As the title suggests, this isn't something I've done before and I'm hoping to mount a NTFS formatted VHDX to a Linux VM (CentOS or Ubuntu) without losing any of the data in the VHDX. Currently holds 19 TB of data and I'd rather not have to transfer it out and back in.

A new client is running Win Server 2012 R2 with Hyper-V role. He already has 2 same OS VMs and is also running the host as a file server. One VM is an IIS web server and the other is set aside for proprietary software that the vendor won't support if there are any other roles for the VM. He was smart enough to have the data in the VHDX so it's movable but he can't run as a file server when running both VMs because of licensing. I was thinking of simply setting up a CentOS VM and mounting the VHDX and using that as his simple file server.

I've mounted external volumes in CentOS and Ubuntu before but always formatted the logical volume once created. This time I'm hoping to simply attach and have it serve-up files.

@scottalanmiller said in IT Quotes I Like:

@dafyre said in IT Quotes I Like:

@travisdh1 said in IT Quotes I Like:

@hobbit666 said in IT Quotes I Like:

PICNIC

Problem in Chair NOT in computer

I just did a quick search of this thread, and we're missing the other classic!

PEBCAK

Problem Exists Between Chair and Keyboard

See Also: PEBKAC -- Problem Exists between Keyboard and Chair

Otherwise it is pronounced with an "S" sound.

The letter "c" followed by the letters "a", "o", or "u" is typically pronounced as a "hard" c (sounds like "k") such as in the word car, Carolina, curve, course...etc. To make the "c" sound like an "s" when it is followed by the letters "a", "o", or "u", you would typically need a cedilla under the "c". Rare exceptions to this are the common "facade" which was derived from the French word "façade" where the cedilla was eventually removed and pronunciation unchanged.

As with other English rules, this is generally the rule that applies most often, and since this isn't a typical word (acronym really), I believe the general rules would apply. So you could use PEBCAK

@scottalanmiller said in Linux Lab Project: Building a Linux Jump Box:

@NashBrydges said in Linux Lab Project: Building a Linux Jump Box:

@scottalanmiller said in Linux Lab Project: Building a Linux Jump Box:

So a Jump system can be about smoothing access to make it faster. Or it can be amount making access more secure. Or both.

It is, in many ways, about eliminating the free for all of access that is common with a VPN where you traditionally have many peers all able to access each other making access difficult to track and control.

Which is why large shops traditionally use a jump box even on a LAN. So even if you had a VPN, you might still have the jump box.

I had started typing out an entirely different response with scenarios comparing VPN and jump box and wasn't until the end that I saw where the jump box approach may be much simpler. It avoids having to manipulate multiple systems to provide a similar level of control (if I understood this correctly) over accessibility. Manage a single jump box instead of VPN, firewall, entity/authentication management...etc.

Correct. Now of course you can do some work with a VPN to make it kind of mimic a jump box. But it would be more work and still doesn't gap quite as well. VPNs have the advantage of allowing a direct connection. But that is part of what we are trying to avoid in many cases.

Right. Thanks for taking the time to walk me through this.

@scottalanmiller said in Linux Lab Project: Building a Linux Jump Box:

So a Jump system can be about smoothing access to make it faster. Or it can be amount making access more secure. Or both.

It is, in many ways, about eliminating the free for all of access that is common with a VPN where you traditionally have many peers all able to access each other making access difficult to track and control.

Which is why large shops traditionally use a jump box even on a LAN. So even if you had a VPN, you might still have the jump box.

I had started typing out an entirely different response with scenarios comparing VPN and jump box and wasn't until the end that I saw where the jump box approach may be much simpler. It avoids having to manipulate multiple systems to provide a similar level of control (if I understood this correctly) over accessibility. Manage a single jump box instead of VPN, firewall, entity/authentication management...etc.

@travisdh1 said in IT Quotes I Like:

@hobbit666 said in IT Quotes I Like:

PICNIC

Problem in Chair NOT in computer

I just did a quick search of this thread, and we're missing the other classic!

PEBCAK

Problem Exists Between Chair and Keyboard

One of my faves!

Not IT specific (Louis Pasteur was credited with this quote in 1854) but absolutely applies...

"Fortune favors the prepared mind".

@gjacobse said in Linux Lab Project: Building a Linux Jump Box:

@NashBrydges said in Linux Lab Project: Building a Linux Jump Box:

So, help me understand the use-case scenarios where a jump box is more beneficial than VPN to the environment. I've read other threads on this forum dating back to 2015 about building and using a jump box but I never truly understood why one would prefer this over VPN. The assumption at this point is that I'm missing some critical element that would explain why this over VPN.

