As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[SysAdmin] More like unItanium.

19394959698

Posts

  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    *notes to self*
    hvac/facilities/other IOT type items go on segregated subnet

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
    FeralbowenDarkewolfeCogFeldornInfidel
  • CogCog Registered User regular
    Feral wrote: »
    Cog wrote: »
    Also, one of my clients, a bank, frantically called us last week because they were completely offline.

    They had changed the IP address of their domain controller.

    After some investigation, it turns out they did this at the behest of their fucking HVAC guy.

    Apparently some of his shit wasn't getting DNS and rather than change the DNS servers in his equipment, he had them change the fucking IP address of the DC that was doing DNS.

    Words failed me.

    You made a change to your domain controller..... because the furnace repair guy told you to.

    If your HVAC vendor told you to stick your finger up your ass would you fucking do that too?

    I think my favorite part of this is how they only had one domain controller.

    I know, I know, not my call. Am currently using it as leverage to convince them on the need for a second.

    Feral
  • ArcSynArcSyn Registered User regular
    I'm curious if it was set to 192.168.1.1 as what the HVAC was looking for. :biggrin:

    VvG2Mux.png
    Feral
  • CogCog Registered User regular
    ArcSyn wrote: »
    I'm curious if it was set to 192.168.1.1 as what the HVAC was looking for. :biggrin:

    I assumed that was obvious. :razz:

    Feral
  • MugsleyMugsley Registered User regular
    Anyone interested in DOD IT?

    https://www.usajobs.gov/GetJob/ViewDetails/482432200

    It's in Philly, but hey, at least you get to project your sorrows and frustrations onto Santa every Christmas.

  • wunderbarwunderbar What Have I Done? Registered User regular
    So, this has been my day.

    We got our three managed copy machined changed out today, 2 B/W, one colour (only colour printer in the building). This is another discussion entirely, but for cost reasons, colour printing is restricted. Now, anyone who wants to can get the capability, but they have to ask, and have to be whitelisted. this is done on the copier, and isn't tied to AD in any way. you set up a username, a password, and then on on the local machine those credentials have to be input into a setting in the print driver, you change it from public, which can only print B/W, to authenticated, which gives you colour access. This also ensures that colour printing can be tracked by user, so if someone prints out 1000 colour flyers for their bake sale at home, we know who did it.

    Because of the new printer, it needed a new driver, obviously. When the driver pushed from the server to the local machines, it cleared the authentication setting for every user who had it. And it didn't just revert to public with B/W printing. It left it on authenticated, but cleared the fields. So anyone who had colour printing enabled was unable to print to that printer at all.

    The only way to "fix" it is to re-input the user/pass on each machine locally. We would have tried to get the users to do it themselves, except that the uernames/passwords weren't standardized, because of course they weren't. There have been 3-4 people who created these credentials through the years, and each person used different user/pass syntax, and there's no way to get the password, so it isn't what you think it is it has to be changed.

    So, our 2 desktop guys just spent an hour and a half going to about 50 users, trying the username and what we think/want the password syntax to be, and if it didn't work, called me, and I would change it in the printer admin page to what we want the syntax to be. They had to call me because only one admin instance can be logged into the printer's web interface at a time. So if one guy sat down to change the password, and the other one was logged in, he couldn't even get to the login screen.

    Oh and also if there was an active print/copy job, you can't change any settings until the job is finished.

    Oh and the scan to folder settings on another of the printers wasn't carried forward even though it was supposed to be. I now have to go in and set up each scan to folder (we have about 10) one at a time manually on that printer.

    Not like I wanted to do any real work today, right?

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • RadiationRadiation Registered User regular
    I thought it was in jobs thread in SE but it might have been in here. Was there someone doing basic user/cybersecurity training for non-IT folk in here a while back? I have some questions for that person.

    Also anyone near Herndon, VA and have some decent computer experience want a job supporting the DoD as Tier 3 support on a network scanning tool? I think the position needs a Secret clearance, but the organization may be willing to sponsor one.
    If you have server/vm experience that'd be a plus, but honestly at this point I think we're a bit desperate. (Though we need someone who is fairly self-sufficient.

