Hi,

I'm so stressed in this sector right now, more and more things to do with less and less people to do it. This got me thinking, I can't be the only one. How about we list the size of our IT estate against the number of people we have looking after it? When you factor in day to day support, helpdesk, projects, security, purchasing, red tape etc etc......it's a real struggle.

​

My companies network is.....

7,000 users / 4,000 computers

3 main sites + multiple smaller remote locations

100 servers (ad, hyperv, sccm, rds)

3 san (1 main + 2 for the backup system)

network infrastructure, wifi, firewalls, mobiles, phone system

​

IT dept.... 11 people (very limited or basically no outside external support)

5 x 1st Line

3 x 2nd Line

3 x 3rd Line

​

Hi,
We are currently hosting DNS and are looking to move it to the cloud. I have been looking at DNS Made Easy, DNSimple, and Namescheap.
I'm curious if anyone uses any of them and your thoughts.

Hello all

I get below the error when setting up exchange:

I tried to start the service microsoft exchange frontend transport but also i get an error for " the dependency failed to start

Error:

The following error was generated when "$error.Clear(); 

start-SetupService -ServiceName MSExchangeFrontendTransport

" was run: "Microsoft.Exchange.Configuration.Tasks.ServiceDisabledException: Service 'MSExchangeADTopology' is disabled on this server. ---> System.InvalidOperationException: Cannot start service MSExchangeADTopology on computer '.'. ---> System.ComponentModel.Win32Exception: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it

  --- End of inner exception stack trace ---

  at System.ServiceProcess.ServiceController.Start(String[] args)

  at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartServiceWorker(ServiceController serviceController, String[] serviceParameters)

  --- End of inner exception stack trace ---

  at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)

  at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartService(ServiceController serviceController, Boolean ignoreServiceStartTimeout, Boolean failIfServiceNotInstalled, Unlimited`1 maximumWaitTime, String[] serviceParameters)

  at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartService(ServiceController serviceController, Boolean ignoreServiceStartTimeout, Boolean failIfServiceNotInstalled, Unlimited`1 maximumWaitTime, String[] serviceParameters)

  at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartService(String serviceName, Boolean ignoreServiceStartTimeout, Boolean failIfServiceNotInstalled, Unlimited`1 maximumWaitTime, String[] serviceParameters)

  at Microsoft.Exchange.Management.Tasks.StartSetupService.InternalProcessRecord()

  at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()

  at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

Hi all. Thought I would tap the collective wisdom out there. Currently setting up a Synology 1221RP+ with 8 x 12TB spinning disks. We won't need this much storage space for a long time. Primary use is as a backup repository. I happened to find a 480Gb SATA SSD and wondering if it is useful to put that in place of one of the HDs to use as a cache drive? Since this NAS is for backup, would it really even matter?

Hi,

FeatureLockdown (https://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/FeatureLockDown.html) don't work for me on the new version 2024.

Anyone find a fix ?

Someone same problem here https://community.adobe.com/t5/acrobat-reader-discussions/lockable-preferences-not-working/td-p/14499324 but no reply

My understanding is that Canon's ULM is compatible with several of our existing printers, but I can't figure out how to actually purchase it. I've talked to several of my vendors (admittedly none very familiar with Canon). Any advice for me?

I'm de facto sysadmin at our small non-profit but I'm way way out of my depth and have learned so much from this sub!

I will admit it freely, I am lazy and having offloaded most of the services and systems that we used to run am really not inclined to do anything I don't absolutely have to. I am sure I will be called out, so figured I should lead with this.

​

VPNs. They are great, they are useful... but why oh dear why are they so dead set on trying to anonymise 'everything'? Sorry, I forgot to sell secrets to the Talliban, guess I don't really care that you are keeping logs. You know when I do care? When I use a VPN to simulate traffic from another host on a system with a LOT of traffic coming in, fail to take note of the IP the VPN service threw at me, then have to try to guess which of too many entries was me. Just an absolute...

