|
Arquinsiel posted:"CEO is too important for MFA"/"Bob in accounting is not important enough for MFA". "There's an additional monthly associated with every MFA user*, so we need to only give to those that really need it." * = whole company still on-prem for everything, nothing in Azure/cloud yet, so MFA was an additional monthly subscription cost per user** ** = 500 million euro per year multinational with 11 sites in 5 European countries*** *** = were crypto'd couple of months prior
|
# ? Nov 10, 2022 08:23 |
|
|
# ? Jun 4, 2024 10:49 |
|
Arquinsiel posted:"CEO is too important for MFA"/"Bob in accounting is not important enough for MFA". They really don’t like it when they demand both of these at once and you try to tell them they’re contradictory statements.
|
# ? Nov 10, 2022 12:41 |
|
The Iron Rose posted:We work with interesting poo poo guys! We can make sand talk to other sand halfway across the globe and create pretty pictures, or optimize new GMOs to improve crop yields, or perform facial recognition on a billion and a half people to create the world’s first cyberpunk dystopia. It’s loving cool! I'm now getting an itch to start an inquisition. Does that count as self motivation?
|
# ? Nov 10, 2022 13:27 |
|
The Fool posted:The application in question is TFE, each TFE workspace gets two teams, a read and a write, each TFE team has a corresponding app role so when someone logs in, they automatically have access to the correct workspaces I'm actually glad you encountered this and spoke up, I am designing some role provisioning right now for a university with a very hub-and-spoke distributed IT support model and I would've tripped that threshold.
|
# ? Nov 10, 2022 13:33 |
|
Silly Newbie posted:Response: please give me that in writing so I can properly attest to our cyber security insurance people. sixth and maimed posted:"There's an additional monthly associated with every MFA user*, so we need to only give to those that really need it."
|
# ? Nov 10, 2022 16:08 |
|
Arquinsiel posted:"CEO is too important for MFA"/"Bob in accounting is not important enough for MFA". Actual arguments when trying to get MFA integrated with ADFS at my old job, eventually I won out but holy poo poo
|
# ? Nov 10, 2022 16:13 |
|
Potato Salad posted:I'm actually glad you encountered this and spoke up, I am designing some role provisioning right now for a university with a very hub-and-spoke distributed IT support model and I would've tripped that threshold. The documentation says the limit is "about 1000" but we didn't have an issue until we hit 1255
|
# ? Nov 10, 2022 16:18 |
|
klosterdev posted:What on earth could posses a company to only want some of their users on MFA. My previous company (major financial company, Super Bowl ad kind of big) is rolling out 100% optional mfa for clients this winter. There’s currently no plans to force it on anyone, and you only need a username and password to view your sensitive financial docs. Instead of convincing them how bad an idea it was, I quit and went somewhere else.
|
# ? Nov 10, 2022 22:07 |
|
The Fool posted:One of the solutions put forward to replace this was to just manage team membership via api On second thought this is dumb, I have 300 active devs using this piece of garbage why would voluntarily give myself any user management responsibilities when the iam team already does it
|
# ? Nov 11, 2022 00:50 |
Because you broke AAD? I would love to see what y’all are doing up close and personal because it sounds dumb as shid and I <3 trashfires
|
|
# ? Nov 11, 2022 06:34 |
|
The AAD thing and the setup of SSO for TFE aren't that big of a problem. It was only an issue because we hit a limit on app roles inside of an app registration, and MS didn't think anyone would seriously try to do that. The real trash fire is in our onboarding process, and possibly our model for mapping application environments to TFE workspaces. The onboarding process is this massive collection of pipelines and ansible playbooks that take an environment definition (yaml) and deploy the scaffolding around the app environment to enable app teams to deploy stuff without having to set any of it up themselves. The onboarding process is what creates those app roles, and what broken when we hit the limit.
