|
sanchez posted:Can you even do this? Assuming you're buying from Dell or something. Just buy them with the OS you need (which is windows 7 professional) Nope. Unless something has changed, what you're generally volume licensing for client software is an upgrade + software assurance, so you get anything new for freez. They're expecting you to buying OEM licenses.
|
# ¿ Jun 15, 2011 22:30 |
|
|
# ¿ Apr 25, 2024 15:26 |
|
quackquackquack posted:"Roaming Profiles" is forever tainted around here, even though nobody has ever used them. "Folder Redirection" is too difficult to explain, and not catchy enough. Are you doing full system level backups? Could I guess also unleash a godawful can of worms, but pitching the ability to just walk over to another computer, login and have your desktop, settings, files, etc all waiting for you if your PC died worked pretty well for us in the past.
|
# ¿ Jul 5, 2011 17:46 |
|
ryo posted:I've seen the Core Suite CAL which looks like the most sensible option, just wanted to make sure we didn't need to buy hundreds of CALs every time we add a new 2008 server! This model still exists (licensing "by server"), but it rarely makes sense. As long as you've got enough user or device cals to cover your usage, you're good. Maneki Neko fucked around with this message at 19:47 on Mar 26, 2012 |
# ¿ Mar 26, 2012 19:42 |
|
Oct posted:One item of interest, the DC and its secondaries are all running Server 2003 SP2, most of our client machines are running 2008R2 or Windows 7. I'm happy to go back to configuring this via group policy if that's a better solution but right now we're all kind of stumped. Who has the PDC emulator role, and how is that server configured?
|
# ¿ Jun 21, 2012 20:00 |
|
So I've been slowly converting my library of random utility scripts over from vbscript to powershell as they need updates, and has anyone else noticed that file system related stuff is a LOT slower in powershell than it was in VBScript using the file system object? For operations on more complex file/folder structures I'm seeing powershell being 2-3 times slower.
|
# ¿ Oct 2, 2013 22:13 |
|
skipdogg posted:Has anyone done a domain migration before? We're acquiring another company and have been informed the timeline to fully integrate them with our company is going to be very aggressive. I basically have about 6 weeks to plan and execute a migration for 450 users into our existing company of 3300 users. I have and can get appropriate funding for tools and consultants. I've done a ton of them over the years, but if you have no free time it's going to suck, as you're going to need some time to plan, test and get familiar with the tools that willw ork the best in your environment. Bringing in someone can't hurt.
|
# ¿ Nov 15, 2013 23:50 |
|
nexxai posted:Do NOT do this. Rename it to .internal.company.com - as of November 1, 2015, you will never be able to get a publicly-trusted SSL cert signed for any PC with a .local hostname as it can't be verified by the CA. Why wouldn't you just have an internal CA at that point?
|
# ¿ Jan 11, 2014 02:18 |
|
Sacred Cow posted:We actually break it up between manual and automatic server types. Some services like Exchange can stop working completely with certain updates even if you skip a restart. We created a nice spreadsheet with a list of servers, when the automatic updates are scheduled (spread out through the week in the middle of the night) and a column for servers we have to schedule a maintenance window for. We do immediate restarts for any server that's automatic. Yeah, this is generally what we do as well.
|
# ¿ Mar 17, 2014 16:31 |
|
Gyshall posted:Why? .local literally could be anything at all, .fart, .goatse, etc. It doesn't matter. I think the big issue for using "internal" names is this: http://www.digicert.com/internal-names.htm
|
# ¿ Mar 18, 2014 20:21 |
|
goobernoodles posted:Neither really solve the problem for all staff. DFS would make working from a job-site with a server a lot better, but it wouldn't help the person working from home, truck, or smaller job sites that wouldn't be able to justify purchasing a server. The microsoft answer is probably going to be some combination of offline files and DFS or branch cache.
