|
Bob Morales posted:Also today: uhhh hey hon we are getting 14 iPads that need to be set up for dietary...we want to restrict them but we don’t know exactly to what *looks behind him at cdw boxes* Ya I have 175 iPads and 100 iPhones that I'll need to start configuring for our Epic EMR go live here in a few months. We just Airwatch and it's so badly configured that it takes me 45 minutes to an hour to setup a single iPad/iPhone
|
# ? Apr 15, 2021 17:59 |
|
|
# ? May 29, 2024 03:28 |
|
mattfl posted:*looks behind him at cdw boxes* At least they didn’t buy a bunch of chrome tablets and then cry when they aren’t supported by the mdm “The sales guy said android tablets worked!” ChromeOS isn’t Android
|
# ? Apr 15, 2021 18:02 |
|
Does nobody use DEP?
|
# ? Apr 15, 2021 18:12 |
|
I did jamf + the apple provisioning thing for the iPad minis we used as room displays. Literally just had to inbox them, connect to WiFi, and wait. It was super nice.
|
# ? Apr 15, 2021 18:16 |
|
I'm alright with iPads as room displays, but they will balloon the batteries within a couple years
|
# ? Apr 15, 2021 18:19 |
|
My boss and my boss's boss like free poo poo so they keep agreeing to meetings with vendors and roping me in and I am going to just absolutely snap one day.
|
# ? Apr 15, 2021 18:43 |
|
Thanks Ants posted:Does nobody use DEP? Yes, we use DEP with Airwatch but it's so badly configured I rarely get an iPad on the network the first try.
|
# ? Apr 15, 2021 18:51 |
|
Internet Explorer posted:My boss and my boss's boss like free poo poo so they keep agreeing to meetings with vendors and roping me in and I am going to just absolutely snap one day. Webinar disease where they want to go to every single one and email back every vendor who spams them with poo poo?
|
# ? Apr 15, 2021 19:02 |
|
Sounds about right.
|
# ? Apr 15, 2021 19:05 |
|
Taking a break. Helper guy has to do a Zoom meeting for a speeding ticket plea.
|
# ? Apr 15, 2021 19:11 |
|
SlowBloke posted:If you have a hybrid AD and little payload in phase 2, whiteglove is the sole way to not have phase 3 crash and burn due to lack of AD objects missing in Azure. Also it's far quicker on the user as it will take far less time to just do phase 3 after providing credentials. To be honest this is kind of what we're thinking, now that Edgium exists. The only reason we ever started putting Chrome on was because A) Edge sucked and B) Firefox didn't play nice with GPO or MSI deployments (this is, y'know, back in the 2010s with traditional AD setups, I know they have an official MSI now). Now that we have Edgium built in, what the hell is really the point of Chrome? I find it slightly hilarious that after literal decades of MS bundling a web browser that everyone labeled an antitrust horror, which I guess was fair in the IE 4-6 days, the thing that actually may make the bundled web browser the choice over the competition is the fact it's built off the competition. Haven't yet gotten to hybrid AD yet but that's the next phase for some of our other customers (this deployment was for machines going to far away offices of this client that don't have a VPN, will never have a VPN, and certainly would never have an onsite DC or anything, so why put them on the AD domain). If anyone has any tips/tricks for hybrid AD join that aren't really emphasized enough in the Microsoft docs, I'm all ears.
|
# ? Apr 15, 2021 21:49 |
|
It makes everything more complicated. Avoid it if you can and go full Azure AD. That's my tip.
|
# ? Apr 15, 2021 23:04 |
Internet Explorer posted:It makes everything more complicated. Avoid it if you can and go full Azure AD. That's my tip. Full AAD on devices makes them easy as hell to deploy and maintain. Hybrid can get messy. but it’s really going to be driven by your end users use cases
|
|
# ? Apr 15, 2021 23:11 |
|
I have just recently deployed Defender for Identity and I am shocked how good it is. I expected a total shitshow and its... good? Integrating MCAS into on prem AD is pretty loving legit.
|
# ? Apr 15, 2021 23:12 |
|
Yup, if you are doing anything new go all in on autopilot/intune/azure ad only for your workstations. Any existing workstations can be enrolled after the fact to hybrid with a simple GPO tweak. With our switch to autopilot devices well over a year ago and a concentrated refresh effort we are down to ~400 workstations left in AD. The majority will fall off with attrition and the remaining handful that are AD-only belong to the infrastructure team to rdp into, like mine. I haven’t had to touch a desktop GPO in forever, it’s great.
