|
"Oh you want $2000 to replace the D-Link consumer APs with two Merakis because the clients are furious that our wireless never works? Not in the budget, maybe next year! Hey while we're here, the CFO and HR Director need new laptops. What? No you can't use the same cheap Lenovo model we give everyone else. Get them the most whizbang fanciest model HP sells - i7, 16gb of RAM, SSD, ultra HD touchscreen, the works. It's only like $4000 and their perfectly usable current generation laptops just don't cut it for using Outlook and Chrome. Thanks!"
|
# ¿ Jun 19, 2015 16:03 |
|
|
# ¿ Apr 20, 2024 02:41 |
|
stevewm posted:Ubiquiti Unifi... https://www.ubnt.com/unifi/unifi-ap-ac/ It's not so much a dollar amount problem as a "wait you need money?" problem. I can just inflate my budget request for next year by like 20k and be done with it but it's the principle of the thing - clients are pissed, it's affecting business, but we won't drop pennies on it because reasons, also hey while you're here go drop double the amount you just asked for on this poo poo we totally don't need in the slightest.
|
# ¿ Jun 22, 2015 18:12 |
|
Maybe the new Meraki MX stuff would work for you? Site-to-site VPN is as close to "press a button and it works" as you can get. Only real downside is the Meraki licensing scheme. Never heard of anything working with Google Apps for authentication but I've not looked very hard either. Sheep fucked around with this message at 15:06 on Jul 18, 2015 |
# ¿ Jul 18, 2015 15:04 |
|
Just got done upgrading our HQ network to an all-Meraki setup. I don't even care that it's midnight and I just got home. It feels so good to finally have some control over the madness that doesn't require some poo poo Java application or screwing with an ASA via the command line, and it's so nice having VLAN tagging and switchport security properly setup. And a separate VLAN for voice. And subnets that make sense. And guest traffic properly isolated. And a wireless setup that doesn't involve BestBuy-bought "network extenders". And and and... Can't wait to roll this stuff out to all our branch offices and get all of our networks running on the butt.
|
# ¿ Jul 29, 2015 05:11 |
|
McDeth posted:A word of warning about Meraki. I was testing a couple of their AP's and had everything set up all hunky dory. One day I wonder into a satellite office with my laptop to take some notes using Asana and noticed an unsucured, open wi-fi network with our SSID. Turns out that Merakis will occasionally reset themselves to factory default but not retain any of the security settings that you set up, therefore turning themselves into unsecured wireless AP's plugged directly into your LAN. We already started deploying Meraki APs last year in some of our other locations and haven't had any issues whatsoever with them yet. Dunno what happened in your case - did you contact support about that?
|
# ¿ Jul 29, 2015 06:54 |
|
McDeth posted:Yup, to be fair it was a defective unit that was for whatever reason unable to pull the proper config without rebooting, but it still was a pretty big wtf moment to somebody in charge of securing a network with sensitive medical data on it. Someone else posted at some point about a semi-acknowledged issue with some model (I want to say MR26?) of AP that had a run of faulty wireless chipsets. I'm sure I bookmarked the post somewhere but the Meraki hardware guys were basically like "yup it's just jacked, nothing we can do". No idea if they ever got around to fixing it in future production runs or whatever. Meraki stuff is great when it works but there are occasionally really weird issues with it, it seems. The ease of management and configuration is totally worth dealing with it for us assuming large swathes of our equipment doesn't just up and die one day.
|
# ¿ Jul 29, 2015 07:22 |
|
Tots posted:Hey guys. I have a chance to get into a sysadmin job for ~80 users. As far as I know, I would be the only one there although I've been told there's budget for temporary consultants if I need help with something. This is for a new contract in a new building and I'd basically be setting things up from the ground up.. Nothing is in place yet. No domain, no ticketing system, etc.. Does this sound like a good opportunity or a death wish? Sounds like a good opportunity to me. Clean start means you get to do things right the first time instead of trying to clean up the messes your predecessors have left behind. The only thing that concerns me is the fact that you used sysadmin, 80 users, and ticketing system all in the same thought. So you're going to be this organization's one-stop IT shop? It's not an unreasonable task or anything but it does demand that you set realistic goals instead of waltzing in on day one and trying to setup AD plus ticketing plus remote support plus asset tracking plus god knows what else.
