|
I would say it really depends on your underlying disk storage (performance and redundancy) as well as your RTO and RPO for that data.
|
#
?
Jun 5, 2014 14:24
|
|
|
|
| # ? Apr 29, 2024 13:15 |
|
|
I have started keeping drives to 1TB max for VMware reasons (snapshot overhead, etc.) but that is also because we have to expose some of the LUNs of our SAN (I think that is the right terminology?) for some of our apps.
|
|
#
?
Jun 5, 2014 14:26
|
|
|
CLAM DOWN posted:Historically I've kept each disk to 2TB max but something tells me that was originally done because of a VMware limitation in <5.0. I don't see a problem with large single disks provided they're LUNs on a SAN so you get that redundancy and performance. And honestly even in Vmware when you get to the point of supporting > 2TB it's still a bit janky (maybe it will all be better in the 6.0, who knows)
|
|
#
?
Jun 5, 2014 15:59
|
|
|
We're on HyperV and it is fine with an 8TB LUN/disk. Basic setup will be EMC VNX SAN -> HyperV, with the option to have a duplicate copy kept in sync via RecoverPoints to our DR site. This should mean that if something happens to the file server on one side, I can bring up an identical copy from DR. So redundancy isn't an issue, it's more that disks that size seem unwieldy and potentially poo poo to manage. But that is probably just me being an old man stuck in the past.
|
|
#
?
Jun 6, 2014 02:04
|
|
|
We routinely do >8-9TB VMFS with no issues. Our biggest guest presented LUN for a 2012r2 file server is 9.1TB which also doesn't have any problem. 
|
|
#
?
Jun 6, 2014 17:38
|
|
|
Nitr0 posted:We routinely do >8-9TB VMFS with no issues. I see you are running Nimble. 
|
|
#
?
Jun 6, 2014 17:50
|
|
|
 Love nimble. Have 3 identical to this and it's the best.
|
|
#
?
Jun 6, 2014 18:04
|
|
|
Nitr0 posted:We routinely do >8-9TB VMFS with no issues. I was talking about about > 2TB vmdks, they are still somewhat janky.
|
|
#
?
Jun 6, 2014 18:50
|
|
|
Also do multiple vmdk's over 2tb without problems on 5.5U1.
|
|
#
?
Jun 6, 2014 18:52
|
|
|
I will be doing some testing with a big fuckoff sized VMDK sometime soon (5.5u1 as well). Probably 25tb. Should be interesting.
|
|
#
?
Jun 6, 2014 20:08
|
|
|
Question for the SCCM people here. I'm running into an issue where any new package deployments will sit at 0% or "downloading information" and never move. Looking at the local logs, all our clients are getting "404, Not Found" "0x87d0027e". I test the site link and it pulls up just fine and has all the correct permissions. I've checked out the TechNet forums and the only answer I've found has been to rebuild the DP or the whole site. I've tried rebuilding the DP but still no luck. I was hoping someone else has a better answer before I redo the whole site. Server 2008R2, SCCM 2012 SP1 Admittedly this would be a good excuse to upgrade everything to 2012R2.
|
|
#
?
Jun 9, 2014 17:42
|
|
|
Sacred Cow posted:Question for the SCCM people here. I'm running into an issue where any new package deployments will sit at 0% or "downloading information" and never move. Looking at the local logs, all our clients are getting "404, Not Found" "0x87d0027e". I test the site link and it pulls up just fine and has all the correct permissions. I've checked out the TechNet forums and the only answer I've found has been to rebuild the DP or the whole site. I've tried rebuilding the DP but still no luck. I was hoping someone else has a better answer before I redo the whole site. Check that the packages are getting uploaded to the distribution points; you may only have the one SCCM server but it will still want to "upload" to the DP.
|
|
#
?
Jun 9, 2014 19:41
|
|
|
Sacred Cow posted:Question for the SCCM people here. I'm running into an issue where any new package deployments will sit at 0% or "downloading information" and never move. Looking at the local logs, all our clients are getting "404, Not Found" "0x87d0027e". I test the site link and it pulls up just fine and has all the correct permissions. I've checked out the TechNet forums and the only answer I've found has been to rebuild the DP or the whole site. I've tried rebuilding the DP but still no luck. I was hoping someone else has a better answer before I redo the whole site. I've had luck trying a different domain admin username/password and seeing if the deployments start than. Don't know how/why this works. When I switch back to the old login it seems to start working again.
|
|
#
?
