|
Sefal posted:My boss found out I had snuck in some AD clean up scripts that i had running on a weekly schedule, 6ish months ago. While not having encountered a single problem during the last 6 months. He now wants the scripts disabled and retooled so that he has to run it manually and he himself has to insert a username that goes through the cleanup. I tried telling him that he gets and has been getting a weekly e-mail with a list of users that have been disabled and deleted. He's not listening. i'm not a big fan of turning what has been a proven working automated solution back into a manual process. What version of Windows are you using on the domain servers(and what functional level you are running your domain on)? If you have at least 2008r2 you could retool it to use native powershell rather than quest.activeroles SlowBloke fucked around with this message at 11:24 on Sep 15, 2017 |
![]() |
|
![]()
|
# ¿ Feb 16, 2025 16:07 |
|
Sefal posted:Windows 2012R2 You are going to need the active directory power shell module contained within RSAT installed(if you are running the script on one of the dc servers no need for it) and you are going to need to change the module loading with code:
If you have active directory recycle bin active and configured, there is no major issue with mass deleting active directory objects, otherwise i might share some reservations with having automated object removal without quick reversibility.
|
![]() |
|
I got name@surname.it (surname.com was already taken) for serious personal mail and name.surname@gmail.com for random junk(which for reasons unknown gets lots of other dudes registrations even if my name+surname combo is kinda rare, sometimes for dsl lines other times for psn accounts for instance). Pretty much every time I spell out my mail I have to say out loud that "No, that an @ in the middle, an IT at the end and no it doesn't end with a gmail, yahoo or hotmail either"
|
![]() |
|
EoRaptor posted:Powershell shouldn't have those same path limits (commands are get-acl and set-acl). There is also a GPO/registry setting in Windows 10.1709 to turn that limit off for Windows Explorer (and other applicaitons that use the standard file handling dialogs). Powershell has a MAX-PATH limit of 255, if Explorer crashes so does get-item. That's why I use robocopy to move items on our fileserver, otherwise our 1200 chars folderpaths won't open ![]()
|
![]() |
|
Nuclearmonkee posted:
Guess why? webpage saved from internet Explorer with all the bell and whistles webpage title as name in an already oversaturated directory subtree with seven or more subfolders we have "solved" this by buying foldersizes and having it handle folder scans daily to get a hang on what's in our fileserver(each daily scan file is 300mb with 1.5m items detected at best)
|
![]() |
|
nielsm posted:Perhaps the induction charged mouse can work a few weeks on a full charge? At least that would be nice. Logitech claims a couple of days of continued usage without the pad for compatible models so it's not a "chargepad or death" situation. The compatible models can run out of a generic microusb-a usb cable once the juice run out.
|
![]() |
|
Spring Heeled Jack posted:On a separate note, does anyone have and advice for rolling out Windows Firewall (ugh) policies through GPO? We're moving from SEP 14 to Carbon Black Defense, which does not come with a software firewall. I checked our current SEP firewall policy and it is literally the default one, essentially an Any<>Any policy. I would really just like to replicate this in the Windows Firewall so we can 'enable' it and move on with our lives. You can easily do it with a conventional GPO if your Windows clients are 7 or higher. Since we have plenty of perimeter firewalls and local av we just shut down the firewall in the domain zone while keeping the private and public zone at full security with just a couple of exceptions for vpns which would do what you ask with a lot less effort.
|
![]() |
|
sudo rm -rf posted:i'm kinda leaning towards getting vcp6 done now because this actually sounds really interesting to me. Keep in mind that if you have a CCNA and no active vcp you could still jump to the vcp-nv exam without having to do extra courses. I'd say it's a better looking option in a CV(full disclosure: i have both a vcp-dcv and a vcp-nv, currently studying for vcp-dtm for those sweet extra acclaim achievements and to avoid expiration for the current VMware certs ![]() SlowBloke fucked around with this message at 07:44 on Feb 28, 2018 |
![]() |
|
Fcdts26 posted:How many of you have separate work cell phones? Feel like my phone never shuts off with work crap and iOS is awful at automating turning notifications on/off or only allowing certain things to alert me. Considering just getting a cheap android google fi phone and moving everything over to that. Company gives me $200 a month towards a phone and home internet. Same phone with dual SIM, work provides just work-related minutes&messages(with a monthly list to be manually validated to mark out the non-work related calls and sms) so I'm not joining it to any MDM or activesync. If I'm in the weekend or on PTO, the work SIM is disabled. If the office is burning down my team lead has my private phone, every one else but my direct coworkers and a handful of hr cannot contact me and bother me when I'm supposed to rest out to avoid burning out.
