@FiyaFly said in Outdated Java and IE security settings for CUCM. When did this become okay?!:

@scottalanmiller said in Outdated Java and IE security settings for CUCM. When did this become okay?!:

That seems pretty bad.

For firefox, had to follow this: http://stokebrand.com/blog/2015/7/6/cannot-login-to-cisco-callmanager-after-firefox-update
For Java, I had to drop the security from very high to just high, disable some "Block these apps" settings and add an exemption for the https://IP:port of the CUCM server.

For those who don't want to follow the link for firefox, I had to set these in about:config
security.ssl3.dhe_rsa_aes_128_sha=false
security.ssl3.dhe_rsa_aes_256_sha=false

Perhaps you need to setup a VM specifically for managing that old equipment.

@Romo said in Would you use public link editing' of documents?:

That's a feature available only if you have a GSuite account for work or education

ofc not in Nc, that feature is for everybody, we don't differentiate 😉

@Dashrender said in Unifi switch SFP fiber connections:

Now I'm going to put my original SFPs back in place and see if those work.

Swapped and it's working great.

I can now say that 10Gtek stuff is compatible with Unifi Switches.

Not sure this really matters anymore since Ubiquiti now sells their own branded SFPs and they are very reasonably priced.

@scottalanmiller This is about the closest you get to a GUI

alt text

You can try logging as that user in Safe Mode.

@wirestyle22 said in Security Camera w/ POE Injector:

the camera has a 12V DC power supply. Do I need a specific POE injector? I'm assuming I do.

WOW, all than angst!

I read this on my phone at first and read it to mean (though in reading it now on my computer i could see others taking it to mean something different) that the camera could take EITHER 1) a 12 VDC wall wart OR 2) POE.

POE is a known specification, so just buy something saying it will provide POE and you should be golden.

But it looks like you're already sorted.. so that's good.

@scottalanmiller said in Dash's old Greenway EHR build thread:

@JaredBusch said in Dash's old Greenway EHR build thread:

@scottalanmiller said in Dash's old Greenway EHR build thread:

@Dashrender said in Dash's old Greenway EHR build thread:

Which reminds me - Hey @scottalanmiller when did Scale come to your attention?

4-5 years ago I'd think. Knew about them for a while when they were just getting started. They hit their stride about 6-7 years ago and worked up a track record. They have been around for a while, but was doing just storage first, then transitioned to the new products. I've been on the Scale boat four times, I think. I knew them for a bit before the first time on the boat, but not a year before, I don't think.

As always your sense of time is warped.

This was only the third year for the boat.

The HC3 was introduced in 2012.

Only the third? That explains my length of recall on the product. But boy it felt like the fourth boat ride.

I missed the boat the first year because I was stupid and went to the HP thing. That was 2014.

@scottalanmiller said in Converting Second Domain Controller from Physical to VM:

@wirestyle22 said in Converting Second Domain Controller from Physical to VM:

@Texkonc said in Converting Second Domain Controller from Physical to VM:

@wirestyle22 said in Converting Second Domain Controller from Physical to VM:

I'm most likely going to need to create another thread this weekend. Going to make a from scratch domain + domain controller as if we were just establishing a business.

Why?
Starting from scratch will mean the users will have to join a new domain, meaning their user profile will be changed on the desktops. You know how users fear change...

I'll be doing it at home (weekend). Sorry. I have a test environment at my place.

This falls under "one of those tasks you should definitely have on your home lab list" if you want to work in Windows, SMB or desktop administration arenas. A lot of people who work with AD at work will run AD at home full time. I've had AD (or its predecessor) for my home machines since 1997 or 1998. I've never run stand alone machines at home.

servers paying dividends

I only perform my non-secure bank transactions on public wifi...

Fastest possible internet connection ever! So fast in fact that no one can steal my private data...

@stacksofplates said in What is DevOps?:

@scottalanmiller said in What is DevOps?:

@stacksofplates said in What is DevOps?:

@scottalanmiller said in What is DevOps?:

@stacksofplates said in What is DevOps?:

@scottalanmiller said in What is DevOps?:

@stacksofplates said in What is DevOps?:

@scottalanmiller said in What is DevOps?:

@stacksofplates said in What is DevOps?:

@scottalanmiller said in What is DevOps?:

Two very common SDI tools are Ansible and Salt, but two that are extremely different. Ansible works purely through agents that run on individual servers. Salt uses a central console to control agents. This oversimplifies both, but gives us an idea of the diversity in the way that different systems work.

