|
Interesting, thanks for the responses. Wild that "put all your files in SharePoint" is the advice over hosted SMB3. I mean it only took 20 years, but I guess CIO magazine won in the end.
|
#
?
Aug 25, 2023 15:16
|
|
|
|
| # ? May 14, 2024 06:00 |
|
|
It was touched on in the other responses but the reality is that as of like 5 years ago the OneDrive client + Sharepoint Online Libraries are just the lowest pain solution for filesharing in a distributed work force. All you need is a 365 sub. No VM's, no VPN's, no configuration, no deployments, it just works.
|
|
#
?
Aug 25, 2023 15:36
|
|
|
I guess the main catch with SPO/OneDrive for Business is that it works best with the Office suite and other software designed to work with it. Everything else needs to behave well in an environment where files are downloaded and uploaded and there might not be a proper locking mechanism.
|
|
#
?
Aug 25, 2023 15:42
|
|
|
I'm really interested in "big ol' 'serverless' SMB share" because we have a bunch of people who write out lots of files (some Excel/PPT but mostly data science formats) to a SMB share already hanging off a file server that's an Azure hosted VM. But given the sync issues SPO/OneDrive causes in our current environment I think there'd be a hell of a lot of analysis errors and "output_blah (LAPTOP13 Conflicted Copy).gz" going on. Not to mention, not shared paths, stricter storage / object limits. I don't see how SPO would work at all for this last piece. (We've moved all the accounting, read-out, other stuff to OneDrive/SPO). If I could solve this I could kill two servers and move off hybrid AD.
|
|
#
?
Aug 25, 2023 15:46
|
|
|
nielsm posted:I guess the main catch with SPO/OneDrive for Business is that it works best with the Office suite and other software designed to work with it. Everything else needs to behave well in an environment where files are downloaded and uploaded and there might not be a proper locking mechanism. I've rarely seen it explode in a spectacular fashion, but there have been a few times when I've helped people with an unrelated thing and noticed the red x on their Onedrive. No one ever notices when their Onedrive is broken until it's too late Does azure files work over the internet? Last I looked into it a few years back it seemed to only really be supported with an azure vm. I only really use it with fslogix profiles for AVD
|
|
#
?
Aug 25, 2023 16:56
|
|
|
Azure Files works but your client has to be an Azure AD joined device using an account synced from on-prem AD, and you need to do the cloud Kerberos trust stuff
|
|
#
?
Aug 25, 2023 17:13
|
|
|
Hed posted:I'm really interested in "big ol' 'serverless' SMB share" because we have a bunch of people who write out lots of files (some Excel/PPT but mostly data science formats) to a SMB share already hanging off a file server that's an Azure hosted VM. But given the sync issues SPO/OneDrive causes in our current environment I think there'd be a hell of a lot of analysis errors and "output_blah (LAPTOP13 Conflicted Copy).gz" going on. Not to mention, not shared paths, stricter storage / object limits. I don't see how SPO would work at all for this last piece. (We've moved all the accounting, read-out, other stuff to OneDrive/SPO). Those excel and PPT files need to go to onedrive. Unless these are scientists that go off the grid with shares sharepoint resolves mutli-office file writes. (with the exception of access lol) For all other files you'd probably want Continuous availability SMB shares to mitigate that. It seems that Microsoft is inventing\fixing technologies that gently caress with Azure Virtual desktop.
|
|
#
?
Aug 25, 2023 22:31
|
|
|
A follow up question... Anyone know if hosting a QuickBooks database in Azure files with multiuser mode is possible? Based on what I am reading I think no, but my boss feels certain the answer is yes. Trying to kill off a file server if possible, the only thing it still hosts is QuickBooks.
|
|
#
?
Aug 25, 2023 23:10
|
|
|
If it relies on file locking then no
|
|
#
?
Aug 25, 2023 23:21
|
|
|
snackcakes posted:A follow up question... Anyone know if hosting a QuickBooks database in Azure files with multiuser mode is possible? Based on what I am reading I think no, but my boss feels certain the answer is yes. It probably will not work. Move to the hosted version of quickbooks instead.
|
|
#
?
Aug 25, 2023 23:39
|
|
|
MF_James posted:Move to the hosted version of quickbooks instead. This
|
|
#
?
Aug 25, 2023 23:48
|
|
|
Quickbooks Multiuser barely works on a normal share, do not tempt fate by putting it on something that doesn't behave like a normal share.
|
|
#
?
