|
Boywhiz88 posted:OK, so I've got a dumb question/situation. So, what is the upstream device that your client's switch runs to? What is handling DHCP? What types of devices are on your client's network? (i.e. PCs/laptops, servers etc)
|
#
?
Aug 21, 2020 18:49
|
|
|
|
| # ? Apr 16, 2024 08:46 |
|
|
Something that can send emails without needing an open SMTP relay or can only authenticate in plain text to Exchange. It's time that these MFP vendors did their scan-to-email and scan-to-sharepoint via an Azure AD app integration.
|
|
#
?
Aug 21, 2020 18:58
|
|
|
Our new kyocera’s have sharepoint integration but it was pretty annoying to get set up. I mean, there is literally no reason to have to use a server component to send scans to a document library.
|
|
#
?
Aug 21, 2020 19:09
|
|
|
MF_James posted:So, what is the upstream device that your client's switch runs to? 1. Not sure, likely another switch but setup w/o restrictions. The office suite has the one ethernet port that runs to the in-office switch. I would expect that the building's switch is handling DHCP due to the range of IPs I saw. (192.168.33.xxx) Also, a printer that appears to have been auto-discovered but not in the office. 2. A few PC's and 2 printers. But the data on the PC's is fairly sensitive, both are setup w/ BitLocker encryption as part of their company's requirement, so I'm trying to be relatively pro-active/secure.
|
|
#
?
Aug 21, 2020 19:31
|
|
|
codo27 posted:The volume is relatively low, so we are talking table top in most cases, we only have a few free standing bigger devices and those are leased. I literally wouldn't. Make them walk to the big free standing one. If you absolutely have to, a lot of leasing companies offer leases for the table top ones, too. I would lease that, as well.
|
|
#
?
Aug 21, 2020 21:58
|
|
|
Yeah, if you're already using a company for your bigger MFPs, keep using them for a smaller table-top MFP. It's not worth the management headache to split it off.
|
|
#
?
Aug 21, 2020 22:08
|
|
|
Its a construction outfit and there are various locations, not one big central one. But its something to consider all the same. We're talking real low staff per machine, like <10
|
|
#
?
Aug 21, 2020 22:21
|
|
|
Yeah, it just means, when it breaks - who fixes it? Who order toner? If you can swing it, try to keep it all under a contract. Bonus points for keeping those contracts so they co-terminate when the other leases are up, that way you have one time every X number of years to renegotiate and aren't just perpetually stuck with overlapping contracts.
|
|
#
?
Aug 21, 2020 22:37
|
|
|
codo27 posted:Its a construction outfit and there are various locations, not one big central one. But its something to consider all the same. We're talking real low staff per machine, like <10 If you use exactly the same big MFP printer everywhere, you never need to worry about what needs what toner, what needs what toner waste container, what model you're talking to someone about, what drivers you need installed, what printer should be your default printer, etc. The additional technical debt added by a single printer of a different kind than your other printers is loving huge. We got rid of our desktop printers when we moved headquarters four years ago, and it was the smartest loving poo poo we ever did. I would guess it cut total ticket volume by close to 20-25%.
|
|
#
?
Aug 21, 2020 22:44
|
|
|
Boywhiz88 posted:OK, so I've got a dumb question/situation. Managed switches usually top out at layer 2. You won't really be able to do anything with a managed switch other than turn specific ports on and off, set port speeds if available, and assign ports to VLANs, but none of those things will really help with security in this scenario. What you need is a router, placed between the switch and the outside network. Outside network -> Router WAN port. Then connect Router LAN port -> Switch port 1. Connect everything else in the office to your 7 remaining switch ports and there you go. You'll need something to act as your DHCP server within your new office network, and you'll need to make sure to set the router's LAN port IP address as your default gateway handed out by your DHCP. At that point your small office network should be isolated from the building's network. GreatGreen fucked around with this message at 06:24 on Aug 22, 2020 |
|
#
?
