@WrCombs said in HDMI Monitor suggestions:

Just finished Moving from Windows 7 Desktop to Windows 10 Laptop as the daily driver at work.
only thing i'm missing is my second screen and that's cause I'm missing the HDMI port on the Monitors we have here.
My Boss is going to buy what ever screen I pick out, with that said, what are your suggestions for a new monitor that is compatible with HDMI? (Which should be any recently made monitor, right? )

If going with a new monitor, I've always been partial to Dell 24" U2419H line. Nice color, crisp, clear.

@black3dynamite said in Securing SSH:

@DustinB3403 said in Securing SSH:

@black3dynamite said in Securing SSH:

@DustinB3403 said in Securing SSH:

@pmoncho said in Securing SSH:

@black3dynamite said in Securing SSH:

On my Fedora laptop and desktop this is what I do.

# Generating a new ED25519 key with a password
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname)_$(date +%Y-%m-%d_%H:%M:%S%z)" -f ~/.ssh/id_ed25519

May be a stupid question but, should we use passwords?

You can, but you'd have to enter that password every time to connect using your SSH key.

Unless use ssh-agent.

How is ssh-agent storing your keypair password? It would have to be plain-text, wouldn't it? Which kind of defeats the point of adding a password to the keypair if the password for the pair is in plain-text. . .

It's not stored in plain-text.

https://www.emtec.com/ssh/agent.html

Well damn. This is interesting to know. If that is the case, it just may be beneficial to use a passphrase if only done once per 8 hours. I can handle that.

@WrCombs said in What Are You Doing Right Now:

Apparently we need a VGA Splitter Today/Right now for something tomorrow. Just found out, so Now, I'm calling local Hardware companies trying to find one that we can pick up.

It is these situations where I actually miss the nearest Radio Shack. Not the best parts but 99% they had what I needed in a pinch.

Another company on Youtube is Crosstalk Solutions

He has a series from Kevin Houser who wrote the book "The Unauthorized Guide To Ubiquiti Routing And Switching Vol1"
This series shows you how to set up and configure your Edge Router from start to finish along with networking concepts.

I highly recommend this series. It starts here:

Youtube Video

*Edit = I am going to rewatch the series as it has been a while and I want to reconfigure my Edge router to setup a second AP Lite plus secure my network at home a little more.

@dashrender said in What Are You Doing Right Now:

@dustinb3403 said in What Are You Doing Right Now:

Wondering why the heck anyone would sell a microserver, and then to make it worse it has no server functionality at all.

No out of band management, no capacity for raid (besides Windows) or Linux MD (which I can't use Linux) oh and then a Windows 10 Pro license with it as well...

and what makes it a "server"?

My guess is the label, marketing or lead salesman.

@dafyre said in Random Thread - Anything Goes:

@travisdh1 said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

Ditto. But it still got stolen. I tried to use Google Pay and it was rejected, so I switched to credit card and used mine.

The local bank came up good for me though. I had the $$ back in my account a day later.

Ug bad website stealing cc info

Actually, it was a gas station here in town. Several other folks I know had something similar happen over a few days, so let's just say I won't be going back there, lol.

Someone has a skimmer on the pump you used

Except it was the inside card machine in this case, not the pump.

I just stopped in for a snack, lol.

Sounds like an inside job.

@dashrender said in Random Thread - Anything Goes:

@nadnerb said in Random Thread - Anything Goes:

So sad but true!

Why do so many companies have to hear it from an outsider before they believe it?

We will have your answer when we figure out why kids will listen to their friends and friends parents vs their own parents.

@scottalanmiller said in What Are You Doing Right Now:

@Dashrender said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

We had an exciting night. 6.8 magnitude earthquake hit in the Pacific just off shore. That's the fifth largest in Nicaragua history. It shook Honduras and Salvadore, too. We are in Leon, which is really close to the epicenter (about as close as western Managua) and wow did we feel it!

How many earthquakes is that now since you moved? 2-3?

We've had at least two days with over ten quakes each. I'm sure we're over 100 since we moved here.

Apparently that scorpion knew the earthquake was coming and possibly wanted you to protect him.

@dbeato said in Powershell - Find GPO's for specific Group:

@pmoncho said in Powershell - Find GPO's for specific Group:

@dbeato said in Powershell - Find GPO's for specific Group:

Aside from the script you are looking for, is there a reason why the delegation is that way or are you trying to limit access to those GPOs? Or cleaning them up?

