Pretty much all of my Azure experience is just in using Azure Virtual Machine for dev/test scenario stuff. I do have a free website deployed on a subscription because hey, $0 hosting, but it is barebones as heck.
The things you could do through Azure Management Portal (like creating Cloud Services etc.) can essentially be done through Azure Service Management API. Management certificates are one way of authenticating your Service Management API requests: http://msdn.microsoft.com/en-us/library/azure/ee460782.aspx#bk_cert.
There are many reasons that these certificates are created automatically. Some of them are:
Whenever you download a publish setting file, a new management certificate is created.
If you try to connect to your cloud service VM via RDP through portal, if you don't pay attention, a new certificate is created for RDP. I'm not 100% sure but same thing happens when you update Azure Diagnostics as diagnostics is again an extension.
Out of curiosity, what local user group do you guys put your users in? Initially, I put everyone in the Power Users group when we migrated to Windows 7. It seemed to do what I wanted by limiting their ability to install anything or access things like services or the registry without admin credentials.
While I agree that being insensitive is an issue, so is being oversensitive.
I just give them local admin and if they fuck anything up badly enough then it's their fault. I don't want to spend 3/4 of my day running around installing shit for people.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
We removed local admin permissions because people were being stupid and I was spending too much time fixing the shit they fucked up. It turned out to be a good thing because if their machine is compromised, there is limited access.
In addition, it means we know damn well what they are installing on their machines and when. We have one guy who is head of sales (also an executive) that is crazy tech savvy; we basically aren't allowed to control his laptop. He had a tendency to tell his staff to install software without notifying us. We'd get these calls about software we weren't aware that was even on our network, so it caused undue stress. Reducing privileges proved to be quite helpful for us. We have less than 50 users, so I'd rather deal with entering in admin credentials over potential issues with allowing them to fuck up their systems.
Le_Goat on
While I agree that being insensitive is an issue, so is being oversensitive.
Installing Windows Server 2012 without making it a domain controller - is this possible? I have Google'd it and every search just ignores the keyword of NOT or WITHOUT and shows me how to join a domain instead.
One of our products is being shipped with a server and 2 client systems for the buyer to use. The engineers requisitioned the server without an OS and got an HP server that does not support Windows 7, only a Server OS. I installed 2012 R2 Essentials no problem but it forces you to make it a domain controller which is the problem since the software that our products runs off of requires LOCAL administrator rights in order to run, and it doesn't work properly with the Domain rights.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
The server and 2 clients are to be on their own closed network. If the server can be set as not a domain controller then I can just workgroup it with the clients and their software will work properly.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
I just give them local admin and if they fuck anything up badly enough then it's their fault. I don't want to spend 3/4 of my day running around installing shit for people.
The caveat being you run around spending 3/4 of your day reimaging FUBARd desktops.
I make everyone the most limited I can make them.
I give special permissions to two sets of people because they have analyzer equipment that connect to their workstations and they have a high turnover rate so I just gave them a single username they all share for that equipment. Those are local admins because of it.
The rest are super fucked because I will reign down the worst devastation to them if they ask me to install shit on their computer. Thunderbird, chrome, and remote desktop, there, that's all you need, good day.
I SAID GOOD DAY.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
I just give them local admin and if they fuck anything up badly enough then it's their fault. I don't want to spend 3/4 of my day running around installing shit for people.
The caveat being you run around spending 3/4 of your day reimaging FUBARd desktops.
I make everyone the most limited I can make them.
I give special permissions to two sets of people because they have analyzer equipment that connect to their workstations and they have a high turnover rate so I just gave them a single username they all share for that equipment. Those are local admins because of it.
The rest are super fucked because I will reign down the worst devastation to them if they ask me to install shit on their computer. Thunderbird, chrome, and remote desktop, there, that's all you need, good day.
I SAID GOOD DAY.
You should be thankful I fucking allow you to right click.