|
# ¿ Aug 7, 2015 15:17 |
|
Yeah, the issue was that company-wide stuff like that demanded approval from the very highest levels of the company, so by the time it got to the people doing approval it had been significantly changed. The good news is that some client threw a fit and I got the go ahead to replace all of our stuff - network equipment, laptops, even the copiers and printers if I so feel like it (I don't), so now my biggest problem is finding time to figure out when I want to fly out to all of our offices and do the installs. Miracles do happen in small business IT. McDeth posted:Yup, to be fair it was a defective unit that was for whatever reason unable to pull the proper config without rebooting, but it still was a pretty big wtf moment to somebody in charge of securing a network with sensitive medical data on it. I had a similar issue with an AP yesterday, rang up Meraki support and they were like "well this doesn't make sense at all, want us to ship you a new unit?" I told them I'd think on it, eventually wound up messing with the native VLAN assignment on the relevant port and the AP miraculously came to life, updated its configuration and defucked itself so everything's gravy. Also every MX security appliance we've had delivered so far had the firmware bug where static IP settings don't stick until the thing updates the firmware. The first time it happened was fun, the second time I learned to plug them in at home and update the firmware before driving out to do the install. So yeah Meraki quality control may leave something to be desired but it's all worth it considering how much less time we have to spend dealing with network BS now. Sheep fucked around with this message at 18:43 on Aug 11, 2015 |
# ¿ Aug 11, 2015 18:33 |
|
I'm 100% from home, but it definitely has its downside: on the one hand never having to get out of my pajamas is cool but I also start inventing silly excuses just to go outside after the first day or so, plus it does become difficult to separate life from work because the two are by definition really intermingled. My office at home is also full of random boxes and servers and laptops I need to get around to working on and it looks terrible.
Sheep fucked around with this message at 13:37 on Sep 12, 2015 |
# ¿ Sep 12, 2015 13:34 |
|
madsushi posted:My Rule #1 of IT is "the telco will gently caress you". Every single time, in every conceivable way? Telco: "Good news, your building is already lit up so fiber installation is a breeze!" Me: "Great!" *signs contract* Telco: "Actually it's going to take three months because we need permitting from the city for lane closure and construction of about 1000' feet of cabling."
|
# ¿ Dec 7, 2015 21:38 |
|
Does the machine even have an interface on the same subnet? Edit: you solved your own problem, subinterfaces is probably the easiest way to resolve this unless you have extra ports on the ASA. Sheep fucked around with this message at 15:47 on Feb 2, 2016 |
# ¿ Feb 2, 2016 15:43 |
|
If all they have are some spreadsheets and the like, put them in Google Drive and be done with it. Pairs nicely with an organization-wide move to Google Apps for email and what not.
|
# ¿ Feb 11, 2016 09:53 |
|
What you mean you don't like waiting for TCP timeouts to occur when attempting to browse to random web pages?
|
# ¿ Feb 18, 2016 17:55 |
|
We run our management users on RingCentral, then most of our facilities use on-premises PBXes of various flavors, all of which are terrible. I'm tempted to throw Asterisk up in the cloud and buy some cheap SIP lines for our next facility and see how much we save by doing it ourselves. Can't be worse than "the Panasonic PBX is on fire" or "we can't find anyone to service our PBX because it's so old" or whatever the next issue with our on-premises PBX turns out to be. My only real gripe with RingCentral is that you can't set forwarding from the physical handsets themselves, you have to do it via their (kinda crappy) dashboard. Other than that things have been pretty much fine. I do like their auto-provisioning function, I can't see how they could have made it any easier for us to use our old phones with them - it was like three mouse clicks and boom magic.
|
# ¿ Feb 19, 2016 04:02 |
|
Doublepost time! We're looking at moving away from using a shared terminal server as a file server and moving that functionality into the cloud. We presently use Google Apps for a bunch of things so were toying with the idea of just using Drive, but some issues (converting Excel stuff to Sheets isn't an option, for example) remain, so we were kind of considering Sharepoint Online. What are other people doing for these sort of situations? Can anyone comment as to how well the O365 web apps work, especially in regard to crazy macros and functions? Edit: Maybe we can make Drive work with the Google Drive for Office Plugin? Looks promising, at any rate. Sheep fucked around with this message at 06:01 on Feb 19, 2016 |
# ¿ Feb 19, 2016 04:55 |
|
We're looking at getting extra backup connections for our facilities on the east coast - anyone have suggestions? AT&T has had the best pricing so far but it's AT&T and that's obviously a huge problem. Most of our facilities are with TWC at the moment so we want to steer clear of them so that they won't be a single point of failure for us.
