|
dotalchemy posted:I want to say "yes, pretty much", but be careful with the SQL server if you're using Windows authentication to manage access, as hose accounts will no longer be valid. Basically, make sure you know the SA account password. I was gonna post this, I usually use mixed mode authentication so have an active sa account, but if you use Windows only then make sure to generate a local sa login with sysadmin rights on the instance first.
|
# ? Mar 28, 2014 17:36 |
|
|
# ? May 14, 2024 21:15 |
|
How does WDS handle OEM licenses for Windows? Is it as long a sI have the sticker on the box I'm good to go? I'd really like to start having imaging on my network to make poo poo easier but I have such a hodgepodge of licensing.
|
# ? Mar 28, 2014 19:52 |
|
LmaoTheKid posted:How does WDS handle OEM licenses for Windows? According to our MS rep, we can use KMS keys when deploying images as long as each box has the OEM key sticker on it.
|
# ? Mar 28, 2014 19:55 |
|
GreenNight posted:According to our MS rep, we can use KMS keys when deploying images as long as each box has the OEM key sticker on it. Fantastic, thanks for the info.
|
# ? Mar 28, 2014 20:36 |
|
CLAM DOWN posted:I was gonna post this, I usually use mixed mode authentication so have an active sa account, but if you use Windows only then make sure to generate a local sa login with sysadmin rights on the instance first. ^^^^ Honestly just flip it over to mixed mode if you can.
|
# ? Mar 28, 2014 21:52 |
|
CLAM DOWN posted:I was gonna post this, I usually use mixed mode authentication so have an active sa account, but if you use Windows only then make sure to generate a local sa login with sysadmin rights on the instance first. Thanks to you and dotalchemy. That's what I figured and specifically why I mentioned SQL. I do have the sa password so that's no problem. Appreciate it guys.
|
# ? Mar 28, 2014 22:09 |
|
This is probably obvious, but it will create a new user account on their laptops when they log in as NEW\joe instead of OLD\joe. So they will "lose" whatever files and settings are saved locally under that account. Not a big deal necessarily, especially if you're using folder redirection for poo poo like My Documents, but worth noting when Joe logs in for the first time and asks "WHERE DID MY
|
# ? Mar 28, 2014 22:22 |
|
Docjowles posted:This is probably obvious, but it will create a new user account on their laptops when they log in as NEW\joe instead of OLD\joe. I remember this being advised in the past, but I have never used it. May be overkill for a domain this size though. Who knows. http://www.forensit.com/domain-migration.html
|
# ? Mar 28, 2014 23:06 |
|
We used a sort of pricy Quest tool to do our domain migration. Migrated all the workstations and profiles too.
|
# ? Mar 28, 2014 23:10 |
|
Moey posted:I remember this being advised in the past, but I have never used it. May be overkill for a domain this size though. Who knows. I used this for a domain migration. Went actually well in terms of transferring their old domain profile to the new domain (all settings in tact.) The user actually doesn't notice any change on his\her computer. GreenNight posted:We used a sort of pricy Quest tool to do our domain migration. Migrated all the workstations and profiles too. We used quest to migrate & sync the mailboxes.
|
# ? Mar 29, 2014 04:49 |
|
LmaoTheKid posted:How does WDS handle OEM licenses for Windows? I think WDS itself doesn't do anything with the licensing. After imaging, windows will try to activate after it boots for the first time. If you're using MAK licensing, you put a key in the unattend.xml and it activates from that. If you're doing KMS, you just use a WIM from the volume licensed edition and it tries to find your KMS server. But if you deploy WIM from an OEM edition of Windows it should pull the info from BIOS and activate off of that. But your edition of Windows has to absolutely match what that hardware is licensed for (Win7, win8, starter edition, professional, enterprise). I think the retail edition of Windows will activate OEM-style if you don't put a key in unattend, but I have never tried it myself.
