xtrap225

Members
  • Posts

    69
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

xtrap225's Achievements

Rookie

Rookie (2/14)

1

Reputation

3

Community Answers

  1. yes i. understand thanks. that might be a difficult feature to implement. the real feature request I would prefer, is to be to have an option to not create shares from top level folder automatically. it just clutters up the shares list with a bunch of 'shares' that aren't exports.
  2. thanks, i never realized this, i guess i previously more studious organizing prevented me from noticing this. however it would be nice if you create something directly on a cache share that it creates a cache share rather than an array only share.
  3. as my subject states 'mkdir folder in ssh is creating shares.' the strange thing beyond the obvious strangeness of that is i created a folder directly on a cache drive and the resulting automatic share that was created, was an 'array' only share. can anyone tell me, is this. 'new' expected behaviour and is there a place to change options on this? i don't want every folder i create to then create a share. i especially don't want automatically created shares to have 'incorrect' settings. i tried a search of the forums but i couldn't find anyone else dealing with this behaviour. cheers.
  4. its in your unraid 'settings' section. and it turns of Spectre and the like cpu memory mitigations.
  5. i have my work pc on a dedicated 1TB NVMe drive passed through windows 11 vm and i was having loads of issues getting my cpu usage down. it would always eventually creep up. and stay up. i tried the "Memory integrity" recommendation change even though i was probably not supposed to. what ended up working was disabling "Mitigations Settings" in Unraid Settings. so i just wanted to let folks know somewhere, that made a HUGE difference.
  6. do you need secureboot only or bitlocker as well? i actually switched from using pass-through to this for bitlocker. but if you dont' need bitlocker than i would do either and disable bitlocker. also that is an example encryption secret from the webpage i got the xml info from.. put your own in, obviously <tpm model='tpm-tis'> <backend type='emulator' version='2.0'> <encryption secret='6dd3e4a5-1d76-44ce-961f-f119f5aad935'/> <active_pcr_banks> <sha256/> </active_pcr_banks> </backend> </tpm>
  7. sorry i just wanted to come back and say all the moving of files etc is no longer necessary as it is built into the latest q35 efi settings already on unraid. i tested the available procedure against what is just built into unraid. and i think you will find you can just change the settings to secure and it will work. the thing that i needed to make it work for my work was to add one line to the <os>..</os> .. This took a ton of time and research and many re-images. <smbios mode='host'/> which passes through block 0 and block 1 of the smbios ,,,which is basically vendor, version, release, serial, manufacturer ,... etc etc. this allowed the Microsoft intune company portal to work even more properly, because it served back my 'machine' certificate back to my certlm.msc>Personal>Certificates folder. this was a requirement to get my VPN working. also i would decrypt my bitlocker. then run a company portal sync to get it to re-encrypt and no longer have to use the bitlocker recovery key. considering the above this may NOT be necessary but i also opted to passthrough my tpm as follows <tpm model='tpm-tis'> <backend type='passthrough'> <device path='/dev/tpmrm0'/> </backend> <alias name='tpm0'/> </tpm>
  8. apparently it is working cause my cert came back. just had to be more patient. not my strong suit, when it comes to computers. especially since i still can't see the smbios sysinfo from the windows terminal. now i am doing hopefully my final decrypt and re-encrypt of bitlocker so i don't have to use my recovery key on each reboot. then i will just need to either get spice multi-monitor working properly or the AzureAD RDP bypass that is working on my other bare metal working machine (that i can't remember how i did), on this vm. without multi-monitors what is the point
  9. according to the log its working. but windows still won't show me the SerialNumber now that is in host mode, which would be ideal. but i guess i can keep testing just in case by fluke the emulate mode works. i have a feeling it will work but not work as well. really have a bad feeling i will get stuck here.
