|
spiny posted:so are those ^ settings what -should- be in place if I have VoIP phones? As Thanks Ants noted, BLF issues are usually because of having too large of packets for UDP and needing to use TCP SIP. That'll be between you and your provider. One way audio is usually a NAT issue, and that "consistent NAT" checkbox is relevant as is increasing the UDP NAT timeout to something greater than your SIP registration interval. There are also some upstream providers that need not just consistent but symmetrical NAT and I don't know myself where to set that up on Sonicwalls but just that I've run in to it in the past. That's not been an issue with hosted phones though, just trunks involving Bandwidth.com and a PBX behind a Sonicwall. By phantom ringing, do you mean one phone is getting bogus calls that don't really exist or show up in CDR records, maybe with a caller ID saying something like "sipvicious"? That means your NAT device gave that phone port 5060 on the outside and is allowing in any traffic that hits 5060 rather than just traffic from servers it's communicated with. Those are random scans from either security researchers or (more often) shitheads trying to scam free calls out of exposed PBXes. Some phones offer features where the phone itself will reject messages from unknown hosts, but most of the time this sort of thing will need to be handled at the NAT level.
|
#
?
Aug 18, 2019 15:30
|
|
|
|
| # ? Jun 4, 2024 20:48 |
|
|
Setup and migration of data to PCs went well! Now it's time to switch e-mail hosts! Currently they're on CenturyLink/QwestOffice and it's pretty abysmal. Part of the problem is they get a lot of bounce-back from various e-mail hosts from their clients citing the servers. So, I think the next move is getting them setup w/ Comcast or GoDaddy for e-mail hosting. Considering they've switched their ISP to Comcast, I figured that Comcast would be the best bet. Going with their Office 365 Premium option for each of their e-mail users to get access to Exchange options. I'm terribly ignorant about this sort of thing. Am I on the right track? What info should I get ahead of time when I make the swap over to a new service? Let me know if these questions should go in a different thread as well. I really appreciate any insight here 
|
|
#
?
Sep 2, 2019 21:57
|
|
|
Boywhiz88 posted:Setup and migration of data to PCs went well!
|
|
#
?
Sep 2, 2019 22:05
|
|
|
Don't use a reseller, get O365 directly.
|
|
#
?
Sep 2, 2019 22:28
|
|
|
The Fool posted:Don't use a reseller, get O365 directly. Microsoft is pushing hard to get everyone over to a reseller. 
|
|
#
?
Sep 2, 2019 22:46
|
|
|
They aren't pushing *that* hard. Going through a CSP reseller is fine though, and they can often give you discounts. Just make sure you pick one with a portal that works for you - SSO with your Office 365 account (so it's covered by MFA), no need for delegated admin access (so the worst that a rogue employee at the reseller can do is turn your licenses off), not having to submit orders through email and wait etc. Office 365 works fine as a DNS host - better than 99% of the budget domain registrars out there that bundle DNS. I use Gandi for the actual domains.
|
|
#
?
Sep 2, 2019 22:56
|
|
|
The Fool posted:Don't use a reseller, get O365 directly. it's ok to go through reseller as long as you can get direct access to all the o365 things and change resellers etc. (in other words don't go through godaddy)
|
|
#
?
Sep 4, 2019 21:24
|
|
|
Boywhiz88 posted:Setup and migration of data to PCs went well! G Suite 
|
|
#
?
Sep 4, 2019 21:24
|
|
|
Don't really do G Suite
|
|
#
?
Sep 4, 2019 21:25
|
|
|
Having worked with both G Suite and Office 365 over the past ~5 years or so I am shocked at how poor the product managers at Google seem to be. Shared Drives launched two years ago and you still can't share a folder with someone.
|
|
#
?
Sep 4, 2019 21:48
|
|
|
Thanks Ants posted:Having worked with both G Suite and Office 365 over the past ~5 years or so I am shocked at how poor the product managers at Google seem to be. Shared Drives launched two years ago and you still can't share a folder with someone. I'm also shocked how stagnate g suite has become. Sure, its cheaper but its 2019 and there are no shared mailboxes?
|
|
#
?
