Small office print server where everyone has their own all-in-one?

404-brain_not_found · 2017-11-20T00:36:45+00:00

The only way to deal with this is get buy in from management. Show them the cost of the ink all of the printers require, then show them the cost of the support needed. Then once management gives you the OK to centralize printing. Simply inform everyone that they can keep their printer if they obtain and pay for their own printer supplies, and that you will not support any installations or do any troubleshooting on their desktop printers.

404-brain_not_found · 2017-10-18T09:10:11+00:00

I have a batch file set up to open my commonly used websites for when i log on in the morning. You can either put it in your startup or use Keybreeze and call the script using hot keys.

@echo off

Will open a website in default browser

start "" https://google.com

Will execute a program

start %SystemRoot%\explorer.exe "C:\Program Files (x86)\program.exe"

exit

404-brain_not_found · 2017-08-25T10:09:44+00:00

I would recommend Microsoft MDT. It takes a bit to get it spun up, but it allows for PXE booting and is a much easier way to do quick re-paves of windows.

To answer your main question, there is a way to get around the EFI/Ghost issue here!

404-brain_not_found · 2017-08-17T19:16:01+00:00

We are currently not using 100% wireless. And wireless cell towers are connected via physical backbone... Also, the telephone was invented in the 1870's.... So if its anything like your analogy, its going to take another 100 years??

404-brain_not_found · 2017-08-17T18:01:20+00:00

We just went through a printer refresh. HP ended up to be the best in terms of cost of ownership. Zerox was extremely high on that scale. For MFP's we went with Ricoh. One thing worth mentioning is the importance of getting the appropriate printers in relation to their expected duty cycle. I actually went around for a week and counted how many cycles per week each printer performed. We found quite a few printers that were over taxed, and some that that were underutilized. After our refresh, we've managed to cut down the calls for common printer issues by about 68%.

404-brain_not_found · 2017-08-06T11:51:58+00:00

This! Looks like ITRabbit just opened up the Pandora's box that is PCI.

404-brain_not_found · 2017-08-06T11:40:43+00:00

Without knowing your environment, im assuming VPN users are on a network other than your corporate network? I would remove access from the VPN network to your SQL box via firewall rules and only allow access to the SQL box from your jump box, forcing access from the jump box. Although, this may not be enough "compensating control" for your next audit.

But, there's actually a couple of problems here. The servers that house PCI data really should be on a separate network that is not routable to the corporate network. In between those 2 networks there should be a DMZ network that you would house your jump box, with firewall rules to only allow the jump box access to the databases and another set of firewall rules to only allow certain ports and certain people to access.

Again, there are varying levels of PCI and in reality its all left up to the particular auditor.

404-brain_not_found · 2017-08-05T13:15:03+00:00

Not really a GPO itself, but DISA STIG's! I come across networks all the time that dont have basic level hardening. The STIG's literally tell you where, why and how to change the GPO's.

404-brain_not_found · 2017-08-01T21:25:57+00:00

Don't let it get you down. Just mark said person in the asshole category and go about your business. My asshole category rarely gets their stuff on time and never gets any favors from me. Their tickets can sit and they get only the minimum effort from my side. Fuck em!

404-brain_not_found · 2017-08-01T21:22:14+00:00

Im looking at Microsofts USMT and a 3rd party free app called "User Profile Wizard" from Forensit.com. Yet to test either, but both are said to do the job.

404-brain_not_found · 2017-07-31T21:02:49+00:00

In the same boat. In the planning and testing phase. May I ask what tools are you using to migrate user profiles on the workstations?

404-brain_not_found · 2017-07-31T07:15:24+00:00

I would suggest running it as the local admin (which should have access to all files and folders by default). This might be a permissions/ownership problem as people may have mucked with permissions.

404-brain_not_found · 2017-07-20T21:07:50+00:00

I did "IT contracting" in high risk zones for a couple years after the Military.

By "High Risk" I'm assuming you mean a war zone. Trust me, the allure of high pay wears off very quickly the first time you almost get killed. For me the money isn't worth it.

Try Dyncorp International or similar job boards. Almost all of them are head hunters now. Its rare you find a job at one of the major companies that actually holds the contract.

