|
Thanks Ants posted:2016 has some really nice features roadmapped in terms of storage and file serving, definitely worth labbing the tech preview to see if any of them are something you'd want to wait for. I have a week long training class for 2016 in August, so I'm really looking forward to that. Today we don't even have shadow copies, so we're a little behind the curve. This was our first Windows file server after moving off Novell.
|
# ? Jul 22, 2016 13:21 |
|
|
# ? May 14, 2024 01:03 |
|
When using DFS to duplicate a share in two places, who does the heavy lifting? Clients? The server hosting the DFS zone? Phrased another way: I drop goatse.pdf onto shares.somethingawful.com. Shares.somethingawful.com is really just a DFS entity that points to CIFS shares on storage1.somethingawful.com and storage2.somethingawful.com. What happens then? Does my laptop think it is uploading goatse.pdf to shares.somethingawful.com when in reality shares.somethingawful.com is relaying it to storage1 and storage2? Or is my laptop the one being told to upload directly to storage1 and storage2? Or something else?
|
# ? Jul 22, 2016 14:12 |
|
More the second. Look up the difference between DFS-N and DFS-R and that should clear things up a bit.
|
# ? Jul 22, 2016 16:05 |
|
Looks like Microsoft is going to cripple the pro SKU. Heads up: http://www.ghacks.net/2016/07/28/microsoft-removes-policies-windows-10-pro/
|
# ? Jul 28, 2016 20:13 |
|
incoherent posted:Looks like Microsoft is going to cripple the pro SKU. Heads up: Wasn't management of these features going to be enterprise in the long term anyway? Internet Explorer posted:More the second. Look up the difference between DFS-N and DFS-R and that should clear things up a bit. DIdn't say this a few days ago, but thanks for sending me in the right direction.
|
# ? Jul 28, 2016 20:17 |
|
My pleasure. Even if people aren't using DFS-R, they should be using DFS-N for all shares, in my opinion.
|
# ? Jul 28, 2016 20:46 |
|
incoherent posted:Looks like Microsoft is going to cripple the pro SKU. Heads up: Cripple = disabling 3 GPOs
|
# ? Jul 28, 2016 22:29 |
|
Jeoh posted:Cripple = disabling 3 GPOs I can still push out registry keys for them though, right?
|
# ? Jul 28, 2016 23:01 |
|
Zero VGS posted:I can still push out registry keys for them though, right?
|
# ? Jul 28, 2016 23:07 |
|
Looks like Powershell is going open source? https://twitter.com/tomhounsell/status/758313989487091712 http://www.winbeta.org/news/microsoft-appears-open-sourcing-powershell
|
# ? Jul 29, 2016 04:25 |
|
I just rolled out DFS-N at my office, and it's being less than awesome. I'm using a Domain based namespace \\domain.com\Drives. I have a handfull of folders underneath this that are then mapped to drives through GPO. This is working pretty OK at the office. But we're having some problems with VPN. I suspect this is due to the split tunneling on VPN trying to look up \\domain.com via regular DNS instead of our internal DNS. Sadly my domain is domain.com and not domain.local though. Instead of using \\domain.com\Drives, I've moved over to the netbios name of \\domain\Drives. This seems to have helped some, but it's still pretty spotty. What am I doing wrong here? What can I do to make this a little smoother?
|
# ? Jul 29, 2016 13:48 |
|
Gerdalti posted:What can I do to make this a little smoother? Fix your DNS would be where I'd start. Or make sure your remote sites lookup every DNS request through your domain controllers at least, although this will stop the Internet working when the VPN is down.
|
# ? Jul 29, 2016 13:49 |
|
Thanks Ants posted:Fix your DNS would be where I'd start. Or make sure your remote sites lookup every DNS request through your domain controllers at least, although this will stop the Internet working when the VPN is down. Sorry, I wasn't totally clear. These are client laptops / client vpn, not remote sites per se. Our remote sites are working just fine, as well as any computer on our LAN. DNS seems to be configured fine. It's really just DFS-N as well. Getting to a servername share directly works fine at the same moment that the domain based dfs-n fails. What should I be looking at DNS wise? Am I going to have to turn off split tunneling completely? No internet while VPN is down on client machines is going to be an absolute no-go, so I can't go that route.
