|
For those talking about Sharepoint, I want to share this: Office 365, Sharepoint is in a constant state of "Recovering Services" or "Restoring Service". That's with Microsoft managing it. Even Microsoft and the team that actively develops it can't make it work correctly.
|
# ¿ Jan 16, 2015 05:05 |
|
|
# ¿ May 14, 2024 05:57 |
|
Does anyone have a simple solution for Font installation on semi-secure (i.e. UAC enabled, users don't have admin rights) domain computers? Our art department (mac users) is constantly using new fonts, and then sending them to our Windows users who can't install them without IT intervention. I've been working on setting up a script to auto-install fonts from a shared folder all morning, with not much success.
|
# ¿ Feb 11, 2015 17:58 |
|
Gyshall posted:GPO Deploy the font files themselves from a UNC share, and then deploy the appropriate registry entries via that same GPO. I was super hoping to be able to avoid having to create a registry entry for each one. We have dozens of "new fonts" a day
|
# ¿ Feb 11, 2015 18:21 |
|
GreenNight posted:You can probably setup a scheduled task to scan a folder and import new fonts. I'm trying to get them to install at logon. The issue seems to be that the Fonts directory is owned by "Trusted Installer" so you can't set it's permissions via GPO. Same with the Fonts Cache. I'm seriously considering an encrypted password style RunAs... script that just runs as an Admin account (that can't do much of anything else).
|
# ¿ Feb 11, 2015 18:25 |
|
EoRaptor posted:Your problem is designers running amok. Having managed them, I bet the process they are using looks like this: That's about right, yes. I really do need to get them to nail this process down. I'll check Extensis UTS out if I can't get them to come up with a more sane method of doing things. mayodreams posted:100x this. Giving people local admin will only bring pain. It also stops your designers from stealing fonts, which is how you pitch the cost of Extensis to management. You get caught printing/publishing stolen fonts and the licensing cost will seem small. I have been down that path before, it brings nothing but (liver) pain. We took admin away from every user in the building about 6 days after I started at this job, and aside from some recent explosive growth (for a small company with 1.5 IT people anyhow) things have been quite smooth. We're also getting prepped for a Soc 2 Type 2 audit, which is allowing me to lock-down/secure even more things, and when people complain I go: "Sorry, Soc 2 ya know". It's the best.
|
# ¿ Feb 11, 2015 22:00 |
|
TheDestructinator posted:I'm trying to get Password Export Server set up for an ADMT migration and I'm running into an issue. PES installs fine on the domain controller in the source domain, but I'm unable to actually start the service. I'm using an account in the target domain to log onto the service but get Access Denied when I try and start the service. I'm unfamiliar with most of what you just said, but have you confirmed the account has the "logon as a service" right in the local security policy?
|
# ¿ Mar 5, 2015 23:12 |
|
LmaoTheKid posted:I'm not sure if this is the right place to ask but is anyone dealing with OSX in an Active Directory environment? I actually constantly wonder the same thing. The Mac's are such a pain in the rear end to admin, and there is only 6 of them in my 100 computer environment. Looking forward to more responses.
|
# ¿ Apr 7, 2015 18:40 |
|
Tab8715 posted:Has anyone ever configured a single domain between AD, Azure and Office 365? I have, it should be a fairly easy process using the Directory Sync tool. Got any specific questions or problems?
|
# ¿ Apr 9, 2015 01:32 |
|
Zero VGS posted:Do they at least fix any of the bullshit restrictions I was having with Lync on Office 365, such as: I can only answer the question you didn't really ask. Download lync, it's a new installer and is the new Skype version.
|
# ¿ Apr 16, 2015 00:53 |
|
Methanar posted:Does anyone know of a good checklist to go through when replacing a DC from 2003 to with a new one with 2012 R2. Anyone know of a good check list for 2008 R2 to 2012 R2? I imagine it's even more straight forward, but it'd be nice to have steps laid out.