Aug 26, 2023 04:16
|
|
|
incoherent posted:Those excel and PPT files need to go to onedrive. Unless these are scientists that go off the grid with shares sharepoint resolves mutli-office file writes. (with the exception of access lol) If you for some reason do use Access databases, consider splitting them so all the tables are stored in an Azure SQL Server instance, and the MDB file only contains the forms and VBA code there might be. At least I think that is possible.
|
|
#
?
Aug 26, 2023 09:53
|
|
|
Question, is PKI required for an RDP cluster/farm using a domain with a .local TLD? We're having all kinds of certificate warnings and random errors in a new deployment. Is PKI absolutely required in this scenario?
|
|
#
?
Sep 5, 2023 17:08
|
|
|
kiwid posted:Question, is PKI required for an RDP cluster/farm using a domain with a .local TLD? It is not required, no.
|
|
#
?
Sep 5, 2023 21:54
|
|
|
We use Global Relay to archive our Email & Teams messages. It appears Teams is deprecating some API and Global Relay will have to use Graph API to get messages going forward. To keep using Global Relay, we'll have to upgrade everyone to E5 (or at least E5 Compliance). If we end up with E5 couldn't we just use Microsoft directly for archival & eDiscovery? Anyone have any experience with this or "watch outs" on why this wouldn't work?
|
|
#
?
Sep 8, 2023 04:45
|
|
|
you can buy graph index quota separately, so check on that pricing too ms ediscovery is fine, but i don't think ms has any real archival options that wouldn't require a bunch of fiddling and extra work
|
|
#
?
Sep 8, 2023 04:57
|
|
|
MF_James posted:It is not required, no. How do you get around the certificate issues? Unrelated, I'm doing a print server migration this weekend. Is there really no easy way to deploy printers still because of print nightmare? If I turned off the require RestrictDriverInstallationToAdministrators setting for the purposes of the migration and then re-enabled it after printers were deployed, would this cause issues after re-enabling? Putting Type 4 drivers aside, how are you guys installing printers these days? I've heard some sysadmins are installing locally on each machine, while others are typing domain admin creds to install (which is bad practice).
|
|
#
?
Sep 12, 2023 16:58
|
|
|
Just waiting for 2027 and let microsoft handle all the printing.
|
|
#
?
Sep 13, 2023 05:48
|
|
|
That's just saying that they're going to stop accepting new proprietary printer drivers to Windows Update, not that printing is actually going to get any better. They're just defining IPP as the "class driver" for all future printers. The concept of a universal class driver for printers sounds great, obviously class drivers have worked out great in the USB world, but my personal experience with IPP for as long as it's been the default in Windows has been one of hate and frustration where it breaks in weird ways that never happen with the classic JetDirect style port 9100 stuff. If I were the dictator of printers I'd just say they all need to expose a HTTP service where you could PUT a PDF to /printqueue/ or whatever and the printer is then expected to take it from there. Every OS that matters has been able to generate PDFs for years at this point, it's the most widely used digital paper format, and most decent printers already support it. It just needs a basic API for feature selection and status to be a complete solution for 99.9999% of printing needs. edit: Thanks Ants posted:I don't know why printing at this point isn't just sending a PDF to the device along with some API calls to tell the printer what tray to use and if it should be duplexing or whatever. Compute power is so cheap that there shouldn't be any need for the print driver to do much. 
wolrah fucked around with this message at 15:01 on Sep 13, 2023 |
|
#
?
Sep 13, 2023 14:53
|
|
|
I don't know why printing at this point isn't just sending a PDF to the device along with some API calls to tell the printer what tray to use and if it should be duplexing or whatever. Compute power is so cheap that there shouldn't be any need for the print driver to do much.
|
|
#
?
Sep 13, 2023 14:59
|
|
|
Holy hell I went down the printer rabbit hole today. First, Type 4 drivers just wouldn't work at all for me. They'd print from the server but I could never get the client to print via a printer connection. Scrapped that idea, then decided to go with universal PCL6 print drivers. Luckily we only have 3 vendors of printers about and all 3 had a solid universal driver. After almost giving up following countless different guides online, I found this reddit post: https://old.reddit.com/r/sysadmin/comments/ptvwo1/generic_way_to_install_printer_drivers_help/ I was able to push those 3 universal print drivers to all clients via PDQ Deploy and then rolled out the printer deployment GPO without issue. I need to retire into a middle-management position cause I'm getting too old for this poo poo.
|
|
#
?
