Fix: Vultr blocks port 25 by default. You must open a support ticket with them to have them open it for you.

I am setting up Postfix on Fedora 29 to send notifications for dnf-automatic and fail2ban. This server is running on Vultr and I am trying to send from DomainB.com to DomainA.com. DomainB is a new domain that hasn't been used for anything and DomainA is our main email domain, setup on Office 365.

In the postfix logs, I am getting connection timed out -

Mar 18 17:19:41 HOSTNAME postfix/qmgr[4085]: EEE853EE90: from=<[email protected]>, size=465, nrcpt=1 (queue active)
Mar 18 17:20:11 HOSTNAME postfix/smtp[9703]: connect to domainA-com.mail.protection.outlook.com[104.47.48.36]:25: Connection timed out

I have tried disabling firewalld, but still have the same issue. Not sure where the hangup is. Any suggestions on what to check?

Finally got the SMTP unblocked. It applied to the instance (multiple servers) that needed to be hard reset in order for it to take effect. Afterward, I was able to send a test message out from postfix and received it. Thanks @dbeato @JaredBusch @scottalanmiller

@dafyre said in Office 365 Moving Emails to Deleted Items:

Just to be safe though, I did turn on User auditing. So we'll see what that reveals in a few hours...

Edit: or not. Apparently, my admin account doesn't have privileges to actually use the audit stuff, lol.

Yeah, you have to go in and add those permissions separately. Global admin is not global enough.

On a Fedora 29 server running on ESXi, I was getting this error.

SELinux is preventing vmtoolsd from entrypoint access on the file /usr/bin/bash.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that vmtoolsd should be allowed entrypoint access on the bash file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'vmtoolsd' --raw | audit2allow -M my-vmtoolsd
# semodule -X 300 -i my-vmtoolsd.pp


Additional Information:
Source Context                system_u:system_r:vmtools_unconfined_t:s0
Target Context                system_u:object_r:shell_exec_t:s0
Target Objects                /usr/bin/bash [ file ]
Source                        vmtoolsd
Source Path                   vmtoolsd
Port                          <Unknown>
Host                          wz00.domain.local
Source RPM Packages
Target RPM Packages           bash-4.4.23-6.fc29.x86_64
Policy RPM                    selinux-policy-3.14.2-51.fc29.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     wz00.domain.local
Platform                      Linux wz00.domain.local 4.20.16-200.fc29.x86_64 #1
                              SMP Thu Mar 14 15:10:22 UTC 2019 x86_64 x86_64
Alert Count                   3
First Seen                    2019-03-19 15:15:02 PDT
Last Seen                     2019-03-19 16:58:33 PDT
Local ID                      13a8d13b-300d-4729-94c4-d5c83a6f4a56

Raw Audit Messages
type=AVC msg=audit(1553039913.263:102): avc:  denied  { entrypoint } for  pid=931 comm="vmtoolsd" path="/usr/bin/bash" dev="dm-0" ino=268635479 scontext=system_u:system_r:vmtools_unconfined_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=0


Hash: vmtoolsd,vmtools_unconfined_t,shell_exec_t,file,entrypoint

I ran the commands that it suggested to allow this access "for now"

# ausearch -c 'vmtoolsd' --raw | audit2allow -M my-vmtoolsd
# semodule -X 300 -i my-vmtoolsd.pp

My question - Is this permanent? If not, how can I make this permanent?

I have been working on automating some of the off-boarding process. I have come up with this script that works, with the exception of carrying over the password variable from the beginning and using it in the Office 365 section. The password that I enter is 16 characters and should conform to the Office 365 password policy. Is it possible to carry that variable ($SecurePW) into the Office 365 side?