|
# ¿ May 13, 2015 04:41 |
|
How are you mostly Windows Network admins dealing with OS X in your environment? Our Yosemite (and as far back as Mavericks) macs are just absolute garbage when trying to browse SMB file shares. After the Mavericks SMB2 debacle, I actually upgraded all our Fileservers to 2012 R2 (from 2008 R2) and that seemed to help some (as in, they could actually browse the shares) but it's still just terribly slow. They're also having awful slowness connecting to SMB shares on our EMC VNXe3200. There has to be a fix for this right?
|
# ¿ May 21, 2015 15:30 |
|
Thanks Ants posted:I'm seeing SMB getting better all the time for Macs. But they have a habit of undoing all the good work when the next OS drops and it takes a couple of point releases to fix. mayodreams posted:We are having significant challenges with Macs and our filer based storage on NetApp and Nexenta. For all intents and purposes, SMB/CIFS for 10.7, 10.8, and 10.9 are garbage and do NOT play well with 3rd party Samba stacks. We have not really had issues with native 2012 R2 with the varying levels of Mac OS though. We are pushing a huge migration to 10.10 Yosemite to alleviate these issues long term. For the short term, we had to up the number of seats for ExtremeZip to help the 10.7-10.9 crowd, but mixing protocols has created issues too. I actually just setup Acronis Access Connect (Used to be called Extreme Z-IP). Running the trial right now and it seems to be working really well actually. It's still indexing TB's of data, but it's already performing better than SMB for our Macs. Mayodreams, don't expect Yosemite (we're fully upgraded) to fix your problems. It's still pretty terrible w/ 2012 R2 SMB and with our EMC SMB shares.
|
# ¿ May 21, 2015 19:04 |
|
I've had good luck with ScreenConnect. It lets you relaunch the process with different credentials once you've connected. Also a few tweaks to GPO and you can get those UAC elevation pop ups on the regular desktop instead of the secure desktop.
|
# ¿ May 21, 2015 20:11 |
|
mayodreams posted:You should turn off indexing/spotlight. The Access Connect / ExtremeZip is a resource pig and indexing a lot of files does not help that. I tried that, it did not go over well. I had the entire art department in my office shouting, and then they got CEO level backing to make me turn it back on.
|
# ¿ May 21, 2015 20:41 |
|
A friend turned me on to WingFTP. It's not great, but it has all the bells and whistles. I've started deploying CoreFTP as a client for my users thanks to Filezilla's malware bullshit.
|
# ¿ Jun 6, 2015 05:09 |
|
Tab8715 posted:I'd find extremely unlikely it's worldwide. O365 contains multiple farms, data centers, etc. I got hit with an outage last night. They ran some update on the AzureAD stuff that caused them to time out non-stop. Took a few hours to revert. Looks like a ton of users were impacted in North America, and South America.
|
# ¿ Jul 16, 2015 15:12 |
|
I want to learn SCCM (and later, SCOM). Where should I start? I don't seem to be able to focus on just browsing the info on Technet (it's organized poorly IMO).
|
# ¿ Jul 23, 2015 15:20 |
|
Sacred Cow posted:Here is a good place to start if you want to set up a lab. There's not much in the way of official tutorials from MS so you'll want to check out blogs like windows-noob, Deployment Research and Deployment Bunny. There are also a few SCCM guys in the thread that can probably answer any questions. These are great, thanks!
|
# ¿ Jul 23, 2015 17:06 |
|
LmaoTheKid posted:When applying GPO on a Site basis (properly defined) does it only apply computer based GPOs or will it also do user ones? Hey vape buddy. You can deploy printers either way. I have some that we deploy to "domain computers", don't that apply only to users on a specific user group, a couple that apply to specific users, and one or two that deploy to computers in a specific OU (you could do this one for a site is imagine). It's all determined by what you set when you click the " deploy this printer with group policy " thing in server manager.
|
# ¿ Oct 1, 2015 19:33 |
|
Zero VGS posted:Office 365 is green for all services... is this the twilight zone? I've never seen them not in recovery for something. Not even Sharepoint? It's the loving end days here folks... Edit: It's true. Expect to be raptured soon.