Sep 5, 2019 05:55
|
|
|
Well you see you can just license a whole new user and then delegate it to people, and if someone leaves you can just keep paying for that mailbox. It's the only platform I've ever used where a retention policy doesn't count if you delete the user whose data was being retained.
|
|
#
?
Sep 5, 2019 14:17
|
|
|
incoherent posted:I'm also shocked how stagnate g suite has become. Sure, its cheaper but its 2019 and there are no shared mailboxes? I'm certainly not about to defend G Suite's lack of features the competition has had for years, but this is one I've never understood the desire for. What is the use case for shared mailboxes that wouldn't be better handled some other way? It's always seemed to me like everywhere I see people using shared mailboxes would be better off as either a distribution list or a ticket system. If you want the entire group to see the message, distribution list. If you want one person to be able to take and run with anything that comes in, ticket system. In either case the shared mailbox seems like the worst possible option because it allows anyone to mark a message as read for everyone without any way to track followup.
|
|
#
?
Sep 5, 2019 15:21
|
|
|
wolrah posted:I'm certainly not about to defend G Suite's lack of features the competition has had for years, but this is one I've never understood the desire for. What is the use case for shared mailboxes that wouldn't be better handled some other way? It's always seemed to me like everywhere I see people using shared mailboxes would be better off as either a distribution list or a ticket system. If you want the entire group to see the message, distribution list. If you want one person to be able to take and run with anything that comes in, ticket system. In either case the shared mailbox seems like the worst possible option because it allows anyone to mark a message as read for everyone without any way to track followup. I love shared mailboxes. They can be made for modular things and it keeps a history on things. I always register products and services to an administrator@ mailbox so if/when I leave, the next person doesn't have to change a bunch of contact info on things they may or may not know about. And it's a lot harder to sell ticketing to non-technical folks than it is to set them up with a shared mailbox. Plus, you slap a "done" folder in a shared mailbox and people can drag stuff there. If it's a DL, a copy goes to everyone and everyone has to reply or somehow track who is handling.
|
|
#
?
Sep 5, 2019 15:30
|
|
|
wolrah posted:I'm certainly not about to defend G Suite's lack of features the competition has had for years, but this is one I've never understood the desire for. What is the use case for shared mailboxes that wouldn't be better handled some other way? It's always seemed to me like everywhere I see people using shared mailboxes would be better off as either a distribution list or a ticket system. If you want the entire group to see the message, distribution list. If you want one person to be able to take and run with anything that comes in, ticket system. In either case the shared mailbox seems like the worst possible option because it allows anyone to mark a message as read for everyone without any way to track followup. When you have a user leave you convert their mailbox to a shared mailbox and give access to their manager / their replacement since everyone keeps everything in email and never bothers to keep anything as a file anymore. Office 365 even offers to do this for you when you press delete on a user.
|
|
#
?
Sep 5, 2019 15:31
|
|
|
Internet Explorer posted:I love shared mailboxes. They can be made for modular things and it keeps a history on things. I always register products and services to an administrator@ mailbox so if/when I leave, the next person doesn't have to change a bunch of contact info on things they may or may not know about. And it's a lot harder to sell ticketing to non-technical folks than it is to set them up with a shared mailbox. Plus, you slap a "done" folder in a shared mailbox and people can drag stuff there. If it's a DL, a copy goes to everyone and everyone has to reply or somehow track who is handling. Gsuite kinda has this now.. Via groups. You can setup a group and configure it as a "Collaborative Inbox". This turns on some extra stuff; topics can be assigned to group members, topics can be marked as completed, etc... It works kinda like a ticket system basically. Never used it, but its there.
|
|
#
?
Sep 5, 2019 15:59
|
|
|
wolrah posted:If you want the entire group to see the message, distribution list. If you want one person to be able to take and run with anything that comes in, ticket system. Yes, I will totally implement a ticketing system pro bono to replace info@startupcompany.com for my wife’s education startup for the two whole founders it has. Mail info@ and it sits there until one of the two of them check it and act on it, moving it into their own mailbox when they claim the task. I get heart palpitations when I think of trying to explain ticketing workflows to them. Yes, ticketing is the way to go for a great many organizations, but black-and-white this/that thinking is dangerous.
|
|
#
?
