Sysadmin
- Dumb Q: How to manage sw licences?
Hello everyone, I hope I came to the right place to ask my stupid question. I'm currently working in a company that stuck way way back in time. I'm talking some people are still working in DOS level back in time. There is some revamping of this in progres, but it's going to be a long run.
The "IT department" (called computing department, lol) consist basically of 2 people, boss and me. Boss loves the old days, he's "happily" using Win XP on his computer and hates everything newer than Win7, although half of everything he tries to do doesn't work there anymore (and don't even start with security of the OS). Anyway... that's about the company background and what to expect.
During currently ongoing upgrades to get this company at least to 21st cwntury, there will be some sw licencing happening. I'm expecting like buying dozens of Office 2021 keys and some other standalone soft too. But there's problem with managing those keys, as there is no precedence, no rules and everything's going to be from the scratch almost. People are coming and going, PCs are dying (remember, there are still some DOS machines), hard drives replacing, etc. etc. Windows domain? Not in this company. Ever.
So, how do you keep track of what is installed and where? Thank you very much.
- Would love some feedback on this UniFi setup
Hello!
My parents are moving to Italy and need a network. They only have 4G. I'm a little lost when it comes to UniFi and looking for some feedback if I've thought of everything and the setup works.
I was thinking Cloud Key 2, VPN Router Express, LTE Router UMR, maybe a U6 Lite AP to complement the one integrated into the Router if the range in the latter is insufficient, and a US-8-60W for power since only the cloud key and the AP would be powered using it. If they want cameras, I wanted to upgrade to CK2+, add G5 Bullets and use the US-8-150W instead.
I'm not sure whether I need the VPN router when the LTE router is already a router, too, but apparently the LTE router is not really integrated into the UniFi system. I need an AP, anyway, to the VPN Router is fine I think.
What do you think? Am I missing something? Thanks in advance.
------
Wait, is the UDR sufficient for the first setup? No cloud key, no vpn router, no switch...
- r/sysadmin and the size of this community
So I have been a part of this community for a while and it seems pretty quiet. I know Lemmy is not as big as Reddit so this community will always be much smaller but I kind of miss the activity on r/sysadmin. Infinity for Reddit still works for view only so I have been scrolling though posts on Reddit as some of the stories and discussion there are fun to read.
With that being said, I think we can work to grow this community a bit. From what I can tell this community is home to a lot of quick posting. I am responsible somewhat as I have posted a bunch of articles. However, I am going to make a point to do longer write ups and I think it would be good we posted some stories. Additionally, I would be more than happy to help setup automatic posting for patch Tuesdays and similar scheduled posts.
As far as growth goes, I think we need to get the word out. A lot of people just do not know that Lemmy is a thing. If we can create some more meaningful posts and get some people to come over here from other platforms then I think this community will grow. I also know that mastodon is a pretty big platform so if we can get some people to engage from mastodon it will help as well.
- New Samba community
I have created a new Samba community on lemmy.sdf.org
You can find it here:
!sambasoftware@lemmy.sdf.org
My goal is to create a support network that is outside of the mailing list.
- VMware security advisories are now non public (from Reddit)
The location of VMware Security Advisories (VMSAs) has changed on May 6, 2024. They are now available from the Broadcom Support Portal. The legacy VMSA URLs still work but are now redirected to the portal, for example: https://www.vmware.com/security/advisories/VMSA-2024-0002.html points to https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23681.
https://blogs.vmware.com/security/2024/05/where-did-my-vmware-security-advisories-go.html
Edit: This Post covers what's going on. (thanks to /u/lost_signal and /u/RoomStrange6413)
Sourced from https://www.reddit.com/r/sysadmin/comments/1cn3uhw/vmware_security_advisories_vmsas_are_now_to_be/
- I had to migrate from Samba AD to Windows Server AD and I'm sad (RIP Samba)
Samba is amazing, Windows server is a lot less so. The problem with Windows server is that it takes tons of steps to do basic things. On Samba I had Samba tool and it was very nice and friendly. On Windows server you have a ton of different management panels.
If there was a way I could hold off I would but due to changing requirements I didn't have much of a choice. (We needed Windows Server bare metal and I was not about to go and buy another machine.)
- How to learn Windows?
Hey all!
I’m a long time Linux user, and I’ve been avoiding it for the good part of the last ~15 years. Most of my Windows experience is from the XP times.
