|
Everything that would only really have a use in 'Enterprise' is unmitigated poo poo.
|
#
?
Jul 28, 2014 22:21
|
|
|
|
| # ? Apr 25, 2024 08:24 |
|
|
If you have a GPO that overrides the local users / groups, then you're also going to lose them. 
|
|
#
?
Jul 28, 2014 22:40
|
|
|
Jeoh posted:If you have a GPO that overrides the local users / groups, then you're also going to lose them. You mean with restricted groups or something else? Edit: I did discover that DNS may be an issue though. Right now everybody is setup with computername.location.local(not the real name), and when I join the domain this changes to computername.domain.local(again, not the real name). Since nobody has domain.local as a search suffix the name does not resolve. I'm not a DNS guru so I've asked our network admin what he thinks I should do in this situation. I'm hoping something can be done in DNS to make it resolve. Yaos fucked around with this message at 23:02 on Jul 28, 2014 |
|
#
?
Jul 28, 2014 22:56
|
|
|
Yaos posted:You mean with restricted groups or something else? Yes
|
|
#
?
Jul 28, 2014 22:58
|
|
|
Jeoh posted:Yes 
Yaos fucked around with this message at 23:09 on Jul 28, 2014 |
|
#
?
Jul 28, 2014 23:04
|
|
|
Cpt.Wacky posted:Is there an industry name for this type of product? Are there any that don't suck? http://www.proofpoint.com/products/privacy/index.php I would guess it's enterprise grade files sharing. I got the company from one of their emails. (Spoiler: My users are too dumb to read the simple direction and I get them :/)
|
|
#
?
Jul 28, 2014 23:19
|
|
|
Yaos posted:You mean with restricted groups or something else? You should be able to add search suffixes through Group Policy and/or DHCP. edit: actually it looks like maybe Windows doesn't support setting it via DHCP  You can definitely do it with a GPO though.
Docjowles fucked around with this message at 23:42 on Jul 28, 2014 |
|
#
?
Jul 28, 2014 23:35
|
|
|
Docjowles posted:You should be able to add search suffixes through Group Policy and/or DHCP. I'm thinking a trip to 26 computers that are connected to the server is in my future. I'm thinking I may just move everything over to another server which may also be an equal pain in the rear end, not sure yet. I'm on VMWare so I should just be able to add a second hard drive and give it all the space it needs. I didn't want to do this because the only server I can move it to is also the print server, although it's not in use yet but I already have all the printers installed. I'll have to check what resources I have on it tomorrow. Nobody is using the print server yet so maybe it will all work out for me. Yaos fucked around with this message at 23:55 on Jul 28, 2014 |
|
#
?
Jul 28, 2014 23:47
|
|
|
I swear the domain suffix gets listed as a search suffix automatically upon joining a domain, as in doesn't get listed in the search suffix list under the advanced TCP/IP settings for the adapter so you can't even remove it automatically. But yes you can add suffixes using GPO, I use it for a bastard site that sits on another org's network and uses a VPN to get home; they're domain joined but still have to access resources on that other org so they needed that suffix in there. edit: bleh took too long writing a reply. Comments in that link say windows clients don't accept DHCP option 119 anyway. With only 26 PCs you're not saving a whole ton of time anyway. hihifellow fucked around with this message at 00:02 on Jul 29, 2014 |
|
#
?
Jul 28, 2014 23:58
|
|
|
hihifellow posted:I swear the domain suffix gets listed as a search suffix automatically upon joining a domain, as in doesn't get listed in the search suffix list under the advanced TCP/IP settings for the adapter so you can't even remove it automatically. I'm pretty sure this isn't automatic, I know there's a GPO for the suffixes and this registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DomainNameDevolutionLevel But I don't believe it's automatic on domain join unless I'm just forgetting. e: Oh whoops, I was thinking of the suffix search order list, not the actual suffix setting that does change when you join a domain, sorry! CLAM DOWN fucked around with this message at 00:18 on Jul 29, 2014 |
|
#
?
Jul 29, 2014 00:02
|
|
|
The domain suffix is added through a domain join and also provided in a DHCP offer, but that doesn't let you specify multiple options.
|
|
#
?
Jul 29, 2014 00:18
|
|
|
Yaos posted:You have to manually add the option for it, might only be 2003. http://technet.microsoft.com/en-us/library/dd572752(v=office.13).aspx Problem is that means going around and doing ipconfig /renew. Add it to DHCP now, next time they renew they should get the updated info if I recall correctly. If your renewal times are sane it means doing it a day ahead takes care of this issue. If the lease times are less sane, a week early.
|
|
#
?
Jul 29, 2014 01:00
|
|
|
Zaepho posted:Add it to DHCP now, next time they renew they should get the updated info if I recall correctly. If your renewal times are sane it means doing it a day ahead takes care of this issue. If the lease times are less sane, a week early. Thanks for all the help and advice everybody. Hopefully DHCP can take care of this for me.
|
|
#
?
