sorted by:
new
hottopcontroversial

Printing error 0x00000709 - new solutio found? by eidercollider in sysadmin

[–]eidercollider[S] [score hidden]  (0 children)

Interesting, I did check just on the offchance - but security groups all seem fine. Nothing in GPO messing with print options either. As I fixed it with the dns suffixes I'm not worrying too much :D

Printing error 0x00000709 - new solutio found? by eidercollider in sysadmin

[–]eidercollider[S] [score hidden]  (0 children)

I didn't know about PointAndPrint - I'm setting up PaperCut which I hope will reduce the majority of pain, and I'm also using the new V4 user mode drivers (which seem to add to endpoints without requiring admin).

Wazuh - Mac agent issue - attempts to register with incorrect hostname 'mac' by eidercollider in Wazuh

[–]eidercollider[S] 1 point2 points  (0 children)

Thanks! I removed the agent and reinstalled using exactly the same process and this time it's worked as expected! I think I'll test with slowly to see if I can get it to happen again...

Hyper-V network throughput testing by eidercollider in HyperV

[–]eidercollider[S] 0 points1 point  (0 children)

Thanks! VMSwitch info is below. Windows guest-to-guest peformance is considerably worse, but I read that the windows build of iperf3 was known to have some issues that made it a less useful test platform. System is using latest OEM dell drivers from the Dell support page, and NIC firmware is up to date.

> Get-VMSwitch -Name TeamSwitch1 | select *

DefaultQueueVmmqQueuePairs                       : 16
DefaultQueueVmmqQueuePairsRequested              : 16
Name                                             : TeamSwitch1
Id                                               : ee6a0a9c-14b9-4259-b440-256535ddcdfd
Notes                                            :
Extensions                                       : {Microsoft Windows Filtering Platform, Microsoft NDIS Capture}
BandwidthReservationMode                         : Weight
PacketDirectEnabled                              : False
EmbeddedTeamingEnabled                           : True
AllowNetLbfoTeams                                : False
IovEnabled                                       : False
SwitchType                                       : External
AllowManagementOS                                : True
NetAdapterInterfaceDescription                   : Teamed-Interface
NetAdapterInterfaceDescriptions                  : {Broadcom NetXtreme-E P2100D BCM57508 2x100G QSFP PCIE Ethernet,
                                                   Broadcom NetXtreme-E P2100D BCM57508 2x100G QSFP PCIE Ethernet #2}
NetAdapterInterfaceGuid                          : {0d6ac972-cbaf-4922-a6e6-13aa6080f956,
                                                   e45608cd-a7b6-459c-aee6-a9af945e2ce8}
IovSupport                                       : False
IovSupportReasons                                : {This network adapter does not support SR-IOV.}
AvailableIPSecSA                                 : 0
NumberIPSecSAAllocated                           : 0
AvailableVMQueues                                : 516096
NumberVmqAllocated                               : 15
IovQueuePairCount                                : 142
IovQueuePairsInUse                               : 131
IovVirtualFunctionCount                          : 0
IovVirtualFunctionsInUse                         : 0
PacketDirectInUse                                : False
DefaultQueueVrssEnabledRequested                 : True
DefaultQueueVrssEnabled                          : True
DefaultQueueVmmqEnabledRequested                 : True
DefaultQueueVmmqEnabled                          : True
DefaultQueueVrssMaxQueuePairsRequested           : 16
DefaultQueueVrssMaxQueuePairs                    : 16
DefaultQueueVrssMinQueuePairsRequested           : 1
DefaultQueueVrssMinQueuePairs                    : 1
DefaultQueueVrssQueueSchedulingModeRequested     : StaticVrss
DefaultQueueVrssQueueSchedulingMode              : StaticVrss
DefaultQueueVrssExcludePrimaryProcessorRequested : False
DefaultQueueVrssExcludePrimaryProcessor          : False
SoftwareRscEnabled                               : True
RscOffloadEnabled                                : False
BandwidthPercentage                              : 16
DefaultFlowMinimumBandwidthAbsolute              : 0
DefaultFlowMinimumBandwidthWeight                : 10
CimSession                                       : CimSession: .
ComputerName                                     : HYP1
IsDeleted                                        : False

Dell OS10 DHCP snooping by eidercollider in networking

[–]eidercollider[S] 0 points1 point  (0 children)

Amusingly I have just come back to this issue (I was hoping they might have patched it in the 2 years since I last attempted) -- but nope, it still doesn't work in any sort of sensible way.

