|
lol internet. posted:Does Windows Storage Pools/ReFS do anything magical in performance compared to hardware raid? (Home solution.) performance? no. ReFS is great since it's journaled and the write is read to verify correctness before the write action is considered complete. Storage pools mean that the drives don't all have to be the same which is pretty awesome, and you can swap drives around pretty easily.
|
#
?
Jan 2, 2015 18:12
|
|
|
|
| # ? May 14, 2024 00:25 |
|
|
lol internet. posted:Does Windows Storage Pools/ReFS do anything magical in performance compared to hardware raid? (Home solution.) You don't have to rebuild the whole array when a drive goes south. If you know it's going bad you can just "check out" the drive and storage pools will migrate the data elsewhere so you have it duplicate data before you pull it. If the drive suddenly dies, just swap in a good drive and add it to the pool and storage spaces starts replicating the data back over and you can continue using the drives normally. I've not noticed any speed improvements, i'm still getting just 1x speeds on a mirrored drive pool but I also have deduplication enabled (which is saving me about 3TB of space)
|
|
#
?
Jan 2, 2015 18:18
|
|
|
incoherent posted:Spiceworks is an apache web instance which could be raising flags (e: and if you're doing the network scanning: port scanning). If you're in an ITIL environment they're going stick to the prescribed methods till they stop following them. From the way you framed your org each dept (helpdesk, sysadmin, network security/admin) all have specific roles to take care of. help desk is there do boring rear end password resets and other level 1 things. Your role is to ensure the infrastructure is online and continue to document and reiterate documentation pertaining to the infrastructure. You hit the nail on the head I think. The lulls are definitely what drove me to start playing with these things. I'll take your advice and this this time to study for additional certifications. Thanks!
|
|
#
?
Jan 2, 2015 19:20
|
|
|
So after a few days of hitting my head against Windows Deployment Services, does anyone think they can explain to me the differences with the various points you can choose unattend options? By this I mean the following: Within WDS itself, there are various places in which you can choose an unattend file: #1: Within the WDS server client architecture options for an unattend file #2: Within the Install image option itself (The allow image to install in unattended mode option) #3: And you can also choose to Sysprep and capture an image, to which you can then apply option #2 above during the image deployment I'm having a hell of a time figuring out of any of these steps can overlap, or if you have to apply various options at each state you can specify an unattended option.
|
|
#
?
Jan 2, 2015 23:51
|
|
|
Wicaeed posted:So after a few days of hitting my head against Windows Deployment Services, does anyone think they can explain to me the differences with the various points you can choose unattend options? Don't bother using WDS to actually deploy Windows. Download the Microsoft Deployment Toolkit to customize your Windows install and then use WDS for the MDT boot images.
|
|
#
?
Jan 4, 2015 00:41
|
|
|
So apparently SCCM licensing has changed? Anyone heard anything about this?
|
|
#
?
Jan 5, 2015 19:57
|
|
|
BaseballPCHiker posted:So apparently SCCM licensing has changed? Anyone heard anything about this? It was mentioned in one of the threads a page or two back, I forget if it was this one or the working in IT thread... I think they are charging more per server or something?
|
|
#
?
Jan 5, 2015 19:59
|
|
|
Like 700 bones or some such?
|
|
#
?
Jan 7, 2015 06:56
|
|
|
incoherent posted:Like 700 bones or some such? Per server to use SCCM? Holy gently caress, I'm used to Microsoft gouging but 
|
|
#
?
Jan 7, 2015 11:05
|
|
|
Yeah I think it was like $750 per server to use SCCM on a server. We just renewed our EA and our Microsoft rep didn't call it out.
|
|
#
?
Jan 7, 2015 15:03
|
|
|
Wicaeed posted:Per server to use SCCM? Holy gently caress, I'm used to Microsoft gouging but At list which is a base Open Agreement with 2 years of Software Assurance - $1,323 for Standard (up to 2 physical processors and 2 Managed OSEs) $3,607 for Datacenter (2 physical processors - unlimited cores, unlimited OSEs) but that includes the *entire* system center stack in the new licensing model.
|
|
#
?
Jan 7, 2015 16:21
|
|
|
Nebulis01 posted:At list which is a base Open Agreement with 2 years of Software Assurance - $1,323 for Standard (up to 2 physical processors and 2 Managed OSEs) $3,607 for Datacenter (2 physical processors - unlimited cores, unlimited OSEs) but that includes the *entire* system center stack in the new licensing model. I meant the SCCM client on a server, not the server software suite.
|
|
#
?
