|
I'd like to ask some questions about helping a shop I support replace their Server 2008 Foundation with.. something new. The existing server was not set up my me, and they now need more than 15 user accounts. They also highly desire the ability to hop desks and "still be at their own desk." I've been warned away from Roaming Profiles by the Enterprise thread, and suggestions of UE-V and VMware User Environment Manager seem way to pricey. So, assume I want to buy a Server 2016 Standard system and create a new domain for their shop (the existing one is a mess of disparate settings). They have nice Windows 7 Pro workstations, nine of them plus a laptop here and there. My main interest is more with the musical desks game. They currently use Folder Redirection to some success and have most important data on a server share. But, in typical SMB fashion, they've asked if they can hop to any workstation and log in to find their task bar icons, their Outlook client config, etc. the same. I've been told I'm in over my head, and that's not incorrect. What are my (best) options? Are they all going to cost several thousands of dollars above and beyond server hardware and licensing costs? Remote Desktop Services? Other? I'm pretty confident I can set up a new domain and PDC, get their LOB software migrated, and then join the workstations, etc. But then they'd be "no better off" than now except for being able to create more than 15 user accounts and having better server performance. Gentlegoons, is this a feasible request that can be achieved? Or is it going to cost a small fortune?
|
#
¿
Nov 23, 2017 02:30
|
|
|
|
| # ¿ May 16, 2024 03:08 |
|
|
Alas, they'll never go for it. Right up until they decide the cost/ROI isn't worth it, they'll be asking for "pick up my rear end and nothing else and go" ease. But, yeah, I'm really keen to hear all kinds of such suggestions, though. Perhaps something will stick that makes sense. Plus they "just" had these Haswell-based Win7Pro systems put together with i5s and SSDs in 2015, so scrapping them for laptops is another reason they'll balk. The guys who preceded me set them up--same guys who built the Server 2008 system with 2 GB of RAM, ensuring that WU never ran even once successfully. They were sans patches until about 18 months ago... And when one of the two RAID HDDs began to fail, guess which one they showed up and replaced?
|
|
#
¿
Nov 23, 2017 03:47
|
|
|
Aunt Beth posted:It sounds like they’re a pretty small shop. Do they run a lot of terrible or old (or both) software? If their activities are all fairly standard roaming profiles might work. Test them out with your own environment before throwing away the idea entirely. We use them in our Citrix VDI environment and have very few issues since our VDI users’ rights are reasonably restricted. They use Outlook fed by G Suite Sync and an IMAP account or two. Word/Excel/etc., Chrome with saved passwords and lots of bookmarks, and two LOB programs that run on the server. One is old and is basically just a Desktop icon shortcut to an exe on a network share. The other uses MS SQL Express DB and has a client install on the workstations. I’m a fairly big believer in the group wisdom held/available in this forum, so I’m super curious of just how and where Roaming Profiles break. I want to test it out, but I can’t install the LOB programs on a test server due to their licensing/activation... Sidebar: VMware UEM question.. 10 user pack is ~$500, then the next tier looks like 100 user pack. Say this is what gets chosen.. do they buy 2x 10 user packs to cover 16 folks?
|
|
#
¿
Nov 23, 2017 06:16
|
|
|
You’re right about their PST sizes, mostly. I see how that would be a big fat problem given how you describe profiles roam... As for Gmail in Outlook, yeah, they’ve been using Outlook for 20 years and won’t be talked out of it. That kinda shop.. I’d be better off moving their email hosting to Microsoft (which they like the idea of to get Teams). That wouldn’t help the roaming PST issue any, huh? Though, IMAP.. what’s the issue? Genuinely would like to know/learn. ATM it’s used to get a second G Suite address in the same Outlook profile as the one G Suite Sync made (changing profiles was “a hassle”).