|
# ? Mar 29, 2014 07:23 |
|
mintskoal posted:Hey guys, Active Directory question. make sure you update the Master DB with the new domain information. As far as i recall this is not supported by MS so never ever admit to MS Support that you moved the SQL Server to a new domain. Stealing from a good Stack Exchange Answer: What do you need to take into account when migrating SQL Server to another domain? The steps below presume 1) IP address will also change 2) SQL Server is NOT clustered A. Backup: BEFORE: backup the datases off-machine B. Services: BEFORE: depending on the nature of the change/move, you may want to set service start to Manual for all SQL Service AFTER: Once things or up and running properly, return service start to its original setting C. SA account: BEFORE: If all administrator accounts are domain accounts or groups, temporarily enable the 'sa' account with a strong password AFTER moving: once the domain-based accounts are setup in the new domain, 'sa' can be disabled again D. Service Windows account: BEFORE moving: for each SQL-Server-related Windows service, change the service to use a LOCAL windows account or one of the built-in accounts AFTER moving: grant the necessary privileges to the service new domain accounts. When special permissions are not needed, the SQL Service Configuration Manager can be used to change the service account E. Windows domain accounts used to login to SQL Server Re-create the needed accounts or use corresponding accounts in the new domain. BEFORE moving, script out permissions for OLD domain accounts. AFTER moving, apply these scripts to the corresponding NEW domain accounts so they will have the same permissions F. IP Address: SQL Server (unless clustered) will use the new IP address AFTER: Client applications that reference the service by IP address will need to be configured with the new IP address. G. Firewall: AFTER: OLD firewall openings that are no longer used will need to be closed, NEW firewall openings may need to be created for SQL Server, OLAP services, SSRS between servers and clients H. DNS entries: AFTER: verify DNS has correctly updated AFTER: Clients and services that reference by DNS name, may need to be restarted AND/OR their host systems may need their DNS cache flushed. For windows workstations, this can be done with "ipconfig /flushdns" I. Service Principle Names (SPNs). Some standalone (and all clustered) instances use SPNs. AFTER: The OLD SPN must be dropped and a NEW SPN must be created. Although it's not recommended to use a SQL Server service account to manage (its own) SPNs, if this is the case, the NEW domain service account will need to be granted WriteServicePrincipalName" privilege J. Client Network Utility Alias. AFTER: Update any clients that use these will need to updated K. Client application and service connection configuration: AFTER: Data Source Names (DSNs), connection strings, config files, Oracle TNS names for connections - will need to be udpated and applications and services may need to be restarted L. Internal machine name. AFTER: If the machine name is also changing, SQL Server's internal machine name entry may need to be udpated sp_dropserver 'MyOldMachineName' go sp_addserver 'MyNewMachineName','local' go M. Merge Replication - If merge replication is in use, it will also need to be reconfigured. BEFORE: ensure all replicas are up-to-date AFTER: re-configure merge replation Attributions - some information added from these sources: http://serverfault.com/questions/49681/change-ad-domain-membership-of-a-server-2008-running-ms-sql-08 http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/f3e8ff83-8fcd-4335-87fe-ea5641ae6b88
|
# ? Mar 31, 2014 21:00 |
|
I do technical support for the employees of a pretty small company (~75 employees), but since it's pretty small I also get to do some jr. system admin stuff as well. Right now we have no imaging setup whatsoever, I am setting everything up manually. Is SCCM overkill for a setup this size? I would primarily be using it to image machines, but I am interested in using it to install/update applications as well. We're 100% using Windows 7 Professional, but have mostly OEM licenses. Is it true that I can imagine any number of machines using a ~5 machine group license as long as the machines I am imaging have valid individual OEM license? Any other tips or things you would recommend doing if you were setting up an imaging setup from scratch would be appreciated.
|
# ? Apr 3, 2014 16:52 |
|
THF13 posted:I do technical support for the employees of a pretty small company (~75 employees), but since it's pretty small I also get to do some jr. system admin stuff as well. If you have all OEM licenses then you should be able to setup a KMS server and never have to worry about it.
|
# ? Apr 3, 2014 16:54 |
|
Do you already have SCCM licensing through corporate SA? If so, yes I'd use that. Might be too costly if you need to buy it though. The benefit of SCCM, other than imaging and app deployment, is that it comes with antivirus. And yes, you can use KMS for client activation as long as you have OEM stickers on each machine.
|
# ? Apr 3, 2014 16:55 |
|
THF13 posted:I do technical support for the employees of a pretty small company (~75 employees), but since it's pretty small I also get to do some jr. system admin stuff as well. SCCM is probably overkill in size and cost, but if it is available to you, you may as well. I've only set up the applications and updates deployment side of one, and it's a bit cumbersome compared to alternatives. If I was designing something that size, I'd probably just use a Windows Deployment Server with WSUS. Between the two of them, you could probably have them set up in an hour. I haven't the experience in this, but MDT seems like a popular application / update deployment system that can be built on top of the above. You should be able to use a KMS key group to authenticate all your machines with OEM licenses. We do here, but I don't know if there are specific differences. Orcs and Ostriches fucked around with this message at 17:53 on Apr 3, 2014 |
# ? Apr 3, 2014 17:48 |
|
THF13 posted:I do technical support for the employees of a pretty small company (~75 employees), but since it's pretty small I also get to do some jr. system admin stuff as well. If you're focused on OS deployment, use MDT. SCCM just isn't worth the effort for 75 users, especially if it's being done by one guy who wears other hats. Even if you're looking at its other features, it's just way too much overhead. If you also want stuff like app deployment, I'd look into App-V or some 3rd-party alterntives.