Import-Module ActiveDirectory
$sAMAccountName = Read-Host -Prompt "Enter sAMAccountName"
$SecurePW = Read-Host -Prompt "Enter a RESET Password" -AsSecureString

# Set AD attributes to hide user's O365 mailbox from address lists and change password
Set-ADUser $sAMAccountName -Replace @{msExchHideFromAddressLists = $true}
Set-ADUser $sAMAccountName -Replace @{MailNickName = "$sAMAccountName"}
Set-ADAccountPassword $sAMAccountName -Reset -NewPassword $SecurePW

# Connect to O365 and convert user's mailbox to shared
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Set-Mailbox [email protected] -type Shared
Connect-MsolService -Credential $UserCredential
Set-MsolUserPassword –UserPrincipalName [email protected] –NewPassword $SecurePW -ForceChangePassword $False
Remove-PSSession $Session

# Remove AD user from local groups
Get-ADUser -Identity $sAMAccountName -Properties MemberOf | ForEach-Object {
  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
}
Disable-ADAccount -Identity $sAMAccountName

The error I get is-

Set-MsolUserPassword : The password is invalid. Choose another password that contains 8 to 16 characters, a combination of letters, and at least one number or symbol.
At \\FP02\it\Scripts\Offboarding\OffboardingV1.ps1:13 char:1
+ Set-MsolUserPassword –UserPrincipalName [email protected] ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [Set-MsolUserPassword], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InvalidPasswordException,Microsoft.Online.Administration.Automation.SetUserPassword

@philmcdonnell PRTG

I am looking into PDQ Inventory to replace SW inventory.

@scottalanmiller said in USG Pro 4 and our Company Security:

So I would happily get onto the phone with this rep and your CEO if you'd like. CEO can be on mute. But I will only do a free "expose the scammer" call if someone with the authority to consider legal action is listening. But if the CEO wants to hear him get exposed lying in real time, I'm happy to make that call.

Time for a party call!!

@notverypunny said in Server Monitoring:

@scottalanmiller said in Server Monitoring:

@notverypunny said in Server Monitoring:

On the monitoring topic, has anyone gotten Zabbix to work reliably without installing an agent?

Why would you try? Having an agent is part of the benefit. Agent means easier to manager, and more reliable.

Was thinking a test deployment might be easier if it's just a matter of setting up a service account and pushing permissions via GPO

If you were pushing permissions via, you could have a software install GPO for the agent.

@jmoore said in Questions on UDP, Guest WiFi, LAN, and Unifi.:

@JasGot said in Questions on UDP, Guest WiFi, LAN, and Unifi.:

Guest Isolation

As recommended in their guide, I would try the guest network option first. No need to make things more complicated if you don't need to by using vlans.

If these policies are using isolation, they should be blocking access to everything but the DFG IP. I think this is an either or scenario.

@jmoore said in USG Pro 4 and our Company Security:

@wrx7m $75 a month, just internet though, nothing else bundled

I pay about $50 for 100/100 from Frontier FiOS.

I have 1 Dell Latitude 7490 with Windows 10 (8th gen i5 with 32GB of RAM) and a chronic (and random) issue where Excel 64-bit's sheets don't display the entire contents of the sheet. It just leaves a gray blob after a certain point. This has been going on for several months now, across several updates/versions of Office and drivers. In the sheet below, it was in protected mode. As soon as I hit enable editing, it redrew the sheet and it seems fine. I have also had other issues on this system where all Excel windows turn blank gray.

I have done the following:

• updated display drivers
• updated BIOS
• updated Office
• updated Windows
• disabled hardware acceleration in Excel
• disabled comm add-ins in Excel
• uninstalled/reinstalled Office
• run hardware diagnostics (pre-os)
• RE-IMAGED the laptop (MDT/WDS)

Is there any way to fix this?

This is the only known issue with this update. Seems like you wouldn't want this to happen either lol

@Obsolesce said in Windows Services not restarting:

@WLS-ITGuy said in Windows Services not restarting:

Anyone else having issues with services not restarting after a server reboot?

On 3 separate servers now, a bunch of services that are indeed important for that server haven't restarted. Looking at logs and nothing jumps out. Just curious if this is happening anywhere else?

