@Jimmy9008 test or demo environments should never be any less secure than production.

@Dashrender said in Obtaining hardware from terminated remote employee:

@scottalanmiller said in Obtaining hardware from terminated remote employee:

@Pete-S said in Obtaining hardware from terminated remote employee:

@stacksofplates said in Obtaining hardware from terminated remote employee:

@Pete-S said in Obtaining hardware from terminated remote employee:

@StorageNinja said in Obtaining hardware from terminated remote employee:

@JaredBusch said in Obtaining hardware from terminated remote employee:

Hardware is not worth the fucking time to get back.

If the company thinks wasting man hours on that is a good idea the company is insane

While I largely agree, our R&D laptops are ~2-3K a pop. (fully max spec' MPB or XPS with onsite repair agreements).

I did hear we have started on the Mac's using DEP, so the device will auto-enroll in MDM even if the device is wiped.
https://support.apple.com/en-us/HT204142

Makes no sense developing on a laptop IMHO - unless you're talking about another kind of R&D in another field.

On our team we remote into development servers and all development and testing is run there. Which means the computer you're actually sitting in front of just needs to be able to run a browser, rdp, ssh etc. So any machine suitable for general office work would get the job done. So no 2-3K laptops needed for development, even if that is not the primary reason. I kind of assumed everyone worked that way but haven't actually given it much thought until now.

I haven't really seen anyone do this other than CAD work. Everywhere I've been it's local development, possibly using Eclipse Che or Coder or something for a remote IDE but still local.

VSCode and JetBrains tools allow you to include your development environment in a container. So when you open the project it will open inside of a container with all of the dependencies included. That's the best workflow ive seen so far.

I believe you and find it very interesting. Wov. If that's how most people work, I'm just blown away. I assumed everyone was remote and had full on development and test environments at their disposal.

Mirrors what I've seen. What little bit I've seen it seems that development remains more often local than remote.

ChromeOS seems to encourage away from that, but not many devs using that.

it's like the LANLess idea, great idea, rarely implemented

If by LANless you mean a Zero Trust Architecture, then it's more than an idea.... it's widely implemented, and proven as one of the most effective methods of security. There are large global enterprises everywhere who have already adopted and implemented it. There are many others who are currently implementing it, and there are many planning to.

It's the only true path forward. Those who don't adopt Zero Trust Architecture, will surely end up wishing they had.

@Pete-S said in Looking at Atom and VS Code:

VS Code and Atom unfortunately isn't versatile enough for my needs I have to look elsewhere.

Nothing wrong with finding the right one for your personal needs. G/l

I went with the lowest tier Spectrum 200/20 for now. Once T-mobile shows support for the address I'll consider that. I hate the 20 upload, that's just weird, but whatever. 200 should work for now, if not upgrading is easy.

@DustinB3403 said in What do you use to manage multiple Linux servers?:

@black3dynamite said in What do you use to manage multiple Linux servers?:

@travisdh1 said in What do you use to manage multiple Linux servers?:

Ansible and salt are my first two choices. Cockpit can work as well, but not as easily centrally managed.

Fedora gets all the love when it comes to having the latest version of Cockpit too.

Technically you could install the latest version of Cockpit on any distro.....

Just because something may be supported, doesn't imply that it is support.

The issue is that the only way to access the Win10 VM in Azure is via RDP. So when you wipe it, you wipe the ability to reconnect to the VM to do anything at all (I assume). This has nothing to do with Intune.

I've been managing Intune a few years and never have I wanted to test on an Azure VM. Do it locally on your device via Hyper-V or whatever you want to use. You can grab the hash of the VM and import it into Intune Autopilot before you even install Win10 on the VM. So by the time install is done, you're ready to rock and roll.

@manny2375 said in Azure VM + Intune Autopilot:

@obsolesce thanks I know this method works unfortunately this specific client doesn’t want anything onpremise other than networking equipment and thin clients. The autopilot feature would have been nice on azure vm though.

Everything you are trying to do Microsoft is telling you not to do.

Read the last part especially:

@dustinb3403 said in ESXi VMware ESXTOP:

@pete-s Yeah I saw that, but this won't output just the specific detail I'm looking for. It will output everything (and essentially bloat the logs).

I saw the same thing.

Thanks though

Make the script a two step process until you can figure it out.

1. Dump it all to CSV.
2. Then have the script remove unneeded data from CSV.

@dashrender said in Resize Linux VM Ext4 File System Proxmox:

@marcinozga said in Resize Linux VM Ext4 File System Proxmox:

@dashrender said in Resize Linux VM Ext4 File System Proxmox:

@marcinozga said in Resize Linux VM Ext4 File System Proxmox:

I see few issues above.

• LVM is not a filesystem.
• You don't need to shutdown VM to extend its disk size.
• You don't need to boot from any installer CD to resize partitions, you can do it from within live system with fdisk, although if you have some unusual partition layout you're probably better off doing it offline.
• You can also extend filesystem on a live system, no need for shutdown.