We have 25 engineers that all have software that updates multiple times a year so spending a week of work installing updates constantly is more work than a 1 hour reimage if they did something stupid and blew their computer up.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
The server and 2 clients are to be on their own closed network. If the server can be set as not a domain controller then I can just workgroup it with the clients and their software will work properly.
Installing Windows Server 2012 without making it a domain controller - is this possible? I have Google'd it and every search just ignores the keyword of NOT or WITHOUT and shows me how to join a domain instead.
One of our products is being shipped with a server and 2 client systems for the buyer to use. The engineers requisitioned the server without an OS and got an HP server that does not support Windows 7, only a Server OS. I installed 2012 R2 Essentials no problem but it forces you to make it a domain controller which is the problem since the software that our products runs off of requires LOCAL administrator rights in order to run, and it doesn't work properly with the Domain rights.
Then you really shouldn't be using Essentials. The Essentials version is basically an all-in-one product meant to provide Active Directory/backup/cloud services/remote access/etc to a small office (<25 users) with a single server. It's the updated version of Small Business Server. That's why it wants you to setup a Domain. From what you're describing, you should be using Server 2012 Standard (R2 if possible).
SiliconStew on
Just remember that half the people you meet are below average intelligence.
+4
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
I just give them local admin and if they fuck anything up badly enough then it's their fault. I don't want to spend 3/4 of my day running around installing shit for people.
The caveat being you run around spending 3/4 of your day reimaging FUBARd desktops.
I make everyone the most limited I can make them.
I give special permissions to two sets of people because they have analyzer equipment that connect to their workstations and they have a high turnover rate so I just gave them a single username they all share for that equipment. Those are local admins because of it.
The rest are super fucked because I will reign down the worst devastation to them if they ask me to install shit on their computer. Thunderbird, chrome, and remote desktop, there, that's all you need, good day.
I SAID GOOD DAY.
You should be thankful I fucking allow you to right click.
At my place we have about 300 users and they are almost all local admins. There are a few exceptions where people have been moved to limited access accounts for being idiots. I love to hear them complain, it might be what sustains me.
0
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
All this talk of everyone being local admins disturbs me. Can you not, at least give them two accounts with the instruction that using the local admin account for regular logon will be in breach of policy and may get it disabled?
Hell, I am pretty sure you could force logout after and hour or something. Only let them using it when installing things or when something has been coded poorly and needs admin accounts to work?
All this talk of everyone being local admins disturbs me. Can you not, at least give them two accounts with the instruction that using the local admin account for regular logon will be in breach of policy and may get it disabled?
Hell, I am pretty sure you could force logout after and hour or something. Only let them using it when installing things or when something has been coded poorly and needs admin accounts to work?
I thought people logging in as an admin privileged account stopped being bad once UAC became a thing?
Just set UAC via group policy so shit doesn't silently elevate itself.
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
+1
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
All this talk of everyone being local admins disturbs me. Can you not, at least give them two accounts with the instruction that using the local admin account for regular logon will be in breach of policy and may get it disabled?
Hell, I am pretty sure you could force logout after and hour or something. Only let them using it when installing things or when something has been coded poorly and needs admin accounts to work?
I thought people logging in as an admin privileged account stopped being bad once UAC became a thing?
Just set UAC via group policy so shit doesn't silently elevate itself.
Installing Windows Server 2012 without making it a domain controller - is this possible? I have Google'd it and every search just ignores the keyword of NOT or WITHOUT and shows me how to join a domain instead.
One of our products is being shipped with a server and 2 client systems for the buyer to use. The engineers requisitioned the server without an OS and got an HP server that does not support Windows 7, only a Server OS. I installed 2012 R2 Essentials no problem but it forces you to make it a domain controller which is the problem since the software that our products runs off of requires LOCAL administrator rights in order to run, and it doesn't work properly with the Domain rights.
