[Sysadmin] Windows attempts to mirror late 90's Linux technology.

17273747678

Posts

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    LD50 wrote: »
    Feral wrote: »
    LD50 wrote: »
    The vmware horizon solutions I have used are fucking gaaaaaaaaaarbage.

    I personally think that Horizon is fine if you go into it with both eyes open and invest in it adequately. The problem is that too many companies buy into bullshit hype about desktop virtualization or app virtualization and either expect them to serve use cases where they're a poor fit, or they expect them to save money on hardware (they don't) and underinvest in them.

    They never, ever, ever save money compared to a traditional thick workstation setup.

    Oh, I think they work fine when they are working properly.

    We have an affiliate rural hospital that has their entire infrastructure on horizon. We help them out with the IT side of things when they need it. The virtual desktops work fine when they aren't broken, but they have a tendency to crash without recovering, and the users that the desktops are provisioned for can't log in without calling their help desk and the session is restarted. I don't know why horizon can't figure out that the session has hung and terminate it automatically.

    Also, the management console is a web page written in flash.

    VMware started phasing out flash about two years ago, and the Horizon version released about a year ago got rid of it entirely.

    Despite that, I'm totally sympathetic. I'm in a situation right now where we're finally dumping Persona Management, which has been a deadend technology for years, in favor of Dynamic Environment Manager. We should have done this a long time ago, but I couldn't get the budget to upgrade our Horizon Advanced licenses to Horizon Enterprise... until Persona Management encountered a severe BSOD hard crash bug. DEM is great, Persona Management was always an irritation. But you don't get DEM unless you pay the $$$$$$$$ for Horizon Enterprise licenses. When managers & execs hear "well, for less money on the Advanced license you can use Persona Management instead of DEM" and nobody at VMware admits "uh, Persona Management hasn't received any serious development attention since 2016" then guess what happens.

    Also, I'm going to venture a guess that your rural hospital is also using Imprivata, because it's ubiquitous in healthcare. Imprivata and Horizon have some intricate interoperabilities, so you can't just upgrade Horizon without also upgrading Imprivata, which means a whole other set of challenges.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Feldorn wrote: »
    I’m not sure we have the time or expertise for that.

    This also isn’t something we can refactor. The main offender here is on the docket to be replaced, but that is probably a couple years out.

    Yeah, you didn't make this sound like it was something you developed in-house. You made it sound like a software platform you purchased, and you're just hosting it in-house.

    I really mean it though, reverse proxies are exactly the splint you want in this situation. You can usually use a reverse proxy to implement security and authentication features that the web app itself doesn't support. NGINX and IIS are probably the first ones to look into. If you have budget, then F5 might be my top pick.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    Feldorn
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Darkewolfe wrote: »
    Feral wrote: »
    Pet peeve: when another tech starts their troubleshooting process with "what changed?"

    "Did something change on Server47? It's no longer accepting HTTPS requests."

    No, nothing changed. We froze it in amber a year ago.

    I work in a larger org, so I'm gonna challenge this somewhat. In our type of environment we can pull a list of, say, new services or patches that were applied in the last 24 hours, which IS a good place to start when things stop working.

    I admit that part of this is that i've never worked in an organization with a healthy change management process.

    But also, yeah, I totally agree, asking "what changed?" and treating it as a data point is totally fine. I'm more talking about interactions like this:

    Tech: Did something change on Server47? It's no longer accepting HTTPS requests.
    Me: Since when?
    Tech: I dunno. Last week, maybe?
    Me: Well, we finally turned off NTLM v1 across 200 VMs, but I don't see how that could--
    Tech: Can we turn it back on?
    Me: Is only Server47 having the problem?
    Tech: I dunno. I think so?
    Me: Are there any error messages that suggest NTLM is the problem?
    Tech: I dunno. I could check? Why can't you just turn NTLMv1 back on?
    Me: Bring me some credible evidence that it's NTLMv1 and I will.

    My real pet peeve is techs not bothering to do, y'know, basic diagnostic work: is there anything in a relevant log? (Either Event Viewer or the IIS log or some other application log?) Which machines are affected? Which machines are not affected? Does it happen for any client? Any user? Have you poked it with any diagnostic tools? (for a web server refusing SSL, I'd expect something along the lines of nmap's ssl-enum-ciphers script if it's internal or Qualys server test if it's external).

    I respect that's not really a problem with the approach of "what changed?" but more with techs just glomming on to whatever easy answer that lets them pass the buck

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    InfidelDarkewolfeFeldorn
  • Dizzy DDizzy D NetherlandsRegistered User regular
    Feral wrote: »
    Darkewolfe wrote: »
    Feral wrote: »
    Pet peeve: when another tech starts their troubleshooting process with "what changed?"

