@scottalanmiller said in piHole: Forwarded queries:

@gjacobse said in piHole: Forwarded queries:

@gjacobse said in piHole: Forwarded queries:

Looking through my pHole - I see that a number of entries (IPaddresses) are shown as forwarded. Is this something that should be allowed (forwarding) or blocked?

Or - is it a reply to the request and completely normal

Completely normal. A forward in DNS is when the local DNS server (the Pi-Hole) doesn't have the "answer" in its table.

I wondered - I went back and read it 'backwards' and from that stand point - I can very much see it as being normal. the request is forwarded on - ... not something coming in that shouldn't.

Thanks

@jmoore said in Applications; Portable vs. Installed:

@stacksofplates said in Applications; Portable vs. Installed:

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

A big question would be... why do you want to restrict binaries from users?

Thats the sysadmin decision. He considers it a security measure and I can understand it somewhat.

Does he? Because he's not restricting them in any way, and totally okay with all the portable apps delivered in the web browser, right? So he's totally okay with them. Just confused, I'd guess.

Well, I can't presume to know his mind but hes just trying to limit the damage that can be done i suppose. I am guessing that is what he is thinking.

Is this from a government requirement? The only way to do this is checksum all of your executables. Unless you are required to do this, you're insane.

Yes we are a 2 year college and this is what I am told.

That's a lot to deal with for a 2 year college. I can understand the annoyances of accreditation and also following like FERPA requirements.

@marcinozga said in Tomcat with an NGINX Reverse Proxy and Self-signed SSL Certificate:

I don't know if it's strictly required, I'd add it.

Because the one tells the port to listen on. The other tells it what protocol to use. Since you can use any port, with any protocol, it has to be listed. You can just add it to port 80 if you want, for example.

@gjacobse said in pi-hole: Xbox; Ads on Youtube:

@Dashrender said in pi-hole: Xbox; Ads on Youtube:

@gjacobse said in pi-hole: Xbox; Ads on Youtube:

@marcinozga said in pi-hole: Xbox; Ads on Youtube:

Pi-hole won't block youtube ads, at least not the in-video ads. You need youtube premium to get rid of them, no way to block those I'm afraid.

Noted - I don't get ads on the PC(s), likely due to different adblocker there.

and well - dang.

How are they being blocked on the PC... something other than blacklists/DNS not resolve...

My default had been to install adblocker when building a PC,.. so it's likely still running even with the pi-hole running.

Right, but how do most of those work? as far as I know they work by blocking DNS queries

@gjacobse said in New user in Raspberry Pi - Raspberry Pi OS has no programs:

@scottalanmiller said in New user in Raspberry Pi - Raspberry Pi OS has no programs:

@gjacobse said in New user in Raspberry Pi - Raspberry Pi OS has no programs:

Just for reference (mine) what are you using the rPi for? I have two rPi 3b+ and 1 rPi Zero running currently;

rPi 3b+ running Diet-Pi hosting APCups, CUPS, and Unifi Controller rPi 3b+ running Raspbian for HamRadio activies (using Build-A-Pi found on YouTube) rPi Zero - DMR radio hotspot (transceiver to internet gateway)

Still could use one or two more

Desktops

I would go with the rPi 4 as a desktop... bit more power and more memory..

That's the first model that offers a real desktop option. No one has suggested trying anything else.

@dbeato said in Ubuntu: Auto Update 18.x vs 20.x:

I don't see anything blatantly changing on 20.04 as opposed as 18.04 and I have working for the few 20.04 servers we have.

Thanks for the reminder - I went back and discovered that one single line was still uncommented. I checked a few minutes ago, and the number of updates was zero, where last week it was up to 15.

@DustinB3403 If it is not DNS, firewall is always a problem lol. Nice find.

@dbeato said in O365 - shared mailbox full access to another calendar.:

YOu can actually give Full Details mailbox permissions to calendar to the Shared Mailbox either with PowerShell or Local in Outlook or Web access.

I'll admit that my user told me they couldn't - I didn't try myself... I'll if if I can remote in and give the shared mailbox access.

