|
dox posted:If you need any help with this kind of script, let me know. I have a script utilizing the Powershell Application Deployment Toolkit that uninstalls all versions of Office (2003, 2007, 2010, 2013, 2012 Click to Run, and 365) and then installs Office 365 (whatever version depending on the installation xml). This has proved to be a huge time saver as I am the "resource" at my MSP for Office 365 migrations. Automates the entire process so the user can click to begin and then forces them to restart afterward with a prompt. I want your script please. It sounds much better than my batch file that calls that vbscript thing that kills office (you know the one I'm talking about). It works but I have to change it for each version of Office depending on where I am.
|
# ¿ Sep 5, 2015 03:22 |
|
|
# ¿ May 14, 2024 04:40 |
|
awesome thank you
|
# ¿ Sep 6, 2015 06:04 |
|
Rhymenoserous posted:In my environment all of our CRM/ERP crap is windows only, and most small shops I've been in are the same. If I'm spinning up mac vm's or dual booting their macs into windows just so they can do the day to day then I don't care if it pisses them off that they don't get the toy they want. Since all the actual work is done in a win environment, they need to learn it anyways, and having them dual boot when they come in doesn't simplify workflow or quality of life. This is poor customer service dude. Your job is to advise users on and provide tools to make it as easy for them to do their job. But what if it really is easier or simpler for them to use Mac? What if they have an assistant that pulls their great plains reports or whatever for them and they spend all their time making powerpoints and reading email? What if the web portal for your CRM is "good enough" (for example the one we have has a web app that can only access like 60% of the modules, but my president only uses those modules anyway)? You shouldn't say to a user "I know your job description better than you and therefore you should use this. this other thing is too inconvenient for me to support and will make your life more complicated." Make the user aware of the pros and cons, set their expectations, and help them make an informed decision--but they should be the one making the decision.
|
# ¿ Sep 8, 2015 22:03 |
|
Here's another thing I deal with in small orgs that I don't have a really good solution to... REMOTE ACCESS. My ideal solution is anyone who needs to work remotely, gets company issued laptop + SSLVPN. If they don't have a laptop, VPN then RDP into a terminal server. In some cases this gets tricky... For example graphics dude has some beast desktop and he wants to be able to do some work remotely. He's not expecting native performance ofc but he does want to, for instance, open indesign and make some small edits. In this case my solutions don't work because: 1. If I give him a monster laptop, then he still needs to VPN in and open whatever ridiculously large indesign files he has over the wire. Yuck. 2. RDP - install adobe CS on a shared terminal server? Double yuck. So right now the solution is, VPN in from home, then RDP straight into his desktop. Not wild about it because if his computer shuts off for some reason he's stuck. Also the solution doesn't scale at all. So what's the Correct solution?
|
# ¿ Sep 10, 2015 20:15 |
|
McDeth posted:Is it a one-off case? If so, then I'd say you have the ideal solution. There's no reason to go out and spend abhorrent amounts of money on some virtualized solution or equipment for this one guy to be able to use Indesign from home. Unless you're expecting to scale out I honestly wouldn't worry about it. If so, the only real answer is GRID/Shield (somewhat joking here). I'm trying to look at this from a policy perspective. Is our policy going to be "users can remote into their machine if they have specialized software"? I don't know if I want to set that precedent. Or someone might just say "oh I save all my stuff on the desktop so why can't I do this too". But I think you're right in this instance I don't really have a way around it. adorai posted:i think adobe lets you install twice per user, once on company equipment and once on their home equipment. Now you just need to get him his files. Yeah with adobe licensing you can have two installs per one concurrent user. Getting the files is the tricky part. Swink posted:Put the indesign files on his local machine via Dropbox or work folders or something. I PERSONALLY love dropbox but again from a policy perspective if I'm adopting this, I need to let everyone use dropbox. Which is honestly probably what I should do anyway, get dropbox business, find some sort of backup solution for it, and let whomever wants to use it use it.
