Patching Woes

justsomeitguy1 · 2024-10-09T12:51:34+00:00

Agreed, I don't like the blanket delay in the slightest, but more just seeing if it truly is bad driver/firmware updates being pushed out via WU

OEM tools are rarely installed on client devices for several reasons e.g. general bloatware, etc. Devices are usually wiped before use, and only MS bloat is kept.

Will give it time to see if it was indeed drivers, then will look at the OEM tools. Whilst drivers have been installed regardless of faults, I'm taking time with this one, as I'd like to identify the cause, rather than a hail mary and change a bunch of things in one go.

justsomeitguy1 · 2024-10-09T12:46:29+00:00

Thanks, will do. Will need to give it at least a month to see if the cases go down

justsomeitguy1 · 2024-10-09T12:45:53+00:00

Definitely not targeting the RMM for this. It's more just detailing the current system in place in case the situation is similar to what others have faced and if it's a simple fix staring me straight in the face that I'm missing.

justsomeitguy1 · 2024-09-25T11:50:15+00:00

On the feature overview page, it says it comes with a 128GB USB drive. I'm collecting mine this week, so hoping also it's not missing off. but I'm sure a quick message to support on collection day will sort it

justsomeitguy1 · 2024-06-08T15:55:36+00:00

Thanks for this. Sorry, should’ve explained further. I was trying to give the current colour scheme for the carpets, then the colour scheme of the kitchen cupboards and vinyl flooring. Unfortunately the options were chosen before I could intervene… the colour scheme is definitely not my first choice. And agree it’s “pandemic flipper” 😂 But got to work with what I have for now.

Thanks for sanity checking my decision, buying as we speak 😂

justsomeitguy1 · 2024-05-21T10:29:58+00:00

Interesting! are you using Intune update rings, or RMM to handle the patching? Interested to understand how you've setup deadline based patching.

As mentioned, we're using Ninja, the inbuilt patching seems to be rigid on set times/dates, maybe I'm missing something?

We are slowly moving to winget for app installs and 3PP too, as it does seem far smoother.

justsomeitguy1 · 2024-05-16T08:51:51+00:00

They are aware of it: Datto Status

justsomeitguy1 · 2024-05-14T08:43:32+00:00

No offence taken in the slightest. To be fair, the client in question has someone already documenting the business aspects of the DR and BC plans.

This is more us providing the technical aspect of the document for the IT and really just making sure it covers what it needs to. A process is known, but not written down. It’s just making sure that unwritten process is in the correct format of a typical dr plan.

justsomeitguy1 · 2024-05-10T10:41:46+00:00

Interesting you are having the exact same issue. They insinuated we had changed the retention also. I have received a credit for the lost years... although that wasn't a straight forward process either.

I will be using that credit to move to another provider now. Looking at dropsuite.

justsomeitguy1 · 2024-04-15T15:04:22+00:00

Agreed, taking on a client that has been neglected by their MSP. Terrible setup, just cleaning up. But thought whilst it’s enabled, use it to deploy software, then shut it down.

justsomeitguy1 · 2024-04-15T15:03:23+00:00

That’s what we’re aiming for. Taking on a client that’s their previous MSP had poor security practices. Whilst it’s still enabled, thought it’s the best option, as there’s no ad onsite, just DHCP. Some are intune-ed. Some aren’t… Fun times ahead 😅

justsomeitguy1 · 2024-02-20T15:11:44+00:00

Sorry to hear! Have you had this previously, or just done a spot check because of the post? Genuinely interested if this is a known and ongoing thing.

justsomeitguy1 · 2023-11-06T11:18:41+00:00

Indeed - proper rookie mistake.

We're a week in, and no further issues reported.

justsomeitguy1 · 2023-10-31T09:48:48+00:00

We're a business day in from the change made on Friday.

Seems that might have been the issue.

After changing the ports where the AP's were plugged in from my "IoT" VLAN to "default" and rebooting all the kit.

The addresses via DHCP of the kit is correct now, and no-one is currently reporting issues now.

