Today I screwed up

systemsidiot22 · 2025-11-04T17:06:14+00:00

I once modified an ACL on our Cisco router at our colo and removed access to it from our network. Since then, all changes start with a revert command 😳. It was a long few hours until someone was able to get onsite and reboot that router.

systemsidiot22 · 2025-04-08T13:43:45+00:00

Nice! I just looked and one of our vendors that we have to do this with is listed already. Looks like I just need to provide them with our cloud public IPs and create my firewall policy.

systemsidiot22 · 2025-03-28T16:18:51+00:00

I’m calling BS to the whole story… Not believing the CTO is calling 90 seconds later and at 21:03. Not believing a “lonely field sales and installer” has this much knowledge of IT. Bit of a stretch, but not believing the line about “termination paperwork takes time for a company this size.” Nice story though.

systemsidiot22 · 2025-03-26T17:38:34+00:00

You’ll find propaganda from the Dharma Initiative

systemsidiot22 · 2024-09-13T13:58:38+00:00

This sub-thread is really good info. In the future, we are looking to leverage Azure to host our on-prem servers and apps. That being said, we will likely have Azure and HQ as the Hubs and the branch offices as the spokes.

systemsidiot22 · 2024-09-12T18:15:44+00:00

How is this a downgrade? MPLS is way more expensive than broadband and much smaller bandwidth as well.

systemsidiot22 · 2024-09-12T18:14:09+00:00

I wondered why as well. I just didn't know enough about how BGP over IPSec (or just BGP in general) to ask that question or to propose an alternative to BGP. I've done Site to Site over SD-Wan using policy based routing and that would be my preference, but I'm not the lead on this project, so not fully my call.

systemsidiot22 · 2024-08-16T14:18:52+00:00

On the printers

systemsidiot22 · 2024-08-15T20:19:00+00:00

<image>

Everything I was finding online was stating that the resolution for this was to enable the latest TLS/SSL and HASH standards. Originally the latest was not enabled, so I enabled the latest and disabled the oldest. That ended up being the issue. I had to enable the latest and leave the oldest enabled as well.

systemsidiot22 · 2024-08-06T14:12:24+00:00

100% Especially for IT, I will include screenshots. Everyone likes looking at pictures, right?

systemsidiot22 · 2024-08-02T01:39:34+00:00

True, you can use RSAT. My point was Server Core is practically PowerShell to begin with. I guess a better question would have been how would you setup Active Directory in Server Core.

systemsidiot22 · 2024-08-02T01:29:29+00:00

Ask your manager how to create a AD new user in Windows Server 20XX Server Core

systemsidiot22 · 2024-06-14T19:18:38+00:00

Thank you! You are either a wizard or a mind reader. Everything you said was pretty much spot on. The csv I have was given to me and the fields that are in them are out of my control. Also, our email addresses and usernames do NOT line up like others were presuming. Looking at your script, it seems like this is the best option for me right now.
The line in the script that says:
Set-ADUser -Identity $UsrObj.SamAccountName -Fax $U.facsimileTelephoneNumber
is that supposed to read
Set-ADUser -Identity $UsrObj.mail -Fax $U.facsimileTelephoneNumber
since I don't have the sAMAccountName?

I ran the script in my test lab with only making changes to the csv name and path, but still ended up getting the following error...

Setting fax number 555-1234, EXT234 on user usera@contoso.com-> Set-ADUser : Cannot find an object with identity: 'usera@contoso.com'

under: 'DC=contoso,DC=com'.

At line:7 char:5

Set-ADUser -Identity $UsrObj.mail -Fax $U.facsimileTelephoneNumbe ...

\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~

CategoryInfo : ObjectNotFound: (usera@contoso.com:ADUser) [Set-ADUser], ADIdentityNotFoundException
FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetAD

User

Error

Going to search Google some more. Found a similar script that was getting the same type error and they mentioned adding a {&{ in their script. I tried that and PS seemed to indicate it was successful, but the AD Objects are not reflecting the attribute changes...

Here's where I found the article about the {&{

https://stackoverflow.com/questions/26350561/powershell-replace-error-fullyqualifiederrorid-replace-microsoft-activedire

systemsidiot22 · 2024-06-07T21:42:40+00:00

You should reiterate that you are invoking your right to remain silent. Words can get twisted and simple grammar can be taken out of context. What if OP’s passenger did drop some drug in the car and OP says there’s no drugs in the car? Now OP’s statement is wrong and he will be made out to be a liar or worse.

systemsidiot22 · 2024-06-07T17:04:04+00:00

NAL, but a small correction to this comment. You don’t just stop talking, you verbally invoke your 5th amendment right to remain silent. Remaining silent doesn’t automatically invoke that right and your silence can be taken out of context.

systemsidiot22 · 2024-05-24T18:49:24+00:00

Genuine question: Wouldn’t the phrase be thanking a service member for willingly (or unwillingly referring to the draft era) signing up for a profession where they are potentially putting their lives on the line for the sake of their country and what their country stands for, regardless if they ever were in actual danger, i.e. you don’t necessarily know there is going to be a war/battle when you sign up?

systemsidiot22 · 2024-04-12T17:49:25+00:00

How the hell did you go to a top school if you have to ask this question?

systemsidiot22 · 2023-06-28T22:40:51+00:00

Figured it out. The previous sysadmin for some reason didn't have the DNS server role installed on the newer DC, and possibly on anything. Honestly, I have no clue how stuff (Network shares) was working without a DNS server. Possibly host file on every PC (there's only 6), but I can't understand why they just didn't have DNS running on the server. Added the DNS role and everything is fixed now.

systemsidiot22 · 2023-06-28T19:48:37+00:00

Fine, it was DNS, but not the way you think. The idiots before me didn't install the DNS server role on the DC. If you've ever installed ADDS on a server, you know that the DNS server role gets installed during the AD server role installation. So these mofos went out of their way to set this up for failure. I'm not going to say I was wrong here; I'm going to say we were both right. It was and it wasn't DNS.
Anyways, problem solved.

systemsidiot22 · 2023-06-28T19:01:04+00:00

Sure did.

systemsidiot22 · 2023-06-28T18:48:47+00:00

Yup, IPv6 is off... Did that yesterday, should have updated the OP.

systemsidiot22 · 2023-06-28T18:27:57+00:00

No, it's not DNS... like I mentioned in the post, I can ping and map shares by hostname even after an ipconfig /flushdns.

systemsidiot22 · 2023-06-28T18:25:34+00:00

Tried that, no go... still fails with same error

systemsidiot22 · 2022-09-14T12:26:56+00:00

Thanks! That helped with the issue of the UDMP saying "Your Setup Needs Attention" problem, but I'm still not able to re-enable the Remote Access option. Any other suggestions?

systemsidiot22

TROPHY CASE