|
# ? Apr 3, 2014 17:56 |
|
Orcs and Ostriches posted:I haven't the experience in this, but MDT seems like a popular application / update deployment system that can be built on top of the above. Yeah if you don't already own SCCM, WDS and MDT would probably fit the bill just fine and are free. You can do app deployment and update entirely through group policies, but it's a pain in the rear end for non-trivial apps and inevitably the one app you REALLY care about managing doesn't provide an MSI installer or any sort of customization hooks It's almost as if MS has a sweet deployment tool they'd like to upsell you on...
|
# ? Apr 3, 2014 17:58 |
|
Thanks, I figured it would be overkill but I think I was more interested in experimenting with it for resume building purposes, but looking at the license costs I wouldn't have been able to swing it anyways. I will look into MDT and setting up KMS. Edit: quote:If you have all OEM licenses then you should be able to setup a KMS server and never have to worry about it. THF13 fucked around with this message at 19:13 on Apr 3, 2014 |
# ? Apr 3, 2014 18:16 |
|
THF13 posted:Thanks, I figured it would be overkill but I think I was more interested in experimenting with it for resume building purposes, but looking at the license costs I wouldn't have been able to swing it anyways. I will look into MDT and setting up KMS. quote:Re-imaging good blog post with some good links at the bottom to microsoft documents. http://ladylicensing.wordpress.com/2011/01/24/windows-os-oem-reimaging-rights-licensing-and-techie-update/
|
# ? Apr 3, 2014 19:30 |
|
Demie posted:If you're focused on OS deployment, use MDT. SCCM just isn't worth the effort for 75 users, especially if it's being done by one guy who wears other hats. Even if you're looking at its other features, it's just way too much overhead. If you also want stuff like app deployment, I'd look into App-V or some 3rd-party alterntives. Heh. We got SCCM/Citrix for a 85person company. Yeah ovekrill. But to be honest, when you'r stuck doing helpdesk stuff as well. It beats getting up and going to install stuff manually. And PSEXEC or some other push alternative is just a hack.
|
# ? Apr 4, 2014 01:25 |
|
Alright, I loving hate RPC (probably because I don't really understand how it works). We have an overzelous security guy that insists on us explicitly telling him what firewall rules we need when we talk across networks. Is my understanding incorrect that even when you have a client talking back to a server (such as a domain controller) with RPC, you specifically need to tell your firewall to allow RPC to talk BACK to the client (basically initiate a connection) on the high numbered ports that RPC uses?
|
# ? Apr 4, 2014 02:40 |
|
Wicaeed posted:Alright, I loving hate RPC (probably because I don't really understand how it works). Way too in depth, but interesting if you use RPC a lot: http://blogs.technet.com/b/askds/archive/2012/01/24/rpc-over-it-pro.aspx Basically you can see the first and third arrows in that diagram are the initial requests on ports, first the mapper (135) then the dynamic port (49152-65536 for a DC). I can't recall how I originally wrote a rule for this (we have a hardass networking guy too so I get it). I just apply the same rule object when I need RPC for 2008/2008 R2 now, but I believe you only need to allow client initiated.
|
# ? Apr 4, 2014 03:14 |
|
I need a way to OCR images (screenshots) that are dropped in a folder and output a text file. Or some other scriptable fashion. Surely there's something out there that will do this for less than $10,000 To get a faster rate of adoption for our ticketing system, we'd like users to be able to email our ticketing system and auto-OCR the screencap (generated from snip-tool) So it doesn't need to be very sophisticated OCR, it just needs to be able to read the three or four most common windows fonts in about four different font sizes.
|
# ? Apr 4, 2014 03:27 |
|
Hadlock posted:I need a way to OCR images (screenshots) that are dropped in a folder and output a text file. Or some other scriptable fashion. So you're saying you want to go from digital text (e-mail) to picture to OCR to digital text (ticket)?
