Subscribe via Email

Subscribe via RSS/JSON


Creative Commons Attribution 4.0 International License
© Rakhesh Sasidharan


Thoughts on BBC One’s “The Missing”

The Missing is an interesting show. It’s one of those things that pull you in while watching, and while the ending may not make sense or might even let you down, you still keep thinking over the show and its characters. 

I started watching The Missing because of James Nesbitt. I stayed on because I liked the plot. It was slow, but every now and then the writers would drop something to feed your interest and keep you hooked for the next episode (where again the plot would slowly meander along). I suppose I could say I am a fan of slow shows, but that won’t be correct either, I think. Many a times I had a good mind to quit The Missing and just go over to Wikipedia to read what happens. But I held on because something attracted me to it. Maybe it’s Nesbitt’s performance, maybe it’s the writing. The plot is slow, but not painfully slow. The characters are sad, but not painfully sad (as one might say of Sarah Lunden of The Killing, which is similarly slow but I gave up after three seasons and was glad when they cancelled it). 

Yes, I think it’s the writing on The Missing that definitely had me hooked. The way the episodes were written and directed, it pulled you in to the plot so that while it was slow you were still hooked on to the plot and curious about what’s happening. And each episode was an exercise in slowly inching towards the truth. In each episode the characters (mainly James Nesbitt and Tchéky Karyo) uncovering a clue, come across roadblocks, and just when all hope seems to be lost there’s a glimmer of hope which leads them to the next clue/ episode. And these aren’t just random clues. They are sensible and well placed, so you stick on with the show. 

Interestingly it was the father of the missing boy who is more worried and “crazy” in this show, while the mother though sad manages to cope with it and make an effort to move ahead with her life. I didn’t expect that. In the first episode when the boy wen’t missing, I assumed it would be the mother who’d have difficulty and hence break up the marriage. Again, good writing. Sensible stuff. 

The ending is what put me off and also dragged me into the show. Not the ending of the mystery where they discover what “supposedly” happened to the boy, but the mystery surrounding that ending. That was superbly taken. For one, when the boy’s dead body was shown to the mayor, we the audience too never see it. So we are trapped in the mind of the parents – inquisitive just like them to know what happened to the boy – but unable to verify for themselves/ ourselves on whether the dead body was really of the boy. And therein the writers are kind of treating us like the father and mother I think. Some of us will be like the mother and find peace with the ending, telling ourselves that it was indeed the boy so we now have some sort of closure. But the rest of us will be like the father, unsure about the ending – and tearing ourselves apart in the process – because we haven’t seen the body! And to top it up there’s the final ending where the father is now in Russia and there’s a picture of the stick figure the boy draws, and we are left with no closure as to whether the boy drawing it was the son or just some random kid. We are trapped in the father’s mind-frame with no closure for ourselves, haunted with the thought that perhaps the boy is still alive! I love that.

The Missing really isn’t about a boy missing. It’s about the things missing in everyone’s life (including the viewers) after the experience. Missing closure. Missing life because of being trapped in the prison. Missing peace. 

If I remember correctly ever since the boy went missing, every year his father had been on some clue hunt or the other. Most of them ended up in a false alarm, but this latest one led to an end. The question now – and rightly so – is whether he should just leave it at that, or keep digging to answer all his questions? After all if he had just left things as they were, he would have never discovered what really happened to his son. So isn’t he justified in digging further and ignoring everyone else in his pursuit to satisfy any other doubts he may have? And especially since that stick figure drawing was on that window in Russia – surely it must mean something?

See how I am trapped in the father’s mind now. That’s what I said – excellent writing! “It’s the slow knife that cuts the deepest” (via Dark Knight Rises) – so apt here! It’s the slow episodes that have actually cut deepest into my mind. 

Anyone else noticed that James Nesbitt and Jason Flemyng have both played characters of Dr. Jekyll & Mr. Hyde? The former in the TV show Jekyll, the latter in the movie The League of Extraordinary Gentlemen. And in this show one’s the ex-husband, the other’s the new husband. Heh!

