@DustinB3403 said in Wazuh - operational and can add agents - now what: @IRJ said in Wazuh - operational and can add agents - now what: So you already filtered it. Just click discover on top right Doh that is so easy that I didn't even think that was it. @DustinB3403

It will makes sense of all the alerts and centralize everything

@Dashrender said in PDQ Drops Inventory (Deploy) Agent: @coliver said in PDQ Drops Inventory (Deploy) Agent: @warren-stanley said in PDQ Drops Inventory (Deploy) Agent: @coliver from memory it allowed endpoint status display, along with connection when outside the corporate network for running commands and application management. It was part of the subscription and didn't require any other additional setup - so was nice in theory. Ah. Salt and Ansible can do similar things but would require some backend work. Salt has an agent, right? Yes, and Ansible can be setup in a Pull configuration so it can act like it has an Agent as well.

@Pete-S said in HFSPlus Read Write access on Fedora: Why not Paragon drivers on Windows instead? Virtualize and pass through to the VM. Because I am operating this from fedora to sync the data to cloud. Plus I need my work laptop portable.

@wrx7m said in Windows 10 Updates - Trigger "Update and Restart": @IRJ said in Windows 10 Updates - Trigger "Update and Restart": @wrx7m said in Windows 10 Updates - Trigger "Update and Restart": A simple restart command doesn't perform the update step, just the restart, so the update doesn't get applied. This has been an issue for a very long time with windows. I am surprised it hasn't been fixed yet. It's really annoying Well, at least with Win 7, a standard reboot applies updates. At least, I think it does. The main difference between Win 7 and 10, is that they have switched to the osoclient.exe to manage the updates. It seemed like it was an issue on 2008 servers and someone mentioned upgrading to windows 8 to fix it. I think it has always been issue.

@Obsolesce said in City of Munich Moving to Closed Source Software: It looks like the whole issue was due to their use of some weird distro years ago. That article technically doesn't say why they need Windows now, so for all I know they have some new weird requirements I don't know about, but assuming they don't, I think the decision to go to Windows is a horrible idea. They'd be much better off going to Ubuntu instead. Yes I upvoted a post about how Ubuntu would be better than an alternative. Please no heart attacks people.

Within PowerShell can't use something like Push-Location \\Server\Share\path or Set-Location \\Server\Share\path and then run the cipher command?

@scottalanmiller said in URL Redirect at the Windows Workstation?: @JasGot said in URL Redirect at the Windows Workstation?: Gotta Love RoIT! RoIT Rules! Not until you actually do the actual re-branding

@dbeato said in Windows Server 2012 Remote Web Access not connecting and RDS services showing error 23005: @scottalanmiller Yeah, RDW is the problem I understand now. Basically you can remote desktop without need of App Resources Proxy without any problems. But if you try to load the App Resources from a Windows 10 device then yes I understand now. Yeah. It's a weird "Essentials only" issue, only on 2012 and older. From what I can tell.

Why not filter out the files that you don't need to rename? Summat like: (Get-ChildItem -Path "path\to\folder" -Recurse | Where-Object {$_.Name -contains '•'} | Rename-Item -NewName {$_.Name -replace '•',''} -verbose -ErrorAction SilentlyContinue -ErrorVariable daError)

@scottalanmiller said in Why the Windows 10 EULA Is Applicable to Older Windows Licenses: It then points out that the EULA is not valid only in the case where the source license is not genuine, so like a pirated copy of Windows 8. This entire portion of the EULA is exclusively for the purpose of Windows 7, 8, and 8.1. It has no purpose otherwise. It does. It also applies when you are installing a clean install of a previously legally licensed Windows 10 system.

New-PSSession -ComputerName Host1 New-PSSession -ComputerName Host2 Get-PSSession will show all sessions you created. Use Enter-PSSession to enter one of your opened session

Nice! I was thinking about doing this soon.

This is the provider I use to clone KVM guests with Terraform https://github.com/dmacvicar/terraform-provider-libvirt

@Fredtx This has usually worked for me in the past.

@Oksana That's really awesome!

I went to MicroCenter tonight and was looking at laptops. I had a salesperson ask what I was looking for. I got a strange look when I said I wanted W10 Home cause it would get wiped anyway. I don't think she thought I was serious.

@wrx7m said in Server 2016 - Force Default Update Server to WSUS Server Via GPO: @dbeato said in Server 2016 - Force Default Update Server to WSUS Server Via GPO: This would have happened on Server 2012 R2 as well, dual scan has been around and causes a lot of problems as you noted. It is strange that I didn't have these issues in 2012 R2. I essentially copied the same GPO for 2012 R2 and made some minor changes to it to convert it for 2016. My 2012 R2 show the correct default service. Weird, I have various Server 2016and now 2019 with WSUS and while dual scan was an issue for me on Server 2012/ 2012 R2 not anymore.

@pmoncho said in Windows RDS User Profiles - Migrate, Recreate or User Profile Disks?: @Dashrender said in Windows RDS User Profiles - Migrate, Recreate or User Profile Disks?: Cool, then you should have it easy. FYI - Published apps still create a full profile on the RDS box, Just the desktop isn't presented to the user. If the application allows them to browse around, they could typically see the drive letters, the mapped printers, etc... that's why you still need to lock all that stuff down. Thanks for the info. I will keep that in mind. I was debating about using UPD's like @wrx7m and that was my interest in this post. Also, still planning out where to put Connection Broker, WebAccess and Licensing but that is another post. For local profile management, UPDs are a lot cleaner. If we are not putting them on a file server across the network then a second partition/VHDX is set up for that task to keep them separate. With the inclusion of FSLogix with RDS CALs/SALs now it's a no-brainer, IMNSHO, to set the project up on the FSLogix version. Storage management is another reason why UPDs on a network or separate partition make sense. Keeping a local profile on the C:\ of the session host is messy and can cause issues down the road with users coming and going. As far as the Broker/Gateway/Web put those roles on one VM but separate from the Session Host.

@IRJ said in Windows Server 2012 R2 - Share Auditing for Changes: I know you use wazuh.. Check this out https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html Thanks! Checking out setting this up. Hopefully, it will reveal the culprit.

@black3dynamite said in Hats off cmder: @Emad-R said in Hats off cmder: notepad= notepad++ I preferred to use Visual Studio Code instead. It's just a steam and video machine. The one-liner quick installs with chocolatey as he likely does is best in that case. No need to get fancy.

I have not dealt with this much, however I have seen sharing groups get their members removed completely.

Okay so figured it out with this guide. From Windows administrative Powershell ssh-keygen type C:\Users\<username>\.ssh\id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys' Exit administrative Powershell Open Powershell ssh [email protected] Logged in.

@mary said in Windows HomeGroups, WorkGroups, and Domains - CompTIA A+ 220-1002 Prof Messer: Is there any alternative to home group now that it isn't available on Windows 10? Also why would you use workgroup instead of Windows Domain? Is it a cost issue? "Home Group" was just a fancy name for network sharing without AD on Windows computers.