|
# ¿ Mar 25, 2014 21:44 |
|
CLAM DOWN posted:Historically I've kept each disk to 2TB max but something tells me that was originally done because of a VMware limitation in <5.0. I don't see a problem with large single disks provided they're LUNs on a SAN so you get that redundancy and performance. And honestly even in Vmware when you get to the point of supporting > 2TB it's still a bit janky (maybe it will all be better in the 6.0, who knows)
|
# ¿ Jun 5, 2014 15:59 |
|
Nitr0 posted:We routinely do >8-9TB VMFS with no issues. I was talking about about > 2TB vmdks, they are still somewhat janky.
|
# ¿ Jun 6, 2014 18:50 |
|
nescience posted:Not really in an enterprise setting, but I feel this is probably the best thread to get help. DId you see this note on the site you linked? quote:Note: If you try to host RemoteApps on any other edition of Windows (eg Win 7/8 Professional), the tool will run but RemoteApps will not work. The RDP client will appear to be connecting, then just disappear.
|
# ¿ Jul 16, 2014 17:48 |
|
Ugh, we've got a client with a buttload of laptops that need to go from Windows 7 Pro to Windows 7 Enterprise, and of course they want it done OMG RIGHT NOW. I see there's a godawful stupid registry "hack" (basically changing the version string from "Pro" to "Enterprise") that you can do which then lets you reinstall Windows 7 Enterprise on top of Pro without needing to do a clean install. I normally hate these kinds of things, but I find myself at least considering it. Anyone gone down this road before? I haven't seen anyone say anything about getting the ol' screwjob because of it, but figured I'd ask around.
|
# ¿ Sep 23, 2014 23:03 |
|
RICHUNCLEPENNYBAGS posted:This is a supported scenario with the "Windows Anytime Upgrade," right? I don't know why it would cause problems. It is not sadly.
|
# ¿ Sep 24, 2014 17:29 |
|
NevergirlsOFFICIAL posted:Hey what should I do about these virtual Winxp machines that have to run windows xp for ~legacy~ whatevers? Can I just block WAN access from the firewall for them, is that good enough? If you have a pile of bucks and want to have some fun, could always look at something like NSX.
|
# ¿ Sep 30, 2014 05:51 |
|
Is it worth spinning up MBAM for maybe 50-75 laptops? I see that a single server config for MBAM standlone is ok apparently for testing, but not supported as an actual production system, any particular reasoning for that?
|
# ¿ Oct 1, 2014 00:45 |
|
Kullrock posted:So a coworker asked if I could stand in, and help with a simple task at one of his customers, as he was too busy. I should have said no... I'd guess based on this function calls in website it appears to be using some combination of DirectX capabilities probing + EDID. http://ywjheart.wordpress.com/2014/04/19/modify-microsoft-basic-display-driver-to-get-a-better-resolution/ Might be worth moving some monitors around and seeing if the resolution follows them, if it's EDID? Or maybe see if monitor drives exist that might make the computer happier?
|
# ¿ Oct 2, 2014 16:52 |
|
Any suggestions for laptop encryption AND remote wipe (for healthcare if that matters in particular). I'd normally go down the bitlocker route for encryption, but management at this customer has a super hatred of bitlocker based on some bad past experiences.
|
# ¿ Oct 8, 2014 18:34 |
|
This is a pretty thorough "DO I NEED A CAL" ARTICLE: http://blogs.technet.com/b/volume-licensing/archive/2014/03/10/licensing-how-to-when-do-i-need-a-client-access-license-cal.aspx KillHour posted:Okay, corollary to my previous question, then. If an end user purchases an appliance I built and it isn't properly licensed with CALs for their environment, can they go back and sue me in the event of an audit? Maybe, someone can sue you for anything. Whether or not they will win is probably a better question for your lawyer, not an internet message board. Maneki Neko fucked around with this message at 05:37 on Oct 22, 2014 |
# ¿ Oct 22, 2014 05:30 |
|
KillHour posted:Already looked into it. Windows server embedded needs CALs too, because *reasons*. There are server versions of Windows that don't require CALs, if any of those will support your application: http://www.microsoft.com/OEM/en/licensing/productlicensing/Pages/server-cal.aspx
|
# ¿ Oct 22, 2014 05:37 |
|
Hadlock posted:How did SQL function in the 32 bit days? Was there a workaround for the 4GB limit? Yeah, AWE, and it was kinda weird and kludgey. http://technet.microsoft.com/en-us/library/ms191481.aspx
|
# ¿ Oct 29, 2014 21:12 |
|
So are there ANY useful details on MS14-066 out there (aka SSLMAGEDDON) so I can figure out how much to freak the gently caress out? I'm assuming anything behind a LB or reverse proxy is fine?