So obviously, the simple answer is forget public services, simply host your own. Brilliant, and I agree. I also refer you to the first entry here, and cordially invite you to get stuffed :P

​

It is well after midnight, I have been self-medicating (Guiness is medicine, this is a hill I will die on) and I have run out patience. Hopefully one of you will have a direction to point me in. Otherwise, I may have to actually bloody do my job and administer a system which really would do a number on that whole 'lazy' thing. 15 minutes of "work" vs wasting hours just seems too much effort.

I need to migrate some large file servers around 22TB of data. I was looking at the Microsoft Storage Migration Service. Anyone ever used it before? Is there a better tool?

Hello All,

I'm a bit new to the legal side of things for Microsoft 365, though I've been a 365 administrator for some years now. I've gone through the eDiscovery process for clients a couple of times, where counsel will request communications involving X, Y, and Z parties that occurred between Jan 20XX and October 20XX, etc. I get that.

However, we recently took over a client (within the past 6 months) from another MSP and they are now being sued by a previous employee (one of the Microsoft 365 users).

The client's attorney contacted me and asked for the user's mailbox, which I was about to happily export for him in its entirety (I asked for more specific information like timelines and topics to help narrow it down, but he wanted the whole thing). Logging into the client's Microsoft 365 tenant, I see that the user is currently unlicensed, and has been for quite some time, which means that their mailbox and its contents have been deleted. I am performing an audit to see who did that and when, but it's not looking like I'll be able to provide that data to them. I'm not sure what the legal ramifications are of that.

The attorney further asked that I "ensure that nothing else is modified or deleted" in their Microsoft 365 environment, as he "needs to be able to prove in a court of law that the contents have not been modified or tampered with". This seems like a tall ask, as I can easily apply an Exchange Plan 2 license to each user (they currently use Business Standard for everyone) and then enable Litigation Hold on each individual mailbox, but the entire environment? I've never heard of that.

So, either the attorney isn't sure what he's talking about, or I am not experienced enough with legal processes involving Microsoft 365.

Any advice or pointers would be greatly appreciated. I am the senior engineer here, so there is no one else internally for me to ask about this process.

As per usual, CFO is trying to save money in any place possible and wants to know why we aren't using Office 2021.

Info about our company:
4 Locations, 100-150 Users, Multiple Domains
All company documents are stored and used in Sharepoint/Onedrive
Current license mix is a mix of Business Basic, Business Standard
High User Turnover Rate
App Usage: Onedrive, Outlook, Excel, Word, Sharepoint, Onenote

Can someone give me the pro's and cons of swapping off M365 / Help me convince him we need M365, or convince me we don't need M365.. I know my life is easier paying the monthly sub, here is what I have so far:

- User leaves, buy new license
- No Updates, Security Updates
- Loss of Sharepoint
- Loss of Desktop backups to OneDrive
- Loss of Mobile Apps

Hey guys, I'm my current role I am expected to own BeyondTrust support however my employer cannot provide me with BeyondTrust university access because I'm currently a contractor. Does anyone have a source for training and understanding this product?

The title says it all. How can my users change their AD password from O365 online? On-premise users can log into the local OWA (Outlook on the web) to do this. O365 migrated users get a message that "You can't change your password here" because the organization doesn't allow it. I turned on the self-service password reset feature in Entra, but that doesn't help either. Anyone know?

EDIT: Sounds like we need Entra Connect installed locally to allow writeback. Thanks everyone.

Hello fellow Sysadmins!
This is my fist post here but i need some guidance.
We are currently facing a issue where Users on Chrome/Edge versions 124.x.x.x are getting stack overflow error messages when navigating/using some websites, all either http or self signed cert.
Installed Edge 123.x.x.x (Latest) and issues immedetly resolved.

Could this have to do something with the latest TLS 1.3 changes?
Its also really great that you cant PIN a Chrome/Edge version or prevent them from updating ...