Its all of the above.

I created multiple GPO's (limiting the scope of each GPO) that affect only certain groups on the same RDS server. This is due to the upcoming changes in our LOB application and moving to our new 2019 RDS servers. I wanted to make it as easy for my internal users and external remote clients to have what the need while limiting access as much as possible (yes, I do believe I over-complicated things).

The main reason for the script was cleanup. It was rough finding the groups I delegated to each specific GPO's instead of fumbling through each one.

I see, make it then a habit also to document changes That will help ( I know I am stating the obvious) but it comes to bite you in the rear end a lot of times if not in place.

You are NOT kidding. I had a decent doc going but a little laziness and getting side tracked by management, and here we are! ugh! Lol

ESXI 5.5 Essentials with local storage and NAS datastore's

In prepping for an upgrade to ESXI 6.5 I am going through the VM's on my three hosts.

For my current 2008R2 Fileserver VM ( with SW Network Monitor and Email server) named filesvr1, I found out the following data locations;

Local Datastore folder filesvr1 has 3 of my hard drive files (vmdk files)
NAS Datastore folder filesvr1_1 has 4th hard drive (vmdk file)
NAS Datastore folder filesvr1 has the config and log files

I want to combine the filesvr1 folder on the NAS datastore with local datastore folder.

1. My first thought is to just move the config/log files from the NAS to the local datastore, change the .vmx file to point the .vswp filename but don't know if that is possible.

2. Remove from inventory, move the files together in the same folder on the local datastore and then add back to inventory. I believe vCenter will fix the .vmx file???

3. Clone to a different host on a single datastore and then clone back to original host.

TIA

@Dashrender said in Does VDI Conquer the Dashrender Challenge?:

@scottalanmiller said in Does VDI Conquer the Dashrender Challenge?:

@Dashrender said in Does VDI Conquer the Dashrender Challenge?:

We constantly see people saying 'never publish RDP to the internet' - but how much of that is just fud, and the real issue is poor passwords and no lockout policy?

That's FUD. RDP is a fully secured protocol. It is wrapped in SSL, so already inside a VPN tunnel. It is as secure as anything else.

RDP has a tendency to be a high profile target, which is still not a big deal.

The biggest issues with RDP are that...

1. Microsoft's implementation of an RDP server lacks common sense security to lock out brute force attacks. Like how fail2ban protects SSH.
2. End users of RDP tend to be "Windows users" and that user group is notoriously incapable of doing things properly so tend to use weak passwords that never change on publicly exposed services.

If you treat RDP like you normally treat SSH (smart users, good security) they are equally secure.

I've held this belief for many years.

I have had so many sudo-Jared FFS's by at least 5 other security individuals about this subject over the last 15 years. I try to state the logic behind RDP with good passwords and lockout (RDP Guard) but get the "No Direct RDP connections" that is so ingrained in the security mantra.
It has just become a dead talking point for me.

I just tell the doc's, "I have no problem spending more of your money that other "experts" want to rip from your pocket."

@nashbrydges said in New Client - Windows 10 Upgrade Path:

• There are 5 different types of PC configs each with its own set of installed applications (and just to add to the fun, they haven't been able to locate the install media for all of those applications)

You may want to download and run the compatibility tool first. Some of the installed apps without media may be incompatible.

I've run into a few apps that were removed after a Win10 upgrade.

@JaredBusch said in Follow along with Scott, Emily, Madeline, & Dominica on the Grand Tour of Europe 2:

@pmoncho said in Follow along with Scott, Emily, Madeline, & Dominica on the Grand Tour of Europe 2:

@scottalanmiller said in Follow along with Scott, Emily, Madeline, & Dominica on the Grand Tour of Europe 2:

@Dashrender said in Follow along with Scott, Emily, Madeline, & Dominica on the Grand Tour of Europe 2:

@scottalanmiller said in Follow along with Scott, Emily, Madeline, & Dominica on the Grand Tour of Europe 2:

i'm calling it the "turkey sandwich" tour of Europe. Every other meal is a standard turkey sandwich and fries like they'd make at home.

That's hilarious! I was going to ask if they are just trying to eat healthy, until I saw the fries thing...

They are complaining that they cant get anything unhealthy enough.