|
# ? Nov 12, 2022 01:00 |
|
in other news, I spent the last two weeks building out some certificate automation because "1-click renewal" is still too much for devs to handle
|
# ? Nov 12, 2022 01:09 |
|
The Fool posted:in other news, I spent the last two weeks building out some certificate automation because "1-click renewal" is still too much for devs to handle To be entirely fair I’m with the devs on this one.
|
# ? Nov 12, 2022 04:27 |
|
The Iron Rose posted:To be entirely fair I’m with the devs on this one. The cert lifecycle is managed with the rest of the infrastructure, it happens transparently if they do any infra changes within 30 days of the expiration if there are no infra changes they can do an empty plan and apply
|
# ? Nov 12, 2022 05:38 |
|
to be clear, the original design is not mine and I recently learned that one of the influences of that design was someone deciding to cheap out on venafi licenses couple high profile outages later and someone found the money so now some luckless engineer has to come up with a plan to integrate the venafi solution into the existing infrastructure
|
# ? Nov 12, 2022 06:39 |
|
I found out the ISP I retired from in 2018 still uses the one click deployment technology that I codeveloped. Because it impacts millions of customers I was told that it’s not going away any time soon because it just loving works.
tango alpha delta fucked around with this message at 09:54 on Nov 12, 2022 |
# ? Nov 12, 2022 09:51 |
|
tango alpha delta posted:I found out the ISP I retired from in 2018 still uses the one click deployment technology that I codeveloped. Because it impacts millions of customers I was told that it’s not going away any time soon because it just loving works. That's an underlined, bolded and highlighted line on your resume from now until the end of time right there.
|
# ? Nov 12, 2022 18:46 |
|
yeah if you built a thing that actually solved a problem, and also didn't cause more problems so the person coming behind didn't immediately want to replace it you are in the top 10%, easy
|
# ? Nov 12, 2022 19:05 |
|
So,a little background: I was a sysadmin for the entire build and deployment pipeline for about a thousand developers. One day, we met with the tech leads from every dev team and they asked for the impossible; the one click deploy. The idea was that a developer could ask our build server to deploy their compiled code to any environment (DEV/TST/PRE/PRD) with a single click and then the correct build agent or build runner would be automatically chosen to make that happen. And then there had to be some kind of confirmation that everything had worked as expected, with an easy to understand feedback system. I co-created that. It was an incredibly difficult thing to make because it required a ton of manual testing. To discover in casual conversation that it has apparently worked very well for the last five years and that they still consider it the best method to update millions of customers internet access is very cool. TLDR: i was one of those mythical sysadmins who really enjoyed making devs lives a lot easier. Some of them were pretty upset when I retired. tango alpha delta fucked around with this message at 22:49 on Nov 12, 2022 |
# ? Nov 12, 2022 22:34 |
|
Microsoft, stop doing this poo poo with the stuff that companies pay to use
|
# ? Nov 12, 2022 23:59 |
|
Thanks Ants posted:Microsoft, stop doing this poo poo with the stuff that companies pay to use Time to rake in the points, since we rely on bing as stock search engine I think I can grab a free game pass monthly that way.
|
# ? Nov 13, 2022 09:55 |
|
I think if I had to make any complaint about this InfoSec position, it'd be getting people to respond to my emails to be less like pulling teeth. Also fully reading the emails I send, as well, before replying.
|
# ? Nov 14, 2022 14:27 |
|
Reading emails is for nerds
|
# ? Nov 14, 2022 14:44 |
|
poo poo pissing me off today: Me. Specifically Past Me left one of my test servers in a horrifically broken state when I last used it two months ago. Past Me is (was?) an rear end in a top hat. Don't be Past Me.
|
# ? Nov 14, 2022 16:19 |
|
Wizard of the Deep posted:poo poo pissing me off today: Me. We are all past you. We are the users we hate.
|
# ? Nov 14, 2022 16:36 |
|
Wizard of the Deep posted:poo poo pissing me off today: Me. Look, it was a problem for Future You. It's not Past You's fault that Present You doesn't want to do the work given to you when Future You transformed.