|
# ¿ Sep 11, 2015 14:02 |
|
McDeth posted:On another note, the 'Mac Only' shop has invested in their first PC Laptop! Yay! Say what you will about MacBook's and Mac OS X, the crapware is non-existent, which unfortunately, cannot be said about this loving HP EliteBook. It's honestly a joke; I'm sitting here on a brand new account having done nothing other than turn the loving thing on and log in and it's using 50% CPU. Nuke and build your own image. We use Dells which while not as bad as HP still has a bunch of garbage on it. With that said: do you think "first PC laptop" will turn into "first of many" or "first and only"? If only laptop, you can probably get away with uninstalling the junk and keep the OEM. Would be "good enough". Then install all the software and take an image so you can reimage when needed.
|
# ¿ Sep 11, 2015 14:07 |
|
Internet Explorer posted:Weren't you the one just hemming and hawing that not allowing something isn't good customer service or something? LOL Well this is what I'm trying to say - IS this in fact good customer service? Is this the most effective way to meet user requirements? The user (in this case) doesn't care if they need to VPN+RDP, or use logmein/teamviewer. He just wants to work remote. I want to provide the best method for that.
|
# ¿ Sep 11, 2015 16:42 |
|
SneakyFrog posted:it is good customer service, stellar even. I don't give local admin unless needed (and when needed using LAPS for that which has been amazing and cool). Do you really need local admin to log in to teamviewer/logmein once it's installed?
|
# ¿ Sep 11, 2015 20:22 |
|
Swink posted:It works better than it ever has before, but yes fresh install is the preferred option. Don't know how that's going to go with all the oem licenses I'm dealing with. How much is your time worth compared to buying new licenses... because I feel like doing clean image of win10 would take a fraction of the time compared to in place upgrade on 160 workstations
|
# ¿ Sep 28, 2015 21:23 |
|
Swink posted:Depends how much it costs to buy 160 Win10 Pro licences. If it's more than the cost of upgrading ( $Nothing ) then my boss is not going to go for it. quote:my mandate is to make poo poo work for the least amount of expense. just don't upgrade at all. Windows 7 has five years left.
|
# ¿ Sep 29, 2015 02:23 |
|
pixaal posted:I know people recently were talking about One Drive in this thread. We have been abusing our webhost as an FTP apparently for the last few years and they aren't too happy. They have an "unlimited storage" policy and if you creep into the top 0.05% of usage they ask you to justify every file in relation to your website. My predecessor set this whole thing up, and now I'm scrambling to get a working solution before they delete all of our stuff (~50GB of product images, and psd files that should be in a shared drive instead). OneDrive for Business is going to give you problems such as 1. if the file has an illegal character it won't sync/upload 2. your external people won't be able to upload files easily unless it's one at a time (web interface). 3. nobody will be able to use their ftp client 4. file size limit 2gb per file. idk how big your files are but for example, an ISO of a DVD won't go. solutions for you if FTP suits your needs: 1. throw a vm in your dmz and make it an ftp server if you want the free solution. this would keep everything exactly the way it is, with the added benefit of you can more easily back it up and maybe a little slower depending on your bandwidth. 2. the above but on aws like wyoak suggested 3. brickftp https://brickftp.com/pricing/ $50/mo for FTP. this is what we use. why I don't know, it Just Works I guess.
|
# ¿ Oct 4, 2015 13:08 |
|
we use continuum RMM it's pretty great. http://www.continuum.net/ antispam: everyone says mimecast is ftw. I'm using mxlogic right now and it's disgusting.
|
# ¿ Oct 7, 2015 20:53 |
|
Guys I need to rename my users from POOP\firstname to POOP\flast. I'm going to try and find a powershell script to do this, but from the end user perspective what will happen with their profile folder C:\Users\Firstname? When they log in the next day will their profile be completely new or will windows know to point them to the existing profile? I feel like I went through this before when people get married and change their name but I don't remember. Also if I do the rename during business hours (lol) what will happen once I change the name - will users get a notice to reauthenticate or will their session remain until they log off? Any other gotchas?
