|
eames posted:Their main argument is maintenance overhead and the fact the same WiFI will eventually provide access to the internal LANs via a seperate WPA2 encrypted SSID anyway (which I'm hesitant about due to security concerns ). Maintenance overhead is a BS excuse. Put that one aside for a moment. Needing access to internal LANs means you probably should do VLANs. I actually have my own network set up like this with PFsense and Ubiquiti APs. It was really easy to accomplish actually.
|
# ? Nov 2, 2018 18:58 |
|
|
# ? Jun 3, 2024 21:43 |
|
Windows 10 Updates are confusing me. Despite happily receiving and acknowledging GPOs that should make them run every day, I'm seeing endpoints that just sit there not updating until someone hits the button. There's a setting that says "Disable automatic updates" but nothing that matches in the gpresult output and I dunno whether it's a real thing or just a confusingly named GP thing where it disables disabling something to enable it. Anyone have any bright ideas? Am I missing something incredibly obvious?
|
# ? Nov 7, 2018 13:00 |
|
Jack the Lad posted:Windows 10 Updates are confusing me. Are you certain there is not another group policy superseding your automatic update policy?
|
# ? Nov 7, 2018 14:10 |
|
Beefstorm posted:Are you certain there is not another group policy superseding your automatic update policy? Almost certain - from my third screenshot it looks like that must be it, but I've been through all the GPOs on the DC and the gpresult output on an affected machine and I can't see anything else touching Windows Update.
|
# ? Nov 7, 2018 17:34 |
|
Jack the Lad posted:Almost certain - from my third screenshot it looks like that must be it, but I've been through all the GPOs on the DC and the gpresult output on an affected machine and I can't see anything else touching Windows Update. What does a gpresult run show on that machine as the winning policy?
|
# ? Nov 7, 2018 19:04 |
|
Easy way to test: apply the gpo to the container that workstation is in and enforce the policy so nothing above can overwrite.
|
# ? Nov 7, 2018 20:14 |
|
That GPO was winning, but I made it Enforced and it looks like that may have fixed it, which is awesome: Now if only I knew what was causing them to be disabled before I did that... e: Is there a list anywhere of these user-facing descriptions and the specific GP setting they correspond to? I'm not sure whether "Auto Reboot will not happen with logged on users" is the same as "No auto-restart with logged on users for scheduled automatic updates installations". If it is, I don't know why it's shown here, since it's Not Configured in the GPO. Jack the Lad fucked around with this message at 12:03 on Nov 8, 2018 |
# ? Nov 8, 2018 10:57 |
|
If a prior implementation of a policy, or a policy at a higher container level, made an adjustment to a setting, the machine will generally not revert those changes after the GPO is removed. You may have had a policy that set those options at some point and now dont, but the new policy isnt making changes to them, so they stayed as last configured. Also enforcement only prevents the changes in the gpo youre enforcing from being overwritten from above. All other settings from upper policies will still apply.
|
# ? Nov 8, 2018 13:32 |
|
You can set the OU to block inheritance if you want to block all other GPOs. This is good for testing, but someone made a mistake in designing the OU structure if you need to use it heavily in production. Sometimes you just inherit a giant mess from the person before you and need to make it work while you figure out how to do it properly with as little downtime as possible. (This can be a nightmare and not worth doing if there are a bunch of other things reading AD and using the OU to determine what permissions users should have, but this is unlikely in a small shop probably 1-2 applications that'll need to be updated)
|
# ? Nov 8, 2018 16:29 |
|
pixaal posted:You can set the OU to block inheritance if you want to block all other GPOs. This is good for testing, but someone made a mistake in designing the OU structure if you need to use it heavily in production. Sometimes you just inherit a giant mess from the person before you and need to make it work while you figure out how to do it properly with as little downtime as possible. (This can be a nightmare and not worth doing if there are a bunch of other things reading AD and using the OU to determine what permissions users should have, but this is unlikely in a small shop probably 1-2 applications that'll need to be updated) ‘an insane man that gave me PTSD’ posted:‘an object can only be in one OU. so we can’t have a machine be both in a laptops and Finance and w. europe OUs at once. We needed to drill down - lowest common denominator - user based policy’ the above quote was in ‘documentation’ — top level AD schema objects filled w/text — someplace I worked a few months in the trenches doing damage control So the newbs wouldn’t find it and abuse its power (he actually told me to look there on the way out, cursed man)
|
# ? Nov 8, 2018 18:26 |
|
Old Binsby posted:the above quote was in ‘documentation’ — top level AD schema objects filled w/text — someplace I worked a few months in the trenches doing damage control But you can filter GPOs by user groups if you need to, and I haven't found a better way to map drives and printers since there will always be 100 exceptions. I worked at place that had a no filter policy because it was "too confusing" and it turned into each department having a bunch of OUs and each user basically ended up in their own OU if they had been there longer than a year or two since they needed non standard stuff.