    "Did something change on Server47? It's no longer accepting HTTPS requests."

    No, nothing changed. We froze it in amber a year ago.

    I work in a larger org, so I'm gonna challenge this somewhat. In our type of environment we can pull a list of, say, new services or patches that were applied in the last 24 hours, which IS a good place to start when things stop working.

    I admit that part of this is that i've never worked in an organization with a healthy change management process.

    But also, yeah, I totally agree, asking "what changed?" and treating it as a data point is totally fine. I'm more talking about interactions like this:

    Tech: Did something change on Server47? It's no longer accepting HTTPS requests.
    Me: Since when?
    Tech: I dunno. Last week, maybe?
    Me: Well, we finally turned off NTLM v1 across 200 VMs, but I don't see how that could--
    Tech: Can we turn it back on?
    Me: Is only Server47 having the problem?
    Tech: I dunno. I think so?
    Me: Are there any error messages that suggest NTLM is the problem?
    Tech: I dunno. I could check? Why can't you just turn NTLMv1 back on?
    Me: Bring me some credible evidence that it's NTLMv1 and I will.

    My real pet peeve is techs not bothering to do, y'know, basic diagnostic work: is there anything in a relevant log? (Either Event Viewer or the IIS log or some other application log?) Which machines are affected? Which machines are not affected? Does it happen for any client? Any user? Have you poked it with any diagnostic tools? (for a web server refusing SSL, I'd expect something along the lines of nmap's ssl-enum-ciphers script if it's internal or Qualys server test if it's external).

    I respect that's not really a problem with the approach of "what changed?" but more with techs just glomming on to whatever easy answer that lets them pass the buck

    Even a simple Test-NetConnection seems to solve so much. At my main customer I'm responsible for End User Computing (including mailservers and internal DNS for the entire environment, because lines get blurred as to what exactly is just End User and what is just general IT). My general job (not included in my job description) these days seem to be "help application adminsitrators through the most basic of troubleshooting."

    Steam/Origin: davydizzy
    FeralFeldorn
  • LD50LD50 Registered User regular
    Feral wrote: »
    LD50 wrote: »
    Feral wrote: »
    LD50 wrote: »
    The vmware horizon solutions I have used are fucking gaaaaaaaaaarbage.

    I personally think that Horizon is fine if you go into it with both eyes open and invest in it adequately. The problem is that too many companies buy into bullshit hype about desktop virtualization or app virtualization and either expect them to serve use cases where they're a poor fit, or they expect them to save money on hardware (they don't) and underinvest in them.

    They never, ever, ever save money compared to a traditional thick workstation setup.

    Oh, I think they work fine when they are working properly.

    We have an affiliate rural hospital that has their entire infrastructure on horizon. We help them out with the IT side of things when they need it. The virtual desktops work fine when they aren't broken, but they have a tendency to crash without recovering, and the users that the desktops are provisioned for can't log in without calling their help desk and the session is restarted. I don't know why horizon can't figure out that the session has hung and terminate it automatically.

    Also, the management console is a web page written in flash.

    VMware started phasing out flash about two years ago, and the Horizon version released about a year ago got rid of it entirely.

    Despite that, I'm totally sympathetic. I'm in a situation right now where we're finally dumping Persona Management, which has been a deadend technology for years, in favor of Dynamic Environment Manager. We should have done this a long time ago, but I couldn't get the budget to upgrade our Horizon Advanced licenses to Horizon Enterprise... until Persona Management encountered a severe BSOD hard crash bug. DEM is great, Persona Management was always an irritation. But you don't get DEM unless you pay the $$$$$$$$ for Horizon Enterprise licenses. When managers & execs hear "well, for less money on the Advanced license you can use Persona Management instead of DEM" and nobody at VMware admits "uh, Persona Management hasn't received any serious development attention since 2016" then guess what happens.

    Also, I'm going to venture a guess that your rural hospital is also using Imprivata, because it's ubiquitous in healthcare. Imprivata and Horizon have some intricate interoperabilities, so you can't just upgrade Horizon without also upgrading Imprivata, which means a whole other set of challenges.

    Yyyup. Both my hospital and our affiliate use it, and are in the process of migrating their users onto our imprivata instance. We're also migrated about half of their virtual desktop infrastructure into our citrix environment with their own set of images. The process should be completed some time before the end of the year. I'm sure horizon would be better if it were fully up to date, but it doesn't make sense to go through the headache of upgrading that infrastructure when it's going to be replaced.

