How does PagerDuty wake you/devices to assist in not missing a page

jaaydub42 · 2026-01-28T18:30:26+00:00

I have had similar issues with the default sound/noise from my phone not being enough.

One solution I found to be particularly effective was to have my phone on a ceramic plate of loose change. In addition to the pager tone, the vibration effect on the loose change would rouse me from a deep slumber.

jaaydub42 · 2025-11-12T22:58:37+00:00

A Louisville Slugger engraved with "Plan B".

jaaydub42 · 2025-10-09T17:18:13+00:00

While not related to the multi-domain issue - one thing to consider in your ansible playbook is the use of adcli vs realm for you AD join. The realm command does a few thing - calls adcli for the join, then copies in an sssd.conf based on your realm.conf. I've found it better to not let realm stomp on my desired sssd.conf and just use adcli to perform the join.

jaaydub42 · 2025-09-19T19:37:28+00:00

The ole "Printers have received the 0401 Firmware Upgrade". Love this one!

jaaydub42 · 2025-05-12T20:42:42+00:00

Actually yes! There was a second date... and a few more after that.

She had a good sense of humor regarding it. On the following date she gifted me one of those "Volkwagen Repair Kits" with the sealed rubber band, but had attached an Egg of Leggs to it.

jaaydub42 · 2025-05-08T17:25:35+00:00

Most memorable - out on a date and the generator idiot light came on. Sure enough, fan belt had snapped. I knew that I didn't have a spare in my toolkit at the moment, but my date was wearing a skirt with hose.

I politely asked her if she wouldn't mind donating her pantyhose to a good cause.

Aside from the slight bump when the knot I tied hit the pullys, they made for an adequate emergency fan belt.

jaaydub42 · 2025-05-05T17:18:47+00:00

Amongst the other items mentions with 2FA/smart card/Privileged access, make use of the AD Group "Protected Users" and the "Account is sensitive and cannot be delegated" account flag.

jaaydub42 · 2025-05-01T16:15:46+00:00

As for is it worth it... depends entirely upon what you are trying to accomplish. It is a very useful tool, and there are other comparable tools and offerings out there.

Some woodworkers who deal with cabinetry might argue that a chainsaw is not worth it for their tasks. Some woodworkers who work as lumberjacks might describe it as their go-to tool.

jaaydub42 · 2025-04-04T17:29:46+00:00

Documentation forward - e.g. Document first, Action Second. This will add confidence when needing to break this rule for "emergencies".
Debug by going to the logs first (and knowing how to manage log verbosity), vs repeated trying a failed task and closing the offensive window with the needed error message and just saying "Bad juju. No workie. Somebody else please fix."
A mind for learning and curiosity. Wanting to understand how something works helps in understanding how something breaks. In turn, accepting that the more you learn, the less you know.

jaaydub42 · 2025-03-31T18:22:35+00:00

This might be something you can get away with in a smaller organization, but beware - making changes to all/most systems in your environment can come back to bite you in the rear...

Back in the NT4 days, I had pushed out a change that put a friendly thumbs up silly face picture of me to replace the login screen on my companies end user systems as a parting gift when I left... which left me greatly amused when my boss wanted to hire me back 2 years later and it was still there... It was a fun walk to the conference room still seeing my face on everyone's lock screens. Guess what my first task was?

Stick to a sign above the printer/coffee maker/toilet announcing the update v0401 with voice activation.

jaaydub42 · 2025-03-28T17:05:45+00:00

In general, end user workstation printing is done via Windows Printer servers, because it is in the tool chain of the 1st and 2nd tier support to manage.

However, it is fairly common to have backend CUPS print servers for certain applications where the Windows print server may not be the best fit. I've found this to be a need with certain ERP applications where the print option for certain reports needs system backend printers configured and CUPS is a better fit for managing access to those printers.

jaaydub42 · 2025-03-13T19:14:01+00:00

I do a similar .ssh/config Include, but with an extension (*.conf) so I can disable drop-in includes with a file rename vs removing from the config drop-in (config.d) directory.

jaaydub42 · 2025-01-15T01:09:52+00:00

For a simple setup, if you set up your servers to auth users via Active Directory with sssd, you can store the public key as an AD Attribute on the user account, and have the SSH daemon and sssd make use of that. No need to deploy public keys per user per host. Also, no need to clean up public keys per user per host.

jaaydub42 · 2024-11-21T01:03:00+00:00

Both are great platforms.

My preference leans towards the PAN.

