|
I'm way too curious as to why that crawler timestamp is so wildly different than the thread timestamp. The easy answer might be small threads on Monday that were forgotten before big blowups started the following day. edit: What an incredibly unfortunate snipe. Have some cables: 
|
#
?
Jan 10, 2019 16:03
|
|
|
|
| # ? Apr 18, 2024 07:41 |
|
|
Bundled with Velcro, as God intended.
|
|
#
?
Jan 10, 2019 16:48
|
|
|
ChubbyThePhat posted:I'm way too curious as to why that crawler timestamp is so wildly different than the thread timestamp. BRB gonna jerk off
|
|
#
?
Jan 10, 2019 17:26
|
|
|
That vertical orange bundle on the left jumps out the management halfway down 
|
|
#
?
Jan 10, 2019 17:34
|
|
|
ChubbyThePhat posted:I'm way too curious as to why that crawler timestamp is so wildly different than the thread timestamp. Ugh, so little reasons to have cables run across like that. Just have the switch next to it’s patch panels. 24 port patch panel 48 port switch 24port patch panel 6 inch patch cables to connect it all. (Yeah yeah, it makes it harder to terminate at the patch panels for your cable guys but who cares)
|
|
#
?
Jan 10, 2019 17:46
|
|
|
Neat Patch is the way to go.
|
|
#
?
Jan 11, 2019 20:33
|
|
|
It's like the speedo of patch panel covers. I'd prefer to just letting it all hang out.
|
|
#
?
Jan 11, 2019 20:37
|
|
|
Moey posted:Neat Patch is the way to go. One of our new sites has this, but it's all patch panels and those covered channels, with no room for switches. The 4-post enclosed rack that is to house the switches is a few feet away. They just handed us a box of 10 foot cables and shrugged.
|
|
#
?
Jan 11, 2019 21:48
|
|
|
If you're patching to a panel right above the switch then why don't you save the space that the neat patch is taking up and just use 6" cables
|
|
#
?
Jan 11, 2019 22:56
|
|
|
Does anyone else do a lot of Office 365 MFA setup? We recently started pushing for that with our clients, but it seems like unless I want to recreate a new Outlook profile, it will prompt for a password and only accept the app password. There was like a week where I could reliably get an MFA prompt in Office 2016, and also in 2013 if I added the EnableADAL registry key, but now I'm consistently being forced to use the app password.
|
|
#
?
Jan 15, 2019 04:45
|
|
|
Modern Auth should remove the need for app passwords. Also I’d whitelist your public ip range. We only require 2fa outside the corporate network It’s been a couple years but tenants and 2016 clients should already be enabled for this by default I think.
|
|
#
?
Jan 15, 2019 04:58
|
|
|
Notepad has been acting up since the latest update for me. When using word wrap the last word on the line splits off like 'Acropolis' becoming 'Acrop olis' How do I fix this it's driving me insane.
|
|
#
?
Jan 15, 2019 06:02
|
|
|
skipdogg posted:Modern Auth should remove the need for app passwords. Also I’d whitelist your public ip range. We only require 2fa outside the corporate network While it should be on by default at this point, it's fairly easy to check the status and turn it on if needed. https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/enable-or-disable-modern-authentication-in-exchange-online
|
|
#
?
Jan 15, 2019 06:26
|
|
|
Conditional Access doesn’t accept IPv6 addresses when defining network locations 
|
|
#
?
Jan 15, 2019 08:46
|
|
|
Grouchio posted:Notepad has been acting up since the latest update for me. When using word wrap the last word on the line splits off like 'Acropolis' becoming 'Acrop I have no clue how to troubleshoot weird word-wrap in Notepad because anyone who has a need to use Notepad has just gotten Notepad++ for like 10 years. Literally, install Notepad++, whatever you’re using Notepad for ++ will be better, I promise?
|
|
#
?
Jan 15, 2019 13:48
|
|
|
I quite like VS Code
|
|
#
?
Jan 15, 2019 14:33
|
|
|
The Fool posted:While it should be on by default at this point, it's fairly easy to check the status and turn it on if needed. I have it enabled for the tenant, but my issue is that I'm rolling it out to existing Office 365 users and I don't want to recreate their Outlook profile. I purge their password from credential manager, reboot, and only get a password prompt that accepts app passwords. Seems like there's two types of prompts. The grey looking box that wants a username/ password. Or the fancy white microsoft page that works with MFA
|
|
#
?
Jan 15, 2019 14:34
|
|
|
Hello! I have a quick question about quotas that I hope someone can assist with. There are a couple of users who are at 99% capacity of their storage quota on our file server. I wanted to know, if the quota limit was to be reduced what happens to their files? Are they kept but the user has to delete things in order to save files again? Or does it automatically remove oldest files or is there something else that occurs? Thank you kindly everyone!
|
|
#
?
