|
oh man I never saw this thread before, so here's an abridged version of a conversation I had with my favorite client. While our systems are down we are losing 100k AN HOUR!!!! FIX IT Well, your drobo storage took a poo poo because, well I dunno, it's a black box and you refused to buy a support contract, luckily we get a free 30-day trial so I am working with them. I have lost 400K ALREADY TODAY BECAUSE WE HAVE BEEN DOWN FOR 2 HOURS! We're working on it, but if you would like to not have this problem I do recommend upgrading your storage to something that is not a giant heap of poo poo I'M SENDING EVERYONE HOME BECAUSE YOU CAN'T FIX IT ok? 2 hours later it is now fixed, no data lost, you'll be ready to go tomorrow, I've tested everything and all VMs are operating as expected (really lovely) Thanks for all your help! So because of all your lost revenue today, I do recommend buying a support contract or, more preferably, a device such as an HP SAN instead of a consumer level NAS Nah too much money but you supposedly lost half a million dollars today, a SAN will only cost you a fraction of that have a nice day!
|
# ¿ Mar 15, 2018 18:23 |
|
|
# ¿ May 15, 2024 18:43 |
|
Bob Morales posted:Hope you charged them a ton Well I work at an MSP, so I don't charge poo poo, but I can tell you it's EXTREMELY likely that we make zero dollars on this client and, in fact, probably lose money with the amount of time the highest paid people (myself, our architect and a few other people) have to spend on them. CommieGIR posted:Been here, done that. Usually the other way around though. Usually I'm recommending the later part before the former happens, and then writing an "I-told-you-so" contract when I fix it for them. Oh no, we told them multiple times that the thing was garbage and they should have a support contract at the very least or something is going to go wrong, but I definitely made a point of it during the outage to bring it up again. MF_James fucked around with this message at 18:51 on Mar 15, 2018 |
# ¿ Mar 15, 2018 18:49 |
|
We use nessus scans (one of our clients uses Qualys) and we use alienvault USM internally + at 2 clients. I don't work with alienvault much that's our SOC team, it seems pretty decent. One thing that was annoying (but honestly expected) was that our one client cheaped out and wouldn't pay for the bigger USM with 2 NICs, well they have a fair amount of traffic and we needed SPAN from 2 switch stacks; we tried to install a NIC ourselves to give us 2 ports but it didn't work (again not surprising), so we're doing RSPAN to an edge switch from both stacks and then to the USM, I'm fairly certain we're missing some traffic because the port can't handle all the traffic, but it's hard to tell and there's more than enough there to keep our SOC guys informed and busy anyway. Just something to be aware of if you want to go with alienvault, you really need to spec it out correctly from the start.
|
# ¿ May 1, 2018 20:55 |
|
Secret server is kind of poo poo, we used it for a while and I did not like it; we use AuthAnvil now, also utilize them for 2FA for a few environments, it is generally decent, has decent reporting, the only issue is it can load a little slow, not sure if that's our environment or in general.
|
# ¿ May 6, 2018 04:10 |
|
SpaceCadetBob posted:I'm trying to sort out brands and it is truely hellish. I have no advice to give other than your mission is to find the least stinky piece of poo poo in the pile, good luck.
|
# ¿ May 30, 2018 04:31 |
|
Gerdalti posted:I'm struggling with a WDS/MDT deploy setup. I have everything configured, captures work great, domain join parameters with custom computer names, custom driver sets based on model, etc. What version of windows are you installing? Are you setting the admin password? Is the password blank? I (think) sometimes windows doesn't like blank passwords and that might cause problems, if you're trying that.
