlerTemplate
    • Update the following Constants to match your org and Community Profile name

private static final String ORG_SUFFIX = '.sso.dang.org';
private static final String DEFAULT_ACCOUNTNAME = 'Dang Channel';
private static final String EXTERNAL_USER_PROFILE = 'Customer Community User';

  • Next go to Communities Setup and for members grant the profile access to the community
  • Next to to Login and Registration and enable the LinkedIn or social sign on platform you want to configure.
  • Then finally copy the community URL

 

Next would be to create an application in your Social account LinkedIn. The steps would be similar for other like Google, Twitter and Facebook. Go developer.linkedin.com and create an App.

Give your name and app and fill in the required fields. Paste the community URL to the website URL so after authentication it knows where to redirect the page.

 

Note: you will notice that creating an app also creates a consumer key and secret, since we left these values blank in Salesforce as this was auto managed for us. You can copy the consumer key and secret to the Auth Provider section if you want to override this.

Go to your community URL and you should see LinkedIn option to login. Click on that to login to LinkedIn and authorize Salesforce to access your info. After authorization you would be redirected back to the community logged in. And bedind the scenes you have been created as a contact and user in Salesforce.

Notes on Provisioning Communities Users in Salesforce

I learned the different methods to provision external users in Salesforce.

* You can create Customers and Partners

* depending on account type you can create certain users
* personaccount and contact – customers
* account – partner/customer
* Account owner must have a role
* You can manually create contact and enable as customer or partner
* Partners have roles when enabled
* You can self register

* assign the profile in setup or
* assign in the selfregister code this overrides the setup
* assign the role
* assign the account
* You can sign up via API using the following methods

* createPortalUser
* createPersonAccountPortalUser
* Social sign on to provision a user –
* You can Just in time provision using SAML

* combine saml with more attributes and SSO to provision a user
* SAML Subject NameId as the Federation ID
* does not work for PersonAccount
* Contact email must be unique accross all even none external users
* account name and number must be unique or causes duplicate error
* Data loader
* Bulk Provisioning via API

* use same api methods – can you pass bulk here? api limits apply
* Identity Connect with Active Directory

https://developer.salesforce.com/blogs/developer-relations/2014/06/how-to-provision-salesforce-communities-users.html

How To Install Let’s Encrypt SSL Certificate on Google Cloud Compute with a Bitnami Stack

So wanted to do this for some time now and got the chance to do this now as I wanted to share something new everyday.

Let’s Encrypt is a free, automated and open Certificate Authority. Today I learned it was not straight forward to install.

I first tried to add the ppa certbot and when I tried to install python certbot app I got errors on dependencies. I then tried certbot-auto script which was successful but my site was still not showing as being secured by SSL.

Finally the following worked for me.

Here are the steps to install the SSL
Login to shell on your google cloud instance
ssh -i xx_gca key bitnami@ipaddress

Change directory
cd /tmp

Run the following command – replace the version with the latest version from github

curl -s https://api.github.com/repos/xenolf/lego/releases/latest | grep browser_download_url | grep linux_amd64 | cut -d '"' -f 4 | wget -i - tar xf lego_v1.0.1_linux_amd64.tar.gz

Untar the file
tar xf lego_v1.0.1_linux_amd64.tar.gz

Make the lego executable by copying to the binary directory

sudo mv lego /usr/local/bin/lego

Stop your server
sudo /opt/bitnami/ctlscript.sh stop

Run the lego client
sudo lego --email="youremail@domain.com" --domains="yourdomain.com" --domains="www.yourdomain.com" --path="/etc/lego" run

Backup your existing certificates by renaming them
mv server.key server.key.2018

Copy the server certficates from /etc/lego/certificate to /opt/bitnami/apache2/conf

Change directory and go to
cd /opt/bitnami/apps/wordpress/conf

Edit the following httpd-app.conf file
sudo vi httpd-app.conf

Add the following conditions and rule
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.lopau.com/$1 [R,L]

Finally start back the server
sudo /opt/bitnami/ctlscript.sh start

Reload your website and check the URL, you should now be secured with an SSL

That should get your going.

Other things to note:

  • certificates only valid for 90 days
  • suggestions is to auto renew
  • certificates are free and can be used on websites, ftp servers, mail servers
  • need an ACME client

On my next tutorial, I’ll show you to setup a cron job to auto renew the certificate.