|
Generally you want your DC to be a DC active in your domain and not just a random DC you spin up from nothing.
|
# ? Dec 2, 2016 21:31 |
|
|
# ? Jun 11, 2024 08:38 |
|
You can run a DC on a spare toaster bare metal so I don't understand everyone's huge hangup is or why it is so detrimental to have one physical just in case. It's not hurting anyone. ...coming from a guy with no virtual DC's
|
# ? Dec 2, 2016 21:54 |
|
Sickening posted:Generally you want your DC to be a DC active in your domain and not just a random DC you spin up from nothing. Actually, you want to spin up a spare DC when deploying the domain, make sure it isn't a global catalog, shut it down, then don't touch it for 2 years.
|
# ? Dec 2, 2016 21:57 |
|
Do people really care about AD though if the entire virtual environment crashes and burns. Assuming it doesn't cause a chicken-egg problem like apparently was a thing with hyper V at one point. If the virtual environment is down that probably means your PBX, email, file maker, print server, file servers, remote directories, VDI, weird line of business stuff, KMS, intranet, asset management system, CRM, internal CA, RADIUS authenticator, etc, etc are all dead.
|
# ? Dec 2, 2016 22:01 |
|
MF_James posted:lol windows 10, pretty sure our cheap clients are still running windows 7 (a bunch of them have dumb applications that barely work in windows 7) and will not pay us money to do planned windows 10 upgrades etc etc etc I've been off work all week but peek at E-mails every now and then, looks like I'm being challenged about why we have more VOIP user licences than we have bums on seats. Maybe it's a little something called forward planning since everyone keeps dropping new hires on me without any notice, so staying ahead of the game is a good idea (plus it'll only cost us something like an extra £30 a month jesus).
|
# ? Dec 2, 2016 22:12 |
|
Super Slash posted:You know what sucks? Being the cheap client I slowly creep up our license count on things - every time we add a new hire I buy all the licenses, but don't mark down usage when someone leaves. This has allowed me to go from daily instance of "oh poo poo we have nothing we need" to "we can handle a 5% increase in seats with no issue" and is the best thing ever since I don't have to worry about stuff like getting audited and what not. If someone ever decides to go over my work (not happening) and call me on it (also not happening) I can just state that I was too busy to keep up with things (which is correct) and once again the old adage of "it is easier to ask forgiveness than permission" shall ring true.
|
# ? Dec 2, 2016 23:17 |
|
Methanar posted:But NTP drift is a real problem with virtualized environments, I thought. PCjr sidecar posted:Not in the last five years or so. Tab8715 posted:Things like time drift caused by virtualization and one physical Domain Controller are holdovers from earlier days of the technology. I think at one point VMware had a singe physical D.C but now days I'm under the impression it's no longer necessary. Can you do it? Sure. Will anything bad happen? Probably not in 98% of infrastructures. But the caveats are large enough that I'm not comfortable just giving a blanket "gently caress it, do it" to anyone who asks. e: if you must virtualize your timekeeping infrastructure, use enough peers for them each to spot and correct drift based on peer replies, and keep them on different physical hosts so they don't drift together under load. Vulture Culture fucked around with this message at 23:13 on Dec 3, 2016 |
# ? Dec 2, 2016 23:43 |
|
Here's something I've been meaning to do; Employee on-boarding automation. Now rather than getting into the guts of things I'm trying to envisage things from the user end first, what would someone need to do to get new staff up and running. Run a program? Send a message? Fill out a form? I get the principles for the back end of things making AD User/Mailbox/Folders etc, but how would Miss Jane the HR manager do this?
|
# ? Dec 4, 2016 09:24 |
Super Slash posted:Here's something I've been meaning to do; Employee on-boarding automation. Fill out a form. Either a web-based form, or do some poo poo with an Excel template. Office drones love Excel so they'll probably feel right at home with an Excel based horror. For that I'd suggest making a drop-box file share where the HR people have create-only access to, and you then have a script that moves all the files once a day to a separate work-to-do location. To get the full horror effect, the Excel sheet should have a button control hooked up to a macro that saves it to the magic share.