Jan 15, 2019 16:54
|
|
|
VideoGames posted:Hello! I have a quick question about quotas that I hope someone can assist with. I assume you're talking about FSRM? There's hard and soft quotas. If it is a soft quota and you reduce it, it will trigger whatever event is supposed to be triggered but they can still save files. If it is a hard quota, they will need to delete files before they can save more. It is my understanding that it will not delete old files. You can use File Management Tasks in FSRM to do something like you are asking. https://docs.microsoft.com/en-us/windows-server/storage/fsrm/create-file-expiration-task
|
|
#
?
Jan 15, 2019 17:02
|
|
|
Thanks Ants posted:Conditional Access doesn’t accept IPv6 addresses when defining network locations Doesn't surprise me. It's been about 3 years since I've had much to do with O365, and I was an early preview tester for MFA. I had to put a feature request in to be able to define more that 12 trusted network locations. We had 20 offices and when I asked how I was supposed to make this work with only 12 trusted network locations they didn't have an answer. Took them a few months to implement the change.
|
|
#
?
Jan 15, 2019 18:06
|
|
|
Thanks Ants posted:I quite like VS Code  snackcakes posted:I have it enabled for the tenant, but my issue is that I'm rolling it out to existing Office 365 users and I don't want to recreate their Outlook profile. Yes, there's Basic Authentication and there's Modern Authentication. You shouldn't have to recreate their Outlook profiles for Modern Auth to work. Do you have an issue with RPC? https://support.microsoft.com/en-us/help/3126599/outlook-prompts-for-password-when-modern-authentication-is-enabled Do you have older versions of Outlook? These keys shouldn't be necessary after Outlook 2013. https://docs.microsoft.com/en-us/of...=o365-worldwide There was an update to Windows 10 that could cause connectivity issues, that may result in Modern Auth failing and outlook falling back to basic auth. https://support.microsoft.com/en-us/help/4025962/cant-sign-in-after-update-to-office-2016-build-16-0-7967-on-windows-10 Check the Office Connectivity Analyzer and make sure you don't have any issues there. https://testconnectivity.microsoft.com/ Also try the Support and Recovery Assistant at the same link if nothing else works
|
|
#
?
Jan 15, 2019 18:59
|
|
|
There's some patch in Windows 10 that's been causing network issues randomly. Sometimes when users try to run an executable from our network shares, they get an error like this: but if they just hit ok and run it again, it's fine. I generally cannot get event log information for the error, because it's usually several hours/days later that I get notice, but I can't figure out why this is happening. It's weird that it wouldn't work one time, but it would the second.
|
|
#
?
Jan 15, 2019 19:13
|
|
|
Serfer posted:There's some patch in Windows 10 that's been causing network issues randomly. Sometimes when users try to run an executable from our network shares, they get an error like this: This is usually due to the way uac handles your token elevation. What's happening is you browse the fileshare with an explorer session run as user along with all your normal permission entitlements, with the exception of admin. then you go to run the executable and the executable metadata or the uac heuristics flag it as needing admin, so it prompts to elevate as admin which gives you that token which doesn't have all the other group permissions (an attempt to prevent malware from blasting over the network with elevated creds), but that account doesn't have permissions to the file share so it fails. If its working the second time, I suspect offline files is caching it locally after the first access attempt, though that part of it is odd. There's a setting you can change to make your elevated token retain all its group memberships, but that increases your risk of something propagating through the network. Either get people in the habit of copying executables down locally before launching then or remove their admin rights and give them a second dedicated admin account and it should stop.
|
|
#
?
Jan 15, 2019 21:31
|
|
|
BangersInMyKnickers posted:This is usually due to the way uac handles your token elevation. What's happening is you browse the fileshare with an explorer session run as user along with all your normal permission entitlements, with the exception of admin. then you go to run the executable and the executable metadata or the uac heuristics flag it as needing admin, so it prompts to elevate as admin which gives you that token which doesn't have all the other group permissions (an attempt to prevent malware from blasting over the network with elevated creds), but that account doesn't have permissions to the file share so it fails. If its working the second time, I suspect offline files is caching it locally after the first access attempt, though that part of it is odd. Offline files is disabled for everyone, and it doesn't happen every time either. Giving everyone in the company a second login would be exactly the same, since it would still prompt for elevation, would it not?
|
|
#
?