I’ve changed careers from agriculturing to ICT a few years ago (almost done with school), and while I can say I know my way around Linux pretty well, Windows is an alien landscape to me.
I got a job a few years ago as sysadmin (not so much, but still) / IT-support (more), and I find myself struggling to help customers with Windows / handle Windows servers. I would like to change that.
I have no intention on moving my personal computing to Windows due to privacy concerns, which is a bit contradictory to my goals, because AFAIK learning things this way is the “best” approach. It was the case with Linux for me, at least.
While i do learn Windows at my job, I’d like to compliment it with another approach, too.
Do you guys have any suggestions how I could learn Windows (the whole ecosystem, not just end-users computers)? I’d like it to be fun, as I get bored easily (breaking my Linux time and time again was really fun learning method) Maybe fire up some VMs and go from there, somehow? What do you think are the most essential skills for a Windows sysadmin? Active Directory, sure, but what else?
- Joining Fedora Linux to an enterprise domain - Fedora Magazinefedoramagazine.org Joining Fedora Linux to an enterprise domain - Fedora Magazine
Learn how to join your Fedora Linux machines to an enterprise domain and manage them with Fleet Commander.
- New Windows driver blocks software from changing default web browserwww.bleepingcomputer.com New Windows driver blocks software from changing default web browser
Microsoft is now using a Windows driver to prevent users from changing the configured Windows 10 and Windows 11 default browser through software or by manually modifying the Registry.
- Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technicaarstechnica.com Backdoor found in widely used Linux utility breaks encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.
Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.
- VMware may be getting rid of Skyline
I received the below message. It states Skyline Advisor Pro can't be activated after 4/1. This doesn't look good for the Skyline program. I've been using it for a long time and between log assist and the recommendations, i've found it very helpful. I have the Dell integration in place but I haven't really used it much. It's unfortunate that this appears to be getting set out to pasture.
--------------------------
We would like to inform you of some upcoming changes to VMware Skyline's functionality and features, scheduled to take effect on or before April 1, 2024.
These changes are necessary as part of our VMware by Broadcom vision for the future of self-help issue avoidance and diagnostics for VMware Cloud Foundation and VMware vSphere Foundation.
Feature Changes 1 VMware Select Support Effective immediately, Skyline now supports VMware Select Support. This replaces VMware Success 360 (S360) Support, which reached End of Sale (EOS) in May 2023. As with S360 Support, Select Support provides access to Insights Reports, providing insights into the health and performance of your VMware infrastructure.
We highly recommend linking your Select Support Entitlement Account to your CSP Org as soon as possible to ensure seamless access to Skyline's proactive support and Insights Reports.
2 Availability After April 1, 2024
• Skyline Advisor Pro will remain available and fully functional for existing customers.
• Activation of new Skyline Advisor Pro services in new or existing CSP organizations will be discontinued and no longer available.
3 Active Skyline Organizations
Active Skyline Advisor Pro organizations will automatically be upgraded to Select Support level experience in Skyline and have access to Insights Reports. No action is required.
4 Inactive Skyline Organizations Skyline Advisor Pro organizations in an inactive state will be removed from the service.
Customers that have allowed their Skyline service to expire beyond the 60-day grace period must renew their access before April 1, 2024, to continue using Skyline.
5 Organizations in Limited Mode
Skyline Advisor Pro organizations in Limited Mode will be automatically renewed to Skyline at Select Support level experience to ensure full access. No action is required.
6 Technical Adoption Manager (TAM) Engagement
The process for TAM activation will be streamlined. Customers will now have full control over enabling TAM Reports. Once you opt in, no further action is required. The assigned TAM will have access to perform required duties as needed.
7 Integration with Dell's Secure Connect Gateway 5.0
Skyline Advisor Pro's integration with Secure Connect Gateway 5.0 will be discontinued due to the strategic direction of VMware Skyline.
VMware Skyline continues to provide proactive self-service support for your VMware environment. These changes will help deliver on the roadmap for self-help issue avoidance and diagnostics for VMware Cloud Foundation and VMware vSphere Foundation. Please do not hesitate to reach out to our Skyline Community for assistance. We are committed to minimizing any disruptions to your operations.
Thank you for your continued trust in VMware Skyline.
