|
Rick posted:So we have some laptops at an offsite location we have limited control over the local internet. We used to have stable staff there but suddenly we don't. Is there a way to allow users to access these laptops without having been logged on to them at one of our main locations first? Set your VPN connection to connect before they log into Windows. If they aren't connecting to any domain resources just make local user accounts and have them log in as .\localuser You can also just have it not on the domain at all if it will never need to be and go solely on local admin (never give this out) and local user. I think there's also a way with Windows 10 and an Azure Domain Controller but that's very likely outside the scope for small shop. pixaal fucked around with this message at 18:52 on Jul 17, 2018 |
#
?
Jul 17, 2018 18:49
|
|
|
|
| # ? Apr 25, 2024 16:49 |
|
|
Either look at running everything off Azure AD, or if this is a few clients and everything else is on a domain and you're happy with it, use DirectAccess.
|
|
#
?
Jul 17, 2018 19:08
|
|
|
A couple pages ago people were suggesting Ringcentral as a solid VOIP provider. Anyone else to consider or avoid? We are looking to replace a Comcast VOIP and an AT&T copper line in our small office. Reliability and quality are more important than price (we are paying ~$60 and ~$150/month to Comcast and AT&T, respectively). Don't particularly care about fancy features.
|
|
#
?
Jul 17, 2018 21:00
|
|
|
We are really tiny but OnSip has worked great other than some latency in the conference line that I've never figured out (or bothered to look into to be fair, we don't use it that much.) We have 6 extensions and a conference line and usually pay around $60 per month.
|
|
#
?
Jul 17, 2018 21:09
|
|
|
pixaal posted:Set your VPN connection to connect before they log into Windows. If they aren't connecting to any domain resources just make local user accounts and have them log in as .\localuser VPN might be the way to go. The issue is that people are just sent to this location as sort of desperation fill-ins , so it's been difficult for me to anticipate who will show up there. We wanted to break the habit of communal logins but that might in fact be the easiest given our infrastructure. Thanks Ants posted:Either look at running everything off Azure AD, or if this is a few clients and everything else is on a domain and you're happy with it, use DirectAccess. I would be fine with Azure AD actually but for whatever reason it's a bit of a boggie man here. Also we're still running Server 2008 R2 (I actually deployed Azure connect at my last job and there weren't any problems although I never tried to sign anyone in that way either, that was for Office 365 purposes). Direct Access seems to be not that hard.
|
|
#
?
Jul 17, 2018 21:41
|
|
|
Do they need to be laptops or can do you a thin client type of setup? It wouldn't be my ideal choice but it might be a fit here.
|
|
#
?
Jul 17, 2018 21:42
|
|
|
I'd love to put Thin Clients in there but they move from courthouse to courthouse so we're stuck with latoptops. We have some tablets (that I was pretty skeptical about buying when they requested them but it ended up having worked) that connect to Horizon which works pretty good, but we have to get approval from the city every time an employee goes there to use the private city wifi, at each separate court site.
|
|
#
?
Jul 17, 2018 21:55
|
|
|
Don't you have the same problem with laptops and Wi-Fi? MDMd tablet with LTE, a keyboard cover and a VDI app could be a winner if there's also a need to keep the data secure in the event of the device being lost.
|
|
#
?
Jul 17, 2018 22:02
|
|
|
They make thin client laptops, but at that point I'd look more towards a Chromebook.
|
|
#
?
Jul 17, 2018 22:22
|
|
|
Thanks Ants posted:Don't you have the same problem with laptops and Wi-Fi? For laptops users are able to access our reporting software even if nothing else so they still end up being useful, the reporting software is unfortunately Internet Explorer only which makes the tablets unable to use it unless connected to VM. They are LTE but it gets poo poo reception in 2 of the 3 court rooms. Also boss is trying to cheap out on the data plans. I guess we could get windows tablets though.
|
|
#
?
