@gjacobse said in (Air Gapped) Data Storage and security:

Can you (how do you) Air gap and secure data and still be able to make it available to a (end user)

Once the user can get to it, it's not air gapped any longer.

@Dashrender said in 3CX Linux Beta:

@scottalanmiller said in 3CX Linux Beta:

@Dashrender said in 3CX Linux Beta:

@JaredBusch said in 3CX Linux Beta:

@Dashrender said in 3CX Linux Beta:

@scottalanmiller said in 3CX Linux Beta:

@Pete-S said in 3CX Linux Beta:

So when you push a button and have all your phones upgraded to the latest 3CX/Yealink firmware you pretty much know that everything is going to work afterwards.

Now that is a pretty solid value that could make up for quite a bit of cost.

I was wondering how much value this provided. I've done some firmware updates via FreePBX - been a while though - and I didn't find it very easy, though not end of the world hard either.

A push button solution though would definitely be nice. Anyone know if the endpoint module for FreePBX is there yet?

Then you were doing it wrong. Assuming you have the paid EPM, it is all just built in. Always has been.

If you were going without the paid EPM, then it is still easy if you have setup auto provisioning manually during initial setup.

I've never used EPM.

That's the part of FreePBX that does that stuff.

Yes I know... JB has always suggested against it's value in the past.

Because setting up manually once does take some skill, but after that, it is simple file replication.

@Dashrender said in rfc 2821 + postmaster:

@scottalanmiller said in rfc 2821 + postmaster:

@Dashrender said in rfc 2821 + postmaster:

@scottalanmiller said in rfc 2821 + postmaster:

@Dashrender said in rfc 2821 + postmaster:

It could be an alias - so it wouldn't have to be a paid account.

That's correct, but the actual postmaster isn't normally someone at the final company, but at the email provider.

Think about some small sewing business with two old ladies. They order email from Office 365. Which one of them should get the postmaster emails? Neither of them can do anything about them. Should their nephew, the IT guy get it? He's not responsible for their email or any of their decisions. Only Microsoft has any reasonable hope of using that info. So an alias would break the postmaster and send the emails to the wrong place.

OK sure, but in those cases, there really isn't a true cost to the hosting provider - they could build the system in such a way to not show the account to the account holder yet get the emails to the hosting provider. Yes this would take coding... but it's not impossible.

Right, and maybe they do. But I think that the issue is... no one does and it is unclear who is responsible for conforming to the "rule".

yeah - is the hosting provider or the client? both will/could say it's the other, and then it's simply never done.

And I think it shows that the concept might not be valid any longer. Neither is likely capable of doing anything valuable with that email.

@Dashrender said in Scam calls/emails:

@JaredBusch said in Scam calls/emails:

@scottalanmiller said in Scam calls/emails:

@Dashrender said in Scam calls/emails:

the EHR vendor say - nope not us - unless we've had such a catastrophic hack that we can't detect it in our logs.

"Not in our logs" is a pretty weak defense of not having been hacked.

While true, I would also lean towards his network being infected and him not knowing it, over a large EHR vendor.

We also know (assume as a smaller SMB) he has no SEIM to give him information about the state of his network.

I definitely agree with this. The odd thing is we can't find a correlation between these incidents. Not the same doc, not the same staff, not the same computer.

Same network, though.

Already in WSUS too

@Dashrender said in Excel freezing:

@wrx7m said in Excel freezing:

@VoIP_n00b said in Excel freezing:

Excel is a bitch

Especially, here. They are running all their forecasts through it. Excel using something like 16GB of RAM for one sheet.

As much as that likely belongs on a DB server somewhere - who's going to set it up? and program the new interface, etc?

yeah. that has been in the works for over a year. We are syncing the data to SQL and then will be able to run queries and also export it to Domo.

@Dashrender said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

You can certainly do this with Intune and office 365. Basically you'd be able to wipe all corporate data as long as it's kept in office 365.

With Office 365 MDM, you can't disable the ability to do a full remote wipe. You do have more control over that with GSuite. Does Intune give you more control?

I'm pretty sure you can do what I described, but I'm not 100% sure.

https://support.office.com/en-us/article/Choose-between-MDM-for-Office-365-and-Microsoft-Intune-c93d9ab9-efb2-4349-9b93-30c30562ee22

It's not a question of what you can do, it's a question of what can the IT department be prevented from doing. The difference between wiping company data and wiping the whole phone just being different buttons does not reassure me.

This is how you do it - from MS link I posted earlier

"Enable your users to more securely access corporate information using the Office mobile and line-of business apps they know, while ensuring security of data by helping to restrict actions like copy, cut, paste, and save as, to only those apps managed by Intune."

If you restrict actions like copy, cut, paste, saving, screenshots, etc then you keep the data inside Office Mobile. Then you just remove the Office Mobile app remotely.

Are you able to enable remote removal of the app with just this feature?

You actually dont even have to do that. If they cannot login they cannot get to any of the data.

Assuming an encrypted cache, this sounds like a viable option. We have 100 Intune licences, so I can insist on being one of the users managed by Intune rather than Office365 MDM. But based on my recent experiences, I'm not too keen to have email or Teams on my phone.

what experience is that?

Nothing to do with the application, just to do with being always working. I did a 108 hour week followed by a 90 hour, followed by a 70 hour. I've now removed all work communication from my phone in order to try to get some peace when I can.

@Pete-S said in laptop slow after installing Spectre/Meltdown mitigations:

Wasn't the bios also involved in these mitigations?

In so much as a micro-code patches for the processors are concerned - yes. My processor is updated to the most current, Oct 2019. Doesn't matter - performance still sucks!

I applied these reg changes, rebooted - then applied a script I've done many times before. It was amazing how slow the script ran compared to other machines. I took a video, I'll see about posting it later.