|
|
#
¿
Nov 23, 2017 20:14
|
|
|
Requires Enterprise once the workstations must go to Win10, right? Reinstalling Windows from scratch on every one is a lot of labor cost and disruption, etc. So, not expensive in its own right, but the lack of Win7Pro upgrade path is their concern. Edit: Hmmn, say that in two years the Win10 changeover gets handled from scratch on the workstations (as a matter of principal/luck/coercion)... Win7Pro and Server 2016 will do UE-V right now, correct? If so, (yet another) rookie question: Where do we best go to get Enterprise licenses? Tapedump fucked around with this message at 20:26 on Nov 23, 2017 |
|
#
¿
Nov 23, 2017 20:22
|
|
|
Thanks Ants posted:people aren't going to just move around and use a different desk/monitor/keyboard etc. I understand about Exchange vs G Suite, but one’s no better than the other vis a vis Roaming Profiles and large mail stores, correct?
|
|
#
¿
Nov 23, 2017 22:06
|
|
|
My bad, I use PST and OST interchangeably even though I know they're not the same thing. In either case, the need for Roaming Profiles to move around large Outlook data stores is a big bog-down point is what I'm hearing.
|
|
#
¿
Nov 25, 2017 18:22
|
|
|
RDS research question: How do workstation/clients actually use the Remote Desktop Services (session-based) a server provides? As in, what are the steps needed to make a workstation use this? Is it join to domain, log in as domain UserX, and the server does all the magic? Login as domain UserX and the open the RDC client? Or, do users have to hit the Remote App and Desktop Connections webpage first? I'm finding loads of info on Server 2008, less on 2012, and very little on 2016, but none of what I've found goes over the steps of "Here's a workstation, so do this to make it work." It would be great if you would answer as if I'm a bit dense (about this). I know it assumes such knowledge, but as with much IT an initial step isn't obvious right up until it is. (Interested in full desktops that "follow" a user despite machine, not RemoteApp, etc.) Am I off base in thinking that session-based RDS can pretty much offer the same experience for my users as VDI and rolling a VM for each person? I was hoping to avoid the cost of hardware needed to VDI 15-25 people. Tapedump fucked around with this message at 00:38 on Dec 18, 2017 |
|
#
¿
Dec 18, 2017 00:32
|
|
|
Thank you! Ah, so it takes user login to domain account on workstation, and then RDC is used to connect. Gotcha. Meaning, it’s not as seemless-looking to the user as a “regular” login, as one needs to login to the physical workstation and then again in RDC, right? Or is it...? Could some of this RDC connection could be automated? Now that I know that this ultimately presents an RDC session once a user has logged into a workstation with a domain account, rather than superimposing magic somehow, that’s very helpful to comprehension. Does a properly set up RDS system require additional steps by the user to get to one’s RDS session on the host beyond logging in to domain account at physical machine? I’d like to try testing this out with a trial of Server 2016 or a copy of 2012 with a bunch of dummy workstations (mix of VM and physical), so I’m looking out for that point where I can “see” it working and know I’m on the right track. (Right track on this research... it may be the wrong track for my actual purposes, but I’m keen to chase those down first for my own knowledge. I’m not opposed to pragmatism, though.)
|
|
#
¿
Dec 18, 2017 18:29
|
|
|
Thank you all, I'm getting it more now! I setup a trial of 2016 and installed the RDS role to experiment with. Now that I see how the "first user step" can be handled, it makes much more sense. Odd I thought, though, that even a workstation not joined to the domain can use RDC to access $servername at $domain\$username with just the proper creds. I suppose that can/ought to be limited to domain-joined machines, right?
|
|
#
¿
Dec 19, 2017 03:57
|
|
|
I never thought about non-domain joined computers, Macs or otherwise, connecting to the server like that. Interesting. That also makes me realize that I could take this trial 2016 box down to their shop to "demo" it (in a very simplistic way). Since I can RDC into the server from my gaming PC without it being joined the domain, so could X number of their own office workstations. I didn't need to use domain\user, either. Weird?  To that end, would you point me in the right direction on how to change this behavior? I'm pretty sure I can get them to adopt any new logon procedure, but I'd like to learn about securing this, too. Group policy stuff? Starting point? Regarding certs, they own a .com domain but it's 19 characters long. I loathe to have to type it in over and over. Is it wise to use a different, shorter one for their AD domain?