|
# ¿ Aug 10, 2018 19:02 |
|
Agrikk posted:*cease and desist letter comes in: it is against the ToC to run services at the end of this connection* Lol is this because you run a static webpage out of your garage or something? 100% surprised they didn't just block 443 inbound on your connection as soon as they sent that (if it is indeed for you)
|
# ¿ Jan 3, 2019 19:32 |
|
Do you use O365? Microsoft is rolling this out if you have the license for it: https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator
|
# ¿ Mar 25, 2019 22:38 |
|
What would be the migration path to go from Server 2012 r2 essentials to server 2019 standard? I've never loving dealt with essentials so this should be exciting... This is about the closest I can find to something of an answer, but doesn't mention essentials -> standard: https://docs.microsoft.com/en-us/windows-server/get-started-19/install-upgrade-migrate-19 This says it applies to both 2016 and 2019 but it's mildly unclear and doesn't provide a path: https://docs.microsoft.com/en-us/windows-server/get-started/supported-upgrade-paths I'm going to be installing 2019 on new hardware. MF_James fucked around with this message at 02:52 on Mar 27, 2019 |
# ¿ Mar 27, 2019 02:49 |
|
The Fool posted:What components of essentials are you actually using? You would want to treat each component migration separately, with AD being migrated last. Yeah I'm really debating option 2. As for what components, good question, I have no loving clue, I haven't even logged into this clients server yet; got a invoice in my email with client copied on it saying equipment is on the way to our office. Saw standard licensing and mentioned there's 2019 essentials but we're moving forward with standard anyway. *edit* I have seen a single essentials server before (logged into a different clients server a week ago) and I honestly have never looked it up because I never thought I'd be in a position where essentials would become my loving problem to upgrade/migrate/administer. MF_James fucked around with this message at 03:06 on Mar 27, 2019 |
# ¿ Mar 27, 2019 03:03 |
|
Updating 2016 servers is slow as gently caress and awful, they really screwed something up with it, WSUS or regular WU doesn't matter. 2019 servers on the other hand patch fast as hell, I can have the monthly updates and reboots done in <15 minutes generally.
|
# ¿ Sep 7, 2019 05:06 |
|
The Fool posted:Unifi is definitely easy to manage, but there have been a variety of quality issues with their AP's. The quality issues were from a run a few years ago, as long as you don't buy used, you should be fine. Obviously there could be a new bad run I haven't heard of...
|
# ¿ Sep 9, 2019 21:14 |
|
Standing up some new hosts and a SAN for a client, they are currently on ESXi 6.5u3 on their older equipment. I have not worked with vmware stuff much other than admining a couple already running clusters; most of my clients have used hyper-v. The plan is to merely move the VMs to the new storage/cluster and then rebuild some of the VMs afterwards (not my choice but it is what it is). If I install 6.7u3 onto the new hosts, is it going to cause problems for importing the VMs? Should I build a new ESXi cluster (datacenter whatever vmware calls it) or can clusters run mixed versions? Any other gotchas/stuff I should look out for?
|
# ¿ Oct 31, 2019 20:02 |
|
COOL CORN posted:Not really between ESXi versions, I just did a big 6.5->6.7 upgrade and migrated hundreds of VMs between the two versions no problem. I will probably just build a new vcenter server since the old one is server 2012r2 anyway.
|
# ¿ Oct 31, 2019 20:43 |
|
Looks like 6.7 deprecates the windows version anyway.
|
# ¿ Oct 31, 2019 21:17 |
|
Oh connectwise bought continuum? I thought it was the other way around. Yeah my assumption is prices will go up in the next 6-12 months, service quality will go down; how it can go down further I don't know because Continuum's NOC is terrible and their monitoring is dog poo poo.
|
# ¿ Nov 8, 2019 21:46 |
|
I think the goon in SA Mart sells server licenses, for a pet project (non-prod) I would trust those just fine, I run his windows 10 licenses and haven't had issues (at home). Provided you have licensed all cores in the box, you can run hyper-v (and NO other roles) on your bare metal and then 2 VMs running whatever. You just activate the hyper-v server and both VMs with the key MF_James fucked around with this message at 00:07 on May 30, 2020 |
# ¿ May 30, 2020 00:03 |
|
Tapedump posted:Yup, I've bought me-project Server keys from BT, you bet. Nope, won't fail, I'm not 100% sure how it works as I haven't tried to activate a key a bunch but I think you get X amount of activations (like 100 iirc). That way if you blow up a VM, rebuild and re-use the key you actually can, but if they see a bunch check into the microsoft servers with the same keys they're probably going to blacklist them.