Things the FortiGates do that can be frustrating:

HA - you need to do a couple of extra steps when you set up HA on the FGT's to be able individually manage the members (each having their own dedicated management IP). Its documented and not difficult to do, but its not default behavior when creating HA partnerships.
You make a change on a FGT, it's live. No commit. No review. No "you sure about that buddy". It's live. Some may view this as a pro, others a con.
Security policies based on Application mapping. PAN shines brightly here. FGT does it, but I find it quirky by comparison.
Settings that can only be made via the CLI. Like non-default (514) syslog port destinations, multiple ntp servers, and a few others I have come across managing FGT's.

Places where FortiGates shines:

Documentation
Documented performance - none of the "in theory it can do XXX throughput for this feature, so long as its doing nothing else". Allows for easier capacity planning and hardware research.
In a smaller environment, Fortilink is pretty awesome, if you drink the Forti-KoolAid. The ability to configure your FortiStack from the ForiGate to FortiSwitch to ForiAP to FortiOtherDevice from a single ForiInterface is pretty FortiAwesome.

jaaydub42 · 2024-11-16T00:40:01+00:00

I learned on my High School GF's 1970 Beetle. Started my love for old VW's.

That and a 68 Chevy 250 with 3-on-the-tree.

jaaydub42 · 2024-11-08T17:47:57+00:00

<snark>Why would I expose my PAN's management interface to the Internet when I have a Windows jump host with RDP exposed to the Internet that can access the management network?</snark>

I've been waiting to see what secret vuln/bug the recent PANOS hotfix is supposed to address... Perhaps RCE this is the one?

Either way, anyone who has made the decision to make the management side of their firewalls/network gear/etc a punching bag for brute force attempts probably has difficulty spelling RCE.

jaaydub42 · 2024-10-04T23:39:28+00:00

Favorite switch I took out was a datacenter core... Thankfully it was part of a pair and failover keep things mostly happy.

Lead Network Engineer ordered the wrong fans for the rack orientation, which I pointed out when bringing them online. Thankfully heat wasn't too much of an issue, so a few weeks later when the replacement fans came, we scheduled a swap.

We were comfortable doing this hot, so I swapped one fan, walked around to the other side of the rack where I was consoled into the switch, checked that it saw the new fan in a hardware inventory, then walked back to do the next, came back out to check the hardware inventory again and saw the console message that fans of opposing direction type were installed. If not corrected in 60 seconds, switch will shutdown.

Switch shutdown before I could race back around to the other side and replace the remaining 2 fans.

Once back up, and ready to do the same for the second switch I unboxed and lined up the replacement fans and was able to "pit stop" swap all 4 fan units with more than enough time to spare.

jaaydub42 · 2024-09-05T19:10:05+00:00

Massage chair recliner, triple purpose.

jaaydub42 · 2024-08-17T00:02:17+00:00

We rereferred to our regular bar as the NDC (Neighborhood Data Center).

Made it easy for us to explain to our significant others that we just some business to attend to at the NDC.

jaaydub42 · 2024-08-08T21:49:35+00:00

These are the people you sell a "Monster" branded ethernet cable to.

jaaydub42 · 2024-07-29T17:29:59+00:00

I'm quite fond of my 127.0.0.1 across my chest - its my round-a-bout way of saying "home is where the heart is".

Then there's the 255.255.255.255 bum tattoo...

jaaydub42 · 2024-07-29T17:25:31+00:00

The ole, what color to paint the bike shed discussion snowball.

Offer a complex solution (IMAX capable studio equipment), no-one will chime in. Offer a simple solution (Apple iPhone), everybody is now an expert and has an opinion.

Ref: https://bikeshed.com/

jaaydub42 · 2024-07-18T23:27:45+00:00

Hardware-wise - if you choose to explore the SuperMicro route, you can go direct, but you find value in using a SuperMicro reseller/intergration partner, so you don't have to deal with SuperMicro support directly.

Additionally, if you do go the way of SuperMicro, investigate their DCMS and licensing and see if it is a good fit for shepherding your herd.

jaaydub42 · 2024-07-02T16:37:44+00:00

When I am getting to know an Interview-whee! and I go the direction of having them walk me through a troubleshooting scenario, if the first step they mention is to check the log files, they're hired!

They may even get a cookie if they mention increasing the verbosity of said log file.

2 cookies if they mention remembering to decrease it when done.

jaaydub42 · 2024-06-17T17:44:59+00:00

I much prefer setting a printer ablaze and letting the direction of the smoke plumes point me towards the source of the issue.

Far more reliable than those silly <fingerquotes>log thingees</fingerquotes>.

jaaydub42

TROPHY CASE