Aug 22, 2020 05:13
|
|
|
Dumb question: Could you link a model that you’re thinking of? I’m guessing a router is a router is a router, so even a wireless router w wireless disabled would be of benefit. Although if that works, maybe I just swap out the switch and the router, hide the Wifi network, and have his laptop connect that way when he brings it in. Let me know if I’m wildly off base. I tried poking around for wired routers but they don’t exist in the form I remember them in from 2005ish.
|
|
#
?
Aug 25, 2020 14:15
|
|
|
Look at the Ubiquiti EdgeRouter Lite. Not too expensive and it will do everything you need here
|
|
#
?
Aug 25, 2020 16:13
|
|
|
Who's got a suggestion for a free/cheap ticket tracking solution? I think I can get by just fielding emails and calls as they come but at the same time, memory and organization are my weakest points.
|
|
#
?
Aug 25, 2020 17:24
|
|
|
codo27 posted:Who's got a suggestion for a free/cheap ticket tracking solution? I think I can get by just fielding emails and calls as they come but at the same time, memory and organization are my weakest points. Freshdesk Just not spiceworks
|
|
#
?
Aug 25, 2020 18:01
|
|
|
The Fool posted:Freshdesk
|
|
#
?
Aug 26, 2020 00:07
|
|
|
Freshdesk is indeed really nice. The cheapest of the cheap may balk at it if you've got to add more than a few agents, but it is really nice and I highly recommend it.
|
|
#
?
Aug 26, 2020 00:21
|
|
|
I do some side work for a couple of places and I have a Freshdesk instance set up at each of them. The features in the free tier are nothing to shout about, but all these places need is a central place for tickets to go, a way for the directors to see all the cases so they can have an idea of whether people's complaints are worth listening to, and it has SAML support at the free level.
|
|
#
?
Aug 26, 2020 23:37
|
|
|
Boywhiz88 posted:Dumb question: Could you link a model that you’re thinking of? I’m guessing a router is a router is a router, so even a wireless router w wireless disabled would be of benefit. Although if that works, maybe I just swap out the switch and the router, hide the Wifi network, and have his laptop connect that way when he brings it in. I think you should get a cheap firewall. Like the sonic wall tz100 is what I’m familiar with but whatever equivalent to that will handle everything. Put it in front of the switch.
|
|
#
?
Aug 28, 2020 02:44
|
|
|
NevergirlsOFFICIAL posted:I think you should get a cheap firewall. Like the sonic wall tz100 is what I’m familiar with but whatever equivalent to that will handle everything. Put it in front of the switch. Seconding this.
|
|
#
?
Aug 28, 2020 14:24
|
|
|
NevergirlsOFFICIAL posted:I think you should get a cheap firewall. Like the sonic wall tz100 is what I’m familiar with but whatever equivalent to that will handle everything. Put it in front of the switch. I thought I had responded after the initial questions I asked, but yeah, this is the thing to do.
|
|
#
?
Aug 28, 2020 23:45
|
|
|
What's the safest tool to reach for non-appliance storage? I'm working with a university research lab who is keeping data on a couple 12x10TB RAID 6 arrays and several 4x12TB RAID 5 arrays with hardware RAID controllers. I believe around 250TB usable right now. They've been hand-managing cross-mounting directories via nfs so all data is accessible from all servers, and don't have dedicated "storage" or "compute" machines. They want to put a parallel filesystem (lustre or similar) on top of this instead, but I'm kind of terrified for them trying to do a parallel filesystem on hardware RAID on heterogenous hardware, including arrays with only 1 parity drive. The biggest argument in favor of this is that when everything is up, it would be fast as hell for their workloads and the group has previous positive experience with GPFS at a previous university, which was apparently also just running on top of hardware RAID controllers and never broke in ~8 years. A dream solution would need:
Data loss would be a disaster. Hardware failures can cause outages, but should not lose data. Filesystem-level compression would be nice to have, but they can just run stuff through gzip as they've been doing instead. I think that they can get high availability and would appreciate it, even though they say they don't want HA. They've got tons of CPU available (Xeon Platinums), so stuff like erasure coding would have as much CPU as it can use available. Everything is on Ubuntu 18.04 right now. The migration plan is to get enough additional storage in one batch to comfortably hold everything they have now, set up whatever storage solution they move forward with, put all the data on there, and then wipe and add all of the existing machines to the storage pool. So: The least bad option that I see is Gluster or their original plan of "just throw lustre on there". Ceph sure has a lot more whiz-bang features, but looks object focused, block second, and filesystem as a 3rd class citizen. Other stuff exists like LizardFS and MooseFS, but I'd feel safer with one of the Red Hat funded big boys. All in all, beats the hell out of the last time I janitored computers for them, which was trying to figure out why software wouldn't build on their old-rear end SUSE on Opteron machines.... in 2017. 
