Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«183 »
  • Post
  • Reply
Internet Explorer
Jun 1, 2005

OFFICIAL BITCH OF DANBO DAXTER




Pillbug

Moey posted:

I ended up getting stuck buying 2012 due to budget money that had to be spent, and 2012 R2 not being out yet. At that time, I didn't want to deploy 2008 R2 and made the assumption 2012 wasn't "that bad".

I have pretty much had zero issues with it, until now.

I'll bring this up with management tomorrow and let them make a call.

Since we're in the Enterprise thread and not the SMB thread, I don't feel as guilty saying it - always keep SA. It removes you having to fight money every upgrade and encourages better engineering, just like having a Datacenter license. If you can show that even if you only buy a new OS every other iteration (6 years or so), SA is basically the same cost. If you can convince someone once you don't have to keep having that argument. Although I'm sure even Windows Server is going subscription sooner rather than later.

Adbot
ADBOT LOVES YOU

Moey
Oct 22, 2010

I LIKE TO MOVE IT


Internet Explorer posted:

Since we're in the Enterprise thread and not the SMB thread, I don't feel as guilty saying it - always keep SA. It removes you having to fight money every upgrade and encourages better engineering, just like having a Datacenter license. If you can show that even if you only buy a new OS every other iteration (6 years or so), SA is basically the same cost. If you can convince someone once you don't have to keep having that argument. Although I'm sure even Windows Server is going subscription sooner rather than later.

Yeah, it was brought up before I was here and they decided against it. Gonna push that route this time around, I think I'll be fine.

Potato Salad
Oct 23, 2014




Tortured By Flan

"Is our IP valuable?"

"....yes?"

Zero VGS
Aug 16, 2002
"It has gunfights and shit!"


Lipstick Apathy

Moey posted:

Awesome. Time to pull money out my rear end for some 2016 Datacenter licenses.

I swear if I buy 2016 Datacenter, and they release R2 shortly after, I am going to strangle someone.

I'm glad I'm in a position to just rent the servers from AWS so the license is in the fee and I don't have to gently caress with buying CALS and R2s.

Thanks Ants
May 21, 2004

Bless you, ants. Blants.




Fun Shoe

Zero VGS posted:

I'm glad I'm in a position to just rent the servers from AWS so the license is in the fee and I don't have to gently caress with buying CALS and R2s.

Preach

lol internet.
Sep 4, 2007
the internet makes you stupid

SCOM question - Can anyone confirms this is overriding the object for E: actually only overrides on the current server and not ALL servers with a E drive?

Zaepho
Oct 31, 2013


lol internet. posted:

SCOM question - Can anyone confirms this is overriding the object for E: actually only overrides on the current server and not ALL servers with a E drive?



Yes, when you do the override from there it is only targeting the specific unique object instance. I.e. E: on that server (really its some crazy GUID in the backend). You see E: because that is the DisplayName of the object. You are safe, override and go with god.

incoherent
Apr 24, 2004

01010100011010000111001
00110100101101100011011
000110010101110010


https://twitter.com/NZ_BenThomas/st...271094803480577

Zaepho
Oct 31, 2013


For those of you running SCCM there's a Compliance Baseline out that will report on vulnerability for Meltdown/Spectre for SCCM Clients.

https://blogs.technet.microsoft.com...l-baseline-ftw/

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



On that note, if anyone is running a SEPM platform shoot me a PM and I can export you a monstrosity of a host integrity policy I made to query for meltdown KBs.

orange sky
May 7, 2007


Does anyone know why Orchestrator 2016 is producing no events on event viewer?

lol internet.
Sep 4, 2007
the internet makes you stupid

SCOM Question again.

Looking to monitor networking devices. Really just uptime and mainly switches.

I was thinking just a ping monitor to the switch/stack, is there any other reason why I'd want SNMP. I guess SNMP would report CPU usage/load as well?

Thanks!