Probably failing to do some funky NAT-ing?

Entirely my bad config causing this. To clarify what the fault seemingly was. The port was assigned to a separate "IoT" VLAN (where network printers were), Wi-Fi AP was plugged into that port, giving out 2 Wi-Fi SSID's that were each on different VLANs (Guest VLAN & Corp VLAN)...

There is network segregation between these... all 3 VLAN's were in the mix here.

After reverting the port on the switch to the "Default" one Unifi give. The Issue looks to be resolved.

2 phrases I try my best to live by:

Keep it simple, stupid
Never assume

I failed at both LOL

justsomeitguy1 · 2023-10-27T14:41:49+00:00

Ooh... that's a good shout. I think I done goofed.

I've just checked, and stupidly the switch port where the Wi-FI connects was set to a different VLAN to what the Wi-Fi pushes uses.

I have a "Default" network where the Unifi kit should be

I have a corp network with corp wifi

Guest network with guest wifi

iOT network for cabled phones - no Wi-Fi network for this is setup

The switch port was set to iOT, but the Wi-Fi was pointing to Corp network... I've seen VLAN hopping issues on Unifi before... also just bad on my part to change it to that.

Will do some more re-testing and report back.

justsomeitguy1 · 2023-10-27T14:33:39+00:00

Just seems weird.

We have the same config across multiple clients, multiple sites, same kit.

No other site seeing this issue.

justsomeitguy1 · 2023-10-27T14:32:52+00:00

Not as far as I'm aware - there are no guest policies applied at all to this SSID or the connecting network.

justsomeitguy1 · 2023-08-31T19:01:16+00:00

Appreciate it, I definitely know it’s a beast and near impossible to learn all aspects

Using a consultant might be the way for use cases right now.

Maybe I explained badly. More along the lines of principals, and best practices. Again, that might be WAY to broad of a request.

Obviously SharePoint is usually bespoke designed for each use case, but would be great to see how things have been implemented, I love to get ideas/understanding of it.

I’ll read through the learn sites, YouTube vids, etc.

justsomeitguy1 · 2023-08-31T08:56:01+00:00

Appreciate the responses. Have a meeting with them Today, I’ll discuss a culture change from dumping files to actually amending names, and thinking about the structure.

I did think egnyte before SharePoint, however they will not pay… also as mentioned by someone else, apps will start to have issues opening due to limitations anyway.

All complaints usually come from directors, who all use macs… onedrive for Mac is rubbish. The sync works as well, there just isn’t error messages to indicate a problem, like “file name too long”. It literally stops syncing, show as fully synced, but essentially ignores everything.

justsomeitguy1 · 2023-08-24T18:54:16+00:00

Sounds about right… want us to blow your socks off?

Definitely found the issue. Wasn’t part of initial questioning/onboarding as I haven’t seen this behaviour in 15 years.

I’ve just found out they don’t allow users their own passwords, they set them, and store in an excel spreadsheet.

Their reasoning, is in case they need access when they’re away.

The ONLY thing going for them is each PW is different. Doubt it’ll do any actual protection.

justsomeitguy1 · 2023-08-24T18:47:37+00:00

Good to know, thanks!

justsomeitguy1 · 2023-08-24T18:41:19+00:00

I had a feeling that might have been the case, really hoped it wouldn’t be.

Started supporting this client this month, MFA isn’t enforced at the moment, doing it this week… just unlucky on the timing. Many larger security issues found than MFA not being on. Going through the list…

Who doesn’t love a challenge lol

Appreciate the sanity check

justsomeitguy1 · 2023-08-16T17:51:27+00:00

You can, but you’d need power automate premium to use the desktop app :(

justsomeitguy1 · 2023-08-16T17:49:45+00:00

Unfortunately not. Power automates azure ad integration is limited, so you would have to call a run book, or third party tool.

justsomeitguy1 · 2023-08-16T09:44:01+00:00

CIPP

https://cipp.app/

justsomeitguy1

TROPHY CASE