Topics created by sn

Thank you all, we are evaluating Bitwarden and Keeper Security at the moment.

It took me a while to revisit this issue though i have managed to address this issue using multiuser SMB mount.

In essence, you would add the mount point to the fstab using the multiuser and ntlmssp options and then you would run
the cifscreds command to authenticate a specific user against the SMB server at the time of login so that that user would be able to see only those sub-folders/files which he/she has access to under the smb mount.

I use Comodo one to do this for my clients. It has a patch management feature.

Greetings folks!

Nice to see a few of you contributing to various JumpClodu threads. Let me give you a bit of background on 'why Servers' with JumpCloud...

Roll back time: It's where we began. The original instantiation of JumpCloud was to provide a central authentication and management console across Linux/Windows servers in any cloud service (e.g. AWS, Google Cloud, Rackspace, Softlayer and so on). The main thrust of what we were doing/offering (and still offer) fairly progressively, was to provide REST services to stimulate the efficiency of large-scale server infra - and mainly very ephemeral infra. The use cases varied but generally speaking, DevOps guys would bake our image into an AMI or similar image, and when they would light these up, they would perform initialization routines against the JC Directory....drop users accounts on, enable POSIX Groups, deploy sysadmins SSH keys, etc etc. It became a 'thing' and basically obviated the need for LDAP servers and wrangling with PAM. Yes, there are super elegant methods for this now....but mainly codified. e.g., Chef, Puppet, Salt, etc. These are actually used in concert with us but there is overlap.

FWIW, feel free to geek on this KB and go play with our APIs and SDKs on Github:
https://support.jumpcloud.com/customer/portal/articles/2429680

This use case is still extremely important for our customer base. We see a typical pattern of companies evaluating us, driven by DevOps where they get to get 100's or in the case of quite a few customers of our larger customers, 1-2K virtual servers. They find success and this bleeds to general IT *(e.g. those servicing rank and file employees and their personal systems, networks and apps).

So that's effectively the story, absolutely feel free to ping us to go deeper in the server management side of things!

Greg

@JaredBusch

After spending a couple of days with FreePBX VM, I came across with a VoIP provider here in Sydney and ended with a $15/month plan with them (https://au.evoice.com/).

Basically, I got a number to dial in which is now forwarded to 3 mobile numbers and configured to ring only 10 seconds on each mobile (voicemail normally kicks in after 20 seconds or so and I am testing the service at the moment).

@sn said in 1 year after my IP phone implementation, I am bit sad now..:

https://mangolassi.it/topic/11807/things-to-know-before-you-start-installing-freepbx
Thanks JB! I think that is what I should begin with!!

It obviously applies to any PBX deployment. Good luck.

@sn said in Virtual Data Room recommendations:

@scottalanmiller Technically "virtual data room" is similar to file server and primarily accessed over a browser session. In addition to the standard file server features, it may also include features like-

Bulk watermarking of documents "View only" mode for documents Real time activity logs Remote document shredding Fenced view to protect documents from someone taking a photo of the monitor with document open Q & A section and live discussions etc.

From a usage perspective, our "virtual data room" is shared between a bunch of firms (like insurers, lawyers, auditors, investors, engineering and construction companies etc) with different access levels who are working towards the completion of a specific project which may take 2-5 years to complete (please note, we are into wind/solar farm development). So I surely do not want all these guys on my file server doing crazy things like creating users and modifying originals.

At the moment, I am thinking of evaluating https://www.idealsvdr.com/virtual-data-room-features/ to see if they are worth switching from my current provider.

Interesting. Seems like a mistake in terms. Why does being available over "web" make it "virtual". Seems like a marketing term. I don't see anyone but Citrix using it, and Citrix has a trend of totally making up and misusing terms. Citrix' use of "virtual" is the industry standard for "wrong". I have a feeling that this isn't a legitimate term. Looking at the wikipedia entry for it, it looks very suspect. And the definition doesn't feel right - a specific access technology for something so general wouldn't be appropriate. And the lack of other products or vendors using the term for something so common and normal is suspicious. For example, Sharepoint and Alfresco have been doing this for forever, but never use the term.