Sep 13, 2023 21:40
|
|
|
kiwid posted:How do you get around the certificate issues? You could deploy the cert to all machines so they trust it, not saying that's a great idea, but it's possible. For driver installation, there's another GPO that you can specify allowed print servers, so clients can install the driver from your print server. Other option is to push the drivers via your RM software which looks to be the route you went.
|
|
#
?
Sep 13, 2023 21:55
|
|
|
I highly recommend that if you have the budget for it, to go with something like Printerlogic to take care of printing administration. Seriously, it's worth it.
|
|
#
?
Sep 13, 2023 22:54
|
|
|
chocolateTHUNDER posted:I highly recommend that if you have the budget for it, to go with something like Printerlogic to take care of printing administration. Seriously, it's worth it. I considered this, either that or Papercut. But they don't put pricing on their website and I didn't want to waste hours talking with a sales rep. We have 21 printers across the org, not sure if that's worth the service or not?
|
|
#
?
Sep 14, 2023 14:07
|
|
|
kiwid posted:I considered this, either that or Papercut. But they don't put pricing on their website and I didn't want to waste hours talking with a sales rep. I just got my renewal quote today and it’s $130/yr for under 25 printer queues. Over 25 is suppose to be $93 each but my quote isn’t discounted correctly so I need to rep one. Printer logic will get you in touch with a company who handles smaller purchases so it should be similar pricing for everyone.
|
|
#
?
Sep 14, 2023 21:01
|
|
|
MF_James posted:It probably will not work. absolutely. one of my siblings is a Professional Accountant they recommend everyone go to qbo
|
|
#
?
Sep 17, 2023 03:33
|
|
|
I'm having my rear end kicked by a Kerberos problem at the moment. Scenario is client devices that are Azure AD joined, off a synced AD domain running on Server 2019. This domain has a two way trust with the AD domain of a parent company, who host an app on IIS that uses Windows authentication. This app is a bit of a black box and the contacts at this parent company are not hugely helpful because it works for them (all their clients are in the same domain as the servers, we're the only ones with a trust relationship). This setup has been working for two years. My issue is that there is something in KB5030219 and (KB5029351 which it supersedes) that stop this authentication flow working, the IIS app just returns an error that NT AUTHORITY\ANONYMOUS LOGON is trying to log in, and if I compare the klist output pre and post-update then after the update I am missing a ticket granting ticket with the DELEGATION flag - the TGT with the PRIMARY cache flag is there, as are the tickets for the trusted domain. Domain controllers (Server 2019) are all up to date. I have Windows Hello for Business cloud Kerberos trust enabled and working, though it makes no difference if a client device is logged in via Hello or a password, I have the same problems each time. Does this happen to match anything that is commonly known as a problem, or should I go with the approach of getting a MS professional support ticket created while at the same time beating these people for doing integrated Windows auth still?
|
|
#
?
Sep 19, 2023 22:45
|
|
|
Are you able to use any the old school command line Kerberos utilities? Those probably won't solve the problem but might get you more information on exactly what the hell actually going on with the protocol.
|
|
#
?
Sep 21, 2023 12:01
|
|
|
For those of you using Teams telephony, how do you prevent users from calling shared mailboxes via the search bar? We have a business unit that receives the bulk of their work through emails to a shared mailbox. Users are using the search bar in Teams to call them, which dumps to a voicemail that shows up in the inbox. This is not how they want it to work. Our network team worked with our telephony msp on this, and the only answer they came up with was to hide the mailbox from the GAL. This is undesirable because then people can't find them to send an email. I figure we can't be the first place to run into this. Have any of you encountered this or have a suggestion?
|
|
#
?
Sep 25, 2023 22:39
|
|
|
How does the shared mailbox have a voicemail box? Is there a Teams Phone license assigned to it for some reason?
|
|
#
?
Sep 25, 2023 22:41
|
|
|
Anyone work with Azure Virtual Desktop before? I made a custom image and saved it to the compute gallery. Now I want to go back to modify that same image but I cannot turn on my gold image no more? Do I need to deploy from the compute gallery to update the gold image? What is the process to update a gold image?
|
|
#
?