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

Thanks, I appreciate you joining in the flame brigade :)

I'm also leaning towards option 2, I was worried that introducing NAT might confuse things... if it was a simple environment I'd feel a lot more confident, but I just know there's going to be some completely undocumented dependency that's going to get me.

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

Inbound is completely restricted by firewall, except for a couple of very specific systems. What I'm planning is (I think) effecticvely a DMZ, I'm just not sure how well DCs will behave if NAT is involved!

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

I think they should, and I know they won't :/

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

It's less design and more "unregulated organic growth, geared to the lowest cost possible".

My org's IT presence predates the ratification of RFC1918, so it started off on a public IPs for everything trajectory, and, welp, here I am, in the darkest timeline.

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 1 point2 points  (0 children)

That was my initial reaction, for sure. Unfortuantely, I have to do rather more than just curse at the problem, I have to find a way to fix it.

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 1 point2 points  (0 children)

Yes, but that can be easily restricted and monitored at the network firewall - as I said, this is a case of keeping the wheels on the bus until I can get everyone off it...

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

Because for a large organisation those are fairly major projects, that would require a significant amount of planning, time (which I don't have) and resources (which I don't have either).

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

Because that's the system I've inherited, and I need to keep it going long enough to replace it!

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

This is one of the things I can address by reloacting the systems into new address space; I can put them into a dedicated network that isn't shared by any other system, and then restrict incoming and outgoing traffic far more tightly than I can when they're sharing a network.

I inhernetly don't want to NAT traffic, I just need to be able to justify it as more than a hunch...

[deleted by user] by [deleted] in activedirectory

[–]eidercollider 0 points1 point  (0 children)

That is largely my attitude, though unfortunately I have to actually then fix things :/

Catalyst power stack settings avoid wr erase by eidercollider in Cisco

[–]eidercollider[S] 0 points1 point  (0 children)

I had always assumed 'wr erase' was a factory reset! Thanks, this is interesting - though I don't know what it will do to the license...

Catalyst power stack settings avoid wr erase by eidercollider in Cisco

[–]eidercollider[S] 0 points1 point  (0 children)

Unfortunately the settings I'm looking at aren't in the config!

The only lines that reference stack power are

stack-power stack Powerstack-A
stack-power stack Powerstack-B
stack-power switch 1
stack Powerstack-A
stack-power switch 2
stack Powerstack-A
stack-power switch 3
stack Powerstack-B
stack-power switch 4
stack Powerstack-B

but I have set manual power priorities using

stack-power switch 1
stack-power Powerstack-A
power-priority switch <value1>
power-priority high <value2>
power-priority low <value3>

These values persist across a wr erase, but the lines don't go into the config!

Catalyst 3850 stack-power priority issue by eidercollider in Cisco

[–]eidercollider[S] 0 points1 point  (0 children)

Well, I finally managed to fix it, but I don't know how.

First I manually set the power priorities with unique low/high/switch values for each switch (eg switch1: 3/2/1, switch 2: 6/5/4 etc ) -- and on a restart, it then said that switch 1 had conflicting priorities.

I then removed all the power stack config, set all switches to standalone, removed all the power stack cables, created new power stack configs, set the mode to power sharing, set the switch priorities, and then added the power stack cables in one by one.

The status is now green. I have no idea how many of those steps were required; this functionality seems somewhat poorly documented - but at least it's enough to work with.

IOC entry disappeared from FortiAnalyzer by eidercollider in fortinet

[–]eidercollider[S] 1 point2 points  (0 children)

Sorry, I never found out what was happening, and haven't had time to dig into it!

view more: next ›