@JasGot said in DHCP Question...:

@Dashrender said in DHCP Question...:

But Windows does allow you to specify things other than the whole subnet, i.e. the whole /24, just like your EdgeRouter does

You can define more than a /24, but not less.
In the following pic, you can see the subnet is /24, in the 192.168.100.0 scope.
The popout is where you define the DHCP scope to be distributed, not the scope of the subnet.

Be sure not to use "Subnet" and "DHCP Scope" interchangeably like M$ does.
MS Has you define a scope when you create a new subnet to be served by DHCP, you don't really do anything with the DHCP Scope until you start filling in the Start IP and End IP. No matter how restrictive you make the DHCP Scope (11 to 50 in this case), you will still have a subnet of 255.255.255.0. If you were to make the DHCP scope 192.168.100.1 to 192.168.101.254, you would see the Subnet automatically change to 255.255.254.0

News to me?

When RD Gateway is set up and 2FA (2 Factor Authentication) is in place access to a Remote Desktop endpoint, whether RemoteApp, Session Host desktop, or VDI desktop OS, is as secure as the human using it.

We have plenty of RD Farms out there both in client internal and multi-tenant setups.

There's no exposing an RDP Listener to the Internet on any port. That's just bad.

There are some internal LAN side advantages:

• Single Sign-On gives users a seamless experience from their corporate desktop
• RemoteApp RSS publishing via Group Policy makes security group delimited publishing simple
• Collection Publishing can be delimited based on Security Groups (great for licensing compliance)

Internally or externally, Group Policy locks things down for security and access purposes as well as for mitigating a Ransomware errant user click.

@beta said in RAID 6 in my backup VM host on spinning rust?:

@dustinb3403 Well I looked up Dell drives and the 3.84 SATA read-intensive drives are going for ~$1800 a piece (before any discounting).

Tier 1 hardware is a particular beast.

Yeah, we can scour the fleabays of the world for caddies, but then comes the firmware fun times and/or question marks.

Our saved search e-mail monitoring shows Tier 1 secondary channel sales as being very expensive even relative to buying direct from the Tier 1 vendor.

At this point, adding a couple of known good SAS spindles and calling it a day is probably going to be the safest bet without having to think about rebuilding that SOBR, or adding a new SOBR and migrating the backups, or just setting up an entirely new array/SOBR and backing up leaving things vulnerable for a while.

Nah, in my mind KISS applies here.

Add the drives, expand the array, and call it a day.

Oh, and make sure to set up a B2 bucket for some immutability.

@pmoncho said in POTS line replacement:

We are currently required to have POTS lines for our current fire alarm system which is a PTIA. We also kept one other POTS line for our main fax line also (not my call).

Our POTS line pricing was bumped again and with a call to AT&T we found out that there as a "newish" service AT&T Phone for Business Advanced. This service is suppose to be the replacement for specialty analog lines like Security/Fire Systems, elevators and such. The cost with 3-5 lines is significantly cheaper than our current bill.

Basically they connect to our network and install their "Phone for Business - Advanced device" (I'm guessing just a suped up ATA device) which will allows up to 8 analog that connect to a 66 Block.

I was wondering if anyone else out there has/seen/installed/messed with this service? Also wondering exactly what this "Advanced Device" actually is that they want to charge about $500 for (BIG UGH).

We also have a call into our Security/Fire Alarm company on the costs of a replacement alarm system is and if it can work over cellular. We will then see which will have the best ROI depending on years of service.

Our alarm company told us the same thing when we inquired about putting in our fibre provider's VOIP based phone system.

The fibre provider called it bunk so we switched and have not had any problems.

The alarm system needs a dial tone. That's it.

@scottalanmiller said in Rackspace Blocking Zoho Email:

About 25% of share value gone, wow.

On the positive side they had segmentation so a degree of separation between their various operations.

On the negative side if it was HAFNIUM, they didn't have IPS (Intrusion Protection) in front of their hosted Exchange as our SonicWALL units with IPS turned on got an update for HAFNIUM not long after it became commonplace.