|
# ? Jul 29, 2016 14:35 |
|
Can you push your own DNS servers down with the VPN profile and force lookups to go through it?
|
# ? Jul 29, 2016 14:47 |
|
Thanks Ants posted:Can you push your own DNS servers down with the VPN profile and force lookups to go through it? We do that actually. We have 2 VPN clients in use. VPN1 - Endpoint handles DHCP itself, and sets the DNS server to our internal DNS Servers VPN2 - Passes DHCP to our local DHCP server, which also sets the DNS server to our internal DNS Servers In most of the cases I've seen (was just working on yet another about 30 seconds ago), the DFS-N shares will eventually load. It just takes 3-5 minutes of VPN connectivity before they're working. Any direct server shares working within 10 seconds of VPN connectivity.
|
# ? Jul 29, 2016 14:52 |
|
Gerdalti posted:I just rolled out DFS-N at my office, and it's being less than awesome. Is the AD domain name a subdomain like corp.company.com or at least a publicly reserved but not used variation of your company name? If the internal domain is the exact same name as a different public service and you are relying on split-brain dns zones to make it work, you are going to have a bad time with a lot of things which includes remote access to company resources over a tunnel. Cloud services will suck too once you get to that point. Clients and even most servers like to cache those resolutions.
|
# ? Jul 29, 2016 15:17 |
|
buffbus posted:Is the AD domain name a subdomain like corp.company.com or at least a publicly reserved but not used variation of your company name? If the internal domain is the exact same name as a different public service and you are relying on split-brain dns zones to make it work, you are going to have a bad time with a lot of things which includes remote access to company resources over a tunnel. Cloud services will suck too once you get to that point. Clients and even most servers like to cache those resolutions. Oh yeah, we're company.com as the internal domain (this was setup before I was here, and we're pretty stuck with it at the moment). It's not great, but it's been OK for the past 6 years or so. I've managed to keep it working with Office 365 and our AWS stuff as well, so far the only "catch" we've really had is that you can't go to http://company.com internally, but actually have to use the http://www.company.com url instead. It's not how I would have set it up, but it's how it is.
|
# ? Jul 29, 2016 15:21 |
|
How big is your domain? A rename isn't horrific on modern versions of Windows Server.
|
# ? Jul 29, 2016 15:24 |
|
Gerdalti posted:Oh yeah, we're company.com as the internal domain (this was setup before I was here, and we're pretty stuck with it at the moment). It's not great, but it's been OK for the past 6 years or so. I've managed to keep it working with Office 365 and our AWS stuff as well, so far the only "catch" we've really had is that you can't go to http://company.com internally, but actually have to use the http://www.company.com url instead. It's not how I would have set it up, but it's how it is. Can you not use cname records in this case?
|
# ? Jul 29, 2016 15:26 |
|
Thanks Ants posted:How big is your domain? A rename isn't horrific on modern versions of Windows Server. We have a .local. It was the recommendation at the time it was created.
|
# ? Jul 29, 2016 15:35 |
|
Thanks Ants posted:How big is your domain? A rename isn't horrific on modern versions of Windows Server. We're not huge, around 25 servers, about 150 users. I honestly haven't looked into it much. My biggest concern is login credentials changing, my staff range mostly from "I put my laptop in the tub and it no longer turns on, fix it" to "I'm pretty scared of computers, please help". Having to change login info on their computers, Outlook, Skype for Business, and their phones would be a disaster. Plus, of course, our custom web apps...
|
# ? Jul 29, 2016 15:35 |
|
devmd01 posted:We have a .local. Company.local isn't too bad, though it's not best practice. Where you get hosed with mDNS is simply naming the domain "local".