|
# ¿ Oct 30, 2015 16:12 |
|
I could use a sanity check. I've just started using SCCM 2012 R2 and I'm setting up a deployment of Office 2013 Pro Plus (Office 365). I've setup the App, it includes 2 deployments. Deployment Type 1) The actual 2013 installer. This one works and installs by itself, but does not get rid of 2010. - Uses a file system Detection check on Outlook.exe existing in the correct folder to make sure it succeeds. Deployment Type 2) Another "installer" that runs "setup.exe /uninstall ProPlus /config uninstall.xml" that uninstalls ProPlus 2010. - I can't come up with a detection method for this one. - This one has #1 as a dependency, so it should only run once #1 is done. Does this make sense? What "detection method" should I use for #2? I don't see a way to set up a "does not exist" detection for success method. They're both in the same "Application", so when someone installs it, 2013 should install, and then it runs the 2010 uninstaller. I'm probably doing something absolutely stupid here. Should I have created an "Office" app in which: Deployment Type 1) Installer/Uninstaller for 2010 supersceded by Deployment Type 2) Installer for 2013 Would that uninstall 2010 and install 2013? Be gentile, I've been using SCCM for all of a week and a half now. My first task was deploying Adobe Acrobat DC for Creative Cloud, and I managed to pull that off by Googling forever.
|
# ¿ Dec 1, 2015 00:10 |
|
Sacred Cow posted:I'm not near my computer but you should be able to have it look at the "version" of Outlook.exe to check that it's greater then 14. I thought Office 2010 was installed in a folder called Office 14 in the Program Files\Microsoft Office directory. I may be wrong. That's right, 2010 goes in "Office 14" and 2013 goes in "Office 15". My thought was to get a good 2013 install on their machine before uninstalling 2010. That's probably just me having "new software" jitters though, and I should just man up, do it, run my tests and then deploy.
|
# ¿ Dec 1, 2015 00:51 |
|
Methanar posted:Having the sccm check that the installation of 2013 was successful before removing 2010 is probably a good idea to cover your rear end. That was my thought too, but I'm scrapping it. Just setup an Office 2010 Application and configured superscedence with uninstall. I'll do enough testing that it shouldn't be a huge issue.
|
# ¿ Dec 1, 2015 01:26 |
|
SCCM 2012 R2 sanity check. I'm still very new to SCCM. I'm working on a deployment of Office 2013 (One Click Installer from Office 365) and I've got most of the kinks worked out. Office 2013 superscedes Office 2010 and Lync 2010. Took awhile to get this all sorted, but it's working. I had to build App's in SCCM for each of those as well so the uninstall script would run properly and cleanly. Office 2013 will NOT install while Visio 2013 is installed. Since Visio 2013 isn't part of the Office 2013 package, I need to uninstall it, and then re-install after the Office 2013 deployment (Unless there is something I'm missing). I thought I could Build an App for Visio 2013 (with install and uninstall info), supercede this Visio install with Office 2013 (so the Office 2013 deployment uninstalls Visio) and then create another Visio 2013 App that has the Office 2013 installation as a pre-req. Deploy both Visio apps to the usergroup which needs it, and that should cover it. Does that seem to make sense? Am I going about this in a stupid way?
|
# ¿ Dec 15, 2015 17:36 |
|
Caf posted:That sounds a little strange to me. I can't speak to your exact situation because we use the MSI installers for everything but if the behavior is consistent then you should be able to install the Office suite after Visio as long as the architecture matches (x86 vs x64). Are they both click-to-run or is Visio installed by MSI? I have't done any testing with mixed Office installers. Interesting, I'll check tomorrow. Visio is a stand alone volume license version. Neither are "really" msi though, both installed with setup.exe /config config.xml
|
# ¿ Dec 15, 2015 22:54 |
|
skipdogg posted:The newer Click To Run Office packages don't play nice with MSI Visio/Project. 2013 apps are OK if they're installed AFTER O365 2013 CTR but if you try to repair the 2013 CTR Office it'll throw an error. That sounds like what I'm running in to. It's my solution the right one?
|
# ¿ Dec 16, 2015 00:42 |
|
Why does this thread keep telling me there is one unread post and that it was killed by Roargasm. Perhaps if I post it will make it better (or there will be 2 new posts). Quick Edit: Apparently it just wouldn't SHOW me Roargasm's last post until I posted. To add content: The fact that Office 2013 Click-To-Run installer won't work with stand-alone versions of Project/Visio/etc. installed is the dumbest poo poo. Thanks Microsoft.