|
# ? Nov 8, 2018 18:34 |
|
pixaal posted:But you can filter GPOs by user groups if you need to, and I haven't found a better way to map drives and printers since there will always be 100 exceptions. I worked at place that had a no filter policy because it was "too confusing" and it turned into each department having a bunch of OUs and each user basically ended up in their own OU if they had been there longer than a year or two since they needed non standard stuff. reasons along those lines but in reverse, ignorant stubbornness and prob The Great Old ones lay at the base of my dudes AD terror dome. definitely not logic or what have you. I got out a much work-smarter person at least, with a conviction to not become him
|
# ? Nov 8, 2018 22:34 |
|
I'm having this strange issue with O365. I've got a single user that only receives email on her domain account. She has a local account/phone (first for testing, second for email while travelling). She doesn't get all of her emails unless she logs onto her Domain account, she doesn't get all of her emails from her phone/local account. I've sent test emails and observed them being delivered, but not coming through. I've tried forcing it to sync but it still ignores it. Anyone come across this before? It's a bit of a head scratcher.
|
# ? Nov 9, 2018 11:05 |
|
dogstile posted:I'm having this strange issue with O365. I've got a single user that only receives email on her domain account. She has a local account/phone (first for testing, second for email while travelling). how's it looking on OWA
|
# ? Nov 16, 2018 02:45 |
|
I've got a virtual server which is assigned a static ip address, but all of a sudden it's using a dynamically allocated one. What's up with that? Edit: Nevermind, it's fixed Edit: it's back uguu fucked around with this message at 14:30 on Nov 16, 2018 |
# ? Nov 16, 2018 11:48 |
|
This is the power going into the server rack at one of our sites and I don't like the look of it: It currently goes that 16A IEC 309 blue socket -> PDU -> UPS -> other stuff and I want to replace the cable so we go blue socket -> UPS -> kit with no old/beat up PDU in between. I'm not going to get a shock if I shut stuff down and just pull the plug am I? I haven't had anything to do with this kind of cable previously but this doesn't seem worth booking an electrician for.
|
# ? Nov 16, 2018 16:17 |
|
Wrap it all in electrical tape and call it a day. Serious answer, you should be fine.
|
# ? Nov 16, 2018 16:22 |
|
You'll be fine. Chuck the PDU though because even though you could just back the gland out and clamp it down on the cable, it looks like it's too large anyway, and that looks like one of the generic poo poo PDUs that you see everywhere. I'm more concerned about the power cable going into the blue commando socket - is it flat twin and earth cable?
|
# ? Nov 16, 2018 21:16 |
|
NevergirlsOFFICIAL posted:how's it looking on OWA Same poo poo. It reads as delivered on the delivery report. They eventually come through, just not as quick as they do on the domain account. It's weird but currently not affecting production (insert fire gif here) so its ok.
