Happy Birthday to @brianwinkelmann

Well I'm probably naive but i took it to mean that hypervisor=toolbox in this scenario. Add tools as needed. Hyper-v works but I also prefer kvm. I read a book a few months ago on it and worked through the multitude of exercises in it and its a lot more powerful than I realized. Also, this doesn't have to be for a server either so that has to be taken into consideration. For example, I run kvm on all my 2 laptops and 1 desktop at home and on 2 machines at work. Use windows vm's when I need something from there.

@IRJ said in AVG deleting data: Setup FIM to see what is causing it 100% FIM?

@scottalanmiller said in Large network of Windows machines without AD - GO!: @notverypunny said in Large network of Windows machines without AD - GO!: Would something like Zentyal be appropriate? Just a package of Samba 4 which is just a third party AD. So this is just another way of saying to use Samba, which is another way of saying "keep AD." If the question is "how can I more affordably do AD", then Zentyal is a great AD distro. But if the question is "how do I ditch AD", Zentyal isn't ditching it at all. Fair enough, I read "without AD" and my mind went to "without M$"

Proxmox 6.1 https://forum.proxmox.com/threads/proxmox-ve-6-1-released.61138/ https://pve.proxmox.com/wiki/Roadmap#Proxmox_VE_6.1

So a few grand every hand full of years to keep the Windows Servers and CALs up to date. That's really nothing at that scale. The Windows devices are what they are. Really, maybe move the mailboxes to O365 or one of the other cheaper favorites here, that's all I see you benefit8ng from. What's the energy behind the need for change? If the hardware is going EoL or something, possibly start moving services to VPSs linked with VPN. But really, between that setup and moving it offprem, it's probably not much of a difference in the end, besides create more latency which users would likely notice. You aren't starting fresh, so there's likely a lot to consider if you're looking to gut the whole thing.

More Monster Hunter Iceborne last night.

@krisleslie said in Anyone figured out how to ZeroTier with AD?: I'm met with a dilemma in that I have 3 offices (and potentially more offices to come) that I want to link up to one AD controller vs having one at each site managed separately. This should be pretty easy for a site level setup. Setup Point to Point VPN between the firewalls at your main site and the remote site - then have DHCP provide the DNS server of your DNS servers at the main sight - pretty much done. I'm doing this for my two remote sites, works perfectly well, and has for nearly 2 decades.

@scottalanmiller said in Policies vs Network Access Control: @Dashrender said in Policies vs Network Access Control: @IRJ said in Policies vs Network Access Control: This is not a problem that can be fixed with compensating controls. It needs to be nuked from orbit and rebuilt properly with employee buy in. At this point - that seems very unlikely if you have users who are willing to nuke their own machines and reinstall. They'll likely demand or at least attempt to demand local admin rights. Really just becomes the same as BYOD. Easy enough to manage. Not ideal, but doable. Exactly - better model in most cases anyhow. Just change how you (the OP) deliver services.

Welcome @krzykat

@mlnews said in Non-IT News Thread: Huawei launches new legal challenge against US ban Good.

@JaredBusch There is a current issue with the SSL let's encrypt that I just submitted to them to resolve (they are using an outdated version with Acme 1 instead of the newer Acme 2): FYI - we've resolved the issue, and I can only assume anyone else that has installed Postcards should have the same issue. The problem is indeed an issue with Let's Encrypt, and specifically: docker: jrcs/letsencrypt-nginx-proxy-companion To fix this issue, please update the docker-compose.override.yml file during builds. Row 35 should read: image: jrcs/letsencrypt-nginx-proxy-companion:latest This will insure that the current version for the let's encrypt proxy is called and eliminate the issue.

@black3dynamite said in CentOS 7 mirrors operation too slow.: @scottalanmiller said in CentOS 7 mirrors operation too slow.: Looks like disabling Delta RPMs (the repos don't seem to have deltas in them) and specifying a fast, local repo did the trick on the first test. We have this issue on several, going to test just removing the deltas to see if that does it on its own. In yum.conf just add the line deltarpm=0 Do you have deltarpm package installed? I don't recall being installed by default with Minimal install. On some we do, on some we don't. But the mirrors don't have DRPMs so it won't work either way. But it throws errors while trying to.

@WLS-ITGuy give this a try, you may need to go back more than a year though.

@JaredBusch said in Can all phones read QR codes natively?: You do not even take a picture, just put it in the camera sights. yeah - that is pretty cool...

Youtube Video

@Obsolesce The thing there is market place for this since VirtKick turned there back on the supporters, and we need simple front end with simple installer (yes looking at you OpenStack)

Discussion on the policy side of this is over here: https://mangolassi.it/topic/20894/policies-vs-network-access-control

@brandon220 said in Voip.ms Fax To Email: @JaredBusch What I'm referring to is that I can take a physical piece of paper that I want to fax to a Xerox copier (in this instance). Instead of using the built-in fax machine function (no phone line attached) I can "email" the document to [email protected] and in the subject line is the actual fax number. When I email from the copier, it comes out as a fax to the receiver. Not as an email. The receiver has no idea that it did not come from a conventional fax machine. Yeah, this can definitely be done - but man, changing the subject line from a Xerox machine is generally a HUGE PITA - no normal user wants to do that ever.

@EddieJennings said in New album by State of Unrest!!!!: @RojoLoco said in New album by State of Unrest!!!!: @EddieJennings said in New album by State of Unrest!!!!: Where's Jibble? On the album before this one called Social Politics (I think that one is on Spotify). /phew I thought that tune was cut! No, it's from the before-time.

@Pete-S said in Delays on servers from Dell: @scottalanmiller said in Delays on servers from Dell: @syko24 said in Delays on servers from Dell: I talked to my rep today and he confirmed the CPU was the item holding everything up. I asked if there was a different CPU option that would speed things up. He said regardless it would be a minimum 10 days before it would ship. I cancelled and ordered a refurb. I wonder why Dell is so committed to only using Intel when there are major supply chain issues? AMD has some great options and I've not seen delays from AMD parts. Dell have plenty of AMD servers too. R7515, R6515 are their new 1 CPU EPYC Rome (2nd gen) models and R7525, R6525 their two CPU models. Then they have some other model in the C-range. And their older 1st gen EPYC servers. With the prices and performance of AMD EPYCs you have to have a really good reason not to go AMD at this point. oh, I didn't realize that they had started adding them to their lineup again.

I've used Graylog previously. We used limited amounts of the dashboards in Graylog and we mostly created our own in Grafana to display things we needed. The advantage to Graylog over Elastic Stack is RBAC is included out of the box, you don't have to purchase X-Pack or custom build anything to get that functionality. But I don't believe it works natively with Wazuh like @IRJ mentioned.