Best Regards, VMware Skyline Team
- VMware got Broadsided and Alternatives in the Post ESXi Era - Everything MSP
YouTube Video
Click to view this content.
- Flex 170 GPU from Intel - Subscription Free GPU Accelerated VDI on Proxmox 8.1 - YouTube
YouTube Video
Click to view this content.
Here is a video about Intel VDI.
- Suggestions for cheap enterprise grade hardware to run linux headless.
Basically what it says in the title. I did a lot of searching in Internet. I think small form factor computers are mt best bet. But I still feel they are costly for my purpose.
I am going to be running some ansible playbooks periodically on the machine. SBCs i looked at either had very high specs for this use case and thus higher price or they had other fratures i dont want like - wifi, graphics card etc.
I am preferring enterprise hardware because this would eventually be used in business where people will not settle for anything less.
- NIST Releases Version 2.0 of Landmark Cybersecurity Frameworkwww.nist.gov NIST Releases Version 2.0 of Landmark Cybersecurity Framework
The agency has finalized the framework’s first major update since its creation in 2014.
NIST is a US government org that releases industry guidlines on best practices for cybersecurity.
I know that infosec and sysadmin work aren't the same, but in my experience it often falls to sysadmins and systems engineers to fill the gaps. Hope this is useful.
- Samba AD via Nix os
I would never put Nix os into production as it is fairly obscure but since there was a interest here in Samba AD I though this might be interesting to some
- Anyone switched to Debian?
Debian has less complexityand is very stable. It has a nice wiki and a Debian system can run for a few years on unattended upgrades.
Edit: this post was originally about cost savings but that is not really a useful metric
- Exporting Sharepoint Online folder permissions to Excel.
Hey guys,
Because of the unclear nature of Sharepoint folder permissions we want to make an export to Excel of each folder and the appropriate rights. Explicit rights only is fine but everything together is also fine.
Having tried and tested for hours I cannot seem to find a working script. Using outdated functions, random errors, etc.
Does anyone know a working script for this? A commercial solution (that does nog charge 4000$per year) is also fine. This is becoming an expensive headache for me.
I have already tried all the usual Google hits as well as ChatGPT. None seem to work but also not work with modern authentication when connecting to Sharepoint using Powershell for example which leads me to suspect they are too old.
- On Call Sleep Question
If you are on call and you receive a call at say 3:45 am and you resolve the issue by 4:30 am. Is it then worth trying to go back to sleep to wake up for work the next day or should you just stay awake and power through it?
I'm asking because this happened to me and I went back to bed, did not feel tired at all and when I eventually fell asleep I got maybe an hour of extra sleep and I felt like complete garbage when my alarm went off and pretty much like that for the remainder of the day. Whereas I feel like if I just stayed awake for the extra time after 4:30 am I might have not felt as bad?
What are your opinions on this?
Edit: I'm appreciating all the responses and taking the information in. Sounds like this is not a clear cut case that is a simple yes do this or no don't do that.
- Good hosting?
Does anyone have recommendations for good VPS Linux hosting places? I used to recommend DigitalOcean, but I'm having a subpar support experience currently that sets off some slight alarm bells such that I might want to look elsewhere. What's good?
- Lenovo starts displaying text in chinese
Honestly all new lenovos have been giving me issues, webcams break, stop charging, except for those black thinkpads.. This one suddenly decided to go display Chinese text and display goes black randomly
- Anydesk 8 removes TCP Tunneling from the free service.
Have been using this for occasional outside broadcasts. It stopped working today. Downgrading to version 7.0.4 fixed it for now. Unfortunately Rustdesk doesn't support reverse tunnels so I'll have to hunt for an alternative method.
- ICANN proposes creating .INTERNAL domainwww.theregister.com ICANN proposes creating .INTERNAL domain
The plan is to keep the world at bay by never recording it in the DNS root – like many already do with a subdomain for an intranet
- What do you use to track BMCs/KVMs/IPMI?
I manage hundreds of servers at work. They each have a BMC (remote power on/off, reset, KVM, etc) and we need to use those features frequently. I've been using a Google Docs spreadsheet to track their URLs, what each box is used for, specs, etc but it feels like a dynamic web app would be better for this purpose. Does anyone use anything like this? Did you make your own?
- What crazy or unusual things are you guys working on?
I read someone was trying to get Samba AD working in a container and now I am curious what else you guys are working on.