|
![]() |
|
MF_James posted:What is a good use case for roaming profiles? With all the problems and downsides I've heard of them, I just don't understand when they're actually a good choice. We use them for our receptionists, create one profile once so you don't need to make it for each of our sites reception desktops. Otherwise i see few valid reasons for going to the effort of testing each third party app for roaming profile/folder redirection support while just creating a ten or twenty-something gig user share for their documents and call it a day would have pretty much the same effect. SlowBloke fucked around with this message at 07:33 on Aug 14, 2018 |
![]() |
|
guppy posted:just goes to "limited connectivity." At least on our w10 machines that happens if the dns or the gateway doesn't reply to pings fast or reliably enough for MS standards. Can you duplicate the issue and see if gw and the dns works while the client is into this error state?
|
![]() |
|
LionYeti posted:Anyone have a good choice for Asset Management, CMDB through Cherwell and SCCM is making me want to throw my computer through the window and follow it down. We need something that can track all our computers what and where and the internals are and that ties into AD and In Tune for on/off domain computers respectively. What version of SCCM are you using? We use current branch and after a bit of learning pains with its weird query language i can create pretty much any report/query in few minute, intune integration is pretty much reliant on having CB and not 2012 so maybe that's the issue?
|
![]() |
|
LionYeti posted:SCCM is working well its more CMDB thats annoying me we need to figure out a better way to do hardware tracking and live updating because we can't trust people to manually put stuff into CMDB and I don't wanna do it manually anymore. Wait, sccm can do hardware management pretty much autonomously. You just need to activate a client policy to have the agent transmit hardware data (https://docs.microsoft.com/en-us/sccm/core/clients/manage/inventory/configure-hardware-inventory). If you are talking about asset tags and you are not buying crap desktops/laptops you just need to serialize the asset tag in bios and the automated hardware inventory feature will provide that info without user intervention.
|
![]() |
|
The Iron Rose posted:Yep. Mentioned this in the slack too but what I did at my last place was write a powershell script to query the WMIC, then you can either store it in a variable and write to your NOIDMOF or construct in realtime via the script since it's just a text file. Dell/hp/fujitsu desktops/laptops in the business lines doesn't require any modifications to the mofs, you just need to either go to the bios and punch in the asset tag(dell/hp) or use a dedicated software(fujitsu) to inser the value. Afterward you will find the asset tag under win32_enclosure in the asset_tag field. Asset intelligence has always been buggy to me so i tend to use hardware inventory only(you could still query the installed software under the add/remove programs category) as on my clients asset intelligence scan will melt the client device during the scan(while the wmi scan is pretty much invisible to the user) EDIT: How can i request access to the slack channel?
|
![]() |
|
Our wsus servers have worked perfectly fine(as i matter of fact it was the first project i campaigned for and done in my current workplace to move from manual updates for ~120 workstations) since 2010(we moved them from 2008r2 to 2012r2 shortly after win10 came out). We had to move part of our updates workflows to SCCM which never fails to gently caress some new thing up at every update so consider me one of the few people who would prefer to have a decent wsus implementation insted of intune/Windows update for business. Most issues i've found in wsus stems from bizantine group trees and not cleaning up every month all the supeseded/expired updates, if you just keep a handful of non-nested groups it will work just fine.
|
![]() |
|
funmanguy posted:My boss is asking me to find a platform for live event streaming. Anyone have any recommendations for what might work for a small university that is only going to stream 15-20 times a year to a pretty small audience. We just dump the livestreaming events onto youtube live and it works, given the low volumes i would give it a shot in a testing enviroment(book the room you want to cast and have some people log in remotely from the campus) and see if it fits the bill. Just remember to set the livestreams as link-only.
