@Dashrender said in Yealink phones: @scottalanmiller said in Yealink phones: @Dashrender said in Yealink phones: I don't see how useful this really is? Sure in a tiny company you might have everyone else's extension as a button/BLF on your phone, but normally you won't. In theory, even a fair sized company has reception and physical phones with 120+ BLF keys. So that it comes up, very common. You only need 120 people that you could reasonably have to talk to (executives, sales, account managers), so that could easily be a company of over a thousand total and still have BLF for all reasonable use cases. But even way smaller than that, we've got the call center using online switchboards and the BLF solution wouldn't work. Sure, but you don't typically deploy sidecars to the whole company. Of course. But in a typical org, it's only receptionists having the problem to begin with, or maybe a team manager. For us, it's the customer service team (more or less a reception desk of sorts) seeing if techs are available. Or the sales manager seeing if sales team is available.

@Dashrender said in How to hide a network printer: The printers are broadcasting, or otherwise making their presence known. You need to look at the printer itself and see if you can turn it off. Now that said, many printers don't have local users/permissions - so once someone finds the IP to the device, they can still add it manually. To answer the OP - If there are no users/passwords to allow printing on the printer, then no, there is no real way you can prevent people from printing to it, assuming they have the ability to install a compatible driver. Removing admin rights and also removing the user's ability to install printers (group or local policy) Yeah I'm not sure how his is setup differently than ours but it must be. The only way for a user here to install another printer would be knowing its IP address, and they dont. Theres no broadcasting that I can tell so maybe thats the issue to look at. I don't do anything with AD either, so my printers are just out of box. I set their IP to what I want it as and assign user to it that I want. I don't use dhcp.

@siringo said in What Are You Watching Now: @black3dynamite said in What Are You Watching Now: New Perry Mason series. They did not hold back with episode one. Huh????? Didn't that finish in the 80s? There’s a new series on HBO.

@taurex said in RingCentral and Vonage: Well, I live in Australia and know quite a bit about local VoIP providers. As far as I'm concerned, no one does it better here than Maxotel. I am not a reseller and don't get any kickbacks from any vendors but their Asterisk-based hosted PBX and their support team have been absolutely amazing in my experience. Check them out. Their PBX base price is great, but their per minute cost to dial is very high and they line limit. So if you have any number or users or make any amount of calls, their pricing is pretty high for the market. I don't know about normal handsets, but their handset prices are significantly higher than any market we've seen and we work all over the world.

@scottalanmiller said in Miscellaneous Tech News: @Dashrender said in Miscellaneous Tech News: @mlnews said in Miscellaneous Tech News: Facial recognition use by South Wales Police ruled unlawful The use of automatic facial recognition (AFR) technology by South Wales Police is unlawful, the Court of Appeal has ruled. It follows a legal challenge brought by civil rights group Liberty and Ed Bridges, 37, from Cardiff. But the court also found its use was proportionate interference with human rights as the benefits outweighed the impact on Mr Bridges. South Wales Police said it would not be appealing the findings. Mr Bridges had said being identified by AFR caused him distress. holy crap - Aussieland actually got something right? Um, no. Don't confuse South Wales with New South Wales. Cardiff is one of the largest cities in the UK, not Australia. Perhaps they should be rebranded as Old South Wales, so as to not confuse the greater populace.

@Obsolesce said in MangoCon 2017: @scottalanmiller said in MangoCon 2017: @Obsolesce said in MangoCon 2017: @scottalanmiller said in MangoCon 2017: @Obsolesce said in MangoCon 2017: @scottalanmiller said in MangoCon 2017: So sad that we haven't done MC this year, ... yet. Missing everyone, more than usual. You could have done a virtual MC and brought in even more attendees. The physical ones are virtual as well so it doesn't seem like only virtual would bring in more than the two combined. They were? I thought they were just recorded and posted to YouTube like a year later? Were there actually live interactive broadcasts? Yeah, maybe not the latest year, but the original two years were done live as well. Who gave their presentations remotely? Weren't they all done on-site? Everyone presented locally to the conference, and it was broadcast to a remote audience. So everyone was local if you were there. Everyone was remote if you weren't. I know @gjacobse was one of the people who attended in year two remotely, for example.

So I got someone from Fanvil to reach out and they said that VoIP Supply in Buffalo is authorized as a distributor. But the Fanvil website says that they are not authorized as a reseller. So... who knows what that means. To be an authorized reseller you have to both buy from an authorized distributor and be authorized as a reseller. Fanvil is disputing VS' rights on the latter. So while there appear to be two actual distributors now, there still appears to be literally zero resellers that are officially authorized. So support will always be "best of luck to you." No one is required to support anything if they don't feel like it. Caveat emptor.

My idea is: Option 1: Set up a new raid10 volume on my host with my spare drive bays. Install a new VM (Fedora 32 server) with 16 Tb of storage and Plex on that same VM. This way, the data never leaves the host and has maximum efficiency. OR Option 2: Set up a new raid10 volume on my host with my spare drive bays. Install a new VM (Fedora 32 server) as a "NAS" with NFS shares for content. Point existing Plex Vm at the new NAS. Data would traverse network between 2 hosts unless Plex was migrated to other host.