@Pete-S said in How to fix RDP dpi awareness problems:

@PhlipElder said in How to fix RDP dpi awareness problems:

@Pete-S We have a few older accounting apps we support that don't scale well in RemoteApp no matter what the client setting is. The menu items appear to be microscopic.

Great for Session Host desktops but what about RemoteApp?

Windows DPI scaling is not working 100% so it is what it is.

I have on purpose avoided purchasing any display / resolution combination that doesn't fall between 90 to 110 dpi. So I don't really get into much trouble.

Anyway, I don't have any specific experience with remoteapp. But since it uses RDP I would disable the scaling in the registry on the server. And then work on setting the dpi on the server to whatever is needed. There is also the possibility of setting DPI scaling behavior on a per application basis.

That's the route I would go.

DPI settings are normally per user but if you have users with multiple devices with widely different dpi I don't think you can get it right.

Yeah, we learned that lesson with the first batch of ultra-high resolution laptops that we deployed and users started complaining almost immediately. We were able to bandaid to some degree as the Session Host settings would get picked up by the RemoteApps after the user tweaked them and logged out of the SH Desktop but those legacy menus never did get addressed.

Folks need a magnifying glass.

@gjacobse said in Eaton Rack Mount 5P: power on issue:

Found the issue with the assistance of Eaton Support.

The Remote Power On/Off connector - jumper- is missing.

Needs this jumper to power on

Going to be blunt here: That's just a plain fucking stupid, asinine, head up the ass design.

The only connectors on the back of the APC units we deploy are network, sensors, Network RJ45, Serial via RJ45, Female Extension Battery Pack connector, and some fans. Oh, and a ground screw. That's important too.

@scottalanmiller said in Staying in Ethics and Legal with ChatGPT usage?:

@PhlipElder said in Staying in Ethics and Legal with ChatGPT usage?:

Being able to stand back, look at something, and say, "I did that!" is a pretty amazing experience. So, did none of the folks bastardizing their writing ever have that experience?

Yes, but college isn't work. It's busy work. The entire point of university isn't education or work, but to buy a degree. ChatGPT is the logical path to that. If the students (or their future employers) valued education, they'd test for that. As long as they prefer a piece of paper over actual learning, there is no dignity in the process.

I'm of the opinion that University is virtually useless for the bulk of the kids entering there.

If there is mission and purpose with a goal in mind for the kid to teach and use a Masters or PhD then go for it.

Otherwise, go to tech college or get a trade.

@scottalanmiller said in Staying in Ethics and Legal with ChatGPT usage?:

@PhlipElder said in Staying in Ethics and Legal with ChatGPT usage?:

We home school our kids.

Us too.

It's the best decision we ever made. A lot of compromises along the way to make it work but we have.

One has graduated while the other two are working their way through.

It's a great treat to spend the amount of time we have with our kids.

They are the better for it and so are we.

@dbeato said in Veeam drops the ball, exposes 440M Customer E-mails:

@phlipelder said in Veeam drops the ball, exposes 440M Customer E-mails:

https://www.veeam.com/executive-blog/veeam-data-incident-resolved.html

I did not see anything about it in our Partner communications until this thread and I sent a quick question to our rep. The above was their reply.

And you didn't get the email?

No. I just went through all of our Veeam correspondence with nothing about it there.

@fiyafly I've started JBP's 12 Rules. The intro was so in-depth that I'm still ruminating on it.

He's an accomplished professional and his work shows it.

In a virtualized setting there's no real reason to configure more than one location for the Exchange databases and logs. Unless, there's a separate high IOPS location that the logs would be stored on?

@jt1001001 Why thankfully going away?

@jaredbusch said in H-1B furor: Canada smooths the way for techies:

@phlipelder said in H-1B furor: Canada smooths the way for techies:

@mlnews said in H-1B furor: Canada smooths the way for techies:

Mercury News- H-1B furor: Canada smooths the way for techies

Two weeks: That’s how quickly a foreign technology worker in Silicon Valley can get an employment permit from Canada. In the U.S., that process takes months.

