|
What is handling DHCP? Is it Windows Server or a Networking device? There are generally a number of problems with using the former, in my experience, particularly in how you often have to specify the boot file via DHCP options to get it to function at all.
|
# ? Jul 12, 2016 14:06 |
|
|
# ? May 31, 2024 08:41 |
|
Doing a BIOS boot uses the same boot file whether the machine is 32 or 64 bit, it's actually running a 16 bit program. Only when you start booting UEFI are there separate 32 and 64 bit boot strappers.
|
# ? Jul 12, 2016 14:20 |
|
Actually yeah, that's a really good point that I somehow overlooked.
|
# ? Jul 12, 2016 14:33 |
|
Not really "enterprise" but it's AD so I figure you guys would know best. I'd like to modify my AD schema to add SSH keys, but I'm worried about messing it up. This is my homelab so I guess if I mess it up it's not really a disaster, but I'd rather not reinstall. If this is my only AD controller (no replication), can I just make a VMware snapshot and restore it if I do gently caress up, or is that not going to cut it as far as "restoring" my working AD? The alternative is that I store my SSH keys in altSecurityIdentities and write a custom script for my Linux boxes to poll AD for keys there, but I guess sss_ssh_authorizedkeys is already built in so I'll take my chances hacking up my schema if I can restore relatively easily.
|
# ? Jul 12, 2016 14:45 |
|
Martytoof posted:Not really "enterprise" but it's AD so I figure you guys would know best. If its a lab, and you have a single domain controller, you can shut down the domain controller virtual machine and snapshot it. Do not snapshot while it is running. Do not do this if you have more than the one domain controller. Do not plan on rolling back to this in several months or you'll be fixing computer accounts.
|
# ? Jul 12, 2016 14:50 |
|
Yup, single AD for now. I was going to build out a second but I decided to hold off until I knew whether this would work. Sounds like I'll be okay with this approach then. Will shut down first. Appreciate the quick feedback!
|
# ? Jul 12, 2016 15:14 |
|
FISHMANPET posted:Doing a BIOS boot uses the same boot file whether the machine is 32 or 64 bit, it's actually running a 16 bit program. Only when you start booting UEFI are there separate 32 and 64 bit boot strappers. Does this mean that what I'm seeing is expected behavior in that case? I haven't had a chance to check this morning but I don't think I remember seeing that x86 boot file being pulled when I had all 3 boot images enabled.
|
# ? Jul 12, 2016 15:15 |
|
Coredump posted:Does this mean that what I'm seeing is expected behavior in that case? I haven't had a chance to check this morning but I don't think I remember seeing that x86 boot file being pulled when I had all 3 boot images enabled. It's normal behavior if you're using legacy/non-UEFI hardware, or booting UEFI hardware in legacy mode.
|
# ? Jul 12, 2016 15:20 |
|
Maybe you guys can help me out with my SSH AD storage thing. I'm following these directions: https://www.balabit.com/sites/default/files/documents/scb-latest-guides/en/scb-guide-admin/html/proc-scenario-usermapping.html But I'm not seeing the sshPublicKey attribute in ADSI Editor for my username. Apologies for the image dump, I'm just trying to be explicitly clear in my setup. Here is what I have in Schema Editor: Under Attributes: And this Attribute's properties: Then under Classes I have ldapPublicKey created: and this Class' properties: So now I would expect that I can launch ADSI Edit and add an item to sshPublicKey in my user object. I launch ASDI Edit and connect to my default naming context and expand to DC=mydomain,DC=com,CN=Users,CN=My User, then pull up Properties: ... nada. No sshPublicKey. I've right clicked on my Default Naming Context and hit Update Schema Now to refresh my schema cache, still nada. For reference, my filters are set to default. Anyway, I'm not even sure where to begin troubleshooting this. Any suggestions?
|
# ? Jul 12, 2016 19:48 |
|
Check the box for replicating to the global catalog. That may not be it, but that jumps out at me right away.
|
# ? Jul 13, 2016 15:24 |
|
I'll give this a try, thanks. edit: Thanks, that did the trick. I'd kiss you if it weren't horribly inappropriate. I was banging my head against the wall for a good while with this one. some kinda jackal fucked around with this message at 16:55 on Jul 13, 2016 |
# ? Jul 13, 2016 16:37 |
|
How do I set it up so that when an email comes in and is redirected to a folder, the Outlook program icon in the taskbar still gets the little yellow envelope icon like when it comes into the main inbox? I always used webmail at home so despite being in IT I have very little Outlook experience.
|
# ? Jul 13, 2016 17:49 |
|
I suspect it's tied to the desktop alert rule you'll need to create for that folder.
|
# ? Jul 13, 2016 18:11 |
|
The Spiceworks forums are the loving worse. When I need a break at work I'll sometimes read through their threads just to get a laugh at their outrageousness.