|
|
# ? Dec 4, 2016 10:10 |
|
It might also be worth checking to see if your HR department use any sort of off-the-shelf system for employees, new hires, recruitment, etc. A lot of them will tie directly into AD/Exchange, so Miss Jane does exactly what she's always done when a new person starts except in the background it's creating that new person's poo poo on the fly.
|
# ? Dec 4, 2016 10:50 |
Cthulhuite posted:It might also be worth checking to see if your HR department use any sort of off-the-shelf system for employees, new hires, recruitment, etc. A lot of them will tie directly into AD/Exchange, so Miss Jane does exactly what she's always done when a new person starts except in the background it's creating that new person's poo poo on the fly. Yeah for user creation, if you can tie it directly to the HR system that's the best way to go. Also guarantees that someone's accounts get disabled when they leave/get terminated. Just make sure you still have a process for creating accounts for people who for some reason can't figure in the HR system. There can still be the issue of setting up equipment, you may not know if a new hire takes over from someone else or needs special stuff just from their data in HR.
|
|
# ? Dec 4, 2016 10:56 |
|
nielsm posted:Fill out a form. We use a form in sharepoint. HR does their part, goes to the Hiring manager to request one of the approved equipment and software loads, everything gets created and the equipment goes to the desktop support manager to deploy or order. It turned what was a multi-day clusterfuck into something simple.
|
# ? Dec 4, 2016 19:48 |
DigitalMocking posted:We use a form in sharepoint. HR does their part, goes to the Hiring manager to request one of the approved equipment and software loads, everything gets created and the equipment goes to the desktop support manager to deploy or order. It turned what was a multi-day clusterfuck into something simple. So you're saying SharePoint actually improved something? Amazing.
|
|
# ? Dec 4, 2016 21:20 |
|
nielsm posted:So you're saying SharePoint actually improved something? Amazing.
|
# ? Dec 4, 2016 21:31 |
|
anthonypants posted:If I were going to make a form for HR and department heads to use for new employees or distribution lists or whatever, I'd make it in SharePoint, too. I can't help but think interfacing with other microsoft systems, like AD or creating network shares, would be one of the places where sharepoint would actually shine. So this would probably be the ideal use case.
|
# ? Dec 4, 2016 22:10 |
|
gently caress working in IT. That is all.
|
# ? Dec 4, 2016 23:48 |
|
devmd01 posted:gently caress working in IT. That is all. It's pretty okay, really.
|
# ? Dec 5, 2016 00:13 |
|
big money big clit posted:It's pretty okay, really. Yeah, sitting in a chair pushing a mouse sure beats a shovel in the heat.
|
# ? Dec 5, 2016 01:14 |
|
devmd01 posted:gently caress working in IT. That is all. Hope this helps
|
# ? Dec 5, 2016 02:02 |
|
KennyTheFish posted:Yeah, sitting in a chair pushing a mouse sure beats a shovel in the heat. Unfortunately shovelpushing doesn't pay as well as mousepushing.
|
# ? Dec 5, 2016 03:39 |
|
Also it wrecks your body by 50, on top of your liver, which both will destroy. I worked construction for a short period of time, it really makes me grateful for what I do now.
|
# ? Dec 5, 2016 04:19 |
|
Vulture Culture posted:Maybe ten years ago, I thought this and was halfway out the door to pursuing a career in human-computer interaction research when I realized that it was just my job that sucked I took some great HCI courses in college and REALLY wanted to get into that field. I sent out a bunch of resumes my senior year (my first failed Google application!). But it turns out there aren't a ton of jobs available in UX research, especially for fresh grads. Much easier getting a gig teaching people to use garbage software than making software not be garbage Getting on the DevOps bandwagon and making working with operations not be garbage has been my consolation prize. A prize I actually like a lot, it turns out.