|
|
#
?
Sep 6, 2020 14:48
|
|
|
I like our Lenovo fleet but the price of docks is insane. I bought a few USB C mini docks and they have VGA and HDMI, but you can only use one or the other, officially the dumbest thing ever. Is there a good third party dock thats not too expensive that will do dual display and charge our machines over USB C?
|
|
#
?
Sep 11, 2020 15:10
|
|
|
Dell D6000? I've got a few for my Lennys as well as Dells. $165 on a good day, good specs (2x 4K, etc)
|
|
#
?
Sep 11, 2020 22:17
|
|
|
codo27 posted:I like our Lenovo fleet but the price of docks is insane. I bought a few USB C mini docks and they have VGA and HDMI, but you can only use one or the other, officially the dumbest thing ever. Is there a good third party dock thats not too expensive that will do dual display and charge our machines over USB C? search for any dock that has displaylink hardware. display link provides drivers for video, audio, networking, and USB functionality that work regardless of what OEM stamps its name on the plastic exterior of the dock
|
|
#
?
Sep 18, 2020 04:40
|
|
|
codo27 posted:I like our Lenovo fleet but the price of docks is insane. I bought a few USB C mini docks and they have VGA and HDMI, but you can only use one or the other, officially the dumbest thing ever. Is there a good third party dock thats not too expensive that will do dual display and charge our machines over USB C? On a side note, the Lenovo thunderbolt 3 docks are hot garbage, so avoid those 
|
|
#
?
Sep 18, 2020 04:55
|
|
|
If you have an end of life (Windows 2008) server that you're using as a fileserver whats the best way to go on replacing it? Would upgrading it to 2012, then 2016 even work? Starting from scratch with file permissions would be a nightmare with our people and I would desperately like to avoid that. We have a few 2008 servers I'm just finding out about (don't ask) and so I'm trying to figure out the best way to strategize updating them. Thanks for any advice or condolences. 
|
|
#
?
Sep 22, 2020 17:07
|
|
|
Comfortador posted:If you have an end of life (Windows 2008) server that you're using as a fileserver whats the best way to go on replacing it? Would upgrading it to 2012, then 2016 even work? Starting from scratch with file permissions would be a nightmare with our people and I would desperately like to avoid that. We have a few 2008 servers I'm just finding out about (don't ask) and so I'm trying to figure out the best way to strategize updating them. Is it a VM? We had to do this and we built a new 2019 server and then re-attached the drive with the files and permissions and it just worked.
|
|
#
?
Sep 22, 2020 17:16
|
|
|
Build a new server, add it to your DFS domain, set it up as a replica target of the old server. Once everything is replicated, set the new server as the primary and nuke the old one. Edit: ^ Or that. ^
|
|
#
?
Sep 22, 2020 17:23
|
|
|
GreenNight posted:Is it a VM? We had to do this and we built a new 2019 server and then re-attached the drive with the files and permissions and it just worked. It is a VM. That's an interesting concept and would be amazing if that worked heh. Thanks.
|
|
#
?
Sep 22, 2020 17:28
|
|
|
That would come close to "just working," but you will have to share out folders and if you have any permissions on the share itself instead of NTFS you'll need to do that. DFS-N/DFS-R or DFS-N w/o Robocopy isn't a bad path. Microsoft also makes a tool to help these days - https://docs.microsoft.com/en-us/windows-server/storage/storage-migration-service/migrate-data Now would be a good time to look into using Azure File Sync w/ cloud tiering if you use Azure and/or think you would ever want to go that route.
|
|
#
?