|
# ? Apr 15, 2021 23:14 |
Sickening posted:I have just recently deployed Defender for Identity and I am shocked how good it is. I expected a total shitshow and its... good? Yea I mean not to be a shithead but I loving hope MS can accurately audit their own stuff and get the logs into the cloud. The honeypot account is cool too highly recommend it. By the way - you have to close alerts in both places (MCAS/DFI) which is annoying. Especially if you use service accounts for anything like SCCM cause that trips DFI endlessly. Any PS remoting does too. And be careful when you suppress or ignore alerts because there isn’t an easy way to undo that iirc
|
|
# ? Apr 15, 2021 23:20 |
|
Thanks Ants posted:Does nobody use DEP? DEP with Airwatch, moving to DEP with InTune. AirWatch is hot garbagé and I will die on this hill with anyone who says otherwise. InTune is strangely nice and I am enjoying it compared to previous attempts at MDM I've had to use (GOOD for Enterprise, Meraki). Sure it has its own nuances, but I can have a device from "Hello" to Home Screen usable in about 10 - 15. The biggest holdup is moving away from on premise MFA to Azure MFA, so we have to use the device login feature with the company portal setup
|
# ? Apr 16, 2021 10:27 |
|
Steakandchips posted:Bob, don't pull the cable. You're an IT worker, not an electrician. Please do not hire electricians to pull data cable. I've seen electricians that are good at it but I've seen a lot more that are terrible at it. Hire a proper data cabling contractor that is familiar with BICSI standards.
|
# ? Apr 16, 2021 13:54 |
|
Lynxifer posted:AirWatch is hot garbagé and I will die on this hill with anyone who says otherwise. I've said this before but the Gartner magic quadrant stuff a few years ago notably had no customer comments from AirWatch customers - it was because the lawyers had made them remove them all for being libellous they were that bad. Airwatch has been a flaming turd with a shitload of sales people since before VMWare bought it, it's obvious it's just a trojan horse for VMWare to get their virtual desktop stuff on people who are too dumb to find a better MDM provider's devices. I've also got a good GOOD story that I can't tell because it involves a company you've all heard of and would cause me a world of legal troubles.
|
# ? Apr 16, 2021 20:11 |
|
That's why you change the names to protect the stupid.
|
# ? Apr 16, 2021 20:44 |
|
ookiimarukochan posted:Airwatch has been a flaming turd with a shitload of sales people since before VMWare bought it, it's obvious it's just a trojan horse for VMWare to get their virtual desktop stuff on people who are too dumb to find a better MDM provider's devices. What would you recommend instead? We're looking at it and InTune and Airwatch seems marginally less lovely.
|
# ? Apr 16, 2021 23:51 |
|
We migrated from Airwatch (VMware Workspace ONE!) to Intune (Microsoft Endpoint Manager!) and I couldn't be happier. MEM does some dumb poo poo, and it helps that we're all in on Microsoft stuff, but it's so much more pleasant to use.
|
# ? Apr 17, 2021 00:37 |
|
guppy posted:Please do not hire electricians to pull data cable. I've seen electricians that are good at it but I've seen a lot more that are terrible at it. Hire a proper data cabling contractor that is familiar with BICSI standards. fair point. Bob, get one of those.
|
# ? Apr 17, 2021 07:50 |
|
sfwarlock posted:What would you recommend instead? We're looking at it and InTune and Airwatch seems marginally less lovely. We are going Intune for all the MS stuff and Jamf for all the apple stuff. And connecting the 2 only for inventory visibility. At least that’s the game plan.
|
# ? Apr 17, 2021 16:05 |
|
So at 3:15pm Friday (we leave at 4:00pm) my boss decided he wanted to start running cable...we did two of the shorted pulls and then he started talking about buying wire at Home Depot. Good luck chuck. I would go to the electrical reseller in town, they have all kinds of poo poo there, my old job we bought whatever we needed on PO there. Also the deadline magically turned from Monday to Tuesday.
|
# ? Apr 17, 2021 23:09 |
|
My employer really wants to get butts back in seats of the expensive building they bought and renovated right before covid hit. They got blasted on anonymous surveys during previous attempts to get people back in. This time they did a non-anonymous survey to gauge interest. Based on the answers they claimed that people overwhelmingly want to return to the office, so they have set dates because "we're nearing the end of the pandemic." I was bullshitting with a co-worker who happens to be a manager. They had some of the results shared with them. One of the questions was "How many days would you want to work out of the office per week?" Answers were 0, 1, 2, 3, 4, or 5. Anything other than zero was considered "I can't wait to get back into the office!" so they claimed 75% can't wait to come back. At least a dozen people who worked in the office have left since the beginning of the year. From speaking to one of them, they were asking about permanent/partial WFH going forward, told no, and found equal or better paying jobs that would let them WFH. But why keep those people who have been around up to 15 years when you want to justify that expensive-rear end building you bought? Thankfully for me, I have always been a remote employee. Unfortunately for me, our team is half the size it was a year ago and this summer is looking to be busy as gently caress.