Then you really shouldn't be using Essentials. The Essentials version is basically an all-in-one product meant to provide Active Directory/backup/cloud services/remote access/etc to a small office (<25 users) with a single server. It's the updated version of Small Business Server. That's why it wants you to setup a Domain. From what you're describing, you should be using Server 2012 Standard (R2 if possible).
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
Oh for fuck's sake... I'm getting really tired of users sending me marketing shit. No, we don't need to discuss telecom services with another vendor; we already have one. No, we have no plans to change our faxing service. No, we aren't going to switch internet providers.
I'm at the point of keeping a list of which users forward vendors to me so that I can do it right back to them and see how they like getting interrupted during the day with that bullshit.
While I agree that being insensitive is an issue, so is being oversensitive.
Websense pestered us for months until the other IT guy sent them to me. I just wrote them and said we don't want their stuff that would cost thousands of dollars when we already use something that does the same thing for free.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
I saw that an internal IP was generating a lot of traffic through our proxy, so I pinged it using the -a switch. The result it came up with was some xxx.xxx.xxxx.xx.jp site. I stared at it wide-eyed, asking what the fuck Japan was doing inside our network and how that was possible. Then I realized I had entered 182 instead of 192. Panic subsided.
While I agree that being insensitive is an issue, so is being oversensitive.
It disappoints me when family asks for computer advice on what to buy and ask for which Macbook is the best, I give them options that cost 50% of what the Mac does and has much better specs and they go and spend $1300 on the Mac anyway...
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
Donovan PuppyfuckerA dagger in the dark isworth a thousand swords in the morningRegistered Userregular
Because Macs just work, man. Now, are they going to buy an Appletv, and a new iPhone, and an iPad to round out their home IT ecosystem?
0
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
The question of which macbook is best is a weird one:
The most expensive one in the size that you want is the best.
Which one is the best value is a separate question and they should be hit on the nose with a rolled up mousepad.
0
Options
mojojoeoA block off the park, living the dream.Registered Userregular
So i got a call back on that networking job. gotta second interview / practical assessment type deal.
Brushing up on my switches and routers all weekend and Endpoint BGP implementation.
For the average company just adding an endpoint (they dont own like service provider level routers and topologies.... they buy a line out side and need it in) im guessing the service provider gives you an AS number and an IP that gets you back home. You just have to plug those into the far end bgp and advertise the network on that end. Or so I hope... any network guys confirm my thoughts on that?
Chief Wiggum: "Ladies, please. All our founding fathers, astronauts, and World Series heroes have been either drunk or on cocaine."
Because Macs just work, man. Now, are they going to buy an Appletv, and a new iPhone, and an iPad to round out their home IT ecosystem?
PCs just work, too, so that argument is moot. If you have a bunch of Apple stuff already, then yeah, it totally makes sense to go the Mac route if you can afford it, because their products work amazingly well together. Why? Because there is only one manufacturer, which is also the reason why they are so expensive.
While I agree that being insensitive is an issue, so is being oversensitive.
She has a Samsung Galaxy phone and no tablet so the Apple reasoning doesn't fit. Apparently she wanted it to be "mobile" so the 13" screen was nice. The main reason for it is apparently photo editing, I guess she doesn't know that Photoshop works on Windows. Meh, not my money being wasted.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
The thing about the MacBook air is, can you get an equivalent or better spec that weighs equal to or less than the mba without costing as much?
Does the weight really justify the cost? It's just kind of crazy to me how much people are willing to pay for just a wee bit more convenience, like half a pound less weight.
In all fairness, I'm also the type who got an extended battery for my phone partly for the extra battery life but even more for the added weight because I don't like a $600+ device being so light and fragile-feeling. The added weight sits better in my hands and makes it easier to not fly out of my hand when I pull it out of my pocket.
EDIT: Wait, Mac AirBooks only have a dual-core CPU? $1,200 for a dual-core? Quad, yeah I can start to understand the price. Over a grand for a dual-core, and you're paying for the already-bitten-into fruit logo.
