Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«230 »
  • Post
  • Reply
Comfortador
Jul 31, 2003

Not even *my* powers can save CoX.

So I have very little experience with KMS style licensing. I set a server up on a whim when my VDI project called for it, so it's always been a source of "I dunno" when I had issues. I started installing some machines with Win10 2004 and I'm having the "You don't have enough activations" error message when they are trying to activate. Does Windows 10 count each version number as a separate count for activations? I should have a bunch of Win10 machines out there activating. Is there a quick way around this if thats the case?

Thanks guys, appreciate any input. I've had to interact with it so drat little and now it's coming back to bite me.

Adbot
ADBOT LOVES YOU

lol internet.
Sep 4, 2007
the internet makes you stupid

Any reason you're not doing active directory based licensing? Same key as KMS just choose AD based.

But to answer your question though before you actually activate the KMS server you need X amount of active computers. Not sure what the count is for Windows 10 but Windows 7 was 25 active PCs on the network trying to activate via KMS before it becomes an active KMS. Server OS is like 5 active servers. But go AD activation if possible, it's the new thing and easier.

Comfortador
Jul 31, 2003

Not even *my* powers can save CoX.

lol internet. posted:

Any reason you're not doing active directory based licensing? Same key as KMS just choose AD based.

But to answer your question though before you actually activate the KMS server you need X amount of active computers. Not sure what the count is for Windows 10 but Windows 7 was 25 active PCs on the network trying to activate via KMS before it becomes an active KMS. Server OS is like 5 active servers. But go AD activation if possible, it's the new thing and easier.

Is it fairly easy to switch over, and it won't screw with VDI in any way? (Horizon)

For the record it is still 25 for Windows clients, and 5 for Windows server clients. I'm still getting the standard "You don't have enough client activations" even though when I run a slmgr /dlv it showed 50 on the count. Ugh.

edit: Eh, I just decided to do it once I read the KMS and AD style can exist together. At the very least it immediately resolved by test machine. So... yay and thanks for the suggestion. To answer your question, we used to use KMS before I was hired here, so on the fly when I was told it was required I just seamlessly went that route.

Comfortador fucked around with this message at 15:03 on Jul 31, 2020

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



Yam Slacker

I've come across a problem in Azure that has been pretty hard for me to google.

I've got a WVD Hostpool and a Standard Load Balancer so my VMs can share a Public IP Address

Somehow I've broken it so that when I add new VMs to the hostpool they have no external internet access, until I add them to the Backend Pool of the Load Balancer

This is preventing the VMs from having the Windows Virtual Desktop Agent and Bootloader installed, which means they don't join the hostpool automatically. Azure considers the VM deployment a failure because of this

As a result I have to add the VM to the Load Balancer Backend Pool manually, and then manually install the agents and register it with the hostpool

Life is hell

Wizard of the Deep
Sep 25, 2005


snackcakes posted:

I've come across a problem in Azure that has been pretty hard for me to google.

I've got a WVD Hostpool and a Standard Load Balancer so my VMs can share a Public IP Address

Somehow I've broken it so that when I add new VMs to the hostpool they have no external internet access, until I add them to the Backend Pool of the Load Balancer

This is preventing the VMs from having the Windows Virtual Desktop Agent and Bootloader installed, which means they don't join the hostpool automatically. Azure considers the VM deployment a failure because of this

As a result I have to add the VM to the Load Balancer Backend Pool manually, and then manually install the agents and register it with the hostpool

Life is hell

Are you putting them behind a restrictive Network Security Group?

Are they being joined to a working subnet?

Are they being joined to the RIGHT subnet?

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



Yam Slacker

Wizard of the Deep posted:

Are you putting them behind a restrictive Network Security Group?

Are they being joined to a working subnet?

Are they being joined to the RIGHT subnet?

Not a restrictive NSG, definitely a working and correct subnet

Someone who wasn't me setup a basic load balancer for old VDIs (which are gone now) which I replaced with a standard load balancer. I see no reason why this would be an issue but... the problem started soon after.

It's probably something stupid and unrelated that I'm not seeing

Zaepho
Oct 31, 2013


snackcakes posted:

I've got a WVD Hostpool and a Standard Load Balancer so my VMs can share a Public IP Address
Would this not be what a NAT gateway would be used for?
What is the need for e single inbound public IP to be associated with the VMs in a WVD hostpool?

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



Yam Slacker

Zaepho posted:

Would this not be what a NAT gateway would be used for?
What is the need for e single inbound public IP to be associated with the VMs in a WVD hostpool?

More of an outbound thing. One of the web apps they use is locked down so you have to get your IP address whitelisted and this is how we cut costs I guess. Anyhow I took a break from it today. Tomorrow I'll look into it again and let y'all know when(if) I discover the problem

Toast Museum
Dec 3, 2005

30% Iron Chef


When it comes to Office add-ins, am I missing something, or are the main options 1) centralized deployment or 2) give everyone access to the add-in store? (Add-ins can be added to a SharePoint app catalog, but Office for Mac can't access it, so that's a non-starter.) Is there really no way to make a curated portion of the add-in store/AppSource available to users?

