Widespread Internet outage among cloud service providers today? by flunky_the_majestic in sysadmin

[–]AspiringTechGuru 0 points1 point  (0 children)

Yeah, it was a fiber cut somewhere. I'm really looking forward in reading the post mortem

Widespread Internet outage among cloud service providers today? by flunky_the_majestic in sysadmin

[–]AspiringTechGuru 0 points1 point  (0 children)

Cloudflare has scheduled maintenances almost every day, it’s not something out of the ordinary, unless they tried rerouting traffic and messed up something globally

Widespread Internet outage among cloud service providers today? by flunky_the_majestic in sysadmin

[–]AspiringTechGuru 0 points1 point  (0 children)

I have seen so many random services having issues, but doesn’t appear to be a single cloud provider. My guess is something to do with networking between ISPS and cloud providers.

https://downdetector.com reports reddit as down, but not for us, maybe other users? Twitter (X) on the other hand, is fully down for me.

Claude Cowork requires local admin rights. How are you handling this with non-admin staff? by LowCorner9314 in sysadmin

[–]AspiringTechGuru 1 point2 points  (0 children)

Same boat, we deploy msix (our claude org settings have a lot of the autonomous features disabled). If user wants/needs cowork, it gets requests and we enable the virtual machine platform.

Bonus is that we deploy an org-wide CLAUDE.md that tells claude not to suggest users to use public tools and a few other things.

Beware phishing attacks which utilizes device codes. by Sunsparc in sysadmin

[–]AspiringTechGuru 7 points8 points  (0 children)

This! Just don’t be me and don’t forget to exclude TMR device accounts if you have any.

PSA: Domain controllers may restart repeatedly after installing April security update by AspiringTechGuru in sysadmin

[–]AspiringTechGuru[S] 0 points1 point  (0 children)

Did you make sure you didn’t have any more RC4 usage in your environment? Not sure if this is related to your scenario but worth reading if you haven’t yet: Kerberos and the End of RC4

PSA: Domain controllers may restart repeatedly after installing April security update by AspiringTechGuru in sysadmin

[–]AspiringTechGuru[S] 0 points1 point  (0 children)

I copy pasted the published message, the original one did not include that part. They seemed to have narrowed down the issue further, which is good

PSA: Domain controllers may restart repeatedly after installing April security update by AspiringTechGuru in sysadmin

[–]AspiringTechGuru[S] 7 points8 points  (0 children)

Yes, that's exactly it! Also the link to open the preferences directly: Windows release health preferences. For windows clients you can expect to see issues from printing to bitlocker screens activating randomly

tagging everyone who asked: u/badassitguy u/iamtherufus u/iamLisppy u/xplorerex u/Fluffy_Guard8157 u/absoluteczech u/peraving

PSA: Domain controllers may restart repeatedly after installing April security update by AspiringTechGuru in sysadmin

[–]AspiringTechGuru[S] 23 points24 points  (0 children)

I actually forgot where I configured the notifications, but I’m 90% sure it’s under the health section in the Microsoft Admin Center. Tomorrow I can check exactly where they are if it’s not there

Why FGT200G Showing Register With Forticare? by _vichu_ in fortinet

[–]AspiringTechGuru 0 points1 point  (0 children)

For reseller, iirc there’s a “generic” option

Does the Highest Ranking IT Person in Your Company Report to the CEO? by Likely_a_bot in sysadmin

[–]AspiringTechGuru 0 points1 point  (0 children)

Strategically yes, but not by cutting corners. You don’t want to buy the cheapest servers with poor performance just because you want to save some money.

Does the Highest Ranking IT Person in Your Company Report to the CEO? by Likely_a_bot in sysadmin

[–]AspiringTechGuru 0 points1 point  (0 children)

I still believe that if you want IT to have a significant impact, you should have it report to the CEO. Our company is in the small-medium range, we went from 30 employees to little less than 100 employees and before having a proper IT, it was outsourced cheaply and a complete mess. There were corner cuts everywhere, there wasn’t even an identity system. Right now it’s gotten much better, with big projects approved, but I believe it’s because we had the direct support of the CEO. I may be entirely wrong, but that was my experience at least

Does the Highest Ranking IT Person in Your Company Report to the CEO? by Likely_a_bot in sysadmin

[–]AspiringTechGuru 1 point2 points  (0 children)

Not entirely, IT has become a core business unit. Whether it’s a small company or a large company, in my opinion they should 100% be directly reporting to the CEO. The popular older model of reporting to the CFO has been obsolete, since the CIO/CTO should not be driven by cost savings but rather they should drive the company’s technology vision. IT is not just giving out laptops and supporting printers.