|
|
#
¿
Dec 19, 2017 18:20
|
|
|
RDS follow up question: How does Office/other software licensing work with an RDS environment? Is it just like licensing software on workstations, where in each RD instance the user installs Office 2013 for example, using their own product key? So, rather than go up and down the rows installing Office with its keys on physical workstations, I'm doing the same but to individual RD desktops?
|
|
#
¿
Jan 4, 2018 19:04
|
|
|
Thank you, that is super helpful to know
|
|
#
¿
Jan 6, 2018 02:39
|
|
|
Suggestions for a fingerprint reader time clock solution for no more than 15 users, used at two different locations? Just throwing it out there as I go to Google. A school I work with uses Pyramid Time Trax with magstripe cards, so I'm starting my selection process there.
|
|
#
¿
Mar 21, 2018 22:42
|
|
|
Thank you, but I should have specified a network fingerprint unit, and acroPrint’s are USB exfil only. QuickBooks integration would be neat, though CSV is just fine, too. I appreciate your input, though.
|
|
#
¿
Mar 21, 2018 23:24
|
|
|
The Fool posted:Sorry, http://www.timeqplus.com/options/ is an acroprint model line, I don’t know why it isn’t listed on the acroprint website. Thanks again, man, they went with the this, and I’m excited for its arrival.
|
|
#
¿
Mar 23, 2018 23:29
|
|
|
Question for other environment... any used any good 3rd party tools for MS SQL Express in the absence of Server Agent? Simple stuff like daily backups and log deletion. Mostly the latter. I'm cursorily looking at sqlagentexpress.com to begin with. It's a small shop where there are only five seats at all, and only two are in routine use, really. They were told by their LOB app dev that they ought to buy full SQL for the sake of having agent clear up logs. (This, after a 59 minute period yesterday saw a Server 2012 footprint of 31 GB blow up with 216 GB of SQL logs.)
|
|
#
¿
Mar 30, 2018 04:29
|
|
|
Potato Salad posted:In all seriousness, are you running a backup system that's aware of mssql? They are not. The are using Macrium Server rather than Server Plus...
|
|
#
¿
Apr 3, 2018 06:14
|
|
|
Seconding that Dymo. For the money, it’s best in class (IMHO).
|
|
#
¿
Jun 8, 2018 00:04
|
|
|
Agreed, of course. It barely takes much time at all... moments/minutes.
|
|
#
¿
Jun 27, 2018 16:13
|
|
|
More than Home Networking but not Enterprise question about pfsense hardware. I'll need to recommend a good number of routers for a bunch of locations (same org), but the SG-3100 for $350 makes me wonder if there is a winning combination of board, chip, and enclosure (SuperMicro maybe) that can be pitched as just as dependable as Netgate's own kit. Won't need a lot of interfaces--honestly two would do. Anyone got a field-testing recipe, or should I just keep pitching SG-3100s?
|
|
#
¿
Aug 26, 2018 00:32
|
|
|
Rookie question: Is there a safe, less than MSFT.com MSRP, means of buying a copy of Server 2016 Standard (and aCALs, but I’m more concerned about the OS)? Is to go with a SuperMicro X10 series board for a clean, new build. (Long story.. for a boss who wants to set his son up with this for dumb reasons—please don’t get hung on on this part). What spooks me is a) legitimacy, b) versioning/accuracy (see below), and c) cost, in that order. Just checking on Amazon (here) turns up a first party fulfilled option, but version choice concerns me. I know the workstation world of retail vs OEM OS licensing, but I am unfamiliar with MSFT’s Open License. 9EM-00118 seems to be Open License, and CDW.com lists that as “Licensing Price: Volume” whereas they list P73-07113 as “OEM.” Simply put, if I’m white-boxing Server 2016 Standard like one would with the System Builders OEM versions, what SKU do I look for and where should I get it? I could use a hand-hold on this, please. Tapedump fucked around with this message at 17:34 on Sep 4, 2018 |
|
#
¿
Sep 4, 2018 17:16
|
|
|
Roger all of that, and it’s appreciated. So, let me rephrase: Throw a dummy a link to an OEM version with sticker, price be damned? Edit: These, ya? https://www.newegg.com/Product/Product.aspx?Item=1B4-003A-00062 https://www.amazon.com/Windows-Server-Standard-64-Bit-16-Core/dp/B01M1L0YJL (It was the comments in this listing that concerned me, but I trust a goon). https://www.cdw.com/product/microsoft-windows-server-2016-standard-license/4342665 (And, still curious... what is Open License? Google’s answers confuse me.) Tapedump fucked around with this message at 21:39 on Sep 4, 2018 |
|
#
¿
Sep 4, 2018 21:12
|
|
|
Thank you all, I've gone the NewEgg route. I appreciate the help a bunch!