  • DarkewolfeDarkewolfe Registered User regular
    Feral wrote: »
    Darkewolfe wrote: »
    Feral wrote: »
    Pet peeve: when another tech starts their troubleshooting process with "what changed?"

    "Did something change on Server47? It's no longer accepting HTTPS requests."

    No, nothing changed. We froze it in amber a year ago.

    I work in a larger org, so I'm gonna challenge this somewhat. In our type of environment we can pull a list of, say, new services or patches that were applied in the last 24 hours, which IS a good place to start when things stop working.

    I admit that part of this is that i've never worked in an organization with a healthy change management process.

    But also, yeah, I totally agree, asking "what changed?" and treating it as a data point is totally fine. I'm more talking about interactions like this:

    Tech: Did something change on Server47? It's no longer accepting HTTPS requests.
    Me: Since when?
    Tech: I dunno. Last week, maybe?
    Me: Well, we finally turned off NTLM v1 across 200 VMs, but I don't see how that could--
    Tech: Can we turn it back on?
    Me: Is only Server47 having the problem?
    Tech: I dunno. I think so?
    Me: Are there any error messages that suggest NTLM is the problem?
    Tech: I dunno. I could check? Why can't you just turn NTLMv1 back on?
    Me: Bring me some credible evidence that it's NTLMv1 and I will.

    My real pet peeve is techs not bothering to do, y'know, basic diagnostic work: is there anything in a relevant log? (Either Event Viewer or the IIS log or some other application log?) Which machines are affected? Which machines are not affected? Does it happen for any client? Any user? Have you poked it with any diagnostic tools? (for a web server refusing SSL, I'd expect something along the lines of nmap's ssl-enum-ciphers script if it's internal or Qualys server test if it's external).

    I respect that's not really a problem with the approach of "what changed?" but more with techs just glomming on to whatever easy answer that lets them pass the buck

    Yeeeeep. This is why I've also gotten to the point where sometimes it's, "Generate the standard support packet and don't call me until you have that data." Because more than half the time just the act of collecting it results in a solution and I don't have to be involved.

    What is this I don't even.
    Ferala5ehren
  • djmitchelladjmitchella Registered User regular
    edited September 21
    InfluxDB is like...shockingly bad. I now have no questions as to how Prometheus took the world by storm the way it did, because things you can do easily in Prometheus are somewhere between stupid hard, inaccurate or literally impossible in InfluxQL when your querying it.

    Like, wow. My entire company's metrics gathering seems to turn on "massive limitations of Influx in querying data" rather then any other actual restriction.

    By a weird coincidence, I'm just right now researching "which time series DB should we use", and while Influx sure does show up in a lot of lists. (the db-engines list for example. It's also commonly used in comparisons when other TSDBs want to show they're better, which suggests it's at least got name recognition, though that doesn't mean it's good, just popular)

    Can you give any more details about what's wrong with it? I have a big list of options I'm trying to do a quick initial filter through, and if there's a quick way to knock one out of that list it'll help.

    (Prometheus won't work for our case, we need to push data into it rather than having it pull data from other stuff, and dashboardability isn't as much of an issue for us, but there's still OpenTSDB / Timescale / Kairos / QuestDB / Clickhouse, etc, etc, etc. Also, I don't know why so many of these things use "custom query language" as if it's a _positive_ thing, ugh)

    djmitchella on
  • jungleroomxjungleroomx Panem, circenses, credulous descent. A Gadarene charge into endarkenment Registered User regular
    edited September 22
    I dunno where else to ask, but I've got a little Linksys SE3005 switch at home and frequently have to hard reboot the thing to get gigabit ethernet speeds. It seems to be defaulting down to Ethernet 100. As soon as I unplug and replug the power on the switch the download speeds jump right back up to where they should. Either I'm not looking for the right question or there is a real dearth of information regarding this on the Goog.

    This is a stupid, unmanaged switch and it just has my PC and Switch hooked to it. I never had this issue when I was running the cable straight to my PC. I'm just curious why it doesn't degrade in any other manner other than going from GB to 100M. Tried different cables and have had zero luck.

    jungleroomx on
    Make. Time.
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    Are they cat5e cables or cat6?

    IME even though 5e is rated for gig most consumer grade networking equipment can't actually push a gig through it.

    So I could see the switch negotiating 1gig to start (after a reboot) then dropping down to 100meg once it's lost too many packets.

    Usually cat6 has good enough shielding that it doesn't come up.

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
    jungleroomxFeral
  • jungleroomxjungleroomx Panem, circenses, credulous descent. A Gadarene charge into endarkenment Registered User regular
    Aioua wrote: »
    Are they cat5e cables or cat6?

    IME even though 5e is rated for gig most consumer grade networking equipment can't actually push a gig through it.

