|
I’m in day 2 of 3 in itil v3 training, and people just referenced reddit.
|
#
?
Apr 17, 2018 15:48
|
|
|
|
| # ? Apr 27, 2024 12:20 |
|
|
Irritated Goat posted:Yeah, we've got a lot of it done that way but renaming\setting the password for the local admin user has been oddly flaky. That's because setting the local admin password via GPO is insecure and deprecated. Use LAPS. https://support.microsoft.com/en-us/help/2962486/ms14-025-vulnerability-in-group-policy-preferences-could-allow-elevati
|
|
#
?
Apr 17, 2018 15:50
|
|
|
Inspector_666 posted:If they just want a slideshow, a thumbdrive is the best option anyway. It really is way easier than updating a fancy live display that's backed by a CMS or something
|
|
#
?
Apr 17, 2018 15:51
|
|
|
devmd01 posted:That's because setting the local admin password via GPO is insecure and deprecated. Use LAPS. I'm gonna suggest it again now that we're not having rampant replication issues.
|
|
#
?
Apr 17, 2018 16:03
|
|
|
Might be a stupid question, but we've had an issue popup, and I'm not sure how to deal with it/what to use to mitigate in the future. We have an employee who's likely on the way out the door (company's choice, not their's) - but they haven't officially been let go. Said employee has a laptop and VPN access. Said employee has apparently possibly gotten wind of the fact they might be let go. However, we (as in IT) are not allowed to do anything with said employee's account, as nothing is official yet. This person has started trying to mess with files that they have access to. Nothing ~hugely~ obvious - just going into excel files and changing formulas, overwriting new data with old, etc. Moving files from places where they share duties with other people, and putting them into folders where the other folks don't have access so they can't do their jobs. Nothing we can't easily recover via VSS or backups, but this is assuming the people who use these files notice. What can we use to monitor the file server (Windows) stuff lives on to track these events? I realize that would be a lot of logs to parse, but even if we can get something that only looks at specific folders, or only logs access events by specific people, that would be great. Or is there anything in event viewer, etc that might help us verify what's happening?
|
|
#
?
Apr 17, 2018 16:16
|
|
|
Siochain posted:Might be a stupid question, but we've had an issue popup, and I'm not sure how to deal with it/what to use to mitigate in the future. Hit up the infosec thread and hope Lain posts. Logs are part of her specialty.
|
|
#
?
Apr 17, 2018 16:20
|
|
|
Avenging_Mikon posted:I’m in day 2 of 3 in itil v3 training, and people just referenced reddit. Reddit's fantastic. There are 1 or 2 really strong posts in /r/sysadmin per day. I think people who dislike Reddit are judging it as a whole, which isn't fair. For example, on SA, I only browse a few threads in SH/SC. I don't judge SA by GBS or TFR or any of the 50 or so ironic subforums. Same goes for Reddit.
|
|
#
?
Apr 17, 2018 16:24
|
|
|
Irritated Goat posted:Yeah, we've got a lot of it done that way but renaming\setting the password for the local admin user has been oddly flaky. pspasswd.exe from sysinternals is your friend LAPS is the better solution if you can get enough buyin
|
|
#
?
Apr 17, 2018 16:27
|
|
Cat Army 
|
Siochain posted:Might be a stupid question, but we've had an issue popup, and I'm not sure how to deal with it/what to use to mitigate in the future. File access logs can be logged to windows events: https://blogs.technet.microsoft.com/mspfe/2013/08/26/auditing-file-access-on-file-servers/ Infosex thread will likely have other suggestions like AM suggested E: There is a typo, but I’m leaving it
|
|
#
?
Apr 17, 2018 16:29
|
|
|
The secret to reddit is to set the preference to hide downvoted posts and obliterate everything you hate. Or browse it through google using the "site:reddit.com" magic. There is a lot of good stuff in there, the sheer number of people using it guarantees it, but that also means there's a lot of crap.
|
|
#
?
Apr 17, 2018 16:32
|
|
|
https://www.youtube.com/watch?v=DOqb_UzJSUQ&hd=1
|
|
#
?
Apr 17, 2018 16:35
|
|
|
|
|
#
?
Apr 17, 2018 16:49
|
|
|
i like chrome cast for doing slideshows on tv, personally
|
|
#
?
Apr 17, 2018 16:51
|
|
|
I can't tell if you guys are just big fans of ironic mashup artists, or earnestly saying to never use reddit, but either way your opinion is wrong.
|
|
#
?
Apr 17, 2018 16:51
|
|
|
Siochain posted:Might be a stupid question, but we've had an issue popup, and I'm not sure how to deal with it/what to use to mitigate in the future. As mentioned, file access logs can already be looked at. However, it's probably worth addressing the wider surface of the risk. I'd start looking into logging all network access on their accounts in the event this grows beyond just being annoying with some files. Don't let your company turn into Sickening v2.
|
|
#
?
