|
Zero VGS posted:As in I hope to god none of you are running Win10 in production. Gotta run bleeding edge or get out of the business.
|
# ? Dec 9, 2014 22:06 |
|
|
# ? May 15, 2024 00:27 |
|
If you're not running a 20+ employee company off MSDN licenses you're doing it wrong!
|
# ? Dec 9, 2014 22:24 |
|
My boss actually tried to give me MSDN Windows 2012 Datacenter licenses to put into production, I'm like are you on crack?
|
# ? Dec 9, 2014 22:27 |
|
Zero VGS posted:My boss actually tried to give me MSDN Windows 2012 Datacenter licenses to put into production, I'm like are you on crack? Living on the edge man, it's only with a licencing audit about to destroy me that I truly feel alive.
|
# ? Dec 9, 2014 22:49 |
|
We just got done helping a 300+ employee healthcare firm transition from the 11 year tenure "one guy" IT shop to an actual help desk/ticket/IT infrastructure which took us about two years to do. On first discovery we find that there are 20+ 2003/Exchange/SQL servers running on a single MSDN license the guy got when he was in school or some poo poo. Fun times. Once we started purchasing Volume Licenses for them Microsoft called up and said "time to audit!" as if they were just waiting for this opportunity.
|
# ? Dec 9, 2014 22:53 |
|
bonestructure posted:Does anyone here have experience doing ndmp copies using Powershell 3 and NetApps, with the NaNdmpCopy cmdlet? I'm trying to script a restore of one lun using another as a source. Both volumes live on the same NetApps filer. Using Start-NaNdmpCopy or Invoke-NaNdmpCopy throws the same error, "Ndmp connection error, DataONTAP,Powershell.SDK.Cmdlets.Ndmp.StartNaNdmpCopy" (or Invoke when I'm using that.) I have verified that the credentials I'm using to connect to the filer, the IP address I'm using for -SrcController and -DstController is correct (same IP for both), and my volume paths are all correct. Not sure where I'm going wrong with this. In case anyone else needs the answer to this, it's that the NaNdmpCopy cmdlet doesn't accept plaintext passwords on the command line, you have to create and pass a PsCredential object instead. edit: unless you're using single sign-on, and even then if you are writing scripts bonestructure fucked around with this message at 02:41 on Dec 10, 2014 |
# ? Dec 10, 2014 02:35 |
|
Gyshall posted:Fun times. Once we started purchasing Volume Licenses for them Microsoft called up and said "time to audit!" as if they were just waiting for this opportunity. I'm glad we have an EA, it makes poo poo a lot easier.
|
# ? Dec 10, 2014 05:28 |
|
adorai posted:Out of curiousity do they offer amnesty of some kind for these situations? I mean, they are paying up now and at least acting in good faith. Yeah they don't really give a gently caress, they assign a "compliance officer" to your account but I imagine you could make the whole licensing thing a year/two year process and they wouldn't care as long as you showed you were licensing your stuff.
|
# ? Dec 10, 2014 15:38 |
|
Another month, another set of patches breaking poo poo. Discuss.
|
# ? Dec 10, 2014 19:31 |
|
Test your poo poo before deploying to production? Assuming you mean KB3004934
|
# ? Dec 10, 2014 20:09 |
|
Gyshall posted:Assuming you mean KB3004934 Yup.
|
# ? Dec 10, 2014 20:24 |
|
I've worked several places that ran all of their production MSSQL servers as well as the underlying OS off of Action Pack licenses. I know that unlike MSDN there are circumstances where that is acceptable, but we didn't fit the bill. It was straight-up powering a for-profit production website. Not surprisingly they were fairly lovely work environments and I'm glad to not be there anymore.
|
# ? Dec 10, 2014 21:27 |
|
incoherent posted:Another month, another set of patches breaking poo poo. Discuss. It seems to only break Windows 7 / 2008 R2 in my testing so far. My Windows 8.1 and Server 2012 R2 installs are behaving properly. e: it also appears that it only affect 64-bit Windows 7/2008R2. Number19 fucked around with this message at 22:55 on Dec 10, 2014 |
# ? Dec 10, 2014 22:41 |
|
What does it break? Its pending me finally rebooting....
|
# ? Dec 10, 2014 23:09 |
|
Is Schema, at least with-in the context of Active Directory analogous to a blueprint? It seems like it is...
|
# ? Dec 10, 2014 23:10 |
|
So our task sequence started failing today because it says it couldnt activate our MAK keys. We have plenty of seats left so I have no idea what's going on. Going to switch to another code and see if that fixes it. Is it worth setting up KMS if we only image 3-5 systems a day?
|
# ? Dec 10, 2014 23:13 |
|
I image 3-5 systems a month and have a KMS. It's not a difficult setup, and you can use it for Office.
|
# ? Dec 10, 2014 23:14 |
|
thebigcow posted:What does it break? Its pending me finally rebooting.... http://www.infoworld.com/article/28...il-defende.html It basically breaks all code signing verification and even makes built in Windows components like cmd.exe and taskmgr.exe report that they come from an "untrusted publisher" on Windows 7 x64 and Server 2008 R2.