    PSN: jfrofl
  • bowenbowen How you doin'? Registered User regular
    spool32 wrote: »

    It took me about 30 seconds to realize what was going on

    but as soon as I saw it I was like "lol oh man"

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    wunderbarShadowfireFeralPeewiMvrck
  • SeidkonaSeidkona Had an upgrade Registered User regular
    edited October 2017
    Word to the wise. Make sure your postgres files does not have any errors or depreciated commands in it before trying to upgrade to the newest Puppet Enterprise.


    Probably a niche thing but I lost probably a week to a comment someone put in there trying to speed up postgres 9.4 with a command that does not exist in 9.6.

    So upgrade puppet and it install 9.6, the install fails, then you fix the error and it makes a whole new db because it's no longer 9.4.

    Argh.

    Seidkona on
    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • CogCog Registered User regular
    Fucking hidden file extensions as default strikes again.

    Customer receives a file required for an application.
    Does not see the extension on the file that should be there.
    Renames the file and adds the extension.
    Runs the application which bombs out and says the file doesn't exist.
    Enters ticket.

    I turn on show file extensions, remove the duplicate extension, everything works. How the fuck did this ticket get escalated two times without anyone noticing this shit?

    Ransomware preys on this "feature". Fucking shut it off by default, Microsoft. Jesus.

    a5ehrenbowenRandomHajileFeldornFeral
  • a5ehrena5ehren AtlantaRegistered User regular
    Also Windows will apparently still execute .js files by default if double-clicked. I have no idea how that is still enabled.

    bowenFeral
  • SeidkonaSeidkona Had an upgrade Registered User regular
    Anyone have any experience making an nginx proxy?

    This is driving me batty.

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • bowenbowen How you doin'? Registered User regular
    Cog wrote: »
    Fucking hidden file extensions as default strikes again.

    Customer receives a file required for an application.
    Does not see the extension on the file that should be there.
    Renames the file and adds the extension.
    Runs the application which bombs out and says the file doesn't exist.
    Enters ticket.

    I turn on show file extensions, remove the duplicate extension, everything works. How the fuck did this ticket get escalated two times without anyone noticing this shit?

    Ransomware preys on this "feature". Fucking shut it off by default, Microsoft. Jesus.

    Why does having two extensions break the application?

    Sounds like a shitty application.

    file.txt.txt is still openable, unless the program ignores file.txt.txt and just goes "file.txt yup that's what I'm after right there.. oh wait now it's not there!"

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • CogCog Registered User regular
    bowen wrote: »
    Cog wrote: »
    Fucking hidden file extensions as default strikes again.

    Customer receives a file required for an application.
    Does not see the extension on the file that should be there.
    Renames the file and adds the extension.
    Runs the application which bombs out and says the file doesn't exist.
    Enters ticket.

    I turn on show file extensions, remove the duplicate extension, everything works. How the fuck did this ticket get escalated two times without anyone noticing this shit?

    Ransomware preys on this "feature". Fucking shut it off by default, Microsoft. Jesus.

    Why does having two extensions break the application?

    Sounds like a shitty application.

    file.txt.txt is still openable, unless the program ignores file.txt.txt and just goes "file.txt yup that's what I'm after right there.. oh wait now it's not there!"

    It was importing to a SQL database from an XLS file and trying to call the XLS specifically by the name of the file. "Filename.xls", not "Filename.xls.xls".

  • PeewiPeewi I'm a cube now Registered User regular
    a5ehren wrote: »
    Also Windows will apparently still execute .js files by default if double-clicked. I have no idea how that is still enabled.

    Execute in what? If Windows can run JavaScript natively I was not aware of that.

    Switch: SW-6132-4331-5349 || Steam profile
  • iTunesIsEviliTunesIsEvil Registered User regular
    By default Windows thinks the "*.js" extension is "JScript" and will try to execute a file with that extension using the "Microsoft Windows Based Script Host".

    a5ehren
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    surface pro won't boot from USB

    oh it's NTFS, I guess that's not allowed

    /reformat fat 32, reapply image

    nope

    ok maybe the UEFI/partition table was wrong?

    /reformat with rufus, specifically selecting UEFI, GPT table like MS documentation wants

    still nothing

    this damn key boots on ever other fucking laptop in the building

    fuuuuu ms with your buggy-ass hardware

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    lol it won't even boot from the fucking recovery USB I had it make before I started this process

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • That_GuyThat_Guy I don't wanna be that guy Registered User regular
    Aioua wrote: »
    surface pro won't boot from USB

    oh it's NTFS, I guess that's not allowed

    /reformat fat 32, reapply image

    nope

    ok maybe the UEFI/partition table was wrong?

