|
Do I have to do anything special in Server 2008R2 to get it serving DHCP over ip-helper? I'm tearing my hair out here, if I put some lovely little freeware DHCP server on a spare laptop and point ip-helper at it then it serves addresses without fail. I can't get it working in Windows Server - everything I've read says just add the scopes and it will work.
Thanks Ants fucked around with this message at 17:21 on Mar 8, 2014 |
# ? Mar 8, 2014 17:18 |
|
|
# ? May 30, 2024 14:16 |
|
so, this is really basic but how do you guys supporting large numbers of users handle users credentials while working on their machines? like let's say someone calls you up complaining an application won't work on their desktop, they're like 'I'll be out for the next few days, could you take a look at it'. you don't have their password, but you do have domain admin rights of course. is there a way to log on to their account without explicitly having their password - or without resetting it? I don't think there is, and that's a good thing, but had a conversation with someone the other week that made me want a sanity check.
|
# ? Mar 10, 2014 22:39 |
|
I reset password, do my thing, then call and leave them a voicemail asking them to call me to get their new, temporary password, then walk them through changing it to one of their choosing.
|
# ? Mar 11, 2014 00:41 |
|
The local IT folk will request their password or reset it. I won't do either - if they're not here, then I don't access their system with their account. If an issue requires their account, then it waits until they're present and can log it in for me.
|
# ? Mar 11, 2014 01:17 |
|
If I'm talking with the user. I just say don't lock your computer give me a call before you head for lunch, meeting etc.. I then remote in with remote control via SCCM. The other alternative of course I say I'll either need your password or I'll need to reset your password. It's annoying to reset their password though when they have their activesync phones tied to the account. Just more administrative overhead. I get why people should never give out their password, but to be honest if the password isn't over 12 or more characters, it's already not safe as most hackers/crackers have rainbow tables with the hashes already pre-calculated.
|
# ? Mar 11, 2014 01:50 |
|
We have a standing policy for users to give their password to IT as requested, per the CEO.
|
# ? Mar 11, 2014 01:51 |
|
GreenNight posted:We have a standing policy for users to give their password to IT as requested, per the CEO. Well if that's the case, then yeah just reset the password, no way around it. It all comes down to the company culture and mandate. I tend to notice the bigger the company is the more strict their are.
|
# ? Mar 11, 2014 01:54 |
|
When I did user facing IT I never wanted to know their password. In reality 99% of the time it's not actually a big deal but I just didn't want the liability of being able to say I knew the pw for the head of HR or whatever. Since without fail it was the name of their grand kid or their college team's mascot or something with the number 1 after it. Doesn't take a rocket scientist to know what they will change it to when you leave. Edit: to actually answer the question I always reset their password and then set it to force them to pick a new one on next login when I was done. I guess that wouldn't always work if your users are using their AD login primarily for something other than normal desktop use but thankfully I didn't have to deal with that. Docjowles fucked around with this message at 03:42 on Mar 11, 2014 |
# ? Mar 11, 2014 03:39 |
|
Yeah, the majority of our users have email on their phones and it's a pita when a user changes his password because they'll be god damned if they know how to edit their phone password. EMAIL ON MY PHONE IS BROKEN!!!!
|
# ? Mar 11, 2014 04:18 |
|
GreenNight posted:Yeah, the majority of our users have email on their phones and it's a pita when a user changes his password because they'll be god damned if they know how to edit their phone password. Add onto this locking the account out after 3 incorrect password attempts and users who want iphad email without MDM (read: executives) make me want to slap people. Specifically, them.
|
# ? Mar 11, 2014 04:47 |
|
Docjowles posted:When I did user facing IT I never wanted to know their password. In reality 99% of the time it's not actually a big deal but I just didn't want the liability of being able to say I knew the pw for the head of HR or whatever. Since without fail it was the name of their grand kid or their college team's mascot or something with the number 1 after it. Doesn't take a rocket scientist to know what they will change it to when you leave. At least once a month I'll have a user try to tell me their password followed by some variation of "It's the same one I use for everything!". Luckily for them, I'm a professional and an honest man.
|
# ? Mar 11, 2014 19:55 |
|
I have an MSSQL server where the SQL Server service gets disabled by SYSTEM for some reason I can't figure out. Based on the event logs, nothing's crashing or anything. It just casually disabled the service and then stops the server and agent services. Anyone have any ideas what's causing this?
|
# ? Mar 12, 2014 14:39 |
|
mindphlux posted:like let's say someone calls you up complaining an application won't work on their desktop, they're like 'I'll be out for the next few days, could you take a look at it'. Call me when you get back, I'm not working on it twice.
