|
OK, got some troubleshooting. E-mails are not reaching Comcast addresses, message trace shows delivered. Verified functionality w/ a GMail address and a work address I have. I've submitted for a blocklist removal from Comcast, but I wanted to check here if there was anything I might be overlooking. The messages don't show up in a spam folder either. Everything for the domain was setup from O365 importing from Network Solutions, and then updating its own MX records, SPF record, etc. So there's a good chance I'm missing something as well. EDIT: confirmed not on blocklist either. Oh and Comcast e-mails reach them no problem. And now a ton of bouncebacks from different domains citing bad sender, which was the original problem. EDIT 3: Now into Restricted User stuff. Just trying to figure out what's triggering that flag. Boywhiz88 fucked around with this message at 22:48 on Sep 12, 2019 |
# ? Sep 12, 2019 22:16 |
|
|
# ? Apr 27, 2024 08:09 |
|
BonoMan posted:I'm at home for the second so I'll get this all when I get back to the office but I should note that the ONLY thing they need access to is the files served on the very QNAP that is running the VPN. And that they won't "work" from it. Only pull files from time to time when they need a logo or reference to something we've done in the past. They don't need access to anything else on our network. Just the QNAP. Is the QVPN still a bad solution for that? This is an outright lie. They are going to link that poo poo into InDesign and whine incessantly about how badly it performs and how much Indesign will lock up, because adobe products are extremely bad at dealing with slow network connections. You need to cloud host these files. If you already have Creative Cloud, you should look at expanding the space there and putting them all online. If you don’t use adobe products, any number of cloud + agent storage solutions like Dropbox/box/ etc will work a lot better and have way more features.
|
# ? Sep 12, 2019 22:54 |
|
EoRaptor posted:This is an outright lie. They are going to link that poo poo into InDesign and whine incessantly about how badly it performs and how much Indesign will lock up, because adobe products are extremely bad at dealing with slow network connections. Ha thats probably true. People are stupid. Honestly right now, until they pony up for a managed solution or dedicated employee we'll just use the file station web based solution for the QNAP. That way you can't work from it but can still download the files you need. We just moved to CC for Teams *finally* so I'll check the hosting solutions there. Problem is that department demands every single project file/asset/whatever for every single client from 2009 til now be hosted and available.
|
# ? Sep 12, 2019 23:22 |
|
I'd push for a AWS appliance onsite with iSCSI drivers for caching frequently accessed files.
|
# ? Sep 13, 2019 00:22 |
|
I setup 2 CNAME entries per the article on DKIM. I just need to wait an hour or so for the entries to go through and be able to enable DKIM? The 2 entries called for the custom domain and the initial domain. I don’t have to do anything more than that? Edit: got home and was able to follow steps from MS to setup DKIM via power shell. It’s enabled but Comcast still isn’t receiving emails, and I verified the DKIM is good to go. At this point, should I consider DMARC? EDIT 2: enabled DMARC! Hot dang, but still no luck. I pulled a couple DNS entries out that were pointing to old mail servers in case that could be affecting things and still no luck. I’m undeterred though! I know there’s gotta be one little thing I’m missing! EDIT 3: looks like part of it is in Message Trace, e-mails sent to Comcast show being sorted via HRDP. Not sure what my next step is. Probably too late at this time. I’ve turned on Outbound Spam notifications tomsee if that might help as well. Any insight would be super appreciated! The issue that precipitated this change was that domains like Comcast and AOL were rejecting or not delivering emails. The clients used to send out emails to huuuuge groups of people. Hundreds if not closer to 2,000. They later stepped it back to 100 at a time, but this is only once a year, not consistently or anything. FINAL EDIT: the issue was on Comcast’s end! The client contacted them and got it resolved. Everything is good to go now! DKIM and DMARC should hopefully prevent this in the future. At this time, I’m trying to figure out what to charge. I didn’t really track my hours, but it’s definitely low double-digits. I was thinking $400-500. Too much? Too little? It was a learning experience for me so it wasn’t the smoothest transition for the client, but the issue is resolved and I feel like I was fairly proactive in my troubleshooting and resolution. Boywhiz88 fucked around with this message at 15:17 on Sep 15, 2019 |
# ? Sep 13, 2019 00:57 |
|
BonoMan posted:I'm at home for the second so I'll get this all when I get back to the office but I should note that the ONLY thing they need access to is the files served on the very QNAP that is running the VPN. And that they won't "work" from it. Only pull files from time to time when they need a logo or reference to something we've done in the past. They don't need access to anything else on our network. Just the QNAP. Is the QVPN still a bad solution for that? This feels like a good use case for carrier pigeon (the fastest site-to-site file transfer system available). Take a hard drive, copy all the files to the hard drive, take it to the new site. Because it sounds like you don't need the data to be accurate in an up-to-the-minute kind of way. Every couple of months, someone copies down the files to a new hard drive, and runs it to the remote site.