|
# ? Jul 13, 2016 19:33 |
|
I couldn't stand the stupid poo poo in the sidebar when closing out tickets so I put these in my hosts file:code:
|
# ? Jul 13, 2016 20:29 |
|
Internet Explorer posted:The Spiceworks forums are the loving worse. When I need a break at work I'll sometimes read through their threads just to get a laugh at their outrageousness. They're worse than /r/sysadmin I tried posting for a while there and gave up.
|
# ? Jul 13, 2016 22:00 |
|
skipdogg posted:They're worse than /r/sysadmin I tried posting for a while there and gave up. Agreed. Spiceworks just makes my blood boil. I tried /r/sysadmin as well, but yes, it is filled with idiots.
|
# ? Jul 13, 2016 22:20 |
|
Turns out that places where admins who love to ebay/whitebox their environment don't foster rational discussion.
|
# ? Jul 13, 2016 22:26 |
|
WHAT DO YOU NEED A SAN FOR!?!?! - Scott Miller (Spicy Dorito)
|
# ? Jul 13, 2016 22:29 |
|
Sickening posted:Turns out that places where admins who love to ebay/whitebox their environment don't foster rational discussion.
|
# ? Jul 13, 2016 22:29 |
|
Sickening posted:Turns out that places where admins who love to ebay/whitebox their environment don't foster rational discussion. I feel pretty spoiled I work for a well funded IT department where I don't really have to worry about how much things costs if they do what we need them to do. I also realize there are a lot of IT guys out there that have to do what they can with what they have. Things can be tough in the EDU space, MSP, small business IT, I get it. There's still a right and wrong way to do somethings though, and most of the guys in those situations don't want to hear it or dismiss your idea completely. If someone doesn't seem open to suggestion, or hasn't bothered to do 10 minutes of research I don't even bother replying anymore. Just a waste of my time. Getting old and crotchety.
|
# ? Jul 13, 2016 22:34 |
|
Bring on the subscriptions. I want user CALs rolled into Office 365 licensing and Windows Server licensed annually.
|
# ? Jul 13, 2016 22:42 |
|
Thanks Ants posted:Bring on the subscriptions. I want user CALs rolled into Office 365 licensing and Windows Server licensed annually. I agree. As long as its an option and not the only method I am very happy with it.
|
# ? Jul 13, 2016 22:45 |
|
Yeah let people do volume licensing and keep software assurance alive through Open License if they want, but I'd take a subscription offering for pretty much everything. I presume the Windows Enterprise licensing in that announcement is only the Enterprise part, and a valid OS is still required, so it's not a way to license Windows 10 for VMware Fusion for example? I'll keep an eye out for more details when this launches.
|
# ? Jul 13, 2016 22:59 |
|
Internet Explorer posted:WHAT DO YOU NEED A SAN FOR!?!?! - Scott Miller (Spicy Dorito) Everyone loves him on Spiceworks.
|
# ? Jul 13, 2016 23:18 |
|
skipdogg posted:I feel pretty spoiled I work for a well funded IT department where I don't really have to worry about how much things costs if they do what we need them to do. I also realize there are a lot of IT guys out there that have to do what they can with what they have. Things can be tough in the EDU space, MSP, small business IT, I get it. There's still a right and wrong way to do somethings though, and most of the guys in those situations don't want to hear it or dismiss your idea completely. If someone doesn't seem open to suggestion, or hasn't bothered to do 10 minutes of research I don't even bother replying anymore. Just a waste of my time. Getting old and crotchety. What I don't like is being judged for having all the budget I could want, and choosing not to spend it all. Yes, I'm making things much harder on myself for trying to be responsible, but literally the entire world could be saved if there were more incentive to not be completely braindead with budgets. "Oh, but you get what you pay for!", that's the single biggest pile of horseshit, and big IT cutting huge checks to MS and friends is the main reason for the sorry state of their software. We were paying half a million a year for a SaaS, and I just wrapped up paying a contract coder for 4 months to completely reverse engineer the thing. Now we have the same functionality and never have to pay another dime for it. Come to think of it the salespeople were mocking me for even having the audacity to suggest DIY-ing their one-trick-pony, under-supported poo poo, I'm going to relish shutting them down at the end of the month. Sickening posted:Turns out that places where admins who love to ebay/whitebox their environment don't foster rational discussion. See, that's what I'm talking about, I get pigeonholed for eBaying 95% of my equipment. You know what's better than getting a Windows 10 Enterprise subscription? eBaying 500+ used Elitebooks and getting them all the free Windows 10 Pro upgrade. Where's the value in Enterprise? It's really worth just for what, DirectConnect and AppLocker?
|
# ? Jul 13, 2016 23:22 |
|
I guess what I'm ranting about is that yeah, there's such a thing as "opportunity cost" and "technological debt", but I feel a lot of admins just spout that stuff to justify their laziness. There may well be a happy compromise between Spiceworks and Spend All The Money.
