IT Discussion

• 

  When should I use a Bastion Host?
  • IRJ  

  7
  2
  Votes
  7
  Posts
  90
  Views

  

  We usually do a Bastion Server when we need to connect to other servers that are only allowed from one IP address, or we just VPN and then connect to the server.
• J

  Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.
  dhcp vlan ip helper iphelper • • JasGot  

  23
  0
  Votes
  23
  Posts
  115
  Views

  

  One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope. Another thing to note is that the Unifi Switches with a Unifi Server Controller give a lot of troubles with VLAN configuration (I am not talking about EdgeSwitches but the Unifi Swtiches). We needed to replace a USG and multiple Unifi Switches causing wireless issues with the Guest network as you mentioned.
• 

  CentOS 7 mirrors operation too slow.
  centos 7 yum • • Romo  

  11
  1
  Votes
  11
  Posts
  122
  Views

  

  Yep choosing an https mirror seems to be working.
• 

  deploy iPads - locked down - suggestions?
  • Dashrender  

  34
  0
  Votes
  34
  Posts
  124
  Views

  

  Signage displays use vesa mounts so it's easy to find different mounting options. Could have something that could be angled. I would also consider disinfection when something is used in healthcare.
• 

  Windows 10 1809+ Clipboard history
  clipboard clipboard history • • Dashrender  

  9
  0
  Votes
  9
  Posts
  81
  Views

  

  @JasGot said in Windows 10 1809+ Clipboard history: @Dashrender said in Windows 10 1809+ Clipboard history: OK, I suppose I can follow that - but you really think that CopyX is somehow more secure than Clipboard history? Don't they both use the clipboard? that thing is pretty much open to anyone, so I don't see how it would be any more or less secure - I would say they are likely both the same level of secure.... Even though they both read the clipboard whenever it changes, ClipX doesn't store the history the same way Windows Clipboard History does. Since Microsoft is a larger target, I still think they will be compromised before ClipX. what do you mean they don't store it the same way? you know that for sure?
• 

  Comparing Office Suites
  libreoffice ms office zoho onlyoffice openoffice g suite google docs wps office zoho docs zoho office • • scottalanmiller  

  48
  0
  Votes
  48
  Posts
  274
  Views

  

  Just had a very large client reach out and ask for LibreOffice again after moving to MS Office because they found Excel too difficult to get data in correctly. So they are going to LibreOffice for exactly the reason that everyone claims that "everyone" chooses MS Office... LO is easier to use and has better compatibility They own licenses for both, so purchase cost is not a factor. They've used MS Office more time in the last three years. Given less time with LibreOffice and zero "price" incentive, they've chosen it as the superior product for them - with zero prompting from IT. Out of the blue the managers chose it as the better product.
• 

  Hypervisors: revisit your choices!
  xenserver hyper-v kvm esxi hypervisors type 1 • • FATeknollogee  

  34
  1
  Votes
  34
  Posts
  389
  Views

  

  @jmoore said in Hypervisors: revisit your choices!: @krisleslie said in Hypervisors: revisit your choices!: @jmoore I want to know which book I need to check it out This one here. https://www.amazon.com/gp/product/178829467X/ref=ppx_yo_dt_b_asin_title_o08_s00?ie=UTF8&psc=1 I had trouble with a few of the exercises but not many. I'm sure there are more current things now too but this was a starting point for me and I plan to do more someday. It did give me a really good idea of how things work in the background. I'm a book person too, I went over every example. https://www.packtpub.com/virtualization-and-cloud/kvm-virtualization-cookbook $44.99 comes with print and ebook.
• 

  EdgeRouter L2TP VPN network issue.
  • Romo  

  1
  1
  Votes
  1
  Posts
  28
  Views

  No one has replied

• 

  SOLVED Wazuh - operational and can add agents - now what
  windows log management wazuh alerts • • DustinB3403  

  23
  1
  Votes
  23
  Posts
  211
  Views

  

  @DustinB3403 said in Wazuh - operational and can add agents - now what: @IRJ said in Wazuh - operational and can add agents - now what: So you already filtered it. Just click discover on top right Doh that is so easy that I didn't even think that was it. @DustinB3403
• K