Any advice is much apreciated!

Have two Windows Server 2022 VMs in Azure, clustered, with a shared disk/csv configured between them. Within that shared disk/volume directory (C:\ClusterStorage\Voume1) I can make a sub-folder and configure advanced sharing on it...but the sharing tab never shows the share path, nor does 'net share' ever show the share as active. The share settings remain applied to the folder, it just doesn't actually share.

Having a hard time finding an answer for this one, or any confirmation from MS on whether folder sharing from a CSV is possible or not. Funny thing is, we switched to CSV because Azure File Share (mapped as SMB) to the VMs also doesn't seem to allow folder sharing, the share tab is completely missing from sub-folder properties, and the KB for AFS mentions nothing about sharing being a limitation, but it does list hard/soft links as not allowed.

I need to be able to configure sharing on sub-folders in one of these solutions, and I think CSV is going to be the winner...I just can't figure out why it's not working. Any ideas?

Trying to find a path to narrow down on

I am in the process of migrating my users to OneDrive. Originally, we had a group policy that moved their documents to an on premises server for backing up. We are getting rid of that server. In the midst of changing group policy using a new OU, I have noticed that when we give ourselves access to the end users OneDrive via the admin portal, we cannot copy over folders using the web link it provides. We are forced to re-create the folder in OneDrive then move the files. This doesn’t work well since a lot of our folders have several files in them and we have lots of folders too. Has anybody ran into this and found a solution? I’m tempted to ignore our plea for doing it on the backend and simply sign in as the end user on the actual one drive site and then have them reset their password when I’m done.

Hello Everyone,

I have been working on a AD modernization Project. Currently in the environment the Domain and Forest Functional levels are in 2008R2. I would like to raise the DFL and FFL level to Windows Server 2016. Since this is a irreversible process, I would like to understand the issues and risks involved with this process if I think to raise the DFL and FFL level from 2008R2 to directly 2016.

What would be the proper path to raise the DFL and FFL level?

As title suggested. I'm being offered a job after contracting with a company for a little over a year. I was laid off from my previous fortune 500 employer and took this contract as a means to survive and it came with a significant paycut.

Now, the IT Director has offered me a perm role but at $15k lower than I was making a year prior before being laid off at another company. He states that it's due to budget reasons but chatter around the office is that the execs just got a fat bonus.

The duties are cake....Network/System Administration for 17 offices spanning across the continental USA mostly on the West/Mid-West and North East/South East regions/states.

Most of the offices are serverless and we are migrating the offices with server infrastructure into Azure.

Networking portion we are swapping out old HP switches for Cisco Meraki.

I travel in between sites on the East Coast as that is my primary region to support.

Bottom line is....what is a good salary for an Sys Admin\IT Manager that supports multiple offices, systems, and networks?

I live in the east region of the USA.

​

​

​

​

​

We are always looking for ways to reduce our attack surface and PDQ Deploy/Inventory deployment/scanning accounts are a frequent concern. We are trying to prevent lateral movement in our organization if any one scanned/deployed-to endpoint is compromised.

Here is my general understanding of how to secure PDQ to prevent lateral movement.

For workstations, create domain service account that is not a member of any AD security groups that is a member of the local administrators group on workstations only. This account is in the "Protected Users" security group which prevents delegation and forces Kerberos communication & disables caching its password on a computer.

For servers, create a second account that is like the first but instead of local admin on workstations, it is only a local admin on servers. It is also in "Protected Users"

For domain controllers, you have to use a DA account if you want to scan/deploy to DCs. The best way to secure Domain controllers seems to be to not use them at all in PDQ for scan/deploy targets.