|
# ? Nov 20, 2018 14:40 |
|
dogstile posted:(insert fire gif here)
|
# ? Nov 20, 2018 15:38 |
|
GreenNight posted:Wrap it all in electrical tape and call it a day. Thanks Ants posted:You'll be fine. Chuck the PDU though because even though you could just back the gland out and clamp it down on the cable, it looks like it's too large anyway, and that looks like one of the generic poo poo PDUs that you see everywhere. I think it is flat twin and earth, yeah. Is that horrendous? Apparently it was here (along with the PDU) when we moved in. e: Also - sorry for the stupid question - am I right in thinking this socket is actually 32A and I can't run a cable straight from it to the 16A input on the UPS in any case? Jack the Lad fucked around with this message at 18:02 on Nov 20, 2018 |
# ? Nov 20, 2018 15:49 |
|
You should get an electrician in to mount the socket on the wall because twin and earth cable isn’t designed to be flexed around (it’s solid core), and it will get easily damaged if it’s free to flap around. You can wire a 32a plug onto a C19 socket which I assume is the UPS input, but you really should make sure that an appropriate breaker is installed. If you have a 32a outlet and a 32a breaker then you could end up drawing 32a through it if you had a UPS fault - when the IEC connector is designed for 20a only. If you get an electrician in then you can have a 32a feed to a sub-panel and two 16a outlets with the appropriate breakers installed. Or just swap the 32a out for a 16a to make it safer.
|
# ? Nov 20, 2018 19:32 |
|
Thanks Ants posted:You should get an electrician in to mount the socket on the wall because twin and earth cable isn’t designed to be flexed around (it’s solid core), and it will get easily damaged if it’s free to flap around. Got it, thanks again - that's helpful and sounds like the way to go.
|
# ? Nov 22, 2018 13:40 |
|
thants i read your post, got a funny suspicion, and it indeed turns out I have a breaker that can supply too much power during a fault I already had half of a good reason to consider putting in a sub panel, this tips it over the edge Potato Salad fucked around with this message at 13:53 on Nov 26, 2018 |
# ? Nov 26, 2018 13:50 |
|
So, I have a client w 4 users in an office. I am looking to get them setup w a NAS for backup and file storage purposes. I figure I’d like something w some expandability, so I can add in an HDD if necessary, to expand or setup a backup of the backup. I think 4TB is a good place to start for them. I’ve never set one up before, so I wouldn’t mind if it held my hand a little, but I’m also OK w more technical offerings. Thoughts? Preferences?
|
# ? Dec 1, 2018 20:22 |
|
Is cloud storage and services an option? Because if so that is the better option. Otherwise, there is a NAS thread that is super helpful. https://forums.somethingawful.com/showthread.php?threadid=2801557 But seriously, an office of 4 should have a real good reason if they are going to do anything that isn't the cloud.
|
# ? Dec 1, 2018 21:05 |
|
Boywhiz88 posted:So, I have a client w 4 users in an office. I am looking to get them setup w a NAS for backup and file storage purposes. I figure I’d like something w some expandability, so I can add in an HDD if necessary, to expand or setup a backup of the backup. I think 4TB is a good place to start for them. O365 + Shared OneDrive. Skip the local storage.
|
# ? Dec 1, 2018 22:04 |
|
but also do cloud backups
|
# ? Dec 2, 2018 01:40 |
|
Boywhiz88 posted:So, I have a client w 4 users in an office. I am looking to get them setup w a NAS for backup and file storage purposes. I figure I’d like something w some expandability, so I can add in an HDD if necessary, to expand or setup a backup of the backup. I think 4TB is a good place to start for them. Don't put your backups and live files on the same device. You either want 2 NAS, one for files one for backup (of servers and the other NAS), or to throw the files on your existing server. You will end up with an issue where your users are putting files on the backup NAS and they wont be backed up and things will break horribly and they will not be amused. I'm partial to Synology with Western Digital Red if you need to do it in house and cheap. You can connect USB drives and set them to automatically copy, you can even tell it to copy when you put a drive in, make a sound when the job is done, then eject the drive so you can unplug it without having to go to a computer. Cloud can get expensive depending on what you are doing, but it does have the massive benefit of being an offsite backup for disaster recovery. Make sure to mention this to whoever is in control of the budget. You are going to get them far more interested when it doubles as DR. Speaking of DR, are you putting this NAS in the same rack as your server? What is your plan if a water pipe breaks above this rack and destroys both the server and the NAS? I assume you need work space since you mentioned file storage, what they are working on is going to determine what type of NAS you really need and if it's really feasible. Video editing can be extremely lovely over a LAN. Photoshop really doesn't like opening a network file regardless of where it is either. Word and excel files should be small enough that you don't need 4TB, and keep this on the server you are backing up not the backup NAS. You should also make sure your backup software is using incremental backups, also make sure you are checking your backups every so often as backup software fails. If you can get them to spring for Veeam it has a bunch of really nice settings. There is a free version, but it doesn't support automatic backups last time I checked, and gently caress pressing a button every day. This is something most people gently caress up, it's something they don't think about. Think of backups as both hardware insurance (server dies) and disaster insurance (rack / room / building / city disaster) think of all the scales that can gently caress up your planning when locating backups, and most much it will cost to move it further out. At this small a scale you probably want to worry about room at most unless you go with Cloud based, then make sure it's not in the same city. pixaal fucked around with this message at 22:56 on Dec 3, 2018 |
# ? Dec 3, 2018 22:53 |
|
pixaal posted:
You can get Veeam to back up via scheduled tasks and powershell scripts, I set mine up long enough ago that I don't remember what I did but there is info on how to do it somewhere online, clear enough that a powershell know-nothing like me can get it working.