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



SNMP polling will give you CPU, memory, and a bunch of other standard polling stuff but what you should really do it configure SNMP traps and import the MIBs of your devices in to your monitoring service so the device can push alerts at the time of the bad thing happening. These are more detailed than standard polling and will often give you a much clearer picture of a failure and more advanced notice on looming problems than just polling without having to aggregate full logs.

It's something you don't really thing you need until someone loops an interface, you hit a bug that causes performance degradation/load spikes, or some other nonsense and then its a godsend.

Potato Salad
Oct 23, 2014




Tortured By Flan

Also great for speccing out future hardware. Nothing justifies hardware like a raw performance database, understanding of your tech stack at a transactional level, and some algebra

devmd01
Mar 7, 2006

Elektronik
Supersonik


Reboot all of my domain controllers on a Thursday night because of a Server 2016 2018-01 patch revision, sure why not!

redeyes
Sep 14, 2002
I LOVE THE WHITE STRIPES!

It's better than having your server crash by itself I suppose.

Moey
Oct 22, 2010

I LIKE TO MOVE IT


devmd01 posted:

Reboot all of my domain controllers on a Thursday night because of a Server 2016 2018-01 patch revision, sure why not!

At least you got a patch!!!

Still in the air on getting 2026 this year or riding dirty with 2012 for 12 months.

buffbus
Nov 19, 2012


devmd01 posted:

Reboot all of my domain controllers on a Thursday night because of a Server 2016 2018-01 patch revision, sure why not!

I suppose at least domain controllers are some of the easiest things to reboot as long as they are staggered a bit.

devmd01
Mar 7, 2006

Elektronik
Supersonik


Bingo! I took us from 7 DCs, 4 physical all mixed OS across 3 sites down to 4 server 2016 DCs across two datacenters.

lol internet.
Sep 4, 2007
the internet makes you stupid

devmd01 posted:

Bingo! I took us from 7 DCs, 4 physical all mixed OS across 3 sites down to 4 server 2016 DCs across two datacenters.

For decommissioning the older DCs, I assume all you did was just remove the DC role from the server?

Thanks Ants
May 21, 2004

Bless you, ants. Blants.




Fun Shoe

You mean you don't decommission DCs by just shutting down the one with the PDC emulator role and putting it on the floor in a corner for two years before throwing it out? That seems to be how everybody I've had to clean up after decided to do it.

Super Slash
Feb 20, 2006

You rang ?

Win 10 Enterprise 1709 question:
So there's this new feature where Windows will remember what programs you last had open on last login and restore/open them automatically, this has made for some funtimes with people leaving their machines on overnight which get force updated and rebooted and when they come in the next day Visual Studio in particular doesn't work properly.

Beyond telling people to properly log off before they go home is there a way to switch this off? There is the option to toggle whether to autologin to finish updates but I think that only works for non-domain machines, and the option to shutdown from commandline, but I've not found any alternative.

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



Thanks Ants posted:

You mean you don't decommission DCs by just shutting down the one with the PDC emulator role and putting it on the floor in a corner for two years before throwing it out? That seems to be how everybody I've had to clean up after decided to do it.

The predecessor at my first IT job keep an "Offline Backup Domain Controller" under his desk which was just a lovely optiplex he dcpromo'd and only turned on once a month. Instead of a real restore procedure, his plan was to shut down the other two DCs and only run that one until it became authoritative instead of, you know, using backups. Idiot forgot it for a month and it got tombstoned and he had no idea so it never would have worked. Also never opened firewall rules to it so client tried to connect to it and hit a 60 second timeout to figure out it was offline because the firewall was dropping the traffic before the router could advertise that the system was down. Login times were atrocious and you'd have other random hangs.

Don't let idiots touch AD.

