Posts made by Mike Davis

yes. published a remote app. Users need access to that from machines that may not be company owned. Put RDPguard in place to ban IPs of multiple failed login attempts.

@scottalanmiller said

Yeah, that's not an issue with unmanaged switches, that's an issue with switches in the wrong place, bad physical access controls, consumer switches, bad cabling.... that the switch is unmanaged is a red herring here.

OK, so we can agree cheap switches outside of the closet are a bad idea.

The discussion came up because we were copied on an email from one user to another where they told the user to run out and get a cheap switch so they could hook up their network printer and their computer.

This is the kind of set up that has burned me. Cord getting kicked is one thing. Cable looping around and creating an network loop is another. Remotely you ask them if the lights are on, and they sure are!

I was talking with another tech and he hadn't heard of why not to use unmanaged switches out near users. I don't allow unmanaged switches on any of my managed customers, but once in a while I'll get a call from a break fix customer that killed their network when they created a loop.

What is everyone else's experience? Do you allow unmanaged switches? Do you allow switches outside of the data closet?

(before someone says it, what you really want in a switch is STP, but you don't get that in unmanaged switches, so it's not so much that the switch is unmanaged as the problem that unmanaged switches don't have STP options)

I have a Windows Server 2012 R2 RDS where the clients are getting disconnected at random every 5 to 10 minutes for about 1 second and then their session automatically reconnects. From what reading I have done I suspect this has something to do with the Ubiquiti Edge Router since internal clients aren't disconnected.

I can ping the ER from the outside for hours with out a single drop and only once in a while do the ping times go in to the triple digits. The ping lags and the disconnects don't seem to be related.

From what searching I've done it seems like it could be a problem with the MTU being too large, or the firewall trying to kill a potential DoS attack because the stream is UDP.

Where would I check those things on the ER and does anyone have any ideas of anything else I should check?

@StrongBad I suppose you could use DFS and make the file server redundant. On the other hand most SMB clients don't have redundant file servers. It really begs the question, why have load balanced RDS servers? If the software vendor updates an app on one doesn't it replicate to the other. Have you really protected against anything?

The file server that is hosting the redirected folders.

Change "Networking" to "Deploying WPA2-Enterprise SSID" and more people might be interested.

@Minion-Queen You should clarify that "losing your desktop" didn't mean your desktop computer died and you didn't have a backup, it means that an unnamed IT guy took over your desk and forced you to work off your laptop on your back deck.

We have a client with a virtualized app that makes calls out Outlook to send email as the user. In order for that to work the user has to launch Outlook once so it can configure their profile. What will happen if we set up another RDS server and load balance? Will they have to setup Outlook on the other server? Is the next step setting up folder redirection so their configuration follows them? At that point will we have gained much since we'll have created another single point of failure?

@IRJ in the 30 minutes I'm getting to present Group Policy to people that may not have touched it, I don't think there is going to be lots of juice. However, since this is Mango, I'm sure a quick poll can identify those of us that used group policy to do some cool stuff.

In the WPA2-Enterprise deployment session, I'll hit on how you push the cert and SSID to your domain joined devices to have the connect automatically to your WPA2-Enterprise SSID.

I have 1 -1.5 hours at MangoCon to cover powershell 101 and group policy 101. What do you think should be covered in those?

I was thinking for Group Policy to cover backup, restore, copy, link, apply, inherit, permissions, and then show a couple common uses.

For powershell I was going to give a little background for all the dos scripters out there and then move in the verb-noun construct of commands, how to get help with commands, and then build some commands to work with AD objects.

I know an admin that once the mailboxes were migrated to o365 went in to exchange and deleted the mailboxes. Seems logical, but also deletes their AD account...

@Dashrender I forgot about that. I guess if the DC did go down, I could talk someone in to changing the DNS settings on their computer so that screen connect would work, log in to the ER and change DNS if we thought the VPN was going to be down for any length of time. (or just enable SSH on the ER from the outside interface.)

We have an EdgeRouter there that does DHCP and DNS comes from HQ with google tertiary. If the VPN is down they can still get email that way.

@JaredBusch The last time it died no one noticed until they tried to print to one of the print shares on it. As soon as we push those printers out as local printers I don't think anyone will notice.

I have a remote office with a local DC that I would like to decommission. There is a site to site VPN to HQ. If the VPN goes down, they really wouldn't be doing much of anything because their primary business application depends on a SQL server at HQ.

@scottalanmiller So what server would you recommend instead for a small office with a handful of users?

@JaredBusch Thanks for taking the time to go in to detail of how that works. Right now all my larger systems are VMware so I haven't done anything large with Hyper-V. I can see the writing on the wall though and I think my next cluster will be Hyper-V.

I agree that in the big picture of their infrastructure $600 isn't much, but this has been an interesting group to work with. I could share a few examples of some of the stuff that they said over the last couple of days, but I don't need to berate anyone, I need to have a talk with the business manager and show them how their IT is making bad business decisions.