@Dashrender said in Tenant disabling of Basic Auth cause OAUTH iPhone to break:
is it possible to know which method was used when signing in with the native client?
I found a workbook that can be used to uncover apps/users using legacy auth. Although that was more helpful before October since now it's more reactive. https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-legacy authentication
@Dashrender said in Tenant disabling of Basic Auth cause OAUTH iPhone to break:
is it possible to know which method was used when signing in with the native client?
Technically, I think you could dig that out of the Azure activity logs but I haven't really looked into it much (although that question keeps surfacing). But it's not something you'd be able to see on the client side since it doesn't determine the auth, it's just prompted at the time the request is generated so by re-entering the password in settings it'll generate a modern auth request if basic was used prior.
+1 for Mikrotik for that use case. It gets a ton of hate in small enterprise but for shops that were/are using Ubiquiti, it's a great router option. It's super inexpensive and has plenty of features. They do also make switches.
@scottalanmiller said in Misc go-to FOSS options:
@bbigford said in Misc go-to FOSS options:
TSQL: Defaulted to MySQL until some devs spun off concerned with the Oracle acquisition and started defaulting to MariaDB
Again, it's about workloads. Doing a website, MariaDB. Doing a robust application, PostgreSQL. Doing a traditional workload with only one application touching it, SQLite.
Where does MariaDB fall down with a more robust application compared to PostgreSQL? Wondering when you start to lean toward PostgreSQL.
@scottalanmiller said in Misc go-to FOSS options:
@bbigford said in Misc go-to FOSS options:
TSQL: Defaulted to MySQL until some devs spun off concerned with the Oracle acquisition and started defaulting to MariaDB
I think you mean "Relational Database". SQL is a general purpose query language intended for relational databases but used for any kind. T-SQL is the specific language of MS SQL Server and nothing but Microsoft's product ever has used it.
ah, you're right, relational was meant here, not TSQL. Good catch.
I've been wondering about others' preferences on a few things. The landscape of operating systems and databases has changed a bit in the last few years. Not curious about Windows or MSSQL, nothing new there.
Server OS: I've bounched back and forth with CentOS before Stream (the split between 6 and 7 was weird), Ubuntu Server (seems to get a lot of hate, no idea why), Fedora Server (also seems to get some hate, not sure why), RHEL (only when the customer absolutely requires the support and can't convince them otherwise), Debian (not used a ton, not sure why, pretty barebones)
NoSQL DB: MongoDB went through a really shady legal bit when they were doing their as-a-service initially, which basically spelled out they own your IP if you use their DB with your app, haven't checked back to see if that got cleared up. On-prem I've used CassandraDB and MongoDB mainly, and started looking into ScyllaDB more recently.
Relational DB: Defaulted to MySQL until some devs spun off concerned with the Oracle acquisition and started defaulting to MariaDB, mainly see PostgreSQL in larger deployments but don't know much difference to go with one over the other than what a vendor leans toward.
What are some of your go-tos these days? Why?
@Dashrender said in Excel freezing:
@bbigford said in Excel freezing:
Microsoft only recently changed the "recommended" install to 64-bit.
Hardware acceleration has given me heartache in the past.
Disable add-ins, then enable one by one to see which one causes a hang (if any are causing that).
Run a memtest, I've (rarely) had this cause the issue but sometimes a bad stick from the factory has caused Excel-heavy users to experience performance issues.
On older PCs, it's sometimes due to a failing drive; but it's unlikely the SSD from the factory is the issue. Just worth noting.
Beyond that, it's often content based... pulling tons of links from the network, updating various content on the network that's using cells in the sheets, etc.
Decent list of options
- user is on 64 bit - I made the switch for my images about the time MS made the recommendation change
- hardware acceleration is disabled, but only after reported issues
- there are zero Office add-ons
- good idea - I'll run a memtest tonight. This is a 6 month old workstation class HP machine, though it does not have ECC RAM.
- could be failing drive - but this user has been having issues for years over 4+ different machines, seems unlikely.
- The files do all live on the network - a Windows 2012 R2 server. Most if not all of the excel files do not reference other worksheets.
Ah, you'll waste your time on memtest. I didn't realize it was happening on 4 different workstations. It's not the workstation.
I've also had this be a permissions issue. I had one weird incident where a file had share and NTFS permissions all over the place. It was basically recalculating the perms while they worked, because I changed shared to FC everyone and gave the person most access to the folder and the issue went away.
Nice video.
I've found in conversations that if I provided too much technical detail, thinking they wanted to know, it ultimately destroys the conversation and gets everyone off track. Approaching conversations with business value first, technical second, was an interesting growth area for me.
@Emad-R said in Robocopy/7-zip bat file with high compression ratio:
try to use those
simple put ``` at the start and end to make blockAnd that looks very complex, robocopy is meant to be easy I used it back in the day
simply
robocopy /mir /mt source targetanytime you want to make full copy make 7zip archive of it, like snapshot.
I use /mir /mt: most often. Works fine. I sometimes forget /mt: and immediately see slowness with large jobs.
Microsoft only recently changed the "recommended" install to 64-bit.
Hardware acceleration has given me heartache in the past.
Disable add-ins, then enable one by one to see which one causes a hang (if any are causing that).
Run a memtest, I've (rarely) had this cause the issue but sometimes a bad stick from the factory has caused Excel-heavy users to experience performance issues.
On older PCs, it's sometimes due to a failing drive; but it's unlikely the SSD from the factory is the issue. Just worth noting.
Beyond that, it's often content based... pulling tons of links from the network, updating various content on the network that's using cells in the sheets, etc.
We support several tools for BYOD, VMware Workspace One and Microsoft InTune being the most common.