  This topic is deleted!
  • Kasperskyfree  

  1
  -1
  Votes
  1
  Posts
  8
  Views

  No one has replied

• B

  This topic is deleted!
  • BitdefenderTBC  

  1
  -1
  Votes
  1
  Posts
  9
  Views

  No one has replied

• K

  Anyone figured out how to ZeroTier with AD?
  active directory vpn zerotier • • krisleslie  

  86
  0
  Votes
  86
  Posts
  518
  Views

  

  The hardest part is getting the VPN connections between your firewalls of the main site and each remote site. Depending on your firewall, this can be relativity simple, or a huge PITA. We'd have to know what kind of firewalls you have - and you might have posted that earlier, but I'm to lazy to look now.
• 

  Network setup - moving forward
  dashrender • • Dashrender  

  31
  0
  Votes
  31
  Posts
  188
  Views

  K

  Off top I can think of a few options to help remove the dependence of Excel. This is a short list. Microsoft Power Apps Google App maker Quickbase Zoho Creator
• B

  Switch for harsh environment ...
  switches environment monitoring • • BraswellJay  

  6
  1
  Votes
  6
  Posts
  80
  Views

  

  @BraswellJay said in Switch for harsh environment ...: @Pete-S said in Switch for harsh environment ...: @BraswellJay What kind of environment and how hot is very hot? How much power over PoE? Managed or unmanaged? L2 or L3? What type of mounting - rack, DIN rail or wall? Do the switches need support for any type of fieldbus (like Ethernet/IP, etherCAT, Profinet)? It's a farm area as a general description. Ambient temperature in the summer will be 100-110 degrees F. PoE will be to drive a typical camera, that's what the new installation is for, to support cameras in our farm area. Would prefer managed, L3 as our intent is to VLAN these cameras in a separate subnet. Mounting I can be flexible at the moment. It will be inside an enclosure so we can adjust the enclosure size to match the switch we get. No extra support beyond standard TCP/UDP/IP type applications. All we are aiming to accomplish is to add additional security cameras to cover an area that is currently not monitored. OK, thanks for clarifying the application. From this I assume budget is a big concern. I think you are best off looking for smaller wall mounted switches to put inside the enclosure. If ambient can hit 110 degrees, you'll probably have at least 120 inside the enclosure. 120F (50C) is roughly the limit for "rugged" gear. If you go over that you need extended temperature range switches. So option number two is a little more professional, and it's to use industrial DIN rail mounted switches. If you go for an unmanaged switch and define the vlan on the port that feeds the uplink you have many options. For instance something like this: https://www.amazon.com/BV-Tech-Industrial-Switch-Gigabit-Ethernet/dp/B075FZQX14 It's 100Mbit to each camera and 8 port per switch and 1 Gig uplink and it extended range so it can handle up to 150F. Use two enclosures or put two switches in the same enclosure. Usually industrial switches don't have many ports because it's less cabling overall to decentralize them and put them close to where they are needed. No fans or anything in these and you don't put openings or anything on the enclosure. Just let it cool by convection. Obviously it's a no name switch but I wouldn't worry much about that in a pure unmanaged L2 switch because they are built on standard switch chips. The real deal would be industrial switches from brands like for instance Moxa, Phoenix, Siemens. Cisco also have industrial switches. But prices would be from maybe $800 and up.
• 

  This topic is deleted!
  • WrCombs  

  1
  0
  Votes
  1
  Posts
  2
  Views

  No one has replied

• 

  Re-evaluating Local Administrative User Rights
  • Obsolesce  

  128
  0
  Votes
  128
  Posts
  227
  Views

  