Sep 22, 2020 17:41
|
|
|
Seconding the suggestion to use DFS to create a namespace and update all your GPOs, then replicate to the new server before standing the old one down.
|
|
#
?
Sep 22, 2020 18:11
|
|
|
what happened to the tried and true robocopy + cname?
|
|
#
?
Sep 22, 2020 18:15
|
|
|
Internet Explorer posted:That would come close to "just working," but you will have to share out folders and if you have any permissions on the share itself instead of NTFS you'll need to do that. DFS-N/DFS-R or DFS-N w/o Robocopy isn't a bad path. Microsoft also makes a tool to help these days - https://docs.microsoft.com/en-us/windows-server/storage/storage-migration-service/migrate-data When Azure File Sync added support for NTFS permissions we greatly expanded it's use. We only have a little under 1TB of files synced right now, but it is working well. More info here: https://azure.microsoft.com/en-gb/blog/azure-active-directory-integration-for-smb-access-now-in-public-preview/ but lol 
The Fool fucked around with this message at 18:52 on Sep 22, 2020 |
|
#
?
Sep 22, 2020 18:24
|
|
|
GreenNight posted:Is it a VM? We had to do this and we built a new 2019 server and then re-attached the drive with the files and permissions and it just worked. We did this and it worked great. There’s a registry key you can export/import that has the share info as well. In our case we went from 2003 to 2016 and had no issues with this method.
|
|
#
?
Sep 23, 2020 03:40
|
|
|
The Fool posted:what happened to the tried and true robocopy + cname? Modern windows wig out at cnames. Just add the old servers name as a secondary hostname. And, replace where you can with DFS-N.
|
|
#
?
Sep 24, 2020 00:23
|
|
|
Not sure if this is the place for this, but the home networking thread didn't seem right either. I got a weird request. Small office has 2 distinct networks, a 10. and a 192. For reasons that are probably silly, they don't want to change ip configs, but want to share a copier. I used an extra port on 10dots firewall to connect to the 192 network switch, setup the routing on 192's firewall to provide a route back to to the copier, and pinged it + hit its configuration webpage from both networks. All seemed good.(at this point, I just did an allow all on the firewalls for testing). When printing, the job will error out on the pc, and get stuck in the printer's job log for 10 minutes or so before printing a pcl error page(or a generic error if using a non-pcl driver). Also disabled the firewall on the client pcs just in case they were being weird about talk back from an ip outside their subnet. Any ideas?
|
|
#
?
Sep 24, 2020 23:07
|
|
|
bobua posted:Not sure if this is the place for this, but the home networking thread didn't seem right either. Does the PC print successfully on the 10. network? Is the port connecting the 10. firewall and 192. switch a routed port or a switch port? Do you still have the Allow All rules in place on the network firewalls? What port(s) are used to connect to the printer?
|
|
#
?
Sep 25, 2020 19:41
|
|
|
Actuarial Fables posted:Does the PC print successfully on the 10. network? yeah 10. works fine. 10. is a routed port, other end(into the 192) is a switch port. yes, for testing purposes I allowed everything through the firewall can't recall the port for the printer, it uses all default settings Really wishing I had another printer out there, just to test if it's the printer being weird.
|
|
#
?
Sep 27, 2020 19:07
|
|
|
I have sort of a very unofficial marketing question for IT pros. When you are researching new tech for your office (say...privilege management solutions), what is your process and - primarily- your engagement with videos on possible solution's websites (Bomgar, Thycotic, CyberArk, etc). Are videos and animated explainers helpful? Do you send them to your boss to help with purchasing decisions?
|
|
#
?
Nov 3, 2020 17:52
|
|
|
|
| # ? Apr 16, 2024 08:46 |
|
|
I find videos helpful, but if it's just going to be full of marketing fluff then I don't bother. It has to actually go into some sort of detail. Webinars / "user group session" type stuff is also useful. A 3 minute video full of buzzwords, less so.
|
|
#
?
Nov 3, 2020 17:56
|
|