|
Is there a modern replacement for CPUSTRES from the server 2000 resource kit?
|
# ? Jul 16, 2015 21:52 |
|
|
# ? May 30, 2024 06:15 |
|
What do you guys use for 3rd party patch management for Windows? Looking for something agentless, easy to use, updates fast, etc. Cost isn't an issue. GFI? Solarwinds? LanDesk?
|
# ? Jul 17, 2015 15:00 |
|
Licensing question: I've got an environment that's moderate size (3 sites, about 30 physical servers, 45+/- VMs, 20 end users who are software developers + office staff). Unfortunately, what I inherited is definitely not 100% on the up and up with licenses. it's not being fully run off MSDN either, but it's definitely not properly tracked, maintained, and I'm fairly certain there is some MSDN stuff mixed in with production. Any advice for how to audit this properly? I already prepped my boss that we NEED to get this poo poo locked down, and he's cool with it. We're government, but operate independently of our agencies IT department. My perfect world would be to audit personally, procure proper licenses across the board, and then voluntarily enter an SAM engagement to verify our licenses. Right now at step 1 of said process; fortunately I have good rapport with management and they know a big bill in incoming. Any tips for process in auditing an environment? I know we have some OEM licenses, some retail, some via government BPA.. its going to be a cluster to put the pieces together. Walked fucked around with this message at 17:48 on Jul 17, 2015 |
# ? Jul 17, 2015 17:24 |
|
do you have that excel sheet that microsoft has for self audit
|
# ? Jul 17, 2015 21:53 |
|
GreenNight posted:What do you guys use for 3rd party patch management for Windows? Looking for something agentless, easy to use, updates fast, etc. Cost isn't an issue. GFI? Solarwinds? LanDesk? I've used Shavlik and Solarwinds. We currently use Solarwinds. What do you need it to patch?
|
# ? Jul 18, 2015 03:03 |
|
skipdogg posted:I've used Shavlik and Solarwinds. We currently use Solarwinds. 3rd party Windows apps. Java, Flash, etc. Someone on IRC mentioned Ninite Pro which looks pretty good.
|
# ? Jul 18, 2015 03:20 |
|
GreenNight posted:3rd party Windows apps. Java, Flash, etc. Someone on IRC mentioned Ninite Pro which looks pretty good. We're using PDQ Deploy, works pretty well in our environment (about 200 workstations), not sure how well it would scale to large environments. That and removing flash/java from machines that dont absolutely require it
|
# ? Jul 18, 2015 16:31 |
|
Mr. Clark2 posted:We're using PDQ Deploy, works pretty well in our environment (about 200 workstations), not sure how well it would scale to large environments. That and removing flash/java from machines that dont absolutely require it We're at about 250 workstations and I already use PDQ Inventory. I remember looking at that in the past but I don't remember why I dismissed it.
|
# ? Jul 18, 2015 16:54 |
|
GreenNight posted:3rd party Windows apps. Java, Flash, etc. Someone on IRC mentioned Ninite Pro which looks pretty good. Been using Shavlik Patch for the past few years. I like it so much I've convinced my latest clients to purchase it. It easily integrates into SCCM 12R2.
|
# ? Jul 19, 2015 15:19 |
|
mobby_6kl posted:I'm glad somebody brought up RemoteApp. I've been trying to host an app on an isolated EC2 instance and make at as simple as possible for users to connect. Machines also need to log in in AD before they're allowed to verify passwords. So it seems that you have problems with the client identifying itself to the server. I'm not sure if this is possible in EC2, but what I'd try next is whether the client can access a server share. Also, even if you don't have proper certificates, you should still make a domain trusted certificate. Server 2012 can create those even in the Standard version. Then you can manually import the root certificate on the client and you won't get any scary IE messages about invalid certificates that might demote your security zones.