Jul 29, 2014 04:22
|
|
|
DHCP leases are renewed when the lease is halfway to expiring, if it is a week they'll get it in 3 1/2 days.
|
|
#
?
Jul 29, 2014 10:00
|
|
|
hihifellow posted:DHCP leases are renewed when the lease is halfway to expiring, if it is a week they'll get it in 3 1/2 days. Yaos posted:I set it to add it but I will have to check my DHCP lease time but I'm pretty sure it was set to a week.. Consider taking this opportunity to drop the lease time as well. Do you really need desktops having a lease longer than a day? you could go 8-10 hours and really squeeze down the number of leases out there but that's probably not entirely necessary. I usually go for 24 hours on workstation subnets since the environments I've been in are made up of a large number of Laptops that have a tendency to migrate at a fairly rapid pace and this makes sure I'm not wasting space in my scope for machines that have already moved on.
|
|
#
?
Jul 29, 2014 19:18
|
|
|
I hope someone here knows about SQL Server, being the enterprise Windows thread. SQL Server 2012, I want to shrink my transaction logs, if I run: code:2) Does this even work?
|
|
#
?
Jul 31, 2014 23:42
|
|
|
Don't quote me but I believe if you back the server up using a VSS aware solution it will flush those logs.
|
|
#
?
Aug 1, 2014 00:43
|
|
|
Gyshall posted:Don't quote me but I believe if you back the server up using a VSS aware solution it will flush those logs. This is correct. If the SQL Server VSS writer is enabled simply creating a VSS snapshot for backups will flush the logs. You can do this without actually taking a backup if you really want using the diskshadow utility. Start diskshadow as admin 1. add volume c: (or whatever volume is appropriate) 2. begin backup 3. create 4. end backup At that point the logs should be truncated. That said, you should really set up proper backups. That'll truncate the logs for you and you won't lose any logs - the thought process with the logs is that it makes it possible for you to do a point in time restore to any point during the day by restoring the full backup then replaying the logs until the point in time you want to restore to.
|
|
#
?
Aug 1, 2014 01:22
|
|
|
I think something else might be hosed up then. Every night there is a maintenance plan to back up the DB to another drive and flush the logs. vCenter snapshot grabs the whole thing at another time for enterprise network backup. I logged on the other day to a low disk space alert and there's something like 40GB of transaction logs for a 5GB DB that clearly were not being flushed properly. I didn't set up the maintenance plan so something is probably off there.
|
|
#
?
Aug 1, 2014 01:28
|
|
|
CLAM DOWN posted:I think something else might be hosed up then. Every night there is a maintenance plan to back up the DB to another drive and flush the logs. vCenter snapshot grabs the whole thing at another time for enterprise network backup. I logged on the other day to a low disk space alert and there's something like 40GB of transaction logs for a 5GB DB that clearly were not being flushed properly. When we say VSS aware backup, we're not talking about a scheduled task in SQL Server, which is what I presume you're talking about here. Try using Windows Server Backup to back up the DB, or try that diskshadow bit I outlined. It should truncate the logs.
|
|
#
?
Aug 1, 2014 01:34
|
|
|
CLAM DOWN posted:I think something else might be hosed up then. Every night there is a maintenance plan to back up the DB to another drive and flush the logs. vCenter snapshot grabs the whole thing at another time for enterprise network backup. I logged on the other day to a low disk space alert and there's something like 40GB of transaction logs for a 5GB DB that clearly were not being flushed properly. Also, full DB backups when run from SQL (VSS is different as outlined above) do not flush transaction logs - if your backup is being done by maintenance plan, you'll need another maintenance plan to backup the tlogs. If this is the case and your transaction log is actually full and 40 gigs and you don't care about losing the ability to do a point-in-time restore, you can either do a VSS snapshot or change the database recovery model to simple, then back to full, that'll flush it. After that you can run shrinkfile. But transaction logs are a good thing and you should have backups of them. wyoak fucked around with this message at 05:16 on Aug 1, 2014 |
|
#
?
Aug 1, 2014 04:58
|
|
|
wyoak posted:Flushing transaction logs (via a backup or whatever else) doesn't shrink the file itself, you'll need to do that manually with DBCC Shrinkfile with truncateonly. Your log file is probably 99% whitespace. And yes, you can run that whenever. Oh goddammit, thank you. I've learned a lot about SQL Server over the past year or so but this kind of thing I'm still learning, thank you very much! I'm going to try the recovery model swap tomorrow, we do have backups of them and it's just a matter of saving disk space at this point.
|
|
#
?
Aug 1, 2014 06:45
|
|
|
In one of our buildings we have roughly 20-25 laptop users. When these machines are here and plugged into the network via an ethernet cable, both the wireless adapter and the wired interface both pull an IP address via DHCP (currently handled by some lovely Adtran box, it was like that when I got here, working on fixing that in the near-future). Is there some way of stopping the wireless interface from requesting/getting an IP address when the cable is plugged in? Short of asking these users to switch the wifi interface off when they're here, thats not really an option.
|
|
#
?