For the companies that support BYOD, they will ask some specific users to put email and company apps on their phone; but they don't strongly imply or anything toeing legal related.
The MDM solution used is really specific on the data that it can see and has control over. If a user chooses to use their personal device, they are agreeing to have that company data controlled, not their entire device; meaning that if they leave the company then the company can remotely remove that data from their device. The company is also monitoring the usage of that data within that company app, as part of the terms that the user is displayed with upon setting up the app.
If a user is provided a company stipend for a cell phone, by using their personal phone, there may be qualifications of a device that have to be met. These could include: phone call and SMS text messaging availability, photos, email, and specific company apps that run on a certain platform such as Android and/or iOS. Basically, the company will provide a stipend to most modern smart phones, no flip phones as they likely don't have the basic functionality for certain things such as email/etc. If a user is uncomfortable with the company having any access to their device, then they can go without the stipend, but the company is thereby not allowed to attempt contacting the person on their personal device as that's a clear separation; another alternative is a company requiring the employee to carry a company-provided device instead of offering a stipend, with certain hours/days that the employee must respond to inquiries using the device (possibly even limited to whom they are able to respond, i.e. no personal calls made or personal data stored).
@scottalanmiller said in KVM Desktop Setup Ideas:
@DustinB3403 said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@DustinB3403 said in What Are You Doing Right Now:
@dafyre said in What Are You Doing Right Now:
KVM is also nice because you can continue using that machine as a regular desktop as well, if you need to do so. (Can't do that with VMware, Hyper-V or XenServer).
No one expects to use their Type 1 hypervisor as a desktop.
What? Tons do. Both KVM and Hyper-V are very popular for exactly this.
No. . . very few people say "I'm going to install Hyper-V and use it as my daily driver on my Dell Server" no one does that.
Actually a HUGE number do. It's insanely common for developers especially and IT folk. It's hard to state how common this is.
Have you never heard of the desktop virtualization market? This is a totally normal thing. Nearly everyone I know does this, both IT and dev and loads that are neither.
The only reason I don't use Hyper-V for testing is because we get VMware Workstation for free as a partner; I used VirtualBox for a long time when Hyper-V on Windows 7 couldn't create virtual machines, just to test out a few things or use it as a place to keep up-to-date images which I could capture later for deployment without using any additional server resources.
Type 1 definitely runs better as it doesn't stack the hypervisor on top of the OS, but I definitely don't see VMware Workstation going away.
I can see a couple niche things about VMware Workstation though; of course, there is more to add to the list. 1) Many that don't use it to push new configs to their VMware environment; if it's just being used as stand alone for some VMs, you could use literally anything else (and many are free obviously). 2) Nested virtualization to test clustering, site replication, etc while not needing to buy really expensive hardware.
One thing I am shocked many MSPs don't do, which we've done since the first deployment, is secure each Office 365 CSP account (delegated access to each customer through one provider portal) with MFA. In reality, if the MSP was compromised, every customer is then compromised.
I also witnessed many MSPs not securing their secure password databases with MFA. They secured the front end client application in case a computer was compromised or stolen, but the database itself was wide open.
@StorageNinja said in Is the Physical Thin Client Era Dead?:
@bbigford said in Is the Physical Thin Client Era Dead?:
They are slow as fuck in most environments
Are they slow, or did someone underprovision the Shitrix environment behind it?
Not a configuration issue with infrastructure (Citrix or VMware), since zero clients ran great. The thin hardware endpoints were always just slow as fuck.
@Emad-R said in Guess what SSH can do VPN:
The protocol that has more features than my mom
I envy you for having a living mom.
@Dashrender said in Why are Windows Management GUI Elements So Tiny?:
@scottalanmiller said in Why are Windows Management GUI Elements So Tiny?:
@WrCombs said in Why are Windows Management GUI Elements So Tiny?:
I was actually just talking about this with some coworkers of mine.
If you ever work with any other system, then work with Windows, it's shocking how silly and ridiculous it is. You can't "see" anything. It's like they wanted to mock people for choosing the GUI.
I love how you frequently go to this - they must want to mock people..
I'm sure it rarely if ever actually starts there. As already said - it was legacy, and never updated. They are finally getting around to updating most of the control panel applets - but we're still frequently stuck dealing with the old style for things like the java security admin, etc.
But wouldn't that be hilarious if it were true?
Internal MS plot to fuck with people: "Haha these idiots buying our operating system for the GUI... you know what would REALLY be funny? Release management tools that they can't see, so they have to squint their eyes and get really close to the screen. Their eyesight will get worse and they'll look even older while doing it with that stupid look on their face. HAH!!"
@StorageNinja said in Is the Physical Thin Client Era Dead?:
@scottalanmiller said in Is the Physical Thin Client Era Dead?:
@Dashrender said in Is the Physical Thin Client Era Dead?:
@scottalanmiller said in Is the Physical Thin Client Era Dead?:
@StorageNinja said in Is the Physical Thin Client Era Dead?:
@Dashrender said in Is the Physical Thin Client Era Dead?:
Why are you locked to GPO? Why can't another management solution be used?
Because plenty of people have other applications and platforms that for AAA use AD and don't support other LDAP/Kerberos systems so given how cheap per user a CAL is they say "screw it" and use AD to distribute GPO (note GPO isn't tied to AD it's just commonly viewed that way).
Wouldn't that affect the other side of the VDI, though, not the client side?
Couldn't it do both?
Maybe, I mean you CAN control thin clients with GPO, but not normal thin clients.
Correct. The thin client itself I see managed by either thin client management tools (
TerradichiTeradici) or by MDM API's.
FTFY 