I thought his approach was over cautious. Windows will allow you to extend any partition except the drive live, and I'm guessing you can likely extend even / live in Linux OSes.

Are you sure about extending c:? I've done it many times, on live systems. Although it was on bare metal desktops after cloning drive to a bigger one.

You did it live with windows tools? OK that would be a new one on me.

Also did it live on Linux as well in both cases.

@dashrender said in Resize Linux VM Ext4 File System Proxmox:

@marcinozga said in Resize Linux VM Ext4 File System Proxmox:

@dashrender said in Resize Linux VM Ext4 File System Proxmox:

@marcinozga said in Resize Linux VM Ext4 File System Proxmox:

I see few issues above.

• LVM is not a filesystem.
• You don't need to shutdown VM to extend its disk size.
• You don't need to boot from any installer CD to resize partitions, you can do it from within live system with fdisk, although if you have some unusual partition layout you're probably better off doing it offline.
• You can also extend filesystem on a live system, no need for shutdown.

I thought his approach was over cautious. Windows will allow you to extend any partition except the drive live, and I'm guessing you can likely extend even / live in Linux OSes.

Are you sure about extending c:? I've done it many times, on live systems. Although it was on bare metal desktops after cloning drive to a bigger one.

You did it live with windows tools? OK that would be a new one on me.

I've done it lots of times on C for physical and virtual using built in tools. That's not a new one.

@jaredbusch said in Office chair suggestions?:

You sit in these things for hours a day, you want something high quality.

This. I went through some serious back issues last year and got a good chair by order of the doctor.

You want lumbar support for sure, and a chair with all the proper adjustments all around.

There's videos on YouTube for properly adjusting your office chair so I won't get into that.

Also, ideally, a sit/stand desk because getting up frequently or at minimum changing your sitting position is important.

These things helped heal my back so I know it works. It's also the way to go to prevent back injury or issues later due to improper office ergonomics.

@pete-s yeah it's been a thing now for like 2 years now. Many have been using it and following it.

No more having to go into control panel...

@travisdh1 said in Audit for Saved Credentials on Windows:

After getting the stored credentials, getting rid of them is easy enough Remove-StoredCredential -Target CredentialName.

Right, there you need to know the exact name of the target to remove it, which you can't obtain with just the module itself. So instead of installing a 3rd party module and having to use the cmdline tool anyways, best to just use the one that does it all.

Unless of course every machine you are searching uses the exact same known target, and they don't differ in any way, which is very unlikely. One target may be \\server\folder1, another might be \\server\folder2 and then it would start missing removals.

Using the cmdline tool, you can get a list of all targets, and match all those that have just \\server and remove them, without the requirement of using a 3rd party module.

There's isn't a good way to manage the Windows Credential Manager via PowerShell with built-in cmdlets, or the CredentialManager module unless you know what you're looking for, so a more reliable way to do it if you don't, is with the command-line utility cmdkey.exe.

I came up with some quick scratch-work to show an example, which gets the job done in my testing, but I have no mapped drives so I couldn't do a proper test.

# $targetMatch = '\\servername'
$targetMatch = 'TESTTEST'

$cmdkeyList = ((cmdkey.exe /list) | Where-Object {$_ -match "Target:"}) -replace "\s\s\s\s"
foreach ($line in $cmdkeyList) {
    $target = ($line -split 'target=')[1]
    if ($target -match $targetMatch) {
        Write-Host "`nRemoving stored credential target: [$target]"
        cmdkey.exe /delete:$target
    }
}

An XPS with Ubuntu is very hard to beat for work. I used to have a setup like that. My needs changed lately and now is most efficient to run Win10/11, however, possibly 2nd quarter next year I'll be back to running Ubuntu mainly after I finish some Windows related projects.

@pete-s said in sudo problems:

And it feels insecure to simply remove the password requirement.

The beauty of cert based auth.

But really, any account that isn't allowed to sudo couldn't do it anyways. That sudo doesn't require a pw doesn't matter. Just like in Windows, if you don't have local admin privileges, UAC doesn't matter... unless you have the credentials of or access to an account that does.

@ccwtech said in Windows Defender Application Control:

Has anyone played with Windows Defender Application Control, specifically Group Policy to turn it on for each workstation?

I have a request from a client to do this, but I am very leery of using group policy for something like this.

Are they all running Win 10 Enterprise?

@dustinb3403 said in Checking multiple Directories to confirm all files are identical:

I know I could use a tool like Create-Synchronicity to force 1 other directory to match the source, but I would prefer to find and list the differences in the directories.
Maybe powershell can help?

Yeah, PowerShell can help with this in the same way closing the front door of a house will fix a fire inside of it.

@callimarie said in Run virt-manager on Windows 10:

uhh i keep getting this error "The libvirtd service does not appear to be installed. Install and run the libvirtd service to manage virtualization on this host."

So did you do what it said?