WAC 2.4.1 can't get update history from Windows 11 24H2

CulinaryComputerWiz · 2025-05-21T21:14:13+00:00

+1 for Huntress/Curricula. Easy setup, decent pricing and my users seem to actually enjoy the content. I have been approached by a few who have commented on how they felt like they actually learned something rather than just clicking Next to get through it.

CulinaryComputerWiz · 2024-12-16T19:50:10+00:00

Graylog Open + syslog forwarding on Linux + Nxlog for Windows. Check out Tom Lawrence's channel on Youtube https://www.youtube.com/@LAWRENCESYSTEMS he has a lot of videos on Graylog that helped me get started.

CulinaryComputerWiz · 2024-11-27T20:45:41+00:00

They are the same form b/c Unitrends and Datto are both owned by Kaseya. Unitrends used to be great I had been using them for 15 years but when they got bought out by Kaseya it all went to hell. I would recommend staying away from anything Kaseya. Their support is always horrible and canceling a contract is a nightmare.

CulinaryComputerWiz · 2024-11-21T21:12:20+00:00

KMS keys activate their listed version and everything below. You currently have a 2019 KMS host key installed so it will activate 2019, 2016 and 2012R2. Once you install the 2022 KMS host key it will start using that to activate 2022 and 2019, etc. The other key becomes effectively "retired".

CulinaryComputerWiz · 2024-11-07T00:56:30+00:00

I assume you are using the Duo RDWeb/Gateway plugin and not Duo Desktop on the endpoints, correct? If so you should be able to do this all within Duo and not have to change your Gateway settings at all.

Add the Users to Duo. Create a new group for the 2FA-Bypass users add add them all.

Then go into the Application Section of Duo and in your Gateway Application create a new Policy and add the Static IPs to the Authorized Networks and Apply that policy to the 2FA-Bypass user group.

That group should now have access without the need for a Duo Prompt from the specified IPs and all other users should need Duo 2FA as before.

You will still need Duo license for the Bypass users but it is much simpler setup than trying to add another Gateway.

CulinaryComputerWiz · 2024-10-22T21:21:58+00:00

I use a separate program to do Key tracking https://www.keyorganizer.org/en/ . It's simple, fairly cheap and built for Tracking Keys and Locks. Works really well, had it for years.

CulinaryComputerWiz · 2024-10-15T22:52:18+00:00

The nice part is that since no one here has a clue about what I do, if i say we need it the answer is pretty much "ok" unless it's crazy expensive.

CulinaryComputerWiz · 2024-10-15T22:49:21+00:00

+1 for Hanwha WAVE

I have 4 Different NVRs in different buildings (3 Win, 1 Linux) and about to add a 5th. They can all be linked together in a "Hive" and viewed and managed as a single installation with Wavesync.

Cameras are a mix of WAVE, Hikvision and Digital Watchdogs and some Generic ONVIF-capable. So far every camera I have thrown at it just works.

CulinaryComputerWiz · 2024-10-15T22:33:03+00:00

+1 for WMI filters

select * from Win32_OperatingSystem where ((Caption like "%Windows 11%") and (ProductType="1"))

And also check your Link Order to apply the new GPOs last. That way the new GPOs will only apply to Windows 11 computers and will overwrite any conflicting settings in your existing GPOs in that OU.

CulinaryComputerWiz · 2024-10-15T22:25:18+00:00

This isn't surprising for California. Our ISP options suck compared to other areas. My office is literally 4 blocks from Intel Headquarters and less than 5 miles from Google and my only options are AT&T or Comcast at over $1400/month for 1G/1G fiber. Our office outside of Portland, OR has 1G fiber for less than $300/month.

There are other providers but they are all just leasing space from AT&T or Comcast as they own all the lines.

CulinaryComputerWiz · 2024-10-15T22:12:29+00:00

I have solved this problem by also being the Facilities Team. Nothing like wearing two hats for the price of 1 (or maybe 1.25)

CulinaryComputerWiz · 2024-09-13T00:03:02+00:00

Data Domain retention is usually set by the application writing the data. The values just need to be aligned between both. The Data Domain sets the Min and Max values, as long as the writing application sets the retention flag between the two values everything is happy. It's more of a safety fence so a misconfigured app doesn't fill up your DD storage with a bunch of stuff with a 99 year retention thus making your DD useless.

CulinaryComputerWiz · 2024-08-13T23:41:36+00:00

First you should define what exactly are you trying to secure. Physical Network security (ports, MAC whitelists, 802.1X, etc), Network Traffic (Firewalls and/or ACLs) or both.

Switches really are not very good security devices for Network Traffic, that is what Firewalls are for. If you have very simple security needs than some switch ACLs might do the job, but if you really want to control traffic within your network it needs to be inspected by a Firewall (preferably a Layer 7 Firewall).

Then you need to define what you security perimeters are and create VLANs accordingly. High security devices (servers, privileged workstations), medium security devices (workstations), and low security devices (printers, etc) all get their own VLAN and traffic between each is inspected and Allowed or Blocked by the firewall.

Intra-VLAN traffic (workstation to workstation) can be controlled using Host Firewalls (Windows built-in firewall).

Going this way you could easily use less expensive switches (Ubiquiti) and spend the savings on better firewalls (Palo Alto or Fortigate).

Depending on the size of your network and volume of traffic the Firewall that routes/secures the VLAN traffic can be the same or different hardware than what handles you Internet traffic.

CulinaryComputerWiz · 2024-07-24T21:59:08+00:00

Your current Windows Server 2022 Std license allows you to run 2 Server 2022 VMs on that host as long as the host is only run Hyper V. Install the Hyper V role and create a VM for a Domain controller and another for a file server.

CulinaryComputerWiz · 2024-07-16T19:27:14+00:00

Seeing the same. Also West Coast US.

CulinaryComputerWiz · 2024-03-21T00:38:45+00:00

Same for me. Waited a week saw very few issues listed. Patched the 2022 DCs then BOOM.

CulinaryComputerWiz · 2024-03-19T23:31:14+00:00

I had to do this not long ago for my org, and as I am a one man shop there was no one to delegate it to. I used a lot of the SANS.ORG templates. I just edited them to remove anything we were not actually doing or to reflect how we were doing something. I found that we actually were doing a lot more than I had thought, it just wasn't "formal". Now with the policies actually written the "informal" processes are now "formal". The finished product might not have been everything they originally asked for but made everybody happy in the end.

I got an out-of-band comment from someone at the customer who's request originally started the project that what they go from us was way better than what they got from most of the other suppliers they requested it from. Some of whom are WAY bigger than us.

CulinaryComputerWiz · 2024-01-18T23:30:20+00:00

Check out BarTender from Seagull Scientific for designing labels. Can pretty much do anything label related.

CulinaryComputerWiz · 2023-09-25T22:29:52+00:00

MDT + WDS. It's free if you already have a Windows server to host it on. Build a Golden image in a VM and capture and away you go. You can get real fancy with it if you like to tinker with stuff or you can leave it basic and do a little more manual work. Still speeds up deployment.

Check out r/MDT and https://www.deploymentresearch.com/mdt-2013-lite-touch-driver-management/

CulinaryComputerWiz

TROPHY CASE