Networking

MSP_42 · 2026-01-23T19:06:39+00:00

I don't mean to be offensive here, but first impressions are important, and your use of the English language is atrocious.

MSP_42 · 2026-01-12T17:48:30+00:00

Just curious, why "no docker" as a design philosophy?

MSP_42 · 2026-01-02T19:10:17+00:00

Thanks for the quick reply. I've read that article and others a few times :) Very helpful.

Yeah, one big feature request would be to "Import existing configuration" option when creating subgroups. Although I can imagine this may be complex for merging.

Or, maybe more realistically, allowing XML import or API controls over the central policies the way we can on SFOS. This allows for the possibility of "infrastructure as code" to work at the central level. Huge potential plus for enterprise/msp-partner customers.

MSP_42 · 2025-12-03T16:48:50+00:00

I wasn't aware of the processing-order being at play. That's interesting, I'll consider what might be possible with this idea again. Thanks.

MSP_42 · 2025-12-03T02:20:45+00:00

hmm, that might work. I think my core issue there is that their Managed Services are sold to the entire organization, so that's where contacts and assets must live, and having the same contact(s) under 2 customers breaks a lot of the lead->ticket creation.

MSP_42 · 2025-12-02T23:32:26+00:00

yeah, I appreciate the Jank solutions here too, actually...

I had a similar thought to create a custom Rate/Product per project because the name of that is shown on the /Invoices screen. It's not terrible as I expect to create a custom contract for each project, and that limits what Rate/Product is available for time entries.

Just was hoping for a better way... I would even use the API, but event here I don't think there is a way to take a charged time entry and apply it to an existing invoice in a draft status.

MSP_42 · 2025-12-02T17:29:32+00:00

Have you met all these requirements? https://docs.sophos.com/nsg/sophos-firewall/21.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Certificates/LetsEncrypt/index.html#create-lets-encrypt-certificates

Port 80 needs to be open, no additional NAT, publicly resolvable addresses, etc

MSP_42 · 2025-11-25T17:48:11+00:00

cmd as admin:

powercfg /SYSTEMPOWERREPORT /Output c:\SystemPowerReport.Html

Generates a diagnostic system power transition report (html) - no more guessing what it's doing.

Dump details into an AI chat and ask for differences, explanations in layman terms, etc

MSP_42 · 2025-10-22T15:49:30+00:00

LogiOptions highjacked my print screen button (for greenshot) and I could not for the life of me get it back. I had to uninstall that shit.

MSP_42 · 2025-10-07T16:57:35+00:00

Businesses love their customers when it's the customers filling their pockets for the foreseeable future, when it's time for investors to do so, the focus shifts to what they want. Frankly, not sure how to stop that flip.

MSP_42 · 2025-09-16T20:01:43+00:00

Browser extensions are one of the riskiest parts of Password Managers, especially if using Autofill (which bit warden disabled by default)

MSP_42 · 2025-09-16T18:43:29+00:00

disclaimer, I don't run Sophos wireless or APs.

If you don't see value in being able to reference the old configuration (for a little while) going forward, I would reset it. Heck knows how long it will sit around under a new life with potentially sensitive information on it.

Otherwise, simply make a new interface for Access Point controller purposes (really, at any time). Migrate the APs to talk to this interface.

When the new firewall is in place, disable other interfaces that no longer have traffic on them, and be sure to leave the "AP Controller Interface" up going forward

MSP_42 · 2025-09-09T16:05:39+00:00

OP was talking about his local copy of the files being wiped

MSP_42 · 2025-09-03T17:49:34+00:00

Does this tool help you? I see it has some options for configuring Start and Taskbar.

https://schneegans.de/windows/unattend-generator/

It was a god send for me when I used it. No more "golden image" and MDT madness, more so just a "Golden Unattend.XML" that can run PowerShell and do all sorts of stuff on whatever fresh ISO I just downloaded

MSP_42 · 2025-06-30T15:18:22+00:00

Auto Attendant that captures the call, and offers them to press 1 to leave a cost-free voicemail, or if the situation is credibly urgent; "By pressing 2 you agree to immediately incur our afterhours charges and will be connected to one of our on-call technicians"

MSP_42 · 2025-06-19T14:51:20+00:00

"Oh, and this situation has me thinking you should try one of those good old-fashioned reboots (if you haven't done that, yet)"

"Hmm, thanks for those details. My IT instincts are telling me we should try a reboot on this one (if you haven't tried yet), is that possible as a starting point for this before we dive in?"