|
# ? Jul 19, 2015 16:46 |
|
How big are these networks you guys are using 3rd party software deployment tools on?Mr. Clark2 posted:removing flash/java from machines that dont absolutely require it Why do you do this?
|
# ? Jul 20, 2015 01:56 |
|
Tony Montana posted:How big are these networks you guys are using 3rd party software deployment tools on? Why wouldn't you use this on even a small network? Ninite Pro is cheap.
|
# ? Jul 20, 2015 02:05 |
|
Tony Montana posted:Why do you do this? I might be missing the sarcasm here, but unless it's absolutely required, why would you want flash/java on a machine at all? In a perfect world both products would be annihilated.
|
# ? Jul 20, 2015 02:12 |
|
Tony Montana posted:Why do you do this? Flash and Java both are incredibly loving naggy about updates, so you need to choose between removing them, disabling the update notifications and leaving them less secure (lol as if there's any such thing with those), or constantly finding a way to push updates with admin privileges. CLAM DOWN posted:I might be missing the sarcasm here, but unless it's absolutely required, why would you want flash/java on a machine at all? In a perfect world both products would be annihilated. On the flip side, there's so many loving awful things that require them. My previous job in healthcare required Java for some government health insurance lookup site half the company used, my current job requires Flash to be able to play videos in BlueJeans, which we use for our weekly company-wide meeting that half the company joins. I can't decide whether to direct the rage at devs who keep using this poo poo, or Oracle/Adobe for not just owning their failures and making the things 100% sandbox only, or whatever.
|
# ? Jul 20, 2015 02:30 |
|
I definitely didn't like having to track down Java 6 to make my old as gently caress Cisco ASDM work.
|
# ? Jul 20, 2015 03:01 |
|
NevergirlsOFFICIAL posted:Why wouldn't you use this on even a small network? Ninite Pro is cheap. It's kinda the point I'm getting at. I think you're only using these tools on small networks. Someone raise their hand if they're using one of these 3rd party tools on a network over 5k seats. edit: asked the deployment guys and they use SCCM for flash and java updates on enterprise networks. I don't know how viable that is, because I don't patch, but that's what they said. CLAM DOWN posted:I might be missing the sarcasm here, but unless it's absolutely required, why would you want flash/java on a machine at all? In a perfect world both products would be annihilated. I use the Internet. I use applications people have written. This is why I need flash and java. If we're talking servers, then sure, you don't install anything on them you don't need. But for workstations, I would have thought leaving off flash and java would generate more tickets than it closes. Tony Montana fucked around with this message at 11:31 on Jul 20, 2015 |
# ? Jul 20, 2015 03:06 |
|
Tony Montana posted:Why do you do this? Others have answered: Death to Java and Flash! We've tested building out in-house applications that flatly require Java that we won't be able to eliminate from our business process as VMware ThinApps. It was shocking to see a system on Java 6u45 that we always have immense trouble tweaking to work on desktops run for the first time in a little packaged mini-vm. poo poo's expensive though -- on the order of $100 per year per seat
|
# ? Jul 20, 2015 17:30 |
|
So I'm starting the planning and deployment of Skype for business 2015. Yes, internally, we have a cloud ban from the mothership for some stupid reason. Initially it will support 300 people, and eventually 1500 or so as we merge in the other domains. I've barely worked with lync from an administrative perspective so I'm flying pretty blind here. If anyone has some good suggested resources, I'm all ears. We do have a safari books subscription so I'll be reading up on 2013 since not a whole lot has changed.
|
# ? Jul 20, 2015 17:39 |
|
No one at my job needs Java. Everyone who has said they need Java is because of some loving web games, so I banned Java from the corp. Feels good. Flash though, ugh. Our corporate website uses Flash and the marketing dept hates change.
|
# ? Jul 20, 2015 17:42 |
|
devmd01 posted:So I'm starting the planning and deployment of Skype for business 2015. Yes, internally, we have a cloud ban from the mothership for some stupid reason. As someone who's just done this, I am sorry. It's a billion times easier to just farm this out to a company that does video/chat for a living, but NOPE.