|
# ? Apr 18, 2021 16:57 |
|
mllaneza posted:We've got a vendor charging us license fees for software implemented as ActiveX controls, so I feel ya. I had to set up remote connections for check scanners that do deposits directly to the clients bank with the bank’s IT guy. He couldn’t remote in so I had to loving share my screen and do everything for him. Short story: the entire account management/deposits web app system ONLY works in IE and ONLY works if you disable basically every possible security feature left in IE and then you have to turn off a bunch of windows defender/firewall stuff so the machine will let all of that run. It’s absolutely insane, this thing has scanned images of checks from who knows how many of our client’s clients stored on it with routing numbers and accounts and all sorts of poo poo. This bank should be freaking the gently caress out on their vendor
|
# ? Apr 18, 2021 19:31 |
|
GI_Clutch posted:My employer really wants to get butts back in seats of the expensive building they bought and renovated right before covid hit. Similar situation at my work but they never asked if anybody wants to return to the office 100% of the time or not. We're just being told that we're going from 50% to 75% soon and then back at 100% starting in a few months. When pressed on it, the most we get is "we might consider a hybrid scenario at some point in the future " which is just a nice way of telling you to gently caress off.
|
# ? Apr 18, 2021 21:11 |
|
Ratmtattat posted:
Seems like alot of people might just take that advice.
|
# ? Apr 18, 2021 21:47 |
|
I can't remember which thread I said it in, but crusty old rear end leadership isn't going to pay leases on offices that are mostly empty. Because crusty rear end leadership likes to go into the office for exhausting 4 hour days and not seeing every butt in the seat makes their leadership fiefdom less prestigious. When leases are due to expire some crusty old rear end leadership is going to jump on it to meet bonuses. The rest, well, you just have to wait for them to retire or die.
|
# ? Apr 19, 2021 01:20 |
|
Unfortunately the alternative to the crusty old rear end bosses are the less crusty bosses who have discovered they can cancel the leases and pass on the costs of internet/electricity/home network security to employees working remotely and save a ton of money. There are horror stories already I’ve read about people in other fields (mostly marketing and finance bullshit) where employers require you to have your own “office space” to work “remotely”
|
# ? Apr 19, 2021 01:46 |
|
sfwarlock posted:What would you recommend instead? We're looking at it and InTune and Airwatch seems marginally less lovely. I'll recommend InTune, but we're very much in bed with Microsoft / Office 365. We moved Exchange into the cloud from on premises, we're moving Sharepoint on premises to the cloud, and we're jumping on pretty much everything we can. Although sadly it looks like we're going to dump our on premises Ironport and go to ATP/EOP. If you have a hodgepodge of stuff in places that aren't O365, then it probably won't be as magical... AirWatch is confusing, disjointed and is just plain bad. It feels like almost everything was tacked on and doesn't really work well together. We've had situations where some of the settings we've applied to devices just don't work and support shrug and blame you. Support is hilarious. Tier 1 are clueless and clearly following a script, but to jump to Tier 2 to get the actual techs is a mission. I've raised P1 mission critical issues via phone support, only to have Tier 1 sit on it, and ask us to restart services. I find InTune fits the MS ethos in terms of UI and workflow. It has some odd quirks and a few oddities I don't understand why it does it like that. But things like Microsoft Tunnel with InTune is a magical thing that I love to pieces and balances out the oddity
|
# ? Apr 19, 2021 09:06 |
|
haha cable pulling is one of the most fun hot potatoes to deal with. I remember years ago before I was a manager, my old manager wanted an extra data point by his desk, he got some of that sticky back trunking, hacked a piece off and stuck it to the wall all wonky. He get absolutely shredded for doing such an awful job so start trying to claim he did it on purpose so he would be allowed to use the relevant contractors more easily. Some of my colleagues at other sites will do cable pulling at the weekend for overtime. I personally don't because it's a lot easier to argue 'we are not electricians, go away' compared to 'yeah I know we could do it, but if we are doing that, then we are not doing IT so we only do it for O/T' because sooner or later you find someone who goes crying to the boss that something is important and IT said they 'could' do it. Also, as per the story above, so many IT people bodge jobs like this and make it look poop so no
|
# ? Apr 19, 2021 10:32 |
|
Very, very few IT people know the electrical and fire codes in their area, much less the BICSI standards. Are you really sure that your people are using plenum or riser rate cable where required? Are you really sure that the installation is firestopped properly? That's before you even get into the fact that I guarantee you you will do a shittier job of cable management than a professional cable jockey. I'm convinced structured cabling installers are among the most badly underpaid groups around. They are magicians. (Not the people who own the companies, I'm pretty sure they make bank.) Violating code is bad, but imagine people dying because you didn't install cabling properly. No thank you, I will leave it to the pros.
