|
Hughmoris posted:For those who use Ansible at their jobs, can you give me some examples of how it's being used? Sometimes the marketing talk and blogger dazzle doesn't match up to the reality of how a product is used. We use Ansible playbooks to automate setting up development environments in WSL on developer laptops. It's great because, instead of relying on some kludgy shell scripts that one person wrote years ago and nobody knows how to update, now we've got some kludgy playbooks that one person wrote years ago and nobody knows how to update, but it sounds better on a resume.
|
# ? Aug 4, 2023 17:35 |
|
|
# ? May 27, 2024 21:45 |
|
xzzy posted:What's worse: covid or the cloud Yes.
|
# ? Aug 4, 2023 17:37 |
Hughmoris posted:For those who use Ansible at their jobs, can you give me some examples of how it's being used? Sometimes the marketing talk and blogger dazzle doesn't match up to the reality of how a product is used. Ansible/AWX is used for network configuration management and templating for the whole environment. Also using it for managing various server side jobs, environment customization etc. Network config is the big one though. Kills config drift and makes all changes controlled through a managed pipeline instead of ad hoc.
|
|
# ? Aug 4, 2023 17:52 |
|
Hughmoris posted:For those who use Ansible at their jobs, can you give me some examples of how it's being used? Sometimes the marketing talk and blogger dazzle doesn't match up to the reality of how a product is used. Do some home labs and get some ansible experience! It’s very simple to do basic stuff with and it’s stupidly flexible. It’s fundamentally a replacement for “run this script against X hosts”, with a ton of the error handling and idempotence handled out of the box for you. You can use it as a configuration management tool but that’s really just scratching the surface. We use it for preparing our packer VM builds, for configuring and managing services in client environments, and even for certificate rotation for the handful of places we haven’t fully automated with vault. It’s easily my favourite configuration management tool compared to Salt/Chef/the terrible cloud provider offerings. Great for network automation too though I’ve not used it much in that capacity. Who amongst us was not prematurely aged after the better part of a decade in this industry*? *offer not valid for workers who have a >10 meter commute or a physically demanding/destructive/demeaning job.
|
# ? Aug 4, 2023 18:02 |
|
The Iron Rose posted:Do some home labs and get some ansible experience! It’s very simple to do basic stuff with and it’s stupidly flexible. This is 90% of what we use it for and it's still been a great tool for us. We have a Python script that dumps our inventory database into an Ansible inventory file. We write playbooks for common security fixes on legacy platforms, and tedious CMs just become "ansible playbook blah blah blah target=DISPATCH_prod".
|
# ? Aug 4, 2023 18:21 |
|
A good way I've seen ansible described is "functional confluence pages" so if you have a process, any process, that you'd write a confluence page on, with step by step instructions, instead do it in ansible.
|
# ? Aug 4, 2023 18:30 |
|
Cenodoxus posted:We use Ansible playbooks to automate setting up development environments in WSL on developer laptops. i think ansible is pretty nice and easy to work with but yeah a lot of poo poo ends up being, you have an ansible playbook that is 30 lines long and references 3 other files, this could have been a 6 line shell script. But at the same time, one of the benefits of that verbosity and the simplicity of yaml (in the ansible context, at least), plus having, in general, very good documentation, is it has a pretty shallow learning curve -- its reliably been one of things our jr admins have been able to pick up most easily. we use it for IaC and all kinds of procedural stuff we have to do routinely, although the Ansible for IaC stuff is gradually being replaced by hashicorp products on one end of the spectrum and containerization on the other. I think Ansible shines pretty nicely when used with Packer though. it is a lot easier to dive into than chef, although it functions pretty differently to achieve a similar goal. post hole digger fucked around with this message at 19:33 on Aug 4, 2023 |
# ? Aug 4, 2023 19:31 |
|
tbh Ansible's a lot less bad than I made it sound. The agentless model is fantastic. Chef Client can burn in hell for all eternity. My biggest frustration to date has been trying to manage a ton of host and group variables in a clean manner with an easily-defined hierarchy for overrides. With Ansible, everything's just a big block of YAML and there are no less than 500 ways to do X. Host/group variable management is the one single thing I actually miss about Chef.
|
# ? Aug 4, 2023 20:18 |
Cenodoxus posted:tbh Ansible's a lot less bad than I made it sound. The agentless model is fantastic. Chef Client can burn in hell for all eternity. Yes this is definitely the biggest weakness. You have to rig it up yourself and unless you keep good control of it, results in different people doing it in different ways all over the place.