|
# ? Oct 10, 2019 02:08 |
|
Thanatosian posted:This feels like a good use case for carrier pigeon (the fastest site-to-site file transfer system available). Take a hard drive, copy all the files to the hard drive, take it to the new site. Because it sounds like you don't need the data to be accurate in an up-to-the-minute kind of way. Every couple of months, someone copies down the files to a new hard drive, and runs it to the remote site. Sneakernet
|
# ? Oct 11, 2019 00:14 |
|
Station wagon full of hard drives barreling down the freeway, etc
|
# ? Oct 11, 2019 00:44 |
|
Have someone memorize all the data every now and then.
|
# ? Oct 13, 2019 00:43 |
|
Encrypted off-site backups. Right now, my boss mounts a USB external hard drive where he has a truecrypt volume that basically takes up the entire drive. He then copies stuff over to this drive and takes it off site. He always complains about how every so often the drive gets 'fragemented' and it takes 3 weeks to defrag it. I haven't researched drive encryption much but it seems like there's a better way. Don't SSD's have built-in encryption? Is that something you can activate when you use it in an external enclosure? It seems like that would be more transparent and probably perform better.
|
# ? Oct 19, 2019 17:22 |
|
Lots of external enclosures have hardware encryption in the controller. A bunch of sad manufacturers also make drives that self encrypt, but there was a flaw found last year: https://www.ru.nl/publish/pages/909275/draft-paper_1.pdf Also, there’s bitlocker, but that will be windows only. For a mixed environment I’d probably try to find a reliable drive with encryption on the controller, but you will lose the contents of that drive if the controller breaks.
|
# ? Oct 19, 2019 21:09 |
|
LVM with Encryption is an option.
|
# ? Oct 21, 2019 15:20 |
|
A while back here someone posted some Bomgar alternatives but I can't find the post for the life of me. Anyone still have other remote control software they're using?
|
# ? Oct 24, 2019 23:24 |
|
We’re using Dameware. Just don’t use teamviewer.
|
# ? Oct 24, 2019 23:35 |
|
Doesn't windows have a remote help feature by now?! I swear I read something.
|
# ? Oct 25, 2019 15:34 |
|
It does, but you still can’t do uac escalation through it. So if your users have local admin and you can trust them to click on the right button at the right time it’ll work just fine.
|
# ? Oct 25, 2019 16:00 |
|
It's called Quick Assist and it's pretty great
|
# ? Oct 25, 2019 18:36 |
|
We are trialing MeshCentral as a self-hosted option. Definitely rough around the edges in a lot of areas and very basic compared to the commercial alternatives, but if your main priority is remote control and not policy enforcement or system management it looks pretty decent so far. The price is definitely right. It supports agent-based connections to basically any major OS, GUI or CLI, and agentless connections to Intel AMT equipped machines.
|
# ? Oct 25, 2019 18:39 |
|
Thanks Ants posted:It's called Quick Assist and it's pretty great This is cool! E: Well it will be cool in 8-10 months when all of our Windows 7 machines are finally retired.
|
# ? Oct 25, 2019 18:44 |
|
Rick posted:This is cool! Still doesn't do UAC
|
# ? Oct 25, 2019 18:44 |
|
The Fool posted:Still doesn't do UAC Ah, then way less cool.
|
# ? Oct 25, 2019 18:46 |
|
I should be clear. It's not like it breaks on UAC like some older screensharing programs did when Vista came out. MS made a design decision to block the remote user when a UAC prompt comes up, expecting the local user to proceed through the prompt, then the session resumes. This actually makes a lot of sense because you don't want a support scammer calling grandma and him being able to bypass UAC and installing his malware just because he tricked her into launching QuickAssist. This however is a non-starter when supporting users that don't have local admin.
|
# ? Oct 25, 2019 18:53 |
|
Is there a reason why VPNing to the site and then using VNC (such as tight VNC) isn't a good option? VNC will let you verify UAC prompts and everything. Hell you can pull up the login screen and login if no one is at the computer. It's as good as sitting in from that that machine.
|
# ? Oct 25, 2019 19:40 |
|
pixaal posted:Is there a reason why VPNing to the site and then using VNC (such as tight VNC) isn't a good option? VNC will let you verify UAC prompts and everything. Hell you can pull up the login screen and login if no one is at the computer. It's as good as sitting in from that that machine. Vnc isn’t really secure out of the box, and useless if the user is not on your lan
|
# ? Oct 26, 2019 22:19 |
|
ConnectWise Control (aka ScreenConnect) is really nice as a remote control tool.