These seems rather bizarre that you would give permissions to the shared mailbox because it could be an end around for someone who shouldn't have permission to get them.. but meh.

@Pete-S said in Xen Orchestra - Community Edition - Installing with Yarn:

@travisdh1 said in Xen Orchestra - Community Edition - Installing with Yarn:

@DustinB3403 said in Xen Orchestra - Community Edition - Installing with Yarn:

@travisdh1 what issue are you referring too? As far as I recall everything that is needed is included in the appropriate script install/upgrade

It's git, not the scripts. Since you need to have your git user information entered for it to work, would be good to have it added to the instructions.

I don't understand. Do you have to have a github account and be logged in to be able to download anything from github?

I can reach this without being logged in:
https://raw.githubusercontent.com/Jarli01/xenorchestra_installer/master/xo_install.sh

No you don't have to actually have an account, it's a git requirement to put something in there though and we don't autofill that information in case someone wants to supply their account details.

@scottalanmiller said in NextCloud: Unrecoverablely broken?:

Bottom line, in NextCloud you shouldn't be looking at the files from the command line, ever. Not NextCloud files anyway. Permissions are meant to be handled by the app and it's database, not by the filesystem.

Well mostly. Nextcloud needs the files to have the right system permissions.

But user permissions have nothing to do with system permissions.

Also, for a few specific instances, I do quite a bit with Nextcloud files on the command line. But that is a very specific use case, and also has nothing to do with group or share permissions.

@scottalanmiller I realise this is an old topic, but I've been fighting something similar all day. As it turns out, the implementation of PTY (and also TTY) has changed in recent versions of OpenSSH for windows. When the SSH session is built from within a script, the new OpenSSH implementation detects that the session is not setup from an interactive terminal, and therefore does not assign a PTY to the session, which results in the unability of the Get-Command command to send its output to STDOUT, hence the access denied error. Solution is (at least in the situation I am in) to use the -t (or even -tt) flag with the ssh command to set up the session

@gjacobse : What about just using Microsoft's USMT then? It's a little more difficult to use but accomplishes the same thing as Forenzit's tool.

@scottalanmiller said in Multi Stream Video - Demo Recording:

@gjacobse said in Multi Stream Video - Demo Recording:

@scottalanmiller said in Multi Stream Video - Demo Recording:

Lumix mirrorless

I should have mentioned ---

On a small budget. so a $1,600 camera isn't going to work.

Um WHAT?

Lumix makes high end cams for like $300. How the heck are you shopping?

I’ll have to go back and look- I was trying to do four different things and my first search may have been off.

Phew! Busy couple of days for me. Sorry for the late reply.

OK, so the setup is as @JaredBusch assumed. VPN on the Laptop only. Split tunneling was not enabled and now it is. Problem solved for now! DuckDNS is reporting the correct home IP. No need for VPN on the phone or PBX.

Good call @Dashrender

@scottalanmiller I'm still going to checkout the possibilities of OpenVPN though. Just in case I need it in the future.

Thanks guys. Have a great weekend.

looking through the configuration for why this is still not functioning correctly

@JaredBusch said in Why Do Vendors Use MAP Pricing?:

@Dashrender it also depends on the product.

I buy most things on the sale price, because it is not urgent. I buy clothes though, as needed, because I hate buying clothes and only buy when shit is worn through.
On the other hand, my wife buys clothes on the sales, planning ahead for seasons and when thing wear out.

And I only buy in thrift shops, where there aren't sales.

@Dashrender said in O365 Outbound email issue:

@JaredBusch said in O365 Outbound email issue:

For the record, even though I made the above connector and it failed to verify, I did save the connector. Apparently, that was enough as email is sending now.

So which connector is solving this - the TLS regardless of cert condition, or the No-TLS

I only left the TLS regardless of cert, so it has to be that one.

@brandon220 said in NAS for Plex use... Again:

Looked at the server's spec sheet and it says a max of 8 - 6Tb

So you ordered larger drives than the controller can officially handle? Might be fine, but sometimes, that's an actual limit.

Looks like 2012 R2, am I correct? Have you tried reinstalling the services?