Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Maneki Neko
Oct 27, 2000

Sheep posted:

Maybe the new Meraki MX stuff would work for you? Site-to-site VPN is as close to "press a button and it works" as you can get. Only real downside is the Meraki licensing scheme.

Never heard of anything working with Google Apps for authentication but I've not looked very hard either.

Meraki would do the trick. I've seen this before, it provides RADIUS with a google apps backend, which would work with pretty much any vpn device:

http://cloudessa.com/products/cloudessa-radius-service/

Adbot
ADBOT LOVES YOU

Maneki Neko
Oct 27, 2000

adorai posted:

gently caress you for validating the idea that we should reevaluate our firewall rules every quarter.

lol PCI/HIPAA compliance

Maneki Neko
Oct 27, 2000

pixaal posted:

I know people recently were talking about One Drive in this thread. We have been abusing our webhost as an FTP apparently for the last few years and they aren't too happy. They have an "unlimited storage" policy and if you creep into the top 0.05% of usage they ask you to justify every file in relation to your website. My predecessor set this whole thing up, and now I'm scrambling to get a working solution before they delete all of our stuff (~50GB of product images, and psd files that should be in a shared drive instead).

We need some of this to go to outside companies so we need something. We have office 365, so we have one drive. The $75/month for dropbox is a bit much. I could probably get it paid for but it would be hard to argue in favor of it when we have One Drive already. How much trouble is this going to give me, and is that new version out yet? Is there a link to an article about the new version for business anywhere?

I'm not even sure the other companies are going to be okay with either solution but want to know what I'm getting myself into with One Drive.

You'll need to sign up for the preview to get the sync tool, they're doing a staged rollout:

https://preview.onedrive.com/sync

Here's some info about what it does:

https://blog.onedrive.com/meet-the-new-onedrive-for-business/
https://www.thurrott.com/cloud/office-365/6412/microsoft-finally-ships-improved-onedrive-for-business-sync-client-for-windows-and-mac

Maneki Neko
Oct 27, 2000

Beefstorm posted:

What is everyone's thoughts on N-Able/N-Central? I've been playing with the trial and its really nice. Seems to do a lot of stuff for you.

Plus that automation engine is pretty nice.

Are you an MSP? We looked at them right around the time they got bought by Solarwinds, but their sales guys were so bad they basically turned us off of the product and we went with a different RMM instead.

Maneki Neko fucked around with this message at 18:08 on Oct 7, 2015

Maneki Neko
Oct 27, 2000

Eikre posted:

Maaaan. I wish I could set the Gmail provided by Google Apps to just serve as a thin IMAP client. Yes, google, I would really love to use your interface to replace Horde and have everyone logging into the same place to get both the company calendar and webmail. No, google, I don't want to point my MX records at you, and I don't want a mouthbreathing POP setup that spirals off into having its own Sent Items and folder structure. Feels like you guys were an inch away from giving me the perfect loving thing and just didn't wanna make the effort.

EDIT: Wait a minute, maybe I could run some sort of hosed up headless clients on my servers that pushed data upstream using the IMAP access that Google gives you to their servers??? Oh my god, and then whenever a user did poo poo in Gmail, I would note the changes and mirror them back to our own inboxes. Fuuuuuck, why am I actually considering this?

A fine example of self face punching.

Maneki Neko
Oct 27, 2000


Has anyone actually found a PC with this on it in a business environment? We touch a multitude of Dells and so far no one has actually been able to find a PC with it.

Maneki Neko
Oct 27, 2000

Internet Explorer posted:

Well, isn't that fun. One of the latest Windows updates for Windows 7 just broke our printing GPOs. Just bog standard GPO printers via Policy (not Preference.) Thankfully we only have a couple of physical PCs left and I haven't applied updates to our VDIs yet.

Just to clarify, this only appears to occur if you are using security filtering and authenticated users do not have read permissions to the GPO. Still, I'd expect Microsoft to pull/revise the update, as they haven't given consistent guidance on whether or not authenticated users should always have read permissions to GPOs.