|
# ¿ Oct 14, 2015 16:27 |
|
Thanks guys. We're testing tomorrow. Next question: CEO going to China. Is it "safe" for him to check email from there using hotel wifi on the iPad? My thought is yes, it's an encrypted connection, no big deal. But the question made me nervous bc I never had to deal with China stuff.
|
# ¿ Oct 15, 2015 01:44 |
|
MrMoo posted:HTTPS ok, VPN very random as many local routers are really poorly implemented devices or the great firewall will just block it. I ended up telling him get a LTE hotspot and use that instead of free wifi and just log in to HTTPS stuff only.
|
# ¿ Oct 27, 2015 17:47 |
|
Why is my GPO to push o365 click to run not working but gpresult says it's applying the policy and the script works great when running manually :'(
|
# ¿ Oct 27, 2015 17:48 |
|
frogbert posted:It may be that the local system account that the script is running as isn't able to access a network resource that the script relies on. oh yeah
|
# ¿ Oct 28, 2015 02:50 |
|
nexxai posted:This is literally the same thing delivered in two different ways. You're still within the country of China meaning your device can and will be targeted. There are numerous reports on sites like Cryptome of guys having completely blank phones and laptops being infected (or attempted to be infected) within minutes of landing and connecting to a network there. I see. well I'm an idiot.
|
# ¿ Oct 28, 2015 02:51 |
|
McDeth posted:So apparently the newest version of Mac OS X El Crapitan completely breaks Cord, the only decent VNC/RDC app that I've seen for Mac OS X. (If you think that Remote Desktop that comes with Office 2011 or whatever is decent then plz kill yourself immediately.) Why not use the Microsoft Remote Desktop app for Mac (not the one that comes with 2011 but the one with the red box)? Works fine. For VNC I just use the built-in VNC in Finder but I never use VNC so.
|
# ¿ Oct 28, 2015 20:34 |
|
RDS licensing question: Just deployed my first 2012R2 remote desktop server. Small shop obvs, so single box for RDS and licensing. In the past (2008r2) no problem, just point the licensing server to itself in the gui, done. There's no GUI here though because I don't have a connection broker. I did whatever registry thing it said in technet and I'm still getting alerts that my trial license will expire in X days. I'm about to call microsoft but I suspect I'll have to uninstall and reinstall the role and do it over. Anyone come across this?
|
# ¿ Nov 10, 2015 16:03 |
|
they transferred me to product activation noooooooooooo
|
# ¿ Nov 10, 2015 16:09 |
|
Isn't it funny how sometimes you just need to be on hold with microsoft to solve your own problem? Because it's like you have no choice but to sit next to the phone, might as well try everthing... Well it turns out my gpo was pointing the licensing server to userfriendlyname.poop.org which was a DNS entry pointing to the IP address, rather than just SERVERNAME (no FQDN) once I changed it to SERVERNAME everything worked 100%.
|
# ¿ Nov 10, 2015 16:49 |
|
|
# ¿ Nov 19, 2015 16:21 |
|
KS posted:Fujitsu scansnap ix500 always
|
# ¿ Nov 24, 2015 17:48 |
|
sorry about your lack of standardized images, small shop admins https://www.us-cert.gov/ncas/current-activity/2015/11/24/Dell-Computers-Contain-CA-Root-Certificate-Vulnerability
|
# ¿ Nov 25, 2015 17:48 |
|
Maneki Neko posted:Has anyone actually found a PC with this on it in a business environment? We touch a multitude of Dells and so far no one has actually been able to find a PC with it. Just checked our rmm and we def have a handful
|
# ¿ Nov 25, 2015 18:40 |
|
Internet Explorer posted:We had a couple of laptops with one cert or the other. We're a VDI shop and just keep a handful of laptops on hand to loan out if needed. Since we have VDIs we are lazy on reimaging, but it's on the list of things to fix. The thing that always concerns me about VDI is that it relies on Internet connection, right? Like if connection drops, or you're on an airplane, or your connection is there but just lovely, then the users will have a lovely experience. Also how do you explain to the user to minimize and go to local desktop when they want to watch youtube
|
# ¿ Nov 25, 2015 23:36 |
|
How good is your internet out? I assume people use Citrix when working remotely as well right? Does it work okay for them in that case? I have people RDPing over the WAN and it's always "fine" but rarely more than like 10 people at a time and it's RDS so I assume totally different.
