|
From time to time I'll show up at a company that has like 50 nodes total on the LAN yet is using /8 for their subnet. The only practical problem I have is that I forget to write 255.0.0.0 instead of 255.255.255.0. But other than that is there any actual problem with doing a /8 internally? Class A Snipe
|
#
?
Jul 13, 2016 18:56
|
|
|
|
| # ? May 14, 2024 01:34 |
|
|
Aside from being a massive waste of addresses on a 50 node network there's nothing technically wrong with it.
|
|
#
?
Jul 13, 2016 19:22
|
|
|
Necronomicon posted:Anybody have any experience with Google Apps for Work lining up with Apache DS? I just did an off the cuff google search for the directory, and google has a contact directory included in google apps? https://support.google.com/a/answer/1628009?hl=en&ref_topic=3056086
|
|
#
?
Jul 14, 2016 01:27
|
|
|
NevergirlsOFFICIAL posted:From time to time I'll show up at a company that has like 50 nodes total on the LAN yet is using /8 for their subnet. The only practical problem I have is that I forget to write 255.0.0.0 instead of 255.255.255.0. But other than that is there any actual problem with doing a /8 internally? Makes it nigh impossible to run a network discovery when you're brought on and given absolutely nothing in terms of device & IP inventories?
|
|
#
?
Jul 14, 2016 02:41
|
|
|
Terminal posted:Makes it nigh impossible to run a network discovery when you're brought on and given absolutely nothing in terms of device & IP inventories? Not that it makes it any better, but if anyone finds themselves having to deal with actually scanning a large range: https://github.com/robertdavidgraham/masscan Checking a dozen or so interesting ports across a /8 only takes an hour even at the apparently atrociously slow speed my laptop's (Atheros) ethernet driver is capable of reaching. I'm averaging only around 50,000 packets per second on gigabit ethernet where it seems like I should be in the hundreds of thousands to low millions by their description.
|
|
#
?
Jul 14, 2016 05:16
|
|
|
incoherent posted:I just did an off the cuff google search for the directory, and google has a contact directory included in google apps? That seems helpful. I'm still somewhat confused as to the exact relationship of our directory and Google apps and what has permission to do what, but this should give me a decent start.
|
|
#
?
Jul 14, 2016 21:21
|
|
|
Random question, anyone done some form of 2 factor access control for domain PCs was thinking smartcard, but would like to tie it into an physical access control system as well something that integrates with active directory happily and for easy admin.
|
|
#
?
Jul 14, 2016 21:24
|
|
|
Any smartcard that can be used with oauth can be integrated with a domain computer. Get one with an rfid tag as well and you are in business.
|
|
#
?
Jul 15, 2016 00:21
|
|
|
Anyone using the one drive "next gen" client? Is it good?
|
|
#
?
Jul 18, 2016 15:05
|
|
|
Has anyone here ever migrated from a local file server (Windows 2008 R2) to Google Drive? It seems like using the Gdrive app won't work, and there's a plethora of lovely websites offering the service. I guess Ideally it would be a standalone Sync app that I can install on the server to sync to the master account. Double plus bonus if it can sync local ACLs? I need to move ~3-4TB to the "master account" and then share it out from there. If I have to do the sharing manually then so be it.
|
|
#
?
Jul 20, 2016 17:17
|
|
|
We're in the process of doing this, but only with about 40 gigabytes of files so it's not a huge deal to do them by hand via the browser, just a little time consuming. If I had to do terabytes worth of stuff I'd definitely be looking at a solution that wasn't drag & drop so I am interested to hear how your migration goes.
|
|
#
?
Jul 20, 2016 17:40
|
|
|
Behold http://rclone.org/. You'll also want to get comfortable with https://github.com/jay0lee/GAM/wiki/GoogleDriveManagement.
|
|
#
?
Jul 20, 2016 22:58
|
|
|
Thanks Ants posted:Behold http://rclone.org/. You'll also want to get comfortable with https://github.com/jay0lee/GAM/wiki/GoogleDriveManagement. That looks like it'll work. I'll give it a shot. Thanks!
|
|
#
?
