|
https://social.technet.microsoft.com/Forums/en-US/868ea007-9421-44ae-88ba-75106f7b4388/wds-failed-to-process-client-unattend-variables Posted this after 3 days of research, glad to know the one guy that responded was able to find the same threads as me.
|
# ¿ Jul 7, 2016 12:00 |
|
|
# ¿ May 14, 2024 07:48 |
|
lol internet. posted:Question about DNS The TTL is told to the next guy and he's responsible to delete the cached version.
|
# ¿ Nov 9, 2016 17:09 |
|
Is there an easy way to fix poodle on exchange 2010 OWA? Does disabling sslv3 through regsitry work?
|
# ¿ Jan 9, 2017 18:49 |
|
anthonypants posted:This is a hell of a thing to be worrying about in 2017. I'm not the one who decides when our clients update their mail servers and I don't have the time to do it anyway. My Exchange is fine but I still gotta fix theirs.
|
# ¿ Jan 9, 2017 19:02 |
|
CLAM DOWN posted:Why weren't your clients aware of POODLE when it was a serious urgent "patch now" concern in 2014? I don't care, I wasn't even here back then.
|
# ¿ Jan 9, 2017 19:17 |
|
Neat, thanks.
|
# ¿ Jan 9, 2017 21:16 |
|
peak debt posted:Those guys just released a paper re HTTPS interception: https://zakird.com/papers/https_interception.pdf Most companies just wanna know what sites you are browsing to exactly.
|
# ¿ Feb 9, 2017 10:50 |
|
Man, these all in one updates sure were a great idea!
|
# ¿ Feb 14, 2017 17:57 |
|
thebushcommander posted:Wondering if someone can help me understand a recent issue we've had. We run a small windows server for accounting and data backup. Because the company is so small I have 4 users setup on the server as local user accounts and these users user Remote Desktop to access the server when they travel and 1 of them who is on the network is always just logged in to the shared drives on the server for direct access. Last Friday one of the users told me they weren't able to open our accounting software and upon inspection it was telling them they no longer had permission to access the folder where the database is located. Now each of these 4 users is part of a security group that grants them full access to folders I specify and the group was listed in the ACL as it has been for 7 years now without issue. All users were still in the group, permissions for said group were accurate. I ended up logging into the local user accounts on the server machine and trying to browse to the folders at which point I got a notice saying I did not currently have permission to access this drive, with the options to continue and cancel. Hitting continue then allows me to access the folder and then inspecting the ACL for it it seems windows automatically added the user to the access with full rights. This is in addition to the group already having access. I had to do this for all 4 users so that they could regain access to the accounting database. The question is, why did this happen all of a sudden? Things had been working fine for 7 years with just having granted their user group access, but for whatever reason it decided the other day the group was no longer valid or something. There have been no significant changes to the server just random security updates, but the last one happened a couple weeks ago and things were working fine after it. If I had to guess someone messed with the Group Policy editor, but honestly no one on the access list would be smart enough to do that or even know what it was or where to find it. They can barely user remote desktop. It's all a little odd, I'd rather not have each user individually granted access to these databases and control it on a group level, but even a new group didn't correct the problem. Any ideas? Did you change something with UAC?
|
# ¿ Feb 28, 2017 16:11 |
|
I actually love the way the Chrome GPOs work, I actually built an indtricate mesh of enforced and recommended rules, autofill being default off and recommended off, but since users would go haywire they can still turn it on, getting a little Icon saying 'Bad Boy' Only thing they could improve is making the 'Bad Boy' Message less of a tooltip and more prominent.
|
# ¿ Mar 3, 2017 10:16 |
|
Docjowles posted:Because it's annoying as hell if "company.com" is actually your public presence. For AD to work at all, all of the DNS A records for company.com (internally) need to point to your domain controllers. This now means that "company.com" won't load in your web browser from inside the office unless you think it's cool to run your company website on your domain controllers (it is not). We have a client with this exact thing, and they keep calling every few months about their website not working because https://www. is too hard.
|
# ¿ Mar 13, 2017 08:58 |
|
lol internet. posted:On the topic of horribly broken brower configurations. I just run a step after install to delete it.
|
# ¿ Mar 8, 2018 10:33 |
|
Creator Owner is not a problem though, the user shouln't be either.
|
# ¿ Apr 11, 2018 15:17 |
|
Your cloud is our future.
|
# ¿ Jul 26, 2018 10:46 |
|
Potato Salad posted:Windows doesn't like passwords that are five asterisks in a row. Please select another password and try again. For a second I thought I was reading a serious reply, that's how conditioned I am by technet.
|
# ¿ Aug 10, 2018 21:22 |
|
GreenNight posted:So I updated our image to 1809 but I can't for the life of me figure out how to remove Game Bar and Your Phone from the Start menu. I tried powershell removal, but there is nothing for the game bar there and removing the your phone app doesn't actually remove it from the Start menu. Anyone figure this out? I'm assuming these will be Enterprise only features again.