|
# ? Dec 5, 2016 04:24 |
|
We don't have a compliance thread, so... http://www.velaw.com/Blogs/FCA-Blog/Broad-New-DoD-Cybersecurity-Rule-Could-Put-Defense-Contractors-at-Risk-for-FCA-Allegations/ quote:A contractor, its subcontractor, or a cloud service provider also might fail during contract performance to comply with some NIST SP 800-171 or FedRAMP requirement, or fail to meet its ongoing obligation to identify data the government might consider sensitive. A plaintiff might argue that the contractor’s bills impliedly certified full compliance. At least in the view of a little department in a large legal firm, a head-in-sand approach to CUI / 7000 clause compliance is possibly not going to cut it come next Christmas I wonder how many IT people in small shops there are out there that haven't met their contracting officers or even know that there are prime / secondary contracts in their users' workflows that have these requirements. Even more speculation: with which sort of frequency and intensity will small fish be audited? God only knows. Will individual technicians haplessly involved in compliance issues with ITAR/CUI/EAR be exposed to False Claims Act liability in a meaningful manner in a post-Escobar (http://www.scotusblog.com/case-files/cases/universal-health-services-v-united-states-ex-rel-escobar/) world, though? I don't think so. Under present jurisprudence, the Department of Commerce / State / Justice does a good job of discerning the difference between systemic, institutional issues (resulting in fines and probationary status or revocation of export licenses) and individuals (same as before but also including prison in the case of people who have been repeatedly warned). Purely from UHS v Escobar, I don't think so. From the standpoint of "the next administration is led by someone who loves to over-dramatize stuff," who actually knows what administrative bodies and issues will be tacitly ignored and allowed to quietly churn and continue to work and which will be subject to interference. So yeah, alarmism concerning "am I going to prison?" on the new compliance deadline for many IT shops of next Christmas is probably unwarranted, but still make sure to (1) cover your rear end with documentation when your superiors asktell you "we're compliant with this gigantic-rear end document, right? You have two days" (2) not certify anything you aren't sure about (3) polish your resume if your superiors press you on the matter and want a certification now because they know they aren't complaint but don't want the blood on their own hands and low-digits or tens or hundreds of millions of dollars are being held up until someone sacrifices their good name and criminal-history-free background for the good of the bottom line. Oh, also (4) re-iterating (1) document the poo poo out of your protestation because your silence can be implied as another cog in your organization or department's implied certification of compliance You don't want the same kind of corporate leadership that wants to suck up sweet federal but doesn't want to pay for a good compliance program and subsequent IT position and cost increases to try to cast everything as your fault because "Man, Goon Guy told us so many times we were compliant, this is such a loving surprise to us non-technical managers." There are law shops dedicated to defense based on this sort of strawman-scapegoat strategy. Tread carefully and watch your back. Worst-case nightmare scenario, but there it is. Potato Salad fucked around with this message at 18:54 on Dec 5, 2016 |
# ? Dec 5, 2016 16:40 |
|
Is anyone using Azure Active Directory? How about Azure AD Join? I haven't had the chance to use either and I am thinking I may have a good use case for them. My company is spinning up a (very small) subsidiary that has to be somewhat segregated for regulatory reasons. Management is being super loving coy about the requirements and rather than try to shoe-horn them into our environment or go completely cloud-based, this seems like it may give me a little more control without burying myself.
|
# ? Dec 6, 2016 02:12 |
|
First it's worth mentioning that Azure AD (or Azure ADDS) is not a replacement for real domain services. Anyways my only experience with Azure offerings is with the free tier for Azure AD Join, though I doubt much changes in the two premium ones. I really want to like it and it seems we'd be a good use case since we're super decentralized and pretty much all of our stuff is in the cloud, but a number of issues stand out. Aside from things just being poorly documented in general and the UI being super wonky, we had issues with account administration (button to reset user passwords is greyed out) and couldn't figure out a way to automate joining machines (no Powershell cmdlets as far as I can tell) so for us it seems that it'd just cause more work without nearly enough benefit to offset things. On the upside you can use Azure AD Join for free via the free tier so the only thing you have to lose by testing it out is your time, sanity and liver. I'm just going to keep holding my breath for full-blown cloud ADDS and hope that they fix these other problems on the way there. Edit: I still can't figure out if it's actually possible to use an external identity provider (Google) for SSO for Azure AD Join'd machines or not. Sheep fucked around with this message at 03:34 on Dec 6, 2016 |
# ? Dec 6, 2016 03:00 |
|
Time to schedule an interview for a position that I did a fairly in-depth recruiter interview for a couple weeks ago. I posted about that one in the thread. It would be $27/hr up from $22/hr doing application support, so I'd get some hands on SQL experience. Moving would suck, and the commute until moving would suck, but this is a 6 month contract and my current contract is up in a month and a half. It's weird, I really wasn't expecting to move on with this one. I got the feeling I wasn't what they were looking for. I guess I might be. I really hope I am, I'm going to have to take probably two hours off of this job to make the interview.