If you ask me whether I’d watch The Missing again, I’d probably not. Do I love the show a lot? Sure, yes! I think it’s a great show. Many viewers seem to compare it to Broadchurch and prefer this over the latter. I don’t know if I’d choose one over the other – in my mind you can’t compare the two. Broadchurch was faster paced, but still a slow show and about something else altogether – how a murder ripples through a small community and nearly everyone seems to be a suspect (again, smart writing!). If I were given a choice between watching one over the other I’d take Broadchurch – mainly because it was more murder mystery, less other stuff, and also because it was slightly faster. But that’s not to say The Missing is better than Broadchurch, or vice versa. 

But I’d take Fargo over all these shows! Again, a different beast altogether, but boy do I love Fargo! I loved the writing, and I loved all the characters – esp. the really evil Billy Bob Thornton character, and the deeply evil Martin Freeman character. Nice!!

Setting up a test lab with Azure (part 1)

I keep creating and destroying my virtual lab in Azure, I figure it’s time to script it so I can easily copy paste and have a template in hand. Previously I was doing some parts via the Web UI, some parts via PowerShell. 

These are mostly notes to myself, keep that in mind as you go through them …

Also, I am writing these on the small screen of my Notion Ink Cain laptop/ tablet so parts of it are not as elegant as I’d like them to be. My initial plan was to write a script that would setup a lab and some DCs and servers. Now the plan is to write that in a later post (once I get this adapter I’ve ordered to connect the Cain to my regular monitor). What follows are the overall steps and cmdlets, not a concise scripted version. 

Step 1: Create an affinity group

This would be a one time thing (unless you delete the affinity group too when starting afresh or want a new one). I want to create one in SouthEast Asia as that’s closest for me. 

Note: the name cannot contain any spaces. And if you are curious about affinity groups check out this TechNet post

Step 2: Set up the network

Let’s start with a configuration file like this. It defines three sites – London, Muscat, Dubai – with separate address spaces. Note that I am using address spaces – this means the three sites will not be able to talk to each other until I set up site-to-site connectivity between them. 

Within each address space I also create two subnets – one for the servers, another for clients. Not strictly needed, I just like to keep them separate. 

Note that all three networks are in the same affinity group. Again, it doesn’t matter, but since this is a test lab I’d like for them to be together. 

Save this XML file someplace and push it to Azure:

That’s it!

Step 3: Create a storage account

Note: the name has to be unique in Azure and must be all small letters. A locally redundant storage account is sufficient for test lab purposes. 

Associate this storage account with my subscription. 

That’s it!

Step 4: Create a VM

This is similar to an earlier post but slightly different. 

Get a list of Server 2012 images:

The last one is what I want. I create a variable to which I add the provisioning info for this new server. For convenience I use the server name as the variable. 

Assign this server to a subnet and set a static IP address (the latter is optional; also, remember the first 3 IP addresses in a subnet are reserved by Azure). 

Next, create a cloud service associated with this VM, and create a new VM associating it with this service and a Virtual Network. 

Note to self: add the -WaitForBoot switch to New-AzureVM so it waits until the VM is ready (or provisioning fails). By default the cmdlet does not wait, and the VM will be in the Provisioning status for a few minutes before it’s ready. 

Step 5: Set up self-signed certificate for PowerShell remoting

I want to remotely connect to this machine – via PowerShell – and set it up as a DC. 

By default PowerShell remoting is enabled on the VM over HTTPS and a self-signed certificate is installed in its certificate store. Since the machine we are connecting to the VM from does not know of this certificate, we must export this from the VM and add to the certificate store of this machine. 

Here’s how you can view the self-signed certificate:

As an aside, it is possible to request a certificate with a specific fingerprint/ thumbprint with the above cmdlet. For that, you need to get the thumbprint of the certificate associated with the VM and specify that thumbprint via the -Thumbprint switch. The following cmdlet pipe is an example of how to get the thumbprint associated with a VM:

The output of the Get-AzureCertificate cmdlet contains the certificate in the Data property. From my Linux days I know this is a Base64 encoded certificate. To import it into our certificate store let’s save this in a file (I chose the file extension cer because that’s the sort of certificate this is):

Then I import it into my Trusted Certificates store:

Finally, to test whether I can remotely connect to the VM via PowerShell, get the port number and try connecting to it:

To summarize this step, here’s all the above cmdlets in one concise block (the last cmdlet is optional, it is for testing):

Update: While writing this post I discovered a cmdlet Get-AzureWinRMUri which can be used to easily the WinRM end point URI. 