Jan 16, 2019 00:13
|
|
|
Ugh I was pretty mushy in the head last night so I asked this in the wrong thread, but anyone got experience with IIS and reverse proxy? I've used it before to set up sites and I was gonna do it again to run some wordpress site on a linux VM but I am having issues with AJAX calls, basically they result in the server resetting the connection. Not sure if it's a wordpress/linux or an IIS issue. EDIT: FIXED WOOO After mashing my head against this wall since monday the solution was deceptively simple, just increase the response buffer threshold to something a lot higher in Application Request Routing. His Divine Shadow fucked around with this message at 09:28 on Jan 16, 2019 |
|
#
?
Jan 16, 2019 07:15
|
|
|
Serfer posted:Offline files is disabled for everyone, and it doesn't happen every time either. Giving everyone in the company a second login would be exactly the same, since it would still prompt for elevation, would it not? It generally sorts it out because UAC will prompt for the full username/pass alt credential instead of doing the elevation/split token account which will get you the full ACL list so long as the admin accounts have access to the share as well.
|
|
#
?
Jan 16, 2019 14:03
|
|
|
Dumb question incoming - if I link a GPO to a site, does that work for user configs as well as device configs, or is it device-only?
|
|
#
?
Jan 16, 2019 22:59
|
|
|
99% sure it'll work for both.
|
|
#
?
Jan 16, 2019 23:52
|
|
|
GPOs are split in to computer and user policies, you can define one or both types in a single GPO. When the GPO is liked to an OU, domain root, site, whatever, with either a user or a computer in it, that corresponding type of policy in the GPO is applied. This is further complicated by the computer being configured in loopback mode. If that is the case, then any user policies linked to the computer object will apply to all users logging in to that system.
|
|
#
?
Jan 16, 2019 23:55
|
|
|
I think the bit I was struggling with was the idea of a user being assigned to a site, because it's not like they have an IP address. I'm assuming it evaluates the site on login (and refresh?) and applies the respective user policies at that point.
|
|
#
?
Jan 17, 2019 00:26
|
|
|
Thanks Ants posted:I think the bit I was struggling with was the idea of a user being assigned to a site, because it's not like they have an IP address. I'm assuming it evaluates the site on login (and refresh?) and applies the respective user policies at that point. There's a lot of fuckery that you can do with sites but generally it's going to follow whatever site the DC their connected on to says its in
|
|
#
?
Jan 17, 2019 00:35
|
|
|
Is it "normal" for an Enterprise to come down with a blanket statement from on-high saying that PowerShell be disabled across all systems, even server OS ones? I was just told that all instances of PowerShell & PowerCLI (which I kind of need to use to do my job) are in violation of security policy and will be disabled at a future date. It's really got me thinking of looking for another job.
|
|
#
?
Jan 17, 2019 01:06
|
|
|
That’s some crazy bullshit and gently caress that. Like no joke.
|
|
#
?
Jan 17, 2019 01:11
|
|
|
GreenNight posted:That’s some crazy bullshit and gently caress that. Like no joke. You can't do your job without Powershell if you're a Windows shop.
|
|
#
?
Jan 17, 2019 01:16
|
|
|
Thanks Ants posted:You can't do your job without Powershell if you're a Windows shop. Can't emptyquote this hard enough.
|
|
#
?
Jan 17, 2019 01:34
|
|
|
Yeah that’s a joke. If they are going to require you to manage machines like it’s 1996 then start updating your resume. Are they forcing the removal of all shells from Linux and Mac machines, too?
|
|
#
?
Jan 17, 2019 01:34
|
|
|
Wicaeed posted:Is it "normal" for an Enterprise to come down with a blanket statement from on-high saying that PowerShell be disabled across all systems, even server OS ones? pretty suspect, its a command line at the end of the day. enforcing signed scripts only would be the sane secure posture
|
|
#
?
Jan 17, 2019 01:42
|
|
|
The Fool posted:
It would seem our RPC is all kinds of hosed up thank you for your magical registry fix!
|
|
#
?
Jan 17, 2019 01:42
|
|
|
Docjowles posted:Yeah that’s a joke. If they are going to require you to manage machines like it’s 1996 then start updating your resume. Are they forcing the removal of all shells from Linux and Mac machines, too? "Ok, here are your car keys but we have disabled the power steering and power brakes because accidents happen. It is safer for the c-level lawyers and accountants bonuses if you in particular have to push your car in the direction you want to go instead of driving it, good luck and gently caress you"
|
|
#
?
Jan 17, 2019 07:17
|
|
|
|
| # ? Apr 18, 2024 07:41 |
|
|
Wicaeed posted:Is it "normal" for an Enterprise to come down with a blanket statement from on-high saying that PowerShell be disabled across all systems, even server OS ones? Is to prevent manually running scripts outside of SCCM (which sets its own execution policy at runtime) or "no PowerShell anywhere"? Because the former is weird but not unheard of at the enterprise level.
|
|
#
?
Jan 17, 2019 14:25
|
|