    So I could see the switch negotiating 1gig to start (after a reboot) then dropping down to 100meg once it's lost too many packets.

    Usually cat6 has good enough shielding that it doesn't come up.

    I think the one for the PC is Cat5e. I'll get some new cabling, thanks!

    Make. Time.
  • EchoEcho Moderator mod
    InfluxDB is like...shockingly bad. I now have no questions as to how Prometheus took the world by storm the way it did, because things you can do easily in Prometheus are somewhere between stupid hard, inaccurate or literally impossible in InfluxQL when your querying it.

    Like, wow. My entire company's metrics gathering seems to turn on "massive limitations of Influx in querying data" rather then any other actual restriction.

    Here at EchoCorp we were looking at Influx for certain data collection, since it can do downsampling natively - even though I love Prometehus, it still has some glaring omissions in features that Influx can do. We ended up not using Influx and solving it with a daily data pipeline instead, because it turns out Influx strongly recommends against running it in k8s, and that's a major point against it.

    Have you looked at their newer Flux query language that's in Influx 2.0?

    Echo wrote: »
    Let they who have not posted about their balls in the wrong thread cast the first stone.
    Seidkona
  • taliosfalcontaliosfalcon Registered User regular
    due to some (terrible) changes by devs our production Galera mariadb cluster went from ~40% disk utilization to 90+ overnight.. I was panicking hard thinking I'd need to do reboots etc to increase disk space. which often cause outages while it resyncs the servers, but nope GCP let me double the size of the boot disks in seconds with two cli commands with no performance hit while doing it; the future is now. I pray to god I never work anywhere that hasn't migrated to gcp/aws/azure or similar again

    LD50schuss
  • LD50LD50 Registered User regular
    Everything should be virtualized, even if you are self hosting the virtualization.

    FeralFeldornschussbowenDarkewolfeSeidkona
  • bowenbowen How you doin'? Registered User regular
    Switching to virtualized was the best thing we've done.

    So much better to maintain and manage.

    It took a long time to convince my boss to do it because of the sour taste he had in his mouth when the original company had attempted to virtualize his infrastructure 14 some odd years ago with vmware's gsx or whatever the fuck that thing was in 2007ish.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    Feral
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited September 22
    bowen wrote: »
    Switching to virtualized was the best thing we've done.

    So much better to maintain and manage.

    It took a long time to convince my boss to do it because of the sour taste he had in his mouth when the original company had attempted to virtualize his infrastructure 14 some odd years ago with vmware's gsx or whatever the fuck that thing was in 2007ish.

    It really is. Even for very small companies with a couple of servers, just turning them into free ESXi or basic Hyper-V hosts and running your servers as VMs is so much better.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    Feldorn
  • LD50LD50 Registered User regular
    Feral wrote: »
    bowen wrote: »
    Switching to virtualized was the best thing we've done.

    So much better to maintain and manage.

    It took a long time to convince my boss to do it because of the sour taste he had in his mouth when the original company had attempted to virtualize his infrastructure 14 some odd years ago with vmware's gsx or whatever the fuck that thing was in 2007ish.

    It really is. Even for very small companies with a couple of servers, just turning them into free ESXi or basic Hyper-V hosts and running your servers as VMs is so much better.

    No more of that "oh, we need to pay out the nose for this bespoke server motherboard circa 2005 to get our whatever to boot", just buy whatever cheap shit dell has off the shelf and spin your vm back up.

    Feralschussbowen
  • electricitylikesmeelectricitylikesme Registered User regular
    Echo wrote: »
    InfluxDB is like...shockingly bad. I now have no questions as to how Prometheus took the world by storm the way it did, because things you can do easily in Prometheus are somewhere between stupid hard, inaccurate or literally impossible in InfluxQL when your querying it.

    Like, wow. My entire company's metrics gathering seems to turn on "massive limitations of Influx in querying data" rather then any other actual restriction.

    Here at EchoCorp we were looking at Influx for certain data collection, since it can do downsampling natively - even though I love Prometehus, it still has some glaring omissions in features that Influx can do. We ended up not using Influx and solving it with a daily data pipeline instead, because it turns out Influx strongly recommends against running it in k8s, and that's a major point against it.

    Have you looked at their newer Flux query language that's in Influx 2.0?

    We're caught in "next system hell" at the moment. We're moving to M3 which uses PromQL...so nobody wants to touch or upgrade Influx so we definitely can't have Flux (which would fix my immediate problems).

  • MyiagrosMyiagros Registered User regular
    Really weird network share permission error I ran into that I haven't seen before.