  @Dashrender said in Re-evaluating Local Administrative User Rights: @Obsolesce said in Re-evaluating Local Administrative User Rights: @Dashrender said in Re-evaluating Local Administrative User Rights: @Obsolesce said in Re-evaluating Local Administrative User Rights: @jmoore said in Re-evaluating Local Administrative User Rights: I would agree in most situations no user needs to be admin on their own box. I think this is the way to go about things. Of course there are a lot of other factors as others have mentioned. However, if someone at your company tells you to compromise, what about having a seperate admin account that they only use when necessary? Then the rest of the time they use their regular account. Perhaps. But actually logging into an admin account means they they would be logged in and have admin rights full time while logged on, and that works around the whole thing. As a compromise, I think sticking to exceptions being able to temporarily obtain local admin rights, with warning, acceptance message, etc. That will force consciousness of the fact. Are you using a product that allows for this temporary gaining of local admin rights? Yes you could say that. Why so coy? Not intentionally, just wanting to stay on the main discussion.
• 

  Full text search plugin not working in Nextcloud
  nextcloud elasticsearch apps nextcloud 17 full text search • • JaredBusch  

  5
  0
  Votes
  5
  Posts
  44
  Views

  

  That will return from the default index. To specify an index add it in the URL: curl 192.168.1.100:9200/index/_search?pretty'
• 

  Email Migration Advice:
  • popester  

  18
  0
  Votes
  18
  Posts
  100
  Views

  

  @Dashrender said in Email Migration Advice:: the IMAP connection goes to the address you setup, not the MX record for the domain in question. What does an MX record have to do with anything? I think you have no idea WTF you are are talking about.
• 

  Dropbox and Box - billing issues
  dropbox legal billing filesharing box • • Kelly  

  12
  1
  Votes
  12
  Posts
  76
  Views

  

  @Dashrender said in Dropbox and Box - billing issues: So it was only verbal demands to pay for 600 users? no actual bill sent? yeah - scummy sales BS. Sounds like they make it scummy sales BS only after getting caught doing something far more illegal. Don't let them water it down after the fact. It's like getting caught trying to hot wire a car but convincing the cops that they weren't stealing the car, just stealing the Taco Bell food that they saw in the car... still illegal but not grand theft auto that they were actually caught attempting in the beginning.
• 

  Spin VMs quickly with KVM + virt-sysprep
  kvm sysprep virt • • Emad R  

  4
  0
  Votes
  4
  Posts
  105
  Views

  

  @black3dynamite said in Spin VMs quickly with KVM + virt-sysprep: @stacksofplates said in Spin VMs quickly with KVM + virt-sysprep: I usually use virt-builder to build the image, and then I can clone from that. Then you have nice really small images to build from. Have you ever created your own repo using virt-builder-repository? No I've always pulled from upstream. I've honestly never looked into that before.
• 

  On Prem Exchange to O365
  o365 azure ad • • WLS-ITGuy  

  4
  0
  Votes
  4
  Posts
  140
  Views

  

  As above what they are are saying is that using Hybrid AD is fine with a domain name that is not the same as long as you add the UPN in Active Directory Domain Trusts and then you adjust all the users in the domain to match that domain either manually or scripted. https://docs.microsoft.com/en-us/office365/enterprise/prepare-a-non-routable-domain-for-directory-synchronization My only concern with this is that you might not need to sync AD but if you are already setup then it is kinda hard to revert.
• B

  Getting started with automated provisioning?
  • biggen  

  23
  0
  Votes
  23
  Posts
  129
  Views

  

  @biggen said in Getting started with automated provisioning?: I’m not sure the difference between a clone and a copy. I’ll look that up. Clones are linked. Copies are discrete.
• 

  SOLVED How can I write two separate outputs from one command?
  • IRJ  

  30
  1
  Votes
  30
  Posts
  62
  Views

  

  @stacksofplates said in How can I write two separate outputs from one command?: @IRJ said in How can I write two separate outputs from one command?: I ended up moving out of /tmp and the permission issue was fixed. It still failed because I wasnt specifying /bin/bash before script file. Once I changed that it worked. Ah ok. Did you have #!/bin/bash in the script? I've never had it complain about that before? Nope lol.
• 

  How Modern Applications Nullify Ransomware
  security malware ransomware • • scottalanmiller  

  4
  4
  Votes
  4
  Posts
  95
  Views

  

  @scottalanmiller Whole article is great but the last 2 lines are Shame that NextCloud + OnlyOffice is not really there, I tried it when I was working with MSFF... definitely interesting but needs some time.
• 