  10. okay that was very wrong. you cannot change the hyperv mode line, nor should you. i don't think. i changed the <smbios mode='sysinfo'/> to <smbios mode='host'/> removed .. <sysinfo type='smbios'> .. </sysinfo> if that fails. i will try again by putting the mode to 'emulate' and putting back the sysinfo lines with the bios and chassis info etc.
  11. found this and am going to try it. https://avdv.github.io/libvirt/formatdomain.html its a bit more clear that i need to change <hyperv mode='custom'> from my xml to either 'host' to copy the 'real' info, sort of like a passthrough for smbios sysinfo or 'emulate' to use the info i had described but not shown from the previous link, also shown in this. new link. sorry for that lack of detail but its maybe a bit private that info like serials and what. not. i will update this thread if i get it working. and as always and input is greatly appreciated.
  12. i am trying to get my work windows 11 image working as a vm. i have passed through my m.2 drive after imaging it as a bare metal machine. i am secure booting and passing through my /dev/tpmrm0 in tis mode. then i recover the bitlocker, then disable it in windows and allow the company policy to re-encrypt it. my intune company portal says i am compliant and is syncing ... however. i believe due to lack of smbios serial information my certlm>Personal>Certificates is lacking the machine certificate that allows my work vpn. this gets auto sync'd when the systems service tag is detected properly. i tried to edit the xml file and add everything i could using these instructions and dmidecode -s from the linux terminal on unraid https://libvirt.org/formatdomain.html#smbios-system-information all my settings are accepted and the log seems okay but i still can't see the serial in windows when i use either powershell's Get-WmiObject win32_bios | select Serialnumber or CMD's wmic bios get SerialNumber i beleive if i can get this to work then i will be 100% compliant and able to get my cert and therefore my vpn working. the libvirt.org page i linked above says the following does anyone know if this is disabled in unraid's implementation of libvirt? the only other thing that it might be that i will test asap is a couple entries that existed in the example on the page but weren't set on my bare metal system i left blank like so <entry name='version'></entry> but i will test removing them completely from the xml instead. or even setting them to what their output was which was 'Not Specified'. <entry name='version'>Not Specified</entry> any help would be greatly appreciate, if you have experience with this, or if you know that this feature has been removed from unraid's vm implementation.
  13. i got it to work, at least i thought i did .. oh first i should say i am doing the same thing. i was at first using a virtual TPM like in the instructions. i had to reset the bitlocker and i am not sure if it was the virtual TPM or resetting the bitlocker or something else. like the system not being able to see 'serial'/'servicetag', but although i could login with my work account and almost everything worked. the system ripped out my 'personal' machine cert from certlm.msc and that prevented my work vpn from working. as i was typing this i seem to remember a way to passthrough the system serial? maybe i saw that in a video by 'spaceinvader one'? EDIT* found the thing i was thinking of and will add it to my next attempt i hope it helps."wmic csproduct get UUID' i am going to try again. but this time passthrough the TPM on first boot. oh i forgot to mention i am passing through an nvme drive where this install is. and the install must be done from the bare metal. then boot back into unraid. i am going to edit and passthrough the TPM without it ever seeing a virtual one. any idea if i should tell it that it is TIS or CRB? and try to do that serial thing, which i hope i am not misremembering. the only issue is i a going away for a week and a bit, but when i get back and if i can get it all going. i would certainly be happy to help you. that is if you haven't already got it all figured out.
  14. i have another one. the mouse stops working after enough updates and what not go in on my windows 11 vm. seems to be spice related cause vnc doesn't have that issue. i have tried installing the latest virtio-win-0.1.240-1.iso but that doesn't help. does anyone know how to get the mouse to behave properly? the strange thing is that after a fresh install it work but as time goes one it just goes chonky on me, and doesn't. work almost at all. i have to move around the vm with keyboard. if i use remote-viewer i can see this when i go in and out of the vm window (shift+F12). (remote-viewer:40158): GSpice-WARNING **: 19:21:59.987: Mouse acceleration code missing for your platform