|
It's me. I destroyed a pair of mapped shares today. Now permissions are hosed and I had to escalate it. I feel like poo poo.
|
#
¿
May 9, 2014 22:57
|
|
|
|
| # ¿ Apr 28, 2024 03:19 |
|
|
One of our clients had their single business critical drive share cryptolocked on Friday. We restored it over the weekend and today a user asked me to find some files that she was working on. "I don't think I worked on it the 14th, but maybe on the 16th. And I pick up my kids at 6, so not after that..." We run hourly incrementals. I guess that was way better than it could have been!
|
|
#
¿
May 19, 2014 23:39
|
|
|
Thanks Ants posted:I hope whatever sweeping helpdesk standardisation is sweeping through Dell gets to the Sonicwall team. I have never experienced a more bullshit way of submitting and updating tickets. Why would you submit tickets when you can wait on hold for half an hour, get a case number from a tier 0 tech, and then wait another 45 minutes before actually speaking with someone who can help you?
|
|
#
¿
Nov 25, 2014 00:46
|
|
|
Agrikk posted:I have a Sonicwall NSA4500 that I use for my firewall and to host BGP-enbled VPN connections to the various datacenters and Amazon Regions in which I host gear and when I tried to turn this fancy-pants gateway/wireless/switch thingy into dumb gateway mode to pass my static IP addresses straight to my firewall WAN interface I couldn't find the means to do it. So I call Comcast and was told by the technician NOT TO DO THIS BECUASE YOU WILL BREAK STUFF. When I told him I knew what I was doing and can I please have the same configuration I had at my last house less than a month ago, I was told it wasn't possible. "Bullshit!" I say and then hang up, redialing Comcast to get a different technician. The new Cisco modems for Comcast business (medium sized black rectangular prism that stands upright) have an "enable bridge mode" idiot button that actually does break everything, and the correct way to hook it up to a firewall is to yell at the tech several times "DO NOT PRESS THE ENABLE BRIDGE MODE BUTTON". Then you tell them to turn on pass through mode "the long way" by turning off DHCP and clearing out all firewall rules. Ask me how I know. I'm not sure what you mean by still being on the 10.x.x.x network - you can set the LAN static IP to whatever you want. Then as long as they've loaded the static properly on their end, it usually works... Happiness Commando fucked around with this message at 00:57 on Jan 12, 2015 |
|
#
¿
Jan 12, 2015 00:55
|
|
|
That's good to know. Thank you.
|
|
#
¿
Jan 12, 2015 06:15
|
|
|
poo poo not pissing me off: This image. Everything about it.
|
|
#
¿
Jan 15, 2015 00:40
|
|
|
Dispatch closed 3 hard drive failure tickets as informational. now I get to go out tomorrow morning and deploy a new PC at a site we have no documentation for.
|
|
#
¿
Aug 19, 2015 05:38
|
|
|
You can export the config in plain text, but it does suck that you get to wait on hold for an hour and then all they tell you is that it should be working and you need to reflash or wipe it.
|
|
#
¿
Sep 23, 2015 22:23
|
|
|
I just spent half an hour trying and failing to install the Windows 10 SDK. This is the second time I have tried and failed. What the gently caress, Microsoft? I am connected to the internet, I had to download your lovely installer. Does anyone know a workaround? 
|
|
#
¿
Nov 17, 2015 19:55
|
|
|
pixaal posted:I got that error when trying to download the VPN client for sonic wall in windows 10. Turns out my windows store was hosed up. You may need to repair the store if it is corrupt. I think you are getting that error because it can't reach the store and assumes it's your internet and not the store. Also if you disabled the store with a GPO you might need to enable it. Wrath of the Bitch King posted:Mine had a weird issue that wasn't resolved until I rebooted. Had the same experience as you until I did that. Thanks goons, repairing the store and then rebooting fixed it
|
|
#
¿
Nov 17, 2015 21:30
|
|
|
My small company hired a printer salesman to be our front line tech support guy. It works out about as well as you would expect.
|
|
#
¿
Jun 20, 2016 19:11
|
|
|
RFC2324 posted:This sounds like an endless source of hilarious stories. Does he try fixing everything y selling people printers? Does he just rage out and smash ink cartridges? As soon as I posted this, I got really paranoid that someone would dox me or recognize me in real life, which is ridiculous. Just imagine a T1 tech with giant gaping holes in his skill set who thinks he's competent. I am really enjoying these alternate reality versions that he's not, though 
|
|
#
¿
Jun 21, 2016 16:02
|
|
|
OK who's got a recommendation for web conferencing software that doesn't require admin rights to host a meeting? Alternatively, since they all seem to, what should I be using for up to 100 attendees that isn't Webex or Gotomeeting?