Jan 7, 2015 16:40
|
|
|
GreenNight posted:I meant the SCCM client on a server, not the server software suite. As I understand it (and as far as I'm concerned MS licensing is a dark black art designed so that Microsoft can charge anyone anything they want to), the System Center tools are no longer licensed individually, only as the entire Suite. So you get SCOM, SCCM, DPM, etc all rolled into the one license. It makes a great case for my as a consultant to be able to say "Hey since we just rolled SCOM on all of your servers, lets roll out SCCM and get rid of X Other Patching product and save you some money! *cough*so you can pay me some more*cough*" This works really well when you license the physical servers with DataCenter and run a shitload of VMs on them. The DataCenter physical license passes down to all of the virtual guests.
|
|
#
?
Jan 7, 2015 17:28
|
|
|
So has anyone experienced any odd issues with the remote control tools built into SCCM? Like you right click remote control on one device and it just randomly goes to some other computer? It seems to be happening when we try to remotely connect to an offsite host connected through the VPN and instead it connects to some random in house computer. I've been looking through the CmRcViewer.log and I see a message that target principal name is incorrect and then it still just randomly connects to a random host.
|
|
#
?
Jan 7, 2015 22:24
|
|
|
Sounds like a DNS issue more than a SCCM issue, tbh.
|
|
#
?
Jan 7, 2015 22:52
|
|
|
That was my thought as well
|
|
#
?
Jan 7, 2015 23:00
|
|
|
Yes I have seen this issue when there are DNS problems within the network. Do you have DNS scavenging enabled in your DNS server(s)?
|
|
#
?
Jan 8, 2015 02:41
|
|
|
This might be a stupid question. Let's say I have a laptop that I set up and give to somebody to work remotely. Currently we have very limited remote access through web browser, so there's not really any VPN for users to connect to to talk to the DC. So from what I understand, unless they log in on the laptop while they're in the office on the network, the laptop doesn't know the user's account/credentials and will give them the no logon servers available error message. Is there any way to seed a laptop with a user's credentials without having them log in? Like, when it joins the domain could it pull those credentials then and there?
|
|
#
?
Jan 9, 2015 21:55
|
|
|
Not that I'm aware of. We use a VPN that allows you to connect before workstation logon for situations like this.
|
|
#
?
Jan 9, 2015 22:06
|
|
|
I'm not even sure what I'm looking for here, but is there a way to disable permissions caching? We occasionally have issues where it appears the client is caching permissions, even though they've been changed server side, so they still get permission denied, even though they have access on the server. After rebooting, it fixes the cache (I guess?), but this is annoying and there has got to be a way to make the cache invalidate faster (this sometimes lasts for days) or just disable it altogether.
|
|
#
?
Jan 9, 2015 22:59
|
|
|
How are you changing the permissions? If you grant a user access to a resource then that should be reflected instantly, but if you add them to a group that has access to that same resource then I believe that is only reflected by a logoff/logon cycle.
|
|
#
?
Jan 9, 2015 23:10
|
|
|
You can modify the maximum lifetime of your kerberos tickets, or next time this happens, run klist purge at a command prompt which will force the client to get new kerberos tickets.
|
|
#
?
Jan 9, 2015 23:49
|
|
|
Bitlocker... if I'm understanding it right, laptops without a TPM module have to have either a pre-boot password or a security dongle to log in? But laptops with a TPM can simply have full disk encryption and just go through the normal Windows authentication? That latter is what I'm trying to do as I'm converting all our laptops to Windows 8.1 but some ProBook 450 G1 don't seem to have TPM. They mention TPM in the BIOS but I guess maybe it's not the TPM 1.2 that Win8.1 wants.
|
|
#
?
Jan 9, 2015 23:51
|
|
|
I didn't think a pre boot password was an option. I thought if there is no TPM 1.2 compatible chip, it has to be a usb flash drive
|
|
#
?
Jan 9, 2015 23:54
|
|
|
skipdogg posted:I didn't think a pre boot password was an option. I thought if there is no TPM 1.2 compatible chip, it has to be a usb flash drive That's not the case because it allowed me to set a pre-boot password for a fact on the non-TPM (according to Windows) laptop like 30 minutes ago, thought it did first force me to either save the master key on a non-encrypted drive or print it out. After I did that it did activate Bitlocker. That rest is right though?
|
|
#
?
Jan 10, 2015 00:24
|
|
|
I have to pull out info from SQL about the state of our system, Invoke-SqlCmd seems to work really well but it's only installed/accessible from servers with SQL Server installed. I've tried running the query from osql but now the queries are exceeding 2500 characters which is the limit for raw queries. We're trying to avoid generating a .sql file because that adds yet another piece of code to check in maintain and get installation approval for. Is there a better way to get information out of the database for a script in powershell? Running SQL queries in powershell from a remote server shouldn't be this hard without some special SQL server only tools in 2015! I feel like I'm missing something here. Hadlock fucked around with this message at 00:50 on Jan 10, 2015 |
|
#
?