|
# ¿ May 5, 2016 00:06 |
|
Yeah, that's our main concern. I briefly looked at 4G internet but I reckon that these will get such rare use (and we'd have trouble getting reception in some of our network closets) that we'd honestly be fine with a DSL/cable line in most facilities so long as it fulfills the requirements of not coming in via the same route as our existing connection. With most of our stuff being with TWC it seems like DSL through AT&T would be our best bet but I'm hoping to draw on some of SHSC's pooled knowledge here if there are any better options.
|
# ¿ May 5, 2016 02:29 |
|
Azure ADDS does not support full domain services functionality so you can't replace an on premises (or VM in the cloud with VPN) setup with it.
|
# ¿ May 26, 2016 01:50 |
|
I had no idea Amazon Workspaces was even a thing. We're in the early stages of a migration to a platform which doesn't really fit our needs and was only really selected because it was an emergency so ... might be time to stop and reconsider things. If I can just give every user a desktop via Workspaces and let them share documents within the VPC then that would be a way better option. Hardest part I guess would be figuring out if it's possible to somehow set up SSO using Google Apps as the identity provider because I can already see the fallout if I've got to go tell everyone to remember yet another username/password combination.
|
# ¿ Jun 11, 2016 00:57 |
|
Our PBX somehow assigned line two to ... some sort of open mic somewhere else in the building (in a part we don't lease) after a reboot, so we could overhear someone talking to their coworker for like fifteen minutes until I rebooted it again which magically resolved it. The dumb thing is the wiring is all analog so the root cause of the problem still exists, just the PBX isn't making that connection anymore. In conclusion gently caress phones and I can't wait to move all our stuff to VoIP once we're done making sure QoS is working across the board and get our backup connections in. Best part is gonna be tearing the three decades of 66 blocks* off the wall and dumping them and all the associated cross connect wire in the bin. * unnecessary 66 blocks at that because no one ever cleans their bullshit wiring jobs up and is content to just tack on another block and add another mess of cabling and move on to the next job without a care in the world as to future management/troubleshooting. Sheep fucked around with this message at 02:16 on Jun 12, 2016 |
# ¿ Jun 12, 2016 02:12 |
|
For a hundred people I'd probably just use a Google Sheet and the Yet Another Mail Merge addon since that's like all of $25 and you'll be done in about eight minutes start to finish. We use a third party service with a full blown API for the big blasts (like tens of thousands) but that seems incredibly overkill for your situation.
|
# ¿ Jun 13, 2016 14:53 |
|
I had to go through the de-blacklisting process when our company blasted a few hundred thousand people from an SMTP server they ran on an AWS instance That was several days of my life I'll never get back.
|
# ¿ Jun 13, 2016 23:38 |
|
Three words: developers, marketing, contractors.
|
# ¿ Jun 14, 2016 01:52 |
|
Man I haven't given my SHI account people the time of day in two and a half years except to get quotes and never buy their poo poo and they still haven't sent me anything on that level.
|
# ¿ Jun 16, 2016 01:36 |
|
As someone who uses Meraki Systems Manager for MDM I can confidently say that it can be a decent fit if you are already a Meraki-heavy environment, but if that isn't the case then you definitely want to look elsewhere. It has enough drawbacks that were I starting over from scratch again I would not consider MSM.
|
# ¿ Jun 17, 2016 17:52 |
|
Being a not_Windows guy, I'm still confused as to how you're supposed to domain join roaming laptops that may never even be connected to the company network for weeks at a time without splurging for Enterprise. Azure ADDS isn't a mature thing yet so the only option remaining is DirectAccess which is obviously a no go because, again, Enterprise. Edit: last quote I got on Enterprise was $275/user which is kind of a joke, comes close to increasing our per user cost by 40%. Sheep fucked around with this message at 19:02 on Jun 17, 2016 |
# ¿ Jun 17, 2016 18:57 |
|
I'm still not clear how that works - how do you get something like OpenVPN to both startup and connect prior to the logon process with Windows?