    /reformat with rufus, specifically selecting UEFI, GPT table like MS documentation wants

    still nothing

    this damn key boots on ever other fucking laptop in the building

    fuuuuu ms with your buggy-ass hardware

    They lock down those Surface devices pretty hard. Are you trying to run a USB windows installer? You have to make a windows recovery USB than download the surface image from MS, extract, copy and override files on your flash drive. Just had to do one the other day and it wouldn't boot to anything else.

    steam_sig.png
    Shadowfire
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    That_Guy wrote: »
    Aioua wrote: »
    surface pro won't boot from USB

    oh it's NTFS, I guess that's not allowed

    /reformat fat 32, reapply image

    nope

    ok maybe the UEFI/partition table was wrong?

    /reformat with rufus, specifically selecting UEFI, GPT table like MS documentation wants

    still nothing

    this damn key boots on ever other fucking laptop in the building

    fuuuuu ms with your buggy-ass hardware

    They lock down those Surface devices pretty hard. Are you trying to run a USB windows installer? You have to make a windows recovery USB than download the surface image from MS, extract, copy and override files on your flash drive. Just had to do one the other day and it wouldn't boot to anything else.

    it won't even boot with the recovery usb it made

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    I gave up trying to get it to usb boot. Did the system refresh thing, told it to wipe all data.

    Come back.

    "Yeah we couldn't wipe your data sorry. Try again I guess?"

    Fuck
    You
    Microsoft

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • SiliconStewSiliconStew Registered User regular
    edited October 2017
    If the Surface has Secure Boot enabled, it won't load anything from an external drive, so try to disable it:
    Step 1: Shut down your Surface Pro

    Step 2: Press and hold the volume-up button

    Step 3: Press and release the power button while holding down the volume up button

    Step 4: Release the volume up button when the Surface logo appears

    Step 5: Select ‘Secure Boot Control’

    Step 6: Select ‘Disable’

    Step 7: Select ‘Exit Setup’, then ‘Yes’ to save and restart the device

    NOTE: Disabling Secure Boot will change the Surface boot screen to red, this is normal. Enabling it will return the boot screen to its original ‘Surface’ on a black background.

    Even if it's not enabled, you may not have the boot order set to boot from USB first as that's not the default. Use those same first steps to access the boot order settings.

    SiliconStew on
    Just remember that half the people you meet are below average intelligence.
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    secure boot disabled

    usb literally the only boot option enabled

    this ain't my first rodeo

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • bowenbowen How you doin'? Registered User regular
    I bet you've never even ridden a horse, vowels.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    MugsleywunderbarThawmusjungleroomxApothe0sisShadowfireAegis
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    I rode a horse once!

    You don't know me!

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • wunderbarwunderbar What Have I Done? Registered User regular
    Aioua wrote: »
    I rode a horse once!

    You don't know me!

    05ufeggkosnm.png

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
    twmjrspool32
  • MugsleyMugsley Registered User regular
    ...are you sure it wasn't a deer?

    Thawmus
  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    Anyone ever have the 32 bit version of Excel and the 64 bit version of Excel installed on one computer?

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Entaru wrote: »
    Anyone have any experience making an nginx proxy?

    This is driving me batty.

    Only a handful of times. I definitely haven't done it often enough to give advice.

    And every time it feels like I'm recanting dark magic from an arcane manuscript.

    I do have this tutorial bookmarked though. Maybe it'll help.

    https://www.theregister.co.uk/2017/03/01/nginx_and_the_end_of_ip4/

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    Seidkona
  • bowenbowen How you doin'? Registered User regular
    Aioua wrote: »
    I rode a horse once!

    You don't know me!

    yeah but did you wear a cowboy hat

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • bowenbowen How you doin'? Registered User regular
    Also, itshappening.gif

    My boss said "go ahead and order it" for virtualization. I'm only getting 1 server at the moment, I'm going to expand to a 2nd one in the future (next year is the plan). It's a single point of failure but I can get him to swallow 15k easier than 30k.

    I'll be keeping our old server as a backup.

    I'm trying to figure out if I want to give each provider a separate instance for RDP or if I should make a single giant RDP box.

    Also I'm trying to figure what to get.