Le_Goat on
While I agree that being insensitive is an issue, so is being oversensitive.
Posts
http://stackoverflow.com/questions/27028483/purpose-of-azure-management-certificates
In addition, it means we know damn well what they are installing on their machines and when. We have one guy who is head of sales (also an executive) that is crazy tech savvy; we basically aren't allowed to control his laptop. He had a tendency to tell his staff to install software without notifying us. We'd get these calls about software we weren't aware that was even on our network, so it caused undue stress. Reducing privileges proved to be quite helpful for us. We have less than 50 users, so I'd rather deal with entering in admin credentials over potential issues with allowing them to fuck up their systems.
One of our products is being shipped with a server and 2 client systems for the buyer to use. The engineers requisitioned the server without an OS and got an HP server that does not support Windows 7, only a Server OS. I installed 2012 R2 Essentials no problem but it forces you to make it a domain controller which is the problem since the software that our products runs off of requires LOCAL administrator rights in order to run, and it doesn't work properly with the Domain rights.
The caveat being you run around spending 3/4 of your day reimaging FUBARd desktops.
I make everyone the most limited I can make them.
I give special permissions to two sets of people because they have analyzer equipment that connect to their workstations and they have a high turnover rate so I just gave them a single username they all share for that equipment. Those are local admins because of it.
The rest are super fucked because I will reign down the worst devastation to them if they ask me to install shit on their computer. Thunderbird, chrome, and remote desktop, there, that's all you need, good day.
I SAID GOOD DAY.
You should be thankful I fucking allow you to right click.
Then you really shouldn't be using Essentials. The Essentials version is basically an all-in-one product meant to provide Active Directory/backup/cloud services/remote access/etc to a small office (<25 users) with a single server. It's the updated version of Small Business Server. That's why it wants you to setup a Domain. From what you're describing, you should be using Server 2012 Standard (R2 if possible).
Apply epoxy underneath right mouse button.
SUCK IT USERS
Hell, I am pretty sure you could force logout after and hour or something. Only let them using it when installing things or when something has been coded poorly and needs admin accounts to work?
I thought people logging in as an admin privileged account stopped being bad once UAC became a thing?
Just set UAC via group policy so shit doesn't silently elevate itself.
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Thanks, I'll check it out today.
Same.
The only issue you really come across with UAC is video games. Guess what people shouldn't be installing?
Business software is to the point where I can go "Sorry your software doesn't secure customer/patient data, we can't use it. Fix it and we'll talk."
The good news is that in three months the accounting software is going away.
I'm at the point of keeping a list of which users forward vendors to me so that I can do it right back to them and see how they like getting interrupted during the day with that bullshit.
The most expensive one in the size that you want is the best.
Which one is the best value is a separate question and they should be hit on the nose with a rolled up mousepad.
Brushing up on my switches and routers all weekend and Endpoint BGP implementation.
For the average company just adding an endpoint (they dont own like service provider level routers and topologies.... they buy a line out side and need it in) im guessing the service provider gives you an AS number and an IP that gets you back home. You just have to plug those into the far end bgp and advertise the network on that end. Or so I hope... any network guys confirm my thoughts on that?
Thank god for Google. Three beeps at startup? Ram problems. Reseated the ram and it is good to go and I got some free beer for the work.
Nintendo Network ID: AzraelRose
DropBox invite link - get 500MB extra free.
In all fairness, I'm also the type who got an extended battery for my phone partly for the extra battery life but even more for the added weight because I don't like a $600+ device being so light and fragile-feeling. The added weight sits better in my hands and makes it easier to not fly out of my hand when I pull it out of my pocket.
EDIT: Wait, Mac AirBooks only have a dual-core CPU? $1,200 for a dual-core? Quad, yeah I can start to understand the price. Over a grand for a dual-core, and you're paying for the already-bitten-into fruit logo.