    Standard practice for me has always been to set Share permissions to Full Control for Everyone. Then within the NTFS permissions I set access and restrictions. I tested this just now on 2012 R2 and it works exactly as I would expect, the user cannot enter the Share because NTFS is restricting their access.

    In comes a different server (2012). Same permissions as above, NTFS is restricted to one user group that has only a few members. Somehow any user is able to access the share and open files, etc. Only way to restrict access is through the Share permissions by removing Everyone and adding in that group.

    Any suggestions on what to check?

    iRevert wrote: »
    Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
    Steam: MyiagrosX27
  • SiliconStewSiliconStew Registered User regular
    edited September 23
    Myiagros wrote: »
    Really weird network share permission error I ran into that I haven't seen before.

    Standard practice for me has always been to set Share permissions to Full Control for Everyone. Then within the NTFS permissions I set access and restrictions. I tested this just now on 2012 R2 and it works exactly as I would expect, the user cannot enter the Share because NTFS is restricting their access.

    In comes a different server (2012). Same permissions as above, NTFS is restricted to one user group that has only a few members. Somehow any user is able to access the share and open files, etc. Only way to restrict access is through the Share permissions by removing Everyone and adding in that group.

    Any suggestions on what to check?

    First thing that comes to mind is the local security policy has been changed to allow anonymous (unauthenticated) access.

    Computer Configuration\Windows Settings\Security Settings\Local Polices\Security Options
    Network access: Let Everyone permissions apply to anonymous users

    I forget if there are more sec policies that further remove security on a system like that.

    Additionally, it's possible a local group membership on the server has been changed to include groups that shouldn't be there and this is causing more rights than expected. For an extreme example putting Domain Users in the Local Admins group.

    SiliconStew on
    Just remember that half the people you meet are below average intelligence.
  • FeldornFeldorn Mediocre Registered User regular
    For windows file shares, I like to do the share as "Authenticated Users" get Read access, if you're in an Active Directory environment.

    That said, the share permissions should also be added to the NTFS permissions, did you remove or restrict the "Everyone" group from NTFS?

    steam_sig.png
  • SiliconStewSiliconStew Registered User regular
    Oh great, more network fuckery by Apple. ios 14 apparently has a new "feature" that creates a random MAC for each wifi network to avoid tracking. Except they fucked up the implementation and the device connects to the network first with it's real MAC address before switching to the fake MAC. So not only does it fail in protecting you from tracking, this causes duplicate IP address problems on the network. So good luck connecting to any wifi network that tracks logins/access by MAC such as hotels or other public/guest wifi with your Apple device unless you turn it off.

    Just remember that half the people you meet are below average intelligence.
    ThawmusCarpyFeldornLD50MugsleyShadowfirethatassemblyguy
  • ThawmusThawmus Registered User regular
    I use MAC strictly for keeping employees from using our company wifi. There's still enterprise wifi with radius auth but we've been using their company credentials for access and wanted it to be pain-free on their company devices.

    Gonna have to look into doing certificate-based auth whenever they stop loading me with shit to do. I have 3 new projects already waiting for me when I get back next week.

    steam_sig.png
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited September 24
    Me: upgrades Cisco IOS-XE version across several of our branch routers and switches
    Me: tests routing, throughput. everything looks good.

    Branch office, three days later: "Half of our computers don't have Internet."
    Helpdesk staff, "Hey, Feral, half of the computers at the branch office don't have Internet."
    Me: "hey thanks for translating English to English. Would you mind at least pretending to be useful and doing some minimal troubleshooting before escalating a ticket? k thx bye"

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
    Dizzy DDarkewolfea5ehren
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Long story short: some of our offices don't have servers onsite, so DHCP is served up by the local Cisco router

    the new version of IOS-XE doesn't let you use spaces in a DHCP scope name. The old version did, so we had DHCP scopes like "Spokane 12th St Office LAN"

    The new version just dropped the DHCP scopes from the config.

    I know, I could have noticed while doing the upgrade. I didn't. I reviewed the config but not with a fine-toothed comb. Shut up. It's still dumb.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
  • jungleroomxjungleroomx Panem, circenses, credulous descent. A Gadarene charge into endarkenment Registered User regular
    @Aioua the cat6 cable did the trick.

    Work with this shit every single day and it'll still surprise you.

    Make. Time.
    FeralAiouaShadowfireDizzy DzerzhulThawmus
  • a5ehrena5ehren AtlantaRegistered User regular
    Feral wrote: »
    Long story short: some of our offices don't have servers onsite, so DHCP is served up by the local Cisco router

    the new version of IOS-XE doesn't let you use spaces in a DHCP scope name. The old version did, so we had DHCP scopes like "Spokane 12th St Office LAN"

    The new version just dropped the DHCP scopes from the config.