|
# ? Dec 10, 2014 23:15 |
|
Tab8715 posted:Is Schema, at least with-in the context of Active Directory analogous to a blueprint? Schema is like a database, if your database was Active Directory. If you want to get a taste of schema-adminining, go look up the "drink" attribute and then implement it for some AD objects. But yes, it is basically like a blueprint.
|
# ? Dec 10, 2014 23:20 |
|
Tab8715 posted:Is Schema, at least with-in the context of Active Directory analogous to a blueprint? Essentially. Another way to think of it is an OOP class. The fundamental unit of data in AD is the object, and schema define the vocabulary of those objects. IE, it is schema that declare that user objects have first names, last names, email addresses, etc.
|
# ? Dec 10, 2014 23:21 |
|
Here's some more details on why KB3004394 might be busted: https://www.virtualbox.org/ticket/13677#comment:6 quote:From what I can tell, the KB3004394 update does not install a catalog file on 64-bit windows 7. It does on Windows 8.1 (C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB3004394~31bf3856ad364e35~amd64~~6.3.1.0.cat), so VBox works fine there.
|
# ? Dec 10, 2014 23:32 |
|
Tab8715 posted:Is Schema, at least with-in the context of Active Directory analogous to a blueprint? Basically. I'm not sure if blueprint is the right word I would use. More like a list of possible attributes/values for a given type of object. A template if you will. I guess blueprint works AD is basically a database of objects right? All items in AD are 'objects'. Objects have attributes and classes. The schema defines those attributes and classes for objects. Classes = type of objects (computer, user, group, etc) Attributes = data items used to describe the object (location, phone number, name, etc) You have a computer object in AD, it's class = Computer, and the schema then says that object then has the following attributes <whole big list>. An object in the User class may have different attributes and the schema would reflect that. This is a terrible example, because under the hood computer and user objects share basically the same attributes, but it might help make the point or clear things up a little bit. Think about a user object. What attributes are important for that object to have? Obviously you want things like: First Name Last Name Phone Number Office Location Email address etc. Those attributes get mapped by the Schema. An object is classified as a User, and those are values (attributes!) that can be filled in with useful information. Now say you have a computer object. Are first and last name important attributes for a computer to have? Nope. Does a computer have a phone number? Probably not. The Schema might define attributes for objects in the computer class differently, for example: Name Location IP Address OS Version While IP Address might not be a valid attribute for an object of the user class it is for an object of the computer class. Hopefully this helps, and I swear if someone tells me that you can set a telephoneNumber attribute on a computer object, I know that already, I was trying to explain a high level concept here. Bonus Technet reading about the Schema http://technet.microsoft.com/en-us/library/cc759402.aspx
|
# ? Dec 11, 2014 01:16 |
|
AD is literally LDAP, and if you want to understand AD at that level you basically need to understand LDAP. Also technically almost everything is a "container" in AD rather than an "computer" object or "user" object.
|
# ? Dec 11, 2014 01:38 |
|
I'm not trying to start anything, but that isn't correct at all. Active Directory is a Directory Service that is more than just LDAP. It is LDAP compliant, and is based in large part on LDAP, but to say Active Directory is LDAP would be incorrect. AD as a directory service encompasses all the parts that make AD work. Kerberos, DNS, and all the other background stuff. I understand what you are saying with containers and leafs, and I've seen that referenced before in LDAP documentation, but in Microsoft land everything in Active Directory is an object. Objects that contain other objects can be called container objects, objects that cannot contain other objects can be called leaf objects but they are still objects. I'll also retract my previous statement about the AD Schema not being a blueprint. The description of Chapter 5 of the most recent AD book from O'Reilly that covers the AD Schema literally says "Describes how the blueprint for each object and each object's attributes are stored in Active Directory", so if Brian Desmond and Co, who know more about AD than I ever will call it a blueprint, gently caress it, it's a blueprint.
|
# ? Dec 11, 2014 07:29 |
|
skipdogg posted:I'm not trying to start anything, but that isn't correct at all. In the context of the conversation it is correct, Kerberos and DNS are components of Active Directory but they're not Directories. Active Directory Directory Services function almost identical to LDAP, the point that "To understand AD you need to understand LDAP" is 100% correct, stop being such a weiner.
|
# ? Dec 11, 2014 09:56 |
|
LDAP is a standard protocol you goons. It is used for directory data and was developed as an alternative to X.500. LDAP predates Active Directory by almost a decade. Active Directory is a proprietary implementation of LDAP/X.500, by Microsoft, but it is not LDAP. It is a Directory Service that is compatible with LDAP. Originally was called NT Directory Services (NTDS). Other directory services which are implementations of LDAP/X.500 - eDirectory, Red Hat Directory, OpenLDAP, Lotus Domino. Also Novell's implementation. These are all relatively lovely and pray you never have to work on them. You most certainly do not need to understand LDAP to work with Active Directory, but it helps. Arguing about directory services is literally the most ever
|
# ? Dec 11, 2014 16:38 |
|
http://www.zytrax.com/books/ldap/ I bookmarked this an age ago and never got around to reading, maybe it will help you.
