Best posts made by Ambarishrh

Clonezilla is my current choice to be used as a centralised image deployment tool. I hope FOG is not widely used by the community here. I would like to hear more about this, on what is being used by you all

I am trying to find more details on how the whole device enrollment process works, major part that I am not very sure is how to manage a bulk of company owned devices (iPhone) which will be given to the users replacing Blackberry. How does the initial activation happens, and do we still need to use iTunes and if so, on a company owned device what would be the best practices on iTunes account, make a central single iTunes account and use that for all mobile activation or individual accounts for each device?

The demo for SolarWinds web helpdesk rescheduled to next Tuesday and I hope the dameware version that comes with that (Not very sure about that part either, if we need to pay extra for that, I would most probably go with screenconnect!)

I just saw this https://www.youtube.com/watch?v=UTpRy9bvmwA

Was wondering if this is required when O365 has legal hold available (It is with our package), but on the video, it says about some limitations of legal hold on O365;

No access to archive via mobile devices (low priority)
No Audit trail features
No file archiving
Various limitations for shared mailboxes.

I am looking for a DNS manager to centrally manage all domains and at the moment considering Amazon Route 53, Google DNS or Cloudflare. Amazon from my experience has so much of hidden cost, start with something and end up with a very different cost. What do you all use

@lakshmana said in AD & File server migration (Old to new domain):

@ambarishrh is this you are searching for

https://social.technet.microsoft.com/Forums/windowsserver/en-US/f36ada21-63e9-4902-8951-36eafe62b497/migrate-file-server-to-new-domain-and-export-ntfs-permission?forum=winserverMigration

Thanks @Lakshmana need to test SubInACL

So apple has a tool called device enrollment program to manage all apple devices, which even include over the air deployment of your mdm agent and conf.

https://www.apple.com/business/dep/

This i guess an amzing option and is free. Unfortunately our ISP is still in process to register with apple on the dep reseller id as you need these to associate any new devoces you buy so that it automatically comes on the dep portal. This way as soon as it turns on and connect to any network, all configured profiles, wifi policies, mdm agent etc gets installed.

Now i am trying to find out similar tool that will help me avood going to each phone unpack and install the intune agent!

If you have a mac you can use apple device configurator wmby which devoces can be pre cofigured and push apps. Catch is you need to use usb cable and configure phones one by one

@scottalanmiller said in Decision on Remote Support Tool- ScreenConnect:

@ambarishrh said in Decision on Remote Support Tool- ScreenConnect:

Looking at the installation video, windows installation seems to be pretty easy and i guess i should be taking this route, as moving forward this VM will be managed by our MSP who does not have good Linux management skills

You need to add that to the cost of using an unqualified MSP. If an MSP can't meet your needs, why use them?

They are doing complete windows environment management. This just came in as a request from me, as there are no good remote support tool currently. I will leave them to manage this on win box, but personally would've gone for CentOS

I am trying to make a super simple help desk portal options instead of confusing end users on what options to choose to raise a ticket. I would like to hear what are the options that you usually set on your user portal? Email to ticket is available now, but we would want to train users and promote the portal and eventually close email to ticket or keep it for minimal use. Our IT team is lean and we would like to get issues categorized by users, also promote the FAQ which can happen when they start using the portal.

What I am thinking is to give the following options to the end user portal.

Issue:
PC issues
Connectivity issues
Network drive
Files/folders missing
Email issues

Request:
New hardware
New software
New shared folder etc.

Ive been using 1password for almost 5 years and recently moved to their cloud based subscription from standalone which is $2.99 per month billed anually and covers all apps pc/mac/mobile for 1 user. They also have a plan for family at $4.99 for 5 users and $1 for additional user

May be he is looking for something like https://aws.amazon.com/answers/infrastructure-management/ec2-scheduler/

We have office 365 with one drive and I am currently evaluating this to be used for users desktop and my documents backup/sync. Users can't see any other locations, so configuring those directories to be mapped to one drive would give them 1TB storage and j can enable longer retention on one drive admin.

@mattspeller said in Weird blinking mouse pointer issue on my work laptop:

Eliminate some potential issues here

boot it from a usb stick with some flavour of linux

No issues when logged in as admin

@ambarishrh said in Weird blinking mouse pointer issue on my work laptop:

@mattspeller said in Weird blinking mouse pointer issue on my work laptop:

Eliminate some potential issues here

boot it from a usb stick with some flavour of linux

No issues when logged in as admin

And goes off if i give my user admin access as well, but i don't want to do that as a solution

Explorer flickering and mouse icon flickering were unrelated as i suspected!

Final Solution that worked for me:

Mouse flickering issue fix: Uninstall Spiceworks (Suspecting it was trying to run something and may be crashing due to lack of admin rights)

For Windows explorer flickering issue, i just disabled the "preview pane" and it fixed that problem as well!

We recently hit by ransomware and now working towards enhancing our endpoint and server security. While checking for best practices, found this and interested if anyone tested this before.

https://github.com/prestoncooper/RansomwareDetectionService/

I was looking for a centralized log monitoring option to monitor our entire infrastructure and found this during my search

https://n0where.net/open-source-security-incident-and-event-management

Product https://siemonster.com

Looks interesting

Ive used https://macroview365.com/case-matter-legal-sharepoint-dm/ which connects to SharePoint or there is another product from them for o365 and has plugins for MS office. Takes care of case number, files by date, user etc. Might be useful!

We are hardening our environment to reduce the risk of ransomware attack and would like to get some advise from ML

Few of the changes we are enforcing includes:

Backup: All endpoints are being backed up to a remote location. Veeam backup repo now uses Linux NFS instead of windows NTFS for storage.

Servers: Least privilege method and logging/audit enabled on AD and File server. Harden all servers, reference points from https://adsecurity.org

FSRM to be updated for File server screening using https://github.com/nexxai/CryptoBlocker
https://fsrm.experiant.ca/

End point protection: Av+ Malwarebytes

Usb/removable drives: I would like to have the usbs scanned on a few dedictaed machines that is disconnected from the network, scan with multiple av engines and would even want to go further by opening all files, may be allow all possible options like auto run and see if there are threats. If clean then allow the user to use that USB for that session only. We disabled usb read and write centrally but can't block that permanently as we get usb from third parties. The scanning station can have something like deep freeze which will bring the machine back to its original state after a reboot.

User education: use something like knowbe4 security awareness programs to train employees to identify common threats like spam phishing mails, suspicious links etc.

Firewall with the usual security settings DPI, IDS, IPS etc.

Patch management: Looking at ivanti or shavlik to enhance our sccm and cover third party patches as well. Currently it's package and update