Apr 17, 2018 16:51
|
|
|
MC Fruit Stripe posted:I'm shedding myself of all popularity around here, and it's only going to get worse with this post. They specifically referenced reddit memes. And I judge Reddit by its ownership. There are good subreddits but I refuse to give eyeballs and clicks to reddit as a whole.
|
|
#
?
Apr 17, 2018 16:53
|
|
|
I can't imagine any manager hearing about an employee loving around with company data or people's ability to do work and not hitting the alarm and pounding the huge "lock this account RIGHT NOW" panic button and immediately terminate the employee. Logging it and letting them continue? What crazy world do you live in where people are okay with that?
|
|
#
?
Apr 17, 2018 16:55
|
|
|
I find Reddit's formatting unreadable, so unless I end up at a post from a Google search or otherwise direct link, I never use it.
|
|
#
?
Apr 17, 2018 16:55
|
|
|
MC Fruit Stripe posted:I'm shedding myself of all popularity around here, and it's only going to get worse with this post. The problem is even in the “good” subreddits you still have the unironic references to men’s rights, reverse racism, and all that other bullshit. For example someone arguing that there isn’t racism/sexism in the IT hiring process.
|
|
#
?
Apr 17, 2018 16:58
|
|
|
And the formatting often leads to those comments floating to the top because there seems to be a lot of that sentiment there. I’ve delved into reddit some just because I’ve been interested in games and other topics that aren’t well represented on SA but I very rapidly run out of patience.
|
|
#
?
Apr 17, 2018 17:01
|
|
|
xzzy posted:I can't imagine any manager hearing about an employee loving around with company data or people's ability to do work and not hitting the alarm and pounding the huge "lock this account RIGHT NOW" panic button and immediately terminate the employee. This. Personally, I would discover that there was an issue with their account for some highly technical reason that required you to kill all their access while you 'fixed' it.
|
|
#
?
Apr 17, 2018 17:02
|
|
|
Reddit is occasionally useful for obscure topics, but it is a chore to read due to the worst formatting in existance and it suffers from the combo of only popular posts float to the top/the popular posts are usually terrible memes.
|
|
#
?
Apr 17, 2018 17:06
|
|
|
Siochain posted:Might be a stupid question, but we've had an issue popup, and I'm not sure how to deal with it/what to use to mitigate in the future. I can speak to some of this. Not all of this may fall under your purview depending on the size of your shop, but this is the sort of thing you wanna take seriously. Tracking Who Did What and Where: For windows stuff you really wanna look at enabling Access and Audit logs. Depending on your sphere of responsibility looks like this is either easy or a pain in the rear end to set up. Here's a link that talks about it: https://blogs.technet.microsoft.com/mspfe/2013/08/26/auditing-file-access-on-file-servers/ There will be gotchas specific to your environment I can't speak to, but Advanced Access and Auditing seems to be the best option by a large margin on Windows. Recovering from Bad Actors: Have a backup plan. People in this thread can talk to you about implementation better than I can, but if you have logging and everything set up with no recovery you are gonna know who to blame and still have a bad time. Last thoughts: Some companies really like the idea of rolling your own FIM. I strongly recommend against this. I inherited a lovely FIM written in C# and I am now the sole dev on it when my team lead left. It sucks. I've written a poo poo load of tests and powershell management scripts to keep it running but it falls massively short of Auditing and Access logging Some companies already own an EDR product that does FIM stuff. I can't speak to those, but know that these exist and some people swear by them.
|
|
#
?
Apr 17, 2018 17:10
|
|
|
Siochain posted:What can we use to monitor the file server (Windows) stuff lives on to track these events? I realize that would be a lot of logs to parse, but even if we can get something that only looks at specific folders, or only logs access events by specific people, that would be great. Or is there anything in event viewer, etc that might help us verify what's happening?
|
|
#
?
Apr 17, 2018 18:43
|
|
|
Things that aren’t pissing me off: My drat replacement hasn’t listened to a single thing I’ve told him. Not using the correct templates, writing queries directly in the database instead of using the reporting tool, etc. He seems pretty determined to not follow company policy at all but none of this is my problem and I have to keep telling him the most basic things like what the password is for the reports account. Best part is none of this is actually my problem. 8 more days and I’m at the new job. We were also screen sharing the other day and he has a job hunting site and a few interview question primer websites up. I’m pretty sure offshoring my position is going to bite this company in the rear end hard. Hopefully there is some karmic justice.
|
|
#
?
Apr 17, 2018 19:08
|
|
|
Obsoletely Fabulous posted:The problem is even in the “good” subreddits you still have the unironic references to men’s rights, reverse racism, and all that other bullshit. For example someone arguing that there isn’t racism/sexism in the IT hiring process. 
|
|
#
?
Apr 17, 2018 20:20
|
|
|
Aunt Beth posted:Varonis DatAdvantage is FANTASTIC. It costs an arm and a leg but is worth every penny. Their support is out of this world too. This. I'm not even the one in charge of this system, but the few times we've used it in the past (like, actually had to query it), it's worked very well. It will also alert based on used behavior.
|
|
#
?
Apr 17, 2018 22:07
|
|
|
I used Varonis at my last job and I miss it so so much.
|
|
#
?