|
# ? Jul 20, 2015 20:49 |
|
What the gently caress is up with O365 technical support. Like every single time I have to deal with them, it's literally dealing with some 1st level guy who is beating around the bush for like 3 weeks before he will finally escalate you. It would be better if the free support didn't exist and you just paid to get on the phone with someone who won't waste your god drat time and is actually useful. We are migrating users to O365 in a hybrid deployment and it seems to break all re-occurring meetings. Can't update, can't delete. The god drat tech is expecting me to go into every single users calenders and manually delete the meetings, then have the users re-create.. what the gently caress, how unpractical and what the gently caress am I suppose to do with the external users who are part of the meeting. O365 exchange migration, stay the gently caress away. You're on your own if poo poo hits the fan. /end rant. lol internet. fucked around with this message at 21:35 on Jul 20, 2015 |
# ? Jul 20, 2015 21:33 |
|
Yeah if we go that route we're having consultants who have done it a dozen times do the migration. gently caress doing it yourself and learning as you go.
|
# ? Jul 20, 2015 21:40 |
|
lol internet. posted:What the gently caress is up with O365 technical support. Like every single time I have to deal with them, it's literally dealing with some 1st level guy who is beating around the bush for like 3 weeks before he will finally escalate you. It would be better if the free support didn't exist and you just paid to get on the phone with someone who won't waste your god drat time and is actually useful. Presumably someone has had a good experience with O365 phone support? I haven't, but I'm guessing someone must have. 90% of the time, I end up figuring out the issue as they attempt to drag out the phone call.
|
# ? Jul 20, 2015 21:50 |
|
Maneki Neko posted:Presumably someone has had a good experience with O365 phone support? I haven't, but I'm guessing someone must have. 90% of the time, I end up figuring out the issue as they attempt to drag out the phone call. Ehhh... We pay for an O365 TAM, and that helps with the pain usually. If we're not getting results we start yelling at our TAM, and our TAM starts getting resources for us.
|
# ? Jul 20, 2015 22:00 |
|
Critical vulnerability MS15-078 just posted for Vista-2012R2: https://technet.microsoft.com/en-us/library/security/MS15-078 "This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts."
|
# ? Jul 20, 2015 22:16 |
|
GreenNight posted:No one at my job needs Java. Everyone who has said they need Java is because of some loving web games, so I banned Java from the corp. You banned java from the corp, eh? Tell me more about your corp. How many users? How many servers? skipdogg posted:Ehhh... We pay for an O365 TAM, and that helps with the pain usually. If we're not getting results we start yelling at our TAM, and our TAM starts getting resources for us. Yeah, without the TAM you're at the same level as any user, right? So, like I have a small business shaving goats, and it's me and my wife. We shave many goats daily, and we need modern connectivity to receive emails about goat shaving events. I bought 2 365 subscriptions and it all just works! I can use my own domain and everything! Hang on, Bob (a legend in the goat shaving world) sent me and email and I didn't get it! I'm not good with computers!! You're in the queue with that guy. The MS helpdesk guy is just running through his script.
|
# ? Jul 21, 2015 01:32 |
|
lol internet. posted:What the gently caress is up with O365 technical support. Like every single time I have to deal with them, it's literally dealing with some 1st level guy who is beating around the bush for like 3 weeks before he will finally escalate you. It would be better if the free support didn't exist and you just paid to get on the phone with someone who won't waste your god drat time and is actually useful. quote:O365 exchange migration, stay the gently caress away. You're on your own if poo poo hits the fan. migrationwiz supremacy
|
# ? Jul 21, 2015 02:23 |
|
skipdogg posted:Ehhh... We pay for an O365 TAM, and that helps with the pain usually. If we're not getting results we start yelling at our TAM, and our TAM starts getting resources for us. Any idea how much TAM is? Our company has 75 users so I doubt we can afford it =/ Also, I have horrible experiences with BES support as well. I absolutely hate contacting O365 and BES support (I don't even know how they get away with charging a support fee.)