|
![]() |
|
Xanderkish posted:Afterwards, my department head kindly advised me to "take it easy" for the soccer game we were doing next. "It's time to revive the old traditions and start playing like Vinnie Jones, if you tackle some intern make sure he won't walk ever again" ![]()
|
![]() |
|
SEKCobra posted:Bit of a general question, but I'm looking to migrate away from Dropbox since they started pestering me about my space running out, even if it isn't. Google Drive and pCloud have attractive pricing, can anyone recommend one over the other? Advantage of GDrive is, that I already have it and get 16 GB free anyway, pricing is fair for both and I don't actually need Terabytes. Google drive desktop software is hit and miss...We are having decent success with OneDrive/OneDrive for business have you tried it?
|
![]() |
|
SEKCobra posted:How so? Seems pretty on par so far. I've expericed issues if i use it on multiple computers or when working on a shared file. Mostly overwriting the up-to-date file with an old version.
|
![]() |
|
CLAM DOWN posted:Hey all, I would like to survey the thread about something, would really appreciate your help. I'm trying to gather info outside of my own job history and experience, and I would like to use the results I expect from this as ammo at my current job. 1) Yes 2) Entire work week if there are medical conditions that make going to work an issue(disabilities) else two-three days a week 3) Distance from workplace, number of childrens, availability of internet access and a laptop 4) skip 5) IT team is forbidden to do remote work due to being unable to service hardware issues on site(and mostly not having kids) so I’m simultaneously in both scenarios 6) Italy 7) Public 8) Union
|
![]() |
|
Sepist posted:Speaking of certs, do you guys keep expired certs on your resume? Except my palo alto certs and grandfathered net+, everything is either expired or suspended. I keep them on there, not like anyone asks about their status. I don't post expired certs but i keep the cert exams if they are relevant enough
|
![]() |
|
I've honestly had better results with chromecasts(albeit wired) than apple tvs... As long as you lock down the network where the chromecast is you are safe
|
![]() |
|
Volguus posted:Question: how does Chromecast work? Is it like a tiny computer that you can control from the phone? How do you access your media? Does it have to be made available via DLNA or something? Or can one just mount a samba folder on your NAS and play the files? What kind of codecs does it know? Have you had a movie that you couldn't play on it? Chromecast has a linux inside(if i remember correctly is a lightweight derivative of android), which gets two items from a smartphone app: a placeholder image(in some cases a loading image and a "waiting for stream" image) and a video feed in HLS format(encoded in h264 if using a old model or vp1/h265 on newer ones). It doesn't support multiple content feeds so no subs(some apps will have issues if you change the audio feed on the run too). It doesn't have smb or nfs, it will take videos from a http/https path(vlc will act as a middleman doing bridgehead from your smb share to chromecast). Internet Explorer posted:I've been pretty happy with the Microsoft display adapters that use Miracast because it uses wifi direct and you don't have to be on the same wifi. And more importantly the device itself doesn't have to be on wifi. Unfortunately, Google has decided that they won't support it. Big problem with miracast is that you are at the mercy of wifi interference, chromecast(and ATV) can be done over wired links, resulting in a more stable image if you have lots of noise in the 2.4/5 Ghz band. A lot of android manifacturers have miracast support tho, it's just usually hidden under weird marketing names(Huawei/Honor uses "Wireless Projection"). SlowBloke fucked around with this message at 19:42 on Nov 1, 2019 |
![]() |
|
Tab8715 posted:Somewhat related, when it comes to latency how much better is wifi over wired? Will I notice a difference with gaming? Wi-Fi latency is poo poo compared to any form of wired networking, be it moca,power line or conventional Ethernet.
|
![]() |
|
tortilla_chip posted:I'll bite. Why do HFT firms prefer microwave over fiber? Microwave relays/antennas just need permits on the buildings where the devices are installed, no need to ask permits for digging thru whole blocks.
|
![]() |
|
angry armadillo posted:I have an interesting project approaching the point of the fun bit, you could say. If by rostering you mean a who is active on that project/job and if you guys have Microsoft Teams, there is a shift management platform baked in. We tried it and it's functional, nothing terribly fancy but it's workable.
|
![]() |
|
Woof Blitzer posted:What’s it called when you do everything and also work on multiple teams (asking for a friend) Doormat
|
![]() |
|
GnarlyCharlie4u posted:Wow okay so I guess we're just gonna change SAN's in the middle of the day then... This kind of poo poo is why HDS HUS VM or Datacore exists, we did SAN to SAN migrations during prod with zero downtime and minimal to no performance degradation.
