Got some servers to reboot this weekend so will have to put my xen server on the list to check and reboot

@Mike-Davis said in Authenticate Laptops to Wifi against ActiveDirectory:

and on the Meraki side, you chose WPA2 Enterprise, correct?

Definitely WPA2 on the Meraki. I'll check my conditions though. Thanks for the tip.

@FATeknollogee to answer your original question, I host mine on site or in colo so far, simply because the capacity already exists for any client that is using it.

If I need to recommend it to a client without infrastructure, Vultr storage node will be the first suggestion for most deployment sizes as Scott mentioned.

I bet Ansible or Salt have options for it too.

@jrc said in Linux Permission Assignments:

To me a group is a collection of a certain type of user and is then used to streamline permissions to certain resources. EG Instead of giving read permission to Cathy, Joan and Frank, you can just create a group with them in it, and give that group read permission thereby simplifying your job.

I cannot for the life of me think why you would want a single user group with the same name as the user in it. Are there permissions that can only be assigned to a group rather than directly to the user?

What am I missing here?

Setgid creates group specific permissions for files in the directory with setgid turned on.

Having a group id also lets you do things like have root own a file and be able to modify it but let apache and only apache read it.

Edit: I see Romo beat me to it with the links. I didn't read them until just now.

Thank you for your feedback on 5nine Manager, guys.
Our goal is to provide an intuitive yet powerful product for complete centralized Hyper-V management experience.
It is now de-facto standard for managing environments with up to 20 Hyper-V host.

Now we are going even further, and prepared a great product, that can help you scale, segregate user management roles with RBAC, automation support and even more. Enjoy!

Beta program for 5nine Manager Datacenter is now open to public:
http://try.5nine.com/beta-5nine-managerdatacenteredition/

@scottalanmiller said in Nethserver for FTPS/SFTP:

@alefattorini said in Nethserver for FTPS/SFTP:

It should work flawlessly, do you have any issue?

I guess a big question is, with Nethserver is.. does it "just work" or is there a setting that needs to be selected? Not sure if this is the default behaviour or not.

Mostly this. I haven't done anything with it yet and before I invest the time, I'd like to know if it possible and/or how difficult it is, especially since a co-worker claims that it did not and he went with IIS to get the same task done (and then he sat there cursing the whole day because he doesn't like Microsoft products).

@jimk said in What's Even Cooler Than Cloud Computing? Space Computing:

This is big news. Some will find it very good and cool, while others will be seriously freaked out by it. I'm curious to see what the actual payload will be for $2M per launch.

Combine this with SpaceX new ISP in space, our entire Internet might be floating above us soon!

@Joel said in Hosted Data Solution:

The downside to Dropbox and similar solutions is that we'd need to download & sync their 200GB to each computer including 1 external user.

That size puts them at a pretty small Vultr tier, too.

@Mike-Davis said in "You don't just restore a server":

I would poke around it long enough to figure out if the server had been logged in to, or if a user's computer encrypted all the files. You don't want it coming right back. Like others said, figure out how it got infected and then restore back before the infection.

If you want to do that, in 95% of cases, take a fresh backup, isolate it and do that offline in a forensics lab after you deal with getting production back. Just leaving it alive could result in more data leaving the environment.

@NerdyDad said in Proposed Session: SELinux Deep Dive:

I'm resurrecting this topic for suggestion to discussion for the DFW Mango Meetup.

Oh nice.

@momurda said in Restoring SBS after cryptoware infection:

Wasnt there an SBS version where the only way to join a doimain was using IE on a client?

With SBS, you can do things the "normal" way, but if you use their tools like the dashboard, it does some extra stuff in the background. For example, if you run the web based join program, it sets your DNS statically so that the server is the first DNS server. This is useful if your router is doing DHCP and you can't turn it off. It helps someone that is not a full time admin take care of the basics.

@JaredBusch said in OpenSSL CSR with Subject Alternative Name:

@EddieJennings said in OpenSSL CSR with Subject Alternative Name:

@JaredBusch Correct. The "ye olde way" is how I've typically made a CSR and private key. The link I included talks about making a configuration file, which allows you to include SAN in your CSR.

Ah, did not read the link. Yes, using a config file is the only method to get any SAN on a cert with OpenSSL.

And after re-reading my post, I realized how terrible it was :(. I was hoping to find a one liner kind of thing, but alas. That particular article made it clear how to do it.

By this article, some of the unindexed files could be file attachments...

https://support.office.com/en-us/article/Unindexed-items-in-Content-Search-in-Office-365-d1691de4-ca0d-446f-a0d0-373a4fc8487b?wt.mc_id=o365_portal_mmaven&ui=en-US&rs=en-US&ad=US

@wirestyle22 said in Renaming all user profiles to *.old:

@Reid-Cooper said in Renaming all user profiles to *.old:

You could... accidentally run a script that would make you required to rebuild everything.

Nah, it's not my job to force them to make the right decisions. Not even my friend

Well then, do whatever bills the most.

@KOOLER said in StarWind Virtual Tape License Error:

OK, there are good news and bad news.

Bad news: VTL is NOT included in the free version.

Good news: we'll add some LIMITED availability of it soon, just didn't;t decide on a restriction set.

Excellent news: I can give away to Tim_G an unlimited VTL license free of charge "just because" 🙂 So he's welcomed to drop me a line to

anton AT starwind DOT com

...and I'll engage him with the responsible persons here to move on.

P.S. Just a link to VTL thing:

StarWind Virtual Tape Library (VTL)

https://www.starwindsoftware.com/virtual-tape-library-feature

Sounds great, email sent!

This should get my project testing going once the license is ready.

@scottalanmiller said in Migrating Logs:

Really, log shipping with local storage is a thing of the past as well. Not what you are looking for with your use case, but long ago people did this. Today if you want to store logs beyond what fits on the local system you look at remote log servers like syslog, rsyslog, Kiwi, Graylog, ELK, loggly, Splunk and so forth. They have more useful platforms for dealing with centralized logs, archiving and backups.

Then we get into why you would use each. What product benefits what situation 😄

Easy way to identify LAN dependencies... consider opening a branch office. Do you feel that you need a VPN for a service? Guess what, that's a LAN dependency 🙂

@jrc said in Let's play name that computer:

@Tim_G

The machines you see in the picture are mostly 286 and 386 machines, so 1987 - 1991 or so. That said, 5.25' drives were still used in computers well into the early 90s.

Yes, I'm guessing VERY late 80s or early 90s from the looks of it. Not that that means much, but the style and materials feel like that era.

@jrc said in A Small Orange - bandwidth limit exceded:

Anyone mention web crawlers on here? Indexing servers (like Google) will hit a website over and over again looking for changes to catalog and add to their index.

Try adding a robots.txt to the root (http://www.robotstxt.org/robotstxt.html(

They should not create traffic anything like that.