|
Anyone here use System Center Essentials? I'm only versed in the full enterprise version, but I'm curious if SCE is worth the price of admission. A side gig I work on would be a good fit from a cost/surface area perspective if it isn't gimped as gently caress.
|
#
¿
Aug 25, 2015 01:56
|
|
|
|
| # ¿ May 8, 2024 22:06 |
|
|
Inventory and WSUS mostly.
|
|
#
¿
Aug 25, 2015 17:42
|
|
|
go3 posted:lol if youre not deploying machines with ssds anyways You'd be surprised how hard it is to convince a company that the long-term savings will beat out the short-term savings with regards to disk failures and downtime. Despite a mountain of research and substantial evidence indicating that SSDs are the way to go they just can't see past the initial bump in price. It doesn't help that Lenovo and other pre-built manufacturers ramp up the price for that stuff.
|
|
#
¿
Sep 14, 2015 21:08
|
|
|
Happiness Commando posted:M73 Tinys with a 128 GB SSD are incrementally more expensive and have way better profit margins than M73 SFFs with 500 GB rotational drives. We actually bought a bunch of these for our refresh and opted to install 850 EVOs aftermarket rather than buying what they could potentially be packaged with. Saved a bunch of money that way. I believe the techs are just keeping the platter drives on ice in a box somewhere if they ever need to claim a warranty repair.
|
|
#
¿
Sep 15, 2015 14:43
|
|
|
go3 posted:if you're even the slightest bit competent you'll have either extra drives or workstations and have the broken machine back up within a few hours This. If you elect to buy aftermarket you generally keep a break/fix pool of replacements to accomodate those rare failures. We have maybe 6 SSDs in our break/fix supply and in the past 2-3 years I don't think we've used any of them.
|
|
#
¿
Sep 16, 2015 16:42
|
|
|
wyoak posted:Profiles are tied to SID, not username, so you'll be fine from that perspective. I've never actually renamed someone while they're logged in, I'd like to know too. My bet is like 90% of things would work fine but something would screw up. I'd suggest doing a quick test on your local machine. Punch %userprofile% into a run prompt, observe the behavior, then make your change against whatever account is logged in. After the change punch %userprofile% in again. If it works without any issues there's a good change you'll be perfectly fine. Like Wyoak said, most everything is tied to SID.
|
|
#
¿
Oct 14, 2015 19:51
|
|
|
Swink posted:The Win10 ISO that you download with the media creation tool does not include install.wim and so cannot be imported into MDT for deployment purposes. Are you sure this is true? I've pulled the appropriate WIMs from Win 8.1 and 10 Pro ISOs for use with WDS. Both Install.wim and Boot.wim are native parts of all Windows client install media unless something has drastically changed that I'm unaware of. Wrath of the Bitch King fucked around with this message at 21:17 on Dec 17, 2015 |
|
#
¿
Dec 17, 2015 21:14
|
|
|
Anyone here using HighFive? Our org is looking into it and I'd be interested in getting some feedback.
|
|
#
¿
Mar 18, 2016 15:23
|
|
|
The Fool posted:I run Veeam locally and then use Azure storage sync to get my backups into Azure. God bless you for testing your restores.
|
|
#
¿
Apr 11, 2018 18:51
|
|
|
Can any of those scanners accurately detect installed hotfixes and KBs in a Windows environment? Based on my experiences with nexpose and qualys it's false positives all the way down, mostly because supersedence is a thing that Microsoft hasn't made super easy to detect..
|
|
#
¿
May 2, 2018 21:52
|
|
|
I'm talking for internal use, not penetration testing. Pure compliance auditing. Most of the time these scanners are provided a credential and they pull poo poo via WMI.
|
|
#
¿
May 3, 2018 04:26
|
|
|
Old Binsby posted:I never had much trouble using WMI for that purpose so neither should a scanner tool. In a rush looking for a single kb lazily using this also works if you’re forgetful about WMI like me Scanners are typically looking for compliance with CVEs. A fix provided can manifest in potentially hundreds of KBs, but in my experience scanners will choke if the KB produced in November of 2017 for a CVE in November of 2017 isn't present even if a January 2018 KB that encompasses the fix is there. I'm not sure why these scanners (at least the ones I have experience with) aren't looking at dll file revisions; most of them are looking for strings in the registry for this stuff, which is a special kind of dumb. Pulling existing KBs is easy and not a challenge in the slightest, my problem is being handed a 400 page PDF with a string of CVEs dating back to 2015 and having to validate it all, with 99% of it being inaccurate.
|
|
#
¿
May 3, 2018 20:49
|
|
|
|
| # ¿ May 8, 2024 22:06 |
|
|
We use CyberArk and it's one of the most overwrought products I've ever used. The UI was clearly an afterthought.
|
|
#
¿
May 6, 2018 17:41
|
|