This has been going on for quite some time on Windows servers as far as I can tell.

If the services aren't restarting, you aren't rebooting. Try pulling the plug.

I think he means that the services are not starting automatically after a reboot.

@notverypunny Yeah, monitoring first. Where is the bottleneck? Is it CPU, IOPS, RAM, network, all of the above? Which servers are overloaded? Is it one or multiple RDS servers or the file server?

@IRJ Yay! Someone else that uses Nano.

@black3dynamite said in How to configure automatic updates on Ubuntu 18.04 LTS:

@IRJ said in How to configure automatic updates on Ubuntu 18.04 LTS:

@black3dynamite said in How to configure automatic updates on Ubuntu 18.04 LTS:

Thank you for the how-to.
I am too spoiled on how to configure auto updates for Fedora and CentOS.

yeah this is actually easier than fedora imo

I don't know about that. I've done so many setups now that I script it.

# Install dnf-automatic
sudo dnf -y install dnf-automatic

[email protected]
[email protected]
EMAILHOST=smtp.domain.com
sudo sed -i "s|^email_to = root|email_to = ${EMAILTO}|" /etc/dnf/automatic.conf
sudo sed -i 's|^apply_updates = no|apply_updates = yes|' /etc/dnf/automatic.conf
sudo sed -i 's|^emit_via = stdio|emit_via = email|' /etc/dnf/automatic.conf
sudo sed -i "s|^email_from = [email protected]|email_from = ${EMAILFROM}|" /etc/dnf/automatic.conf
# Enable and Start dnf-automatic.timer
sudo systemctl enable --now dnf-automatic.timer

stealing this

We are looking at deploying a couple of large 55-65 inch digital signage displays in different areas. One will be in our e-commerce department displaying a custom web page dashboard. I hope to also get one for my office that I can use to display a web page dashboard. We would also be looking to put one in the lobby with some brand-related images/video I have looked at Philips and Samsung. Recommendations on display hardware would be appreciated.

https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-updates-are-causing-windows-to-freeze/

Looks like it isn't just Sophos.

@dave247 said in Any good DRaaS suggestions?:

@PhlipElder said in Any good DRaaS suggestions?:

@scottalanmiller said in Any good DRaaS suggestions?:

@PhlipElder said in Any good DRaaS suggestions?:

A quick "hack" way to do it would be to sync a copy of the SP files to a repository and have that repository hooked into BackBlaze. They would then be sync'd up to BB. Cost wise, it would be cheap, cheap, cheap.

That's good for the backup portion. But for full DR you have to handle the recovery, hosting, networking failover and those parts. That's where "putting it all together" comes in.

SPX supports instant-on via file convert to VHDX/VMDK. Having those files sent to a DR site that is set up to fire the VMs up on short order would work well.

And on the StorageCraft side of things, we've been a partner since the v3.x days. Their product was second to none for the longest time. We pulled off some spectacular recoveries because the product was just that good. It still is to some degree, it is just that managing in-guest backups for more than six or eight VMs gets to be a bear after a while. Dedupe and Compression in Veeam has saved us gobs of storage.

As far as StorageCraft goes, it became noticeable that things were going awry when their Partner mailers were promoting third party webinars and "grow your MSP" type stuff. In the v3.x, v4.x, and v5.x days the product was king with in-person training being awesome and costly but worth it.

The fact that Veeam secured $500M in investments recently points to where all the action is today. All backup vendors whose products don't work well, and believe me there are a lot of them which is really sad, are put on notice and I, IMNSHO, am very happy about that.

Thanks for the input. I am still strongly considering Veeam as an option.

I have been using Veeam for several years now. I don't use this feature, but definitely check out the Cloud Connect option. It transfers the management of a set of your backups to an off-site partner.
https://helpcenter.veeam.com/docs/backup/cloud/cloud_overview.html?ver=95u4