    I know, I could have noticed while doing the upgrade. I didn't. I reviewed the config but not with a fine-toothed comb. Shut up. It's still dumb.
    As a network device dev, the fact that they just dropped it instead of alarming or converting the config to something compatible is insane to me. I’d get reamed if I tried to ship that, but our stuff is better than Cisco’s, so...

    FeldornschussFeralThawmusiTunesIsEvil
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    a5ehren wrote: »
    Feral wrote: »
    Long story short: some of our offices don't have servers onsite, so DHCP is served up by the local Cisco router

    the new version of IOS-XE doesn't let you use spaces in a DHCP scope name. The old version did, so we had DHCP scopes like "Spokane 12th St Office LAN"

    The new version just dropped the DHCP scopes from the config.

    I know, I could have noticed while doing the upgrade. I didn't. I reviewed the config but not with a fine-toothed comb. Shut up. It's still dumb.
    As a network device dev, the fact that they just dropped it instead of alarming or converting the config to something compatible is insane to me. I’d get reamed if I tried to ship that, but our stuff is better than Cisco’s, so...

    That was my feeling too.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
  • That_GuyThat_Guy I don't wanna be that guy Registered User regular
    I found a 6th gen iPad in the recycling bin at the office today. It is understood that if you find something in there you want to fix, it's your's. It turns on but the digitizer is cracked all to hell. The screen itself and the fingerprint reader seem fine. The adhesive holding the glass in place has even started to pull apart. I decided to take it and attempt to repair it. The digitizer is only $13 on eBay. Since the glass is already pulling free, it should be easy enough to get it out. I think the trickiest part will be getting the fingerprint reader out.

    I found a USB cable with it so I'm trying to charge the battery. I'm going to mess around with it for a while to see if it'll be worth fixing up.

    steam_sig.png
    FeralThawmusMugsley
  • ThawmusThawmus Registered User regular
    That_Guy wrote: »
    I found a 6th gen iPad in the recycling bin at the office today. It is understood that if you find something in there you want to fix, it's your's. It turns on but the digitizer is cracked all to hell. The screen itself and the fingerprint reader seem fine. The adhesive holding the glass in place has even started to pull apart. I decided to take it and attempt to repair it. The digitizer is only $13 on eBay. Since the glass is already pulling free, it should be easy enough to get it out. I think the trickiest part will be getting the fingerprint reader out.

    I found a USB cable with it so I'm trying to charge the battery. I'm going to mess around with it for a while to see if it'll be worth fixing up.

    I used to recycle equipment straight to my house all the time because I was willing to fuck around with parts ordering and my company isn't.

    But then my wife started getting really mad about how many computers I had at home "just cuz."

    steam_sig.png
  • MugsleyMugsley Registered User regular
    That_Guy wrote: »
    I found a 6th gen iPad in the recycling bin at the office today. It is understood that if you find something in there you want to fix, it's your's. It turns on but the digitizer is cracked all to hell. The screen itself and the fingerprint reader seem fine. The adhesive holding the glass in place has even started to pull apart. I decided to take it and attempt to repair it. The digitizer is only $13 on eBay. Since the glass is already pulling free, it should be easy enough to get it out. I think the trickiest part will be getting the fingerprint reader out.

    I found a USB cable with it so I'm trying to charge the battery. I'm going to mess around with it for a while to see if it'll be worth fixing up.

    It may be much easier if you grab one of those ~$20 "smartphone tools" kits so you can pry open things and mess with the parts easily. Also be gentle with the heat gun; I had a guy mess up the screen on my Pixel XL because he didn't move the heat gun around enough (he replaced the damaged part).

    Good luck! We're getting my younger daughter a refurb iPad since her sister has one. They've held up very well so far.

  • That_GuyThat_Guy I don't wanna be that guy Registered User regular
    edited September 27
    Mugsley wrote: »
    That_Guy wrote: »
    I found a 6th gen iPad in the recycling bin at the office today. It is understood that if you find something in there you want to fix, it's your's. It turns on but the digitizer is cracked all to hell. The screen itself and the fingerprint reader seem fine. The adhesive holding the glass in place has even started to pull apart. I decided to take it and attempt to repair it. The digitizer is only $13 on eBay. Since the glass is already pulling free, it should be easy enough to get it out. I think the trickiest part will be getting the fingerprint reader out.

    I found a USB cable with it so I'm trying to charge the battery. I'm going to mess around with it for a while to see if it'll be worth fixing up.

    It may be much easier if you grab one of those ~$20 "smartphone tools" kits so you can pry open things and mess with the parts easily. Also be gentle with the heat gun; I had a guy mess up the screen on my Pixel XL because he didn't move the heat gun around enough (he replaced the damaged part).

