Yeah, my guess is that to do it properly will be cost prohibitive for them. They want it in 4 different locations and I bet they will baulk at anything over $1,000 / location.

So the long and the short of it is - Scott is saying - no filtering is worth it, either on the employee side or the guest side.

i.e. the firewall is not a place to provide filtering (via either IP blocking or DNS website blocking) - there is not enough value if it has any cost.

Doing something simplish like Cloudflare's DNS filtering is worthwhile because there's no cost.

@jaredbusch said in beyond bash shell scripting, what language should I use:

@scottalanmiller said in beyond bash shell scripting, what language should I use:

@jaredbusch said in beyond bash shell scripting, what language should I use:

@stacksofplates said in beyond bash shell scripting, what language should I use:

@jaredbusch said in beyond bash shell scripting, what language should I use:

@scottalanmiller said in beyond bash shell scripting, what language should I use:

Go is great as a language. But like Ruby, not installed generally. And fewer resources. If it was a greenfield new OS, yeah, Go for sure. But for practical reasons, Python I think.

As these are systems that I control, there is no reason Go cannot be installed.

Between your comments and prior ones from @stacksofplates I think I might try Go in order to learn it.

You normally wouldn't install it anyway as it's not a scripting language. You'd just compile your binary and ship that to your systems.

I completely misunderstood that about Go. Okay, I will do a bit of checking and decide what I want to do.

oh sorry, I figured you knew. That's why I never look at it, I don't want to deal with binaries in that way. But nothing wrong with that. Write it on your machine at home, compile, ship binary. Works just fine.

As fixed tasks, this is not a bad solution. So I will keep it in mind.

Right, no big deal in this case.

@jaredbusch said in Import a QCOW2 Into Proxmox:

@dashrender said in Import a QCOW2 Into Proxmox:

@scottalanmiller said in Import a QCOW2 Into Proxmox:

@jaredbusch good point, Linux doesn't "detect non-local" like Windows does.

ug.. what a pain that is!

ummm wut?

that windows detects SMB shares as remote.

@dustinb3403 said in Win 11 Home - install with local account:

@dashrender or just don't install Windows 11 Home if you don't plan to give Microsoft more insight into your personal habits.

This in my opinion makes little sense to work around from an end user or implementator standpoint.

With the online account you get better integration to backup systems (OneDrive).which for a home user is a pretty important feature. Among other features.

If you simply don't want these features for.a home device, why bother with Windows 11 at all?

If not already, not a practical thing for a typical home buyer buying a new computer today, because Win 11 comes on the computer.

But you're right - those people likely are better off using those services than not. God know if they buy a mac they are buying into that ecosystem - if they buy a chromebook, they are buying into that ecosystem.... so it's not really any different.

None the less - not many home users are surfing ML - and those that are should be able to find answer like this.

@jaredbusch said in Small switch for small branch office recs?:

@dashrender said in Small switch for small branch office recs?:

Today, the answer is really any switch you can find that fits the stated requirements.

I would change that to: Any switch fitting the requirements that can be delivered.

So much stuff back-ordered it is insane.

Sadly, this ^^^

@dbeato said in any zimbra specialists:

also Ubuntu 16.04 and ZImbra 8.8.12 are old and need to be updated.

General system admin rule of thumb.... always update before troubleshooting. There is a high chance that patching alone will resolve issues.

@pete-s said in GKE Auto Scaling down to shut down resource usage and save costs.:

@stacksofplates said in GKE Auto Scaling down to shut down resource usage and save costs.:

@pete-s said in GKE Auto Scaling down to shut down resource usage and save costs.:

@irj
Interesting, I know nothing but aren't you using the cluster autoscaler?

It's supposed to scale up and down automatically as needed with the settings you give it. If it doesn't scale down as far as you like, have a look at the settings.

Autoscaling depends on the apps. If your app can't withstand a shutdown it's not a good idea. When more nodes are added the scheduler might move the pod to a different machine.

Yes, but that is why you have settings. How far you want to be able to scale down and how far you want to be able to scale up.

But I don't know much about it though except what I've picked up from videos like the one below: 🙂

It's not really about cluster settings. Even adding one node can cause a pod to be rescheduled. Then the node has to download the container and start the app which could take quite a bit of time depending on your container size. The point was the only time to enable autoscaling is if you know your app can handle interruptions.

@irj said in Windows 11 auto upgrade?:

Yeah. I have windows 10 on my home pc with auto updates and it only asks me if I want to upgrade. It never forces me or does it without my consent.

But if you do not give consent, it will update without your consent anyway (after some time) 🙂
You just can't stop updates on Windows 10, only delay it for some time.

@jaredbusch
The development is super. I would also like to add the union of two different groups from internal and Extension into one xml and you can assign only one button, there will be fire.

@dave247 said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@dbeato said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@pete-s said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@dave247 Can you use 2FA on the VPN connection when doing it like that? Otherwise that would be a major concern.

Another issue with forced VPN is that if your VPN is down then the users can't login at all and can't work. That's a lot of eggs in the same basket. Does your company have HA firewalls, redundant internet, redundant power etc?

Otherwise using the cached domain password the users could login locally. Then they would be able to use their computers with local files and software and also have access to online resources such as M365 and whatever else you use.

No, you cannot use 2FA from within Windows Login screen with Sonicwall NetExtender.

Actually you can. You just click the icon to pull up NetExtender and punch your creds in, then it asks you for the TOTP.

yea, you are right. I was more thinking the SSO MFA SSL VPN but the TOTP either via email (not as secure) or the Authenticator app works well.

@rickygm now based on your experience, what other options are there to push with asterisk? I don't want to depend on third party services.

@dashrender said in SPF records - for all A records?:

This site is pretty good also for checking the whole mailing stack
https://www.checktls.com/TestReceiver

That one was new to me. I'm going to check it out.

Another awesome resource, one that can test your own email from the receiving end is https://www.learndmarc.com/
It just great and will explain what happens.

It's made by uriports. We just started to evaluate their DMARC report monitoring service. Looking good so far.

@dashrender said in Recommendation: Non-Profit Site hosting:

Why do you need WordPress?

Do you need that level of functionality?

We're going to be looking at redoing my company's website this year (I think). it's on WP now, but really, it's completely just static pages, there is no need for on the fly changes - unless they wanted to change the whole theme.

It's more of the feature set... being able to use a WYSIWYG editor for events, announcements and such. In some regard- yes WP is over powered, but it also allows for the tie ins like Calendar, Mailing list, and more.

@pmoncho said in ER-X firmware Upgrade:

@marcinozga said in ER-X firmware Upgrade:

It probably is bricked. The same happened to my ER-X when firmware 2 came out. I got it booted eventually over serial cable, and if I remember correctly it displayed something about internal storage.

I noticed others have had the same issue in the past.

I just saw the serial connection setup. Did you just use the USB-TTL device to connect?

The part that bugs me is I had check the storage issue prior to upgrade. Had 58% free so I figured I would be ok.

I used this cable:
https://www.amazon.com/gp/product/B00QT7LQ88?psc=1

I didn't bother with recovery, I just wanted to see what the issue was. I bought another ER-X and kept it on 1.x firmware.

@dustinb3403 said in TacticalRMM issue today, anyone else?:

Sounds like you're using this in production, correct?

Truth. It's not the only remote tool that we're using, but it's a nice backup / complement to our other options.

@voip_n00b Yes

I'm going to make sure that registry setting is applied correctly on a few PCs and then restart them. I'll report my findings on Monday.