|
# ¿ Nov 13, 2014 07:15 |
|
peak debt posted:Chances are quite a few of your SSL ports will be forwarded, for web servers, RDS gateways, proxies, SCCM distribution points etc. Most stuff does SSL termination at the LB/reverse proxy, although to your point, not sure what RDS does in that case.
|
# ¿ Nov 13, 2014 17:14 |
|
Zero VGS posted:At all the places I've worked, I've always joined computers and users to Active Directory. At my current place it's all cloud software, and everyone is assigned a personal laptop, no desktops in the environment. Look at intune and get everyone to upgrade to Windows 10 when it comes out so you can use azure ad.
|
# ¿ Nov 14, 2014 20:21 |
|
Crossbar posted:Out of band Microsoft patch is hitting today - Whew, good thing we still haven't finished patching from the last one!
|
# ¿ Nov 18, 2014 17:54 |
|
CLAM DOWN posted:Kill me now. Well to be fair, they did say privilege escalation, just normally that doesn't mean "LOL DOMAIN ADMIN FOR EVERYONE"
|
# ¿ Nov 18, 2014 19:49 |
|
Anyone noticing any weird behavior on the client side after patching their DCs with the OMG CHINESE HACKERZ patch from yesterday? Our users who actually listened to the notice and logged out had to manually reauth today with both on-prem Exchange & Lync, but anyone who was lazy just kept on truckin. Maneki Neko fucked around with this message at 18:53 on Nov 19, 2014 |
# ¿ Nov 19, 2014 18:50 |
|
nexxai posted:If RDCman is what I think it is, you should really consider Terminals instead (http://terminals.codeplex.com). It supports a shitton of different protocols, is open-source, and just seems to "work". I will admit I haven't looked at Terminals in a while, but I don't think I'm alone in being a past Terminals user who jumped ship to RDCMan because at some point Terminals became a godawful crashy mess.
|
# ¿ Nov 19, 2014 19:27 |
|
Calidus posted:I need to know if these crazy idea's of mine are remotely doable using Server 2012r2, Windows Fax Server and some basic .NET programming. I dunno about "basic .NET programming", but there's an API to hook into. What you're basically suggesting writing is a fax server, so you could also just buy Rightfax or something. http://msdn.microsoft.com/en-us/library/windows/desktop/ms692855(v=vs.85).aspx
|
# ¿ Nov 20, 2014 05:54 |
|
Dr. Arbitrary posted:As for cryptowall, I guess we have a good spam filter because I thought we'd get hit by now. I'm awaiting the combo of domain admin escalation bug + cryptowall/locker, it can't take that long to whip up, can it?