|
# ? Jul 21, 2015 04:13 |
|
Tony Montana posted:You banned java from the corp, eh? Tell me more about your corp. How many users? How many servers? Around 250 users and 40 or so servers. I have Java on one VM to use with ASDM.
|
# ? Jul 21, 2015 04:31 |
|
lol internet. posted:What the gently caress is up with O365 technical support. Like much things in life, good things cost money. I'm perplexed by why so many vendors have elected to allow support incidents for cloud to be free where standard implementations are not. On another note, SaaS Services are low-margin, high-volume and single support incident quickly eliminates any profit.
|
# ? Jul 21, 2015 05:04 |
|
GreenNight posted:Around 250 users and 40 or so servers. I have Java on one VM to use with ASDM. Your 'corp' is barely beyond small business. It's a medium business by any standard, and a long way from large.. which is an even longer way from enterprise. It's just something to note in the enterprise Windows space, you'll talk to lots of technical people that have all sorts of ideas and things they've done in the past.. but the reality is they've never done it at the enterprise level. This is what I talking about with the 3rd party deployment tools above, when you ask a real enterprise deployment department they just look blankly at you and say 'SCCM', like the answer is obvious because it is.
|
# ? Jul 21, 2015 06:09 |
|
friendbot2000 posted:Not entirely sure if this goes here but I have been tasked with looking into a Microsoft service to deploy on our servers called SPLUNK. This is mostly a research mission because we found it mysteriously on our servers and we are hoping to use it for reporting for logs etc. Has anyone used this service before? And can they give me some info on how easy it is to use, little quirks that could bring the sky down around our ears, that sort of thing. Another thing I was tasked to do was find out what kind of statistics we have on package installs vs failures in this new package manager we're trying out. I made a new data model for this log file and then found out what line listed the state 'success' or 'failure' in the log file and extracted the value with a regular expression. Pop into the splunk pivot chart for those values and then you can make a small pie chart showing the successful installs from the fleet vs the failures. When you see the pie chart you can click to drill down on the failing nodes and look at the individual lines that were found to see what package failed the install. If that isn't your cup of tea you can print out a table of the packages and count the number of installs for the top 5 packages. The only thing the data model can't do is overlay previous week's data on top of current data so you can see the overlay of the trends but on the whole using data models is pretty powerful stuff! The guys who originally setup the stuff were using these massive inline searches that took forever to run, but now with the data models those same dashboard elements will run pretty quickly in real-time. It may sound a little crazy but little things like this are making managing all these machines easier than it used to be. My bread and butter was being weened on Microsoft's tools but over the course of the last year we're now counting down the days when we can turn off our SCCM server for good and be done with it. And I would agree with everyone saying you need to learn a little Powershell. WMF5 is going to land soon and being a Windows admin is going to get a whole lot easier with some of the new things that are coming along with it. Windows 10 looks pretty rad too. I can't wait to get my hands on the RTM
|
# ? Jul 21, 2015 07:05 |
|
Not sure if this is the right place to ask this, but here goes anyway. Can anyone give some advice on how I might deploy different print drivers for the same printer depending on AD groups? I need to lock most users out of colour printing, so I've found a custom driver which does just that. Problem is the driver has the same name as the standard driver, and If I add it in print management it just overwrites the standard driver resulting in no one at all being able to print in colour. Is there a way around this?
|
# ? Jul 21, 2015 08:34 |
|
You should just be able to either hash the two drivers using md5, or deep inspect the driver for the version number, both of which can be done via powershell. This feels like something that would be vastly easier done via active directory permissions, though.