Frank Viola
Feb 12, 2014


Hello Thread, I had a small question about Floating Point IP in Server 2016. We currently have a MySQL database in a Mobile DataCenter that I want to replace with 2 Windows 2016 Servers running mirrored MySQL on Symmetric DS. I would ideally like to assign a floating point IP between these boxes. Is WSFC the only option or does another one exist?

orange sky
May 7, 2007


BangersInMyKnickers posted:

The predecessor at my first IT job keep an "Offline Backup Domain Controller" under his desk which was just a lovely optiplex he dcpromo'd and only turned on once a month. Instead of a real restore procedure, his plan was to shut down the other two DCs and only run that one until it became authoritative instead of, you know, using backups. Idiot forgot it for a month and it got tombstoned and he had no idea so it never would have worked. Also never opened firewall rules to it so client tried to connect to it and hit a 60 second timeout to figure out it was offline because the firewall was dropping the traffic before the router could advertise that the system was down. Login times were atrocious and you'd have other random hangs.

Don't let idiots touch AD.

What the gently caress

PUBLIC TOILET
Jun 13, 2009



Super Slash posted:

Win 10 Enterprise 1709 question:
So there's this new feature where Windows will remember what programs you last had open on last login and restore/open them automatically, this has made for some funtimes with people leaving their machines on overnight which get force updated and rebooted and when they come in the next day Visual Studio in particular doesn't work properly.

Beyond telling people to properly log off before they go home is there a way to switch this off? There is the option to toggle whether to autologin to finish updates but I think that only works for non-domain machines, and the option to shutdown from commandline, but I've not found any alternative.

I thought there was a way, but I guess not. Best I could find:

https://www.ghacks.net/2017/10/25/b...ndows-10-start/

hihifellow
Jun 17, 2005

seriously where the fuck did this genre come from


College Slice

BangersInMyKnickers posted:

The predecessor at my first IT job keep an "Offline Backup Domain Controller" under his desk which was just a lovely optiplex he dcpromo'd and only turned on once a month. Instead of a real restore procedure, his plan was to shut down the other two DCs and only run that one until it became authoritative instead of, you know, using backups. Idiot forgot it for a month and it got tombstoned and he had no idea so it never would have worked. Also never opened firewall rules to it so client tried to connect to it and hit a 60 second timeout to figure out it was offline because the firewall was dropping the traffic before the router could advertise that the system was down. Login times were atrocious and you'd have other random hangs.

Don't let idiots touch AD.

I've posted about it in another thread before but my favorite was the physical DC with two active NICs and a running Hamachi interface. They had no idea why they had replication issues.

Thanks Ants
May 21, 2004

Bless you, ants. Blants.




Fun Shoe

I might be being dense here, but I am creating some iOS profiles with Intune. If I manually add an Exchange Online account to an iOS device I get taken through the 'modern' login flow - the browser-based OAuth setup as far as I can tell. If a policy is pushed via MDM then there's just a popup prompt requesting a password - I assume as soon as I want to do two-factor with this then I'm going to have a bad time and end up fiddling with per-app passwords.

Is this a fixable problem (e.g. starting the modern auth workflow when a deployed profile lands on the device), or is moving to certificate based auth the proper way to deal with this?

peak debt
Mar 10, 2001
b& :(

Trip report: We just installed the Spectre updates on our Citrix servers and servers that used to be able to handle 25 users are now struggling with 18. We're now running with a totally safe spare number of servers of exactly zero. If we actually wanted to give people the same experience as before we'd have to go down to maybe 16-17 users per server.

Interestingly it's not even the CPU that is hitting its limits all that badly, the graphics cards are hitting 100%.

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



The GPU shouldn't really be making many syscalls, that sounds like something a subsequent patch could optimize around.

Tab8715
May 20, 2006


What's the best way to teach myself ADFS? I already have a lab, I can crack open a trace with fiddler but I'm looking to understand how the madness works.

Adbot
ADBOT LOVES YOU

EoRaptor
Sep 13, 2003




peak debt posted:

Trip report: We just installed the Spectre updates on our Citrix servers and servers that used to be able to handle 25 users are now struggling with 18. We're now running with a totally safe spare number of servers of exactly zero. If we actually wanted to give people the same experience as before we'd have to go down to maybe 16-17 users per server.

Interestingly it's not even the CPU that is hitting its limits all that badly, the graphics cards are hitting 100%.

NVidia has a game ready driver out that should address this, but I donít know if itís just for consumer or also supports virtualization. Itís the 390.xx series.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«183 »