@JaredBusch said in Why Do Vendors Use MAP Pricing?:

@Dashrender it also depends on the product.

I buy most things on the sale price, because it is not urgent. I buy clothes though, as needed, because I hate buying clothes and only buy when shit is worn through.
On the other hand, my wife buys clothes on the sales, planning ahead for seasons and when thing wear out.

And I only buy in thrift shops, where there aren't sales.

@Dashrender said in O365 Outbound email issue:

@JaredBusch said in O365 Outbound email issue:

For the record, even though I made the above connector and it failed to verify, I did save the connector. Apparently, that was enough as email is sending now.

So which connector is solving this - the TLS regardless of cert condition, or the No-TLS

I only left the TLS regardless of cert, so it has to be that one.

@brandon220 said in NAS for Plex use... Again:

Looked at the server's spec sheet and it says a max of 8 - 6Tb

So you ordered larger drives than the controller can officially handle? Might be fine, but sometimes, that's an actual limit.

Looks like 2012 R2, am I correct? Have you tried reinstalling the services?

@jmoore said in How to hide a network printer:

I don't use dhcp.

I didn't used to either, but I do now. I use DHCP reservations for devices like these. Makes updating them later if a network change ever happens a snap.

@taurex said in RingCentral and Vonage:

As for the handsets, yes, Maxo sells them with a quite a bit of a margin but they don't customise any handset firmware like some other telcos here that lock you in with their handsets.

Again, I'm comparing against zero firmware modification rates. That's great that they don't do that, but no one does that here. We assume when buying a phone that it isn't sabotaged. That would get you sued in the US. It's not a bargain just because they don't do something unethical, it's still expensive for doing the right thing. Not complaining about them, just saying that looking at available rates in Australia, they seem high.

@scottalanmiller said in Yealink phones:

@Dashrender said in Yealink phones:

@scottalanmiller said in Yealink phones:

@Dashrender said in Yealink phones:

I don't see how useful this really is? Sure in a tiny company you might have everyone else's extension as a button/BLF on your phone, but normally you won't.

In theory, even a fair sized company has reception and physical phones with 120+ BLF keys. So that it comes up, very common. You only need 120 people that you could reasonably have to talk to (executives, sales, account managers), so that could easily be a company of over a thousand total and still have BLF for all reasonable use cases.

But even way smaller than that, we've got the call center using online switchboards and the BLF solution wouldn't work.

Sure, but you don't typically deploy sidecars to the whole company.

Of course. But in a typical org, it's only receptionists having the problem to begin with, or maybe a team manager.

For us, it's the customer service team (more or less a reception desk of sorts) seeing if techs are available. Or the sales manager seeing if sales team is available.

I feel we've drifted away from the original problem - that if a person has two or more lines on their phone, that if the person is on a secondary line, anyone calling them won't know it, and it will ring and interrupt them. The whole mentioning of BLFs and switchboards don't really help that situation, since most end users won't have either option for seeing the person's status they are calling.

@gjacobse said in pi-Hole: Client and Recursive DNS:

And since i'm running this now, I get a notification on recursive DNS -

Yup, just ignore them.

I think it's a bit different because it's also user based. This is much more limiting being only a single user.

@BraswellJay yes

@stacksofplates said in How to let only customers download files with wget/curl?:

@Pete-S said in How to let only customers download files with wget/curl?:

@stacksofplates said in How to let only customers download files with wget/curl?:

@Pete-S said in How to let only customers download files with wget/curl?:

have scripts serve the data and what not.

Wait are you talking about CGI scripts?

Yes, that's a possibility when you are using a webserver, instead of ssh.

If you access a file over ssh, AFAIK the file is a static file and it is what it is.

If you however access a file over https, you can have a script on the webserver delivering you the file and you can send parameters to it. For instance :

wget -o install.sh "https://xyz.com/my_special_install_script.py?os=CentOS7&special=2&customer=2432"

You just have a gazilion options when you connect over a webserver.

Yeah I thought you were providing files through just a default webserver. So while CGI isn't insecure by itself, you have a ton of work in securing the scripts you create. You might be better off just writing a small API to hand off the info instead of trying to properly secure CGI scripts.

