@bigbear said in Best Practices - Securing your Windows Server 2016 VM on Vultr:

However I wonder if Vultr ip ranges are scanned more frequently than Azure. I setup a couple honey potts and the attacks are 10 to 2 Vultr vs Amazon thus far.

I would have to wonder if it's also a matter of a weakness detected in the range once so now the robots keep pounding that IP or range. I say this because I had a server that had a vulnerability that went unpatched. After I patched it, the bad guys kept pounding the site. I even went as far as to move the site to a new server with a new IP and they kept looking for the vulnerable URLs for more than a week with thousands of requests coming in each hour.

@bigbear said in Best Practices - Securing your Windows Server 2016 VM on Vultr:

This https://rdpguard.com/ @scottalanmiller posted looks like something worth trying out first. Also appears to be actively developed. Anyone else using it?

I'm using rdpguard for a few clients. It seems to work well.

@EddieJennings said in preferred UPS for desktop computer:

Is it worse than supporting Sage?

I only have one client with Sage and I probably have 10 running QuickBooks so I wouldn't consider that a fair sample size, but I haven't had nearly the problems with Sage that I have with QuickBooks.

@scottalanmiller said in preferred UPS for desktop computer:

Ah, so it wasn't that it didn't save them, it was that it was corrupted because it was holding the file open when the power went out? that's at least more acceptable.

yes, At first it wouldn't open. Then we ran the file dr and it would open, but there was some odd stuff like a customer had two entries, with old transactions tied to one entry and one new transaction tied to another entry. A few of the basic reports wouldn't even run.

@scottalanmiller said in preferred UPS for desktop computer:

A moderate sized Eaton probably makes sense. You have to think of this machine as being an accounting server with a storage malfunction that has to be worked around. You'll have issues if drives fail, power supplies die and similar.

Sixteen lost hours of labour is not trivial to lose. And likely takes quite a bit more than sixteen hours to put in again as they have to figure out exactly what was missing, what is corrupt, etc.

Well the kicker is we lost time using tools like the QuickBooks file Dr to try to repair the file from when it got corrupt - but we were able to get it so we could open the quickbooks file from the time it went down. They printed out all the invoices that were generated after the time of the known good backup. Then we moved the corrupt file aside, put the file in place from the known good backup and they re-entered all the transactions from the hard copies.

@scottalanmiller said in preferred UPS for desktop computer:

Most anything works for a desktop. But this is really a critical server. You want to step things up a bit.

The server UPS stayed up. It was the desktops that all rebooted when the power dropped for a second.

@scottalanmiller I totally agree with you. QuickBooks is way behind the times and I hate supporting it. Can you recommend something for a manufacturing company that is better designed, is easy to use, has support, and will either export to QuickBooks or be easy for their accountant to use? They also have some we plug ins for their web sales ( I think woo commerce IIRC) and another program that prints shipping labels. This is for a company with about 5 people that would use the system at a time.

They asked about backup power so it wouldn't happen again. I don't want to recommend UPSs that don't do their job, but I have never used small ones like that so I don't know what people have had good luck with.

The reason I'm asking is yesterday a customer lost 4 hours of transactions (that 4 people were putting in) in quickbooks when the power went out unexpectedly. There isn't a way for them to save often.

Does anyone have a UPS for a desktop computer they like? Is there something that comes with the software to do a graceful shutdown of a computer if it's going to run out of battery?

My go to desktop for business right now is the HP EliteDesk 800 G2 mini PC. HP has a quick release VESA mount for it.

Be the bigger man, which is what it sounds like you're doing. It was cool that you still sent something nice to your contacts from your personal account. Boomerang relationships can be important when you look at your career in the long game. There are probably people in the company that were surprised about your sudden departure as well. By communicating with them they will have an opportunity to reach out to you as well.

If I'm reading it right, it sounds like the drive may have been physically damaged, in which case there is little hope. If it was more of a case where it was unplugged while in operation, using something like testdisk might be able to bring some files back. If the data is really important, I would send it to a pro where they have a clean room and typically charge thousands of dollars. If it would be nice to see if you can get it back but you don't want to spend much on it, you can try test disk. I've used it successfully to recover files off drives that suffered corruption.

@Dashrender said in Permissions between O365 systems:

How does billing work? All on one or are they somehow split?

It's all one. The billing is by mailbox. I'm not sure how they handle it on the accounting side, but they must have it figured out because the receptionist answers the phone for both companies so there are other shared services.

I would rather do things this way than have a portal for each domain and have each user have two mailboxes. There are a few reasons I say this and they may seem trivial, but they become annoying after a while.

Why I hate two mailboxes:
Stored passwords don't work. The URL for office 365 is the same so the magic "remember password" box in Outlook doesn't work. Every time you restart Outlook, you have to pay attention to which account is prompting you and put the right password in.
Two places to look for everything. Two inboxes, two calendars, etc. It sucks to have to look all over for stuff.
Multiple accounts to add to phones and other devices. At least the mobile devices do a better job than windows storing the password, but it's still multiple places to look for stuff.
It will cost you more if you are paying for the mailboxes. You have to pay for each mailbox in each domain, so it will cost you twice as much. I suppose you could have E1 in one domain and E3 in another, but you get the idea.

I have a number of non profits on the free E1 plan. Everything is the same except the bill.

I have a client like that. The owners own two different companies. Both domains were added to the portal. The owners have email addresses for both domains, but one mailbox. Some employees have both, some just have one depending on what they do.

So HP shipped Enterprise HDDs instead of the desktop labeled drives they had in there from the factory. It took a few hours to mirror each drive and it was totally uneventful. - which is exactly what you're looking for in these types of things.

If it actually is two SSDs they will be worth more than the server they are going in. (It's a little HPE microserver.)

I had an HPE drive fail in a server under warranty. I don't have the drive in hand yet, but the field tech told me that the replacement drive is a 1TB SSD. The old drive was a 1TB mechanical. The drives were mirrored.

Can I swap out a HDD for a SSD, let it mirror and then swap out the other HDD? I know in general you want the drives to be identical, and everything will slow down to the HDD, but since it's for a one time mirror, it seems like it could work.

@JaredBusch said in MS VPN connection; Account locked:

@scottalanmiller said in MS VPN connection; Account locked:

To sign into the domain, your VPN goes up first. To sign into the laptop, you sign in cached and then fire up the VPN. There is a reason that VPN-first systems like OpenVPN, Pertino, ZeroTier, etc. are so important. They let you do things like central revocation because they always get updates from AD.

Correct. this is the problem. always.

How does that work when they are on a wifi connection that doesn't connect until after they log in to their laptop?