A common way for smaller shops to work with Ansible is to install agents locally and those agents do nothing more than pull their own configurations from a central Git repository. In this way, in order to manage individual systems, all that needs to be done is for the correct state definition to be stored in the right Git repo. Ansible handles the rest. It looks for updates and applies them when they appear. This is a pure "pull" structure.

Salt works differently. The Salt Master can push commands, almost instantly, to Salt Minions (endpoints.) With salt you can issue traditional commands in real time and see the responses in real time on the master. This makes Salt very powerful for monitoring, in addition to control. State configurations are stored on the Salt Master, rather than on a separate change repository, and when applied can be pushed out instantly to all nodes that are currently online, no need to wait for a polling interval. This is a pure "push" structure.

Ansible is all push through SSH (they have some kind of pull mechanism but I don't think anyone uses it), it doesn't use any agents at all. You can also run commands directly with Ansible. Ad hoc commands are a big help with Ansible, it fixes the weird workarounds you have to use to get sudo to work with remote SSH commands.

Now you just run

ansible host -m shell -a "whatever you need to do" -b -K

One of their big selling points is that you can do pure push, all agent, no server 🙂

It doesn't use any agents at all. It's all Python. There is no "server" like with Puppet (there is a server in the sense that there is one or multiple machines you do everything from), but there is a machine(s) you push from to other machines.

Servers are typically pull, not push.

No. Agents are pull. The server holds the configs and the agent checks in and pulls the config. Ansible is push and specifically states that on their website.

Not necessarily. Salt is an agent but push. The agent doesn't pull. At least not by default.

It's the exception then. Chef and Puppet both pull. I really like the pull system for CM. I use Ansible for orchestration.

Yup. The push is their huge selling point. No other major player does it. And no open ports either. Doesn't need SSH which is huge.

How does the agent know to interact? Just heartbeat every few seconds?

Open connection. They always talk.

@Dashrender said in Cost Study: 3 Node Scale vs. 3 Node VMware IPOD:

@wirestyle22 said in Cost Study: 3 Node Scale vs. 3 Node VMware IPOD:

@Mike-Davis said in Cost Study: 3 Node Scale vs. 3 Node VMware IPOD:

@Dashrender yes, I was thinking of agentless solutions like Veeam. So if it has KVM support it will work with Scale?

I wish I could help you with this. No place that I've worked at has needed something that big 😞

I came really close - I just missed the Scale boat. 3 years ago when looking at a replacement EHR I posted about some ridiculous needs. Many conversations with Scott - and Scale never came up. Looking back, I have to assume that Scale wasn't something we knew about quite yet. Instead I was looking at a $100K two server setup with something like 20 disks each (mainly for IOPs - this was pre acceptable SSD pricing). Management went with another solution (one they hate today) because the startup costs where so high.

Found my old crazy thread.
https://community.spiceworks.com/topic/310103-new-greenway-install?page=2

Yeah I was reading your thread earlier. It's interesting.

Any lockups since the fix?

@maalmeida said in I cannot get any invitation from Spiceworks:

@Romo Exactamente. Con el dns no me dejaba entrar y ahora con la ip si pero me muestra eso

Si te muestra eso por que la configuracion por default en servidores del explorer es muy restrictiva, lo cual es normal y recomendable puesto que realmente no se debe navegar desde los servidores.

Lo importante es que con la ip si te intenta cargar el acceso a OWA, si trataras con el puro nombre del servidor tambien te deberia de mostrar lo mismo que con la ip.

That's Alpha, I don't normally even both with Alpha in the lab.

We use Cisco Any Connect that authenticates against AD, but is not tied to any kind of GPS and it works for us just fine. Except for deployment, I see no need in using GPS.

If we use GPS for anything, it's with RADIUS for our wireless network. That works in one location but not the other. And this is only because both locations have different wireless systems and in how each system implements RADIUS and authenticates a laptop against an OU.

@scottalanmiller not yet. But the user will be in my office tomorrow and will test on WIFI there.

@aaronstuder said in EDGE E3 SSD Drives:

My boss will be talking to the Directory of Sales today.....

Any update?

A bit shorter

wget -qO- icanhazip.com

@aaronstuder said in LINUX 5 FOR $25 BUNDLES:

@scottalanmiller How do they compare to O'Reilly?

Not as good, but decent. O'Reilly is pretty good in general.

@aaronstuder said in Latest server arrival:

@scottalanmiller

Seems to only support 2012 releases.

Hypervisor:* Microsoft Hyper-V Server 2012 R2 or Windows Server 2012 R2

My guess is that's just from a testing perspective.

@kooler ?