|
# ? Jul 13, 2016 23:28 |
|
eBaying second-hand poo poo is fine if you don't need a consistent environment or your time is worth very little. I can't see how it is worth the time of anyone who isn't entry-level helpdesk to go around finding the bits needed to repair a laptop than just buying them from Dell with onsite support and getting rid of them after 3 years when the warranty is up. Being a one-man IT department makes it even more important to have your stuff consistent, modern and well supported because then that one member of staff you finally get allowed to have can be productive right away if you hand them the phone number for the hardware support line for your laptop vendor. Eventually you'll get to the point where maintenance of what you have takes up all your time, and you can't spare any to hand over to a new employee, which means you can't really decrease your workload, and the spinning plates come crashing down.
|
# ? Jul 13, 2016 23:34 |
|
Zero VGS posted:What I don't like is being judged for having all the budget I could want, and choosing not to spend it all. Yes, I'm making things much harder on myself for trying to be responsible, but literally the entire world could be saved if there were more incentive to not be completely braindead with budgets. If there is anything I want to buy in bulk for enterprise use, its used laptops. I hope they were at least cleaned up before being sent do you. How many pounds of dead skin and food do you think there is in 500+ laptops?
|
# ? Jul 13, 2016 23:37 |
|
I got a few Elitebooks with dead screens you can buy off me Zero VGS. Got a massive shitload of old docking stations too.
|
# ? Jul 13, 2016 23:39 |
|
Sickening posted:If there is anything I want to buy in bulk for enterprise use, its used laptops. For some reason, just about every last one of these comes to me in mint condition and with around 2 years HP warranty left on them. I get all the same one model too, Elitebook 840 G1 and G2. GreenNight posted:I got a few Elitebooks with dead screens you can buy off me Zero VGS. Got a massive shitload of old docking stations too. If they're 820/840/850's we got a deal, PM me. Thanks Ants posted:eBaying second-hand poo poo is fine if you don't need a consistent environment or your time is worth very little. I can't see how it is worth the time of anyone who isn't entry-level helpdesk to go around finding the bits needed to repair a laptop than just buying them from Dell with onsite support and getting rid of them after 3 years when the warranty is up. Half the used HPs I get have on-site warranties and half are mail-in and they pay shipping both ways. I do have lower paid minions who deal with that stuff. Plus, my poo poo is newer and more consistent than just about every other company I've run into who's come to visit. Like I said, every laptop I have is an Elitebook 840 with either Haswell or Broadwell in it, and Windows 10 Pro. The beauty of eBay is that while you're there, you might as well seek out the special snowflakes in the company with laptops/printers that aren't homogeneous, bribe them off of it with an upgrade, then sell the other stuff on eBay. My IT department is actually a profit center some months.
|
# ? Jul 13, 2016 23:57 |
|
Moey posted:Agreed. Spiceworks just makes my blood boil. I tried /r/sysadmin as well, but yes, it is filled with idiots. I'm just there for the monthly cave "we approve all WSUS updates blindly and this one broke poo poo" canary posts.....and the latest cryptolock wave.
|
# ? Jul 14, 2016 01:06 |
|
Speaking of, anything get broken from yesterday's patch list?
|
# ? Jul 14, 2016 02:13 |
|
When you push WiFi networks out via GPO, can you have them auto-join non-broadcast networks? In my testing the user still has to click "unknown network" from the list and enter the networks name.
|
# ? Jul 14, 2016 06:02 |
|
anthonypants posted:Christ, I posted in here about raising the functional level on our forest and domain from 2003 almost two months ago, and we still haven't done it yet, and we're still not going to do it until the middle of next month, because my loving boss is so ridiculously paranoid. specifically his wife has pregnancy complications, which is bad and he should definitely pull himself away from work, but that absolutely doesn't mean we should stop unfucking everything
|
# ? Jul 14, 2016 21:36 |
|
anthonypants posted:Whoops it got postponed again, along with all other planned maintenance, indefinitely, because the boss has ~Personal Problems~ Just do it and %99 he wont even notice. It's not like raising the forest level is a highly visible change.
|
# ? Jul 14, 2016 21:39 |
|
BaseballPCHiker posted:Just do it and %99 he wont even notice. It's not like raising the forest level is a highly visible change.
|
# ? Jul 14, 2016 22:13 |
|
I have raised the forest and domain levels on networks dozens of times in the middle of the day and never, ever had a problem. Just did it on a network last week. As long as you're not running an ancient Exchange server you'll be fine.
|
# ? Jul 14, 2016 22:28 |
|
|
# ? May 31, 2024 08:41 |
|
Can anyone point us in the right direction: We've set up an AD Domain as ad.company.com. When I nslookup ad.company.com i get: code:
code:
Any ideas?
|
# ? Jul 15, 2016 09:39 |