    Good luck! We're getting my younger daughter a refurb iPad since her sister has one. They've held up very well so far.

    I don't have a heat gun but I have everything else I'll need. I'm going to try using a hairdryer and/or a hotpack.

    That_Guy on
    steam_sig.png
  • LD50LD50 Registered User regular
    That_Guy wrote: »
    Mugsley wrote: »
    That_Guy wrote: »
    I found a 6th gen iPad in the recycling bin at the office today. It is understood that if you find something in there you want to fix, it's your's. It turns on but the digitizer is cracked all to hell. The screen itself and the fingerprint reader seem fine. The adhesive holding the glass in place has even started to pull apart. I decided to take it and attempt to repair it. The digitizer is only $13 on eBay. Since the glass is already pulling free, it should be easy enough to get it out. I think the trickiest part will be getting the fingerprint reader out.

    I found a USB cable with it so I'm trying to charge the battery. I'm going to mess around with it for a while to see if it'll be worth fixing up.

    It may be much easier if you grab one of those ~$20 "smartphone tools" kits so you can pry open things and mess with the parts easily. Also be gentle with the heat gun; I had a guy mess up the screen on my Pixel XL because he didn't move the heat gun around enough (he replaced the damaged part).

    Good luck! We're getting my younger daughter a refurb iPad since her sister has one. They've held up very well so far.

    I don't have a heat gun but I have everything else I'll need. I'm going to try using a hairdryer and/or a hotpack.

    Personally, I would just get a heat gun. They are not expensive and they are so useful.

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Feral wrote: »
    LD50 wrote: »
    Feral wrote: »
    LD50 wrote: »
    The vmware horizon solutions I have used are fucking gaaaaaaaaaarbage.

    I personally think that Horizon is fine if you go into it with both eyes open and invest in it adequately. The problem is that too many companies buy into bullshit hype about desktop virtualization or app virtualization and either expect them to serve use cases where they're a poor fit, or they expect them to save money on hardware (they don't) and underinvest in them.

    They never, ever, ever save money compared to a traditional thick workstation setup.

    Oh, I think they work fine when they are working properly.

    We have an affiliate rural hospital that has their entire infrastructure on horizon. We help them out with the IT side of things when they need it. The virtual desktops work fine when they aren't broken, but they have a tendency to crash without recovering, and the users that the desktops are provisioned for can't log in without calling their help desk and the session is restarted. I don't know why horizon can't figure out that the session has hung and terminate it automatically.

    Also, the management console is a web page written in flash.

    VMware started phasing out flash about two years ago, and the Horizon version released about a year ago got rid of it entirely.

    Despite that, I'm totally sympathetic. I'm in a situation right now where we're finally dumping Persona Management, which has been a deadend technology for years, in favor of Dynamic Environment Manager. We should have done this a long time ago, but I couldn't get the budget to upgrade our Horizon Advanced licenses to Horizon Enterprise... until Persona Management encountered a severe BSOD hard crash bug. DEM is great, Persona Management was always an irritation. But you don't get DEM unless you pay the $$$$$$$$ for Horizon Enterprise licenses. When managers & execs hear "well, for less money on the Advanced license you can use Persona Management instead of DEM" and nobody at VMware admits "uh, Persona Management hasn't received any serious development attention since 2016" then guess what happens.

    Also, I'm going to venture a guess that your rural hospital is also using Imprivata, because it's ubiquitous in healthcare. Imprivata and Horizon have some intricate interoperabilities, so you can't just upgrade Horizon without also upgrading Imprivata, which means a whole other set of challenges.

    I didn't realize when I wrote this that VMware, literally a few weeks ago, finally gave a feature-limited UEM/DEM ("DEM Standard") to us lowly Advanced license plebes. After years of people yelling "WTF" at them. Thank fucking god.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Feral wrote: »
    Feral wrote: »
    LD50 wrote: »
    Feral wrote: »
    LD50 wrote: »
    The vmware horizon solutions I have used are fucking gaaaaaaaaaarbage.

    I personally think that Horizon is fine if you go into it with both eyes open and invest in it adequately. The problem is that too many companies buy into bullshit hype about desktop virtualization or app virtualization and either expect them to serve use cases where they're a poor fit, or they expect them to save money on hardware (they don't) and underinvest in them.

    They never, ever, ever save money compared to a traditional thick workstation setup.

    Oh, I think they work fine when they are working properly.