Maneki Neko fucked around with this message at 18:07 on Jun 15, 2016

Maneki Neko
Oct 27, 2000

Internet Explorer posted:

One of our users has a policy without read permissions, but the other all had GPOs with authenticated users.

[Edit: Any idea what KB it was specifically? Have not had a chance to dig deeper into it.]

KB3159398

Maneki Neko
Oct 27, 2000

Depending on your budget/vertical could look at Nasuni and Panzura as well.

Maneki Neko
Oct 27, 2000

OSU_Matthew posted:

What applications are you guys using for remote desktop? My boss is looking for something less expensive than updating our teamviewer license for remote support with our sales people in the field. Locally I've been using vpn with apple remote desktop and microsoft RDP for stuf I'm using, but it'd be nice to just have a single application I can tell people to install like teamviewer.

We've been using screenconnect for a long time although I understand their pricing models have changed recently.

Maneki Neko
Oct 27, 2000

Thanks Ants posted:

What is it with MSP owners being unable to sack worthless sacks of poo poo clients simply because they've "been with them a long time"

YOU DON'T WANT TO LOSE YOUR WORST CLIENTS!

Maneki Neko
Oct 27, 2000

Jeoh posted:

apc smartups 1500VA should be plenty tbh unless your server is actually a furnace

Yeah, this is our go-to option for remote sites, although it's not cheap with the network card.

Maneki Neko
Oct 27, 2000

Jack the Lad posted:

Okay, cool, I've booked calls/demos. Seems like Nessus is half the price of Qualys and like AlienVault can do more than either.

Today's :psyduck: thing - Windows 10 has Fast Startup enabled by default, and Fast Startup means Windows Updates might not install.

e: Wow AlienVault is expensive. Nessus it is.

AlienVault does a lot more though.

The only thing about Nessus is that it's results are not certified for PCI audits and can't be sent out as proof of compliance (which hopefully you're already aware of), whereas Qualys is. Doesn't mean that Nessus is bad or isn't the industry standard, but if you need to hand off scan results as proof of compliance to whoever your processor/bank is, it's not the right tool.

Maneki Neko
Oct 27, 2000

thebigcow posted:

Avoid Sage.

Too bad they keep buying everyone else :(

Maneki Neko
Oct 27, 2000

Thanks Ants posted:

I’m pretty sure the SG300 series is EOL now.

I priced some switches recently and the Aruba 2930F were a good option, and with VSF you can cluster them for management and do cross-switch LACP bonds.

Sadly no such luck on the SG300s. They have end of saled a few models, but not all. We run into them all over the place.

Maneki Neko
Oct 27, 2000

Gerdalti posted:

I've been asked if there's a cheap (free) and easy way to monitor a single employee's computer usage (are they on facebook all day, etc). I don't have anything in place for that, and my google-fu is failing me. Any suggestions? Even something as simple as "a screenshot a minute saved to a network folder" would do the job.

We’ve used this from time to time and it’s always worked great:

https://activtrak.com/

Maneki Neko
Oct 27, 2000

ConnectWise Control (aka ScreenConnect) is really nice as a remote control tool.

Maneki Neko
Oct 27, 2000

NevergirlsOFFICIAL posted:

speaking of connectwise, they bought continuum, anyone got the scoop on how that's gonna work vs. labtech which they also bought

All the chat I’ve heard is they feel there’s enough difference in audience between the two that they’ll keep one for MSPS that can do it all in house and one for folks that want to outsource helpdesk, NOC, SOC, etc.

Maneki Neko
Oct 27, 2000

codo27 posted:

I like our Lenovo fleet but the price of docks is insane. I bought a few USB C mini docks and they have VGA and HDMI, but you can only use one or the other, officially the dumbest thing ever. Is there a good third party dock thats not too expensive that will do dual display and charge our machines over USB C?

On a side note, the Lenovo thunderbolt 3 docks are hot garbage, so avoid those :)

Maneki Neko
Oct 27, 2000

nvrgrls posted:

I have a BUSINESS NEED for a user to be able to install software on their machine, sometimes. I don't want them signing in as local admin all the time. In on-premise AD world I would've used LAPS, but this client is Azure AD. What's the best thing to do? I can have him call the helpdesk and they add him to local admin on his machine, and remove him at the end of the day or whatever... I can create a separate local user... I hate both those options.