I don't think they are looking at the menus long enough. Heck, chicken, meat with some type of butter/cheese/olive oil sauce will bump up the unhealthy meter rather quickly.

Or

Your just going to to many darn health restaurants screwing with vacation eating habits.

If that is your definition of unhealthy, you are not American.

That is just the tip of the iceberg.

Figure turkey and some fries comes in around 700 calories. Add some meat(chicken, pork, steak) with a cream sauce, it will bump to 1700 calories with 40 grams of fat.

We can get to 2400 calories if we ad a Caramel Frappacino with whip.

Also, don't forget the Vanilla Bean Cheesecake with extra whip. I am now up to 3200 calories and about 75 grams of fat.

Oh.... Don't forget the beer and glass of wine before dinner either.

That was Monday nights dinner minus the Turkey sandwich. I definitely eat like the American I am. :winking_face:

It seems the going consensus is one big RAID10 (OBR10) with platter based drives and RAID5 with SSD's.

In certain cases and depending on the size of your data, pricing for SSD's with RAID5 is close if not cheaper than OBR10 with SAS drives.

Side Note - Are you virtualizing these servers? Virtualization opens up many doors even for single physical server offices.

@dafyre said in What Are You Doing Right Now:

@black3dynamite said in What Are You Doing Right Now:

@RojoLoco said in What Are You Doing Right Now:

Just found out that the mall in Stranger Things is Gwinnett Place, which is very near my house. That's why it looked familiar.

That’s cool. Season three was entertaining.

Planning to binge watch it with my wife on Sunday.

Just finished it up last night. Took a whopping 3 days mid-week. Damn entertaining show.

@jt1001001 said in Backup server - Software layout:

Watching this thread as I just acquired a Dell R510 loaded with 2TB spinning rust drives, perfect for a backup target

I would watch out if you are planning on using Hyper-V 2016 on older Dell's. My R310 will not run VM's in Hyper-V 2016.

@Dashrender said in Non-IT News Thread:

@mlnews said in Non-IT News Thread:

Franky Zapata: Flyboard inventor fails in cross-Channel bid

A French inventor has failed in his attempt to cross the English Channel on a jet-powered flyboard.
Franky Zapata, a former jet-ski champion, had been hoping to cross from northern France to southern England in just 20 minutes.
But the 40-year-old fell into the water halfway across as he tried to land on a boat to refuel.
He took off from near Calais on Thursday morning and was heading for St Margaret's Bay in Dover.
Mr Zapata was not injured when he fell.

Even though that stunt failed - it's still pretty awesome!

Combine the Flyboard with the Compact Fusion Reactor (should we say very Compact Fusion Reactor) and a user should be able to fly around the Earth without refueling. Ahhh.... 2050 here we come!

@aaronstuder said in Synology High-Availability Cluster:

@pmoncho the whole point of having 2 of them is so that if one of them fails, this location is still working fine.

I guess your question is, what if the whole cluster fails? That is something I have considered, that's why I am asking

I get it. That is why I have stayed away from all NAS products for anything other than backup storage.

I have tested Synology and it sure is a nice product. I guess it also comes down to, can the money be spent wiser elsewhere, like a SAM-SD?

My oldest server will be EOL and without support soon so I am looking a building a SAM-SD as I feel it will perform better than purchasing a new NAS. Plus I can find a duplicate server for spare parts on Ebay cheaper than the NAS I want to purchase.

@DustinB3403 said in What Are You Doing Right Now:

Also just what I want to continue, the practice of kitchen staff touching filthy paper orders/receipts while they prepare the food that goes into my body.

I'm not sure there is a difference between the paper orders/receipts vs multi-user tongs, spatulas, counters, pump sauce dispensers and even touch screens. Seems the paper orders is the least of your worries.

@scottalanmiller said in Handling DNS in a Single Active Directory Domain Controller Environment:

@stuartjordan said in Handling DNS in a Single Active Directory Domain Controller Environment:

I believe the forest level with Samba can only be 2008R2 though.

Sure, but what does that really affect? Forest level limitation is nothing like an old code limitation. Nothing wrong with using a 2008 R2 Forest level.

If I am reading this correctly, I believe Samba 4.4 and higher can go to 2012 R2.

https://wiki.samba.org/index.php/Raising_the_Functional_Levels