Now, I know that PDQ supports using LAPS for scanning (and indirectly through using the scanning account for PDQ deploy). We have implemented LAPS in our environment, but there are a few gotchas and config changes you have to make with PDQ to make it play nice with them. With LAPS, you still need an account with read rights to the LAPS password on targets (which is cached on the PDQ server). This architecture seems similar to a "Protected User" account in that it does not let a malicious actor dump a compromised computer's credentials and use a PDQ service account to move laterally in the network.

My question is this. Is using LAPS for PDQ Inventory/Deploy any more secure than a tiered service account that is a member of "Protected Users?" Both methods prevent a leaked password from becoming a wider attack surface in lateral movement cases.

I'm curious if any one is experiencing some issues deleting emails through Explorer in Microsoft Defender. Any time I try to create a remediation to delete a group of emails, the wizard will never finish loading. I can also see the wizard looks like they've change the layout a bit.

https://imgur.com/a/X1gLwzA

Image for some context. I don't see any service health alerts out there for anything that would cover this issue.

​

Hello,
I'm trying to set up a siem out of curiosity and send logs via logstash, but I'm getting an error message that I can't resolve when I try to redirect the logstash to the config file to use with the following command:

/usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/configlogstash.conf

​

Here's the error message:

Using bundled JDK: /usr/share/logstash/jdk

/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/concurrent-ruby-1.1.9/lib/concurrent-ruby/concurrent/executor/java_thread_pool_executor.rb:13: warning: method redefined; discarding old to_int

/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/concurrent-ruby-1.1.9/lib/concurrent-ruby/concurrent/executor/java_thread_pool_executor.rb:13: warning: method redefined; discarding old to_f

WARNING: Could not find logstash.yml which is typically located in $LS_HOME/config or /etc/logstash. You can specify the path using --path.settings. Continuing using the defaults

Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console

[WARN ] 2024-04-23 12:55:42.995 [main] runner - NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases.

[INFO ] 2024-04-23 12:55:43.009 [main] runner - Starting Logstash {"logstash.version"=>"8.13.2", "jruby.version"=>"jruby 9.4.5.0 (3.1.4) 2023-11-02 1abae2700f OpenJDK 64-Bit Server VM 17.0.10+7 on 17.0.10+7 +indy +jit [x86_64-linux]"}

[INFO ] 2024-04-23 12:55:43.012 [main] runner - JVM bootstrap flags: [-Xms1g, -Xmx1g, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djruby.compile.invokedynamic=true, -XX:+HeapDumpOnOutOfMemoryError, -Djava.security.egd=file:/dev/urandom, -Dlog4j2.isThreadContextMapInheritable=true, -Dlogstash.jackson.stream-read-constraints.max-string-length=200000000, -Dlogstash.jackson.stream-read-constraints.max-number-length=10000, -Djruby.regexp.interruptible=true, -Djdk.io.File.enableADS=true, --add-exports=jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED, --add-exports=jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED, --add-exports=jdk.compiler/com.sun.tools.javac.parser=ALL-UNNAMED, --add-exports=jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED, --add-exports=jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED, --add-opens=java.base/java.security=ALL-UNNAMED, --add-opens=java.base/java.io=ALL-UNNAMED, --add-opens=java.base/java.nio.channels=ALL-UNNAMED, --add-opens=java.base/sun.nio.ch=ALL-UNNAMED, --add-opens=java.management/sun.management=ALL-UNNAMED, -Dio.netty.allocator.maxOrder=11]

[INFO ] 2024-04-23 12:55:43.013 [main] runner - Jackson default value override `logstash.jackson.stream-read-constraints.max-string-length` configured to `200000000`

[INFO ] 2024-04-23 12:55:43.019 [main] runner - Jackson default value override `logstash.jackson.stream-read-constraints.max-number-length` configured to `10000`

[WARN ] 2024-04-23 12:55:43.320 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified

[INFO ] 2024-04-23 12:55:44.316 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9601, :ssl_enabled=>false}

[INFO ] 2024-04-23 12:55:44.894 [Converge PipelineAction::Create<main>] Reflections - Reflections took 176 ms to scan 1 urls, producing 132 keys and 468 values

[INFO ] 2024-04-23 12:55:45.325 [Converge PipelineAction::Create<main>] javapipeline - Pipeline `main` is configured with `pipeline.ecs_compatibility: v8` setting. All plugins in this pipeline will default to `ecs_compatibility => v8` unless explicitly configured otherwise.