|
# ¿ Dec 17, 2015 15:17 |
|
I have an older file server that I'd like to use as a disk target for my backups. What's the best of the "free" linux based nas choices for this? The one's I'm familiar with are OpenFiler and FreeNas, but I know there are a bunch of other options too. Looks like FreeNas is probably going to be my choice, but I figured you guys would have other opinions worth hearing.
|
# ¿ Jan 8, 2016 14:32 |
|
mayodreams posted:I use FreeNAS at home to present an iSCSI LUN to my Windows boxes just fine. That's pretty much my plan. FreeNAS seems like the best choice.
|
# ¿ Jan 8, 2016 19:33 |
|
sloshmonger posted:I've just inherited a few SBS 2011 servers and a 2008R2 server that have been backing up to external drives that are "Taken offsite and swapped regularly", which in this case means twice a year. I've been using Amazon Storage Gateway for my off-site backups with good success. Depending on your bandwidth and cost requirements, it might be a quick easy option for you.
|
# ¿ Jun 11, 2016 11:25 |
|
I just rolled out DFS-N at my office, and it's being less than awesome. I'm using a Domain based namespace \\domain.com\Drives. I have a handfull of folders underneath this that are then mapped to drives through GPO. This is working pretty OK at the office. But we're having some problems with VPN. I suspect this is due to the split tunneling on VPN trying to look up \\domain.com via regular DNS instead of our internal DNS. Sadly my domain is domain.com and not domain.local though. Instead of using \\domain.com\Drives, I've moved over to the netbios name of \\domain\Drives. This seems to have helped some, but it's still pretty spotty. What am I doing wrong here? What can I do to make this a little smoother?
|
# ¿ Jul 29, 2016 13:48 |
|
Thanks Ants posted:Fix your DNS would be where I'd start. Or make sure your remote sites lookup every DNS request through your domain controllers at least, although this will stop the Internet working when the VPN is down. Sorry, I wasn't totally clear. These are client laptops / client vpn, not remote sites per se. Our remote sites are working just fine, as well as any computer on our LAN. DNS seems to be configured fine. It's really just DFS-N as well. Getting to a servername share directly works fine at the same moment that the domain based dfs-n fails. What should I be looking at DNS wise? Am I going to have to turn off split tunneling completely? No internet while VPN is down on client machines is going to be an absolute no-go, so I can't go that route.
|
# ¿ Jul 29, 2016 14:35 |
|
Thanks Ants posted:Can you push your own DNS servers down with the VPN profile and force lookups to go through it? We do that actually. We have 2 VPN clients in use. VPN1 - Endpoint handles DHCP itself, and sets the DNS server to our internal DNS Servers VPN2 - Passes DHCP to our local DHCP server, which also sets the DNS server to our internal DNS Servers In most of the cases I've seen (was just working on yet another about 30 seconds ago), the DFS-N shares will eventually load. It just takes 3-5 minutes of VPN connectivity before they're working. Any direct server shares working within 10 seconds of VPN connectivity.
|
# ¿ Jul 29, 2016 14:52 |
|
buffbus posted:Is the AD domain name a subdomain like corp.company.com or at least a publicly reserved but not used variation of your company name? If the internal domain is the exact same name as a different public service and you are relying on split-brain dns zones to make it work, you are going to have a bad time with a lot of things which includes remote access to company resources over a tunnel. Cloud services will suck too once you get to that point. Clients and even most servers like to cache those resolutions. Oh yeah, we're company.com as the internal domain (this was setup before I was here, and we're pretty stuck with it at the moment). It's not great, but it's been OK for the past 6 years or so. I've managed to keep it working with Office 365 and our AWS stuff as well, so far the only "catch" we've really had is that you can't go to http://company.com internally, but actually have to use the http://www.company.com url instead. It's not how I would have set it up, but it's how it is.