|
# ¿ May 30, 2020 01:06 |
|
wolrah posted:If this is the issue you might want to look in to USB-over-LAN. Those kinds of solutions are commonly used when virtualizing systems needing dongles. Depending on how the software actually uses the dongle it's legitimately possible that it works even over the internet, so you may or may not even need to worry about this problem. Yeah, we use digi USB devices at a few manufacturers I have for clients and they work great, I'd recommend them versus plugging directly into systems.
|
# ¿ Jun 5, 2020 18:51 |
|
GreatGreen posted:So this coming week, I have to deploy several dozen new VMs in a VMware environment, so I figure now is a great time to learn how to automate that! You can use templates for some of this, not sure how/if that will handle your AV install properly, but you can get unique machines up and running easily with them.
|
# ¿ Jun 14, 2020 23:39 |
|
GreatGreen posted:Will templates let you to specify a computer name and static IP address directly within the vSphere environment? Just did a quick google for the docs, and yeah what Thants said above, just use the console to deploy you can't effectively clone things that need unique GUIDs and windows doesn't have a package manager (except it kind of does but is in preview) https://devblogs.microsoft.com/commandline/windows-package-manager-preview/ MF_James fucked around with this message at 02:11 on Jun 15, 2020 |
# ¿ Jun 15, 2020 01:57 |
|
We use LMI, it's fine, better than most, comes up short in some areas, but I handle some remote support and a lot of remote server/network engineering and do not have problems.
|
# ¿ Aug 18, 2020 18:34 |
|
codo27 posted:If you were buying a MFP what would you be looking for? What would you avoid? I've dealt a lot with Xerox at my previous job and they dont make sticks long enough for me to touch them with again. We did have good luck mostly with our HPs. Is Brother to be trusted at all? (Yes I know all printers are inherently garbage and the bane of our existence) Don't buy an MFP, lease it from a company, though I know you're living/working on tethered ice flows so not sure if there are leasing companies available out there... I have clients with HPs and they seem fairly solid and I've had good luck with Ricoh's; Sharp printers are also not too bad and they offer managed services which are typically cheaper per print than competitors, but, again, the tethered ice flow problem. Every printer I've had to deal with for more than "how does I scan" and "it won't print" (hint: it's out of paper) has been under a contract so take what I say with a grain of salt.
|
# ¿ Aug 21, 2020 12:58 |
|
ohhh ok, I'd probably roll Brother if it were me, I could get you a model rec if you want.
|
# ¿ Aug 21, 2020 13:59 |
|
Boywhiz88 posted:OK, so I've got a dumb question/situation. So, what is the upstream device that your client's switch runs to? What is handling DHCP? What types of devices are on your client's network? (i.e. PCs/laptops, servers etc)
|
# ¿ Aug 21, 2020 18:49 |
|
NevergirlsOFFICIAL posted:I think you should get a cheap firewall. Like the sonic wall tz100 is what I’m familiar with but whatever equivalent to that will handle everything. Put it in front of the switch. I thought I had responded after the initial questions I asked, but yeah, this is the thing to do.
|
# ¿ Aug 28, 2020 23:45 |
|
8x8 is fairly decent, cloud pbx and all that, we resell them to our customers. Their support can be iffy, they have pretty decent KBs for most common items. I've run into random weird things that don't work well such as.. Speed dials on physical phones randomly disappearing when the phone reboots/updates iOS softphone app doesn't have a way to set it to not ring other than being logged out (android app does) I'm sure there are a few other things I can't think of rn, but honestly despite the short comings it works fairly well.
|
# ¿ Nov 24, 2020 20:24 |
|
bolind posted:Got a link or CVE for that? It's turning out to not be so bad overall from what SonicWALL is saying: https://www.sonicwall.com/support/p...10122173415410/
|
# ¿ Jan 25, 2021 18:56 |
|
After reading a few times, I think this is how things are setup? sorry for the terrible paint I'm tired and don't care to do more work: So, a few things: 1) The VPN you speak of, is it an IPSEC tunnel off the sonicWALL or is it a VPN client of some kind from PC1? 1a) If it's a VPN client is it doing full tunnel or something weird like that? 2) Building on the above, what is the subnet on the other side of the VPN that PC1 talks to, does it in some way overlap one of the local subnets? (this probably isn't the issue but whatever) 3) If there isn't something weird due to the aforementioned VPN setup/subnets, I would packet capture on the SonicWALL and it should show you what's going on.