Jul 17, 2018 22:34
|
|
|
Jack the Lad posted:Thanks for the AV advice peeps. I have a new thing I'm struggling with. Update: After going back and forth with Office 365 support for a few weeks, this is mostly fixed (it's still happening for emails from our own servers but they say they'll fix those too in 2-3 days). Apparently it was nothing on our end, there was a problem with Exchange Online Protection that was fixed after being escalated to their Product Group team, but they don't do root cause analysis and can't tell me why it happened or what the fix was. So, uhhh, yeah. What.
|
|
#
?
Jul 26, 2018 17:01
|
|
|
Jack the Lad posted:Update: After going back and forth with Office 365 support for a few weeks, this is mostly fixed (it's still happening for emails from our own servers but they say they'll fix those too in 2-3 days). par for the course on EOP related stuff. Answer: the spam algorithm machine learned something dumb. They gently prodded it so your domain (or all of G apps?) would not be seen as super spammy. Unless recipients on other services were having the same issues, in that case i'd suspect blacklists. Though because EOP uses a few commercial, varying, spam engines even that might not be a guarantee
|
|
#
?
Jul 27, 2018 05:38
|
|
|
I rip on G Suite a lot for being weird and the features changing all the time and basic poo poo just not being there, but the mail filtering is about four thousand times better than anything else I've seen.
|
|
#
?
Jul 27, 2018 10:56
|
|
|
Jack the Lad posted:Update: After going back and forth with Office 365 support for a few weeks, this is mostly fixed (it's still happening for emails from our own servers but they say they'll fix those too in 2-3 days). Cause the escalation engineer would not know the back-end root cause, nor be given that information  . More than likely it was a Service Incident that went unchecked in the service health, I've seen more than a few EOP related incidents with service level tickets , but not showing in the service health panel with the SI attached to it.
|
|
#
?
Jul 30, 2018 08:38
|
|
|
Thanks Ants posted:I rip on G Suite a lot for being weird and the features changing all the time and basic poo poo just not being there, but the mail filtering is about four thousand times better than anything else I've seen. That's because they bought Postini a long time ago.
|
|
#
?
Jul 30, 2018 09:19
|
|
|
Internet Explorer posted:That's because they bought Postini a long time ago. yeah postini going away (from us non g suite users) was a huge pain in the rear end because we had to switch to a bunch of inferior spam filters
|
|
#
?
Jul 31, 2018 00:13
|
|
|
I forgot what I moved to but it was decent with an absolutely terrible web interface. Postini was good as hell.
|
|
#
?
Jul 31, 2018 00:30
|
|
|
Matt Zerella posted:I forgot what I moved to but it was decent with an absolutely terrible web interface. Postini was good as hell. we went postini -> something terrible that I don't remember -> mxlogic. then mcafee shut down mxlogic and we did proofpoint which was garbage and now mimecast.
|
|
#
?
Aug 1, 2018 00:16
|
|
|
NevergirlsOFFICIAL posted:we went postini -> something terrible that I don't remember -> mxlogic. then mcafee shut down mxlogic and we did proofpoint which was garbage and now mimecast. Mime cast was it. It's been a few years but I remember the web interface was terrible. If you hit the back button on the browser you would lose all your work. It was a good service though.
|
|
#
?
Aug 1, 2018 00:50
|
|
|
Matt Zerella posted:Mime cast was it. It's been a few years but I remember the web interface was terrible. If you hit the back button on the browser you would lose all your work. It was a good service though. yeah the ui is kind of all over the place and a huge pain. they have a signature mgmt component (like for mail signatures to replace outlook sigs) that's actually pretty good but it's so loving complicated compared to exclaimer/code2/whatever
|
|
#
?
Aug 1, 2018 01:30
|
|
|
Have you guys had luck getting people to back off the "just use E-mail for all communication" train, or is it even worth bothering trying? I got a surprising amount of resistance to implementing Slack so I'm kind of deciding on what to do next, if anything. We will eventually migrate to 365 so I'm not as worried about the storage aspect (although that might be the most immediate problem given the rate of some user's email) but I still think that email just sucks as a collaborative communication tool. I know Slack isn't perfect either but during my brief time in corporate, it was functional improvement to email at least.
|
|
#
?