|
|
#
¿
Oct 17, 2016 16:28
|
|
|
I posted a new topic asking for some career advice. I would really appreciate if some of you experienced folk could drop some knowledge bombs on me with regard to career direction and qualification (crossposted to the Working in IT megathread, since there is significant overlap and divergence at various times) https://forums.somethingawful.com/showthread.php?threadid=3811811
|
|
#
¿
Feb 28, 2017 17:17
|
|
|
How the hell is KnowBe4 sending email from an @contoso.com domain when we haven't listed them in our SPF record? Outlook is sending their phishing email straight to junk, which is hilarious.
|
|
#
¿
Mar 14, 2018 23:02
|
|
|
anthonypants posted:There's a difference between ~ and - The header indicates SPF: pass, and we have -all at the end of the record
|
|
#
¿
Mar 15, 2018 01:37
|
|
|
OK goons, I need more help and you are going to help me: I am building a test environment to mirror our production RDSH farm for testing. I'm at the point where I turn on HA for the connection brokers, but I cant make the CBs talk to the SQL server. I am stumped. I've turned off Windows firewall on both CB and SQL server. I've confirmed that the SQL server is on the network and responding to TCP/IP by renaming a .txt file with .UDL and testing the connection to SERVER\SQLEXPRESS and Database: RDPDB. It works. I tried copying the UDL connection string over, but it didnt work - the UDL one had something like a "instance=" instead of a "database=" and it complained. So I rewrote the connection string along the lines of what I found on the internet but it still doesnt work code:The error message is about DB availability:  No idea what to do. I've seen posts saying that SQL Server Express isn't a good idea because it won't cluster for HA, but I haven't seen anything saying its explicitly unsupported. And for a test environment, I don't care. Help?
|
|
#
¿
Apr 9, 2018 23:09
|
|
|
ConfusedUs posted:but I think I got that error once when the account used to start the SQL Server service didn't have the right permissions to read or write to the folder where the mdf or ldf files were. MF_James posted:You could just install the ODBC driver and run that Tried the ODBC driver yesterday, the service account this morning. Still nothing. What's really irksome is that I have no error logs anywhere giving me any more information
|
|
#
¿
Apr 10, 2018 15:09
|
|
|
This is from asking about RDS Connection Broker HA 10 days ago, but here's the answer, for those of you following along at home: CB1 was failing to initiate the HA config because even though Windows firewall was turned off and I had a port 1434 shaped hole through Windows firewall, it was for TCP 1434 and not UDP 1434. There are posts indicating that even when you turn Windows firewall off, it still does stuff, and you have to let UDP 1434 through, but I just misread them, I guess. So it couldnt talk to the SQL server Then I got the same error on CB2 after HA was enabled on CB1 but before I had added it to the HA pool. Also after I made sure that UDP 1434 was allowed  Turns out giving the security group containing both connection broker computer accounts sysadmin permissions to the SQL db fixed it, even though almost all of the blog posts I read only mentioned dbcreator permission. In any event, the test RDS environment is working well! Happiness Commando fucked around with this message at 05:23 on Apr 21, 2018 |
|
#
¿
Apr 21, 2018 05:04
|
|
|
I can't find the right thread for this, can someone either give me an explanation of static routing, or point me where I should ask it? I have a VM in our production environment that I have replicating to our DR environment with vSphere replication. The machine has two network adapters - one for the prod subnet, and one for the DR subnet. Only one adapter is active at any given moment. If I fail over to DR, I need a static route to allow communication to the DR domain controller, otherwise it will time out or try to use out of date cached credentials. I'm not at it right now, but I tried something like New-NetRoute -DestinationPrefix [DR subnet /24] -ifIndex [N] -NextHop [Dr subnet gateway] when it was in production, and then I replicated it to the DR environment, swapped network adapters, and it failed - it kept trying to load the cached credentials and wouldn't log on. For reasons, having an active spare in the DR environment is undesirable, so the choice is between figuring out how to get network routing working or for the IT team to log into this machine every time they change their password to update the cached credentials.