Sep 26, 2023 00:10
|
|
|
lol internet. posted:Anyone work with Azure Virtual Desktop before? I made a custom image and saved it to the compute gallery. Now I want to go back to modify that same image but I cannot turn on my gold image no more? Do I need to deploy from the compute gallery to update the gold image? What is the process to update a gold image? Build a new vm from the image, make changes, sysprep, capture image. It's a pain in the rear end. I stopped working with custom images and started deploying everything I can via intune
|
|
#
?
Sep 26, 2023 00:16
|
|
|
Thanks Ants posted:How does the shared mailbox have a voicemail box? Is there a Teams Phone license assigned to it for some reason? It actually doesn't, and there's not a license assigned. I'm sorry, I meant to include this detail earlier - When you call the mailbox, Teams shows that you're calling "Meeting Guest". You get the normal greeting, and the voicemail is delivered as an email to the mailbox. There's no actual voicemail box that can be checked. Typing this out has made me think about how similar this is to the VM flow for our users who haven't been migrated to EXO yet. I'll have to see if I can poke around in how that's set up.
|
|
#
?
Sep 26, 2023 00:23
|
|
|
snackcakes posted:Build a new vm from the image, make changes, sysprep, capture image. Yeahhhh I don't really have access to Intune so.. I'm stuck going this route. Thank you for confirming though!
|
|
#
?
Sep 26, 2023 00:42
|
|
|
Are you doing Pooled or Personal? If Personal, the recommendation to use Intune or whatever else you use for your normal hardware is the way to go. If you're using Pooled, it's a lot more tricky. I've done some variation of Pooled VDI for... a really long time now, and I'm convinced it isn't worth it for the vast majority of use cases. Too much added complexity, overhead, and know-how required for anyone maintaining it or helpdesk supporting it.
|
|
#
?
Sep 26, 2023 00:52
|
|
|
lol internet. posted:Anyone work with Azure Virtual Desktop before? I made a custom image and saved it to the compute gallery. Now I want to go back to modify that same image but I cannot turn on my gold image no more? Do I need to deploy from the compute gallery to update the gold image? What is the process to update a gold image? You really want to be making a pipeline that pulls a base image from the MS gallery, customizes it with what you want, then syspreps it and puts it in a shared gallery. You then have a separate pipeline that pulls a selected image from the shared gallery and deploys it to # VMs in a host pool. I have to tell you that AVD is not cost effective vs W365, and it's much better to work towards getting intune up and running and managing W365 instances that way.
|
|
#
?
Sep 26, 2023 01:44
|
|
|
We've been looking at AVD vs w365 and found AVD much cheaper over the long run per user. There's also a middleman 3rd party service called nerdio which handles a ton of automation around load balancing and scaling and seems to pay for itself pretty easily on top of the general AVD savings of it auto scaling back deployments when not in use. Worth looking into and asking for a demo. In our testing and scaling with w365 it costs about as much as a person having a nice new laptop every 3 years in addition to them also needing a machine to connect from so it didn't make sense for us.
|
|
#
?
Sep 26, 2023 05:07
|
|
|
EoRaptor posted:You really want to be making a pipeline that pulls a base image from the MS gallery, customizes it with what you want, then syspreps it and puts it in a shared gallery. You then have a separate pipeline that pulls a selected image from the shared gallery and deploys it to # VMs in a host pool. I'm just doing some testing. I have gotten through the image creation and deployment.. How are updates handled? Either through Intune policies or Azure Automate generally? I mean I guess you can update the image.. but I don't really want to do that. Also when you do happen to update the image and you need to re-deploy. Do you delete all the existing session hosts? Then just add new session hosts with the new image? There's no reboot the VM and load the new image version?
|
|
#
?
Sep 27, 2023 07:27
|
|
|
|
| # ? May 14, 2024 06:00 |
|
|
Lucky me, there's a good chance I'll get some training and hands on experience with Intune before layoffs knock me out. For stuff I'm actually super excited about, my Nexthink for Lab Systems PoC has 15 systems and has already picked out two systems that need an upgrade; one platter to SSD and one machine where loving oracle.exe is trying to use 14GB of RAM on a machine with 16GB physical RAM. They're both problems that my team can fix with other people's money, but people selling us instruments costing six or seven figures will bundle appallingly underspecced computers with the instruments.
|
|
#
?
Sep 27, 2023 08:08
|
|