    I need 2 network switches (one for general network and one for internal VMware stuff right?). I also want to order a new rackmount and UPS. What the hell else could I need at that point?

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    SeidkonaRadiationThawmusFeralCogspool32
  • wunderbarwunderbar What Have I Done? Registered User regular
    lwt1973 wrote: »
    Anyone ever have the 32 bit version of Excel and the 64 bit version of Excel installed on one computer?

    99.9% sure you can't.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • SiliconStewSiliconStew Registered User regular
    bowen wrote: »
    Also, itshappening.gif

    My boss said "go ahead and order it" for virtualization. I'm only getting 1 server at the moment, I'm going to expand to a 2nd one in the future (next year is the plan). It's a single point of failure but I can get him to swallow 15k easier than 30k.

    I'll be keeping our old server as a backup.

    I'm trying to figure out if I want to give each provider a separate instance for RDP or if I should make a single giant RDP box.

    Also I'm trying to figure what to get.

    I need 2 network switches (one for general network and one for internal VMware stuff right?). I also want to order a new rackmount and UPS. What the hell else could I need at that point?

    You'd want 2 switches for physical redundancy. The traffic separation should be done with VLANs. Unless you buy cheap switches without enough backplane capacity, physical port separation isn't required.

    As for RDS, that would be more a question about potential maintenance. For example, having an identical pair allows users to still log into one while you take one out of service. Or if each RDS host has different applications, even if you don't have redundancy, it would allow you to take one down without affecting other users of different apps.

    Just remember that half the people you meet are below average intelligence.
    FeralCogApothe0sis
  • bowenbowen How you doin'? Registered User regular
    should I buy ubiquiti switches

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • DecomposeyDecomposey Registered User regular
    Radiation wrote: »
    I thought it was in jobs thread in SE but it might have been in here. Was there someone doing basic user/cybersecurity training for non-IT folk in here a while back? I have some questions for that person.

    Also anyone near Herndon, VA and have some decent computer experience want a job supporting the DoD as Tier 3 support on a network scanning tool? I think the position needs a Secret clearance, but the organization may be willing to sponsor one.
    If you have server/vm experience that'd be a plus, but honestly at this point I think we're a bit desperate. (Though we need someone who is fairly self-sufficient.

    I have enough computer experience to fail my Network+ by 20 points, but I have an active Secret. How much will you pay me?

    Before following any advice, opinions, or thoughts I may have expressed in the above post, be warned: I found Keven Costners "Waterworld" to be a very entertaining film.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    bowen wrote: »
    Also, itshappening.gif

    My boss said "go ahead and order it" for virtualization. I'm only getting 1 server at the moment, I'm going to expand to a 2nd one in the future (next year is the plan). It's a single point of failure but I can get him to swallow 15k easier than 30k.

    I'll be keeping our old server as a backup.

    I'm trying to figure out if I want to give each provider a separate instance for RDP or if I should make a single giant RDP box.

    Also I'm trying to figure what to get.

    I need 2 network switches (one for general network and one for internal VMware stuff right?). I also want to order a new rackmount and UPS. What the hell else could I need at that point?

    Basically what SiliconStew said. VMware will have a virtual switch that connects all VMs to your LAN and it can piggyback off of a single NIC (though that wouldn't be a good idea because of bandwidth & redundancy).

    VMware can be configured to fail over physical NICs if a link goes down.

    Two switches are important for redundancy. That also means your host should have a minimum of two NICs.

    Since you will have multiple VMs consuming bandwidth, I'd plan on getting a host and switches with 10Gb NICs. In low-traffic environments you can also get away with a host with 4x 1GB NICs. You team them into two pairs, and have one team go to one switch and the other team go to the other switch.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    Cog
  • bowenbowen How you doin'? Registered User regular
    This is what I'm going with

    I think that should work. We're definitely not high bandwidth. I think the RDP server hits maybe 10% on the network bandwidth graph during the middle of the day.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    Feral
  • bowenbowen How you doin'? Registered User regular
    https://www.ubnt.com/unifi-switching/unifi-switch-2448/

    That's what I'm thinking for the switch, I really like ubiquiti's management portal, a lot.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    bowen wrote: »
    This is what I'm going with

    I think that should work. We're definitely not high bandwidth. I think the RDP server hits maybe 10% on the network bandwidth graph during the middle of the day.

    Looks legit.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    bowen
This discussion has been closed.