|
# ? Oct 29, 2019 07:04 |
|
pixaal posted:VNC will let you verify UAC prompts and everything. Hell you can pull up the login screen and login if no one is at the computer. It's as good as sitting in from that that machine. This is why we use VNC internally (with encryption and certificate based auth features that ultravnc has)
|
# ? Oct 29, 2019 11:17 |
|
Maneki Neko posted:ConnectWise Control (aka ScreenConnect) is really nice as a remote control tool. The on premises version is also a single, non-subscription payment which is something of a rarity these days.
|
# ? Oct 29, 2019 12:35 |
|
Sheep posted:The on premises version is also a single, non-subscription payment which is something of a rarity these days. Can confirm I deployed the on-prem option at multiple past jobs and it does a great job. Its a good product.
|
# ? Oct 29, 2019 21:10 |
|
Standing up some new hosts and a SAN for a client, they are currently on ESXi 6.5u3 on their older equipment. I have not worked with vmware stuff much other than admining a couple already running clusters; most of my clients have used hyper-v. The plan is to merely move the VMs to the new storage/cluster and then rebuild some of the VMs afterwards (not my choice but it is what it is). If I install 6.7u3 onto the new hosts, is it going to cause problems for importing the VMs? Should I build a new ESXi cluster (datacenter whatever vmware calls it) or can clusters run mixed versions? Any other gotchas/stuff I should look out for?
|
# ? Oct 31, 2019 20:02 |
|
MF_James posted:Standing up some new hosts and a SAN for a client, they are currently on ESXi 6.5u3 on their older equipment. Not really between ESXi versions, I just did a big 6.5->6.7 upgrade and migrated hundreds of VMs between the two versions no problem. If you're upgrading vCenter from 6.5 to 6.7, that's a bigger deal, but if it's just ESXi, you're fine.
|
# ? Oct 31, 2019 20:07 |
|
COOL CORN posted:Not really between ESXi versions, I just did a big 6.5->6.7 upgrade and migrated hundreds of VMs between the two versions no problem. I will probably just build a new vcenter server since the old one is server 2012r2 anyway.
|
# ? Oct 31, 2019 20:43 |
|
MF_James posted:I will probably just build a new vcenter server since the old one is server 2012r2 anyway. Just use the new vcenter virtual appliance.
|
# ? Oct 31, 2019 20:49 |
|
Looks like 6.7 deprecates the windows version anyway.
|
# ? Oct 31, 2019 21:17 |
|
Maneki Neko posted:ConnectWise Control (aka ScreenConnect) is really nice as a remote control tool. speaking of connectwise, they bought continuum, anyone got the scoop on how that's gonna work vs. labtech which they also bought
|
# ? Nov 8, 2019 20:56 |
|
Prices are going to go up. That's how it's going to work.
|
# ? Nov 8, 2019 21:02 |
|
Oh connectwise bought continuum? I thought it was the other way around. Yeah my assumption is prices will go up in the next 6-12 months, service quality will go down; how it can go down further I don't know because Continuum's NOC is terrible and their monitoring is dog poo poo.
|
# ? Nov 8, 2019 21:46 |
|
My old boss just finished migrating everyone off of labtech and onto continuum a few days before the announcement. Glad I don't have to worry about it anymore (but I might because rent is expensive and he offered me part-time employment )Internet Explorer posted:Prices are going to go up. That's how it's going to work. I was told 10% price increase annually, but that might just be grumbling.
|
# ? Nov 8, 2019 23:48 |
|
Actuarial Fables posted:I was told 10% price increase annually, but that might just be grumbling. I budget for a 10-20% price increase annually for services. It has never bite in the rear end. Or hasn't yet......
|
# ? Nov 8, 2019 23:57 |
|
NevergirlsOFFICIAL posted:speaking of connectwise, they bought continuum, anyone got the scoop on how that's gonna work vs. labtech which they also bought All the chat I’ve heard is they feel there’s enough difference in audience between the two that they’ll keep one for MSPS that can do it all in house and one for folks that want to outsource helpdesk, NOC, SOC, etc.
|
# ? Nov 10, 2019 03:59 |
|
|
# ? Apr 27, 2024 08:09 |
|
Any recommendation for touchscreen monitors good for POS? I have a spare ITX PC I'm thinking about using it for one of our POS system. I'm getting sick of having to deal with the old rear end Casio-9100s.
|
# ? Dec 30, 2019 03:30 |