@irj said in O365: KUDOS:

@dustinb3403 said in O365: KUDOS:

@gjacobse said in O365: KUDOS:

@stacksofplates

I am not certain, but I think they would like to stay in the O365 realm. Though, I will make note of that...

What ever happened to just sending a company wide "Thanks Karen" emails?

Why does a project like this even exist?

Kudos are a big part of many companies, and it's not hard to imagine why. Many companies will actually pay some bonuses or gift cards for kudos. A $50 visa gift card is an investment well spent when you have someone busting their ass. I have been on the kudos side and when you get a small token of thanks beyond a "Karen" email it means alot.

Sure, but sending out a Kudos through some specific application has nothing to do with the reward aspect that you're discussing, and wasn't at all a part of what I was discussing in my post that you opt'd to downvote.

This is specifically the delivery of an announcement, email has a very good delivery record. Why use something else for the announcement?

Someone from HR or wherever will still deliver the reward in person for that employee busting their ass.

This is how he should be deploying.

https://registry.terraform.io/providers/taliesins/hyperv/latest/docs/resources/hyperv_machine_instance

@dafyre said in Nextcloud: unable to ssh or sftp:

@gjacobse said in Nextcloud: unable to ssh or sftp:

@dafyre said in Nextcloud: unable to ssh or sftp:

@stacksofplates said in Nextcloud: unable to ssh or sftp:

@gjacobse said in Nextcloud: unable to ssh or sftp:

@stacksofplates
Since my ip is getting banned by fail2ban- I would think that they are.

I’m down to getting winscp or FileZilla to connect, I finally can connect via ssh. Trouble with manually typing a 32 character complex pass.

That's what keys are for.

Or a password manager, lol.

That is just it.

I have and use a password manager. Same one on the Desktop as the phone. Even with auto-type it wasn't working. So - that "wasn't" the issue here.

Hmm... SSH limited to a specific IP set?

Edit: Or config file changes by updates that now block root logins?

netstat -tulpn

to verify

Remember.... just because you are virtual does not imply that your storage is virtual, nor does virtual storage imply that the storage will be shared between workloads or VMs. None of that is implied or suggested in going virtual. You still maintain all proper storage management decision making when virtual as you did physical. You don't get to give any of that up.

@imager said in One more Endpoint Manager - open source - what does it sounds?:

Windows servers are still relevant. Not everything can be accomplished on Linux.

So no rebuttal? No one suggested that Windows Servers aren't relevant, that was a very emotional response to saying that "requiring a specific OS" was a ridiculous problem to have in this day and age. Your response gives the impression that you are internally struggling with ascribing value to Windows and sense any suggestion that they are not absolutely necessary as an attack on your own value. Let it go dude, our professional value is not tied to vendor products. As IT folks, we can't care about one product over another, our whole value comes from being above that stuff. That's for best buy workers and Internet trolls, not business infrastructure decision makers who need to stay focused on how our decisions drive profits.

You make the wild claim that not everything can be accomplished on Linux. This flies in the face of all known programming knowledge since the beginning of computers. Care to elaborate what you know that no one else in the industry knows?

net start servicename

Or restart etc.

Yeah i'm just copying the image to a new file and using gimp to add the values where i need them :)
Guess i'll get quicker at it the more i do it.

@callimarie said in Run virt-manager on Windows 10:

uhh i keep getting this error "The libvirtd service does not appear to be installed. Install and run the libvirtd service to manage virtualization on this host."

So did you do what it said?

@dustinb3403 said in Checking multiple Directories to confirm all files are identical:

I know I could use a tool like Create-Synchronicity to force 1 other directory to match the source, but I would prefer to find and list the differences in the directories.
Maybe powershell can help?

Yeah, PowerShell can help with this in the same way closing the front door of a house will fix a fire inside of it.

@flaxking said in Windows Defender Application Control:

@obsolesce said in Windows Defender Application Control:

@ccwtech said in Windows Defender Application Control:

@obsolesce said in Windows Defender Application Control:

@ccwtech said in Windows Defender Application Control:

Has anyone played with Windows Defender Application Control, specifically Group Policy to turn it on for each workstation?

I have a request from a client to do this, but I am very leery of using group policy for something like this.

Are they all running Win 10 Enterprise?

For sure no... Win 10 Pro.

Then it won't work as it's a requirement.

I think specifically it's using Group Policy for WDAC that's enterprise edition only, right?

Yes, you can use it in Pro, just not enforced by a GPO

You still should be able to run powershell via manage engine Desktop Central. https://www.manageengine.com/products/desktop-central/powershell-script-as-a-package.html

It looks like you can run locally leveraging Desktop Central. You aren't doing powershell remoting.

@frodooftheshire said in Safely transferring sensitive information:

Hi everyone,

I have a non profit client that asked me yesterday about sending/receiving sensitive information (SS numbers for example).

