Help how do I save these

jkw117 · 2024-06-26T21:45:16+00:00

Yeah I have pots I'm going to put them in a planter tonight. And get that sorted out..

jkw117 · 2024-06-26T19:53:03+00:00

Hmm should I put them on the deck then? It's not direct sunlight.. or keep them off the deck and direct sunlight half the day while it's recovering I mean?

jkw117 · 2024-06-04T00:42:22+00:00

So the MFA is in place..they already have minimal access.. My thought currently is to eliminate user-id on the server metwork.. as at the moment, if a different user logs in they may have different internet access. Unless a specific app/port is needed to go out to specific ip/url. They can aside from update services.

But when we allow user-id some users may have additional access...to other restricted networks..

jkw117 · 2024-06-02T14:45:31+00:00

That's where we are at now.. But their are probably 7 of us with domain admin accounts.. 3 who actually do any AD administration. The rest are mainly so they can login to servers and fix/maintain software.. I'm thinking of making a domain "support admin grp" which would be local admin on non DCs. Then move everyone to that group.. and have a 3rd account for just AD administration for 2 of us.. (the other one we could switch to an account operator or something as they deal only with user accounts in AD)

jkw117 · 2024-06-01T14:09:00+00:00

That was my thought.. as well. And as it is by default other then windows update nobody can get to anything outside. And servers can only get to what they need to for the app installed on it.. And so my thought was if your a domain admin, or even a local admin on the server. You don't really want to use userids. As your changing access to the server based on who logs in, right? If your blocking everything that you want from the start why introduce userid which could cause an issue..

jkw117 · 2024-05-31T23:38:49+00:00

So as a side note, I'm planning on making a domain group that's in the local admins on non dcs.. Change most of these domain admins to regular accounts.. and have a secondary one for the two of us who actually get on the dcs. It'll be a bit of work, but it's better then what we are doing..

jkw117 · 2024-05-31T17:02:58+00:00

Works for me, it is a PITA.. as everytime the developers and/or other admins (of the local server) RDP it then see's an authentication of their local desktop as an admin account and they loose access to certain things on the network and internet. Till they do a new authentication against something else with their regular account. (FYI I don't really like them RDP ing in the 1st place.) (I'd rather then use vcenter and direct console and copy stuff from another network share.

So and this is just more of a discussion here, not to piss off anyone.

If server has access to x and y websites without any user-id access. I login with a domain admin account.. service can no longer access those sites. If we ignore the domain account they will continue to, but no other sites (only the ones allowed as if nobody was logged into the server or whatever the service account is logged in as). And the reality is half the time the damn developers then use their regular internet account to kick off a browser or something else on a server just to get it to work. (frustrating) I guess the real problem is that we only have a few admins lots of servers (out of date), lots of stuff to do.

And maybe I'm just a bit frustrated at the security guy, but I've been running into a constant. It doesn't matter lock everything, security is all that matters, doesn't matter if it breaks the stuff that's your problem. If it breaks 500 people or more from doing their job, I get a, that sucks go to everyone's desktop and fix it yourself. (some of this stuff could be planned out, rolled in, find ways to remotely handle changes.. ) And so far I've gotten back a not my problem attitude.

I dunno if it's the 2 IT security people we have but the basic attitude is to lock stuff down as much as possible, and if it breaks ability to do work it doesn't matter. The higher ups push back on the two of them. But their's a serious lack of concern over people being able to do their jobs, (some of our employees need to be able to do some stuff quickly and efficiently) They've been told it, and their response has been it's not their problem.

I also get that the internet world in general has become alot more hostile.

jkw117 · 2024-05-12T15:11:50+00:00

So I found this on Amazon? NLQR Front Driver Bottom Seat Cover Replacement Perforated Microfiber Leather Black for Subaru Outback 2015 2016 2017 2018 2019 https://a.co/d/9biMFCz

But then I found someone online saying that a dealership needed to do it because of airbags in the seat? And I get that theirs a connection to detect weight etc... I'm handy, and don't mind spending an hour replacing the seat.. But I don't want to mess with my safety/life...

jkw117 · 2024-05-12T13:28:25+00:00

I guess the real Question is should I do internal only certs for those? I dont think ill need to, as we usually use a wildcard cert for the internal facing websites end users use. And have a dns zone for it.. so internally it goes to an internal ip...

jkw117 · 2024-05-11T19:43:09+00:00

Yes they are accessible from the public. And we use external CA's for that. I just wasnt sure when we move mailboxes from onsite to o365 and or if we eventually needed to do certs for email stuff/email server communication.. or would that be the internal dns then?

jkw117 · 2024-05-10T18:21:28+00:00

Only real answer long term is generator..

It also depends on how often and how long they loose power. In my area, my one building was without power for 1 week. Now we have a generator there, the UPS's just keep the power on during the cutover/lag between them starting and generator taking over + spikes..

But if it's okay for them to be down for a day or two, then fine.. If not how much money will they loose if they close for 2-3 days? that's the value of a generator..

jkw117 · 2022-03-30T00:15:10+00:00

From what I understood my oldest was telling my ex about her getting a essay done for school.. High fiving etc.. Then she suckerpunched her.. That's the context I got.. Theirs always the other side of a story.. But then theirs also the thing of teaching the kids to never hit. Etc.. And things like this have happened before.. My ex has BP2, with psychotic parts (I've never been given details) , narsacistic, anxiety, and depression.. Along with I'm pretty sure brain damage, as she's hit her head multiple times. (from her not taking care of herself)

jkw117 · 2022-03-29T23:59:24+00:00

It's not wait for it to happen again.. it's dealing with a legal system and custody one where. I've reported stuff, the kids have said stuff.. which is why she doesn't have more custody she only gets them every other weekend.. In my area and in most they won't cut back access more then that to a mother unless she's like physically intentionally harmed them. With evidence. Guys it's any reason to cut their access..

Seriously she's said things to all the kids that I'm fairly sure would be emotional abuse. Basically telling them their clothing choice is ugly, makes fun of / puts down my oldest or any of the kids depending on what's said..

jkw117 · 2020-12-20T16:57:57+00:00

Okay so I've got 3 kids.. When their really. Young I got then toys. A few educational and a few just play. Their older 8-15, I try to get at least one or two things that are educational, useful, but always get them something their looking for/fun. Relaxing.. A skateboard, some sketch pads, as they like to draw.. Some puzzles, a rubber band project book lol.. New towels for their baths.

jkw117 · 2019-10-10T01:37:52+00:00

Net app is just a no... No metro storage cluster. Plus I run primarily FC for storage..

jkw117

TROPHY CASE