[INFO ] 2024-04-23 12:55:45.953 [[main]-pipeline-manager] javapipeline - Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>125, "pipeline.sources"=>["/etc/logstash/conf.d/configlogstash.conf"], :thread=>"#<Thread:0x2d45b35 /usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:134 run>"}

[INFO ] 2024-04-23 12:55:46.786 [[main]-pipeline-manager] javapipeline - Pipeline Java execution initialization time {"seconds"=>0.83}

[INFO ] 2024-04-23 12:55:46.790 [[main]-pipeline-manager] beats - Starting input listener {:address=>"0.0.0.0:5085"}

[INFO ] 2024-04-23 12:55:46.803 [[main]-pipeline-manager] javapipeline - Pipeline started {"pipeline.id"=>"main"}

[INFO ] 2024-04-23 12:55:46.813 [Agent thread] agent - Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}

[INFO ] 2024-04-23 12:55:46.903 [[main]<beats] Server - Starting server on port: 5085

[ERROR] 2024-04-23 12:55:53.089 [[main]<beats] javapipeline - A plugin had an unrecoverable error. Will restart this plugin.

Pipeline_id:main

Plugin: <LogStash::Inputs::Beats host=>"0.0.0.0", id=>"3ee8d519edadb3c33f0e1368a1bf79748c901067ccaec345d0d477d85faad486", port=>5085, ssl_enabled=>false, enable_metric=>true, codec=><LogStash::Codecs::Plain id=>"plain_109511a1-8ad6-4f97-b01b-f1d591f00efe", enable_metric=>true, charset=>"UTF-8">, ssl=>false, ssl_client_authentication=>"none", ssl_verify_mode=>"none", ssl_peer_metadata=>false, include_codec_tag=>true, ssl_handshake_timeout=>10000, ssl_cipher_suites=>["TLS_AES_256_GCM_SHA384", "TLS_AES_128_GCM_SHA256", "TLS_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"], ssl_supported_protocols=>["TLSv1.2", "TLSv1.3"], client_inactivity_timeout=>60, executor_threads=>1, event_loop_threads=>0, add_hostname=>false, tls_min_version=>1, tls_max_version=>1.3>

Error: Address already in use

Exception: Java::JavaNet::BindException

Stack: sun.nio.ch.Net.bind0(Native Method)

sun.nio.ch.Net.bind(sun/nio/ch/Net.java:555)

sun.nio.ch.ServerSocketChannelImpl.netBind(sun/nio/ch/ServerSocketChannelImpl.java:337)

sun.nio.ch.ServerSocketChannelImpl.bind(sun/nio/ch/ServerSocketChannelImpl.java:294)

io.netty.channel.socket.nio.NioServerSocketChannel.doBind(io/netty/channel/socket/nio/NioServerSocketChannel.java:141)

io.netty.channel.AbstractChannel$AbstractUnsafe.bind(io/netty/channel/AbstractChannel.java:562)

io.netty.channel.DefaultChannelPipeline$HeadContext.bind(io/netty/channel/DefaultChannelPipeline.java:1334)

io.netty.channel.AbstractChannelHandlerContext.invokeBind(io/netty/channel/AbstractChannelHandlerContext.java:600)

io.netty.channel.AbstractChannelHandlerContext.bind(io/netty/channel/AbstractChannelHandlerContext.java:579)

io.netty.channel.DefaultChannelPipeline.bind(io/netty/channel/DefaultChannelPipeline.java:973)

io.netty.channel.AbstractChannel.bind(io/netty/channel/AbstractChannel.java:260)