|
# ? Apr 4, 2014 03:29 |
|
Sorry let me rephrase The software we support is awful, and users can't (or won't) select copy and paste the error message. The users are very efficient at using the windows snip tool to take a "screenshot" of the error and email it to our external helpdesk/internal support department So I want to go from Error -> user sends email with screenshot -> ticketing front end -> OCR in-line image -> write to database email content + text from OCR'd in-line image The end result being that we have a text-searchable database of all the errors and resolution
|
# ? Apr 4, 2014 03:40 |
|
Hadlock posted:Sorry let me rephrase This is the very definition of a situation where you're trying to use technology to solve a personnel problem. At a certain point, you can't make things any easier for people. Obviously they care enough to use snip-tool to send you a screenshot, so teach them to use "CTRL-C" when the error message appears which will (if the software was written correctly) copy the title and text of the prompt.
|
# ? Apr 4, 2014 15:57 |
|
So at work they've discovered One-drive. What can I do to remain sanity in the onslaught of a myriad of versions of the same? documents when they are on the shared drive, the one-drive, and copy-all (or some) email when I'm the one who gets flac when the database is based on the wrong version.
|
# ? Apr 4, 2014 16:47 |
|
nexxai posted:This is the very definition of a situation where you're trying to use technology to solve a personnel problem. At a certain point, you can't make things any easier for people. Obviously they care enough to use snip-tool to send you a screenshot, so teach them to use "CTRL-C" when the error message appears which will (if the software was written correctly) copy the title and text of the prompt. I've bolded the problem with your plan.
|
# ? Apr 4, 2014 17:47 |
|
I'd still even prefer a mess of screenshots to our current system: "Computer doesn't work. Says there's an error. Need this ASAP."
|
# ? Apr 4, 2014 18:35 |
|
Anyone have any good solutions for documentation/trouble ticket suites? Our workflow currently: - Customer emails us or calls us, says there is a problem. - Receptionist creates a task in Outlook - User is assigned task Documentation is Excel spreadsheets, which is unruly and hard as hell to search/index. We tried wikis for the documentation, but some of my coworkers are hardcore networking guys who are all "SCARED OF THE WEB/COMPUTER" when it comes to this poo poo.
|
# ? Apr 4, 2014 19:17 |
|
Spiceworks?
|
# ? Apr 4, 2014 19:25 |
Gyshall posted:Anyone have any good solutions for documentation/trouble ticket suites? We've just moved to ServiceDesk. It looks like it might cover your needs. -Self-Service Portal -Knowledge Base -Multi-site Support -SLA Management -Help Desk Reports -IT Project Management (Add-On) http://www.manageengine.com/products/service-desk/
|
|
# ? Apr 4, 2014 19:42 |
|
goobernoodles posted:Spiceworks? Seconded. We switched from Numera Track-It to Spiceworks and couldn't be happier.
|
# ? Apr 4, 2014 21:11 |
|
We're thinking about doing the same. Track-It is so much overkill for us, and most of the functionality goes unused. We just want a ticketing system with a decent interface.
|
# ? Apr 4, 2014 21:19 |
|
sofokles posted:So at work they've discovered One-drive. Personally, I would tell everyone a few times not to do that, and then throw whoever is responsible under the bus at every opportunity after that. Assuming you aren't a dick, though, can you just block it at the firewall and blacklist any apps via group policy?
|
# ? Apr 4, 2014 23:24 |
|
On the subject of ticketing systems. Has anyone used osTicket? Thinking about spinning up a test of it. We need to replace an aging ticketing system. Owned Kaseya for two years and that was money down the toilet for our size (and no one ever set it up properly). Ideally opensource/free (I am a cheap rear end) with some workflow.
|
# ? Apr 5, 2014 00:54 |
|
In a past life I hacked up a Bugzilla install to do ticketing. It's free at least And has some semblance of workflow. But I hope you
|
# ? Apr 5, 2014 02:00 |
|
Tantalus posted:We've just moved to ServiceDesk. It looks like it might cover your needs. We've been using ServiceDesk since April and really love it.
|
# ? Apr 5, 2014 03:18 |
|
|
# ? May 14, 2024 21:15 |
|
Jadus posted:We've been using ServiceDesk since April and really love it. Hmmm at my old place.. perhaps it was the guy who set it up did a poo poo job but all I can say is the support in my experience is horrible. It's literally straight to India.
|
# ? Apr 6, 2014 05:47 |