@coliver said in Sudoers vulnerability found:

We talked about a similar issue last week. I don't think it was this exact vulnerability... Just like the previous one though this is more of the "If you configure a system incorrectly and give someone sudo access you're going to have a bad day." types of error rather then a full blown security issue.

Ah, ok. But yeah, if you give someone sudo, you are already trusting them to not fuck up your system.

I have a number of non profits on the free E1 plan. Everything is the same except the bill. 🙂

So HP shipped Enterprise HDDs instead of the desktop labeled drives they had in there from the factory. It took a few hours to mirror each drive and it was totally uneventful. - which is exactly what you're looking for in these types of things.

@Tim_G said in Erasure Coding:

I've no experience with Erasure on VMWare vSAN... but I know that it's production worthy and safe with S2D. It gives you the same resiliency but more efficient capacity. I believe it's nothing more than just an algorithm... so I can't see it being any less safe/efficient when used with a different product.

I do know that all flash = better efficiency.

It actually should do much better one. For some reason MSFT decided to cut off own balls and stop with double parity which is one linear parity sum and one global parity, while it was possible to make N => M e/c, same way as Azure and Ceph does.

As I side note, non-Microsoft RDP clients suck so far. winterminal and thinlinx both are barely usable. Have tried to Azure and Vultr as well as a remote Win10 box. Horrible.

I have a couple HP thin clients arriving tomorrow to test out.

I am also going to give Citrix a try.

If you mention it in a different context.... the bank robber was stressed and so murdered the witnesses.

That's great but "stressed" doesn't excuse the action, especially when the stress was the result of the guilty party. The CFO would not have been stressed here if someone (maybe him) had not screwed up to begin with. Just like the bank robber didn't need to rob the bank, the junior dev didn't need to be set up for failure. That the CFO or the bank robber chose to be in stressful situations and then use that as an excuse to do something far worse than the thing that caused the stress was their own choice and reverts the blame back to themselves again.

@JaredBusch said in How to Install Fedora 25 Minimal:

@black3dynamite said in How to Install Fedora 25 Minimal:

Unlike installing Linux Integration Services, Hot-Add support is not enabled by default after installing hyperv-daemons.

Create a file /etc/udev/rules.d/100-balloon.rules. You may use any other desired name for the file.

Add the following content to the file: SUBSYSTEM=="memory", ACTION=="add", ATTR{state}="online"

Reboot the system to enable Hot-Add support.

See Note 8 on Supported CentOS and Red Hat Enterprise Linux virtual machines on Hyper-V

You mean for dynamic memory to work?

Yes, dynamic memory for ballooning and hot-add.

And a Linux AD server will be something like $2.50 - $5/mo. Whereas a Windows AD server will be like $26/mo.

@bigbear said in Vultr & abusive neighbors:

I am figuring the $40 extra is worth it for consistency for an RDSH environment. On a web app or anything else that wouldn't bother me.

That's what I'm saying. Any time you are paying for "consistency" in IT, you should stop and really, really evaluate that. Consistency sounds good but is almost always a negative. It's like drifting in racing. It's not consistent, but it is how you get the best performance. Consistency is the enemy of performance.

I use pretty much all lowercase and hyphens or underscores. I'm too lazy to escape spaces and a lot of times too lazy to hold shift to get the underscore.

I have 3x office 365 accounts in there right now. All distinct logins.

Just try it guys...

Yeah, and the banners load after the page is up.

I use Comodo one to do this for my clients. It has a patch management feature.

@Grey said in VMWorld 2017:

@scottalanmiller said in VMWorld 2017:

@Tracy_Burton said in VMWorld 2017:

@Grey said in VMWorld 2017:

Unless SW, as a company, changes policies, they won't see me.

I understand but I enjoy going to Austin and I have a good friend that I can see so SW is as important to me as the trip itself.

Are you going to MC this year?

Hopefully he makes it out to MC so he can hang with the team that got them their new SANs in place 😉

CANNOT. No time off. Boss would want me to take this as PTO and that bank is empty. I took time in May and now I have to start saving up for my August '18 trip.

Quit, find new job with more PTO?

@Mike-Davis said in MS VPN connection; Account locked:

@JaredBusch said in MS VPN connection; Account locked:

@scottalanmiller said in MS VPN connection; Account locked:

To sign into the domain, your VPN goes up first. To sign into the laptop, you sign in cached and then fire up the VPN. There is a reason that VPN-first systems like OpenVPN, Pertino, ZeroTier, etc. are so important. They let you do things like central revocation because they always get updates from AD.

Correct. this is the problem. always.

How does that work when they are on a wifi connection that doesn't connect until after they log in to their laptop?

You have cached creds for that. Log in, connect, reboot.

@JaredBusch said in Microsoft Rewards spam - what does this mean?:

It is clearly the Bing rewards stuff.

He signed up for something and is getting spammed for it.

I do have to give them credit for the Super Troopers reference in the second one.

Grandstream has an NVR unit as well.

http://www.grandstream.com/products/ip-video-surveillance/network-video-recorders/product/gvr3552

If learning a Synology interface is the goal, I've got 2 junk units sitting on the shelf you can VPN into and muck around with, they are on the latest DSM.

My Brother HL-5170dn from ~2005 is still running strong.