|
# ? Dec 6, 2016 08:09 |
|
So this is a new one for me - a recruiter asked me to send a list of references BEFORE they've even mentioned positions relevant to me. I'm immediately feeling that this person is trying to mine contact information and of course they're a 3rd party recruiter thoughts?
|
# ? Dec 6, 2016 21:12 |
|
air- posted:So this is a new one for me - a recruiter asked me to send a list of references BEFORE they've even mentioned positions relevant to me. tell them to piss off, they're going to contact them. *edit* Them being your references, sorry was in the middle of doing a few things. MF_James fucked around with this message at 21:25 on Dec 6, 2016 |
# ? Dec 6, 2016 21:14 |
|
air- posted:So this is a new one for me - a recruiter asked me to send a list of references BEFORE they've even mentioned positions relevant to me. That is exactly what they are doing. This isn't okay to ask for references that early when you are just a random recruiter.
|
# ? Dec 6, 2016 21:14 |
|
air- posted:So this is a new one for me - a recruiter asked me to send a list of references BEFORE they've even mentioned positions relevant to me.
|
# ? Dec 6, 2016 21:23 |
|
Do you have a second phone number you can give them with a phony name/position then tell them to gently caress off when they call?
|
# ? Dec 6, 2016 21:26 |
|
The Nards Pan posted:Do you have a second phone number you can give them with a phony name/position then tell them to gently caress off when they call? Give them fake contact names, with phone numbers leading to different sex lines. That'll look nice in the guy's phone logs.
|
# ? Dec 6, 2016 21:31 |
|
anthonypants posted:Robert Half, right? Bingo. Well, at least the only loss on my part was the time wasted on a couple emails with this jerkoff. Now they've earned my first block on Linkedin.
|
# ? Dec 6, 2016 21:44 |
|
air- posted:Bingo. Well, at least the only loss on my part was the time wasted on a couple emails with this jerkoff. Now they've earned my first block on Linkedin. You didn't tell them your salary did you?
|
# ? Dec 6, 2016 21:54 |
|
Dr. Arbitrary posted:You didn't tell them your salary did you? Never came up and even if it did, that would've never happened. This thread's taught me how to be firm on salarychat, thankfully.
|
# ? Dec 6, 2016 22:04 |
|
Dr. Arbitrary posted:You didn't tell them your salary did you?
|
# ? Dec 6, 2016 22:10 |
|
That isn't why you don't tell Robert Half your salary. You don't tell Robert Half your salary because the first thing they do with that information is contact your boss and offer to replace you with someone cheaper.
|
# ? Dec 6, 2016 22:34 |
|
Does Robert Half even place people? I just figured they were some sort of pyramid scheme.
|
# ? Dec 6, 2016 22:55 |
|
psydude posted:Does Robert Half even place people? I just figured they were some sort of pyramid scheme. I'm sure they're a great way to hire the cheapest poo poo if you are a manager who wants to score points by "proactively addressing our growing technology needs while keeping the department lean, please give bonus now."
|
# ? Dec 6, 2016 22:57 |
|
|
# ? Jun 11, 2024 08:38 |
|
Che Delilas posted:I'm sure they're a great way to hire the cheapest poo poo if you are a manager who wants to score points by "proactively addressing our growing technology needs while keeping the department lean, please give bonus now." After paying robert h's fees I doubt its even that much cheaper.
|
# ? Dec 6, 2016 23:02 |