Jun 9, 2014 21:20
|
|
|
What's the general consensus on securing domain controller to domain controller traffic with IPSec? I'm tired of having a constant back and forth with my Firewall guy about what ports are needed and which ones aren't. In my mind it would just be simpler to secure everything with IPSec and be done with it.
|
|
#
?
Jun 9, 2014 22:57
|
|
|
On the Firewall or router, make a policy to allow all of these goddamn ports between the two domain controller IP addresses. On most modern firewalls, you can do this for either the ports or "all/any" traffic. I usually do "all/any" over a site-to-site (Branch Office) VPN tunnel. If you want to restrict ports, read that article on how you'll have to change the replication port on your Domain Controllers (hint: don't do this.) If the secondary domain controller is a branch office, consider a Read Only Domain Controller on Server Core, which also reduces vulnerability footprint.
|
|
#
?
Jun 10, 2014 00:30
|
|
|
Gyshall posted:On the Firewall or router, make a policy to allow all of these goddamn ports between the two domain controller IP addresses. On most modern firewalls, you can do this for either the ports or "all/any" traffic. I usually do "all/any" over a site-to-site (Branch Office) VPN tunnel. If you want to restrict ports, read that article on how you'll have to change the replication port on your Domain Controllers (hint: don't do this.) Trust me, if the guy I'm dealing with was sane, this would have been done months ago 
|
|
#
?
Jun 10, 2014 02:38
|
|
|
So guys, what's considered the best Active Directory management software out there now? (Domain level 2008 R2).
|
|
#
?
Jun 10, 2014 14:00
|
|
|
Active Directory Users and Computers? Sites and Services? What are you looking to do?
|
|
#
?
Jun 10, 2014 14:33
|
|
|
Gyshall posted:Active Directory Users and Computers? Sites and Services? What are you looking to do? ADUC replacement. Better management & reporting, any type of automation for common tasks, faster ways to do things in general. Here is what I was looking at: http://www.manageengine.com/products/ad-manager/ Macintyre fucked around with this message at 14:38 on Jun 10, 2014 |
|
#
?
Jun 10, 2014 14:35
|
|
|
Check out SolarWinds. They have some software that will do some neat reporting with AD and give you some different view options. Not sure on the cost, might be able to get it as a freebie from them.
|
|
#
?
Jun 10, 2014 14:36
|
|
|
Macintyre posted:ADUC replacement. Better management & reporting, any type of automation for common tasks, faster ways to do things in general. We use this at my company and it's made gathering reports a lot easier. We're a small group with a lot on our plate and all this is really doing is saving us from having to go out and find PS scripts and modify them for our environment. Also, thanks hihifellow and BaseballPCHiker but still no luck  . I've started building a new server to host a fresh SCCM 2012R2 which I'm hoping will finally solve this 0% issue. I wish I knew what caused it since everything was working fine up to about a month ago and all other CM service are working just fine.
|
|
#
?
Jun 10, 2014 15:12
|
|
|
Excel + Powershell will pretty much completely replace any interaction you might have with ADUC, and you don't have to learn any new software. Those third party replacements can't do anything you couldn't do with PS anyway, and Excel is unmatched for most reporting functions.
|
|
#
?
Jun 10, 2014 17:14
|
|
|
I've used AD Manager for years, it's a cheap enough license, and easy to use. I have been using a ton of power shell lately, but it's still handy to have around.
|
|
#
?
Jun 10, 2014 17:55
|
|
|
I discovered the wonder that is MDT yesterday, and my god, I don't know how I lived with out it. I've been using WDS and WSUS for the last few years to automate a basic deployment process always thinking that the automated software deployment side of things was either the absolutely basic Group Policy deployments or having to pay for SCCM (which isn't happening in our company). Knowing that I can push out an updated image that automatically runs through however many WSUS cycles it needs to to get up-to-date without a single touch beyond booting off PXE is awesome. Thank you guys for giving me the information in this thread to push me to investigate it as an option.
|
|
#
?
Jun 10, 2014 19:06
|
|
|
At one place I work, MDT/SCCM is in full swing and it is amazing. I want to drown in its alphabet soup manna from heaven. At the other place, they're looking to get it set up "mid-2015." 
|
|
#
?
Jun 10, 2014 20:51
|
|
|
The TechEd 2014 recordings are up now: http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014#fbid= I know what I'll be watching once the NHL playoffs are over.
|
|
#
?
Jun 11, 2014 19:23
|
|
|
Jadus posted:I know what I'll be watching once the NHL playoffs are over. They already are dude 
|
|
#
?