|
# ? Mar 12, 2014 14:46 |
|
nahanahs posted:I have an MSSQL server where the SQL Server service gets disabled by SYSTEM for some reason I can't figure out. Based on the event logs, nothing's crashing or anything. It just casually disabled the service and then stops the server and agent services. Anyone have any ideas what's causing this? While I'm not sure why that's happening without looking at your setup closer, why are you running it as SYSTEM? You should be using a service account, an MSA if you're on AD.
|
# ? Mar 12, 2014 17:03 |
|
Bob Morales posted:Call me when you get back, I'm not working on it twice. it's funny that this is the sentiment of most people who have replied. to me, it seems like a bigger pain in the rear end to have to wait on them to be in the office or call you back or whatever. invariably, if I have like 5-6 requests like this hanging over my head, everyone will call me back at the same time, and someone will get pissy. I'd rather just have them give me everything I need to get poo poo done, and be able to take care of it on my own time without having to listen to some guy blather about his dog or ask every 5 minutes if I'm almost done, or 'oh why you're here could you just look at ......' anyways, glad I'm not insane, and there's no way to log on to an AD account without knowing or resetting the password. because lol if there was, I would feel like an idiot. :<
|
# ? Mar 13, 2014 02:54 |
|
What do you guys use for iPhone management? I just had to replace ~50 phones and by god it was fun trying to get peoples unlock codes and itunes passwords so I could format the old ones.
|
# ? Mar 13, 2014 03:10 |
|
We use Meraki and it's not bad for a free product.
|
# ? Mar 13, 2014 03:18 |
|
Has anyone run in to resource issues with idle Dameware sessions? Supposedly after a while an idle dameware session is capable of eating up something like 80% of a CPU on a multiprocessor VM
|
# ? Mar 13, 2014 03:39 |
|
kiwid posted:We use Meraki and it's not bad for a free product. Oh cool. I'll check it out.
|
# ? Mar 13, 2014 03:44 |
|
Hadlock posted:Has anyone run in to resource issues with idle Dameware sessions? Supposedly after a while an idle dameware session is capable of eating up something like 80% of a CPU on a multiprocessor VM We've been using it here for many years without any problem, but on XP32. The DW 10.x 64bit client works great in our test environment, but we've yet to migrate to the new OS, so it's not in production yet.
|
# ? Mar 13, 2014 14:04 |
|
kiwid posted:We use Meraki and it's not bad for a free product. We use MaaS360 and it has been pretty awesome, even so far as to convert our hardcore Blackberry clients to iPhone/etc.
|
# ? Mar 13, 2014 17:31 |
|
I've spent all morning playing with Meraki and it's pretty badass. Of course I don't have much experience with mobile device management.
|
# ? Mar 13, 2014 17:34 |
|
Meraki, from a wireless infrastructure / AP point of view, came up this morning as an alternative to Aruba - does anyone have any experience with Meraki from a wi-fi perspective? Reviews show them to be pretty poo poo hot, and priced competitively, with Aruba...
|
# ? Mar 13, 2014 17:44 |
|
GreenNight posted:I've spent all morning playing with Meraki and it's pretty badass. Of course I don't have much experience with mobile device management. Yep, its not bad. My only complaint is sometimes it takes a little while for updates to register on the device but otherwise it's great.
|
# ? Mar 13, 2014 17:45 |
|
dotalchemy posted:Meraki, from a wireless infrastructure / AP point of view, came up this morning as an alternative to Aruba - does anyone have any experience with Meraki from a wi-fi perspective? Reviews show them to be pretty poo poo hot, and priced competitively, with Aruba... Look into UniFi by Ubiquiti. We just deployed them here at work and they're fantastic.
|
# ? Mar 13, 2014 17:45 |
|
dotalchemy posted:Meraki, from a wireless infrastructure / AP point of view, came up this morning as an alternative to Aruba - does anyone have any experience with Meraki from a wi-fi perspective? Reviews show them to be pretty poo poo hot, and priced competitively, with Aruba... http://forums.somethingawful.com/showthread.php?threadid=3460935
|
# ? Mar 13, 2014 17:56 |
|
dotalchemy posted:Meraki, from a wireless infrastructure / AP point of view, came up this morning as an alternative to Aruba - does anyone have any experience with Meraki from a wi-fi perspective? Reviews show them to be pretty poo poo hot, and priced competitively, with Aruba... We are using Meraki for all of our APs, access layer switches and also some VPNs from smaller remote campuses. It works great, dead simple and their support is really reactive. My only gripe is their price is kind of high, and once you stop paying your support (purchases come with 3 years), your devices go dead (all cloud managed). I have heard good things about Ubiquiti, they are also much cheaper.
