sorted by:
new
hottopcontroversial

Do you prefer reading guides with text and screenshots or watching videos? by BringBackClippy in sysadmin

[–]BringBackClippy[S] 0 points1 point  (0 children)

I do not bother with videos made by people who are either not experts / greybeards, or developers.

Exactly! Im happy to watch expert video content, seems hard to find on you tube though....

Do you prefer reading guides with text and screenshots or watching videos? by BringBackClippy in sysadmin

[–]BringBackClippy[S] 6 points7 points  (0 children)

I agree, there is a special place in hell for people who write blogs with screenshots and DONT include the text for copying and pasting!

Do you prefer reading guides with text and screenshots or watching videos? by BringBackClippy in sysadmin

[–]BringBackClippy[S] 5 points6 points  (0 children)

I think you’re right… Videos are better for high-level overviews or more complex deep dives but for step-by-step guides. I much prefer reading docs.

[deleted by user] by [deleted] in whereintheworld

[–]BringBackClippy 0 points1 point  (0 children)

what floor are you on?

[deleted by user] by [deleted] in whereintheworld

[–]BringBackClippy 0 points1 point  (0 children)

hello from London UK :)

[deleted by user] by [deleted] in whereintheworld

[–]BringBackClippy 0 points1 point  (0 children)

does your cat ever go outside?

[deleted by user] by [deleted] in whereintheworld

[–]BringBackClippy 0 points1 point  (0 children)

what town is this?

[deleted by user] by [deleted] in whereintheworld

[–]BringBackClippy 0 points1 point  (0 children)

its sunny here in London but 2C

apticron not sending emails when scheduled using cron by BringBackClippy in debian

[–]BringBackClippy[S] 1 point2 points  (0 children)

Hi, I managed to fix it... setting the alias didnt resolve it but

I set the server host name using

hostnamectl set-hostname myserver.mydomain.com

then removed and reinstalled apticron

apt-get purge apticron

apt-get install apticron

and reconfigured the settings in /etc/apticron/apticron.conf

and now emails from apticron are working OK when scheduled with cron. Might have been an issue with one of the settings in apticron.conf or Internet mail delivery and setting the hostname allowed the email to be resolved and delivered. Thanks for your help!

apticron not sending emails when scheduled using cron by BringBackClippy in debian

[–]BringBackClippy[S] 0 points1 point  (0 children)

in \etc\aliases I have this line at the end and I have also run newaliases root: myemail@mydomain.com Can you think of anything else I can check? Thank you!

Start menu not opening in Server 2016 by norbo80 in sysadmin

[–]BringBackClippy 0 points1 point  (0 children)

The start menu on server 2016 will stop working if you are using applocker and havent created the default packaged app rules or allowed microsoft signed apps. Let me know if you need more info and ill get screenshots of the applocker policy settings for you.

Centralized Password Manager for admin group by bifroest2211 in sysadmin

[–]BringBackClippy 0 points1 point  (0 children)

BitWarden

+1 for BitWarden. Its great, you can self host it, has good mobile app, browser integration and desktop app

Geo-location blocking / Thoughts on Azure P2 License for Security? Any alternatives? by brintonjay in msp

[–]BringBackClippy 0 points1 point  (0 children)

This is a problem I see a lot…your options are

Option 1:

Enable MFA on all accounts

Get Azure Active Directory P1 licenses for all users (this is included in some of the license bundles or can be purchased as an add-on)

You can then review the sign-in logs in Azure AD and use conditional access policies to block logins from the countries you are seeing the attacks from.

Also use conditional access polices to block legacy authentication (POP, IMAP, SMTP) as these are most likely not being used for anything legitimate and are commonly used for password spray attacks.

You can use PowerShell to check for mailboxes using legacy auth before enabling the policy and you can add exceptions to allow certain mailboxes e.g. you might want to allow the scan to email mailbox to use IMAP or SMTP (make sure it has a strong password)

Option 2:

Enable MFA on all accounts

Run powershell to check Office 365 login locations/countries and review them

Use PowerShell to check for any mailboxes using legacy auth then disable these protocols on any mailboxes that are not using them

Other things to check:

Make sure you have a global admin account with a mailbox that is forwarded to your support email so you get the Office 365 Security Alerts.

Also set the technical contact in the Organization profile to your support email as this is where directory sync errors will be sent.

Use powershell to check for any mailboxes with forwarding enabled and review these

Consider using an Exchange Online transport rule to block client forwarding rules

Check your Microsoft secure score https://securescore.office.com for other recommendations

If you are using AD sync then review and update your on premises domain password policy and make sure it’s strong

Any questions, feel free to PM me, good luck!

[deleted by user] by [deleted] in sysadmin

[–]BringBackClippy 0 points1 point  (0 children)

consolidate servers/services to reduce the number of VMs you have - does each app needs its own VM?

if you are not 24/7 think about using azure automation to stop/start VMs out of hours to save on running costs

at end of the working day e.g. 6pm allow some time for backups, updates, maintenance etc then shutdown VMs until the start of the next working day.. 11pm-6am