|
# ¿ Dec 1, 2015 04:15 |
|
https://www.youtube.com/watch?v=gQ0E37l_sQc
|
# ¿ Dec 8, 2015 05:20 |
|
Mr. Clark2 posted:So, as a result of this lovely software I have been tasked with either making the existing software/DVR work or pricing another solution to replace these lovely DVRs. Unfortunately, I know absolutely nothing about cameras/DVRs and their associated software (I'm a Windows/network admin). I've been given no budget, so that doesnt help. I've started looking at IP cams and some of the solutions that Ubiquiti offers since I'm familiar with their wifi APs, but since I dont know the first thing about this stuff, I'm not really sure where to start. Seriously call a few vendors in your area that deal with security and have them give you recommendations. You don't know anything about this kind of thing so bring in someone who does.
|
# ¿ Dec 10, 2015 12:12 |
|
Super Slash posted:I need a reality check. Just move the file to a shared drive, map the drive, and don't tell her that the file got moved.
|
# ¿ Dec 15, 2015 22:21 |
|
What's the best *CHEAP* monitoring software for monitoring availability for about 30 devices (vsphere environment, physical servers, switches, firewalls, NAS) I work for MSP so the solution I usually use is not ideal for a company that is going to be doing their own monitoring in house. Requirements * send me an email when something is completely down * send me an email when specific windows service is down * bonus: open and close tickets in spiceworks I started looking at PRTG and looks fine
|
# ¿ Dec 17, 2015 22:48 |
|
Swink posted:PRTG is easy. Might even be free for < 100 sensors. It is!
|
# ¿ Dec 18, 2015 01:07 |
|
Let's say I have an RDS server that is accessible directly from the WAN and it's getting hit with brute force attacks. Other than AD lockout rules is there anything I can do at the perimeter to somehow say "if you put the wrong password in too many times we're just going to block your IP address for a few days" I'm guessing no because how would my firewall know that AD is rejecting the password? asking for a friend who can't put RDS behind a vpn.
|
# ¿ Dec 21, 2015 15:36 |
|
will that let me do the thing I want to do
|
# ¿ Dec 21, 2015 16:10 |
|
wolrah posted:A RDP Gateway won't change anything except for which box is seeing the brute force attack. nice this one looks like it has the right name anyway http://rdpguard.com/
|
# ¿ Dec 21, 2015 16:40 |
|
Thanks - looks like rdpguard does what it says, and leverages windows firewall to do so.
|
# ¿ Dec 23, 2015 17:10 |
|
I do static IPs so that all my printers can be close to each other in IP range. How often are you guys changing printer IP addresses lmao. I only have like at most 6 printers per company I work with though.
|
# ¿ Dec 24, 2015 23:02 |
|
CommieGIR posted:I never have to change them because DHCP reservations are MAC based and I have them on their own VLAN subnet. oic. I definitely never have printers on different subnet. I guess I should but I can't see it being worth the effort for the kind of environments I work in.
|
# ¿ Dec 25, 2015 01:06 |
|
|
# ¿ May 14, 2024 04:40 |
|
Just wanted to say PRTG is suiting my needs and is free for me since I'm only using 62 sensors thanks to everyone who recommended
|
# ¿ Jan 4, 2016 16:57 |