|
# ? Mar 13, 2014 18:04 |
|
Ubiquiti and Meraki are in different leagues, they really can't be compared. They are great - for what they cost, but the feature set doesn't come close. Part of the appeal of going with Meraki is you can combine MDM, switching, wireless and routing into one management policy. Makes it super easy to set traffic management policies up, and do things like require MDM before the network can be accessed.
|
# ? Mar 13, 2014 18:12 |
|
Is it not possible to set up NIS Domains and UNIX Identity Management in Server 2012 R2?
|
# ? Mar 13, 2014 20:22 |
|
Xenomorph posted:Is it not possible to set up NIS Domains and UNIX Identity Management in Server 2012 R2? It has been removed.
|
# ? Mar 13, 2014 20:50 |
|
Gyshall posted:It has been removed. If you install RSAT on Windows 8.1, then use AD Users and Computers to connect to Server 2012 R2, the UNIX properties tab is there. It just won't let you fill in any of the fields unless an NIS Domain is selected. Do you know if it's still possible to set those UNIX attributes (UID, GID, etc) without having the "NIS Domain" stuff installed? I know those fields are just entries in the AD schema, so you shouldn't need to have anything additional installed to give them values. Edit, it seems like it is still in 2012 R2. dism.exe /online /enable-feature /featurename:adminui /featurename:nis /all That enabled the UNIX tab and let me specify the NIS Domain and Unix attributes for groups and users. Xenomorph fucked around with this message at 21:49 on Mar 13, 2014 |
# ? Mar 13, 2014 21:25 |
|
Nice, I'm going to slap that command into our internal Wiki. I only have one client that uses UNIX/NIS crap anymore, and they are a school that will be staying on 2008 R2 until EOL (hopefully I'll be dead/at another job by then!)
|
# ? Mar 13, 2014 21:56 |
|
Gyshall posted:Nice, I'm going to slap that command into our internal Wiki. Everything I've read so far has said the UNIX/NIS stuff was gone. But sure enough, running the command on 2012 R2 seemed to work the same as it did on 2012. The AD schema was extended with the attributes, and the GUI tab was there. You said "UNIX/NIS crap" - is there a better way I should be managing UNIX-like permissions and user settings? FreeBSD, Linux and OS X still use the standard UID, GID, shell, home, etc.
|
# ? Mar 13, 2014 22:31 |
|
If there is a better way, I haven't found it. We actually keep the *nix and Windows environments relatively separate, with the exception of some accounts that need to exist in both. It was just such a pain in the rear end to get the two to "play nice" together.
|
# ? Mar 13, 2014 22:56 |
|
Is anyone updating servers through SCCM? Just curious what your strategy is? I assume you're not allowing them to restart automatically. Time is afterhours? Have you experienced any disruption in services when the updates have installed? How often do you update/restart?
|
# ? Mar 16, 2014 16:17 |
|
Not using SCCM for servers, but with WSUS we push updates to servers every three months after running with the updates in development. Most servers (Domain Controllers, file servers, etc.) get automatically rebooted at 1:00 AM or later according to their group policies. Database and Exchange servers I tend to still do by hand because I am a big babby who has had too many late nights throughout my career because of a bad update on a mission critical server like that.
|
# ? Mar 16, 2014 16:58 |
|
lol internet. posted:Is anyone updating servers through SCCM? We actually break it up between manual and automatic server types. Some services like Exchange can stop working completely with certain updates even if you skip a restart. We created a nice spreadsheet with a list of servers, when the automatic updates are scheduled (spread out through the week in the middle of the night) and a column for servers we have to schedule a maintenance window for. We do immediate restarts for any server that's automatic. Its a bit of a pain to juggle sometimes but we've had a lot less "unscheduled outages" when we switches to that method.
|
# ? Mar 16, 2014 17:07 |
|
Sacred Cow posted:We actually break it up between manual and automatic server types. Some services like Exchange can stop working completely with certain updates even if you skip a restart. We created a nice spreadsheet with a list of servers, when the automatic updates are scheduled (spread out through the week in the middle of the night) and a column for servers we have to schedule a maintenance window for. We do immediate restarts for any server that's automatic. Yeah, this is generally what we do as well.
|
# ? Mar 17, 2014 16:31 |
|
nahanahs posted:I have an MSSQL server where the SQL Server service gets disabled by SYSTEM for some reason I can't figure out. Based on the event logs, nothing's crashing or anything. It just casually disabled the service and then stops the server and agent services. Anyone have any ideas what's causing this? At a much higher level of the domain, there was a GPO disabling all MSSQL and IIS services that no one told me about
|
# ? Mar 17, 2014 19:18 |
|
|
# ? May 30, 2024 14:16 |
|
How are you guys dealing with Microsoft Accounts and their integration into Windows 8/Office 2013 at the work place?
|
# ? Mar 17, 2014 19:52 |