@Pete-S said in Windows Server licensing for HA?:

If you have two servers and run HA, does that mean that you have to license Windows Server standard for the maximum number of VMs running when you have a failure?

So for example,
Server A: 16 cores, runs 6 VMs normally
Server B: 16 cores, runs 6 VMs normally

So each server has to be licensed for all 12 VMs running on 16 cores - so 6 x Windows Server Standard licenses for each server, total of 12 licenses?

But if you didn't run HA, you would only license each server for 6 VMs, with 3 x Windows Server Standard, a total of 6 licenses?

Is this correct?

Yup.

If you're running a HA setup of Server Standard, all physical servers must be licensed for all Windows Server VMs that can run on them. This means each physical server in your HA cluster must be licensed for 12 Windows Server VMs.

So yes, you are correct in that to license 12 Windows Server VMs on both of your physical servers, you'll need 6x Windows Server Standard licenses for each server, 12 "licenses" total as you said.

it does help, any solutions for samba file servers, and WSD ?

@stacksofplates said in Installing Hugo Static Website Generator on Linux:

@scottalanmiller said in Installing Hugo Static Website Generator on Linux:

@stacksofplates said in Installing Hugo Static Website Generator on Linux:

@scottalanmiller said in Installing Hugo Static Website Generator on Linux:

However, they don't have any standard Linux install documentation on their website and only show using Homebrew, a MacOS package that essentially no one on Linux uses. Very odd.

I just looked. I'm not sure what you're talking about. The page clearly shows snaps, dnf, apt, pacman, eopgk, and pkg_add for OpenBSD.

https://gohugo.io/getting-started/installing

Completely different than what I got from the same link this morning. I went to that page, clicked on Linux, and they only showed Brewlinux, which isn't even the current name of the system.

Way back machine shows it's been there since at least the 13th.

https://web.archive.org/web/20191113183617/https://gohugo.io/getting-started/installing/

Very weird. I wonder if it was a cache somewhere? I definitely poked around this morning and Linuxbrew was the only thing that it had and had it from every link that I tried on their site.

@Alex-Jones said in FreePBX UCP behind a NGINX reverse proxy:

@scottalanmiller You can't login. I am able to get the the Web GUI

So it accepts the username and password, but it just doesn't work?

FastStone also works fine.

https://chocolatey.org/packages/fsviewer

Currently driving, but should be able to look at update relatively soon.

@nadnerB said in Trying to find a good, on-premises, multi-department help desk application:

@Kelly said in Trying to find a good, on-premises, multi-department help desk application:

@nadnerB said in Trying to find a good, on-premises, multi-department help desk application:

@Kelly said in Trying to find a good, on-premises, multi-department help desk application:

@scottalanmiller said in Trying to find a good, on-premises, multi-department help desk application:

@Kelly said in Trying to find a good, on-premises, multi-department help desk application:

I was just talking to some vendors about this at a conference recently (yesterday). One of the ones that really caught my eye was TopDesk. I don't know if they support on-premises deployment or not, but I think the others might check the right boxes. I have no idea on pricing, but I believe they were the ones that do their licensing based on FTE count (due to having a broader focus than just ITSM).

Not one that I've heard of before.

There were quite a few that were there that I'd not heard of. This my first interaction with them. They've been around for quite awhile. It may be that they're more well known in the European market since they're based in the Netherlands.

Their back end for the hosted system is written in Dutch but they do provide some kind of translation ($Dutch_word = $English_word) so you can poke about. Also, they (TopDesk) must do the software upgrades (logging in remotely and doing the work). Not your team.

They also now have a SaaS version but that's not one of the OP's requirements we couldnn't get away fast enough.

(I inherited workig with it).

@nadnerB Are these issues that linger with the current version, or not? It would definitely remove them from the running if they persist.

From what I've seen of the new version, it's just an upgrade to what we had. They don't appear to have made any drastic changes, just GUI, and maybe a few "catch up features"... cue the Jurassic Park Effect thoughts.

Points of note:

Their customer portal is locked away, so you have to be a customer first before seeing anything in their walled off community. No backgrond automations Ticket visibility was a huge issue Lacked basic functions of modern helpdesks

The good things of the on-premesis install

We had unlimited agents Can be set up for multiple departments (which we had but that department bailed and followed us to FreshService)

I found that there was a specific way of thinking to operate it and there was little flexibility (one way to do things), settings were buried and difficult to find. Granted our setup had been poorly managed for years but the sales guy couldn't convince us that there had been dramatic changes since the last upgrade (several years), or that they could meet all our "Have to have's"/Deal breakers

Good feedback. Thanks.

@JaredBusch said in Anyone play around with VR?:

@Donahue said in Anyone play around with VR?:

I read about the Hololens2 yesterday, it seems promising. The $3500 price tag isn't ideal but if it worked might be worth it. But I don't know how far I could test or confirm that a system like this found function for us without just buying it and testing it. It may have to end up being one a speculation cost if it doesnt work out, but all of this stuff is completely new to us. I think we have applications for both VR and AR, depending on the circumstances, but I think that AR is probably the harder one to pull off.

I don’t know of any AR better than hololens, even with the small view space of the first one.

Yeah, for what it was/is... the hololens was amazing!

@JaredBusch said in It's been a while...:

I have always assumed that means there are some, likely, fringe issues that are just common enough that they don't want to mark it stable yet for the upgrades.

That is exactly right 😉

@Dashrender said in Windows 10 Screen Shot No Longer Working:

This might help you find or reset it
http://hkcmdr.anymania.com/

Thanks, will try it.

@jt1001001 said in SIP, PBX, E911 routing and teminology.:

I spent nearly 6 MONTHS with their engineerig and support to finally get E911 working correctly

Good to know!