@scottalanmiller DBAs. There is still a prevalence of thought that they must have lots of separate drives for any number of purposes. These 'drives' all go to the same two or three luns, and some drives are in the same datastore, so.... splitting drives is just splitting hairs. It makes it easier to see database size, though a good DBA should be able to manage that without complication.

@gjacobse said in pi-Hole: Client and Recursive DNS: And since i'm running this now, I get a notification on recursive DNS - Yup, just ignore them.

Stilton drives wedge between UK-Japan Brexit deal A post-Brexit trade deal between the UK and Japan may have met an unlikely obstacle - stilton cheese. On Friday, the two sides said they hoped to agree the details of a post-Brexit trade agreement by the end of the month. The Department for International Trade said talks are ongoing. But progress has reportedly been blown off course after International Trade Secretary Liz Truss requested better terms for British blue cheeses. The Financial Times, which first reported that talks had hit a snag, said Ms Truss may be looking for a symbolic victory, as sales of blue cheese to Japan from the UK were only £102,000 last year.

I think it's a bit different because it's also user based. This is much more limiting being only a single user.

@BraswellJay yes

@stacksofplates said in How to let only customers download files with wget/curl?: @Pete-S said in How to let only customers download files with wget/curl?: @stacksofplates said in How to let only customers download files with wget/curl?: @Pete-S said in How to let only customers download files with wget/curl?: have scripts serve the data and what not. Wait are you talking about CGI scripts? Yes, that's a possibility when you are using a webserver, instead of ssh. If you access a file over ssh, AFAIK the file is a static file and it is what it is. If you however access a file over https, you can have a script on the webserver delivering you the file and you can send parameters to it. For instance : wget -o install.sh "https://xyz.com/my_special_install_script.py?os=CentOS7&special=2&customer=2432" You just have a gazilion options when you connect over a webserver. Yeah I thought you were providing files through just a default webserver. So while CGI isn't insecure by itself, you have a ton of work in securing the scripts you create. You might be better off just writing a small API to hand off the info instead of trying to properly secure CGI scripts. Another option is a serverless function leveraging the providers authentication to serve the files up. Here's an example from GCP where you can just check require authentication using their IAM. Thanks, I had the intention of letting the webserver authenticate and in most cases provide a static file directly or when needed invoke a script that will provide dynamic content. I haven't checked nginx yet but apache can check client SSL certificates easily.

@flaxking said in SSL/TLS client certificates questions: Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted. From what I've seen so far, I've come to the same conclusion.

@jmoore said in Redoing Home Network: @scottalanmiller I'm the same way, I get that habit from my Av days. I bought Allen & Heath mixing boards, QSC amps, and small Community speakers. This is all professional equipment and it had more options and lasted a lot longer. In fact all those pieces are still working today. Yup, I can from the audiophile world, too. And it was often cheaper to get hifi gear than to get the crappy, sounds horrible consumer junk.

@scottalanmiller said in pi-hole: Group Management: @marcinozga said in pi-hole: Group Management: @stacksofplates said in pi-hole: Group Management: @stacksofplates said in pi-hole: Group Management: @marcinozga said in pi-hole: Group Management: @stacksofplates said in pi-hole: Group Management: I just use CloudFlare for families. If I need to, I can change DNS on whatever to view something. That only blocks malware and porn if you choose to. What about ads, marketing crap, tracking, etc.? I leverage what's in the browser for that stuff. That might not be 100% the best way to handle it, but I don' thave to manage and pay for a server to do it. No Raspberry Pi lying around? Who has an unused computer lying around? lol I don’t, this old box of mine is hitting its last legs...

@stacksofplates said in Local Encryption ... Why Not?: @scottalanmiller said in Local Encryption ... Why Not?: @stacksofplates said in Local Encryption ... Why Not?: @Dashrender said in Local Encryption ... Why Not?: @scottalanmiller said in Local Encryption ... Why Not?: @jmoore said in Local Encryption ... Why Not?: I've advocated we store nothing on our laptops but so far its had little effect. We are very backward here unfortunately. I think storing mostly online is very good and makes services like Nextcloud very valuable in this scenario. It was turned on by the vendor when delivered. Nothing was stored on the device and they had no idea that there was encryption on it. A new laptop showed up that way once - I was like - wth? I think the bigger question was, it didn't get reimaged to whatever standard they're using? Ha, this is medical. Zero standards. Ever seen any medical that has a standard build? Nope. Or even standard hardware? Nope. Or even consult someone in IT within six months of having put a machine into service? Nope. Idk when I was doing my business I had a few Drs offices and I reimaged them when they got one. That's because you got to be in charge, I would assume. Here we are only "as needed" and the head of operations runs IT and only has us fix what she breaks (which is quite a lot.)

@JasGot said in How to start taking a company to Microsoft 365 based operations.: If a customer is asking to go "Cloud based" and they want to stay MS based. What would be you path for a customer who has standard server now. The real trick is getting them to talk about their goals. Going "cloud" or "Microsoft" aren't business goals, those are means, not ends. So we have no idea what they are trying to do, only how they think they will do it. It's like stating your goal as "using a hammer" without stating why or to accomplish what. A hammer is reasonable, maybe. But just knowing it's a hammer, you can't go any further without just making up what they might want to accomplish.

Hanna has been panting Raft today. Her laptop runs it but you should hear the fan.

I am currently using ZT to Route between my various networks, like a Site-to-Site VPN. It can be a pain to set up, but once it's up and going, it's great!