|
# ¿ Nov 24, 2014 18:10 |
|
Alfajor posted:We've somehow made it this far without any kind of drive encryption, but it's time to get with the times. Environment is Windows 2008 R2 domain, about 75 users, 60ish Win7 workstations (most of them shared by multiple users) and a dozen Win7 laptops. First priority is to encrypt data on servers and laptops, and then cover all the workstations everywhere. Bitlocker with MBAM works, but is super dependent on people being online, GPOs working flawlessly, etc. The server piece is basically just reporting and a place for the clients to stash keys and update status, all the actual work is done by the clients themselves, which can be frustrating to track down why the gently caress a particular client hasn't decided it's time to encrypt. If you've got all desktops in one place and aren't supporting remote users scattered around the country who rarely if ever connect back to a domain controller it probably won't be so bad. On the plus side, if you've got TPM on everything, Bitlocker is pretty much transparent to the end-user. If you don't have TPM, it sucks. The 3rd party products are going to be a lot more feature rich than MBAM and give you more centralized control over the clients presumably, but may be less seamless. I've been looking at Sophos and Trend lately for a client, and Sophos is pretty cheap (like $20/endpoint), but offers less in the way of options than Trend (which was around $70/endpoint). Trend has a lot more policies around what happens when machines don't check in, or someone enters their password wrong, etc. which may be more useful if you have specific security or compliance requirements to meet. Maneki Neko fucked around with this message at 23:57 on Dec 2, 2014 |
# ¿ Dec 2, 2014 23:55 |
|
bonestructure posted:Does anyone here have experience doing ndmp copies using Powershell 3 and NetApps, with the NaNdmpCopy cmdlet? I'm trying to script a restore of one lun using another as a source. Both volumes live on the same NetApps filer. Using Start-NaNdmpCopy or Invoke-NaNdmpCopy throws the same error, "Ndmp connection error, DataONTAP,Powershell.SDK.Cmdlets.Ndmp.StartNaNdmpCopy" (or Invoke when I'm using that.) I have verified that the credentials I'm using to connect to the filer, the IP address I'm using for -SrcController and -DstController is correct (same IP for both), and my volume paths are all correct. Not sure where I'm going wrong with this. Anything exciting in the logs on the filer? If you're doing it to the same filer I believe you can leave off DstController.
|
# ¿ Dec 5, 2014 22:01 |
|
Number19 posted:It looks like the following updates are all bad this month: 3004394, 3011970 and 2986475 got pulled, so that's good I guess, but holy poo poo.
|
# ¿ Dec 11, 2014 20:52 |
|
lol internet. posted:Does Windows Storage Pools/ReFS do anything magical in performance compared to hardware raid? (Home solution.) In terms of making things faster? No, but it's probably less of a pain in the rear end to deal with vs hardware raid when things go south.
|
# ¿ Jan 2, 2015 17:34 |
|
TWBalls posted:I'm sure this is pretty common. We have quite a few in ours. It's like pulling teeth to get some of these vendors to move even to Server 2008 (non-R2). Weird, we're getting the opposite, with vendors dropping windows 2008 and SQL 2008 (R2 in some cases for both).
|
# ¿ Feb 2, 2015 04:24 |
|
AlternateAccount posted:So how bad of an idea is pulling an enterprise wide Lync rollout in the next few months, given the changes coming? Is there any kind of solid info on how much work will be involved updating all the clients/server when the Skype for Business stuff takes over? Nope! At this point it seems like stuff is likely to drop 2nd half of 2015, so might as well get it out the door now and get people using it vs waiting to see.
|
# ¿ Feb 3, 2015 01:53 |
|
Thanks Ants posted:Don't do it unless you can run a hybrid system of some sort where there's a local cache on-site, or your users are comfortable with syncing the folders they actually need instead of everything in the namespace. Speaking of that, anyone running Egnyte, Nasuni, Panzura, etc. and have any experiences they can share?
|
# ¿ Feb 27, 2015 23:41 |
|
AlternateAccount posted:If you'd like another option, I just put through an enterprise wide Box.com rollout. I'd consider it to be a bit more feature-rich than Dropbox. How big is your environment? Any regulatory/compliance issues? Are these primarily people out in the field? What did you replace, just a standard windows file server?
|
# ¿ Mar 3, 2015 20:32 |
|
|
# ¿ Apr 25, 2024 15:26 |
|
Tab8715 posted:Has anyone ever configured a single domain between AD, Azure and Office 365? AADSync is pretty easy to setup if you just want domain sync between AD and Office 365 (like 15 minutes of setup if you read the docs first). If you want SSO, that's a bit more work. Maneki Neko fucked around with this message at 18:36 on Apr 9, 2015 |
# ¿ Apr 9, 2015 18:33 |