Sep 5, 2019 17:04
|
|
|
pixaal posted:Office 365 even offers to do this for you when you press delete on a user.
|
|
#
?
Sep 5, 2019 18:12
|
|
|
SOP should be to disable and remove licenses and privileges, not delete.
|
|
#
?
Sep 5, 2019 18:18
|
|
|
Albinator posted:Tell me more about this. Changing mailboxes to shared is part of our SOP for user teardown, but I don't recall a button for that!  check the box, it will ask you who you want to grant access to. There's better ways to go about sharing this stuff but this way is very easy for non-technical people to understand it gives a clear visual difference between the 2 mailboxes and doesn't deliver all the old users spam to the new user's mailbox. pixaal fucked around with this message at 18:31 on Sep 5, 2019 |
|
#
?
Sep 5, 2019 18:25
|
|
|
The Fool posted:SOP should be to disable and remove licenses and privileges, not delete. You should also be automating it with powershell, not using the UI.
|
|
#
?
Sep 5, 2019 18:28
|
|
|
The Fool posted:You should also be automating it with powershell, not using the UI. This is the best way, but it depends on who is doing the deleting. Sometimes you have someone else handling this, be it help desk, or in a small company you might even find HR in charge of managing email accounts with IT being a support role for that task.
|
|
#
?
Sep 5, 2019 18:33
|
|
|
You should know that it can be done and how to do it. But if there's no integrated HR backend because you're a tiny organization of dozen people, there's not much to automate. Using the GUI in that instance makes sense, because you're probably not doing it often, and the GUI can expose options you'd otherwise forget about. But if you're big enough to have a comprehensive HR solution (either on-prem or cloud-based), yes, integrate and automate that poo poo. Have policies around off-boarding so an manager gets access to mail and OneDrive automatically, or can designate a teammate to get it as part of that paperwork.
|
|
#
?
Sep 5, 2019 19:31
|
|
|
Wizard of the Deep posted:You should know that it can be done and how to do it. But if there's no integrated HR backend because you're a tiny organization of dozen people, there's not much to automate. Using the GUI in that instance makes sense, because you're probably not doing it often, and the GUI can expose options you'd otherwise forget about. Next dream project is to link our cloud HR product and o365 for SSO and scripting when a user is terminated or left the org.
|
|
#
?
Sep 5, 2019 20:42
|
|
|
So I’m doing my homework and whatnot before going to the client. It looks a lot simpler than I expected. From what I can tell, it’s roughly: Step 1. Client registers for O365 and the number of users. In this case, 4 employees. Also, provides me with credentials for current domain host, NetworkSolutions. Step 2. I log into O365 and connect the domain w the aforementioned credentials. Step 3. I then proceed to setup the users, client1@clientdomain.com, and so on. Step 4. Migrate? The users all currently access their mailboxes via POP, so there’s no folder organization. It seems like it makes the most sense to just upload everything via PST so the users can have their folder structures readily available. The downside is that at least 3 of the 4 users have giant PSTs, so I guess I’d have to split them up in some way as well? (Already have an archive PST running for anything older than 2 years.) 5. Success? I don’t have to do anything with the previous email host because the domain is already setup w O365. I can advise user to cancel qwestoffice.net service after verifying email functionality. Have I missed anything? I’m going off what I’ve put together from reading MS support articles and watching some relevant YouTube videos, because I’ve never touched web-based stuff aside from a domain changeover awhile back.
|
|
#
?
Sep 6, 2019 04:06
|
|
|
Regarding migrating PSTs: With that few users, just use Outlook 1. Export to pst 2. Remove old account, add new account 3. Import pst Repeat for each user
|
|
#
?
Sep 6, 2019 04:42
|
|
|
Don’t forget dns changes including spf
|
|
#
?
Sep 6, 2019 13:57
|
|
|
You might want to move away from Network Solutions for your DNS provision, too. I got sick of the constant upsell and the overall shittiness of their setup. Route 53 on AWS has been better (and cheaper) for us.
|
|
#
?
Sep 6, 2019 14:02
|
|
|
The Fool posted:Regarding migrating PSTs: So, the import would start uploading messages and whatnot to Exchange online, right? NevergirlsOFFICIAL posted:Don’t forget dns changes including spf Does that come up during updating the txt/mx records to verify ownership, or somewhere else in the process?
|
|
#
?