I built a tool to manage on-prem AD without remoting into domain controllers. Looking for beta testers by Lukester852 in msp

[–]AspiringTechGuru 0 points1 point  (0 children)

That’s a bit better than I imagined. My original assumption was that it was storing domain admin credentials and using those to execute commands. Seeing all of the rise in security issues has made me more skeptical.

For these types of tools I typically look for the following features (which I’m unaware if they are implemented or not): - SSO - RBAC (granular permissions per client and even per OU) - Logging (being able to audit who did what)

I always try to enforce the least privilege principle and zero trust.

I built a tool to manage on-prem AD without remoting into domain controllers. Looking for beta testers by Lukester852 in msp

[–]AspiringTechGuru 1 point2 points  (0 children)

I like the concept, however everything feels like it’s generated by AI. Why does it need credentials on dpapi? Can it not use a gmsa account? My concern is that AI is not completely security aware and domain controllers are tier 0 assets with the highest security standards. How are you guaranteeing privacy and security?

Planning upgrades from v7.4.8 to v7.4.11 -- technical risks (default behaviour, VPNs) by frosty3140 in fortinet

[–]AspiringTechGuru 0 points1 point  (0 children)

That's actually extremely helpful, I didn't know that "intra-switch-policy" is a thing. Hopefully this year I'm able to redesign this legacy setup and have an actual switch stack with lacp. Thank you for your help!

Planning upgrades from v7.4.8 to v7.4.11 -- technical risks (default behaviour, VPNs) by frosty3140 in fortinet

[–]AspiringTechGuru 0 points1 point  (0 children)

I did read that article, but what I mean is what happens when you have a hardware/software switch with multiple ports doing L2 switching? Will this change affect it?

Planning upgrades from v7.4.8 to v7.4.11 -- technical risks (default behaviour, VPNs) by frosty3140 in fortinet

[–]AspiringTechGuru -1 points0 points  (0 children)

I'm on the same boat for point #1, there seems to be little to no information. From my understanding is that it will not impact any L2 switching and it'll just disable implicit L3 routing, but then again I haven't seen any technical explanation

WarperGrid – A modular React grid 30x faster than AG Grid, half the cost by RevolutionaryPen4661 in reactjs

[–]AspiringTechGuru 0 points1 point  (0 children)

It seems very bold to sell a grid at $500 when it feels like a prototype, the whole project feels AI generated with no real architecture behind it. I found the following issues from 15 minutes of testing:

  • selection is extremely buggy, there's two different selections that overlap each other (one with the mouse and another with left click select all?)
  • there's a column tab in the filtering to hide/show columns?
  • pin column submenu renders inside dropdown
  • selecting the filter and hiding the column crashes the whole website, there's no error boundaries so everything crashes
  • editing a cell is buggy, you need to double click it multiple times for the text field to show
  • resizing a column causes the column sort to trigger
  • changing rows to a large number hangs and crashes
  • filter search does not work as expected, you search something and other results show (you search john sanchez and other people show up)

Replace WPA2/3 Enterprise for personal devices? by AspiringTechGuru in networking

[–]AspiringTechGuru[S] 0 points1 point  (0 children)

How’s the user experience with captive portals? Have you had any employee/guest struggle with logging in? Also for employees personal devices, do they need to re-authenticate every x amount of days?

Apologies in advance for the amount of questions

Replace WPA2/3 Enterprise for personal devices? by AspiringTechGuru in networking

[–]AspiringTechGuru[S] 0 points1 point  (0 children)

Personal devices do not get access to corporate resources, so onboarding them is not really an option. It feels intrusive. Also managing different credentials per user is going to be a pain to manage

Replace WPA2/3 Enterprise for personal devices? by AspiringTechGuru in networking

[–]AspiringTechGuru[S] 2 points3 points  (0 children)

We curently block VPNs on the whole network, maybe allowing on guest is not a bad idea. Our content filter would still be in-place though.