Another option is a serverless function leveraging the providers authentication to serve the files up.

Here's an example from GCP where you can just check require authentication using their IAM.

Thanks, I had the intention of letting the webserver authenticate and in most cases provide a static file directly or when needed invoke a script that will provide dynamic content.

I haven't checked nginx yet but apache can check client SSL certificates easily.

@flaxking said in SSL/TLS client certificates questions:

Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted.

From what I've seen so far, I've come to the same conclusion.

@jmoore said in Redoing Home Network:

@scottalanmiller I'm the same way, I get that habit from my Av days. I bought Allen & Heath mixing boards, QSC amps, and small Community speakers. This is all professional equipment and it had more options and lasted a lot longer. In fact all those pieces are still working today.

Yup, I can from the audiophile world, too. And it was often cheaper to get hifi gear than to get the crappy, sounds horrible consumer junk.

@scottalanmiller said in pi-hole: Group Management:

@marcinozga said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

@marcinozga said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

I just use CloudFlare for families. If I need to, I can change DNS on whatever to view something.

That only blocks malware and porn if you choose to. What about ads, marketing crap, tracking, etc.?

I leverage what's in the browser for that stuff.

That might not be 100% the best way to handle it, but I don' thave to manage and pay for a server to do it.

No Raspberry Pi lying around?

Who has an unused computer lying around? lol

I don’t, this old box of mine is hitting its last legs...

@stacksofplates said in Local Encryption ... Why Not?:

@scottalanmiller said in Local Encryption ... Why Not?:

@stacksofplates said in Local Encryption ... Why Not?:

@Dashrender said in Local Encryption ... Why Not?:

@scottalanmiller said in Local Encryption ... Why Not?:

@jmoore said in Local Encryption ... Why Not?:

I've advocated we store nothing on our laptops but so far its had little effect. We are very backward here unfortunately. I think storing mostly online is very good and makes services like Nextcloud very valuable in this scenario.

It was turned on by the vendor when delivered. Nothing was stored on the device and they had no idea that there was encryption on it.

A new laptop showed up that way once - I was like - wth?

I think the bigger question was, it didn't get reimaged to whatever standard they're using?

Ha, this is medical. Zero standards. Ever seen any medical that has a standard build? Nope. Or even standard hardware? Nope. Or even consult someone in IT within six months of having put a machine into service? Nope.

Idk when I was doing my business I had a few Drs offices and I reimaged them when they got one.

That's because you got to be in charge, I would assume. Here we are only "as needed" and the head of operations runs IT and only has us fix what she breaks (which is quite a lot.)

@JasGot said in How to start taking a company to Microsoft 365 based operations.:

If a customer is asking to go "Cloud based" and they want to stay MS based. What would be you path for a customer who has standard server now.

The real trick is getting them to talk about their goals. Going "cloud" or "Microsoft" aren't business goals, those are means, not ends. So we have no idea what they are trying to do, only how they think they will do it.

It's like stating your goal as "using a hammer" without stating why or to accomplish what. A hammer is reasonable, maybe. But just knowing it's a hammer, you can't go any further without just making up what they might want to accomplish.

I am currently using ZT to Route between my various networks, like a Site-to-Site VPN. It can be a pain to set up, but once it's up and going, it's great!

@gjacobse said in UBNT EdgeRouter Lite; Performance:

Performance seems best with Upload set and download off....

Those numbers seem about right for a EdgeRouter Lite. If you need QoS enabled for download, you'll either need to upgrade or just live with the slowdown.

@scottalanmiller said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

@scottalanmiller said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

OK, if you are not running apache or nginx, you should install the php-cli package instead.

So that seems to get installed anyway as a dependency on its own.

Yes, it does. But by using the php package and not php-cli, you probably got apache installed on your system as well - by dependencies.

You could find out by running: apt list --installed | grep apache

Or systemctl status apache2 to see if it's running.

Even if it was, Laravel uses Artisan's server.

I'm guessing they are invoking php's built-in webserver.

Regardless, the point is that if you swap php to php-cli in your install guide you don't get apache and other stuff you don't need.

Still nothing?