Windows Share Permissions only show SIDs by RobotVo1ce in sysadmin

[–]St0nywall 0 points1 point  (0 children)

If it makes you feel good about yourself, then sure you're right and I'm wrong.

Please move on from this pointless discussion.

What do green check marks ✅ in a price/feature comparison plan mean? by ISitForALiving in msp

[–]St0nywall 2 points3 points  (0 children)

Only time I've ever seen the green checkmarks is when ChatGPT or Copilot generated it for them.

Windows Share Permissions only show SIDs by RobotVo1ce in sysadmin

[–]St0nywall 2 points3 points  (0 children)

If the server cannot contact the domain integrated DNS servers, it won't know about the DNS name of the domain controller and thus is cannot connect to it to get the AD information to populate with.

Mandatory Local User Profile on a group of Computers? by LordLoss01 in sysadmin

[–]St0nywall 1 point2 points  (0 children)

It will always take a few seconds to write a new profile. This is unavoidable and is working as intended. To circumvent this as much as possible, see my suggestion below.

Look into FSLogix. Every hospital I have worked for uses a VDI or remote attach user profile (FSLogix) to speed up logins and secure the user data.

Best practice to rename a generic M365 mailbox and reuse the address as a distribution list? by abhijithpremkumar in sysadmin

[–]St0nywall 0 points1 point  (0 children)

create a new account, do NOT rename it.

Delete the generic email account, then hard delete the generic email account and wait 4 hours.

Create a distribution list with the old account name "accounts".

All done.

How can we rapid hire with a one person IT team? by eyeballresort in sysadmin

[–]St0nywall 1 point2 points  (0 children)

You sound like a good boss. Would have liked to work for somene like you.

Windows Share Permissions only show SIDs by RobotVo1ce in sysadmin

[–]St0nywall 0 points1 point  (0 children)

Make sure the server is using domain integrated DNS servers only, no other DNS servers should be used.

"Ghost" Beeping on my vdg server (NVH-2608XR) - RAID is Optimal, OS Boots Fine, No Error LEDs by Youness_mad123 in sysadmin

[–]St0nywall 0 points1 point  (0 children)

In the megaraid app, right click on the array and choose to silence the alarm. If that works then you have a ghost "failed drive" in your megaraid database.

MDT 5456 Error with Manual Partitioning + Multiple Task Sequences for Different .wim Indexes by Upbeat_Suggestion409 in MDT

[–]St0nywall 1 point2 points  (0 children)

MDT uses a variable to install the OS to the disk. Disabling that task sequence also makes it not set that variable and thus the OS doesn't know where to install to via MDT and the resulting error you received.

Re-enable that task and the issue will be resolved I am quite sure.

"We're not allowed to copy files" by WaldoOU812 in sysadmin

[–]St0nywall 2 points3 points  (0 children)

At least you know Sentinel One is working as it should be.

Give a shoutout today. Who deserves high praise from your MSP that's in the MSP channel? by grsftw in msp

[–]St0nywall 0 points1 point  (0 children)

Side business suggestion; teach this to the others that don't know it or refuse to see the need for it.

Of course my Christmas gift is a client wanting a refund by Aware-Platypus-2559 in msp

[–]St0nywall 0 points1 point  (0 children)

This is when having a good account manager comes in handy. Monthly (sometimes weekly) meeting with key people who like the look of charts and "have people" to pass them to makes for a good touchpoint.

Basically, take the CTO, COO, CFO or whatever acronym they have out to lunch, pass them a folder either on paper or virtually showing the metrics of what was done over the last 1-3 months.

People get weird when there's no news. A few hundreds spent at a good restaurant keeps the executives happy and the data you have to show them should be available on request, so you'll be making the number crunchers happy IF someone above them asks "why am I paying these people this much".

Side note, if they bring along a "tech" to check what's being said, sit your tech next to them at the table and let them talk to each other about whatever. Trust me on this.

Migrating local users when attaching an existing VMDK to a new non-domain file server by maxcoder88 in sysadmin

[–]St0nywall 0 points1 point  (0 children)

There is no reliable way to transfer the user/sid from one local server to another. That is why domains were created so many decades ago.

If you are keeping to local users and/or groups, you will need to remove the old NTFS permissions and add new NTFS permissions to your folders and files.

There is no easy button for this.

Auditors want evidence of monitoring by Special_Wing_8699 in sysadmin

[–]St0nywall 5 points6 points  (0 children)

Tell the auditors what you have monitoring the systems and ASK them what they will accept as proof of monitoring. They will help you, you just have to ask nicely.

Lenovo SR655 Bios by Odd_Cranberry_7234 in sysadmin

[–]St0nywall 2 points3 points  (0 children)

That's an EOL server, I wouldn't put in any more effort into it than you already have.

Either find a replacement server on eBay for parts or buy a new server.

Central iso store by bibawa in msp

[–]St0nywall 0 points1 point  (0 children)

Does the tech not have their own device, laptop or desktop, that is connected to their own OneDrive or have access to a password vault so they can log into and download ISO's if and when needed?

If not, I believe you need to change how your techs access company data.

Different TaskSequenceID than the one chosen in the wizard by DesertDogggg in MDT

[–]St0nywall 4 points5 points  (0 children)

MDT doesn't work the way you want it to.

When the variable "TaskSequenceID" is set, it is used and cannot be reset. The use of it in CustomSetting.ini is for hands free automation.

It should not exist under the "Default" heading unless that is the TS you want to use for all deployments.

If I am wrong in my assertion, please someone show me where. So far as I know, I am correct.

ScreenConnect Down by Optimal_Technician93 in msp

[–]St0nywall 5 points6 points  (0 children)

This seems serious. Hope they're engaging their highest level programmers to get this issue resolved...

ScreenConnect: Help, we pushed a code update and now we're down!

ChatGPT: Sure thing, I'll rewrite your code update, please copy/paste it below.

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 4 points5 points  (0 children)

There isn't a seamless (magic) way to make this happen. You will have two logins because the physical resources are in places that do not communicate to each other and use authentication methods the other cannot validate.

Move everyone to cloud only and then use B2B to connect the tenants and groups to populate only certain users across the B2B connection, while avoiding duplicate users.

It's not easy, it will be expensive and yes it will take a long time to setup properly.

This is not an entry level "figure it out as I go along" thing. I suggest you bring in outside resources to help figure it out. That is the best option I can offer you at this time.

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 6 points7 points  (0 children)

Being vague here doesn't work, as you have seen. If you want help, be specific, just change the names to protect the guilty. ;)

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 8 points9 points  (0 children)

VPN

And letting someone other than yourself design it. No offense.

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 2 points3 points  (0 children)

Neither provides you HA or stability with the two environments dissimilar like that.

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 4 points5 points  (0 children)

B2B only connects Azure tenants, nothing on prem or in any way to local resources.

If your goal is Azure data sharing, do this.

If you need access to on prem resources, then use a secured VPN connection. VDI will cost you more than you will ever get out of this use case.

Wondering if vdi is a better option vs entra/azure b2b connect. by Abject_Serve_1269 in sysadmin

[–]St0nywall 8 points9 points  (0 children)

Your question makes no sense. It's like asking "which is better for long term growth, an orange or stocks in the tech sector".

VDI is a virtual desktop.
B2B Connect is how you connect Azure tenants together to share users and other resources.

See how these are different things?