|
Hmm.. in regards to DFS. Is there really any necessary reason to throw it in failover cluster manager? I noticed it's a role in that. I just installed DFS on two of my file servers and they both share the same namespace?
|
# ? Oct 4, 2019 18:56 |
|
|
# ? May 28, 2024 14:58 |
|
It all depends on how highly available within your maintenance windows you need your files to be. DFS by its nature is a persistent name space with capability of replicating the files for site availability, failover makes that namespace and replication highly available. DFS is also jet-based system and always has the possibility of corruption and fall into a resync hell. 2012 R2 and later do a lot to remediate this behavior, but if you could prevent it from the get-go i would.
|
# ? Oct 4, 2019 22:48 |
|
I'm not too familiar with hosting Windows servers in the cloud but it's become a requirement for one of our servers. The problem is that this ancient service that will be on the server only works over telnet sessions. So those familiar with AWS or Azure, can you setup private networks that you can create a VPN connection to so they can continue using insecure telnet to the server? Is this a thing? edit: nvm looks like it's called VPC.
|
# ? Oct 8, 2019 20:18 |
|
Yes, it's really simple to do. AWS, Azure, Google all support it. If the service is critical then you can have redundant tunnels and run BGP, or have a private link into your nearest region.
|
# ? Oct 8, 2019 20:24 |
|
Looking for an application similar to Cacti but isn't cacti to monitor performance and keep a historical log to review performance trends for physical/virtual servers. Any recommendations? I am hoping for it to be on-prem but I am open to cloud based as well. I would like to have graph/performance data on CPU, Memory, Storage, Network. I am not really looking for an alerting system for up/down nodes.
|
# ? Oct 9, 2019 05:45 |
|
I like PRTG
|
# ? Oct 9, 2019 11:35 |
|
Thanks Ants posted:I like PRTG Second this.
|
# ? Oct 9, 2019 14:38 |
|
Solarwinds SAM
|
# ? Oct 10, 2019 00:08 |
|
I found an unfortunate bug with Office 365 today that appears to be reproducible every time. We currently have ~300 mailboxes using the hosted Exchange 1 and 2 plan licensing. We're in the process of upgrading these to E3 licenses and so what we did was add the E3 licenses to a subset of users. However, our mistake apparently was not removing the Exchange Plan licenses and therefore they had both licenses attached to their user. The web interface and powershell both let you do this without errors or warnings. Anyway, a couple days later we cleaned up the licenses by removing the Exchange Plan licensing from this subset of users but still leaving the E3 licensing attached which resulted in their mailboxes being deleted. We immediately added the Exchange Plan licenses back to the users which reattached to their soft-deleted mailboxes and so all was good, but unfortunately we can't remove that Exchange Plan licenses now without the mailbox deleting. So after a day of troubleshooting, no thanks to Microsoft support, the solution was to remove all licensing from the user, wait about 10 minutes, then only add the E3 license back which seems to be working. I assume this isn't limited to these license types but to any license that includes a mailbox. kiwid fucked around with this message at 18:37 on Oct 10, 2019 |
# ? Oct 10, 2019 18:34 |
|
kiwid posted:I found an unfortunate bug with Office 365 today that appears to be reproducible every time. I just went through migrating my company of about 400 from Office365 E3 to Microsoft365 E3 using the same technique (overlapping licensing) and didn’t have any mailbox issues. Well...other then discovering that Help Desk has been assigning O365 licenses to shared mailboxes which threw off our licensing requirements.
|
# ? Oct 10, 2019 22:16 |
|
Whats the goto easy tool that will let me boot from a usb/cd and image a local drive to a smb/cifs share? I haven't done workstation support in ages and I need to take a cold copy of a drive in the event things don't go well.
|
# ? Oct 10, 2019 22:30 |
|
Pretty sure that dd on a live Linux boot is still the best way to do that.
|
# ? Oct 10, 2019 22:39 |
|
Clonezilla can do that. It's an open-source linux live cd/usb with a bunch of cloning tools. If you're looking for Windows software Macrium Reflect has an option to create a bootable image.
|
# ? Oct 10, 2019 22:46 |
|
Seconding Clonezilla. Between that and GParted I haven't found a single disk imaging scenario I haven't been able to handle. A bunch of live boot images have both of them.
|
# ? Oct 10, 2019 23:53 |
|
Sacred Cow posted:I just went through migrating my company of about 400 from Office365 E3 to Microsoft365 E3 using the same technique (overlapping licensing) and didn’t have any mailbox issues. Weird. I'm able to reproduce this issue every time.
|
# ? Oct 11, 2019 00:20 |
|
Microsoft project managers are you okay
|
# ? Oct 11, 2019 01:36 |
|
I wouldn’t be if I had to use sharepoint as my pm tool.
|
# ? Oct 11, 2019 01:58 |
|
kiwid posted:Weird. I'm able to reproduce this issue every time. I wonder if (and this is just me guessing here) it has to do with your company moving from non-E3 licensing to E3. It might have to migrate the mailboxes to a new environment since its offering additional services compared to a regular hosted Exchange. Again, just me guessing going by my past experience with them.
|
# ? Oct 11, 2019 13:18 |
|
Sacred Cow posted:I wonder if (and this is just me guessing here) it has to do with your company moving from non-E3 licensing to E3. It might have to migrate the mailboxes to a new environment since its offering additional services compared to a regular hosted Exchange. Again, just me guessing going by my past experience with them. Yeah that sounds possible.