|
|
# ? Aug 4, 2023 20:38 |
|
What are the thread's recommendations for RMM solutions that don't require the end user to do anything? We're using ScreenConnect currently and while it works fine, I would say 1/5 or 1/4 users struggle with having to click the link and run the program to get the remote session going
|
# ? Aug 4, 2023 20:48 |
|
johnny park posted:What are the thread's recommendations for RMM solutions that don't require the end user to do anything? We're using ScreenConnect currently and while it works fine, I would say 1/5 or 1/4 users struggle with having to click the link and run the program to get the remote session going If you're already using SC, just deploy the agent to machines. It's not a true RMM (that's why Connectwise sells, y'know, Connectwise), but it gives you a decent chunk of info and is relatively easy to deploy - SC will build you an MSI / PKG / EXE and it's like 2 MB.
|
# ? Aug 4, 2023 21:08 |
|
how the gently caress did the vpn manage to make a msi that doesn't work with intune
|
# ? Aug 4, 2023 21:14 |
|
johnny park posted:What are the thread's recommendations for RMM solutions that don't require the end user to do anything? We're using ScreenConnect currently and while it works fine, I would say 1/5 or 1/4 users struggle with having to click the link and run the program to get the remote session going Do you mean RMM or do you want a remote support application? Are these endpoints you manage?
|
# ? Aug 4, 2023 21:43 |
|
Sorry, I guess I didn't understand what RMM meant. I mean a remote support application for user laptops, yes
|
# ? Aug 4, 2023 21:49 |
|
For what it's worth, this is a major, never-ending debate, but you can absolutely use Ansible and it's good for the things it's good for, but you can also just roll your own Python scripts with other packages (Netmiko, Nornir, etc.) and it's somewhat more flexible. Either tool set is fine if it does what you need it to, but Ansible isn't the only option.
|
# ? Aug 4, 2023 22:00 |
|
We use the “remote support standard” license for screenconnect and deploy the agent. It’s per concurrent tech so you don’t even need one per tech if you’re cheap and a light work load. Hosted on the cloud with Cyks fucked around with this message at 22:06 on Aug 4, 2023 |
# ? Aug 4, 2023 22:01 |
|
guppy posted:For what it's worth, this is a major, never-ending debate, but you can absolutely use Ansible and it's good for the things it's good for, but you can also just roll your own Python scripts with other packages (Netmiko, Nornir, etc.) and it's somewhat more flexible. Either tool set is fine if it does what you need it to, but Ansible isn't the only option. God I miss the days when people used descriptive names for their poo poo. Now every little library or platform or tool has to have a google-safe name like "Flerpy" or "Bythma" and if you don't know what those are or what they do or why anyone would use them then it's just more work to find out why using "Bample" is a better solution to your current problem than using "Prixbag" or "Ungungundu".
|
# ? Aug 4, 2023 22:05 |
Cyks posted:We use the “remote support standard” license for screenconnect and deploy the agent. It’s per concurrent tech so you don’t even need one per tech if you’re cheap and a light work load. you're in posting jail for using entra
|
|
# ? Aug 4, 2023 22:14 |
|
johnny park posted:Sorry, I guess I didn't understand what RMM meant. I mean a remote support application for user laptops, yes Do you meet the prerequisites for this? https://learn.microsoft.com/en-us/mem/intune/fundamentals/remote-help
|
# ? Aug 4, 2023 22:15 |
|
Nvidia engineers are back today. And we're going over the testing process for their GPU servers. Got a quiet, fearful "oh poo poo" when he dropped a 10,000 dollar known-good GPU in the ground.
|
# ? Aug 4, 2023 22:35 |
|
Susat posted:Nvidia engineers are back today. And we're going over the testing process for their GPU servers. Got a quiet, fearful "oh poo poo" when he dropped a 10,000 dollar known-good GPU in the ground. In the box?
|
# ? Aug 4, 2023 22:45 |
|
3|\|tr@
|
# ? Aug 4, 2023 23:02 |
|
i am a moron posted:
I love that it’s being called just Identity in the admin portal. And intune, formally Microsoft Endpoint Manager, is just Endpoint.