|
|
#
¿
Jan 19, 2019 01:10
|
|
|
I used a broker for a CenturyLink fiber install for a client a few years ago. CenturyLink was about as useless as expected: they delivered the gear to the client in the south building, then ran fiber through the risers to the corresponding office in the north building, skipped a couple scheduled tech visits to show that the fiber was installed, finally showed up and said "Whoops we ran the fiber in the wrong building, we need a few more months." In the next call with the broker, the project manager apologized, saying that all hundred of the CenturyLink fiber projects they were currently managing were running behind schedule. I have never heard so much cold anger as when the site manager said" you mean to tell me that every single one of your Centurylink projects is behind schedule, and you never thought to mention that once in the last 6 months?" The fiber line was cancelled and the broker was fired.
|
|
#
¿
Feb 28, 2019 20:31
|
|
|
Agrikk posted:Actually, my intent is a little more personal. Maybe I can be the caller that makes this phone drone reevaluate some life decisions. You're an rear end in a top hat, HTH
|
|
#
¿
Mar 1, 2019 16:49
|
|
|
A colleague connected over the VPN to a jump box in AWS to do some stuff in SQL. His management tool threw an error that said something to the effect of 'can't build this init file, make sure the JAR files aren't missing'. He then called me up to ask if the VPN was down  I'm not the best culture fit for our company, where the preferred problem solving strategy is call someone else and interrupt whatever they are doing to fix your thing right now. I'm good at helping people, but not until after I get past that initial annoyance of 'why the gently caress are you calling me when you haven't even googled your error message yet'. Anyone have any suggestions for soft skill growth? I'd rather not  just yet...
|
|
#
¿
Jan 28, 2020 02:40
|
|
|
We are building a new application using Postgres instead of SQL Server (because  ). My colleagues say "post gruh" instead of something sane.
|
|
#
¿
Feb 22, 2020 00:31
|
|
|
stevewm posted:Just wanted to mention TSPrint if anyone is managing a RDP farm.... We also use TSPrint on our RDS farm. We configure it manually, and I think that's dumb and annoying, but our application guy does it. I'm not sure if there's a way to automate the configuration or not, but other than that it definitely does what we need with a minimal amount of fuss.
|
|
#
¿
Apr 1, 2020 18:05
|
|
|
Invoke-WebRequest uses the same .Net calls that IE uses and doesn't pay attention to the systemwide proxy set by netsh winhttp. I wasted like 4 hours between today and yesterday troubleshooting a new proxy before I found that out.
|
|
#
¿
Jun 16, 2020 23:56
|
|
|
I think there's a resume thread in BFC? Post yours.
|
|
#
¿
Aug 11, 2020 00:05
|
|
|
Does anyone know what Powershell I should be using to replace the certificates in my ADFS farm? All the documentation I can find suggests using the AzureAD connect applet, which is a little too clicky for my preferences Edit: it might be Get-AdfsCertificate Happiness Commando fucked around with this message at 14:53 on Aug 14, 2020 |
|
#
¿
Aug 14, 2020 14:50
|
|
|
And Set-WebApplicationProxySslCertificate on the proxy. Supposedly the 2016 cmdlets manage the whole farm from one endpoint, but on my 2012R2 deployment, I have to touch each node individually. I don't get to upgrade the farm to a modern OS until after our hybrid Exchange is updated from 2016 CU10 to 2019 CU6. I have been talking about our unsupported Exchange configuration for something like a year and a half. 6 months ago, we decided that the junior was going to review my documentation and reach out to me for help when he was ready to get started. Not a peep since then.
|
|
#
¿
Aug 14, 2020 16:36
|
|
|
Not pissing me off: Last day today at old job. New job starts Monday. 30% raise with a more modern tech stack doing sysadmin and devops things.
|
|
#
¿
Oct 21, 2020 23:30
|
|
|
I spent two days figuring out why my brand new packer builds weren't picking up the cloud-init configurations correctly. My org has never used templates or automation of any kind and I have never used packer before. The server I was using to bootstrap the process was running Centos, which comes with a software firewall on by default. The packer HTTP server that hosted the cloud-init file wasn't being exposed. Two days 
|
|
#
¿
Dec 9, 2020 18:04
|
|
|
Because my company can't handle 'don't record plain text credentials to export-restricted systems in a wiki', I spent yesterday building a new domain and I'm spending today joining all these workgroup systems to the new domain. It's ridiculous that they weren't domain joined already, so this is great. However. Only some of these programs have credentials stored in plain text. Others don't have them written down anywhere I have access to. And since they're random rear end workgroup machines, I don't have credentials to them. And just about the entire company is out for the holidays. My title is 'IT DevOps engineer'  Edit: LOL let me just convert most of these machines from static IPs within the DHCP scope to reservations. How is my org so bad at infrastructure Happiness Commando fucked around with this message at 17:52 on Dec 24, 2020 |
|
#
¿
Dec 24, 2020 17:08
|
|
|
I am a reasonably well paid, 100% remote devops professional. I may be getting promoted to on-site office manager and coffee procurement specialist for the office in my extended metro area that I hope to never set foot in..