(PS: If that someone is still working on it you might try running DNS and LDAP in separate containers with samba running bare metal. Samba nor Linux supports windows distributed filesystems so you likely need either a central file share or rsync.)
- Leaving VMware? Consider these 5 FOSS hypervisors • The Registerwww.theregister.com Leaving VMware? Consider these 5 FOSS hypervisors
These suggestions are like our principles. If you don't like 'em ... we have others
- What are you guys using for RMM these days?
I'm looking into building a new remote management with mesh VPNs but it may turn out not to be practical.
- VMWare FUD. Anyone moving away from it professionally?
I've been seeing a lot of doom and gloom about VMware. The cutting of services and licensing changes of the cost of core offerings are huge issues. Is anyone planning or budgeting to change to another hypervisor? If so what?
- Rustdesk: a open source remote desktop software
About a year ago I introduced Rustdesk as an experiment. For those who don't know Rustdesk is a piece of software that allows remote access. You can use the public servers or you can use your own private server.
It has been a massive success and a game changer in my company. The biggest benefit to Rustdesk is that it allows you not only to share your screen but to connect to other peoples screens. That doesn't sound like much of a game changer but having a simple UI that can be taught to people that aren't tech savvy is very useful. It has powered collaboration internally.
I just thought I'd share my experiences.
- How often do you make a back up?
I was wondering how often does one choose to make and keep back ups. I know that “It depends on your business needs”, but that is rather vague and unsatisfying, so I was hoping to hear some heuristics from the community. Like say I had a workstation/desktop that is acting as a server at a shop (taking inventory / sales receipts) and would be using something like timeshift to keep snapshots. I feel like keeping two daily and a weekly would be alright for a store, since the two most recent would not be too old or something. I also feel like using the hourly snapshots would be too taxing on a CPU and might be using to much disk space.
- Tailscale as a tool for PCI compliance (to avoid port forwarding)
So I recently discovered that the camera NVRs are majority insecure. This lead to my company failing to get PCI compliance which wasn't all that unexpected. However, this leads to the awkward situation of me comparing mesh VPNs. I've been playing around with netbird but I'm looking for a more polished solution.
Do any of you use Tailscale in a corporate environment? If so how well does it work and is there any major pain points?
Edit: I gave up on Tailscale as it was a pain in the ass. I'll just use Netbird with a reverse proxy for the cameras.
- Sunshine streaming for employee remote work?
Has anyone used sunshine/moonlight for low latency remote desktop? I've used it for remote gaming but I since I've had good experiences I though it might be testing for work.
For testing I've used it to access my local machine but that's it.
- Happy New Year!
It's the last Friday before the New Year. Like myself, many of you will be starting their on-call rotation.
To all my brothers and sisters in arms, I wish you a quiet and relaxing New Year's weekend. May your DNS be accurate, your switches be resilient, and your uptimes be high.
Cheers!
- XCP-NG with XOSTOR working? - Infosec.Pubinfosec.pub XCP-NG with XOSTOR working? - Infosec.Pub
I have started trying out xcp-ng as an alternative to VMWare solutions for virtualization. Currently I have setup 3 VMs of xcp-ng v8.2.1. I have also setup Xen Orxhestra build from source. I wanted to try out XOSTOR solution for shared storage. I have followed instructiins mentioned in the forum: ht...
- Weird problem driving me crazy (Win, Domain, Network)
[Update:Solution]
It was my router which set STP on by default. Switching it off (in smaller networks) or using RSTP made the delays go away.
[/Update]
Hóla!
For a long time I've got this horribly annoying problem: Upon bootup, ANY domain-machine that is using LAN (no probs with wireless) has an idle-time with "there's no network!" of about 1-2mins until they discovered the network. BUT only windows-machines. Linux boxes get net instantly. Also on LAN.
Setup: 2 Domaincontrollers, Server2019. Both are DNS, one is DHCP and NPS for WIFI. All machines have fixed IPs, the DHCP is just for wireless clients.
I have tried everything I could think of, like NIC-Drivers, OpenDHCP, temporarily changed the switch from a managed one to a dumb one, changed the NIC in the server, let only one DC be alive at a time, rejoined the domain, the usual sfc/dism-approach and whatnot.
I asked once on reddit, but everyone just told me "that's DHCP!", yet it's (seemingly at least) not. All have fixed IPs, but using dhcp doesn't change a thing.