io.netty.bootstrap.AbstractBootstrap$2.run(io/netty/bootstrap/AbstractBootstrap.java:356)

io.netty.util.concurrent.AbstractEventExecutor.runTask(io/netty/util/concurrent/AbstractEventExecutor.java:173)

io.netty.util.concurrent.AbstractEventExecutor.safeExecute(io/netty/util/concurrent/AbstractEventExecutor.java:166)

io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(io/netty/util/concurrent/SingleThreadEventExecutor.java:470)

io.netty.channel.nio.NioEventLoop.run(io/netty/channel/nio/NioEventLoop.java:569)

io.netty.util.concurrent.SingleThreadEventExecutor$4.run(io/netty/util/concurrent/SingleThreadEventExecutor.java:997)

io.netty.util.internal.ThreadExecutorMap$2.run(io/netty/util/internal/ThreadExecutorMap.java:74)

io.netty.util.concurrent.FastThreadLocalRunnable.run(io/netty/util/concurrent/FastThreadLocalRunnable.java:30)

java.lang.Thread.run(java/lang/Thread.java:840)

[INFO ] 2024-04-23 12:55:54.099 [[main]<beats] Server - Starting server on port: 5085

And it tries to start in a loop.

This is the only log that shows an error.

I've tried changing the port several times, using the tulnt command to make sure it wasn't being used by another service, but it's always the same.
I can see that it's linked to my input in my logstash configuration file, but I don't know what exactly, so if someone with a little knowledge could give me their opinion, that would be very helpful.

Here's the logstash config file:

input {

beats {

port => 5085

host => "0.0.0.0"

ssl_enabled => false

}

}

output {

syslog {

facility => "local7"

severity => "informational"

host => "collector-eu.devo.io"

port => "443"

appname => "my.app.logstash.allwin"

protocol => "ssl-tcp"

ssl_cert => "/etc/logstash/conf.d/thechain@vst.crt"

ssl_key => "/etc/logstash/conf.d/thekey@vst.key"

ssl_cacert => "/etc/logstash/conf.d/chain.crt"

}

}

Thanks a lot! :)

​

Are there any OneLogin/OneIdentity customers out there?

04 major incidents/outages in 2022 10 major incidents/outages in 2023 05 major incidents/outages in 2024

Our company estimates over a 7 million dollar loss in 2023 alone.

But the thorn in my side and the reason for this post today is the handling of the incident they experienced yesterday…..

A major incident that impacted end user operations for the majority of the business day.

No communication from their customer representatives (they don’t have them anymore) Open up a Priority1 ticket within their ticketing system/call center, only for it to go silent during the course of the business day.
The only communication in the ticket is to check the OneLogin status page.

Then OneLogin/OneIdentity closes the ticket. No comms, no messages, just check the status page.

Is anyone else receiving this same level of customer service?

Hello dear community, I have started a new job as a SysAdmin and feel like an absolute newbie. I have already dealt with M365 and Entra, but I feel like I’m in training. Terms like Conditional Access, ZTNA, Always ON VPN are being thrown at me. I would like to build up my knowledge and learn through self-study. Does anyone have any ideas on the best way to start? YouTube, blogs etc ? Thank you.

Hey all haven't touched this subject in a while and need help. I have 10 laptops that I need to be imaged in a hurry, all the same model no mdt server available don't want to do all these installs by hand. I have 1 completed to sysprep. I have Aomei backupper as a windows pe environment. Not sure how to inject the nvme hdd drivers and get it going on the next 9. Thanks!