Currently when they're looking for volunteers data is sent from the volunteer's email address to an employees account (in charge of finding volunteers & using Google Workplace account) and then to the director's email address (Again Google Workplace account).

They were looking to implement DocuSign to more securely handle this process but I wanted to see if anyone else had any other recommendations.

DocuSign is for e-signatures which doesn't sound like what is needed.

How about a secure form app? Sound like it would get the job done much better than email. Formstack for example seems like a good example, I'm sure there are plenty to pick from.

Non-profits often have different pricing as well.

@dashrender said in WinRM: Security Question:

@gjacobse said in WinRM: Security Question:

@stacksofplates said in WinRM: Security Question:

https://www.manageengine.com/products/desktop-central/help/computer_configuration/executing_custom_scripts.html

Thanks -
Guess it will have to do... sigh.

I wonder if you can run powershell scripts by typing powershell first?

Is there a way to copy files to the computers with ME?

Seems like it is possible.

3c712099-6a8d-4e24-8fde-67a9e53cdbf3-image.png

@jaredbusch said in sudo problems:

@pete-s said in sudo problems:

@jaredbusch said in sudo problems:

@scottalanmiller said in sudo problems:

@jaredbusch said in sudo problems:

@scottalanmiller said in sudo problems:

@pete-s said in sudo problems:

We want to move to using ssh certificates on our servers and remove all passwords.

That's what we do.

Since when? What do you use to manage and generate certificates?

Generate with ssh-keygen. Manage with a wiki. We are only so big, so it works fine.

That is not certificates. That is keys. Completely different.

I don't know what @scottalanmiller uses but ssh-keygen is used to generate ssh certificates as well.

From the man page:
ssh-keygen supports signing of keys to produce certificates that may be used for user or host authentication. Certificates consist of a public key, some identity information, zero or more principal (user or host) names and a set of options that are signed by a Certification Authority (CA) key. Clients or servers may then trust only the CA key and verify its signature on a certificate rather than trusting many user/host keys. Note that OpenSSH certificates are a different, and much simpler, format to the X.509 certificates used in ssl(8).

But if you are automating certificate generation, you need to wrap this in something.

No, ssh-keygen does not do this (ssh certificate generation).

As you highlight, it can be used as part of the certificate process. But it cannot, and never will, be the certificate authority. Thus it is not the tool for this this.

You're actually mistaken because I've done it many times now. A Certification Authority, when it comes to openssh certificates, is really just a key pair that you carefully guard.

You create certificates by using the CA keys to sign other public keys from users and hosts. The result is a certificate named *-cert.pub

And you do all of this with the ssh-keygen utility.

Similar to how you can create CA and everything else for the more complex x509 certificates with just openssl.

@dashrender said in Remotely Update environment Variables in Windows 7?:

@wrcombs said in Remotely Update environment Variables in Windows 7?:

@dashrender said in Remotely Update environment Variables in Windows 7?:

https://searchvirtualdesktop.techtarget.com/tip/Tips-for-running-PowerShell-against-remote-Windows-7-desktops

Thanks !

Looks like going on site is still required because I have no idea if IIS is already installed - my guess is it isn't.

oh well, good information to have if I ever need it in the future.

Yeah, if you're going on site - skip all this and just put on VNC.

my thoughts exactly, But I figured if there was a way to do this without having to go on site, it would make it so much easier.
guess I can mark this as solved.

@scottalanmiller said in Network Admins: What are your daily BEST PRACTICE:

@travisdh1 said in Network Admins: What are your daily BEST PRACTICE:

@scottalanmiller said in Network Admins: What are your daily BEST PRACTICE:

@travisdh1 said in Network Admins: What are your daily BEST PRACTICE:

@irj said in Network Admins: What are your daily BEST PRACTICE:

@travisdh1 said in Network Admins: What are your daily BEST PRACTICE:

@scottalanmiller said in Network Admins: What are your daily BEST PRACTICE:

@mrwright4hire said in Network Admins: What are your daily BEST PRACTICE:

@dbeato said in Network Admins: What are your daily BEST PRACTICE:

@mrwright4hire said in Network Admins: What are your daily BEST PRACTICE:

What are some

You should always have good old WireSHark, nmap included and a great network scanner.

@dbeato what do you use for a network scanner? I use Advanced IP Scanner.

I use nmap, so much faster and easier.

Generally a full subnet scan using nmap is much slower than Advanced IP Scanner.

I'm annoyed that I even know this right now, such is the state of the documentation we have.

You aren't using Nmap properly... It's so configurable and definitely faster than any GUI scanner.

While true, I'd have to install nmap first and the boss has advanced-ip-scanner already there, sad as it is.

I bet I can install it faster than you can use Advanced IP Scanner, lol.

choco install nmap -y

It's SO fast.

Oh, I'm adding choco everywhere I can, but they haven't even deployed that!

What? That's the easiest way to deploy AIPS! What the heck are people DOING over there?

Being your typical American MSP and going after billing hours instead of good business.

@gjacobse second on Viking we use and resell them