|
# ? Dec 7, 2018 15:02 |
|
I thought the free version of Veeam doesn't do incremental, just full?
|
# ? Dec 7, 2018 15:20 |
|
pixaal posted:Don't put your backups and live files on the same device. You either want 2 NAS, one for files one for backup (of servers and the other NAS), or to throw the files on your existing server. You will end up with an issue where your users are putting files on the backup NAS and they wont be backed up and things will break horribly and they will not be amused. Cloud is down the road, but we want to rectify their current situation. Is there a particular Synology shell you would recommend? I would be looking to RAID 1 the drives so that there is a backup of any live files. This is a tiny operation, 4 people, so there’s no server. I just want to make sure I get a robust enough option for them so be secure for awhile. I was thinking about this MyCloud: https://www.bestbuy.com/site/wd-my-cloud-home-duo-8tb-2-bay-personal-cloud-white/5990201.p?skuId=5990201 I know the drives are probably WD Blues, but the client’s needs are pretty low impact. Just storing pictures mostly. No editing or anything.
|
# ? Dec 9, 2018 13:20 |
|
Boywhiz88 posted:Cloud is down the road, but we want to rectify their current situation. Is there a particular Synology shell you would recommend? I would be looking to RAID 1 the drives so that there is a backup of any live files. This is really common so: RAID is not a backup, even RAID1, you can lose the entire station, you could delete everything intentionally or unintentionally and no way to recover. If you only want 2 drives RAID1 is the only option (RAID0 is not a good idea). RAID5 is okay for 3 drives but really RAID5 isn't a great solution, you need at least 4 drives for RAID6, but at 4 drives RAID10 will give you better performance. I really recommend RAID10 as much as possible if you can afford it since it pairs each drive with 1 other in RAID1 and then all the RAID1s are put into a RAID0 giving you a nice level of redundancy as well as space. RAID6 will only use 2 drives as parity so in a 10 drive RAID you get 8x the space of the smallest drive (don't mix drive sizes if you don't have to). You want Red drives over Blue, because of how RAID parks drives, it has more to do with the firmware than any robustness. Get something that is designed for RAID, I know several other companies make consumer RAID drives now so shop around. Any of the Synology models should suit your needs, buy it based on how many drives you need and if you want it in a rack or not. Their 4 drive rack mounted unit is probably what you want, but it's more expensive then one that just sits on a shelf or the floor.
|
# ? Dec 9, 2018 16:36 |
|
pixaal posted:I really recommend RAID10 as much as possible if you can afford it since it pairs each drive with 1 other in RAID1 and then all the RAID1s are put into a RAID0 giving you a nice level of redundancy as well as space. RAID6 will only use 2 drives as parity so in a 10 drive RAID you get 8x the space of the smallest drive (don't mix drive sizes if you don't have to). All great advice except this. You won't get 8x the space from a 4 drive RAID 10, you'll get 2x the space. The data is striped across two drives and then mirrored to the other two. RAID 1 is probably fine. It sounds like you don't need a ton of performance, and striping always increases your risk. You want at least two of the same units set to mirror each other because RAID IS NOT A BACKUP. You also need an offsite backup plan.