Hey Sn,

https://webfx.co.uk/

I'm doing a lot of work with these guys at the moment. One of the owners is based in Australia so could be a great fit.

Small team, really committed, I can PM you with details if you like.

@larsen161 From a security perspective, I wanted to use separate u/p for my email system and archives.

Later, Backupify did tell me that they were planning to implement 2fa in 2017 but I would wait for it to happen to believe it as I have been chasing this feature since 2012!

The Synology box just arrived and now on my table and RAID 7 is a bit too little too late.

RocketChat is very nice.

@sn said in Learning Azure:

That is why I was looking for Azure in the first place.

Then drop Azure and switch to Vultr. No reason to even have Azure on the table. I know that people looking at Windows virtualization often jump to it, same as they do with Hyper-V, because of the "Microsoft" association. But it is a very bad choice here and should not even be on the short list. Vultr is drop dead simple, there is nothing to learn. Just set up your VM and go. You are in better shape out of the gate than you are spending lots of time learning how to deal with Azure. Even if you learn Azure extensively you will be overpaying for a more risky service than you would get with Vultr because Azure is not even meant for this use case.

@Reid-Cooper said in Alternative option for Sophos XG 230 Security Appliance:

@sn said in Alternative option for Sophos XG 230 Security Appliance:

Are there any yearly subscription charges involved with Edge Routers to maintain the firewall features working or is it going to be a one time purchase?

All EdgeOS features are inclusive. Nothing is licensed separately and everything is included in the hardware, no license needed even for the base package. EdgeOS is free, you could get it on its own, but it is only built for the EdgeRouters so if you don't own an EdgeRouter hardware you'd be on your own to get it to install on something. So they have no need to charge for the software separately from the hardware.

Statements like this need to be tempered by the fact that an EdgeRouter is not a UTM. It's just a router/firewall. This isn't meant to downplay the EdgeRouter, but to ensure people understand the differences between it and something like the Sophos appliance this thread is about. i.e. the Edgerouter doesn't do antivirus scanning or web filtering. If you need these features, you'll need to purchase them through another means if you use an EdgeRouter. Many here would say that's the better way to go anyway, one device, one function (at least in this case).

@sn NP.

@stacksofplates said in Remote management client for KVM/QEMU:

@sn said in Remote management client for KVM/QEMU:

@sn said in Remote management client for KVM/QEMU:

Thanks mates!
I am going to try Webvirtmgr!

I have managed to setup Webvirtmgr but I should say it was a hard one compared to installing ESXi and connecting it using vSphere client. Is this the way KVM works?

I thought it should be something similar to VMWare in terms of "ease of use"!

Did you setup NGINX or did you just use the SSH tunnel? The tunnel is much easier to configure.

SSH Tunnerl is probably easier... But I already had ZeroTier on the host so I'm just connecting over that.

@wirestyle22 said in $200 firewall:

Also purchasing a bunch of their switches as we are on 10/100 switches currently.

I suspect that people will notice the improvement pretty quickly.

I've never used a visual editor with MediaWiki. But getting MW itself working was not a problem.

Even I've got workflow apps running and a new one is being built over the weekend by a friend for quoting. So quick and easy.

@sn said in How to sync MSSQL with Maria DB:

@scottalanmiller said in How to sync MSSQL with Maria DB:

Did any of these resources end up getting you to where you needed to be? Or are you still looking for more guidance?

We wrote a PHP script and at the moment it is working the way we wanted. Script basically polls the MS SQL database every 10mins and looks for new records and copies to our local MariaDB. It was a great learning curve though 🙂

Thanks everyone for your help and suggestions!

Yup, that's probably about the best way to handle this.