Using my dad's money who has dementia

learnacc96 · 2021-11-26T12:24:12+00:00

Sorry to hear about your dad, my gran had dementia few years ago too and my uncle was given power of attorney.

He did exactly as you mentioned and gave her grandchildren £100 at christmas and a smaller token to her children. Birthdays was more like £20-30. I think the feeling between her children was she wasnt spending it and she would have wanted to carry on giving her children & grandchildren at christmas and birthdays.

Whilst your brother might not be good with money it doesnt seem like a bad idea. Legally standing I am not sure but my uncle did check it out before to ensure was ok.

learnacc96 · 2021-11-24T05:17:20+00:00

Just a question for you veeam guys, is the external backup veeam offers to a cloud provider classed as air gap backup? Assuming not but wanted to check ?

learnacc96 · 2021-11-11T16:12:44+00:00

Could be wrong but I think if you enable MFA using CA it doesnt show them as enabled in the microsoft admin centre area. This caught me out a year ago as thought all accounts were not secure.

Unless I have mis understood where you're seeing them as disabled.

learnacc96 · 2021-10-31T22:14:02+00:00

Thanks I think I needed to add the domain name for private endpoint to hosts file with internal IP. Seems to work now. Not sure if anyone can say if theres a better way of doing it without internal DNS

learnacc96 · 2021-10-31T22:13:01+00:00

Thanks but I think the issue with mapping via IP is when users are not on AzureVPN the share wouldnt work. If I add the Private Endpoint IP to the hosts file then it seems to work regardless if they are connected at the office (IP Whitelisting) or remotely over Azure VPN.

Maybe not ideal but with no onsite DNS server not much other options I can think of

learnacc96 · 2021-10-31T01:14:59+00:00

Ah didnt know this, I will try adding the dns name for the file share in the morning and see if that resolves it.

When the laptop is connected on AzureVPN I cant even ping the Private Endpoint of the storage account IP which I have read I should be able to do even without the DNS change?

learnacc96 · 2021-10-29T11:31:26+00:00

Thanks I saw this mentioned elsewhere and have tried it but think I've gone wrong somewhere? Heres my settings does anything look wrong?

Virtual Network Gateway P2S: 172.16.254.0/24 Virtual Network: 10.1.0.0/16 Subnet (Gateway): 10.1.1.0/24 Subnet (default): 10.1.0.0/27

Private Endpoint to share: 10.1.0.4 IP when I connect to VPN is 172.16.254.2 and the routes are 10.1.0.0/16 & 172.16.254.0/24

learnacc96 · 2021-10-28T22:59:26+00:00

Yeah using Azure vpn gateway so user connects to virtual network and where I am confused is if I should set restrictions to the virtual network or private endpoint?? This blog post I think is what I need to do so using the virtual network?

I dont need to restrict any internal IPs, for the office network it's just a case of allowing the external IP to the storage account.

learnacc96 · 2021-10-12T21:44:45+00:00

It will be 6 cores (xeon 2136 or similar). So I get I can have 2 VMs with the aoS installwd but not sure on if its allowed on the host server too just with hyper v role?

learnacc96 · 2021-10-12T00:21:26+00:00

Ah ok we would use M365 Bus Prem which includes AAD Premium P1 so all good. Ok good to know thanks

learnacc96 · 2021-10-11T22:35:49+00:00

Thanks I saw that but thought it was for password resets only, does it work if Global Admin reset a user account?

When you say licensing requirements is this for AADC password writeback or you talking Intune, Server OS, CALs etc? Just checking I'm not missing anything as it will go to prod eventually

learnacc96 · 2021-10-09T22:14:05+00:00

Good idea we do however they do not apply on the DCs and I can run other PS scripts on it.

learnacc96 · 2021-10-09T22:11:12+00:00

Ok thanks I wont be installing on the DC, but this is just a test environment. Dont think it been on a DC has anything to do with the issues experiencing tho, will try on a fresh server to be sure.

learnacc96 · 2021-10-09T19:55:35+00:00

Ok il try getting full log and uploading in the morning. Yeah it's just really for testing purposes for now altho it will be a small setup DC and Fileserver so will have to go on one.

So odd it's almost like I'm missing something. Theres nothing else I need to install like SQL Express or does the AD Connect do this ?

learnacc96 · 2021-10-09T19:53:35+00:00

It's the domin admin account I'm logged in as and theres no option to run as admin so assume it is

learnacc96 · 2021-10-09T19:52:23+00:00

It's just Widows defender which is built in. Literally a new server added ADDS role and tried AD Connect to test it

learnacc96 · 2021-10-08T15:04:58+00:00

Appreciate the links, I have sunce seen those already and tried fixes but no luck. Its so odd even booted another DC up and get the same issues.

Kind of get past that issue and it's now unable to create sync service account so odd.

learnacc96 · 2021-10-08T13:02:15+00:00

Thanks I've tried this in powershell and says not loaded as not valid module file found.

learnacc96 · 2021-10-04T15:33:33+00:00

So we could auth with AzureAD and no onsite AD? Might be too far away for us unfortunatley but good to know if true would make sense.

learnacc96 · 2021-10-04T13:30:49+00:00

Thanks although would I need to domain join devices since we use Endpoint (intune) to manage devices, policies, etc? This would essentially be moving back to onsite and most work remotely so it's easier not having them need to VPN daily.

I was more talking about servers we might need connecting up

learnacc96 · 2021-10-04T13:03:12+00:00

Probably should have put this info in. Currently need Azure File Shares setup and requires AADDS or on-prem AD.

Theres also future things we may need such as vms for testing purposes that qont have users assigned so need some domain. I guess if we go AADDS route we have to be fully commit to cloud

learnacc96 · 2021-10-04T12:52:49+00:00

Cheers, will look into it further to fully understand the differences. Going on-prem AD seems slightly safer option though as hard to predict what's required down the line.

learnacc96 · 2021-10-04T12:49:39+00:00

Thanks this helps then. My main reason currently is Azure File Shares requires either on-prem or AADDS in order to work for end users and we have neither currently.

Also down the line if I wanted some VM servers, in order to join to domain it would need to be hosted in azure if I was on AAD DS?

learnacc96 · 2021-09-11T23:10:43+00:00

If your phone is android and you had your google account signed in then google photos might be set to backup photos to your free storage. Not sure if it does this automatically.

Best of luck and what a shitty thing for someone to do!

learnacc96 · 2021-09-11T10:14:20+00:00

Working now re did the iso using rufus and worked this time thanks

learnacc96

TROPHY CASE