|
# ? Jul 21, 2015 08:46 |
|
Tony Montana posted:Your 'corp' is barely beyond small business. It's a medium business by any standard, and a long way from large.. which is an even longer way from enterprise. Right, and we do have SCCM, but for patch management, specifically, I wear enough hats where I don't have the time to create packages to update software. Easier to spend the money on a more ready made tool that someone else updates.
|
# ? Jul 21, 2015 12:37 |
|
You all do know that there's "true" O365 support with Real American Techs available to help you, right? I asked the O365 regional sales guy, he said it was some exorbitant amount of money (for a real org, not just a cheapo like me) but it does exist if money is no object.
|
# ? Jul 21, 2015 14:52 |
|
Yeah, that's what we pay for. The Premier support for O365, comes with a Technical Account Manager and all that jazz. It's more than 50K a year, but less than 100K for an org our size (~3300 users give or take). We have 2 Microsoft TAM's, one for our normal Enterprise Agreement that covers your standard server/desktop/CAL licensing, and another one for the cloud stuff. GreenNight posted:Right, and we do have SCCM, but for patch management, specifically, I wear enough hats where I don't have the time to create packages to update software. Easier to spend the money on a more ready made tool that someone else updates. I feel ya. We're a good sized org but run really lean in IT. We don't have the time to have someone almost dedicated to our SCCM environment so we also purchase the 3rd party tools. We currently use Solar Winds (formerly Eminentware), and it's not bad. Integrates with WSUS and SCCM decently. The price is pretty good compared to a lot of other solutions out there. We're getting acquired though by a much larger company that has a massive IT team setup in functional
|
# ? Jul 21, 2015 15:50 |
|
Anyone tried SCUP? Apparently it can feed WSUS, too. http://blogs.technet.com/b/sus/archive/2014/12/10/how-to-install-and-configure-system-center-updates-publisher.aspx Chrome is the default browser at my SMB and we don't use java. It's pretty nice.
|
# ? Jul 21, 2015 16:43 |
|
Roargasm posted:Anyone tried SCUP? Apparently it can feed WSUS, too. I've used it before, be careful. It can be great for publishing your own updates for things like Java but it can also be very finicky with some of the 3rd party catalogs out there. In particular I've had problems with Adobe and Dell with updates creating a circular update loop (I think thats what it was called) where one update is accidentally listed as a prerequisite for another update and that update has the other update listed as a prerequisite as well. This caused a whole lot of driver package failures.
|
# ? Jul 21, 2015 17:00 |
|
|
# ? May 30, 2024 06:15 |
|
skipdogg posted:We're getting acquired though by a much larger company that has a massive IT team setup in functional Congratulations. Assuming this is your first experience with that level of IT, your career is about to really kick off. Assuming you're good at what you do. What is it you do? Bit of everything? Jack of all, master of none? Think about addressing that now. If you like Windows then become a Powershell guru and learn to script against the ADSI (Active Directory Scripting Interface).. you can end up as an AD specialist like me. Messaging heavyweight means Powershell too, but combined with a ton of experience with Exchange. Pick one and really focus in on it, what parts of the tech don't you know? What makes you nervous thinking about doing in production? Learn those details and forget about the basics of other technologies you know. Or now is your time to go and hammer some Cisco certs and move to the network team if you really want to. Perhaps a CISSP and the security team? This is an exciting time for you, embrace it! Tgent posted:Not sure if this is the right place to ask this, but here goes anyway. Can anyone give some advice on how I might deploy different print drivers for the same printer depending on AD groups? I need to lock most users out of colour printing, so I've found a custom driver which does just that. Problem is the driver has the same name as the standard driver, and If I add it in print management it just overwrites the standard driver resulting in no one at all being able to print in colour. Is there a way around this? You can rename stuff? http://deployhappiness.com/deploying-printers-with-group-policy-preferences/ Tony Montana fucked around with this message at 01:08 on Jul 22, 2015 |
# ? Jul 22, 2015 01:02 |