|
![]() |
|
Vargatron posted:Anybody have recommendations for remote assistance programs? Looking more and more likely that WFH will be enforced where I work and my department would like to get some software to facilitate user assistance. If you have a win10 fleet the onboard remote assistance program does wonders as it has added bridged networking (like teamviewer). We mostly use that or teams desktop share when we are in a pinch.
|
![]() |
|
Thanks Ants posted:Teams screen sharing adds an additional mouse cursor from the person helping, with their avatar flying around. It's nice. Windows 7 remote assist didn’t work well on different networks(if the computer you wanted to connect on is not on your lan, you are pretty much screwed), win10 quick assist will work fine on different networks by bouncing on Microsoft servers. SlowBloke fucked around with this message at 15:13 on Mar 9, 2020 |
![]() |
|
Bonzo posted:Can someone explain why faxing is such a huge industry even though no one uses actual fax machines anymore? I know email isn't secure so is there something special about how "faxes" are now sent? Legal reasons. In a lot of countries faxes have more legal value than emails or snail mail(esp. in healthcare).
|
![]() |
|
Antigravitas posted:And I beg to differ regarding fax machines. They are absolutely everywhere. Well most people isn't aware of having a fax, as pretty much every MFP has a fax builtin.
|
![]() |
|
If UAC and remoting is such a big issue, nothing stops you from having the prompt not being untouchable from the userspace(I know it’s not safe). It’s just a gpo away. We had to do so on roadwarrior laptops as sccm remoting wasn’t able to work properly when uac came up. SlowBloke fucked around with this message at 18:02 on Mar 9, 2020 |
![]() |
|
We use OTRS, not terribly happy about it (esp with the mobile experience) but there is pretty much no ticketing system I am fond of.
|
![]() |
|
Sirotan posted:Bro you do know where all the laptops are being built right We have managed to get dells latitudes in about ten or so days even during this crisis, EMEA logistics(to Italy) but last shipment I’ve handled came straight to China. EDIT: the aforementioned laptops are the reasons I’m forbidden to WFH, so I’ll have to unbox, setup and hand those to users in situ so those people will happily stay at home. SlowBloke fucked around with this message at 13:16 on Mar 14, 2020 |
![]() |
|
Hollow Talk posted:To be fair to anybody who has to stay behind in the office, if most people start WFH, your potential infection vectors still decrease with every person no longer in the office. I would be less pissed if I didn’t knew the people I would have to set up computers for are the type that went to skiing in the mountains during an epidemic, went thru maximum contamination area to shorten the return trip, held me in a meeting for an hour to berate me about my performance(even if I belong to an entirely different chain of command) and then had me fearing for dear life when I had to stay at home afterwards due to what was (thankfully) an allergy outburst. Just a random example. SlowBloke fucked around with this message at 18:33 on Mar 14, 2020 |
![]() |
|
Thanks Ants posted:The Microsoft clown car naming department has gotten bored already Someone forgot the funniest part: Office 365 personal and home are being renamed too to Microsoft 365 and they are adding......teams for consumers
|
![]() |
|
Zero VGS posted:Uhg the CEO of my company has to be a rebel and is the only person doing all their work on an iPad Pro exclusively. We did iPad remote support over teams, the user will share the screen and you try to explain what to clic/type over voice and chat. Our iOS devices are very limited in number so this is not much of an issue, with a bigger fleet I would try something less cumbersome.
|
![]() |
|
Im reposting this from iOS apps as this is a godsend for meSlowBloke posted:Newtek has made their professional iOS apps free, If you have a iphone heavy population with bad/no webcams on their pc, the NDI camera app will let you repurpose your iphone as a decent camera. App is network intensive so a lovely wifi means lost frames/robotic voice.
|
![]() |
|
![]()
|
# ¿ Feb 16, 2025 16:07 |
|
Antigravitas posted:I'm tempted to use LE for some """temporary""" stuff I'm working on because The Plague is impacting our processes. We are our own CA and I can get everything I want but due to all the CA paperwork involved it's a bit slow and I have to send dead tree around, which is not so easy without access to our internal post office… If the service you need a certificate for supports ACME/LE, set it up and remove the OPEX cost of the paperwork, worst case scenario you learn a new craft.
|
![]() |