Jul 20, 2016 23:09
|
|
|
NevergirlsOFFICIAL posted:Anyone using the one drive "next gen" client? Is it good? I just deployed it to ~3000 school PCs. I'll get back to you when the next academic year starts. 
|
|
#
?
Jul 22, 2016 20:06
|
|
|
SneakyFrog posted:Random question, anyone done some form of 2 factor access control for domain PCs was thinking smartcard, but would like to tie it into an physical access control system as well something that integrates with active directory happily and for easy admin. I started using Duo for my 2FA needs and will probably expand it from IT to the rest of my company. It's really easy to use but I have not implemented it for AD/domain systems yet.
|
|
#
?
Jul 23, 2016 02:41
|
|
|
Crowley posted:I just deployed it to ~3000 school PCs. I'll get back to you when the next academic year starts. That's terrifying
|
|
#
?
Jul 26, 2016 15:06
|
|
|
It's a school, they're used to poo poo being broken.
|
|
#
?
Jul 26, 2016 15:10
|
|
|
This is maybe a somewhat unrelated question, but I might as well ask. I set up a loyalty pricing / small business discount account with Apple several months back and my finance guy loves it. We're about half Apple / half Lenovo here though - is there something similar I can get set up with Lenovo? Initial Googling leads me to believe they only offer that kind of thing to resellers, not buyers.
|
|
#
?
Jul 28, 2016 19:30
|
|
|
I'm not really sure where to put this, but I'm not look for something major. What's a good way of storing passwords? Currently I keep everything in an encrypted excel sheet which I'd like to do something about, I did look into Secret Server free but it requires a Windows install and I'd rather not have to buy extra Windows Server licences just for that. Is there anything out there free/open source that's centralised? It's a shame I haven't seen any turnkey linux boxes for this, all I need is something that can be logged into which lists usernames and passwords, bonus points for a web interface.
|
|
#
?
Aug 4, 2016 16:07
|
|
|
If it's just for yourself, KeePass. If it's for a group where you want auditing of who checks out which password etc, please tell me when you find a solution that isn't thousands of dollars and/or awful.
|
|
#
?
Aug 4, 2016 16:14
|
|
|
Collateral Damage posted:If it's just for yourself, KeePass. quote:If it's for a group where you want auditing of who checks out which password etc, please tell me when you find a solution that isn't thousands of dollars and/or awful. have you looked at 1password for teams? It is obnoxiously a subscription service for no good reason but it's only like :4bux:/user/mo. I don't have the team version but I use it personally and sync passwords between my computer and phone over the WLAN, works great.
|
|
#
?
Aug 4, 2016 16:20
|
|
|
What was the name of that program that would remotely change (and keep track of!) passwords for stuff like domain accounts on a regular basis?
|
|
#
?
Aug 4, 2016 16:26
|
|
|
Sheep posted:What was the name of that program that would remotely change (and keep track of!) passwords for stuff like domain accounts on a regular basis?  active directory and group policy?
|
|
#
?
Aug 4, 2016 16:28
|
|
|
Sheep posted:What was the name of that program that would remotely change (and keep track of!) passwords for stuff like domain accounts on a regular basis? if you mean local computer user accounts then LAPS
|
|
#
?
Aug 4, 2016 16:30
|
|
|
NevergirlsOFFICIAL posted:if you mean local computer user accounts then LAPS i didnt even know this existed, this is great for locking down local admin accounts thanks!
|
|
#
?
Aug 4, 2016 16:33
|
|
|
NevergirlsOFFICIAL posted:have you looked at 1password for teams? It is obnoxiously a subscription service for no good reason but it's only like :4bux:/user/mo. I don't have the team version but I use it personally and sync passwords between my computer and phone over the WLAN, works great.
|
|
#
?
Aug 4, 2016 16:35
|
|
|
Collateral Damage posted:If it's just for yourself, KeePass. Yeah KeePass was going to be the next option if I couldn't find anything else, despite the drag/drop and other functionality can it just list out credentials without anything being blanked out? (Google images isn't being helpful for screenshots).
|
|
#
?