|
# ? Nov 14, 2022 18:10 |
|
chin up everything sucks posted:Look, it was a problem for Future You. It's not Past You's fault that Present You doesn't want to do the work given to you when Future You transformed.
|
# ? Nov 14, 2022 18:44 |
|
GreenBuckanneer posted:I think if I had to make any complaint about this InfoSec position, it'd be getting people to respond to my emails to be less like pulling teeth. I'm surprised you didn't mention something about reading the entire email before replying.
|
# ? Nov 14, 2022 18:49 |
|
Che Delilas posted:I'm surprised you didn't mention something about reading the entire email before replying.
|
# ? Nov 14, 2022 18:51 |
|
Got a clock radio as my bedroom alarm and I woke up to an NPR report this morning saying the state of Michigan was hiring Deloitte to replace their unemployment insurance system (which wrongfully accused ~60k people of fraud and also caused yours truly to have to drive an hour to file an affidavit in person to attest that I did not claim unemployment benefits). My immediate thought was this thread's title.
|
# ? Nov 16, 2022 17:43 |
|
Day 16 after losing access to slack. Teams suck.
|
# ? Nov 16, 2022 20:46 |
|
i am a moron posted:Because you broke AAD? I would love to see what y’all are doing up close and personal because it sounds dumb as shid and I <3 trashfires Where do you work at? I spent all day Thursday creating some tickets, change requests, filled out the forms, etc. to phase out a Mac OS app by the end of the year. When someone looked at my request today they told me I need to create a packaging request with another group so a Mac uninstaller can be created. I did this but alas, all was cancelled as I don't "own" the product. I think that guy quit the company last year.
|
# ? Nov 16, 2022 20:47 |
|
RoboBoogie posted:Day 16 after losing access to slack. Teams suck. I hear that although I wish I could get people to use anything other than text messages. It's so bad that i'm like "ah...an email...this is food to me starving for anything other than SMS"
|
# ? Nov 16, 2022 21:48 |
|
strangehamster posted:Where do you work at? I spent all day Thursday creating some tickets, change requests, filled out the forms, etc. to phase out a Mac OS app by the end of the year. When someone looked at my request today they told me I need to create a packaging request with another group so a Mac uninstaller can be created. I did this but alas, all was cancelled as I don't "own" the product. I think that guy quit the company last year. Please fill out a change of app ownership form, attesting and affirming that you, your manager, and your manager's golf buddy take full and complete responsibility for anything bad that will happen now and forevermore. You also take responsibility for the app, I guess?
|
# ? Nov 16, 2022 21:55 |
strangehamster posted:Where do you work at? I spent all day Thursday creating some tickets, change requests, filled out the forms, etc. to phase out a Mac OS app by the end of the year. When someone looked at my request today they told me I need to create a packaging request with another group so a Mac uninstaller can be created. I did this but alas, all was cancelled as I don't "own" the product. I think that guy quit the company last year. Consulting ohhhhh yeaaaaaaaaaaaa
|
|
# ? Nov 16, 2022 23:10 |
|
No, I am not going to attend a training in person that can just as easily be done virtually. I understand most of the country has elected not to care about covid anymore, but I do. Go away.
|
# ? Nov 17, 2022 00:18 |
|
i am a moron posted:Consulting ohhhhh yeaaaaaaaaaaaa Is business good? Can I take people out to fancy restaurants for lunch and charge them for it? Kinda my dream job.
|
# ? Nov 17, 2022 00:28 |
strangehamster posted:Is business good? Can I take people out to fancy restaurants for lunch and charge them for it? Kinda my dream job. Business is booming. I’ve been to some country clubs and concerts with clients, but tbh you’re mostly going to do that as a salesperson. Technical people get opportunities but it’s not, like, a huge part of the job
|
|
# ? Nov 17, 2022 00:42 |
|
Here's a bit of Friday good news
|
# ? Nov 18, 2022 11:32 |
|
|
# ? Jun 4, 2024 10:49 |
|
Thanks Ants posted:Here's a bit of Friday good news God I wish that was me
|
# ? Nov 18, 2022 15:18 |