  Callback Provisioning with Ansible Tower
  ansible configuration management tower • • stacksofplates  

  9
  5
  Votes
  9
  Posts
  1982
  Views

  

  @stacksofplates Thanks, good info. Im learning ansible now.
• 

  Comparing MeshCentral 2 to ScreenConnect
  screenconnect remote access meshcentral meshcentral 2 connectwise connectwise control • • scottalanmiller  

  963
  5
  Votes
  963
  Posts
  15853
  Views

  

  0.4.5-l today
• 

  Stuck supporting out-of-date Windows Servers, what options do I have?
  • magicmarker  

  7
  0
  Votes
  7
  Posts
  173
  Views

  

  @magicmarker said in Stuck supporting out-of-date Windows Servers, what options do I have?: Another option that wasn't mentioned is migrating the 2008R2 servers to Azure. Once migrated into Azure, you get security updates for 3 more years after the January 14, 2020 end of support. That’s just putting a band-aid on something that you will to have to deal with again.
• 

  LibreOffice - Runs so slowly
  libreoffice performance current • • DustinB3403  

  42
  1
  Votes
  42
  Posts
  149
  Views

  

  @Obsolesce said in LibreOffice - Runs so slowly: @scottalanmiller said in LibreOffice - Runs so slowly: In giant shops (thousands of users and up), the problem with MS Office is that you don't pay for it just for the users who would benefit from it, but you pay for it for everyone. That is so totally false. I have not seen that anywhere, including where I currently work which is many thousands users. So your claim is what... that they 1) don't actually pay for the software or 2) they use it only for a few people who would actually benefit from it or 3) the kind of work that they do is both appropriate to an office suite and so insanely heavy that they actually get to the point where MS Office is noticeably more efficient, yet still an appropriate tool to use? If any of those, how does that work? If 1... okay piracy. If 2... how do they interoperate with others, or is it all office suites for only individual use? If 3.... what the heck kinds of tasks are they doing that are so different than any other company?
• 

  Why Do People Still Text
  email best practices sms texting send • • scottalanmiller  

  407
  2
  Votes
  407
  Posts
  161020
  Views

  

  @Dashrender said in Why Do People Still Text: @Obsolesce said in Why Do People Still Text: And there is no clutter at all. Well, I suppose that depends on how it's managed. If fools set it up and manage it, then yes I can see it won't work well... just like many things, though. I'm less familiar with Slack, only used it twice for about 1 min total.. but discord - I'm a member of three groups, and each of those groups have like 20 subgroups.. to me that is a bloody mess. Discord I can say can be a cluster F. If there's a way to rid all the game xrap forced in your face, it'd be so much better.
• 

  Large network of Windows machines without AD - GO!
  • Dashrender  

  66
  0
  Votes
  66
  Posts
  355
  Views

  

  @scottalanmiller said in Large network of Windows machines without AD - GO!: @Pete-S said in Large network of Windows machines without AD - GO!: @scottalanmiller said in Large network of Windows machines without AD - GO!: @Pete-S said in Large network of Windows machines without AD - GO!: Would this be an option if you wanted central authentication in Windows without any AD or AD clone? https://www.freeipa.org/page/Windows_authentication_against_FreeIPA The way I understand it you could use this setup to authenticate your local account on Windows. Authenticate, yes. But FreeIPA isn't meant to do that, doesn't work well for it, and they themselves say that you should use Samba instead as it is meant for that. But the point wasn't the product. The point was that it looks like you can authenticate local users on Windows against anything that supports Kerberos. So you can still use central authentication for your Windows clients (that can be be shared with linux, web apps and whatever) without using AD or anything in the entire windows ecosystem. I didn't know that was even possible but maybe it is old news for you guys working with this stuff everyday. You can do full AD without anything in the Windows ecosystem. You can do Linux AD server side, and Linux clients and never have Windows code at all and be all on AD. You don't, normally, as it is too heavy to bother with if you don't have Windows somewhere. But it works. AD is just a heavy version of LDAP that is classic to UNIX. FreeIPA is expected to be used either in an all Linux world, or in a hybrid world with AD handling the Windows side of things (but they recommend Linux based AD.) OK, thanks.