|
# ? Apr 19, 2021 10:42 |
|
Two fresh boxes of cable on the floor this morning!guppy posted:Very, very few IT people know the electrical and fire codes in their area, much less the BICSI standards. Are you really sure that your people are using plenum or riser rate cable where required? Are you really sure that the installation is firestopped properly? That's before you even get into the fact that I guarantee you you will do a shittier job of cable management than a professional cable jockey. I'm convinced structured cabling installers are among the most badly underpaid groups around. They are magicians. (Not the people who own the companies, I'm pretty sure they make bank.) Bob Morales posted:Also today: uhhh hey hon we are getting 14 iPads that need to be set up for dietary...we want to restrict them but we don’t know exactly to what Hahaha....he rolls in 25 minutes late and says "Hey did you get Bitlocker installed on the IT laptops?" When did you think I was going to have time for that?
|
# ? Apr 19, 2021 13:30 |
|
guppy posted:Very, very few IT people know the electrical and fire codes in their area, much less the BICSI standards. Are you really sure that your people are using plenum or riser rate cable where required? Are you really sure that the installation is firestopped properly? That's before you even get into the fact that I guarantee you you will do a shittier job of cable management than a professional cable jockey. I'm convinced structured cabling installers are among the most badly underpaid groups around. They are magicians. (Not the people who own the companies, I'm pretty sure they make bank.) My $AWFUL_JOB quoted wiring, wifi, servers, pbx, paging system, security controls etc for a huge warehouse. I've told the story before, but I'm a computer toucher. Our sales guy just quoted "security/access system $10k" but didn't actually spec one or anything. He basically told me to go to Amazon and buy something and install it. This place was a high end clothing store with a huge expensive jewelry section that they wanted man traps, and high end security. I asked my by how he expected me to connect to the fire system so if there's a fire, the entire staff doesn't trapped and killed. He shrugged. I ended up having to call a real security contractor and just to show up and touch a commercial fire panel he wanted $5,000. I'm still mad about that job, and it's been five years.
|
# ? Apr 19, 2021 13:52 |
|
It's annoying having different systems to keep track of things. Helpdesk ticket system doesn't have any 'projects' in it. Because anything open past a certain number of days looks bad in metrics to the board. It's also basically broken since notes don't email update etc etc. Monday.com has mostly projects but other random lists and poo poo. Perfect if you like micro-managing poo poo. Spams the gently caress out of you with every update as well. Then you have good old email. "Hey, did you ever find out about x? I never got an update from you." I forwarded the email from the vendor to you. "Oh...well can you put it in x" "Hey, did you fix y?" Yea, I closed the ticket and wrote what changes were made in the notes. "Oh, I haven't looked at tickets in a day or two. Can you email it to me?"
|
# ? Apr 19, 2021 16:00 |
|
guppy posted:Please do not hire electricians to pull data cable. I've seen electricians that are good at it but I've seen a lot more that are terrible at it. Hire a proper data cabling contractor that is familiar with BICSI standards. My bosses decided to get our usual electrician to run Cat6 from our newly refurbished offices to the server room, despite my protests, as every time we used him before we had to get a contractor out to fix all the fuckyness that resulted in severe packet loss for most of the drops. That was back in October. He finally finished the last drop today. About 25% of the connections do not work, the other 25% have packet loss so bad they might as well not work. We paid for 100 IP phones in October, plus 100 IP phone licenses in our phone system. They have been sitting in a box collecting dust for almost 6 goddamn months as we do not have enough working network points to plug people in.
|
# ? Apr 19, 2021 16:58 |
|
Pissing me off: Googling for a combination of [productname] and SAML and the first page of results being various identity providers that have managed to SEO their way into appearing on the page despite only offering a password vaulting solution.
|
# ? Apr 19, 2021 17:25 |
|
|
# ? May 29, 2024 03:28 |
|
How has the Azure Pricing Calculator been such hot garbage for this long? Again, doesn't Microsoft have some interns they could throw at a problem?
|
# ? Apr 19, 2021 17:35 |