Aug 1, 2018 08:50
|
|
|
I set up teams, everyone has it pushed out, my boss is concerned it'll "waste time, people will just talk to eachother". Like they don't already, come on man.
|
|
#
?
Aug 1, 2018 09:10
|
|
|
dogstile posted:I set up teams, everyone has it pushed out, my boss is concerned it'll "waste time, people will just talk to eachother". We're not allowed to give Jabber to everyone or have any type of chat solution, only email. We got the same reasoning. It's so stupid.
|
|
#
?
Aug 1, 2018 13:15
|
|
|
people talking to each other....... hosed up if true
|
|
#
?
Aug 1, 2018 13:59
|
|
|
o365 comes with skype for business
|
|
#
?
Aug 1, 2018 14:08
|
|
|
sneakyfrog posted:o365 comes with skype for business You shut your filthy mouth. Teams is much better, and is replacing SfB in due course anyway: https://docs.microsoft.com/en-us/microsoftteams/faq-journey As for a chat tool in the business, some places just aren't a great fit for it. Older staff who all work at the office in a paper-pushing kind of job may simply not see a point - and they may not be wrong. It's fantastic if you're running a conference in a big location, though.
|
|
#
?
Aug 1, 2018 15:35
|
|
|
lol who wants to talk to their coworkers? Email is for referencing three weeks later when your boss asks why something isn't done and you forward him your sent mail to someone asking for information that never got a response. Communication in the workplace is cancer.
|
|
#
?
Aug 1, 2018 15:45
|
|
|
We couldn't implement IM at my old place because we couldn't get people to stop saying dumb poo poo in emails, that would then get turned over in a lawsuit. God only knows how e-discovery would have worked with chat logs. I imagine we'd have to turn over the entire chat log between employees, which would inevitably include them talking about wanting to see the new girls tits or whatever other terrible poo poo that was worse than what they already said in email.
|
|
#
?
Aug 1, 2018 23:28
|
|
|
For the few people we have IM, we have logging disabled. It’s policy, so no problem.
|
|
#
?
Aug 1, 2018 23:43
|
|
|
carlcarlson posted:We couldn't implement IM at my old place because we couldn't get people to stop saying dumb poo poo in emails, that would then get turned over in a lawsuit. God only knows how e-discovery would have worked with chat logs. I imagine we'd have to turn over the entire chat log between employees, which would inevitably include them talking about wanting to see the new girls tits or whatever other terrible poo poo that was worse than what they already said in email. tell them very clearly everything that you are able to(/required to if that's the case) log any form of communication using their company device. Anyone unable to fathom the stupidity of things like discussing the new girls tits deserves the eventual shenanigans that will ensue if they send it to the wrong person or accidentally post something along those lines to a team group chat, the last of which I've seen happen with a phone jockey once. That guy had to go but no incidents since, it's been a couple years now. Skype f Business can do this at the start of every IM session for instance.
|
|
#
?
Aug 2, 2018 13:47
|
|
|
E: Wrong Thread
|
|
#
?
Aug 2, 2018 16:35
|
|
|
my intern said to me yesterday "it seems like most of this job is dealing with other peoples fuckups and them not being able to google anything, its not always like that right?"
|
|
#
?
Aug 4, 2018 13:38
|
|
|
sneakyfrog posted:my intern said to me yesterday "it seems like most of this job is dealing with other peoples fuckups and them not being able to google anything, its not always like that right?" That's the sign of someone that's going to do very well in IT. It gets better, but that's what low end IT positions are, helpdesk, or doing bitch work for the server team. A small shop where they are the only IT person is a pretty good position if they can land it. Something with a contractor budget, and they can slowly bring that stuff in house not only saving the company money, but getting some really good stuff for their resume. Sure they could do the standard helpdesk grind, but that's soul crushing.
|
|
#
?
