Can't you give Mandrill your DKIM private key? Of course that's probably not wise. In which case I'd setup a sister domainname for this purpose.

DKIMs seem interesting. Though without Secure DNS I'm not sure what good it really does, the Public Key listed in non Secure DNS can be spoofed by a MITM attack - though I'm not sure how much of a real concern that is.

@anonymous said:

@scottalanmiller That's the whole reason I want DNS setup. I want to be able to SSH by hostname, not IP address, however I guess your right, maybe I just need to setup the host names on the jumpbox.

that's all that I do. Maintain the /etc/hosts file and I never run into a need to use IP Addresses since I don't SSH from random box to random box.

@pchiodo said:

@scottalanmiller We were attempting "NSLOOKUP 172.16.2.110" and receiving the stated error. As per my previous response, I think we got it fixed by adding the reverse lookup zone, and allowing it time to propagate.

Interesting.. for some reason I thought you were trying to NSLOOKUP using the client as a DNS server, which of course would fail.

Well it only took nearly all day to understand what @johnhooks and @scottalanmiller where talking about... but now I do.

It works because the RDS client is not pointing to yourservername.domain.com or even your internal IP address.

Instead the RDS client is told to use localhost or 127.0.0.1. The local machine then, through a forwarder put in place by PuTTY sends all traffic destine for PuTTY assigned port to PuTTY and PuTTY forwards the traffic over the tunnel to port 3389 at the address set in the SSL -L command previously run.

OK I understand.
THANK the Maker! -C3P0

@scottalanmiller You should also include cloud-init

https://cloudinit.readthedocs.org/en/latest/

Well this saga isn't over yet.

My old Windows 2008 R2 KMS server is still up and running, has KMS installed, but is NOT published in DNS - I've confirmed this.

But when I went to a computer and ran

cscript slmgr.vbs /ato

to force a re-registration, it still registered with the old server.

Now I've disabled the port (1688) on the old server. Now to see how the client PCs handle that.

@scottalanmiller said:

@JaredBusch said:

Why would you replicate their content on this forum why not just link to their articles of the people can read

There is both, the link is in the first line.

I never said there was no link.

You are the one advocating people not post content twice to get traffic in the desired place yet you break that concept right here. Blatantly ripping the entire post.

I got these emails this morning that'll be something I work on tomorrow too busy at clients to do anything today

@Dashrender said:

What do you expect to happen? That DNS queries should all go to the DNS server provided by the VPN DHCP request?

That's the hope if it is working correct. The VPN client should set the IP address of the workstation with a VPN address and make the primary DNS entry be one that looks through the VPN to the AD DC / DNS server with internal resolution. If not, why not? If so, what IP gets returned. The right one? Or if the wrong one, why?

Good point, let's start a new topic on Split Horizon DNS. When to use it and if it makes sense in your case 🙂

@dafyre said:

Chances are if Linux can do it, it probably does it better than Windows, lol.

I would second that.

Adam - welcome to the community and overlay networking!

Not trying to hijack the thread as this appears to be a ZT feature request topic, but since Pertino has come up a number of times, here are the answers:

DNS: PITA. We solved it by using customer internal DNS in AD environments. This is a solution for many customers, but not the end all. Without some type of local integration, overlay networks can never really be used for an internal company network because protocols will not translate.

Free plans: all trials revert to a free network for up to 3 devices; existing free plans with more devices are still live - thanks beta testers! Take the class-action suit to LMI 😘

Chef/Puppet: you can automate Pertino installs with your orchestration tools. We even have a Docker compatible client for cloud-bursting, cross-DC networking

LDAP integration/custom UI: We've got some APIs already available, some in the works. Plan is to make it so if you don't want to, you never have to enter the Pertino console.

Best,
Josh

True. But a lot of email systems adopted the SPF record type and would not accept email from you if your system wasn't set up with one. I ran into that a few times before actually setting it up.

I always wondered why they just didn't use a TXT record for it, lol...

I see what you mean. And also, if you're making the change in the web.config, that should trigger an application restart anyway.

Something is preventing the pageSecurity object from being set. You could do a global text search for "pageSecurity" and find the code that sets it. That may be where the failure is happening.

Normally I would expect this to be caused by a missing security-related table, like Roles or something. But you said it was a full copy. You might want to double check.

Remember that "requesting email" is a completely illogical thing to do in a court if the goal was to see what had been said. Why would any court say "Show us all of the email communications that went through Exchange but don't show us the Lync messages, documents stored in other systems, contents of attachments, etc."

Of course they don't do that. That would be incredibly silly. They request categories like "all external communications", "all internal" or whatever it is they are looking for.

@nashbrydges said in Is it possible to get Hola VPN to work on a Chromecast or Amazon Fire TV?:

Are you having issues because of locality (videos only play based on your location)? If you have a server/PC at home running, would ZeroTier be a viable solution for this?

Nevermind. Re-read your original post. I clearly didn't pay attention.

Awesome, glad it worked.

My brother lives in Istanbul, what a crappy country.

http://www.mangolassi.it/topic/60/our-community-guidelines/2

It appears that I need to make some things clear in our guidelines once again. @thanksajdotcom especially please read these over again.