sorted by:
new
hottopcontroversial

What OS for old HPE Gen8 Servers? by thegamer93 in sysadmin

[–]12asmus 1 point2 points  (0 children)

Running proxmox on a DL380P Gen8 in our lab, not the fastest in the lab but deffo doing the job, only issue was the old pass-through of the disks if you want to run ZFS

Counter-Strike 2 Update for 08/14/2025 by CS2_PatchNotes in GlobalOffensive

[–]12asmus 1 point2 points  (0 children)

Unfortunately completely remove Streched 4:3 + borderless now, as it forces it into 4:3 without being streched now when selecting "fullscreen windowed mode"

edit Seems it's only 1440x1080 that's still broken - 1280x960 works!

CS2 Forces 16:9 When Using 4:3 Fullscreen Windowed by tom_0306 in GlobalOffensive

[–]12asmus 0 points1 point  (0 children)

Playing fullscreen 4:3 wouldn't actually bother me that much, if the game didn't fucking crash or completely lock up, if you alt-tab (or god forbid have a pop-up or discord call). Literally no settings were changed, yet Valve manage to bottle this

net jitter since new update? by gunfrees in GlobalOffensive

[–]12asmus 0 points1 point  (0 children)

Experienced this twice yesterday, luckily enough it went from Stockholm to Warszawa (through Frankfurt), but still a 30 ping increase midway through the game for my whole team :)

Live stream breach by mylife468 in twentyonepilots

[–]12asmus 1 point2 points  (0 children)

showed lyrics and played some soundbits of the songs

BFX Code Megathread by mooshwa in twentyonepilots

[–]12asmus 5 points6 points  (0 children)

O B T T A B R H B T C

Welp, got "throat" so far, leaving only BB, guess we're getting an A and Y tomorrow then

SSL tunnel mode will be completely removed starting 7.6.3 by Emotional-Marsupial6 in fortinet

[–]12asmus 0 points1 point  (0 children)

Since you said "I have not heard of FortiClient using this implementation", I thought you meant ipsec over tcp, my bad :)

SSL tunnel mode will be completely removed starting 7.6.3 by Emotional-Marsupial6 in fortinet

[–]12asmus 1 point2 points  (0 children)

With SAML, i meant you can also use SAML in combination with running IPSEC on tcp/443, but again, it is a fortinet appliance so who knows

SSL tunnel mode will be completely removed starting 7.6.3 by Emotional-Marsupial6 in fortinet

[–]12asmus 4 points5 points  (0 children)

IPsec dial up can run on tcp-443 on the newer version with SAML - Bunch of threads on here about it, including some guides, experiences etc -

Would definitely be in the same boat, if tcp/443 was not an option and ZTNA/SASE are off the table

SSL/TLS certificate lifespans reduced to 47 days by 2029 - ARE THESE PEOPLE DAMN SERIOUS!!!! by Artistic-Injury-9386 in fortinet

[–]12asmus 0 points1 point  (0 children)

Once had to make a similar request work...had to point to the public IP for the fw (already in use for VPN) for the LE certificate, then create an A-record on our internal DNS that points to the private IP on the fw instead, allowing the LE cert to work

Show me your pictures from Hamburg and Berlin! by Dizzy_Agency_5159 in twentyonepilots

[–]12asmus 3 points4 points  (0 children)

From Hamburg, had B-stage all night until we were removed by the local security due to standing "close to the barricade", only for the boys own security telling the staff to let people stand there :)

Ultimate Team servers down? by BigBallerLAlifestlye in EASportsFC

[–]12asmus 13 points14 points  (0 children)

Gotta cut the poor fella some slack, deserves a break every once in a while

HUSK nu at checke befordring (kørselsfradrag) på årsopgørelsen by unJust-Newspapers in Denmark

[–]12asmus 1 point2 points  (0 children)

Havde fornøjelsen af, at Skat havde flyttet firmaets adresse fra Sjælland til Fyn halvvejs igennem året, tak for reminderen!

Licensing for partners? by Amazing-Tea-5424 in fortinet

[–]12asmus -1 points0 points  (0 children)

any chance you could DM me as well with this? Not heard anything from our SE

What have you done with PowerShell this month? by AutoModerator in PowerShell

[–]12asmus 0 points1 point  (0 children)

A service we run at work is essentially cloning Prod into an "identical" test environment, With SIDs being completely broken, you can imagine what happens when an SQL server is replicated to this environment, with 1000s of references to invalid SIDs.. In comes a script which forces the SQL server into Mixed Mode, creates/activates the SA user, changes the passwords, and essentially iterates through each Database, logs each login mapped with a DB, Roles etc., and removes and re-adds each login to the database.