Aug 4, 2018 14:27
|
|
|
pixaal posted:That's the sign of someone that's going to do very well in IT. It gets better, but that's what low end IT positions are, helpdesk, or doing bitch work for the server team. A small shop where they are the only IT person is a pretty good position if they can land it. Something with a contractor budget, and they can slowly bring that stuff in house not only saving the company money, but getting some really good stuff for their resume. Sure they could do the standard helpdesk grind, but that's soul crushing. eh thats pretty much kind of it, my shop is growing to the point of where i need to do way too many focus based tasks and management type stuff for long hours to do general IT bitchwork. so just practical lessons along the A+ course curriculum lines, and letting him take first crack at general helpdesk type stuff with supervision. kids a bit too hands on to sit still for much of the lecture/theory work so just been spoonfeeding it slowly as we go along.  its definitely sharpening me up on some of the menial poo poo i had to do at first.
|
|
#
?
Aug 4, 2018 14:35
|
|
|
I'm struggling with a WDS/MDT deploy setup. I have everything configured, captures work great, domain join parameters with custom computer names, custom driver sets based on model, etc. But. Now that I have the domain join setup properly, the deployment fails. The image is installed, and the computer reboots from Litetouch to Windows. Windows has disabled the local admin account, which means the install script doesn't continue unless I boot into safe mode, enable local admin, reboot, and then manually continue it. I read that this could be a gpo issue, so I created a new OU for the domain join script, disabled gp inherence, made sure the admin user is enabled via gp, etc. Same thing. I just rejoined my image pc to ad, moved it to the blocked inherence OU, updated group policy, unjoined AD, and kicked off another capture. I'll test another deploy when it's done. Any suggestions??? Gerdalti fucked around with this message at 14:25 on Aug 10, 2018 |
|
#
?
Aug 10, 2018 14:20
|
|
|
Gerdalti posted:I'm struggling with a WDS/MDT deploy setup. I have everything configured, captures work great, domain join parameters with custom computer names, custom driver sets based on model, etc. What version of windows are you installing? Are you setting the admin password? Is the password blank? I (think) sometimes windows doesn't like blank passwords and that might cause problems, if you're trying that.
|
|
#
?
Aug 10, 2018 19:02
|
|
|
MF_James posted:What version of windows are you installing? Are you setting the admin password? Is the password blank? I (think) sometimes windows doesn't like blank passwords and that might cause problems, if you're trying that. Win7, I've tried setting the password via Rules and by hand. I'm just sort of undoing a ton of my automation and settings now to see what fixes it, and then I'll work my way forward again.
|
|
#
?
Aug 10, 2018 19:11
|
|
|
Let's talk internet access at a small business with remote offices. Let's say you have a main office, 50 users, all your servers are there. They have a nice 100mbs fiber connection. Now imagine a remote office, 5-10 users, and they have a small business 5/50 cable internet line. Between these two offices you have a IPSEC VPN using whatever your favorite SMB firewall is (surprise, they all suck) How do you setup outgoing internet access for that remote office? Run all the traffic through the main office? Run all the internet traffic through their cable modem and out to the world, and only VPN the traffic going to the main office file servers etc? If you use the main office DNS servers, when the VPN is down you can't go anywhere. If you use the ISP's DNS, you can't get to the office servers. Also it messes up everything else internal. http://intranet or whatever.
|
|
#
?
Aug 21, 2018 19:20
|
|
|
Isn't that what split tunneling is for? I vaguely remember the SMB firewalls I used could set DNS servers on the DHCP lease from the VPN endpoint Thats how we did it Happiness Commando fucked around with this message at 19:33 on Aug 21, 2018 |
|
#
?
Aug 21, 2018 19:27
|
|
|
|
| # ? Apr 25, 2024 16:49 |
|
|
Split tunnel VPN doesn't solve the DNS issue. One solution is to have a local device do DNS and DHCP. I like having an AD server at the remote site doing the DNS and DHCP. But for a site that small, the licensing will cost more than the hardware and it may be a hard sell. e: You could also have your remote site edge device serve DHCP and set the primary DNS to HQ and secondary DNS to your ISP/Google The Fool fucked around with this message at 19:46 on Aug 21, 2018 |
|
#
?
Aug 21, 2018 19:35
|
|