Apr 17, 2018 22:31
|
|
|
Thanatosian posted:This. I'm not even the one in charge of this system, but the few times we've used it in the past (like, actually had to query it), it's worked very well. It will also alert based on used behavior.
|
|
#
?
Apr 17, 2018 23:07
|
|
|
I hate hate hate switchable graphics in laptops.
|
|
#
?
Apr 18, 2018 00:50
|
|
|
xzzy posted:I can't imagine any manager hearing about an employee loving around with company data or people's ability to do work and not hitting the alarm and pounding the huge "lock this account RIGHT NOW" panic button and immediately terminate the employee. If they would loving listen to us, yeah, said person's account would be deactivated. As it is, we have full backups, VSS, etc. They aren't the most techy, and lack local admin, plus shares are locked down, so its likely not an issue aside from this. Said person does not have access to any business critical data/systems - they could cause a mess, but nothing we can't fix in a couple of hours. They're more intent on loving over some other employees who have "slighted" them. I'm going to look into Varonis Datavantage - we've got a budget, and I can justify the use-case to higher ups. I'll try to get a quote on it. Just trying to prevent drama that I'll be sucked into regardless :/
|
|
#
?
Apr 18, 2018 00:52
|
|
|
Siochain posted:Varonis
|
|
#
?
Apr 18, 2018 04:13
|
|
|
Myrridinos posted:I hate hate hate switchable graphics in laptops. Disable it in BIOS/UEFI/drivers/anywhere if possible. It is the devil.
|
|
#
?
Apr 18, 2018 09:45
|
|
|
Obsoletely Fabulous posted:The problem is even in the “good” subreddits you still have the unironic references to men’s rights, reverse racism, and all that other bullshit. For example someone arguing that there isn’t racism/sexism in the IT hiring process. Downvote and move on. You still post on SA and some of our moderators have been absolutely loving atrocious human beings.
|
|
#
?
Apr 18, 2018 11:05
|
|
|
Myrridinos posted:I hate hate hate switchable graphics in laptops. I hate this so much.
|
|
#
?
Apr 18, 2018 11:56
|
|
|
Sefal posted:I hate this so much.
|
|
#
?
Apr 18, 2018 14:06
|
|
|
dogstile posted:Downvote and move on. Has SA had some garbage people? Abso-fuckin-lutely. It's the internet. There are ALWAYS garbage people. Does SA let it slide for long? No. Did Lowtax come out and say it's OK for people to use racial slurs? No. Reddit is a god drat garbage heap. If you sift through long enough, you find good stuff but there's work to be done. I find it to be less work here. Just a thought. 
|
|
#
?
Apr 18, 2018 14:40
|
|
|
I never learned how to read Reddit and the million sub-threads for each topic. I enjoy the conversational style of SA where we all contribute and add to the discussion linearly.
|
|
#
?
Apr 18, 2018 14:53
|
|
|
Sefal posted:I hate this so much. Love to have one bit of embedded content in a webpage kick the whole machine to a dedicated GPU and drain my battery in three hours because it doesn't know how to switch back.
|
|
#
?
Apr 18, 2018 14:55
|
|
|
|
| # ? Apr 27, 2024 12:20 |
|
|
Does this seem weird to anyone? Good Morning Managers, We have been growing as a company since 19xx, and what growth it has been. Whether it is in numbers, products, culture or opportunities, and we have been taking this growth in stride. We all hold unique talents or knowledge base that make us strong and allows us to do great things. These same talents and knowledge is what adds value to everything we do. But I ask you; if you were to leave the company and retire today, move out of state, or change employers would you feel you left your team or the company with value to continue to forward progress and growth? Could you step back and say “Team, You Can Do This”? Have you equipped your team and company with all the knowledge, trust and confidence they will need to continue to add and bring value to the company? These are the questions that as leaders we need to be able to answer on a regular basis. You never know when that day will come and we need to be prepared when it does. So with that, we will begin looking at each department; each area of opportunity to start to develop that succession plan, we need to find that starting point. That starting point begins with you. Please take some time to review the attached file. It is a list of critical area of leadership, knowledge and support that our company and culture needs to move into the next 30 years of greatness. What I would like for you to do is: 1. Evaluate each position and area 2. Select who you think would fit each role and when a. Each role should have minimum of one name for each time frame 3. If there is not a person that you feel fits within the time line mark NONE in the box 4. Once complete send back to me (not the HR email address) After everyone has submitted their matrix we will meet to discuss your thoughts and findings and what the next steps will be. Remember as you are doing this exercise, you may find that there is hidden talent in other departments. Having the right persona in the right role is always the goal. Please have this back to me by end of day Friday, April 27th. Thank you, HR LADY This spreadsheet (with about 3 more rows of 'managers') accompanied the email  So I'm supposed to offer my 'insight' on all these other jobs that I don't know anything about? Can I put someone in 'READY NOW' if the person currently in the position is completely incompetent?
|
|
#
?
Apr 18, 2018 15:06
|
|