|
# ? Aug 5, 2023 00:30 |
|
So, how would y'all go about sharing out another user's calendar to the admin or that users boss in exchange online? So they can schedule. Been resetting pw's then manually sharing the calendar. Far from ideal. Help
|
# ? Aug 5, 2023 00:39 |
I’m not even going to dignify that with a let me google that for you link
|
|
# ? Aug 5, 2023 00:40 |
|
Is it really only doable in power shell?
|
# ? Aug 5, 2023 00:42 |
|
Yeah, Powershell or paid addons (we use Easy365Manager, it's an ADUC plugin)
|
# ? Aug 5, 2023 00:51 |
|
thinking of full mailbox not calendar only
|
# ? Aug 5, 2023 00:52 |
Lol drat I was being a dick since when can’t you delegate calendar permissions using Outlook or the UI?? Or did I imagine that’s how you do it
|
|
# ? Aug 5, 2023 00:56 |
You know what I’m glad I don’t know. gently caress email never read em
|
|
# ? Aug 5, 2023 00:57 |
|
The user would delegate it, yes. I guess if the user isn’t available and you need to give out permissions? Though not sure why you’d give an employee’s boss permission to schedule for them directly on their calendar. The only time I’ve ever done what is being asked is to give permissions out to somebody’s assistant because they were computer illiterate.
|
# ? Aug 5, 2023 01:00 |
|
Thanks Ants posted:Do you meet the prerequisites for this? I'll ask on Monday, thanks!
|
# ? Aug 5, 2023 01:02 |
|
johnny park posted:I'll ask on Monday, thanks! Heads up, it’s $3.50/mo per user (both helper and helpee!) making it stupidly expensive with less features than connectwise.
|
# ? Aug 5, 2023 01:04 |
|
Got an interview next week for a senior engineer position. Pay is topped out at $100k but I think I'm okay with that being as I live in a relatively low cost of living area. It is for an MSP but on their projects side rather than triage or helpdesk work, which would be a-ok with me. I've wanted to at least try with an MSP for several years now so I could get a taste of a bunch of different tech, but am nervous it still might have the same issues that you hear with MSPs. Either way it's nice to finally have companies start actually reaching out for interviews. Ready to get back to work.
|
# ? Aug 5, 2023 01:08 |
Cyks posted:The user would delegate it, yes. I guess if the user isn’t available and you need to give out permissions? Some departed employees boss is probably using the calendar because it’s…. Critical or something If you have access to the account just do this: https://support.microsoft.com/en-us/office/allow-someone-else-to-manage-your-mail-and-calendar-41c40c04-3bd1-4d22-963a-28eafec25926
|
|
# ? Aug 5, 2023 01:08 |
|
I try not to grant myself direct access to mailboxes if I can help it. Set-MailboxFolderPermission would be the less messy way to do it.
|
# ? Aug 5, 2023 01:13 |
|
Cyks posted:The user would delegate it, yes. I guess if the user isn’t available and you need to give out permissions? Yeah that's essentially why I'm doing that. These are people who don't want to deal with m365 stuff beyond checking their schedule or email - plus aren't in the office at all much. So their passwords get reset when something needs to be changed. Its not terrible but it just isn't ideal; especially since I just got everyone on board with having separate passwords rather than..not. I worked out a powershell script I think will do what I want without resetting pw's but testing it on my account wasnt successful. I've got the email helpdesk etc roles on for me. Tbf though I've very very little experience with powershell. And all things m365. Stuff was simpler last time I was doing anything like this (a decade ago lol)
|
# ? Aug 5, 2023 01:14 |
Trauts says they are constantly resetting passwords so we might be in a ‘lol… sigh’ kinda scenario here Edit: send them my link and tell them to sort it the gently caress out themselves
|
|
# ? Aug 5, 2023 01:14 |
|
Thanks for the link and the confirmation I was on the right track with the powershell. I am actually leaning towards not setting up delegate access since it apparently generates more email notifications. The Can edit events level should be sufficient I think. Anyways thanks for the help.
|
# ? Aug 5, 2023 01:26 |
|
|
# ? May 27, 2024 21:45 |
|
Sunblood posted:I try not to grant myself direct access to mailboxes if I can help it. Set-MailboxFolderPermission would be the less messy way to do it. This is the way I do it when my boss lets me, it's pretty straightforward. follow this guide and make sure you understand the syntax before you start changing anything. IIRC you'll need the 365 exchange admin role if you're on AAD.
|
# ? Aug 5, 2023 01:39 |