Jan 10, 2015 00:41
|
|
|
SQL 2008 and R2 are the only instances of SQLPS (AKA poo poo-partial implementation of powershell). SQL 2012/2014 have full, native powershell support.
incoherent fucked around with this message at 01:29 on Jan 10, 2015 |
|
#
?
Jan 10, 2015 01:02
|
|
|
I think we're trapped on SQL Server 2008 R2 for quite a while, we just got off of 2005 last year. I'm running the powershell script on a second server, APPSVR, and querying data on a dedicated SQL server, SQLSRVDB The psuedo code looks something like this code:code:Hadlock fucked around with this message at 01:19 on Jan 10, 2015 |
|
#
?
Jan 10, 2015 01:16
|
|
|
Thanks Ants posted:How are you changing the permissions? If you grant a user access to a resource then that should be reflected instantly, but if you add them to a group that has access to that same resource then I believe that is only reflected by a logoff/logon cycle. Yeah, it's usually adding them to a group, although in this case it was modifying the permissions on the folder itself. As noted before, I'll try a klist purge next time
|
|
#
?
Jan 10, 2015 02:07
|
|
|
Just a test, who here is triggered by the word moonshot?
|
|
#
?
Jan 10, 2015 05:54
|
|
|
Is there a Sharepoint thread anywhere around here? I checked SH/SC and in COBOL but couldn't find one.
|
|
#
?
Jan 10, 2015 09:53
|
|
|
7of7 posted:Just a test, who here is triggered by the word moonshot? We looked at them briefly, pretty cool but a very limited use case.
|
|
#
?
Jan 10, 2015 12:05
|
|
|
Karthe posted:Is there a Sharepoint thread anywhere around here? I checked SH/SC and in COBOL but couldn't find one. It will be whatever thread gets sidetracked into talking about alcohol the most frequently.
|
|
#
?
Jan 10, 2015 13:09
|
|
|
There was a SP thread but I think it got archived?
|
|
#
?
Jan 10, 2015 15:37
|
|
|
It's hard to keep a thread going when the posters regularly drink themselves to death.
|
|
#
?
Jan 10, 2015 15:41
|
|
|
Docjowles posted:It's hard to keep a thread going when the posters regularly drink themselves to death. code:
|
|
#
?
Jan 11, 2015 01:55
|
|
|
Zero VGS posted:Bitlocker... if I'm understanding it right, laptops without a TPM module have to have either a pre-boot password or a security dongle to log in? But laptops with a TPM can simply have full disk encryption and just go through the normal Windows authentication? That latter is what I'm trying to do as I'm converting all our laptops to Windows 8.1 but some ProBook 450 G1 don't seem to have TPM. They mention TPM in the BIOS but I guess maybe it's not the TPM 1.2 that Win8.1 wants. That sounds correct. From my limited experience computers with the TPM chip have to have a BIOS password enabled and then have the TPM chip enabled and ownership applied. Once that is done you can apply a GPO that enables bitlocker on the machine and force the host to upload it's encryption key to AD for safe keeping. If you do it that way without requiring a PIN or USB dongle it should be mostly transparent to your end users.
|
|
#
?
Jan 11, 2015 18:18
|
|
|
BaseballPCHiker posted:That sounds correct. From my limited experience computers with the TPM chip have to have a BIOS password enabled and then have the TPM chip enabled and ownership applied. Once that is done you can apply a GPO that enables bitlocker on the machine and force the host to upload it's encryption key to AD for safe keeping. If you do it that way without requiring a PIN or USB dongle it should be mostly transparent to your end users. This is correct. The method you're speaking of is to allow ADUC to manage the Bitlocker keys. That's an option, otherwise I believe you can have your MBAM server manage the keys. If a problem occurs with a workstation, you will see it boot to a black screen that asks for a recovery key. At that point you would access an MBAM web interface, enter the string on the screen of the broken workstation, and in return it spits out a key that you enter into the workstation. If successful it continues to boot into Windows.
|
|
#
?
Jan 12, 2015 02:57
|
|
|
Does Data Protection Manager use space on the source hard drive when performing a bare metal backup? A huge vhd file showed up in my server's C: root, why did that happen?
|
|
#
?
Jan 12, 2015 10:58
|
|
|
|
| # ? May 14, 2024 00:25 |
|
|
You specifically DO NOT want to do the USB drive for a key route. We do that and it sucks.
|
|
#
?
Jan 12, 2015 18:54
|
|