As the administration of President Donald Trump has increased scrutiny of H-1B visas for skilled foreign workers and plans to ban their spouses from holding jobs in the U.S., Canada has been moving aggressively to suck top foreign talent out of Silicon Valley and other technology-rich regions of the U.S.

The Canadian government won’t say if it’s leveraging the tumultuous and uncertain immigration climate in the U.S. But experts say Canada’s year-old “Global Skills Strategy” program, which offers work permits similar to America’s H-1B visa, is ideally structured to attract highly skilled foreign tech workers to Toronto, Montreal or Vancouver. Though immigrants make up just 20 percent of Canada’s population, they hold about half of the science, technology, engineering and math degrees at the bachelor’s level and above, government figures show.

Before the program launched, Canada’s employment permit process for skilled workers took months.

“It captures all of the Silicon Valley people, and it captures them quickly,” said Asha Kaushal, a professor at the University of British Columbia law school who studies immigration law.....

Heh, wait until they get their first tax bill.

Umm, been to Chicago lately? And we don't get shit from it.

Heh … we don't have much to show for it either.

@scottalanmiller said in IT female empowerment:

@wrx7m said in IT female empowerment:

@scottalanmiller said in IT female empowerment:

@wrx7m said in IT female empowerment:

... their willingness to do it for the agreed upon wage.

One problem that some people have with this, is there is a belief that men are more aggressive with demanding higher pay and feel that society should regulate this to help women get paid more.

Even if that is true, that is a learned skill.

There are two schools of thought on that. One is that it is not a learned skill and intrinsic to genders. The second is that it is indeed a learned skill and one kept from women throughout their childhoods so that they are being discriminated against from birth and put in a position where, as adults, they are at a major disadvantage.

Catch is, "Gender" is a relatively new term with a rather vague definition. So, no real school of thought there as of yet IMNSHO.

Traditional "Sex" based on XX or XY is plenty studied with some of the longest longitudinal studies in history still ongoing providing a lot of data. Folks are getting fired for citing such.

@irj said in I think I am missing something about Hyper-V....?:

@phlipelder said in I think I am missing something about Hyper-V....?:

We've been deploying virtualization solutions on Hyper-V since Longhorn/2008. We built our first cluster on the Intel Modular Server (probably the first to do so with Hyper-V) back in the day with our first IMS cluster deal following that up.

That's impressive because because from what I remember hyper-v was terrible in 2008.

Heh, it took 9 months of life, front-line access to the IMS engineering team, and some handholding by Ben Armstrong and Jose Barreto to get it going. It was a really cool moment to see the VMs Live Migrate between all of the nodes and then start right back up when we started testing failover scenarios.

And yes, it was very painful as we committed to deploying all clusters with Server Core and still do so today. Though, with PowerShell it's a lot less painful.

EDIT: And, thanks!

@coliver said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

@PhlipElder said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

Swipe needs to be banned. Period.

I would love a swipe + pin setup. I think that would be the best of all worlds. Fast, easy, secure.... for the most part.

Nope. That magnetic stripe needs to disappear. Skimmers are easy. It's really tough to "skim" a CHIP setup.

@obsolesce said in What Are You Currently Reading Outside of Tech:

@phlipelder said in What Are You Currently Reading Outside of Tech:

@obsolesce said in What Are You Currently Reading Outside of Tech:

Drove by this going to/from Vegas. Finally looked in to it. Pretty interesting.
https://en.wikipedia.org/wiki/Ivanpah_Solar_Power_Facility

Woah … $2.2B cost.

Ya insane, and it's not even producing close to the output they planned for.

Maybe dust and stuff... Both times we drove past, it seemed like it was very hazy, I'm guessing dust and sand in the air. It was very windy.

I've asked both inside the industry and government for the numbers for the windmill farms that are being put up around the province. No one will come clean about install and maintenance costs. :S

I did a rough calculation based on the Wikipedia article that ~640GW/h per year is $12M and ~336GWh is $6M in annual revenue based on the cited $200/MWh per year number? So, $18M/Year on a $2.2B "investment" am I on or off with the numbers?

