Posts made by flaxking

@Dashrender Hmm, I wonder if it's something like a user with a broken roaming profile accidentally logging into an old server and the profile write back decides to work, and then when they log into a new server the now new roaming profile nukes the other local profile that never was able to write back properly

@black3dynamite yeah, I gave that a check and it's not set

We're over half done migrating these users over to a setup using FSLogix profiles.

Just wondering if any of you with more experience with Roaming Profiles can explain this behaviour.

There's an old Roaming Profiles set-up that's been dragged along through the years and we're wanting to senset it.

One thing we're seeing is that for users who's roaming Profiles write-back haven't been working, (maybe permission error on some files) if we do something that might trigger it to star working again (like add folder exclusion), their local profile gets nuked.

It seems like this is only an issue with roaming Profiles that haven't been working, if they've been working, any changes we've made hadn't had the affect off killing the local profile and starting fresh.

I've check for any GPO settings that might be asking for the local profile to be deleted, but I haven't found anything. From what I understand, the profiles should only be merging.

Has anyone else seen behaviour like this before where a roaming profile goes from not working to working and it kills the local copy?

Joplin

I wouldn't consider microservices as desirable in a deploy-it-yourself end user situation. Unless you are setting up something you really need to be able to scale, it adds IT overhead. A Docker image is an abstraction, but docker/k8s config files are most just configuration as code, so it's not like it's just deploy and go to use a config file from a third-party on your cluster.

However, as we get more open source based images for complete drop-in APIs for developers to use instead of building things from scratch, we'll probably see more of it.

@Mario-Jakovina said in When Does It Stop Even Being IT: Buyers vs Doers:

@scottalanmiller Now, when I saw your video, I understand that "IT Buyer" for you definitely means "Uncompetent IT Buyer"
I don't see why you use plain term Buyer for such bad example. What if someone defines "IT Doer" as somebody who is uncompetent in doing IT...

It seems you think you saw a lot of examples of CIOs not adding value.
But then that means they have uncompetent CEOs who have uncompetent business owners...
I find it hard to believe that it is common in SMBs. How do they survive in competitive markets?
In governement owned organisations - probably this is often the case.

Based on my experience, I would guess that most profitable SMBs aren't operating in a competitive market. And if that market becomes competitive, they do not survive.

Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted.

If you did something like host the files in an Azure Storage Account then they could download using an SAS token that's passed in as a request parameter

.\ Won't necessarily refer to the folder the script is in, it will refer to the working directory at the time that the script is launched.

%~dp0 refers to the directory the script is in, but I don't recall if it works for Network shares.

You want the path to the folder that the script is in? %~dp0

@PhlipElder said in Use PowerShell to Disable UAC on Windows 10:

@scottalanmiller said in Use PowerShell to Disable UAC on Windows 10:

@Obsolesce said in Use PowerShell to Disable UAC on Windows 10:

What special case needs UAC completely off?

Company purchases an application that requires it.

For those kinds of apps we use ProcessExplorer and ProcessMonitor to find where it needs MOD access and tweak accordingly.

Shimming also works.

The most common culprit is it writing to its Program Files folder

Some companies around here will install a booster on every vehicle in their fleet.

@scottalanmiller said in Looking to Buy a SAN:

@flaxking said in Looking to Buy a SAN:

@ScottyBoy said in Looking to Buy a SAN:

@flaxking said in Looking to Buy a SAN:

I've recognized an IPOD and witnessed it play out.

In the end the business decided it made more financial sense to put 200 VMs in Azure.

This is for a TV station cloud simply isn't an option to run this stuff unfortunately.

My point is that putting a bunch of VMs in Azure is a pretty expensive solution, but dealing with an IPOD ends up costing the business enough that the cost is acceptable.

Right, why would either option even be considered? Good cloud or good on premises is where you start. An IPOD shouldn't even enter the decision matrix. It's called a false option, that kind of stuff is used in psychology to trick an emotional response to choose something obviously bad based on a known absurd alternative that isn't a reasonable alternative.

I can't afford a Porsche!

But a Ferrari is SO much more!

Oh yeah, I guess a Porsche is a good deal.

Um, no, go price out a Toyota to compare!

I'm not saying anyone should actually do a comparison like that. Poor infrastructure decisions brought us to a breaking point where we needed to do an immediate nuke and pave of the whole environment in order to save the business.

@ScottyBoy said in Looking to Buy a SAN:

@flaxking said in Looking to Buy a SAN:

I've recognized an IPOD and witnessed it play out.

In the end the business decided it made more financial sense to put 200 VMs in Azure.

This is for a TV station cloud simply isn't an option to run this stuff unfortunately.

My point is that putting a bunch of VMs in Azure is a pretty expensive solution, but dealing with an IPOD ends up costing the business enough that the cost is acceptable.

I've recognized an IPOD and witnessed it play out.

In the end the business decided it made more financial sense to put 200 VMs in Azure.

@dbeato said in Need help trouble shooting GPO.:

The GPO at the root of your domain will be applied to all your users and computers. However if you create one GPO and then link it only to the OU then only the members of that OU will get it to apply.

Also is this GPO a USer or Computer policy?

My money is with dbeato on it being created under a user policy.

Also note, to create desktop shortcuts for everyone on a computer you probably want to create it in the Public desktop

Goal: Have a user from one Azure AD tenant be able to have and login to their own exchange online mailbox (not just getting forwarded email) on another Azure AD tenant using their own original credentials.

So far I've tried adding a guest user, convert the account to a member and assign a licence. That creates a mailbox for them that another user can get delegated access to, but there doesn't seem to be a way for that user to access the mailbox using their credentials. The admin.microsoft.com portal let me reset the password for the account. (AAD portal did not because it recognizes it as an account from an external source) And then I could log in with that password.

So at this point, it seems like the mailbox account created is separate from the actual Azure AD account, which leads me to believe that Exchange Online has no support for multitenant access.

Is there some other way to meet this goal in Azure AD/Office365, or would the required solution be some kind of separate identity service?

Yeah, actually finding an open source project that's a good fit can be a bit daunting. You're probably going to have to invest a fair bit of time into just learning how things work before you will be useful, and you might get some support from other developers, but you have to be able to take nugets of information and figure things out for yourself. And it should be a project you're actually interested in.

If you want a project written in python, Salt might be a good one, since you're interested in sysadmin stuff too. It's modular, which is nice because it will be easier to contribute to a module than to the core. The Salt code I've read has been pretty straightforward to understand, so that would be good for a beginner.

Communicating with other developers could probably be a good place to find some projects that aren't fully built yet, which might be easier to contribute in some ways, since they might have less of their own framework for you to learn. (Though in something well established, you can learn a lot by reading their code, and their processes and experience the challenges as well as the good things)

Maybe here you could meet some other beginner programmers to work with? https://gitter.im/FreeCodeCamp/home

I have a project you could contribute plugins to, but if webs scraping for jobs doesn't excite you, then I don't recommend it.

Publishing your own project or contributing to an open source project is often the path to meeting those goals. I've mostly just seen internships as parts of training programs you pay for.