@Pete-S said in New server q's:

@siringo said in New server q's:

Those last 2 posts are spot on Scott.

If I were to deploy a solution that was different to what everyone else was deploying, even if it was cheaper, better, faster, more resilient etc, I'd be lambasted by others simply because it was different and more likely, not understood.

That can lead to unhappy management, which can then lead to all sorts of grief for me.

This is obviously, not what I want.

Thanks for all the info & advice, it is greatly appreciated.

So you should buy the same old server model from 2016 to stay consistent with what they currently know 🙂

Unfortunately yes.

It comes under the job preservation title. I live in area where IT work is extremely hard to secure due to there not being much of it, so rocking the boat is not a good move.

@scottalanmiller said in ps2 to usb adapters:

If I really think about is, most keyboards prior to PS/2 were using more traditional serial adapters. Which were digital. Duh.

Actually the first IBM PCs used the same type of electrical interface but a different connector, a 5 pin DIN.

The mouse was a real 9-pin serial DSUB at first though. If my memory is correct LOL

@scottalanmiller said in SSH jump server access control?:

The challenge is really that you have to identify a person on the network separately from their identity to applications. Generally networks are not user aware.

I believe the user-based network restrictions only extends to the target server(s). So outbound from the jump server. (As you said one jump server / IP per user and then firewalled off would be one way to do it).

So someone could potentially move laterally efter they have logged in to the target server. But other servers will probably only accept connections from jump servers so it would be hard. Which is on purpose of course.

this goes back to 2016, but sounds just like what you're experiencing:

*Symptoms

After you apply this update on a Remote Desktop Session (RDS) host, some new users cannot connect to an RDP session. Instead, those users see a black screen, and they are eventually disconnected. This issue occurs at unspecified intervals.*

https://support.microsoft.com/en-us/kb/3179574

Chrome is managed by GPO,… but computer not moved. We had another computer pop up with the issue Friday so issue is growing.

Make sure to update firmware.

@JaredBusch said in KVM networking with libvirt (virsh) questions:

I assume that Debian 11 uses NetworkManager? I don't have a clean Debian system running KVM to check.

If so nmcli and its related commands are your friend.

Thanks Jared.

Reading about nmcli and seeing your screenshots led me to understand that macvtap devices are only active when the VM is actually running.

Using ip link I can now see the macvtap device on the host. One for each VM connected.

7ad85ba6-1b7b-40a2-aa7a-d8e12988683f-image.png

@Pete-S said in Save shell session to disk?:

That's why you should launch ssh like this:
ssh [email protected] -t screen -RR
If you don't have a session going it will create one.
If you had a session going but it was interrupted, it will reconnect to it automatically.

@JaredBusch said in Save shell session to disk?:

I do not like to launch screen for no reason.

@travisdh1 said in Microsoft Finally Deprecated WINS:

But WINS was always painful.
Just avoid additional pain.

Most people use and rely on it without realizing it. You'd be amazing how many networks use it for discovery still and no one in IT has even heard of it.

The problem is an ID 10 T issue

@scottalanmiller said in Leveraging Zoho Connect:

@Pete-S said in Leveraging Zoho Connect:

So I would disable feeds, groups, channels and ideas from Connect. Streamline it. Use it as a "static" information hub with manuals, links to all apps you use, phone directory (people) and whatever else you might need that is static. Have it setup as the starting page in the browser where applicable.

Trying this, but can't find where to disable.

Try settings on the right top edge.

Should look like this:
d0cf8d16-4fc0-45bb-b09b-eb0d4da5ad7d-image.png

I haven't tried which options can be disabled and which cannot.

But under Apps & Features there are some options:
5ae48811-169d-434a-8cca-7a64dfc9472c-image.png

@JasGot said in Unattended remote access utility/ computer:

@scottalanmiller said in Unattended remote access utility/ computer:

@JasGot said in Unattended remote access utility/ computer:

@ElecEng said in Unattended remote access utility/ computer:

I have been using these recently and love them plus they give you BIOS-level access and virtual media with no limitations.

https://tinypilotkvm.com/?ref=ga3&gclid=CjwKCAjwyaWZBhBGEiwACslQo4pjQM3MLVoZgitDcyDn41jEzDcbBF3k29MzbVb8urtl0MIDuJQ49hoCJ0wQAvD_BwE

This too:
https://www.lantronix.com/products/lantronix-spider/

Same issues though, no computer to access and would need one for every machine if they existed.