Sep 6, 2019 19:46
|
|
|
I'm the sole sysadmin for an 800+ user multi-national company. We are a team of 6. Can I play in this thread?
|
|
#
?
Sep 6, 2019 21:06
|
|
|
Boywhiz88 posted:So, the import would start uploading messages and whatnot to Exchange online, right? Yeah, outlook will sync to the exchange mailbox automatically. SPF is a txt record that is used to help control spam. check this: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-spf-in-office-365-to-help-prevent-spoofing
|
|
#
?
Sep 6, 2019 21:16
|
|
|
MustardFacial posted:I'm the sole sysadmin for an 800+ user multi-national company. We are a team of 6. Can I play in this thread? 
|
|
#
?
Sep 6, 2019 23:20
|
|
|
OK here goes: Why the gently caress does Windows Update take loving forever only to fail constantly. It gotten to the point where if there is a Server 2016 machine that I need to update and I'm not physically in the same subnet as it, then I'm either pushing it out with PDQ Deploy, or if I'm feeling especially saucy I'm running sconfig --> 6 --> a --> a and just let it do it's thing for like 3 days. sconfig may take even longer than the GUI, but at least it never fails. *** Our MSP did a network reconfig at one of our branches on the other side of the country, and while they were at it they installed a vmware host and spun up a new DC & file server and decomissioned the old bare metal DC that had every single service running on it. What they didn't tell my boss (and therefore me) was that they only spun up and put a base config on the DC and file server. They didn't install the AV, they didn't setup shadowcopy, they didn't setup the backups. This is despite me providing them with the files and settings to do so, and confirming with their PM that they were supposed to do this. It's been running this way for a month. Sure, it's on me that I didn't check and make sure it was done but at some point when you setup a project and specifically mention something, you expect them to do it. When questioned on this they said "oh, well the backup infrastructure are not in scope." A sentence they could've said to me before we started this project. Anyways, that's how I spent today. Spinning up a Veeam proxy in that subnet, building new backup jobs, setting retention testing schedules and the weekly pushes to cold storage. I've decided to take this opportunity to test out some new poo poo I learned in Veeam and see if I can craft a config that makes our backup sizes more stable.
|
|
#
?
Sep 6, 2019 23:43
|
|
|
Is it running wsus on a free copy of SQL? That can be pretty slow if a bunch of devices are trying to update at the same time.
|
|
#
?
Sep 7, 2019 00:22
|
|
|
pixaal posted:Is it running wsus on a free copy of SQL? That can be pretty slow if a bunch of devices are trying to update at the same time. That's what downstream servers are for  And no, it doesn't seem to matter if it's WSUS or you go straight to the tap (Microsoft), Server 2016 just likes to take it's sweet time.
|
|
#
?
Sep 7, 2019 00:35
|
|
|
IIRC, Server 2016 has issues with the cumulative updates but you should be able to filter them out in WSUS and only use standalone updates.
|
|
#
?
Sep 7, 2019 00:40
|
|
|
Updating 2016 servers is slow as gently caress and awful, they really screwed something up with it, WSUS or regular WU doesn't matter. 2019 servers on the other hand patch fast as hell, I can have the monthly updates and reboots done in <15 minutes generally.
|
|
#
?
Sep 7, 2019 05:06
|
|
|
Disable the windows update service. Problem solved.
|
|
#
?
Sep 7, 2019 05:11
|
|
|
Moey posted:Disable the windows update service. Problem solved. We didn't so much disable it as have WSUS and SCCM 2003 just loving die on our legacy infrastructure. Since we have a couple thousand machines in that domain, any one of which could cure the common cold tomorrow, we've spent almost a year using my Powershell to deploy the stuff (Dell KACE) that can actually push Microsoft patches to lab machines.
|
|
#
?
Sep 7, 2019 05:47
|
|
|
|
| # ? Jun 4, 2024 20:48 |
|
|
I die inside when a request comes though for a new 2016 server because whatever app we’re getting doesn’t support 2019.
|
|
#
?
Sep 7, 2019 12:37
|
|