Jun 11, 2014 19:36
|
|
|
LmaoTheKid posted:They already are dude
|
|
#
?
Jun 11, 2014 19:48
|
|
|
Crossposting this from the general IT thread, it got lost amidst job interview discussion: How do you guys manage file server quotas? I'm talking central file servers with hundreds of shares and in the many terabyte range. Do you thick or thin provision quotas on drives, ie. say you have 100 quotas on drive D:, can every quota reach 100% and not overfill the drive? This is a Windows Server 2008 R2 file server, not that it matters because this is more a matter of policy.
|
|
#
?
Jun 11, 2014 22:40
|
|
|
This is pretty dumb. I have administrative tasks on two domains. (I'm a password resetter/unlocker) I use Active Directory Users and Computers to manage accounts under corp.local and have a nice shortcut to dsa.msc on my desktop with a pretty icon. I wrote a batch file to run dsa.msc under different credentials for corp2.local runas /user:corp2.local\account %systemroot%\system32\dsa.msc I made a shortcut and I want it to have the same icon, but I can't seem to get windows to extract the icon graphic from dsa.msc. How do I make my desktop pretty? Where the hell does windows store that icon graphic?
|
|
#
?
Jun 13, 2014 04:29
|
|
|
Dr. Arbitrary posted:I made a shortcut and I want it to have the same icon, but I can't seem to get windows to extract the icon graphic from dsa.msc.
|
|
#
?
Jun 13, 2014 05:55
|
|
|
nexxai posted:Make a shortcut that just points to "dsa.msc" to use that icon, then update it with the full string you want to run after it's made. Doh. That was too obvious.
|
|
#
?
Jun 13, 2014 06:57
|
|
|
Dr. Arbitrary posted:This is pretty dumb. Just a heads up, all the cool kids use MMC with the AD Users and Computers snap-in turned on.
|
|
#
?
Jun 13, 2014 12:39
|
|
|
Is anyone using Work Folders yet in production?
|
|
#
?
Jun 13, 2014 15:51
|
|
|
How much free space do you keep on Windows vms? We have warnings setup when there is 10% remaining, but it varies a lot between the different clients depending on what hardware is available. As more of them are getting virtualized in the same couple of racks it seems wasteful to have 25%+ free space.
|
|
#
?
Jun 16, 2014 22:59
|
|
|
We get a 1% warning on the D: drive (nothing is installed to the C: drive). I've made comments to the senior members in our group about adding a 10% alert, but they pointed out two things 1) if you have to do that your file management plan is terrible and 2) now you're getting twice as many email alerts
|
|
#
?
Jun 17, 2014 04:12
|
|
|
Hadlock posted:We get a 1% warning on the D: drive (nothing is installed to the C: drive). I've made comments to the senior members in our group about adding a 10% alert, but they pointed out two things 1) if you have to do that your file management plan is terrible and 2) now you're getting twice as many email alerts I completely disagree with that. Although it depends on the size of your volumes I guess. If your LUN is loving massive, so 1% free space is still <a lot of terabytes> and you only grow by a gig a day, then sure, maybe it's fine. But in my experience most filesystems (including NTFS, since this is the Windows thread) start to get Real Mad when you allow them to grow that full and bad things happen. I'd much, much rather know when we're down to 10 or even 20% space remaining so I can either delete anything obviously wasteful, or make a plan to expand storage before it's a crisis. Sure, it's nice to get less email. But if that one email is "THE PRIMARY FILE SERVER HAS 50KB OF FREE SPACE  " you're going to be wishing you got notified at 20%.
|
|
#
?
Jun 17, 2014 04:35
|
|
|
Overhead is the name of the game.
|
|
#
?
Jun 17, 2014 05:07
|
|
|
I hear from my operations team if a test server which we have specifically told them not to monitor so much as thinks about creeping over 75%. Honestly I think I'd rather work at the place with a warning at 99%. Roughly half of my waking life is spent explaining to people that "yes. we know. it's supposed to be like that. no we are not deleting anything. no, we aren't increasing the size of the drive. no, your boss does not insist that you mention it. no, I absolutely will not be scheduling a follow up meeting."
|
|
#
?
Jun 17, 2014 06:00
|
|
|
|
| # ? Apr 29, 2024 13:15 |
|
|
poo poo like that makes feel like I'm jumping into a bottomless hole every time I start thinking about setting up our monitoring system. Like, yeah, I can configure the checks just fine, but like, man, what is monitoring, man  .
|
|
#
?
Jun 17, 2014 07:07
|
|