There's a world of options out there software wise that will let people escalate temporarily or do certain tasks as admin, we generally use policypak for this (and many other things), but there's a lot of alternatives.

https://www.policypak.com/policies/least-privilege-manager/
https://www.adminbyrequest.com/
https://github.com/pseymour/MakeMeAdmin/wiki

Maneki Neko
Oct 27, 2000

unknown posted:

It's the size of the DNS packet and the crap resolver in the scanner that bombs out if it's too big a packet. (Often happens when there's additional info tossed into the response). Usually happens when there's authority info added to the packet - which will increase the packet size to >256bytes.

This sounds like a reply with a backstory :|

Maneki Neko
Oct 27, 2000

The Fool posted:

If you don't already, use your non-profit pricing to get Microsoft 365 E5 licenses.

Otherwise, you may run into issues licensing/deploying some of the things you're trying to do.

Microsoft is pushin Microsoft 365 Business Premium hard for smaller orgs (non profits included) and there’s a lot there for the price point (including a chunk for free for non profits).

Very much worth a look to see if that would cover all your needs

Maneki Neko
Oct 27, 2000

Tapedump posted:

So here's a question I've been dreading but have not the political capital to prevent... the guy who signs the checks at our sister company wants employee surveillance/nanny software put on all the work PCs (laptops mostly, around 30).

He's on that management kick of "they might be stealing time" and has tasked me and my partner to find a product that will take, at intervals, screenshots and some keystrokes to prove his fiefdom is "working properly."

Pretend it has to happen, full stop. Pretend it's written into policy and everyone's signed off on it.

Focusing on the product, I know some of you in this thread have experience with or cautionary tales of (beyond the obvious Orwell) technical problems.

Please help me make this suck less than it has to.

For what it is https://www.activtrak.com/ was pretty boring and painless to implement. And in shocking news the same people who asked for it never seemed to ever log in and check it.

Maneki Neko
Oct 27, 2000

dexter6 posted:

Is there an easy way to install Xerox Workcentre printers with Windows Autopilot/Intune?

Xerox wants to sell me their Printix solution which seems like overkill for 50 employees and 3 printers.

Xerox can die in a fire (YMMV based on your reseller), but Printix is great

What issues are you having with Intune?

Maneki Neko
Oct 27, 2000

dexter6 posted:

Thanks for all the replies about MSPs.

Can you give me recommendations if a few to look at? Or at least to avoid?

May also be worth asking around in your professional network to see what other folks are using.

Maneki Neko
Oct 27, 2000

codo27 posted:

What would you recommend for a Teams/meeting headset with decent volume capability or noise cancelling?

If you've got the budget, the Poly DECT headsets in particular are great, we had problems with interference with the bluetooth models in more crowded offices. You should be able to find them far below MSRP if you look around.

https://www.poly.com/us/en/products/headsets/savi

I wanted to like the Sennheiser DECT headsets, but they just kept dying. :(

Adbot
ADBOT LOVES YOU

Maneki Neko
Oct 27, 2000

dexter6 posted:

Looking for a simple solution…

We have an office of < 10 people and about a year ago we removed all the phones from the office and stopped paying for phone service because we’re hybrid and everyone is just using Teams and Zoom these days.

But, when we cut off phone service, I wasn’t aware that the front door entry system calls an actual phone number to buzz someone in.

As a work around, I got a phone number in Teams and set it to ring to everyone’s devices but the system doesn’t consistently like when they punch “9” to let someone in, so the team is asking for an actual phone again.

I know almost nothing about voice stuff… Is there anyway I can like… get an Ethernet phone, plug it in and have teams like… assign a number to it and have that phone ring from the front call box?

I see that Microsoft has some Ethernet teams phones… will that work? Or am I missing something?

Physical teams phone should work fine for this and seems like a pretty cheap/easy lift, but as Thanks Ants pointed it's not super clear that fixes your problem without some testing.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply