We hired a guy a while ago and he complains and creates tickets for the dumbest shit. We just had a fire drill so he decides to brush up on the action plan and submitted a ticket saying we hadn't made any changes or reevaluated our action plan in 3 years (since we built our new building) and we should really be updating it yearly.
Now I've got a ticket saying microsoft project got removed from all of our conference room pcs and it needs to be fixed immediately so he can go over documents during meetings.
Project has never been in our conference rooms, and he's basically saying we need to add another 30k to our yearly IT budget so he can use project in the conference rooms. Instead of remote desktop like everyone else.
So... Do I email him and tell him to use remote desktop, or do I inform him if he can get me a PO signed by his boss and department head for 30,000 annually to his department I'll get right on it?
I'm happy that one of my coworkers takes glee in telling our users that that aren't licensed and aren't getting the software they want.
That's like, most of his job these days. Pulling unlicensed installs and charging shit to any cost center but IT's.
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
"Did you know that you have 25 illegal installs of Windows XP and office? We can certainly help you but it'd be a shame of microsoft decided to do an audit here..."
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
I would love that job. Let me shit on companies who then turn around and say "but that's too expensive and we needed it to run blah blah blah"
And I'll reply, "that's just the cost of doing business in a capitalist society, now I suggest buying directly through us today, or you can put it off until you get audited, but either way, you're going to need a new Office" 8-)
Bendery It Like Beckham on
+3
Options
KakodaimonosCode fondlerHelping the 1% get richerRegistered Userregular
I feel sorry for any admins at a school or university.
I mean, it's as much as a security threat as one of these babies:
if someone wants to fuck up a machine via the USB ports they don't need a $60 usb toy, all they need is to jab a screwdriver into it.
Aioua on
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
+4
Options
KakodaimonosCode fondlerHelping the 1% get richerRegistered Userregular
So how does one stop this? Disable USB in the BIOS or something?
I don't even know if that would fix it.
We used to be told to hotglue the USB ports to prevent USB keys. But USB is common for all peripherals so you can't even do that anymore.
The used to sell lockable cages for the back of computers on certain HP/Dell models I think, maybe those will make a comeback.
Yeah. You'd need to physically disconnect the USB ports. Using a USB hub might work and you'd just lose the hub. Even use fuses wouldn't work since it's a voltage spike. You'd need something like a crowbar circuit to handle it.
It still doesn't work and I hate it, just 25% of the time instead of 65% of the time.
Fuck off with that. Kaseya is awesome. We use it at our office. What's the problem you're having?
With Kaseya? When we were still using it, there were recurring issues with Kaspersky breaking and requiring reinstallation (and scheduling reboots across ~5000 endpoints). Patching and alerting just sometimes didn't work at all. The UI was awful and slow, making it a real pain to design reports or add new policies, etc.
Like I said, Labtech also has some really dumb problems to it, but after a year of telling Kaseya "fix your shit or we're out", we didn't have much choice.
start my new job tomorrow, after a week off. Both things that are nice. Hadn't had any time off since July so I was due, and cannot explain how hopeful I am that the new job will be less of a clusterfuck than the last one.
start my new job tomorrow, after a week off. Both things that are nice. Hadn't had any time off since July so I was due, and cannot explain how hopeful I am that the new job will be less of a clusterfuck than the last one.
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
Aioua on
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
wouldn't have had that issue if you had read the install guide.
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
Is there some reason you need it to run as a Scheduled Task vs a Startup/Logon/Logoff/Shutdown script (Computer Configuration or User Configuration -> Policies -> Windows Settings -> Scripts)?
Otherwise, you need to actually specify the account to run it under (and for a GPO that's almost never the %LogonUser% default) for the first problem, and there's a checkbox on the first tab to "run whether the user is logged on or not" to fix the second problem.
The NETWORK SERVICE account is a builtin account that has lower privileges like a logged in standard user, but authenticates to network resources using the computer's account.
The LOCAL SERVICE account is a builtin account that has lower privileges like a logged in standard user, but authenticates to network resources anonymously.
The SYSTEM account is a builtin account that has access to everything on the computer, and authenticates to network resources using the computer's account.
SiliconStew on
Just remember that half the people you meet are below average intelligence.
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
Is there some reason you need it to run as a Scheduled Task vs a script (Computer Configuration or User Configuration -> Policies -> Windows Settings -> Scripts)?
Because my users are all remote, so I need the script to run when group policy runs. At Startup/Logon/Logoff/Shutdown the VPN won't be connected and the script will fail.
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
Is there some reason you need it to run as a Scheduled Task vs a script (Computer Configuration or User Configuration -> Policies -> Windows Settings -> Scripts)?
Because my users are all remote, so I need the script to run when group policy runs. At Startup/Logon/Logoff/Shutdown the VPN won't be connected and the script will fail.
Fair enough. There are ways around that too, but I doubt you want to go down that rabbit hole either.
Just remember that half the people you meet are below average intelligence.
Ugh, see, this is why I didn't want to make a script.
Task Scheduler did not launch task "" because user "BUILTIN\BUILTIN" was not logged on when the launching conditions were met. User Action: Ensure user is logged on or change the task definition to allow launching when user is logged off.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
Is there some reason you need it to run as a Scheduled Task vs a script (Computer Configuration or User Configuration -> Policies -> Windows Settings -> Scripts)?
Because my users are all remote, so I need the script to run when group policy runs. At Startup/Logon/Logoff/Shutdown the VPN won't be connected and the script will fail.
Fair enough. There are ways around that too, but I doubt you want to go down that rabbit hole either.
Oh yeah getting them on VPN for logon is not happening. I have ways to make it happen when some policy *needs* to apply during login but getting it to be an every time thing is right out.
Maybe someday I'll work somewhere with azure AD (and it'll be good) and remote users will cease to be a headache.
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
The secret is that windows task scheduler is actually fucking terrible.
I'm pretty sure the only updates to task scheduler since Vista have been to remove features that had security holes.
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
0
Options
lwt1973King of ThievesSyndicationRegistered Userregular
The secret is that windows task scheduler is actually fucking terrible.
I'm pretty sure the only updates to task scheduler since Vista have been to remove features that had security holes.
Oh look, guess what I had to manually start last night at 8:30? Could it be a task that our software provider created to run every hour and it broke for the second time?
"He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
So after 2 days on the new job I can see why I was hired. I was poking around the exchange server today, and I can honestly say I'm not 100% sure how the setup they have is actually delivering mail to people. The system mailboxes are.... missing. There's a lot of things i have some experience with that I'll be needing to look at and fix up.
So far so good though. Seems like a good group, there's lots of interesting stuff that I think I'll be taking on, and best of all, I seem to have co-workers that are interested in interacting with each other.
This is also a weird sensation for me, because in my prior jobs while the teams were small and it was less about who the senior/junior people were, I am absolutely not the juniorr guy on the team. And in fact by the end of January there will be 2 people junior to me on the team that I'll be working with and leading initiatives for.
And we have an IT budget! You have no idea how odd it is to be excited for the fact that the department I work in has a budget.
"It's a miracle this is even working" can be a bit of a double edged sword at a new job. If you can definitively say "this is how it should work and here's what to change" then you get to look good, but the first time something breaks and someone says "can you just make it work like it did before?" you're boned because you don't know the Black Incantations the last guy used to send email across the Neganet.
That weird feeling where I'm bitching at a website, then remember that it's probably down due to changes to changes to the network my department asked for.
"It's a miracle this is even working" can be a bit of a double edged sword at a new job. If you can definitively say "this is how it should work and here's what to change" then you get to look good, but the first time something breaks and someone says "can you just make it work like it did before?" you're boned because you don't know the Black Incantations the last guy used to send email across the Neganet.
Aahhh. The good old Install Guideonomicon.
"That is not broken which can eternal crash. And with strange aeons even the mail server may work."
Seidkona on
Mostly just huntin' monsters.
XBL:Phenyhelm - 3DS:Phenyhelm
So after 2 days on the new job I can see why I was hired. I was poking around the exchange server today, and I can honestly say I'm not 100% sure how the setup they have is actually delivering mail to people. The system mailboxes are.... missing. There's a lot of things i have some experience with that I'll be needing to look at and fix up.
So far so good though. Seems like a good group, there's lots of interesting stuff that I think I'll be taking on, and best of all, I seem to have co-workers that are interested in interacting with each other.
This is also a weird sensation for me, because in my prior jobs while the teams were small and it was less about who the senior/junior people were, I am absolutely not the juniorr guy on the team. And in fact by the end of January there will be 2 people junior to me on the team that I'll be working with and leading initiatives for.
And we have an IT budget! You have no idea how odd it is to be excited for the fact that the department I work in has a budget.
Oh, I have an acute understanding of why you'd be excited about having an IT budget.
Something has been bothering me for a couple days, and it just occurred to me what it is. On Friday I had to replace a hard drive at a client site. Had to wait for the drive to show up from Dell via courier. All very normal. We usually get our courier delivers around 2:30 and at 2:35, I'm sitting back in the engineers' room killing time, and the door a good 10 feet away from me opens. It's the office manager. He has the drive, in a box.
Posts
Now I've got a ticket saying microsoft project got removed from all of our conference room pcs and it needs to be fixed immediately so he can go over documents during meetings.
Project has never been in our conference rooms, and he's basically saying we need to add another 30k to our yearly IT budget so he can use project in the conference rooms. Instead of remote desktop like everyone else.
So... Do I email him and tell him to use remote desktop, or do I inform him if he can get me a PO signed by his boss and department head for 30,000 annually to his department I'll get right on it?
That's like, most of his job these days. Pulling unlicensed installs and charging shit to any cost center but IT's.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
I loved shitting all over people back when I did that at shitco
And I'll reply, "that's just the cost of doing business in a capitalist society, now I suggest buying directly through us today, or you can put it off until you get audited, but either way, you're going to need a new Office" 8-)
https://www.usbkill.com/usb-killer/8-usb-killer.html
Every program was once on every computer until a user logged on and it wasn't.
I feel like some users come in looking for the software they had in their last fever dream.
So how does one stop this? Disable USB in the BIOS or something?
*Edit*
Who needs USB keyboards and mice? We should interact with the computer on a molecular level.
I don't even know if that would fix it.
We used to be told to hotglue the USB ports to prevent USB keys. But USB is common for all peripherals so you can't even do that anymore.
The used to sell lockable cages for the back of computers on certain HP/Dell models I think, maybe those will make a comeback.
if someone wants to fuck up a machine via the USB ports they don't need a $60 usb toy, all they need is to jab a screwdriver into it.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Yeah. You'd need to physically disconnect the USB ports. Using a USB hub might work and you'd just lose the hub. Even use fuses wouldn't work since it's a voltage spike. You'd need something like a crowbar circuit to handle it.
Schrodinger's App?
With Kaseya? When we were still using it, there were recurring issues with Kaspersky breaking and requiring reinstallation (and scheduling reboots across ~5000 endpoints). Patching and alerting just sometimes didn't work at all. The UI was awful and slow, making it a real pain to design reports or add new policies, etc.
Like I said, Labtech also has some really dumb problems to it, but after a year of telling Kaseya "fix your shit or we're out", we didn't have much choice.
Don't forget your install guides.
Also steal their liquor, and serve them shots in return for fealty.
I mean, they're IT workers, this is their carrot.
What
the fuck does that even mean I used all the goddamn defaults you piece of shit
EDIT: apparently changing the run-as user to NT AUTHORITY\Network Service makes it run as the computer account?
cause that makes sense
at least it's working
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
XBL:Phenyhelm - 3DS:Phenyhelm
wouldn't have had that issue if you had read the install guide.
Is there some reason you need it to run as a Scheduled Task vs a Startup/Logon/Logoff/Shutdown script (Computer Configuration or User Configuration -> Policies -> Windows Settings -> Scripts)?
Otherwise, you need to actually specify the account to run it under (and for a GPO that's almost never the %LogonUser% default) for the first problem, and there's a checkbox on the first tab to "run whether the user is logged on or not" to fix the second problem.
The NETWORK SERVICE account is a builtin account that has lower privileges like a logged in standard user, but authenticates to network resources using the computer's account.
The LOCAL SERVICE account is a builtin account that has lower privileges like a logged in standard user, but authenticates to network resources anonymously.
The SYSTEM account is a builtin account that has access to everything on the computer, and authenticates to network resources using the computer's account.
Because my users are all remote, so I need the script to run when group policy runs. At Startup/Logon/Logoff/Shutdown the VPN won't be connected and the script will fail.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Fair enough. There are ways around that too, but I doubt you want to go down that rabbit hole either.
Oh yeah getting them on VPN for logon is not happening. I have ways to make it happen when some policy *needs* to apply during login but getting it to be an every time thing is right out.
Maybe someday I'll work somewhere with azure AD (and it'll be good) and remote users will cease to be a headache.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
I'm pretty sure the only updates to task scheduler since Vista have been to remove features that had security holes.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Oh look, guess what I had to manually start last night at 8:30? Could it be a task that our software provider created to run every hour and it broke for the second time?
So far so good though. Seems like a good group, there's lots of interesting stuff that I think I'll be taking on, and best of all, I seem to have co-workers that are interested in interacting with each other.
This is also a weird sensation for me, because in my prior jobs while the teams were small and it was less about who the senior/junior people were, I am absolutely not the juniorr guy on the team. And in fact by the end of January there will be 2 people junior to me on the team that I'll be working with and leading initiatives for.
And we have an IT budget! You have no idea how odd it is to be excited for the fact that the department I work in has a budget.
Aahhh. The good old Install Guideonomicon.
"That is not broken which can eternal crash. And with strange aeons even the mail server may work."
XBL:Phenyhelm - 3DS:Phenyhelm
Oh, I have an acute understanding of why you'd be excited about having an IT budget.
Finally, we're looking into one as the boxes of documents are getting into crazy territory.
He throws it to me.