|
# ¿ Jun 17, 2016 19:02 |
|
SneakyFrog posted:VPN and Network Access Protction NAP is fully deprecated now though? Or is this article just unclear? Sounds like it flat out doesn't exist as of Server 2016. Walked posted:You can do similar with Win 10 by creating VPN connection and then clicking the network icon in the lower right before logon Huh, guess I'll go throw something together and see i I can get this to work. Looking forward to the deluge of helpdesk tickets/pushback from users that adding a step to the logon process is going to cause. Edit: sorry for derailing this thread with my dumb Windows issues. Sheep fucked around with this message at 19:11 on Jun 17, 2016 |
# ¿ Jun 17, 2016 19:09 |
|
FWIW I would not call Meraki Systems Manager a legit MDM solution, at least for Windows devices. The options look decent enough for OS X/iOS and Android is probably kind of meh but the Windows options are pretty slim and it fails in some pretty spectacular ways (application installation is very hit or miss on Windows 10 and we've got an open ticket about it going back to February with no real resolution in sight). Edit also can't push VPN configuration to Windows devices with Meraki Sheep fucked around with this message at 20:41 on Jun 17, 2016 |
# ¿ Jun 17, 2016 20:22 |
|
Aside from being a massive waste of addresses on a 50 node network there's nothing technically wrong with it.
|
# ¿ Jul 13, 2016 19:22 |
|
We're in the process of doing this, but only with about 40 gigabytes of files so it's not a huge deal to do them by hand via the browser, just a little time consuming. If I had to do terabytes worth of stuff I'd definitely be looking at a solution that wasn't drag & drop so I am interested to hear how your migration goes.
|
# ¿ Jul 20, 2016 17:40 |
|
What was the name of that program that would remotely change (and keep track of!) passwords for stuff like domain accounts on a regular basis?
|
# ¿ Aug 4, 2016 16:26 |
|
NevergirlsOFFICIAL posted:if you mean local computer user accounts then LAPS Yep, that's it, thanks!
|
# ¿ Aug 4, 2016 17:15 |
|
That's easy if you've got things up to snuff security wise, just do the self-assessment questionnaire. It's dead easy if you don't actually handle any credit card data.
|
# ¿ Sep 23, 2016 17:15 |
|
NevergirlsOFFICIAL posted:I'm trying to find a good solution for "cloud based" file storage, to completely replace file servers on the premises. Any success stories? Google Cloud Storage + GCS-FUSE? We just use it for differential backups but looks like it would work, also doesn't require adopting G Suite unlike Drive.
|
# ¿ Mar 8, 2017 19:33 |
|
NevergirlsOFFICIAL posted:How would a user in the office access files on GCS? I don't know anything about it. Can I do a caching server? Does it map like an SMB share? FUSE will expose your GCS bucket to the local machine, from there you can serve it up with SMB or whatever you want. quote:1. Follow the instructions for installing Cloud Storage FUSE and its dependencies. Sheep fucked around with this message at 23:47 on Mar 8, 2017 |
# ¿ Mar 8, 2017 23:44 |
|
Thanks Ants posted:Google Team Drives and Drive File Stream have been announced at Next '17 so that might be worth looking at as well. Don't both of those require either Enterprise or Business licenses though? As I recall these features aren't being rolled out to the basic tier, which sucks cause as a small business (300 people) there's no way I can get approval from finance for the extra license costs. Sheep fucked around with this message at 01:35 on Mar 12, 2017 |
# ¿ Mar 12, 2017 01:30 |
|
We use ScreenConnect too, zero complaints aside from a couple of dumb design decisions that were quickly rolled back (they actually listen to customer feedback on their forums).
|
# ¿ Apr 25, 2017 20:41 |
|
We purchased our license like seven years ago (pre-buyout) and are also using the on-premises rather than hosted version because a third party should never have access to your machines. I don't really know what ConnectWise does and I don't think I want to. Also not an MSP we just use it for internal remote support on ~200 machines.
|
# ¿ Apr 26, 2017 04:39 |
|
|
# ¿ Apr 20, 2024 02:41 |
|
Beefstorm posted:Is there a dedicated Sharepoint thread? I feel like its grand enough in it's own complexities, that I'm surprised if there isn't a thread yet. Yeah, right here.
|
# ¿ May 4, 2017 14:26 |