    We have an affiliate rural hospital that has their entire infrastructure on horizon. We help them out with the IT side of things when they need it. The virtual desktops work fine when they aren't broken, but they have a tendency to crash without recovering, and the users that the desktops are provisioned for can't log in without calling their help desk and the session is restarted. I don't know why horizon can't figure out that the session has hung and terminate it automatically.

    Also, the management console is a web page written in flash.

    VMware started phasing out flash about two years ago, and the Horizon version released about a year ago got rid of it entirely.

    Despite that, I'm totally sympathetic. I'm in a situation right now where we're finally dumping Persona Management, which has been a deadend technology for years, in favor of Dynamic Environment Manager. We should have done this a long time ago, but I couldn't get the budget to upgrade our Horizon Advanced licenses to Horizon Enterprise... until Persona Management encountered a severe BSOD hard crash bug. DEM is great, Persona Management was always an irritation. But you don't get DEM unless you pay the $$$$$$$$ for Horizon Enterprise licenses. When managers & execs hear "well, for less money on the Advanced license you can use Persona Management instead of DEM" and nobody at VMware admits "uh, Persona Management hasn't received any serious development attention since 2016" then guess what happens.

    Also, I'm going to venture a guess that your rural hospital is also using Imprivata, because it's ubiquitous in healthcare. Imprivata and Horizon have some intricate interoperabilities, so you can't just upgrade Horizon without also upgrading Imprivata, which means a whole other set of challenges.

    I didn't realize when I wrote this that VMware, literally a few weeks ago, finally gave a feature-limited UEM/DEM ("DEM Standard") to us lowly Advanced license plebes. After years of people yelling "WTF" at them. Thank fucking god.

    update: but it doesn't include App Volumes, and selling UEM without App Volumes is like selling a car without wheels

    fuck you, vmware

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
    the "no true scotch man" fallacy.
  • FeldornFeldorn Mediocre Registered User regular
    @Feral If I wanted to spec out a VMWare Horizon install because I was asked to provide it, what do I even need for licenses?

    This is for the same stuff I was asking about awhile back, it will only be application virtualization for some old web apps that we need to provide external access to. Also yes, I realize this is totally overkill for that purpose.

    steam_sig.png
  • ThawmusThawmus Registered User regular
    I am so fucking tired of people using Zoom and Teams and not clicking on the right shit to make video and audio work, and/or ignoring red indicators asking for perms. Especially when they call me 30 minutes after their meetings are over and just simply share that it didn't work.

    Just fucking call me. Also if you're taking like 12 meetings a day and have been doing so for the past 7 months maybe you should have learned by now how to use video conferencing.

    Also gonna say fuck you to the sales guy saying, "It's because we don't have real computers so we don't have Teams."

    1. You have real computers, they just don't have Windows, they have Linux.

    2. MS has a Linux client for Teams that works exactly like the Windows client and I installed it for you 7 months ago. Again, fuck you.

    steam_sig.png
    NaphtaliFeldornBlackDragon480FeralMugsleyDarkewolfeShadowfire
  • twmjrtwmjr Registered User regular
    Thawmus wrote: »
    I am so fucking tired of people using Zoom and Teams and not clicking on the right shit to make video and audio work, and/or ignoring red indicators asking for perms. Especially when they call me 30 minutes after their meetings are over and just simply share that it didn't work.

    Just fucking call me. Also if you're taking like 12 meetings a day and have been doing so for the past 7 months maybe you should have learned by now how to use video conferencing.

    Also gonna say fuck you to the sales guy saying, "It's because we don't have real computers so we don't have Teams."

    1. You have real computers, they just don't have Windows, they have Linux.

    2. MS has a Linux client for Teams that works exactly like the Windows client and I installed it for you 7 months ago. Again, fuck you.

    can I have a fake computer that doesn't have Teams? sign me the heck up for that.

    ThawmusBlackDragon480Darkewolfe
  • bowenbowen How you doin'? Registered User regular
    Ah this reminds me of 5 months ago when I cautioned them that telemed with old patients was going to be a crapshoot.

    Guess who was right

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    ThawmusLD50Feral
  • ThawmusThawmus Registered User regular
    bowen wrote: »
    Ah this reminds me of 5 months ago when I cautioned them that telemed with old patients was going to be a crapshoot.

    Guess who was right

    Yeah, my wife does a bunch of it with the Mayo clinic (she's a patient) and they have an intermediary person who works with you to make sure you've figured your shit out before they hand you off to the doctor.

    steam_sig.png
    bowenFeral
  • bowenbowen How you doin'? Registered User regular
    I straight up told them I'm not doing tech support for old people and their phones, they're on their own for that.

    I said I'd maybe consider it for double my salary. Maybe.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
    ThawmusLD50
Sign In or Register to comment.