You should at least segregate your OS drive and your data drive, even on a SAN, so:
1) your data drive filling up doesn't interfere with your OS
2) if block size alignment is a concern (SQL or Exchange) you can format the data partition to the proper block size
3) it makes it easier to detach the data from one VM and attach it to another for OS & application upgrades
Sure, but we’re not even talking about special database servers or anything. 1 is very easy to fix, and is just as likely to happen due to Windows Updates anyway. I just don’t like giving a blank 20+ GB space to grow to two separate drives when it can be consolidated.
All of the computers are 2012 NCRs that badly need to go away.
Oh look, it seems that the hardware is now too old to support. Sorry, [client], you need to blame Microsoft for not supporting. Have we mentioned that these systems are 6 years old and represent rather large security holes?
This conversation reminds me that there was a day when I thought Linux drive mounting was incomprehensible to me (though I still think the way Linux handles removable media is too complicated and dumb), but now I sit here and I'm in the reverse position, I don't understand why Windows still does drive mounting the way they do, with drive letters and shit.
that's fair but it's easier to tell someone "go to your h drive" than it is to tell them to type "go to slash slash filestorage slash users slash your username slash documents"
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
The only thing that gets me about it is that I can't reasonably expect a removable drive to get or even be able to get the same mount point next time.
And sure I shouldn't make assumptions like that on Linux either, but I can in smaller and more controlled environments.
At least in such a way that a script can just make the assumption and do a quick sanity check before throwing a "Hey we didn't get the mount point we wanted!"
Whereas a quick and dirty script on windows has to start with the assumption that we have no idea which drive got which mount point and we have to go looking for them before we do anything else.
that's fair but it's easier to tell someone "go to your h drive" than it is to tell them to type "go to slash slash filestorage slash users slash your username slash documents"
Totally.
I don't mind so much in environments where there's just one drive (maybe N:) that points to a DFS namespace, and everything else just appears as a subfolder.
When you get more than two or three drive letters, or when drive letters are mapped to different paths for different users (retch), then I want to flip a table.
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
Regarding Linux, I still don't understand the difference between sbin, bin, opt, and usr.
sbin is root only stuff
bin is for boot/services usually
usr is for your own local version of whatever might be installed on systems, sometimes shit like shared hosting will dump php in there for multiple different installs I guess
opt is for random garbage that aren't usually part of an OS
var is for the stuff that is part of the OS but doesn't belong in config folders in /etc
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
that's fair but it's easier to tell someone "go to your h drive" than it is to tell them to type "go to slash slash filestorage slash users slash your username slash documents"
Which is something I've never ever had to say to a user and should never ever have to.
"Go to your home folder"
"Go to your Documents folder"
"Go to your Pictures folder"
"Go to your Downloads folder"
It's really no different from telling them how to navigate their Windows profile.
For mapped network drives you can literally name the bookmark whatever the fuck you want.
Or you can just nfs mount shit and take it entirely out of their hands.
Regarding Linux, I still don't understand the difference between sbin, bin, opt, and usr.
/bin and /sbin both have executable shit in them, but sbin is kind of your "Administrative tools". In most distros only root has /sbin added to their PATH variable, so only root can call them from cli.
/opt is used for 3rd party shit
/usr is for a lot of shit, mostly libraries and binaries, but it's been commandeered for a lot of shit by different distros and developers. Like, pretty much every subdirectory under /usr has got its own history for how it fucking got there and what the fuck it's for and how that changed over the years.
To go back to my SQL server thing from Thursday, since I had a 3 day weekend and didn't check here, the main reason that I still set up SQL servers that way, especially with transaction logs on a separate drive, is even in a VM/storage array environment, you don't want a case where a runaway issue with the logfiles causes issues with the live databases, and the size of the drives either fill up if you limit the virtual drive, or swells too large if it's set dynamically.
and yes, Windows install on one drive and data on another, no matter what.
Most servers I don't care to segregate data as much as I do with SQL, but with a big SQL server, I still want to be careful/do it right.
That_GuyI don't wanna be that guyRegistered Userregular
Oh hey, Hiren's BootCD has been updates for the first time since 2012. It's been rebuilt from the ground up with the Windows 10 Preinstall Environment (PE). I just threw it on a USB stick and it's great.