|
# ? Oct 11, 2019 14:35 |
|
What's the best way to deal with messed up user profiles/home directory folders? Got a couple thousand user profiles\home drives and the permissions are totally messed randomly on a whole lot of them. When I need to access the profile as a domain admin, I'd have to take ownership, and sometimes it doesn't trickle down and I'd have to go down a couple levels into the folders\files and keep taking ownership.
|
# ? Oct 16, 2019 03:37 |
|
lol internet. posted:What's the best way to deal with messed up user profiles/home directory folders? Work in an elevated powershell, or disable UAC. The Administrator group is always stripped from your explorer session otherwise.
|
# ? Oct 16, 2019 07:32 |
|
What's a good way to assign GPO policies to users when item level filtering isn't an option? We decided to shut off Word/Excel/PowerPoint macros via GPO after a malicious .docm made it through our filters, but there are a few users who need to use Excel Macros from an outside organization to do their job, so we want to make Excel macros enabled for a few specific users. My understanding is that you used to be able to use Security Filtering, but at some point MS decided that should apply to computer objects but not user objects. Ideally, I'd like to apply an explicit Excel macro-allowed GPO further down the AD tree (so it takes precedence), that applies only to users in a specific security group, but I'm unsure if that is still doable. What's the best way to have certain GPOs only apply to certain users without separating them by OU?
|
# ? Oct 25, 2019 16:17 |
|
The computer account needs to have read rights now, but you can still do security filtering by setting read/apply delegation to a group of users and just plain read to authenticated users. Assuming this is a user-side policy.
|
# ? Oct 25, 2019 16:23 |
|
Quest software is pissing me off ever since Dell sold them to Private equity. Any of you folks using a good AD Audit/Recovery tool in a larger environment? I've got like 65 locations with DC's and 35K enabled user objects. StealthBits seems promising. NetWrix seems OK but I prefer something else, their stack seems limiting. Budget not really an issue. skipdogg fucked around with this message at 22:08 on Oct 25, 2019 |
# ? Oct 25, 2019 22:00 |
|
DatAdvantage has an AD module that might fit your needs.
|
# ? Oct 25, 2019 22:10 |
|
Budget not really an issue* *except Varonis I'm not sure what that products pricing is like, but we're well funded and even we balked at the price tag of their data protection/classification
|
# ? Oct 25, 2019 22:25 |
|
AreWeDrunkYet posted:The computer account needs to have read rights now, but you can still do security filtering by setting read/apply delegation to a group of users and just plain read to authenticated users. Assuming this is a user-side policy. Awesome, thanks!
|
# ? Oct 26, 2019 03:20 |
|
Nitr0 posted:Solarwinds SAM Solarwinds exists only as a service where you give them the contact info of someone you don't like and they make your enemy's life miserable.
|
# ? Oct 26, 2019 03:44 |
|
skipdogg posted:Quest software is pissing me off ever since Dell sold them to Private equity. Really ? Uh oh, we just deployed about 1300 KACE clients. Using PowerShell scripts I wrote :-)
|
# ? Oct 26, 2019 03:47 |
|
klosterdev posted:Awesome, thanks! This is exactly how I do my macro disable policy. It applies to everyone, but I have an AD group set up with deny apply for the exceptions.
|
# ? Oct 26, 2019 11:52 |
|
Not sure how much of this is hyperbole but beware, East US2 Azure VM users. We haven’t hit any limits yet but we’ve only just started moving our apps to Azure. It’s also not clear if it’s purely full OS VMs or other services like App Service Plans or Kubernetes clusters.
|
# ? Nov 1, 2019 13:30 |
|
Loads of cool stuff coming out of Ignite, MS are going big on identity which is nice because Azure AD is a decent product. This has made my life a lot easier: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow
|
# ? Nov 4, 2019 21:10 |
|
I was in the identity preday yesterday, and yeah there is a lot good stuff coming. Felt bad about adfs getting dumped on so much, but otherwise it is all good stuff.
|
# ? Nov 4, 2019 21:57 |
|
I read the thing about AD Connect cloud provisioning and assumed that meant not having to use Exchange servers to edit email aliases any more, but it doesn't seem to be quite there yet
|
# ? Nov 4, 2019 22:04 |
|
Identity is a big pain point for me. Looking forward to the improvements as well.
|
# ? Nov 4, 2019 23:45 |
|
Thanks Ants posted:I read the thing about AD Connect cloud provisioning and assumed that meant not having to use Exchange servers to edit email aliases any more, but it doesn't seem to be quite there yet I don't know why this is such a challenging thing for them to fix.
|
# ? Nov 4, 2019 23:46 |
|
Yeah I don't get it either. I assume for companies that are actually in a hybrid Exchange setup it's complicated, but for people who just have a synced AD surely just get on and write that stuff back.
|
# ? Nov 4, 2019 23:56 |
|
SSO was pushed quite a bit yesterday and this bullshit makes me very angry. Adobe, the vendor that makes me the most angry about this issue isn't even on the list. If I get drunk enough tonight I might make a pr.
|
# ? Nov 5, 2019 03:15 |
|
I’ve had a number of presenters this week tell me that azure mfa is now free.
|
# ? Nov 6, 2019 15:48 |
|
|
# ? May 28, 2024 14:58 |
|
The Fool posted:I’ve had a number of presenters this week tell me that azure mfa is now free. If that is true that is huge. They are basically conceding a metric poo poo ton in licensing fees to present a more secure product.
|
# ? Nov 6, 2019 15:52 |