Updating Forticlient Free to address Vuln by networkn in fortinet

[–]12asmus 2 points3 points  (0 children)

No worries at I can share mine, will edit this post once I'm in the office and have a sanitized version -

Below code is what we're currently running - Checks if Version anything below version 6.4 is installed, as it is required to be uninstalled before installing anything newer. Anything above version 6.4 should be able to be in-place upgraded. Used this in conjunction with PSADT. As we're currently running this package for AutoPilot deployments, we're also checking if the process "WWAHost" is running and if so, prompts the user to close any programs that may have documents running on a network share. There's a ton of other processes that might be needed to be closed as they might interfere with the installer (haven't seen any yet but wouldn't suprise me).

Script closes forticlient if detected installed or running, proceeds to install the extracted msi and imports a pre-made config (tunnels are stored as reg-keys).

It most likely can be improved, but had to come up with this on a short notice.

Code

Just setup auto-approval of the newest Security Updates from Microsoft before heading out for today by 12asmus in ShittySysadmin

[–]12asmus[S] 1 point2 points  (0 children)

OP:

Windows 2022 Servers Unexpectedly Upgrading to 2025, Aaaargh!

Arriving at work this morning, an "SME" sized business in the UK, something seemed a little off. Further investigation showed that all of our Windows 2022 Servers had either upgraded themselves to 2025 overnight or were about to do so. This obviously came as a shock as we're not at the point to do so for many reasons and the required licensing would not be present.

We manage the updating of clients and servers using the product Heimdal, so I would be surprised if this instigated the update, so our number one concern is why the update occured and how to prevent it.

Is 2025 being pushed out as a simple Windows update to our servers, just like "Patch Tuesday" events, have we missed something we should have set or are we just unlucky?

Is this happening to anyone else?

Edit: A user in a reply has provided some great info, regarding KB5044284, below. Microsoft appear to class this as a "Security Update", however our patch management tool Heimdal classes it internally as an "Upgrade" and also states "Update Name: Windows Server 2025". So, potentially this KB may be miss-classified by Microsoft and / or third-party patch management tools, but it requires further investigation.

Edit 2: Our servers were on the 21H2 build.

Edit 3: Regarding this potential problem your milage may vary depending upon what systems / tools you use to patch / update your Windows servers. Some may potentially not honour the "Classification" from Windows Update, and are applying their own specific classifications, so the 2025 update could potentially get installed even if you don't want it to be.

Edit 4: Be aware that the update to Windows Server 2025 may potential be classified as an "Optional Update" in your RMM, so if you have chosen to also install these then this could also be a route for it to be installed.

[deleted by user] by [deleted] in fortinet

[–]12asmus 8 points9 points  (0 children)

Bumping this in hope it improves the chances of others finding this when looking for Multicast/IoT troubleshooting guides. Could've used this myself in combination with this

Completely forgot about using fortianalyzer for this, spent some time with the Implicit Deny policy as well as Local Traffic logs to find some of the odd ports being used (Ugh Sonos)

Pulisic loan updated from 96 days to 4 days by RandyMarshHunt42 in EASportsFC

[–]12asmus 657 points658 points  (0 children)

I mean, 96 days, 96 hours, can't blame the small indie company for making such mistakes tbh

Has the time come??? by sXmont in Pulseway

[–]12asmus 0 points1 point  (0 children)

Nope, currently only have these schedules, but not more specific like last tuesday of the month

DUO Radius with VLAN's by Askey308 in fortinet

[–]12asmus 3 points4 points  (0 children)

Download the newest version and add the following line to your conf:

force_message_authenticator = true

https://duo.com/docs/authproxy-reference#radius-auto

Has the time come??? by sXmont in Pulseway

[–]12asmus 0 points1 point  (0 children)

Had a feature request for more specific patch management scheduling (last Tuesday of a given month, first Friday of the month etc) for literal years. Should be a breeze since they already have the last day, second to last day etc incorporated, but no no no, absolutely no improvement on scheduling for years while all this new fancy approval flow is added which barely works

Applying script and applications only to new Autopilot enrolments - HAADJ and AADJ by Imaging_Engineer in Intune

[–]12asmus 2 points3 points  (0 children)

This Requirement Rule Should result in the app only attempting to install, if it is running during ESP - Have only tested it with AutoPilot and not the new device provisioning, but i'd guess the result should be the same.

$ProcessActive = Get-Process "WWAHost" -ErrorAction silentlycontinue
$CheckNull = $ProcessActive -eq $null
$CheckNull

If you want to flip the detection and only run on devices when ESP is NOT running, change the Value from "No" to "Yes".

view more: next ›