There's a lot of places I could start bitching about what they've done (*coughmappeddrivesondefaultdomainpolicycough*) but I personally like how they use Update on the policy with highest inheritance priority, and then use Create on the policy with the lowest inheritance priority.
That means if they change the M drive on their drive mapping policy, anything they change it to will work.... and then be overwritten by the default domain policy's "Create", which will delete the M drive mapping in order to re-create the old one.
They also had tons of policies set to "Enforce" when they had no containers with inheritance blocking. And they had policies with only a single link to the deepest OU in a tree... set to Enforce.
There's a lot of places I could start bitching about what they've done (*coughmappeddrivesondefaultdomainpolicycough*) but I personally like how they use Update on the policy with highest inheritance priority, and then use Create on the policy with the lowest inheritance priority.
That means if they change the M drive on their drive mapping policy, anything they change it to will work.... and then be overwritten by the default domain policy's "Create", which will delete the M drive mapping in order to re-create the old one.
They also had tons of policies set to "Enforce" when they had no containers with inheritance blocking. And they had policies with only a single link to the deepest OU in a tree... set to Enforce.
Why do people not understand how GPO works, JESUS
While I share you frustration over this, because I had a hell of a time with this back in the day, I think the main reason people don't understand how GPO works is that Microsoft is using really shitty language to describe what the hell they're doing.
If you knew nothing about Group Policy and started fucking around with it on day 1, you would expect Enforce to enforce the policy. Like it'll keep the end-user from changing the setting.
And why not fuck around with the default domain policy if you can't delete it? Clearly it's the one Microsoft wants you to use, right?
I find that the things that people fuck up constantly are probably super unintuitive. I know I wasn't using GPO right until I took a Citrix class and they spent the first 3/5 days teaching us group policy, because you need good fucking group policy if you're running Citrix. Then I came back from class and had to fight tooth and nail with my boss on how GPO works, because he would insist, based on the language used in the tool, that what I was saying was flat-out wrong.
I think the main reason people don't understand how GPO works is that Microsoft is using really shitty language to describe what the hell they're doing.
Yeah, I will readily admit that this is absolutely the problem. They could change it to like "Override Inheritance Block" and "Critical Domain Defaults DO NOT MODIFY" and solve 95% of those issues.
@Aioua lighting the batsignal for vowels, help me figure out how to put function get-logonserver{ into that script so I can return both last logon time and, if they're currently logged in, which DC authenticated them.
Aioua lighting the batsignal for vowels, help me figure out how to put function get-logonserver{ into that script so I can return both last logon time and, if they're currently logged in, which DC authenticated them.
@Cog
heh, that script already finds it for you it just doesn't do anything with it. Needs better variable names!
Here:
e: removed function, scripts are that one giant function annoy me, that's what a script is!
Aioua on
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Well, that wouldn't tell you if they're currently logged in, just which DC was the one recording the most recent login. (I'm... pretty sure lastlogon only gets overwritten when you log onto that specific DC, the synced value is lastlogontimestamp)
I'm not sure how to tell if a user is currently logged in actually... is that something AD even tracks? I have this feeling it's stateless?
life's a game that you're bound to lose / like using a hammer to pound in screws
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Aioua lighting the batsignal for vowels, help me figure out how to put function get-logonserver{ into that script so I can return both last logon time and, if they're currently logged in, which DC authenticated them.
@Cog
heh, that script already finds it for you it just doesn't do anything with it. Needs better variable names!
Here:
Posts
This is a clickable link to my Steam Profile.
Oh look, it seems that the hardware is now too old to support. Sorry, [client], you need to blame Microsoft for not supporting. Have we mentioned that these systems are 6 years old and represent rather large security holes?
Mapping network shares to drive letters is dumb.
the "no true scotch man" fallacy.
And sure I shouldn't make assumptions like that on Linux either, but I can in smaller and more controlled environments.
At least in such a way that a script can just make the assumption and do a quick sanity check before throwing a "Hey we didn't get the mount point we wanted!"
Whereas a quick and dirty script on windows has to start with the assumption that we have no idea which drive got which mount point and we have to go looking for them before we do anything else.
Totally.