|
|
#
¿
Sep 5, 2018 01:10
|
|
|
Server 2016, three drive RAID1 OS volume (incl. hot spare), nine drive RAID10 data volume, MegaRAID controller... Do we run defrag software on RAID volumes?
|
|
#
¿
Jul 16, 2019 02:35
|
|
|
Indeed, spinners. Thank you very much. I'd never considered the matter until now.
|
|
#
¿
Jul 17, 2019 18:09
|
|
|
... nah. Security as informed by populism. Cause we aaaaaallll know, populism is where it's at, right?
|
|
#
¿
Sep 8, 2019 21:47
|
|
|
Internet Explorer posted:... what? "I'll turn Updates off because I/we/the unwashed masses know far better than thousands of industry engineers" is strikingly like populist notions. (I know Moey didn't mean it.)
|
|
#
¿
Sep 8, 2019 22:19
|
|
|
I have a question about Windows Server 2019 Standard licensing re: VMs and Hyper-V. I'd like to buy a server (say, 1x 16core CPU to make it easy) to run two instances of Server 2018 in VMs. Assume I'm buying enough licensing to cover all 16 cores (and the server 16core minimum). As I understand it, said fully licensed server could run: 1x Server instance juuuust to run/manage Hyper-V guests--a hypervisor 2x VM instances of Server Q1) Am I correct about this? Q2) If yes, how does activation work? Do I buy a product key and use it three times, once to activate each Server instance? Q3) Rookie question: Where do I buy the license? Last time when I whiteboxed a server for a pet project, it was just 8C16T, and I just bought a legit copy from AMZN or Newegg or such. Thanks for your help, folks. I love to lurk In these threads and would honestly be grateful for some guidance. (It'll be a while other topic when I get to the part where I look for a place to rent out space for it to live in a data center... Any good place to BYOShit to a rack with a sold reputation within driving distance of Vancouver, WA?)
|
|
#
¿
May 29, 2020 23:41
|
|
|
Yup, I've bought me-project Server keys from BT, you bet. This is for my workplace, so we need to pay full boat (and have zero problem with that--I've got a generous budget). Thanks for the suggestion, though. That's good info to have. I know the bare metal just can't be a DC/file server/anything-but-Hyper-V-Manager, gotcha. Interesting to know. I was afraid that when I try to use the key the second (and third) times, it'd fail activation due to the repetition. 😀
|
|
#
¿
May 30, 2020 00:22
|
|
|
Gotcha, that tracks with my understanding. Thank you again, that's encouraging.
|
|
#
¿
May 31, 2020 19:33
|
|
|
Very roughly, what's a potential rough cost for renting space in a data center or some such? My bosses need a rough number to budget out the cost of operation a simple 2U server (plus a few Us for switch and backup device, etc.) made available to our two sites. We plan to buy the hardware and just rent the space/network/power/etc. I'm guessing we'd need to rent a whole cabinet, but I've no idea of the potential cost of this or if smaller scale options are available. We're near Vancouver, WA.
|
|
#
¿
Jun 3, 2020 16:54
|
|
|
Thank you all. One thing that's stopped them from this in the past was the need for a USB license fob in the server. Is this possible without bringing in our hardware.