|
# ¿ Oct 5, 2018 10:24 |
|
Migrating On-Premise Exchange 2010 (currently SP1) to O365. Basically every step I take I have to completely upgrade their infrastructure just to keep going. Already had to upgrade the whole AD schema, next is gonna be Exchange upgrade to SP3. Also, somehow microsoft removed Exchange from their original tenant because it was unused for too long (WTF??) and we had to recreate the tenant, which meant waiting a day just to remove the domain...
|
# ¿ Mar 28, 2019 10:25 |
|
lol internet. posted:What's the best way to deal with messed up user profiles/home directory folders? Work in an elevated powershell, or disable UAC. The Administrator group is always stripped from your explorer session otherwise.
|
# ¿ Oct 16, 2019 07:32 |
|
evobatman posted:I'm gonna ask a ridiculously stupid question that came up at work the other day: Is there really no legal/licensed/approved way to install Windows 10 Enterprise on a PC that was built or delivered without a Windows license? Do you not have a license for your Enterprise install or how does this even begin to be a problem?
|
# ¿ Aug 28, 2020 07:41 |
|
Thanks Ants posted:https://www.microsoft.com/en-us/licensing/product-licensing/windows10?activetab=windows10-pivot:primaryr5 Yeah that is an upgrade license, but unless it has recently changed, you can just use a full enterprise license.
|
# ¿ Aug 28, 2020 16:52 |
|
All you guys made me realize is that I am glad that I refused to go to a MS licensing event for my company. It's someone else's problem.
|
# ¿ Aug 29, 2020 08:47 |
|
Havent had it happen on Servers, but the common firewall exceptions we used to activate by GPO stopped working after some update, I am using a custom ruleset since then.
|
# ¿ Oct 29, 2020 06:38 |
|
Bob Morales posted:We have PC's that do not have Trusted Platform Module (TPM) This is where you take a stand and tell management that devices without TPM will no longer be able to be supported. Considering what kind of devices exist at this point that don't have a TPM, they are probably shitboxes anyway. I made TPM a specification for Drive Encryption early on and it never hurt me.
|
# ¿ Apr 7, 2021 15:11 |
|
Someone help me out here, I have two domains with a forest trust between them. For arguments sake, lets call them example.com and sample.net. I also have three locations: DC Has a domain controller for example.com and sample.net HQ Also has DCs for both domains Local Only has a DC in example.com. Has no direct connection to any sample.net DCs. My thinking is, that I should be able to log into "example.com" computers at location "local" by using an account from sample.net. I thought this would be handed over to a DC that has a trust connection. But right now, I am just receiving event 5719 AKA domain not available. Do I have to give the example.com DC in "Local" access to a DC of sample.net?
|
# ¿ Apr 8, 2021 14:29 |
|
I explicitly don't want the DC in "Local" to have direct communications with the other AD, unless it's a hard requirement.
|
# ¿ Apr 8, 2021 14:43 |
|
Can anyone recommend a good KVM/iLO/whatever solution that's cheaper than 600$ but still does digital? Basically I want to be able to connect from normal workstations to multiple devices being set up (HDMI/DVI/DP + USB) So far it seems like you can either get ones with a single HDMI input for 700€ or one with 8 that needs 100€ adapters per input, making it cost 600€ for just one working input. It would actually preferable if we could do n:n connections, but 1:n would be good enough. I just can't believe no one has made a cheap generic device for this.
|
# ¿ Apr 28, 2021 21:00 |
|
Well our use case is actually having a "setup table" for computers/servers etc. that we are deploying for the first time. It's a major hassle right now because we are running out of space and we only have like one or two setup seats that you have to constantly walk to and from before the OS is setup far enough for remote control. This should probably be less of an issue for clients at some point in the future when we get our new (fully automated) deployment solution, but servers are still extremly manual labor for us. I just want to plonk down new hardware, connect three cables and then do the rest from my workstation. If there really is nothing cheaper, I'll just have to get busy arguing for a 8 connector ATEN unit.
|
# ¿ Apr 28, 2021 23:15 |
|
No, I do need the remote control, as I have several people that need to access the attached devices. Not Necessarily simultaneously, but definitely regularly.
|
# ¿ Apr 29, 2021 05:47 |
|
You can use any cert for that, doesn't need to be trusted by the client at all. Only the auth server should, but not even that is a hard requirement technically.
|
# ¿ Feb 11, 2022 20:42 |
|
sporkstand posted:Thanks. I'm trying to lock down this wifi so that only members of an AD security group can auth to it. In my testing, it works with no issues if the security group contains users, the user just gets prompted for the AD creds and access is granted. However, if I switch to a group that contains computer objects, it no longer works. Same self-signed cert used for both network policies. I've tried manually importing the cert into the computer's Trusted Root CA store and into the Personal store for the computer. I've also tried distributing the same cert via a GPO and run into the same issue. You need to set the client to use computer authentication manually or through policy. You can debug by using the computer account instead of certificates.
|
# ¿ Feb 11, 2022 22:36 |
|
|
# ¿ May 14, 2024 07:48 |
|
All staffers affected by an upcoming reorg have disappeared from the GAL and the team calendars. We are assuming this has to do with some M365 shenanigans. Anyone know what this could be? In AD nothing is changed yet.
|
# ¿ Mar 3, 2024 17:09 |