The OSI model doesn't seem like something to get stressed about
It isn't that complicated
And it's just an abstract mental model, not an inviolable law
However, I've never done the CCNA, and Cisco often crawls up their own ass with esoteric terminology so maybe his study materials were particularly fucky
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
the "no true scotch man" fallacy.
+4
Options
TL DRNot at all confident in his reflexive opinions of thingsRegistered Userregular
The OSI model doesn't seem like something to get stressed about
It isn't that complicated
And it's just an abstract mental model, not an inviolable law
However, I've never done the CCNA, and Cisco often crawls up their own ass with esoteric terminology so maybe his study materials were particularly fucky
Cisco stuff is awful and cisco and oracle still existing is almost entirely because they overinflate the value of their certifications.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
I'm still angry that I can't get Mikrotik certs without flying halfway across the country. So I do think everyone's up their own asshole, even the little guys.
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
It sounds like you just need to have a more positive attitude and be oriented to success.
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
We would have been successful if you had been more of a team player!
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
It sounds like you just need to have a more positive attitude and be oriented to success.
I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
It sounds like you just need to have a more positive attitude and be oriented to success.
I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."
Oh god fuck that person
Fuck him with a rusty railroad spike
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
It sounds like you just need to have a more positive attitude and be oriented to success.
I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."
Were they trying to talk you into helping them build an exclusive island music festival at the time?
Mostly just huntin' monsters.
XBL:Phenyhelm - 3DS:Phenyhelm
+10
Options
lwt1973King of ThievesSyndicationRegistered Userregular
We have two VPN's going to our customers through Rackspace. The first customer vpn has no issues. We can ping through and we can access what we need through it. The second customer is up and running and we can ping through it but it's a coin flip on whether or not we can telnet into what we need. Sometimes it works and sometimes it doesn't.
The frustrating thing is we have an older server/vpn connection on-site and it works fine with no issues on both so something is going on but the customer and Rackspace can't find out what's up.
"He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
AD-DC1 has certificate. LDP can connect locally to port 636 and bind securely.
AD-DC2 can connect to DC1 over 389, but not 636.
Sonicwall can connect to DC1 over 389, but not 636.
DC1 Firewall is set to allow 636 connections.
I'm missing something, but all of the "walkthroughs" I've found gloss over all of this as if once you put a certificate on the server it all works magically.
AD-DC1 has certificate. LDP can connect locally to port 636 and bind securely.
AD-DC2 can connect to DC1 over 389, but not 636.
Sonicwall can connect to DC1 over 389, but not 636.
DC1 Firewall is set to allow 636 connections.
I'm missing something, but all of the "walkthroughs" I've found gloss over all of this as if once you put a certificate on the server it all works magically.
Hmm. I would start by verifying that port 636 is actually accessible from any other host by running nmap against DC1.
Also, I've usually found that the cert needs to be trusted by the clients. For example, we use PKI with Microsoft cert servers. For LDAPS to work from appliances, we have to import our PKI root and intermediate certs into the appliance.
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
user breaks a personal view in sharepoint, which means she can't see any documents in this view.
she emails our sharepoint guy, our IT manager, our IT manager's boss, and the CEO of the company, saying that sharepoint is broken and all the data in sharepoint is gone.
In theory, certs should be easy. In practice, there are too many vendor-specific idiosyncrasies.
I fucking spun my wheels for literally two fucking years on getting an EAP-TLS wifi network working with Apple devices... and it turned out that the reason for the failure was our Windows NPS/RADIUS mobile device certs had certificate chains using the RSASSA-PSS algorithm all the way down to the roots, Apple doesn't trust that algorithm, so I had to reissue our whole PKI chain.
(┛◉Д◉)┛彡┻━┻
And then around 2014-2017 saw a big sea change in how we thought about SSL with stuff like Poodle, the Symantec breach, the sunset of SSL 3.0, getting serious about weak encryption algorithms like 3DES, etc, but there's huge intertia where not all vendors have caught up. And even if a vendor has caught up, maybe the devices/servers in the field aren't updated, and it's a big mess.
Feral on
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
On that RSASSA-PSS thing, I engaged with Apple support, Meraki support, and our MDM vendor to figure out why I couldn't get Apple devices to trust our PKI chain and NOBODY could figure it out. This was 2015-2016.
I didn't even think about that until Firefox pushed out an update where RSASSA-PSS certs threw an error in the browser, alerting me to the compatibility issues with that algorithm.
Then in 2017 articles started appearing online about it and I was like Molly Grue from Last Unicorn, "Where have you been!?"
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
Meanwhile I still have staff here who, in 20-fucking-year-of-our-lord-19, deploy HTTP servers in production without issuing trusted certs or even turning on SSL.
I'll get an email from a team member where they're inviting non-IT staff to beta test a new system and please log in to http://whatever.contoso.com with your Active Directory username and password, and I have to walk over and hit them with a rolled up newspaper.
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?
old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?
...I'll be seen out by security now.
+2
Options
ThegreatcowLord of All BaconsWashington State - It's Wet up here innit? Registered Userregular
old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?
...I'll be seen out by security now.
Suddenly my former SysAdmin's habit of taking depreciated/retired hard drives and server blades out to the desert to ventilate with his guns makes a heckuva lot more sense. (was pretty fun when I tagged along a couple of times not gonna lie)
We have a remote user who constantly complains about how her windwows laptop is terrible and how her mac is just so much better and she wishes she could work off of her personal mac instead of our windows laptops.