So I'm clueless again, hoping for some nerd that's nerdier than me to have an idea :)
- bad battery?
I opened my laptop for unrelated reasons and was greeted by a slightly bloated battery. Idk if the picture makes it clear, but the individual segments of the battery have slightly raised above the solid structure pieces in between. Laptop is just over a year old. I have already contacted the manufacturer, but with the holidays and everything I'm not sure when I'll get an answer.
Basically, I'm worried about the potential danger. I use my laptop a lot (usually plugged in). Since the battery seems to be screwed in and not glued, I could just take it out, but idk if that would be better than just leaving it in until the manufacturer sends me a new one or has me send it in for battery replacement.
Also, I hope that consumer hardware posts like this are accepted in this community. The rules at least don't state otherwise.
Edit: thank you all for your comments. I brought the bloated battery to a recycling center the day after I made this post. Communication with Medion support eventually led to me talking to a very pleasant service technician on the phone. He sent me a new battery, which I just installed. Everything is working great again.
- A Sysadmin Christmas Poem
I wrote this a Christmas or two ago and thought it would be nice to share to any of us out there dutifully on call.
'Twas the night before Cristmas and all 'cross the web I was browsing through Discord, installed from a deb Not a user was working; the servers were quiet I perused a new webapp, thinking to try it When just like the spider, my senses did tingle Somewhere I knew of the plight of Chris Kringle I jumped out my chair, nearly fell 'ver my pooch Waded through wires and gave boxes a scooch I got out the door and eyes raised towards my roof What I saw was a joke, certainly just a goof For a fat jolly man sat so pondering prone With a quizzical look he was locked to his phone Not certain my role here not wanting to bother But asserting my role in this house as the father I shouted up top "Hey there Santa, what's cookin? Do you need some help? There's concern how you're lookin?" He called down to me "Oh shucks there dear boy I hate this here phone, this ridiculous toy The elves say to use it to guide my big flight But I can't seem see it cuz the screen's not too bright. It's always rerouting, about traffic it's warning, At this rate I'll still have the toys by the morning! My route's in the air not on parkways below, And I'll not be deterred by rain sleet or snow." "Well Santa," I said only wanting to help "The reviews for sleigh flight are quite poor here on Yelp. What you need it to switch your nav mode to airborne, Not walking or driving, so don't be forlorn. Just unlock the screen and hand it to me, I'll get you fixed up and erase your worry." He handed it to me and to my surprise Not an android or iphone sat front of my eyes But a candy cane brick whose innards were magic I worried for now of an outcome most tragic But just then I spied it way up at the top The icon whose presence made mystery stop "Santa look up here this tiny white car, 'Tis the icon that's stopping you from getting far. You're mapping as if you're a car on the ground Which is not too correct for you getting around. We can change it to sleigh flight by tapping right here, It'll also find stops where to rest your reindeer! Let's crank up the brightness by moving this slider To help your eyes rest and not stay open wider. Lastly let's stream you some music to play, Maybe TSO? How 'bout Michael Buble?" A genuine smile platered St. Nicholas' face His worries were gone, vanished not with a trace. "On this night here my friend you feel proud of yourself The magic you did is like that of an elf! I'm awed how you fix all this digital stuff, I used to think reindeer and stockings were tough, But now I can see that the world is a changing And the skills that I use need to do some exchanging. Now that it's working I really must go To deliver the presents 'fore roosters will crow. Speaking of morning, why are you awake? 'Tis well after midnight unless I mistake?" I had but a chuckle, "Oh Santa don't dread, For I'm an IT guy and hate going to bed! There's a little more lemmy and masto to browsey I'll likely spend 3 to 4 hours this drowsy!" He chuckled, "OK, if that's how it works You enjoy all your trolling, browsing and lurks!" He hopped on his ride, took a seat, grabbed a reign And started to hum with Mariah's refrain. As he took to the air he gave pause to his song, "Merry christmas to you, may your uptimes be long!"
- Broadcom ends VMware perpetual license sales, testing customers and partnersarstechnica.com Broadcom ends VMware perpetual license sales, testing customers and partners
Already-purchased licenses can still be used but will eventually lose support.
Just what the world needs, more software subscriptions. /s
Though we are talking about Broadcom, so I can't say I am surprised.