|
# ? Dec 11, 2014 17:22 |
|
Another impact of KB3004394 that is not enterprise related: I use a Cable Card tuner and Windows Media Center for DVR / Live TV at home. The update invalided the DRM config so every time I wanted to watch live TV, I had to run the Cable Card Advisor tool to restore the certs/DRM.
|
# ? Dec 11, 2014 17:24 |
|
Basically anything that has to do with the Microsoft certificate store is going to be hosed.
|
# ? Dec 11, 2014 17:49 |
|
Active Directory is possibly the most impressive tech to me that MS has developed in the last 15 years. Like Gyshall said, if you think AD is at all cumbersome or difficult to understand, try using any other LDAP-based directory ever. AD is the pinnacle of ease and usability in comparison.
|
# ? Dec 11, 2014 18:29 |
|
Gyshall posted:Basically anything that has to do with the Microsoft certificate store is going to be hosed. I love my job some days. This is not one of those days.
|
# ? Dec 11, 2014 18:30 |
|
Docjowles posted:Active Directory is possibly the most impressive tech to me that MS has developed in the last 15 years. Like Gyshall said, if you think AD is at all cumbersome or difficult to understand, try using any other LDAP-based directory ever. AD is the pinnacle of ease and usability in comparison. Active Directory is good, but OneNote is the best thing Microsoft has ever done
|
# ? Dec 11, 2014 18:33 |
|
CLAM DOWN posted:I love my job some days. This is not one of those days. Thankfully I had only deployed and installed it on my pre-test stations. It was in the list going out to the update preview users but I managed to pull it back before it hit the install deadline. I ca only imagine what this must be doing to places that don't have a update review process
|
# ? Dec 11, 2014 18:41 |
|
It looks like the following updates are all bad this month: KB3004394 - the root certificate one that breaks all code signing validation KB3008923 - MS14-080 - this IE security update will make IE crash on some web pages that heavily use modal dialogs KB3011970 - Silverlight update - breaks Silverlight's DRM KB2553154 - MS14-082 - this security update for Excel 2007/2010/2013 will cause ActiveX macros to stop functioning KB2986475 - CU8 for Exchange 2010 SP3 will prevent some (all?) Outlook clients from connecting I'm guessing that a lot of people are going to be getting very drunk this week. e: the Silverlight one was wrong Number19 fucked around with this message at 19:45 on Dec 11, 2014 |
# ? Dec 11, 2014 19:01 |
|
Number19 posted:I ca only imagine what this must be doing to places that don't have a update review process I had a brand new 2008 R2 VM install yesterday that failed sfc /scannow after initial install of Windows Updates, which is just grand.
|
# ? Dec 11, 2014 19:43 |
|
Gyshall posted:I had a brand new 2008 R2 VM install yesterday that failed sfc /scannow after initial install of Windows Updates, which is just grand. Yeah, sfc /scannow will fail after KB3004394 is installed because it can't verify the signatures on most if not all of the system files. I really can't believe this one actually got released as it.
|
# ? Dec 11, 2014 19:46 |
|
Number19 posted:It looks like the following updates are all bad this month: 3004394, 3011970 and 2986475 got pulled, so that's good I guess, but holy poo poo.
|
# ? Dec 11, 2014 20:52 |
|
I am going out of my mind trying to figure out how to get an image from WDS onto this laptop. It doesn't have any ethernet port and doesn't PXE boot off of the third party USB-ethernet adapter we have. So I've been instead trying to figure out how to boot from a USB drive to get to the server. I tried booting from a discover image, but I keep getting code:
In the meantime, I've been trying to figure out how to get to the WDS server through a generic WinPE environment instead, but haven't had any success. I tried loading up the WinPE-WDS-Tools onto a PE image, but can't figure it out for the life of me. It doesn't help that I'm getting all of the deployment tools (AIK, ADK, different version of PE) confused. Could anybody point me in the right direction?
|
# ? Dec 12, 2014 02:10 |
|
Can you yank the drive, install on a different machine, and just deal with the problems after you put it back? USB DVD drive might work better than a thumb drive.
|
# ? Dec 12, 2014 05:32 |
|
|
# ? May 15, 2024 00:27 |
|
For those of you running DirectAccess - have you had to deal with an increase in staff cellular data usage? 50% of my remote staff use iPhone tethering as their internet source which is reasonable when using RDS. But when using DA the data usage is skyrocketing due to every email attachment, WSUS patch and god-help-me update to Adobe Flash going directly over the 4G connection. Is there anything I can do to alleviate this or is it just the price of managing remote endpoints in a country where we pay a shitload for cellular data?
|
# ? Dec 12, 2014 07:20 |