|
|
#
¿
Jun 3, 2020 18:50
|
|
|
Fair enough. Thanks for the feedback so far. I had no frame of reference before but now I at least have some numbers to throw my bosses (and another tack to look into).
|
|
#
¿
Jun 3, 2020 23:41
|
|
|
WTF is going on with Outlook clients nows? My own, two of my clients (at least) and other reports are coming in that after yesterday's update (I assume), Outlook crashes one second after displaying message list. Brand new profile also crashes. Outlook 2019 with O365/Exchange and at least on on plain old POP (and one with the G Suite sync thing). I can't be the only one seeing this, right? Event viewer shows: Faulting application name: OUTLOOK.EXE, version: 16.0.13001.20266, time stamp: 0x5ef262ee Faulting module name: OUTLOOK.EXE, version: 16.0.13001.20266, time stamp: 0x5ef262ee Exception code: 0xc0000005 Fault offset: 0x0009db1c Faulting process id: 0x4054 Faulting application start time: 0x01d65ac9069b9553 Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Faulting module path: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Report Id: ed92e3db-6991-4220-b6d5-a075e93a26b6
|
|
#
¿
Jul 15, 2020 18:33
|
|
|
GreenNight posted:This will fix it. Oh, lord, thank you so much! I had so much else on my plate today that I'd no idea how to proceed. Thank you once more!! Same for all who replied
|
|
#
¿
Jul 15, 2020 20:39
|
|
|
What tripped me out was the presence of the bug even with no Exchange connection. One site who uses only G Suite and its sync tool had the bug on three out of three machines. Another site that's POP only (I know, I know...) had it on two machines, too. Thank god for the replies in this thread or yesterday would have been a poo poo show.
|
|
#
¿
Jul 16, 2020 23:27
|
|
|
Dell D6000? I've got a few for my Lennys as well as Dells. $165 on a good day, good specs (2x 4K, etc)
|
|
#
¿
Sep 11, 2020 22:17
|
|
|
I'm really puzzled by an RDP problem, and I'd love any hekp. I've got a client who has a Win10 Pro box that I can RDP into ONLY from another PC on the LAN and not over the VPN. Every other PC is reachable via RDP over the VPN. Here's what they have and what I've tried... :::pfSense with OpenVPN (tunnels work fine, can get to router and any other RDP host). I really don't think it's the VPN nor firewall, but.. I'm stumped. :::All Windows 10 Pro 2004/20H2, and this problem has been going on for a year :::Firewall rules on the router are all very basic, basically just the OpenVPN wizard-created ones :::Windows Firewall when completely dropped behaves no different :::Network is Workgroup, flat 10.0.0.0/24, and network profile is Private :::IP is 10.0.0.164 :::Changing default RDP port from 3389 to 3333 made no difference (nor caused a problem in local RDC) :::"Telnet 10.0.0.164 3389" just times out, but responds fine from LAN :::The only thing I haven't tried that I perhaps ought to have is to change the host's IP address, but I can't wrap my head around that mattering. :::RDC just times out, doesn't call out NLA problems, etc. Where in the hell do I look next?
|
|
#
¿
Dec 2, 2020 18:50
|
|
|
|
| # ¿ May 16, 2024 03:08 |
|
|
Thanks Ants posted:Does the PC in question have a static route that mentions the VPN client subnet that is causing problems? What happens if you traceroute from the PC to a VPN client IP on the problem PC and one that you can connect to? Thank you for your reply! I cannot ping any of the workstations, although I can ping the Server 2019 box and router. I do not believe it's ever had its routing table modified, but I'll check for sure at EOB when I get access to it again. tracerts from my PC at home to their LAN at 10.0.0.164, as well as to a very similar RDP-accessible one at 10.0.0.165 and to their Server 2019 (10.0.0.3) results: (The tunnel is using 10.0.42.0/24) code:code:code:
|
|
#
¿
Dec 2, 2020 23:52
|
|