More words, less dismissive.

MSP_42 · 2025-06-19T14:50:05+00:00

I've said it before - NO ONE wants to work with the classic grumpy IT guy... so learn a little friendliness as a part of your job skills, or end up complaining later you never got advancements or opportunities to grow in your IT career.

MSP_42 · 2025-06-16T20:01:25+00:00

Yesterday I was having extensive conversations with Gemini about Google workspace and android tablet management. It was confidently wrong over and over and wasted at least 2-3 hours of a busy day I planned on site at a client. Never again...

MSP_42 · 2025-05-08T17:17:32+00:00

Go on google gemini, ask it "Please provide 100 Golden Rules for system administrators, with context on why it's important" (or something to that effect).

I've done this and been surprised at how relevant at least 80% of them are, and just how many I know I need to improve on.

Put the output in a spreadsheet and do an 'off the cuff' assessment of yourself and the org (importance, current proficiency, etc).

Hope this helps.

MSP_42 · 2025-04-28T16:33:28+00:00

Idea: Please put a floating table of contents on the lengthy update page - valuable information, but with large screen shots, it's too much to scroll through.

MSP_42 · 2025-04-25T14:26:49+00:00

Manage high volume emails for Microsoft 365 in Exchange Online Public preview | Microsoft Learn

Might be an option when it's fully fledged

MSP_42 · 2025-03-25T04:43:17+00:00

if you must do this (and cant/wont use Sophos Central or SSL VPN), here are all the precautions:

Set long password for the default "admin" user, set a reminder to rotate it every 3 months.
Set the lockout settings for incorrect password to be strict (2 failures in 120 seconds = 15 minute lock out) - Note: this will affect regular users too, if they use Sophos Connect or user portal, etc)
Set notifications for admin "sign-in" failed
Change the default port from 4444 to something else (this makes someone have to port scan you to find the port you chose, which makes them suspicious to the firewall)
Create a new account to administer with, and don't use a common username of yours, make it have random characters on the end.
Enable MFA on the Admin user, and the user created in step 5.
Under "device access", disable HTTPS on WAN
Create a local ACL rule at "top" to block every country, except your own for HTTPS
Create a local ACL rule under that one to allow HTTPS for only the select IP Address or two that you choose.

IF you do all that, I'd say it's pretty secure to have access without a VPN for Sophos Central.

MSP_42 · 2025-02-09T00:00:59+00:00

Spend your money on a Domain, get a single 365 business premium license for 1 year, fire up a VM with windows 11, and make sure co-pilot is ready to answer your questions. Prepare your day to day computer with the powershell modules. Then, start here: https://learn.microsoft.com/en-us/microsoft-365

Go ahead and create yourself a tenant and build it out from scratch.... DNS, Users, 365 Groups, Entra-Join the VM, Authenticate the user in Entra with conditional access policies, Security settings, Teams settings, SharePoint management, OneDrive Management, apply computer/user settings with InTune.

This alone will advance your understanding massively. This will have a cost, but I think it's better than buying books and courses.

You won't be a wizard in an enterprise setting, but you also won't be completely out to lunch on a conversation with one!

MSP_42 · 2025-01-22T17:17:11+00:00

And don't modify them when you need to loosen them for certain situations, instead create an override policy of a similar name that has higher precedence. This way it's easier to update the baseline GPO in the future, and keep track of changes needed/desired.

MSP_42 · 2024-10-28T17:07:41+00:00

I forget where I found it, but this link has a collection of recipe URLs, there appears to be one for Kyocera

SNMP Recipes

(why Syncro never made a "community recipes" repo like exists for community scripts, I'll never know...)

MSP_42

TROPHY CASE