Aug 4, 2016 16:54
|
|
|
Super Slash posted:Yeah KeePass was going to be the next option if I couldn't find anything else, despite the drag/drop and other functionality can it just list out credentials without anything being blanked out? (Google images isn't being helpful for screenshots). Yes you can view passwords in plain text if you want to.
|
|
#
?
Aug 4, 2016 16:58
|
|
|
I am in love with LastPass protected with Duo 2FA. We use Duo to protect our Confluence instance as well.
|
|
#
?
Aug 4, 2016 17:01
|
|
|
NevergirlsOFFICIAL posted:if you mean local computer user accounts then LAPS Yep, that's it, thanks!
|
|
#
?
Aug 4, 2016 17:15
|
|
|
keepass is fine. do not ever use lastpass or 1password
|
|
#
?
Aug 5, 2016 05:20
|
|
|
JewKiller 3000 posted:keepass is fine. do not ever use lastpass or 1password Thanks for this informative post.
|
|
#
?
Aug 5, 2016 06:17
|
|
|
Sorry, what I meant to say was thanks for this informative post, JewKiller 3000.
|
|
#
?
Aug 5, 2016 06:19
|
|
|
Ok Keypass is pretty neat, the simplest way I've done it is secure via a key file which is living on our file server under a secured folder, if we get anyone else in I can stack on a master password but either way only my domain account can into this folder as it's protected by a security group. Cheers goons
|
|
#
?
Aug 5, 2016 13:28
|
|
|
Super Slash posted:Ok Keypass is pretty neat, the simplest way I've done it is secure via a key file which is living on our file server under a secured folder, if we get anyone else in I can stack on a master password but either way only my domain account can into this folder as it's protected by a security group. You might want a backup copy someplace. People have done silly things such as stored critical password there such as password to the Hyper Visor then their virtual environment is having problems and they can't get into keepass because well it's elsewhere. Also only a keyfile is a HORRIBLE idea. If someone gets your domain account password they now have full access to everything. Use a strong master password. If you don't want to memorize 12 random characters use something like "We use a Master Password because is something you know" A keyfile is supposed to be used in tandem with a master password. You just made it as secure as a text file in a locked down folder that only you can access.
|
|
#
?
Aug 5, 2016 16:10
|
|
|
That's the next step, where the key file is contained will already be included in the regular file server offsite backups. I only pecked away at it while doing other things to get it up and running, so I'll likely go back and change the database to only accept the key plus the master code now I understand how it works.
|
|
#
?
Aug 6, 2016 18:39
|
|
|
SneakyFrog posted:i didnt even know this existed, this is great for locking down local admin accounts thanks! yeah it's amazing
|
|
#
?
Aug 8, 2016 14:18
|
|
|
Collateral Damage posted:Isn't 1password a hosted solution? Any off-site hosting of sensitive data is a big no-no around here. Nope. You point 1password to a local database file. You can have it sync via dropbox (and they might have other syncing options). I store my 1password local db on my hard drive and sync it to my phone over the local network.
|
|
#
?
Aug 8, 2016 14:21
|
|
|
Oh nice, I'll have to take a look at that then.
|
|
#
?
Aug 8, 2016 15:23
|
|
|
|
| # ? May 14, 2024 01:34 |
|
|
I don't work for 1password, and no know nothing about their future plans. I'm just a mostly-happy user. That said, it's a little strange what options the present. There's 1Password Teams, 1Password Family, and the stand-alone 1Password clients. Depending on what platform you're on, you may be able to sync your locally-stored .opvault file via dropbox (Apple/Android/Windows) wifi (via iTunes I think? So probably Apple & maybe Windows desktop?) and OneDrive (Windows desktop & mobile, and maybe Android?) I don't use Android, so I'm not 100% on the options there. OneDrive isn't an option on my iPhone, but it is on W10M. Syncing my opvault file (which is their newer file format) is literally the only thing I use DropBox for at this point, and I would close my DropBox account if 1Password supported OneDrive across the spectrum. Teams and Family are (as far as I can tell) the same product, just packaged and priced slightly differently. Intended for business and personal use, respectively. They're both hosted solutions.
|
|
#
?
Aug 9, 2016 23:21
|
|