I work in a company with no standarisation of tickets/problems, until now the whole system is based on "ye i will remember that" , i m trying to set up ticketing system partialy based on our mailbox with the use of GLPI

Unfortunaty the smtp and imap times are literly unacceptable
my record for now is 43h from sending mail to loading ticket
and 19h from sending follow up till getting mail

i set up smtp notification to be sended every 1min
and 5min for imap

i m starting to be out of ideas whats wrong, i tried changing settings (ssl or not, diffrent mail, diffrent mail provider) and i got no change, i checked logs and didnt find anything unusual

with IMAP i m forced to do manual dowload since read times seems random
with SMTP i kinda have no option

GLPI is hosted on Local Linux Server that have no resoucures problem while using

Any ideas what might be wrong or how to fix it?

I'll be the first to admit I'm sort of the jack of all trades, master of none here, being sysadmin at our company. That being said, starting on April 20th, something has made it way into our network (not sure if external or internal) but whatever ever "it" is, it's slowly going through random users on our AD and trying to login as them. I can see the attempts and the "actor" is just a host names "server". I can't ping it, can't see any IP address, doesn't show up in any of our dns or dhcp. I'm just struggling to keep my sanity here, looking for some advice on how to find the actor.

Only patterns that I can see is the actor will try over and over again on specific, random accounts. Usually it's 12-15 attempts and the account become locked out. Then they wait 20-30 minutes, then they try again.

Help?

The sheer amount of improvements needed by the family-owned company I am trying to help are making my head spin. Let me summarize here so perhaps someone with more experience can advice.

​

Payments: considering various payment processors to send SEPA credit transfer invitations or initiate SEPA direct debt core transfers. The latter requires the customer signing a mandate beforehand.

Receipts: about a hundred payments a year require receipts sent to customers.

Archiving: various kind of documents are flying around without a proper digital archive. More will be added if payments are semi-automated. I think 20 MB (not a refuse, MB not GB) a year would suffice.

Accounting: with no accounting or customer relationship management system in place I am considering to introduce a relational database with the most simple kind of UI. DB disguised as spreadsheet.

​

My quest for semi-automating payments generated another for customers data management and another for documents signing and another for documents archiving. It snowballed.

Have already a bash script to generate pre-signed receipts as PDF from FODT template. Can move up from there. Collect signatures online, perhaps via Contract Generator, add them to FODT and convert to PDFs. Store PDFs in the cheapest storage service, with backups and audit trail, I can find. Script my way through the bank’s API to call for payments. Add status info to any kind of local db. Or to CSV imported in to a spreadsheet. Bare bones.

Even thought about squeezing a headless LibreOffice in my current free VPS and/or coordinating everything with a script running on my router. Documents are so small it may even be capable to complete most of the workflow by itself. But fully fledged SaaS has may advantages. Not saving money but, possibly, saving a lot of time and substantially reducing risk. Mollie+OpenSign+Dropbox+NocoDB could just do everything. What do you think?

At a total loss here.. We have a user who ends up locked out multiple times a day, every day. Confirmed correct password. My only guess is there is phone out there somewhere with her creds trying to log in but she claims there isn't. I have a log running and there are just constant attempts from the user to sign in.

I have this idea of creating a repeatable deciding tree for staff to complete tasks like on-boarding, terminating, etc. I don’t want to create something that they are not going to want to open, or put it in our audit to check to see if the tree is completed. I want to make a simple easy to follow design tree, like termination, unplanned or planned, too this or that. Something they want to use, instead of needing to use.

Our systems are a mix of onprem, cloud, and many different services that have to added manually. With that, I am thinking of a SharePoint site with either a Microsoft Form with if/than or maybe even go down the power automate route to help open links and suggestion what program to use.

So before I put any energy into this, I thought I would ask, do you use something that works, or have experience with something that doesn’t work?

Hello all, forgive me for my ignorance.

We current use Quickbooks Desktop Enterprise v21. I am getting notifications that we need to switch to Quickbooks Desktop 2024, otherwise we will lose features. Does anyone have experience upgrading to 2024, will we indeed lose features if we do not, and are these notifications just a marketing ploy, or is it actually going to interrupt our processes if we do not upgrade.

I am not knowledgeable enough of the changes, so please forgive me. Genuinely looking for help.