What are the scenarios where one would chose this setup?

We use a Jump box for a number of reasons....

On PBX systems we can access the back in faster than using the GUI. And for some tasks it's really the only way. You update the kernel via SSH.

So in our case, @scottalanmiller has set up the security ring for the systems, I connect one box and jump to the others with little else. it's faster, more secure and easier to manage

Also, you can run the command (shutdown or other) ON the jump box and not sign into the other system.... saving steps

Hmmmm, so is the use-case then to have 1 single very secured entry point and then not require sign-on for other systems? While that may make it easier to traverse the security layers, this would essentially remove one of those layers (the second system sign-on). Am I misunderstanding this?

So, help me understand the use-case scenarios where a jump box is more beneficial than VPN to the environment. I've read other threads on this forum dating back to 2015 about building and using a jump box but I never truly understood why one would prefer this over VPN. The assumption at this point is that I'm missing some critical element that would explain why this over VPN.

What are the scenarios where one would chose this setup?

@JaredBusch Interesting approach. Didn't realize you could have that granular control over access.

@scottalanmiller How do you make documentation available to clients? Do you just send it to them? Do they have access to a system to give them access?

I'm not a big fan of necro posting and I realize this wiki question comes up often in forums but this seemed to really be on point when I saw this ML thread.

I'm in need of a wiki to serve similar function with security features at the very top of the list, to allow clients to look at their own documentation but no access to others, good search capability...etc. I've looked at options like Alfresco, MediaWiki, DokuWiki and I think I'm leaning towards DokuWiki however, this comment on their site makes me rethink this...

"DokuWiki's ACL feature has been included for some time and should be pretty stable. However, if you are concerned about the risk of unauthorized users accessing information in your wiki, you should never put it on a computer accessible from the Internet."

This could be a simple CYA statement but I will need this wiki to be available to many clients online and I would like to hear if people's recommendations have changed.

@scottalanmiller Did you land on an ideal solution?

@JaredBusch Could be. All I know is it's working now.

Great guide! Super helpful.

I figured out where I went wrong.

While I followed the instructions, I should have paid closer attention to the order. The first time, I simply did both updates from .18 to .19...reboot and then immediately to .20. I blew away the FreePBX install and started over and instead did the .18 -> .19 update, rebooted, checked for module updates and installed, rebooted again...and then I went to the .19 update.

Must have been something that got fubar when I did subsequent updates but now it's all good.

@JaredBusch Yes, I followed your instructions to the letter. The initial install was on 18 so I downloaded the update scripts for 19 and 20 and installed 19, let it do its thing, then rebooted, and only then did I run the update script to 20 and rebooted afterwards.

I should mention this is a fresh install (2hrs ago) on Vultr and I used your guide to get it all setup. Very useful, thanks!

@JaredBusch Sure did. Currently running 10.13.66-20, updated CentOS and have updated all other modules as well. Except when the xmpp update tried to run, it fails with that error message.

Hi,

I'm trying to update the xmpp module but I keep getting this failure message...

"Unable to remove Prosody, it is no longer used and conflicts with this package. Please remove it before continuing"

Can't seem to find a solution. Any suggestions on where to look?

@KOOLER said in Accelerate your backups with StarWind Virtual Tape Library and Microsoft System Center Data Protection Manager:

Meanwhile StarWind VTL ...

StarWind VTL

... is going to have a major feature update announced on VeeamOn 2017 in New Orleans

What a tease! Lol. Now I'm guessing at what kind of integration could take place between Veeam and StarWind.

This outbound campaign tracking analytics is just like what MailChimp would give you. It's a pretty cool tool to have for anyone who is doing outbound email campaign work although I didn't notice specifics around handling opt-outs and no-contact lists which pretty much places it out-of-scope for external marketing.

Also, if the intent for this was outbound marketing to external recipients, if the URL redirection doesn't allow for whitelisting of domains, someone could spoof one of your campaigns, and use to redirect URL to anywhere they want, all using this handy little server.

For internal, same domain outbound email tracking and reporting, this could be very useful. But I've seen disasters from other tools with similar functions that didn't take into account a lot of CASL requirements (Canada).

Could make for a cool internal project though.

I don't know why people are still using shortened links. You are going to have to get your marketing analytics a different way. Try vanity URLs if reporting is that important.