|
# ¿ Jan 26, 2021 21:43 |
|
I was going to say Datto workplace is pretty decent but with the amount of data and file sizes you're talking about it's probably not a good fit.
|
# ¿ Feb 16, 2021 05:06 |
|
BonoMan posted:No we're good - we have a solution. It's just me trying to convince the higher ups who chase shiny objects that Google Drive is *not* the option ha. Yeah I don't think ANY cloud storage is going to fit the bill unless you pay $texas$ (comparatively speaking) for WAN and storage costs
|
# ¿ Feb 16, 2021 19:04 |
|
bolind posted:Does anyone here have experience with Dell Wyse terminals? Some and experience is about 3-4 years old. They weren't bad, probably better than the HP thin client, we didn't have a ton of hardware problems from what I recall. The configuration can be a bit of a pain in the rear end unless all your devices are going to be configured the same. Brain is a little fuzzy on the details now but I was using their configuration utility to drop a basic config on them and then we'd manually configure the connection based on the location the device was shipped to, but I think when the device rebooted the connection we created would disappear because it would reload the configuration you initially dropped on it and wipe out any changes you made afterwards. I think that's what the issue was, there might have been a FW update that fixed this or something, as we eventually started using only them for a bit, then I think got a better deal with someone else and switched again. Do you have specific questions?
|
# ¿ Mar 25, 2021 15:01 |
|
bolind posted:Cool! Haven't used them for anything other than RDP to a Windows Server, so I can't attest to the quality of VNC connections. The devices themselves were fine enough, better than HP (we had a lot of hardware issues with HP TCs) and at least on par with most other TCs we tried. I would assume as long as the VNC integration isn't poo poo they should be fine for what you're doing but again, no experience in that space so hopefully potato has some.
|
# ¿ Mar 25, 2021 16:54 |
|
Duo honestly isn't too bad and is fairly decently priced (the $3 a month version will handle 99% of use cases) our big reason for using it at a few clients is they want on-prem admin access to servers protected, which is not done well by Azure MFA yet; unless I'm mistaken, you need to host your own MFA VM to handle any on-prem servers.
|
# ¿ Apr 21, 2021 19:09 |
|
Pretty sure you can't remove printers with GPO, but I'd love to be proven wrong.
|
# ¿ May 22, 2021 00:13 |
|
You can also use the file server migration tool, if all your fileserver does is act as a file server, that will make life much easier, though not sure where you're at in the process. I've also never used it because all my clients have their file servers doing multiple things.
|
# ¿ Jun 18, 2021 21:25 |
|
Speaking of AT&T and their royal fuckups. I've got a client moving offices, they put an order in for a new circuit turnup back in April, had it scheduled for mid-july. The office move was supposed to happen tomorrow. AT&T did the install, but no connectivity. After a lot of faffing about on AT&T's end, my client emailed the CEO and, in his words, "ripped him a new one", he got multiple calls from CS reps promising to fix it. After more faffing about, they found yesterday that someone entered the address in wrong and so everything is configured all hosed up. They've promised to have it fixed Monday; my clients lease is up on his old building on Saturday.
|
# ¿ Jul 28, 2021 18:11 |
|
We had a client acquire a company, they had an MSP, that MSP was friendly enough to do a decent handoff. The problem was that half of their passwords were wrong, poo poo was wildly undocumented, it was great.
|
# ¿ Aug 7, 2021 04:13 |
|
Silly Newbie posted:Doesn't matter what you put in the reply to address, doesn't even have to be an address that exists, so long as it's in your tenant. This isn't 100% true, you absolutely CANNOT use an address that exists as a user. Also, O365s spam filter loves to catch the emails so you might have to do some work there as well to get the mail to get passed to mailboxes.
|
# ¿ Dec 6, 2021 07:34 |
|
|
# ¿ May 15, 2024 18:43 |
|
Aruba's are perfectly fine for smaller offices if you're not all in on Meraki gear, I've deployed a ton of Aruba poo poo; easy to deploy and Just Works.
|
# ¿ Jan 6, 2022 21:40 |