|
# ¿ Jul 29, 2016 15:21 |
|
Thanks Ants posted:How big is your domain? A rename isn't horrific on modern versions of Windows Server. We're not huge, around 25 servers, about 150 users. I honestly haven't looked into it much. My biggest concern is login credentials changing, my staff range mostly from "I put my laptop in the tub and it no longer turns on, fix it" to "I'm pretty scared of computers, please help". Having to change login info on their computers, Outlook, Skype for Business, and their phones would be a disaster. Plus, of course, our custom web apps...
|
# ¿ Jul 29, 2016 15:35 |
|
stevewm posted:One thing I found that pretty much solved all of our issues with Offline Files is to specify a automatic conflict resolution policy... http://stealthpuppy.com/configuring-an-automatic-resolution-policy-for-offline-files-in-windows-7/ This is seriously great. Thank you for posting it.
|
# ¿ Aug 22, 2016 19:16 |
|
I've just about had it up to my eye balls with Offline Files. For reference, all of my users have Win7 Pro laptops, and we have their "Documents" folder set to be always available offline. This is hit or miss, and pretty much always has been. It just goes online/offline seemingly randomly (perhaps related to sleep/walking around/switching access points in the building/etc). About a month ago I moved all our network shares/mapped drives over to DFS-N instead of direct shares. Cool, no problem. Except Offline Files goes all loving wonky. New path to documents (old: \\servershare\users\%username%\Documents new: \\dfs\namespace\users\%username%\Documents). Won't auto-sync for a lot of people. Manual syncing usually fixes it. This SEEMS to be mostly sorted as of 3 weeks ago. Last week someone posted that neat reg hack to tell Offline Files to keep the newest version without asking. Cool, put that in place via GP! (Thanks for that stevewm). Now my users roam, a lot. Laptops go from one end of the building to the other non-stop. 80% of them work from home at least 1 day a week. They'll be out of state for client meetings every couple weeks. This is why we set up Offline Files in the first place. Perhaps you're on a train and need to work on a presentation, go for it. I do not allow them to save files on their local drive period. So Tuesday, we started getting a few (3) people unable to access a single mapped drive (\\dfs\namespace\departments -> U:). Odd, no rhyme or reason as to who could and couldn't access that. Different teams, different security groups, but others that are on the same team/groups were fine. Never really sorted this out. Tuesday night, the problem spreads, so I start digging in to it for real. What I essentially found out is that if a single Offline Files folder in a DFS Namespace goes offline (latency perhaps), the entire DFS Namespace goes offline with it. I basically created a new \\dfs\namespace2 and put all the non-offline shares/mappings in that one, so the \\dfs\namespace doesn't affect them. OK, fine, it's working for now, but it's still dumb. I've been looking at Work Folders (thanks to Thanks Ants) though, and it seems like a better version of Offline Files. But it turns out, as best I can tell, it doesn't support network volumes (SAN/NAS/iSCSI), which essentially removes it as a possibility for me (we use a VNXe for our storage). I guess the question here is, what the hell do I do from here? Work Folders looks good, but it basically can't be used in my situation. Gerdalti fucked around with this message at 17:02 on Sep 1, 2016 |
# ¿ Sep 1, 2016 17:00 |
|
skipdogg posted:semi joking answer? Get everyone OneDrive and move their docs there. We actually do use Office 365, if OneDrive didn't suck so much I'd consider it at this point.
|
# ¿ Sep 1, 2016 18:23 |
|
Internet Explorer posted:Not sure if you've seen these, but I have heard bad things about Offline Files and DFS. I think it was mentioned in this thread as well. Yeah, found similar things to those, which is how I ended up with two distinct namespaces. I didn't think of just separating the netbios vs fqdn, that's clever. It does seem to be working for now though. I might just hold off until Server 2016 comes out and see what advances they do with Work Folders. Some light reading showed they at least know people want to use NAS and fISCAL.
|
# ¿ Sep 1, 2016 19:18 |
|
|
# ¿ May 14, 2024 05:57 |
|
SnatchRabbit posted:These look really cool and useful but I keep trying to log in and I get an internal server error. That's your first test! And hey, at least it's not hosted on HP's support site, man is that thing garbage.
|
# ¿ May 10, 2017 21:47 |