Then, there's the stats that blew me away on the volume of natural gas the plant consumes to heat things up prior to producing solar energy.

One has to wonder if there was ever a plan for the plant to be profitable.

@scottalanmiller said in I think I am missing something about Hyper-V....?:

@storageninja said in I think I am missing something about Hyper-V....?:

@phlipelder said in I think I am missing something about Hyper-V....?:

Why Hyper-V? We don't have to pay anything extra to build-out a virtualization platform for one.
We've done well with Hyper-V and Storage Spaces.

Storage Spaces Direct is Datacenter licensing only. If you have core dense platforms this gets expensive.

And it isn't production ready, and doesn't have production readiness on its roadmap. And that's right from the MVPs. It's a joke that MS released way too early with no way to get working. In the enterprise space, it's essentially non-existent and those that have used it have been burned big time.

Microsoft knows what's happening with their products and how they are being used.

Cosmos Darwin: Storage Spaces Direct: 10,000 Clusters and counting

There are deployed to production S2D clusters out there. And, like everything else out there, there's always first-run jitters and issues.

We've seen issues in all Windows Server versions out of the box since 2008 R2 RTM and even earlier.

VMware has had some spectacular bugs with one of the latest brought to light by Veeam with data loss a very real possibility.

No software product out there is perfect. That does not excuse the early release cycles that we are seeing from many vendors not just Microsoft.

As far as licensing S2D goes, we SPLA the DC license with our SMB deployments starting at 10-15 seats and up. They are also great ReFS repositories for Veeam (something they request to have under their backups).

@kelly Link broken. It's here: https://bastiontechnologygroup.com/2018/07/26/colorado-data-privacy/

@fiyafly said in What Are You Currently Reading Outside of Tech:

@phlipelder said in What Are You Currently Reading Outside of Tech:

@obsolesce said in What Are You Currently Reading Outside of Tech:

@phlipelder said in What Are You Currently Reading Outside of Tech:

@obsolesce said in What Are You Currently Reading Outside of Tech:

Drove by this going to/from Vegas. Finally looked in to it. Pretty interesting.
https://en.wikipedia.org/wiki/Ivanpah_Solar_Power_Facility

Woah … $2.2B cost.

Ya insane, and it's not even producing close to the output they planned for.

Maybe dust and stuff... Both times we drove past, it seemed like it was very hazy, I'm guessing dust and sand in the air. It was very windy.

I've asked both inside the industry and government for the numbers for the windmill farms that are being put up around the province. No one will come clean about install and maintenance costs. :S

I did a rough calculation based on the Wikipedia article that ~640GW/h per year is $12M and ~336GWh is $6M in annual revenue based on the cited $200/MWh per year number? So, $18M/Year on a $2.2B "investment" am I on or off with the numbers?

Then, there's the stats that blew me away on the volume of natural gas the plant consumes to heat things up prior to producing solar energy.

One has to wonder if there was ever a plan for the plant to be profitable.

If you want to hear some interesting facts about clean energy, really look into nuclear. It is, hands down, the cleanest and most efficient energy we have today. Those images and such you see of clouds of smoke coming out of them? That's steam.
As far as I can tell, there are only two things keeping us from using nuclear more. Waste disposal, and people's fear of it.

The CanDu Heavy Water Reactor is probably one of the most energy efficient setups out there. Plus, it's a lot safer than the tech being used in the US and elsewhere in the world. It's another example, like the Avro Arrow, of Canada dropping the ball on marketing an awesome product. It's also a lot less expensive dollar and environment wise than the mainstream tech being used in the US today.

Folks tout Hydro as the best but seem to forget that the environmental impacts can be just as extreme depending on the habitats and ecosystems upstream from the dam.

There's a lot of tinfoil hattage around fusion, but the fusion donuts seem to be one of the best ways to move forward if the brains behind the research can figure out how to make it work consistently.