No. You install it on one computer and then remote (ie; RDP) into all of the others. I only pointed it out because it gives you access to the bios and pre-boot screens like tiny pilot, which can be handy.

They are handy, for sure. I was just pointing out that in order to get those features everywhere, you have to deploy those everywhere.

Audio device settings in Teams:

Teams audio settings.png

Variation for Debian 10 + Dovecot 2.3.4.1:

cat /var/log/dovecot/dovecot.log | grep imap-login:\ Info:\ Login | sed -e 's/.*Login: user=<\(.*\)>, m ethod=.*/\1/g' | sort | uniq | wc -l

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@Dashrender said in Send an Email via SMTP from Command Line with cURL:

@Pete-S said in Send an Email via SMTP from Command Line with cURL:

@scottalanmiller said in Send an Email via SMTP from Command Line with cURL:

First the command itself, showing gmail settings here by default but obviously fill in with your own details:

Does it work? I thought gmail required OAuth nowadays and you couldn't use plain username & password for authentication anymore.

gmail still allows the creation of app passwords.

OK, then it works for now I guess.

I always cringe when I see MSPs that set up their clients MFPs and other devices using random gmail accounts.

IMHO it's unprofessional and much better to use a real transactional email service for these kinds of applications.

It depends. If it is going out to customers, then it's weird. If it is for purely internal stuff then transactional email doesn't make too much sense. But if it is internal, normally you can just use whatever internal tool you already have.

Typical scenario with gmail is that someone sets up a MFP to use a random gmail address for sending alerts and scanned documents.

When the user scans the document it's often sent to his own email address [email protected]. So primarily internal.

Well, problem is that gmail saves mail sent over SMTP in the sent folder. Which means that the "printer guy", who if often not even an employee, can read all the scanned document that was ever scanned and emailed by logging in to the gmail account he set up.

And of course sent email coming from outside your domains might be flagged as spam. So people scan documents and it doesn't work. I mean the list of problems is long.

Well when lots and lots of companies still demand to only use Gmail already, it's not so weird.

You'd be amazing how often we get people requiring that they stay on Yahoo and AOL addresses for their businesses. I kid you not.

5f34099e-464c-4cd3-a7e3-f7845ca46d05-picardfacepalm.jpg

@scottalanmiller said in Any Experience with BeeLink Mini PCs?:

@gjacobse said in Any Experience with BeeLink Mini PCs?:

@scottalanmiller said in Any Experience with BeeLink Mini PCs?:

@gjacobse said in Any Experience with BeeLink Mini PCs?:

Would any micro form factor pc work? While I would never suggested Lenovo,.. their micro is about that size with 65w power supply... I'd go Dell or ANYONE else over Lenovo!

In theory, but Lenovo is typically 300% or more cost for the same thing. Lenovo we can get in country easily (they are about the only ones), but the cost is absurd. For these, in the US, prices are like $250!

I would never recommend Lenovo - to expensive for the hardware. But - it's what the office uses, I'd go HP before I went Lenovo...Unless it was free...

We've gotten two Lenovo's for free from Lenovo. Both were like $1800+ models. Both died really early. I'm literally diagnosing the dead hardware on one of them right now 😞

Dang- that’s not good. The free I refer to is the: it’s had its life and it’s heading to the trash/ recycling bin. Drive pulled and ‘scrapped’. So it’s already several years old….

The models we are using now are running about $2100 and up.

@Pete-S said in Anyone here using Zoho Sprints?:

@scottalanmiller said in Anyone here using Zoho Sprints?:

Literally deploying it this morning!

Let us know how it goes.

We ended up using the functions in our hosted GitLab instead of tracking things in Zoho Sprint.

But there is always a need to re-evaluate and improve things.

We use GitLab traditionally, too, for that.

@Dashrender said in wifi for unmanaged devices:

We have a corporate WiFi and a guest WiFi network.

The owners keep asking to put their personal phones on the corporate WiFi - The only thing this could gain them is access to the printers to print from their phones, but it's not something they have ever done.

Am I just dieing on a hill for no reason wanting them to put their personal devices on the guest WiFi?

Flip the ssid names and tell them you did it