|
# ? Dec 10, 2018 17:54 |
|
Dr. Fishopolis posted:All great advice except this. You won't get 8x the space from a 4 drive RAID 10, you'll get 2x the space. The data is striped across two drives and then mirrored to the other two. Sorry I was saying you get 8x the space in a 10 drive RAID6, in a 10 drive RAID10 you would get 5x the space. I probably should have chosen a better number than a 10 disk RAID, but 8 drive RAIDs the differences between RAID6 and RAID10 seem pretty minor. (4x vs 6x, 4 mirror vs 2 parity) Of course since drives are paired you can lose an entire RAID10 to both drives in the set failing even in a 100 drive RAID with 50 mirrors. Yes I ignored the hot spares that you'd have in a RAID this large. For something that size RAID1 for 2 drives is probably fine, RAID10 for 4 drives would be the next step. I've never seen the point of a 4 drive RAID6, same number of drives can fail (2) and same usable space (2x). A 4 drive RAID5 seems to risky, I really do not like RAID5 for anything using drives larger than 2TB. Offsite backup can be simple if you setup the USB copy correctly. You will need 2-3 USB drives that can store your offsite. Keep 1 drive at someone's house, or a bank lockbox at all times. Someone's house isn't acceptable in a large place, but a small office it's probably best idea. The other drive is going to rotate with the drive at the house. Someone brings the backup USB Drive to their house and brings the other one back. You can add another drive into the mix so one is always on-site as well, or rotating with a fireproof safe. Never have both drives at the office at the same time, it's fine for the NAS to have 0 USB Drives, that's what the RAID is for. Of course you might be small enough that "taking the insurance money and shutting down" can be an acceptable offsite backup plan. You are not the person to make that call, tell them they need an offsite backup and if it's too much tell them what their plan boils down to. I've had people find it perfectly acceptable and argue it will never happen to them (yet still have insurance on everything else). pixaal fucked around with this message at 18:11 on Dec 10, 2018 |
# ? Dec 10, 2018 17:59 |
|
The write penalty between R6 and R10 is not really “Minor” and R6 should not really be considered for any situation in which data access speeds are a valid concern. R6 is for low R/W LTS.
|
# ? Dec 11, 2018 02:07 |
|
My boss wants us to build a mini-DR site for our VMs in another building, approximately 1500 feet away from our main data-center to protect us against extremely localized catastrophes (like the building power being shut off). We also need to find a new backup solution, as our current local/cloud product is going EOL. My initial thought was to build a moderately specced ESXi host with 20TB+ of onboard storage and use that as a repository for something like Veeam. If a tiny meteor hit our DC, I could restore the the nightlies to the host and have us back online. To my limited knowledge, the big catch is that the onboard storage would be inaccessible to our primary hosts, so I couldn't vmotion systems over in a more controlled manner. This brings me to my current thought: a host and a iSCSI array in the DR closet. Our main storage is a pair of GbE iSCSI NetApp arrays specced by my predecessor. They've been pretty reliable, but I don't think we can afford NetApp for this projects and we are using zero of the arrays' advanced functions. My budget is $25k, but that has to include ~$8k of licensing and a UPS. Would something like a Synology RackStation with a dozen 3.5" NAS drives be a good fit for my usage? Again it would primarily be a backup repository, and only host a dozen live VMs under semi-dire circumstances where people can deal with sub-optimal performance.
|
# ? Dec 12, 2018 00:21 |
|
Is replicating to something like Azure a possible solution, or does it need to be in the building next door? Because it's a better idea.
|
# ? Dec 12, 2018 01:26 |
|
Internet Explorer posted:Is replicating to something like Azure a possible solution, or does it need to be in the building next door? Because it's a better idea. Hybrid-cloud is the long term goal, but we're not even close to getting there. There are legitimate reasons* to have on-prem backups (and cloud off-sites) and redundancy, plus The Boss Wants It This Way. And personally, I'm glad to have more local storage and computing power. *and a lot of dumb reasons
|
# ? Dec 12, 2018 03:13 |
|
|
# ? Jun 3, 2024 21:43 |
|
monsterzero posted:My boss wants us to build a mini-DR site for our VMs in another building, approximately 1500 feet away from our main data-center to protect us against extremely localized catastrophes (like the building power being shut off). We also need to find a new backup solution, as our current local/cloud product is going EOL.
|
# ? Dec 12, 2018 06:19 |