|
|
#
¿
Mar 5, 2021 23:16
|
|
|
Internet Edgelord?
|
|
#
¿
Mar 6, 2021 01:25
|
|
|
Weedle posted:found the problem. if everyone was six feet away from each other they’d all be fine. it’s actually illegal for covid to infect you at six feet or more I think they're mixing it up with the 5 second rule. An easy mistake to make, really, if you're not hip to the difference between the bacteria that live on the floor and the COVID virus that lives in all of their ex-coworkers.
|
|
#
¿
Mar 15, 2021 16:12
|
|
|
Another day in the mines as a devops engineer. On my to do list for today is creating a GPO to push out anti-virus (because asking users didn't work) and issuing a handful of certs for on-prem apps that have been HTTP since forever. Counting down the days before I quit. Edit: if I feel like working extra hard, I might join our 15 or so undersized, out of warranty ESX hosts to the domain instead of authenticating with local users. 
Happiness Commando fucked around with this message at 16:09 on Mar 30, 2021 |
|
#
¿
Mar 30, 2021 16:05
|
|
|
Everyone has local admin on their workstations. Before I got here, all non-workstations were logged in using (local admin) shared credentials that were stored in plain text in a wiki. As the person who stopped that practice, it's now my responsibility to print a pdf of any credentials I find in a wiki and store it on a file share accessible to everyone as a backup before redacting that one wiki page that I have found. Then, when anyone needs a password I have redacted, I get to go to the plain text pdf and look up the password they need. You see, this makes sense because Happiness Commando fucked around with this message at 16:50 on Mar 30, 2021 |
|
#
¿
Mar 30, 2021 16:47
|
|
|
We don't use AD groups and our (IT) named users aren't domain admins. Servers don't have our users added to the remote desktop group. The only way to manage our servers without using ESXi remote console is the shared domain admin account 
|
|
#
¿
Mar 30, 2021 18:28
|
|
|
Thanatosian posted:You really can't talk them into KeePass? Before my time, there was a shared KeePass file on a network drive that everyone had the password to, in addition to local KeePass files for personal use. I rolled out a KeePass front end web server and imported the shared file. We only buy a handful of licenses at a time and users only get assigned a license after they explicitly ask for one. I told my boss that I refused to be the one to comb through the wiki and laboriously create entries for each password I found. Instead we told users to take their passwords out of the wiki themselves. That brings us to today.
|
|
#
¿
Mar 30, 2021 19:03
|
|
|
|
| # ¿ Apr 28, 2024 03:19 |
|
|
Internet Explorer posted:No thanks. I don't look down on anyone cleaning toilets, but it's not what I want to do and if I spend all day cleaning toilets, I'm not keeping up with technology. I will absolutely refuse to do things that won't benefit me or my career, and if that's a problem, I'll happily find a new job. I was hired at this new job to do devops and automation. I've been blocked and handicapped at every turn. I've spent the last two weeks setting up the few internal pet applications that my team owns to run over HTTPS instead of HTTP. With one year expiry non-ACME certs. Unless something tragic ("tragic") happens in the next few days, I'm giving notice on Monday. The first thing I did was suggest they get vCenter so I could automate VM creation on-prem for their 15 hosts with local storage. They got a starter pack license that supports 3 hosts and doesn't allow vMotions and won't buy any more licenses or new hardware to consolidate. All the hosts are already at capacity for RAM, so I can't build anything new, and even if I did, it's phase gated behind a manual process in which an IT person asks for VM owners to voluntarily give up some of their allocated RAM. The second thing I did was pitch an automated test pipeline in AWS. I dramatically scaled back my expectations of that team after it took 3 weeks and two developers to give me an installer that didn't require clicking. Then I just stopped attending standups and doing any work for them after it became clear that they weren't willing to allocate any further dev time to clear any other blockers The third thing was to build an updated automated deployment process of a worst-practices architected webapp (single point of failure, manual DB backups, hardcoded credentials, etc). I've been waiting almost a month for the developer who owns it to do a thing he needs to do before we can schedule a maintenance window for implementation All of which is to say I really don't like this job, and I've been counting down the days until I give notice for a while. Life's too short to waste doing something painful, especially for privileged computer touchers. Happiness Commando fucked around with this message at 04:53 on Apr 14, 2021 |
|
#
¿
Apr 14, 2021 04:42
|
|