Aug 1, 2014 18:11
|
|
|
That is how it should work, what is the problem you are trying to actually solve?
|
|
#
?
Aug 1, 2014 18:15
|
|
|
MrMoo posted:That is how it should work, what is the problem you are trying to actually solve? The wifi interface taking up an IP address when it doesnt need to. When I ping the machines, I get replies from the IP assigned to the ethernet interface, the users are able to work, so there is no real problem per se, but...maybe I'm just sperging over it unnecessarily.
|
|
#
?
Aug 1, 2014 19:15
|
|
|
Mr. Clark2 posted:I'm just sperging over it unnecessarily. But fwiw, Lenovo has a utility that does exactly this. I can dig up a link if that's what kind of machines you're using.
|
|
#
?
Aug 1, 2014 20:23
|
|
|
Each vendor has their own system, there are even a few third party systems now: http://www.mobilenetswitch.com/ http://www.netsetman.com/
|
|
#
?
Aug 1, 2014 20:26
|
|
|
It shouldn't be an issue. Just set your DHCP lease time on your wireless network to a non-crazy duration. Is it actually causing any problems?
|
|
#
?
Aug 1, 2014 21:24
|
|
|
Thanks Ants posted:It shouldn't be an issue. Just set your DHCP lease time on your wireless network to a non-crazy duration. Nope, no problems. Like I said, it's probably just me sperging over nothing. I was just hoping that there was something I could do quickly via GPO or similar. I've found a script that will do this, but since it's not causing any problems, I'm just going to leave well enough alone and double check the lease time on the wifi
|
|
#
?
Aug 1, 2014 22:50
|
|
|
What's the recommended event log consolidation/alert tool? Bonus points if it's free but we'll pay for it if it's awesome.
|
|
#
?
Aug 6, 2014 19:40
|
|
|
There's quite a few, what exactly do you want alerts on?
|
|
#
?
Aug 6, 2014 20:30
|
|
|
skipdogg posted:There's quite a few, what exactly do you want alerts on? I'd want it configurable I guess. What normally happens is we have some issue and then we go through the event logs on a server and see that for the last few days X has been happening.
|
|
#
?
Aug 6, 2014 20:45
|
|
|
Splunk and Logstash can both index event logs and alert/take actions based on specific events. Splunk is much easier to use but if you exceed the data/day limit of the free version, the licensing goes through the goddam roof in a hurry. I'm sure there's other more Windows-friendly tools that I don't know about. Both of those come from the Linux world and also happen to have some Windows support.
|
|
#
?
Aug 6, 2014 21:10
|
|
|
loggly and sumo logic are another two. The former uses ZeroMQ internally and the latter uses a Java based collector.
|
|
#
?
Aug 6, 2014 21:50
|
|
|
If you are looking into Logstash, set up a full Elk stack. It takes some time to set up, but I'd rather spend the time on configuration than how much Splunk charges. The last quote I got from them was staggering how much they wanted.
|
|
#
?
Aug 6, 2014 22:28
|
|
|
Alright, this is driving me insane, so hopefully someone can help. I'm having a permissions issue getting a piece of software (Milestone XProtect Corporate) to integrate properly with IIS. This is the error I keep getting: quote:=================================== I've tried giving every account I can think of read/write permissions on the www root folder. What am I doing wrong?
|
|
#
?
Aug 7, 2014 02:50
|
|
|
KillHour posted:Alright, this is driving me insane, so hopefully someone can help. I'm betting based on the error that this is something internal to the Milestone XProtect Corporate software. Is this the initial install/config or was something changed in IIS after an installation?
|
|
#
?
Aug 7, 2014 15:04
|
|
|
Zaepho posted:I'm betting based on the error that this is something internal to the Milestone XProtect Corporate software. Is this the initial install/config or was something changed in IIS after an installation? Milestone sets up the IIS server through a wizard, but it doesn't set up permissions. This is on a new installation of IIS set up for this purpose
|
|
#
?
Aug 7, 2014 17:00
|
|
|
I'd hate to be that guy reposting wsus mailing list notifications, but this may impact you if you use .net apps (or if you're a devop) http://blogs.msdn.com/b/dotnet/archive/2014/08/07/moving-to-the-net-framework-4-5-2.aspx
|
|
#
?
Aug 7, 2014 19:42
|
|
|
|
| # ? Apr 25, 2024 08:24 |
|
|
How do you goons handle installing a certificate for firewall HTTPS deep packet inspection on client devices not managed by Group Policy? I'm talking BYOD for iPads, laptops, etc. We have three WLAN VLAN networks where I need to present a login page and possibly a config/certificate import or something along those lines, if that makes sense. I realize this can be done using MDM/Cloudpath whatever, but the client has a budget unfortunatley and he blew his wad on wireless equipment with nothing left over for MDM.
|
|
#
?
Aug 7, 2014 22:21
|
|