So, she actually did have an issue with the laptop we gave her, pretty sure the wifi card was flaking out, and was going to bring it in for us to swap her out to a new one. We were joking that we should put an apple sticker over the dell logo on the new laptop so we can say we gave her a mac.
You bet your ass the laptop she brought in had an apple sticker over the dell logo.
Posts
I said if I can't run Linux then I want a Mac.
Sadly since I got the better job with the bigger company they do not support Linux so Mac it is.
He did say they were trying to get it allowed.
XBL:Phenyhelm - 3DS:Phenyhelm
he's not wrong
Naw, I kid. You should be able to do an awful lot on Mac that you already do on Linux. They have linux servers, I hope?
Current job got me a Mac. I hate that thing with a passion, but at least it has a native terminal.
MBPs made me hate USB-C.
All I really need is to provision myself a box on the internal Network as my dev box.
I do almost everything from the terminal anyway .
Plus one of the Mac terminals supports tmux command mode.
I could admin Linux boxes from a toaster. I am not too worried about it.
XBL:Phenyhelm - 3DS:Phenyhelm
It isn't that complicated
And it's just an abstract mental model, not an inviolable law
However, I've never done the CCNA, and Cisco often crawls up their own ass with esoteric terminology so maybe his study materials were particularly fucky
the "no true scotch man" fallacy.
Cisco stuff is awful and cisco and oracle still existing is almost entirely because they overinflate the value of their certifications.
The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."
yeap
We only have like 6 conversations.
Who wants to talk about editors?
XBL:Phenyhelm - 3DS:Phenyhelm
It sounds like you just need to have a more positive attitude and be oriented to success.
the "no true scotch man" fallacy.
We would have been successful if you had been more of a team player!
But with a Mac I get iTerm2 with tmux command mode.
XBL:Phenyhelm - 3DS:Phenyhelm
I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."
Oh god fuck that person
Fuck him with a rusty railroad spike
the "no true scotch man" fallacy.
Were they trying to talk you into helping them build an exclusive island music festival at the time?
XBL:Phenyhelm - 3DS:Phenyhelm
The frustrating thing is we have an older server/vpn connection on-site and it works fine with no issues on both so something is going on but the customer and Rackspace can't find out what's up.
AD-DC1 has certificate. LDP can connect locally to port 636 and bind securely.
AD-DC2 can connect to DC1 over 389, but not 636.
Sonicwall can connect to DC1 over 389, but not 636.
DC1 Firewall is set to allow 636 connections.
I'm missing something, but all of the "walkthroughs" I've found gloss over all of this as if once you put a certificate on the server it all works magically.
Hmm. I would start by verifying that port 636 is actually accessible from any other host by running nmap against DC1.
Also, I've usually found that the cert needs to be trusted by the clients. For example, we use PKI with Microsoft cert servers. For LDAPS to work from appliances, we have to import our PKI root and intermediate certs into the appliance.
the "no true scotch man" fallacy.
she emails our sharepoint guy, our IT manager, our IT manager's boss, and the CEO of the company, saying that sharepoint is broken and all the data in sharepoint is gone.
I'm real glad I have Friday off this week.
I wish I had a good resource on that, yeah.
the "no true scotch man" fallacy.
I fucking spun my wheels for literally two fucking years on getting an EAP-TLS wifi network working with Apple devices... and it turned out that the reason for the failure was our Windows NPS/RADIUS mobile device certs had certificate chains using the RSASSA-PSS algorithm all the way down to the roots, Apple doesn't trust that algorithm, so I had to reissue our whole PKI chain.
(┛◉Д◉)┛彡┻━┻
And then around 2014-2017 saw a big sea change in how we thought about SSL with stuff like Poodle, the Symantec breach, the sunset of SSL 3.0, getting serious about weak encryption algorithms like 3DES, etc, but there's huge intertia where not all vendors have caught up. And even if a vendor has caught up, maybe the devices/servers in the field aren't updated, and it's a big mess.
the "no true scotch man" fallacy.
I didn't even think about that until Firefox pushed out an update where RSASSA-PSS certs threw an error in the browser, alerting me to the compatibility issues with that algorithm.
Then in 2017 articles started appearing online about it and I was like Molly Grue from Last Unicorn, "Where have you been!?"
the "no true scotch man" fallacy.
I'll get an email from a team member where they're inviting non-IT staff to beta test a new system and please log in to http://whatever.contoso.com with your Active Directory username and password, and I have to walk over and hit them with a rolled up newspaper.
the "no true scotch man" fallacy.
the "no true scotch man" fallacy.
old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?
...I'll see myself out now.
Wud yoo laek to lern aboot meatz? Look here!
Suddenly my former SysAdmin's habit of taking depreciated/retired hard drives and server blades out to the desert to ventilate with his guns makes a heckuva lot more sense. (was pretty fun when I tagged along a couple of times not gonna lie)
Wud yoo laek to lern aboot meatz? Look here!
So, she actually did have an issue with the laptop we gave her, pretty sure the wifi card was flaking out, and was going to bring it in for us to swap her out to a new one. We were joking that we should put an apple sticker over the dell logo on the new laptop so we can say we gave her a mac.
You bet your ass the laptop she brought in had an apple sticker over the dell logo.
Office 364, bb
Everyone say it with me:
it's always DNS.
IT CERTAINLY DID. Good thing I went home at 5.