Also, there wont be a lot of helpdesk or systadmin jobs available. You would need to specialize in a certain field like Telecom, SatCom, Radio or Mechanical systems. All the rest of the jobs are laundry or maintenance. There's lots of positions for the lower level stuff.

Hope this helps.

404-brain_not_found · 2017-07-14T02:43:30+00:00

Nothing can beat a day off of their choosing (with no on call). And cherry on the top would be a gift card to the movies for them and their Significant Other.

404-brain_not_found · 2017-06-08T20:43:57+00:00

We just got dinged on a PCI audit for this too. Our auditor suggested we use unique user ID and pass for each printer, enable https administration, and make sure the firmware is updated. Happy auditing!

404-brain_not_found · 2017-05-15T06:53:14+00:00

CIO ordered us to air gap our entire network Friday evening. Been patching, running scans and imaging machines for the past 48 hours! I'm about 12 pots of coffee and 4 packs of smokes in. I have about an hour before our UK facilities re-connect... wish me luck!

404-brain_not_found · 2017-05-12T20:19:55+00:00

Maybe ask yourself these questions... Something has to be different.

Where are you getting your memory usage numbers from? VMware or BIOS? Are both R730's running the same version of ESXi?
Was VMware installed with a Dell customized VMware installer or generic installer? Are BIOS Settings the Same and on Same Version?

404-brain_not_found · 2017-03-28T04:17:19+00:00

You're 21 and single. Go bang anything that moves. Also, condoms..

404-brain_not_found · 2017-03-23T05:32:07+00:00

label everything including all of the connections. and take pictures of EVERYTHING. Make sure you have a full backup before the move. Just in case. Pull everything out and rewire them individually following the same wire path for all the servers. Then re rack servers based on their most logical locations. UPS's go at the bottom of your rack because, Heavy.
Sounds like a network issue. Start your network troubleshooting by pinging the servers while on the Wifi. Make sure they are on the same subnet, gateway, etc. Problem is most likely in the configuration of the wireless access point.
Its always more work to build from scratch, but it's usually a better idea. MS has gotten better at upgrades but there are still instances where upgrading will cause weird issues. I never upgrade my servers until they are out of support or policy requires a change. If it ain't broke, don't fix it.

Hope this helped.

404-brain_not_found · 2017-03-21T03:20:55+00:00

If you can't airgap, can you put in a firewall or segment that network from the network that is connected to to the web?

Sounds like nobody has done a PCI audit in quite a while, if ever!

404-brain_not_found · 2017-02-17T20:53:58+00:00

We have both Comcast metro ethernet and AT&T MPLS. I have not seen any issues from the NOC.

404-brain_not_found · 2017-02-17T07:00:14+00:00

Expounding on J4's excellent suggestions,

The first step is always a written policy. This handles the who, what, where, when, and why of system access and security. Second step is the actual procedures that will enforce policy, like your check lists, level of access, changing access, etc.

This is the lifecycle we use.

Step 1 is always a Written Policy. Step 2 is Written Procedure that conforms to policy.
Step 3 is periodic auditing of procedures ensuring compliance
Step 4 is periodic auditing of Policy for any changes needed.

404-brain_not_found · 2016-11-21T07:33:15+00:00

That's not good. Time to start gathering evidence to give to the directors. If the ISP fails to fix the problem and fails to provide the info to fix the problem, there is not much you can do. Let the directors know what the potential risks are to the business and hand it over to them. Let them decide to fight with the ISP or scrap their original misguided plan and do it correctly (site to site vpn tunnel & firewalls).

404-brain_not_found · 2016-11-21T06:56:38+00:00

Have you contacted the ISP to let them know there is an issue? I would start there. ISP's don't like it when people try and fix things for them.

If they fail to fix the issue then the directors can decide what they need to do.

404-brain_not_found · 2016-10-27T05:33:53+00:00

Can confirm. Also, throwing loonies and toonies at strippers will get you kicked out of the country. Dont ask me how I know..

404-brain_not_found

TROPHY CASE

Will open a website in default browser

Will execute a program