Thus I can replace the above cmdlets like this:

Or start a remote session:


Step 6: Create a domain and promote this machine to DC

If I had started a remote session to the Azure VM, I can install the AD role onto it and create a domain. 

Alternatively I could put the above into a scriptblock and use the Invoke-Command cmdlet. 

Note that once the VM is promoted to a DC it gets reboot automatically

We now have three sites in Azure, and a VM in one of these sites that is also the DC for a newly created domain. There’s more stuff to be done, which I’ll return to in a later post. 

Meanwhile, the other day I came across a  blog post on securing Azure machines. Turns out it is common to probe all open ports of Azure VMs and try connecting to them via RDP and brute-forcing the password. The Azure VM created above does not use the default “administrator” username, but as a precaution I will remote the Remote Desktop endpoint now. When needed, I can add the endpoint later.

To remove the endpoint:

To add the endpoint (port 11111 will be the Remote Desktop port):

Check out that post for more ways of securing Azure VMs. Some day I’ll follow their suggestion of disabling Remote Desktop entirely and using VPN tunnels from my local machine to the Azure network. 

Replicate with repadmin

The following command replicates the specified partition from the source DC to the destination DC. You can use this command to force a replication. Note that these three arguments are mandatory. 

An optional switch /full will HWMV and UTDV tables to be reset, replicating all changes from the source DC to the destination DC.

The following command synchronizes the specified DC with all its replication partners. You can specify a partition to replicate; if nothing is specified, the Configuration partition is used by default

Instead of specifying a partition the /A switch can be used to sync all partitions held by the DC. By default only partner DCs in the same site are replicated with, but the /e switch will cause replication to happen with all partners across all sites. Also, changes can be pushed from the DC to others rather than pulled (the default) using the /P switch. 

Authorizing a DHCP server in a Child Domain requires Enterprise Admin rights (or a delegation)

Today I learnt that to authorize a DHCP server in a child domain you must be an Enterprise Admin or a Domain Admin in the forest root domain or have the rights delegated to you. I was always under the impression you only needed to be a Domain Admin (not necessarily of the forest root domain). 

The reason you need to have forest level rights is because authorization happens under CN=NetServices,CN=Services,CN=Configuration,DC=mydomain – which as you can see is the Configuration partition, which is replicated forest-wide, so to which you need forest level rights. Armed with this knowledge you can either assign permissions to this container directly or use the Active Directory Sites and Services MMC to delegate permissions. In case of the latter, note that you have to click the Active Directory Sites and Services node and select the View menu (or right click that node and select View) to then reach the Show Services Node option. 

show services

This exposes the Services Node, under which one can assign permissions on the NetServices node (similar to assigning permissions on the Configuration partition container) or delegate permissions. Of course, to do either of these you must be logged in with an account that has forest-level permissions.

Windows 10 Cortana is not available if the region is not US

When I moved to build 9926 Cortana was working. Then I went and changed the region (in Control Panel) to where I am. And boom! next time I try Cortana it says it is unable in my market. Changed regional back to United States and now it works again. Turns out the language too must be English (US).

Windows 10 activation

Each time I update Windows 10 I run in this. After updating Windows tells me it needs activation, and clicking “Activate” does not help. Neither does entering the license key NKJFK-GPHP7-G8C3J-P6JXR-HQRJR found on the page where I downloaded the original ISO from. The error I get when entering that key is that it is not applicable to this edition of Windows.

Apparently although I thought I had downloaded from the above link, turns out I had not. That link is for the Tech Preview but turns out I had downloaded the Enterprise Tech Preview (from here). The key for that is PBHCJ-Q2NYD-2PX34-T2TD6-233PK – enter that and now it activates.

One way of entering the license key is simply search for “Activate” in the Start Menu or Cortana. That will take you to Control Panel where you can enter the license key and activate.

Another way is to open Command Prompt and type: slui 3. This will open a window to enter the license key and activate.

Lastly – and my favorite way – is to open Command Prompt and type: slmgr /ipk PBHCJ-Q2NYD-2PX34-T2TD6-233PK. This will install the new product key and also activate Windows. Just for reference you can also only activate Windows by typing: slmgr /ato.