|
# ? Jul 29, 2016 15:44 |
|
buffbus posted:Company.local isn't too bad, though it's not best practice. Where you get hosed with mDNS is simply naming the domain "local". Enterprise Windows Q&A Megathread - A subdomain named local.local.local
|
# ? Jul 29, 2016 15:46 |
|
orange sky posted:Enterprise Windows Q&A Megathread - A subdomain named local.local.local Enterprise Windows Q&A Megathread - I named my domain and DC local.local
|
# ? Jul 29, 2016 15:58 |
|
Hope this is the right thread for this, if not let me know. I manage a Jenkins instance and currently our windows agents run as a service. This is an issue now because there are some new tests which need to call D3D APIs which don't work in a Session 0 process. So from what I gather I need to run the agent as a logged-in user, specifically a domain user because we also interact with a network share. What's the right, secure way to go about this? A scheduled task seems like the right thing, but I want the agent process to start up automatically after reboots, which seems like I need to enable auto-logon. But all the methods I can find for that involve either storing the password in plain-text in the registry (blegh) or enabling auto-logon for all users (also blegh). Basically I want the machine to auto-logon as a user, but everyone else should have to enter a password, including someone trying to RD as the logged in user.
|
# ? Jul 29, 2016 16:49 |
|
buffbus posted:Is the AD domain name a subdomain like corp.company.com or at least a publicly reserved but not used variation of your company name? If the internal domain is the exact same name as a different public service and you are relying on split-brain dns zones to make it work, you are going to have a bad time with a lot of things which includes remote access to company resources over a tunnel. Cloud services will suck too once you get to that point. Clients and even most servers like to cache those resolutions. Yeah this is likely going to be the first answer to your problem, you could have layered issues, but this is the first thing to do. We just went through this recently for our own domain, we have roughly the same amount of users/servers you do, it was not too terrible.
|
# ? Jul 29, 2016 18:09 |
|
Moment of silence for the admins who neglected to turn on CBB.
|
# ? Aug 1, 2016 16:33 |
|
gently caress, I knew I forgot something. Oh well gently caress it, the only people on W10 are IT.
|
# ? Aug 1, 2016 17:13 |
|
incoherent posted:Moment of silence for the admins who neglected to turn on CBB. I miss something? Been on vacation for a couple weeks.
|
# ? Aug 1, 2016 17:25 |
|
skipdogg posted:I miss something? Been on vacation for a couple weeks. http://arstechnica.com/gadgets/2016/08/windows-10-one-year-later-the-anniversary-update/
|
# ? Aug 1, 2016 17:42 |
|
Volume Licensing Center has the new Windows 10 build (1607) available to download.
|
# ? Aug 1, 2016 18:22 |
|
incoherent posted:http://arstechnica.com/gadgets/2016/08/windows-10-one-year-later-the-anniversary-update/ Can someone help out the ones that doesn't want to read 10 pages of that crap to find useful info. (like me)
|
# ? Aug 1, 2016 18:28 |
|
Sickening posted:Can someone help out the ones that doesn't want to read 10 pages of that crap to find useful info. What do you want to know exactly?
|
# ? Aug 1, 2016 18:36 |
|
|
# ? Aug 1, 2016 18:41 |
|
CLAM DOWN posted:What do you want to know exactly? What the gently caress is CCB for starters and what about this update is actually useful?
|
# ? Aug 1, 2016 18:50 |
|
Sickening posted:Can someone help out the ones that doesn't want to read 10 pages of that crap to find useful info. Now you don't need to read any more Windows articles from Ars. Sickening posted:What the gently caress is CCB for starters and what about this update is actually useful? anthonypants fucked around with this message at 19:08 on Aug 1, 2016 |
# ? Aug 1, 2016 19:06 |
|
LTSB = Enterprise only CBB = Pro and higher
|
# ? Aug 1, 2016 19:42 |
|
Sickening posted:What the gently caress is CCB for starters and what about this update is actually useful? This explains the different versions pretty well https://technet.microsoft.com/en-us/itpro/windows/manage/introduction-to-windows-10-servicing
|
# ? Aug 1, 2016 19:46 |
|
Stick to Enterprise LSTB unless you want fun idiocy like the built-in CandyCrush app breaking Sysprep.
|
# ? Aug 1, 2016 20:40 |
|
|
# ? May 14, 2024 01:03 |
|
Probably bad advice right above me. Don't use LTSB for standard desktops.
|
# ? Aug 1, 2016 20:55 |