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

I have a corporate domain in an Office 365 tenant but we aren't using Exchange Online for email, a small team wants a domain adding to that tenant and they do want to use Exchange Online (as it's linked to using Teams for meetings with a certain set of clients). Is there any way to tell Office 365 that the corporate email needs to be sent over to Gmail, or is it always going to try delivering internally if the domain exists on the tenant?

Edit: Looks like the magical search term is Internal Relay Domain, I'll try it out this evening

https://docs.microsoft.com/en-gb/ex...ccepted-domains

Thanks Ants fucked around with this message at 16:01 on Aug 5, 2020

The Fool
Oct 16, 2003



My first instinct is to try to do it with a transport rule.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

You have to set the domain to an internal relay for it to even put things through transport rules/connectors. Seems to be sending stuff into Gmail as plain text and attaching winmail.dat for some reason though but I don't care about that.

Edit: And again, as soon as I post here the magical search terms come to me and I find the right document https://support.microsoft.com/en-gb...-external-recip

Thanks Ants fucked around with this message at 17:21 on Aug 5, 2020

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



Yam Slacker

snackcakes posted:

More of an outbound thing. One of the web apps they use is locked down so you have to get your IP address whitelisted and this is how we cut costs I guess. Anyhow I took a break from it today. Tomorrow I'll look into it again and let y'all know when(if) I discover the problem

This update is more in case anyone is curious than me looking for answers, but I found that if I build a new WVD hostpool and deploy it using the same image it will deploy the VMs just fine. If I add an additional VM that works too.

Once I add the existing VMs in the hostpool to the backend pool for the load balancer, that's when the problem starts for future VM deployments.

Getting Microsoft support involved because this is weird

Internet Explorer
Jun 1, 2005





Oven Wrangler

snackcakes posted:

This update is more in case anyone is curious than me looking for answers, but I found that if I build a new WVD hostpool and deploy it using the same image it will deploy the VMs just fine. If I add an additional VM that works too.

Once I add the existing VMs in the hostpool to the backend pool for the load balancer, that's when the problem starts for future VM deployments.

Getting Microsoft support involved because this is weird

Good loving luck. I'm actually curious as to how this ends up. We need our traffic to come from IPs for application whitelisting, but our WVD is currently small enough we can just assign them from a pool. I looked at load balancers and I assumed it would interfere with traffic to the WVD management infrastructure.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Could you let WVD manage its own networking and then peer that Vnet to another one with a NAT/virtual router image running and then shove routes to the web app into the route table of the WVD Vnet?

snackcakes
May 7, 2005

A joint venture of Matsumura Fishworks and Tamaribuchi Heavy Manufacturing Concern



Yam Slacker

The web app isn't ours, it's just a vendor who protects access by whitelisting IPs.

I'm starting to think the NAT Gateway that Zaepho posted about might be the way to go, but it seems like it's pretty new.

The problem is that I'm deploying these WVDs for about 150 people and internal IT is fast tracking this so it's in production way faster than it should have been. My hands are kind of tied now because the only way I can make changes would be after hours. Just for fun, because my company has a bunch of Azure credits, I might build out a test deployment with a NAT gateway and see how well it works

It's not like this is really stopping me from rolling out more WVDs, it just sucks that I have to manually register them to the host pool which means an extra 5-10 minutes spent per VM

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

I meant just route traffic to the web app out via the NAT gateway or virtual firewall appliance you deploy by chucking the route into the route table for the WVD Vnet. Or if the web app uses multiple IPs just set the default route to your appliance. Means you can leave all the inbound load balancing in place.

Internet Explorer
Jun 1, 2005





Oven Wrangler

Thanks Ants posted:

I meant just route traffic to the web app out via the NAT gateway or virtual firewall appliance you deploy by chucking the route into the route table for the WVD Vnet. Or if the web app uses multiple IPs just set the default route to your appliance. Means you can leave all the inbound load balancing in place.

I am sure this would work, just sucks to have to stand up more infrastructure for it.

chupacabron
Oct 30, 2004




Fallen Rib

I volunteered to take a look at a non-profit's issues with Sql Server/2008 Access setup to see if I could help them out and I'm running in to some permissions issues. Basically, I can set permissions via Sql Server all I want and it works fine, but then logging via the Access side for a theoretically admin user I'm still restricted to what I can interact with. This is an issue of Access-level policies, right? Nothing else is broken like file permissions, at least as far as I can tell.

Broadly speaking their issue is that somebody left the company with the keys to Access and not much good will. So I'm trying to unbreak it as much as possible but am starting to think that this is going to involve either getting the keys from them, or doing some grey-hat stuff that's outside my pay range/skill level.

The Fool
Oct 16, 2003



Are you using sql auth or Windows auth? Is access passing through the current user or using stored credentials? Is there an odbc connector that could be causing issues?

Adbot
ADBOT LOVES YOU

chupacabron
Oct 30, 2004




Fallen Rib

Auth appears to be via sql. I'm not quite sure about whether access is using stored creds, but I appear to have the same permissions regardless of changes in the sql tables. ODBC connector data I can't access on account of Access being fairly locked down

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«230 »