I don't mind so much in environments where there's just one drive (maybe N:) that points to a DFS namespace, and everything else just appears as a subfolder.
When you get more than two or three drive letters, or when drive letters are mapped to different paths for different users (retch), then I want to flip a table.
the "no true scotch man" fallacy.
the "no true scotch man" fallacy.
sbin is root only stuff
bin is for boot/services usually
usr is for your own local version of whatever might be installed on systems, sometimes shit like shared hosting will dump php in there for multiple different installs I guess
opt is for random garbage that aren't usually part of an OS
var is for the stuff that is part of the OS but doesn't belong in config folders in /etc
Which is something I've never ever had to say to a user and should never ever have to.
"Go to your home folder"
"Go to your Documents folder"
"Go to your Pictures folder"
"Go to your Downloads folder"
It's really no different from telling them how to navigate their Windows profile.
For mapped network drives you can literally name the bookmark whatever the fuck you want.
Or you can just nfs mount shit and take it entirely out of their hands.
/bin and /sbin both have executable shit in them, but sbin is kind of your "Administrative tools". In most distros only root has /sbin added to their PATH variable, so only root can call them from cli.
/opt is used for 3rd party shit
/usr is for a lot of shit, mostly libraries and binaries, but it's been commandeered for a lot of shit by different distros and developers. Like, pretty much every subdirectory under /usr has got its own history for how it fucking got there and what the fuck it's for and how that changed over the years.
Go home Linux, you're drunk.
XBL:Phenyhelm - 3DS:Phenyhelm
My favorite is Nagios:
/usr/local/nagios/ leads to:
/usr/local/nagios/bin
/usr/local/nagios/etc
/usr/local/nagios/sbin
/usr/local/nagios/var
among others....
and yes, Windows install on one drive and data on another, no matter what.
Most servers I don't care to segregate data as much as I do with SQL, but with a big SQL server, I still want to be careful/do it right.
https://www.hirensbootcd.org/
This appears to be an initial release. I don't think he's even ported the HBCD Menu into it.
They're also the only CD's I have anymore because what the fuck are CD's, precious?
It involves deleting nodes out of HKEY_LOCAL_MACHINE with regedit.
This is not going to end well.
If your users actually have permissions to do that you've got a lot more problems than that to worry about.
Bonus points if they don't have permission and those instructions got distributed anyway.
well I mean.... that is actually being busy.
the "no true scotch man" fallacy.
Also they used plastic zipties through rack screw holes to secure power cables.
the "no true scotch man" fallacy.
That means if they change the M drive on their drive mapping policy, anything they change it to will work.... and then be overwritten by the default domain policy's "Create", which will delete the M drive mapping in order to re-create the old one.
They also had tons of policies set to "Enforce" when they had no containers with inheritance blocking. And they had policies with only a single link to the deepest OU in a tree... set to Enforce.
Why do people not understand how GPO works, JESUS
While I share you frustration over this, because I had a hell of a time with this back in the day, I think the main reason people don't understand how GPO works is that Microsoft is using really shitty language to describe what the hell they're doing.
If you knew nothing about Group Policy and started fucking around with it on day 1, you would expect Enforce to enforce the policy. Like it'll keep the end-user from changing the setting.
And why not fuck around with the default domain policy if you can't delete it? Clearly it's the one Microsoft wants you to use, right?
I find that the things that people fuck up constantly are probably super unintuitive. I know I wasn't using GPO right until I took a Citrix class and they spent the first 3/5 days teaching us group policy, because you need good fucking group policy if you're running Citrix. Then I came back from class and had to fight tooth and nail with my boss on how GPO works, because he would insist, based on the language used in the tool, that what I was saying was flat-out wrong.
@Cog
heh, that script already finds it for you it just doesn't do anything with it. Needs better variable names!
Here:
e: removed function, scripts are that one giant function annoy me, that's what a script is!
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
I'm not sure how to tell if a user is currently logged in actually... is that something AD even tracks? I have this feeling it's stateless?
fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
that's right we're on a fucked up cruise / God is dead but at least we have booze
bad things happen, no one knows why / the sun burns out and everyone dies
Okay so now how about lets do it with popups!
I dropped in
To get a popup that prompts for a username with the current user filled in, but I cant find something appropriate to produce a popup for the output.