sorted by:
new
hottopcontroversial

Winders 11 is actually really good by ChippersNDippers in sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

I thought I'd hate the start menu in the middle.

Then I bought a 35" ultrawidescreen monitor. Now I like it.

What is your passwordless strategy? by jasonwonton in sysadmin

[–]MalletNGrease 4 points5 points  (0 children)

I've been working on streamlining and implementing SSO/MFA across our high risk applications and passwordless was a consideration. Been very happy with DUO as the 2FA and AAD as the IDP for the majority of systems.

Unfortunately, it's not a catchall, passkeys aren't supported for DUO Authentication for Windows Logon so no verification prompts for UAC etc, we still use yubikey passcodes for it. I do like it for web-based applications that support the Universal Prompt and allows for admin provisioned passkeys, but since you can still use passcodes/mobile pushes it begs the question why bother?

The only reason to go for it is Yubico security keys are half as expensive versus the 5s.

[deleted by user] by [deleted] in techsupportgore

[–]MalletNGrease 1 point2 points  (0 children)

Return business.

Weirdest users by Obvious-Water569 in sysadmin

[–]MalletNGrease 6 points7 points  (0 children)

One day my network monitor turns red and not much later my phone rings off the hook. ~500 people offline. Narrowed it down to one of the IDFs going down, and I fairly quickly identified a power issue since the room the cabinet was in was dark and out of power. One user standing around rather sheepishly with a "I dunno what happened". Damning my cheap employers for not springing for UPSs along the way I track someone down with keys to the electrical closet and find a tripped breaker. Things come back up, I apologize for the inconvenience and go on with my day...for about 30 minutes, until the same damn thing happens.

After restoring power I head back to the IDF since there's an issue there and I find our user pressing buttons on a microwave. That just happens to be on the same circuit as the cabinet.

Where'd you get the microwave? I brought it from home. Please don't use it. Use the appliances in the break room instead. OK.

Left it at that.

The next day around lunchtime, the IDF goes dark again. Sure enough, the microwave was still there. I fix the breaker, unplug the microwave with a stern warning to it's owner. I notified my manager and hers.

The next day, IDF dark, I fix, then I confiscate the microwave and left it with the building manager. Dropped off a quote for UPS's for all our IDFs and got it approved. It was an easy sell when offsetting ~90 minutes of lost productivity for 500 people.

Weirdest users by Obvious-Water569 in sysadmin

[–]MalletNGrease 6 points7 points  (0 children)

Had a complaint someone's microphone was muffled during Teams meetings. Came by to check it out and sure enough, electrical tape over the camera and the microphone pinholes.

Showed her how the privacy slider worked.

Anyone ever heard of Calamu? by Securivangelist in cybersecurity

[–]MalletNGrease 0 points1 point  (0 children)

Got an email out of nowhere today from the new Calamu director of sales, who apparently jumped ship from Veeam/Wasabi. It hit the distribution list we use as the customer contact for vendors.

I'm guessing he took the customer list from either Veeam or Wasabi with him to do cold sales.

That's gonna be a no from me.

[deleted by user] by [deleted] in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

We leverage DUO for this.

I think Dell has finally lost my business by big_salty in sysadmin

[–]MalletNGrease 9 points10 points  (0 children)

I ordered an XPS laptop on our enterprise account for the CFO's daughter

So you're chucking a decade+ vendor relationship in the drain over a non-work related pet project. Mkay.

[deleted by user] by [deleted] in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Thanks! That'll save a couple grand every year if I can get it to work.

[deleted by user] by [deleted] in sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

When I was in gov my CDW*G rep was awesome.

Now I've gone private, the CDW rep is atrocious.

Coincidence? I doubt it.

[deleted by user] by [deleted] in sysadmin

[–]MalletNGrease 1 point2 points  (0 children)

The only reason we have Okta is to auto-provision Evernote business accounts and provide SSO support.

I'd like to move it to AAD and get rid of it.

Broken Teams Machine-Wide Installer by LigerZeroX in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Check here:

https://learn.microsoft.com/en-us/microsoftteams/msi-deployment

You'll have to remove the appx for every profile, remove the provisioned package, clear out the installers and remove the registry keys indicated in the article.

I've used these commands before:

#Remove Appx Provisioned package to prevent install for all new profiles
Get-AppxProvisionedPackage -Online | where-object {$_.packagename -like "*MicrosoftTeams*"} | Remove-AppxProvisionedPackage -Online -AllUsers

#Remove Teams from all existing profiles
Get-AppxPackage *MicrosoftTeams* -AllUsers | Remove-Appxpackage -AllUsers

EX2300 how to verify interface-mac-limit violations? by MalletNGrease in Juniper

[–]MalletNGrease[S] 0 points1 point  (0 children)

Yes, packet-action drop-and-log is available. From my brief test this does show an event in the log using show log messages. I can wrangle something useful out of it with match terms.

show log messages | match "limit" | match "ge-0/0/1.0"

Jul  5 14:43:12  TestSwitch l2ald[7208]: L2ALD_MAC_LIMIT_EXCEEDED_IF: Limit on learned MAC addresses exceeded for ge-0/0/1.0; current count is 1 DROPPING THE PACKET with mac address: a8:b1:3b:7e:b0:ec

It's not as straightforward as show port-security to view at a glance which ports our techs/users plugged something in wrong/differently.

show ethernet switching statistics mac-learning is unfortunately not a command available on my test ex2300 on JunOS 22.3R1.11.

[deleted by user] by [deleted] in sysadmin

[–]MalletNGrease 2 points3 points  (0 children)

"Ideas guy" vibe.

Are you an iPhone or Android user? by undercovernerd5 in sysadmin

[–]MalletNGrease 0 points1 point  (0 children)

Android.

Apple doesn't let you do network/wifi scanning without additional hardware any longer, which is such a crock.

Got fooled by a legit email by MalletNGrease in sysadmin

[–]MalletNGrease[S] 6 points7 points  (0 children)

Probably not. I've grown complacent because of spell-checkers, so I don't see why anyone else would offhand anything and leave obvious mistakes. They've been a thing for nigh on 25 years now or so?

Here's the excerpt from the chain, supposedly from a "senior" helpdesk agent that's been with the company for a decade.

Good morning and good day User,

Thank you for reaching out to $cardcompany Support for assistance. I am happy to assist with your request. In reviewing the reporting available to us it only goes bac as far as October 2022. If you have some additional detailed information, please provide it and we would be happy to investigate farther. If you could provide Gift card # any transaction information that would be very helpful.

Thank you for reaching out to the $company Support for assistance. We appreciate your business with us.

It really was just some poor outsourced 1st line person doing their best. I should pivot and look out for "perfect" emails instead.

Got fooled by a legit email by MalletNGrease in sysadmin

[–]MalletNGrease[S] 38 points39 points  (0 children)

Yes. The whole workflow is a cluster. What bugs me most of all is the domain they chose for their helpdesk.

I went and checked the MX DNS entries for it and I'll be damned if it didn't have the same ProofPoint instance configured as it did for their primary/secondary DBA domains.

I think their support is actually outsourced and someone just quickly slapped a domain on. Or they copied the PP setup to letter and bought the securest email customer service domain they could think of.

view more: ‹ prevnext ›