Thin client, absolutely. They are slow as fuck in most environments as they are just terrible hardware with an onboard OS that still needs to be patched. They are neither a stand-alone computer with full functionality, or a zero client with speed and security; they are the worst of both worlds.
Zero clients though, completely different story as that's a software-delivery discussion.
@DustinB3403 said in SPAM Filtering with Zimbra:
Here come the recommendations for Barracuda Spam Filter (physical on premise). . .
Definitely not physical, but they aren't a clear winner.
There are definitely some caveats with their hosted service. Barracuda has been kind of a weird company... they have some of the best support I've ever had, and it's American so there is no language barrier. But CONSTANTLY buggy... the saving grace is you call support, get someone in 10 seconds, and they say something to the tune of "we've got a bug report on that already, it should be resolved soon", and within about 24 hours or less it's resolved.
I've considered it a company designed by engineers, for engineers. Everything I expect is there:
One gripe I have with their cloud filtering though, is for quarantines every email is treated like a person... including distribution lists. If a distribution group is reachable externally and has 20 users, you will have 20 people resetting that quarantine password every time guaranteed. Another gripe I have is with their email encryption section; I can never remember to escape characters... if you use [SECURE] as the content policy filter in the subject (prepended for encrypted email) and forget to escape [ and ] then send anything with the individual letters S-E-C-U-R-E in the subject then you're going to end up with every single message encrypted with any of those letters in the subject. [SECURE] has to be escaped as \ [SECURE\ ] or it won't work how you want it; fixable, but not the most intuitive at a glance... even a pro tip of "you need to escape characters" would be acceptable.
Other than that, their services are pretty affordable with a decent budget and some good features. Competitors on the same tier would be ProofPoint (though they are starting to show their age while also lacking innovation) and MimeCast (very decent, I put them only slightly behind Barracuda). I put MimeCast slightly behind Barracuda because their main selling point is an Outlook add-in... that's dumb and difficult to manage with lots of users since add-ins are a notorious ticket-generating headache. But I would say MimeCast and Barracuda are still very close in terms of cost and functionality; can't speak to MimeCast support but I hear decent things.
Re: MongoDB Major Change to Licensing
@scottalanmiller said in MongoDB Major Change to Licensing:
Let me tell you, we had been loving MongoDB, but this makes me feel SO much better deciding to move to ScyllaDB recently.
I'll have to take a look into ScyllaDB. Obviously, it's not a 1-to-1 replacement for MongoDB, and maybe that's a great thing. Got any pros/cons while I'm doing some research on it?
I am getting stumped on this one. I was cross-checking some other environments to make sure co-workers environments are up-to-snuff (pretty standard... fresh set of eyes).
I noticed there are 3 environments with on-prem Exchange that don't automatically redirect from HTTP to HTTPS. They require SSL, and I looked at issue tracking and we do get a lot of tickets saying "email doesn't work" with a simple response of "you have to put HTTPS". So, I went down the road of fixing that.
All 3 will be on Office 365 Q2 next year, but I'd like to fix it in the meantime. The 3 environments are Exchange 2010, 2013, and 2016 (all on the latest possible CUs).
Worth noting that I've tried this using various systems on different networks and also using various browsers, thinking maybe it was something on the endpoint side (cached, browser-related, etc).
The most complete guide I've found (albeit, it's 2010) and through a ton of threads finding that it still applies to 2013/2016 is this... https://www.vspbreda.nl/nl/exchange/1409/
I've also gone to C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\web.config and tried adjusting the following line: <httpRedirect enabled="false" destination="https://mail.domain.com/owa"; childOnly="true" />
Anyone got any ideas?
Edit: I'm not receiving an error page, where I'd need to do an absolute link in the Error Pages section of IIS; nonetheless, I had tried that anyway.
@bbigford said in Yealink VoIP Phone Powered by Ubiquiti ER-X PoE:
@scottalanmiller said in Yealink VoIP Phone Powered by Ubiquiti ER-X PoE:
I believe the ER-X is just passthrough, so if you don't have a PoE source, the ER-X can't power anything?
It could if you plug it into a power adapter, given that you don't have PoE in that case. You'd just use the PoE out if that were the case.
Either requires PoE source or power adapter. But it should still be able to power a device, with a power adapter, but without a PoE source to "pass through".
@scottalanmiller said in Yealink VoIP Phone Powered by Ubiquiti ER-X PoE:
I believe the ER-X is just passthrough, so if you don't have a PoE source, the ER-X can't power anything?
It could if you plug it into a power adapter, given that you don't have PoE in that case. You'd just use the PoE out if that were the case.
@scottalanmiller said in MSP Ubiquiti Unifi management:
@bbigford said in MSP Ubiquiti Unifi management:
Are you running your controller on something like Fedora Server?
We use Ubuntu, Jared uses Debian.
Any gotchas between the two, speaking specifically to the controller in terms of stability or anything else worth noting?
@bnrstnr said in MSP Ubiquiti Unifi management:
Also, Windows and MacOS, but you're not going to be spinning up an instance of either of those on Vultr lol
We get free Azure hosting for something of this (smaller) size, otherwise I'd go with Vultr. I'll probably just throw up Ubuntu.
@bnrstnr said in MSP Ubiquiti Unifi management:
@bbigford Debian and Ubuntu are what Ubiquiti support
Good to know. Thanks
@JaredBusch said in MSP Ubiquiti Unifi management:
UniFi is entirely designed to be multi-site and multi-tenant.
Spin up a a UniFi controller on Vultr or wherever.
Go into CloudKey #1 and migrate
Go to Cloud instance and import the backup from the migration.
Complete the migration.
Your devices will just show up because that is how the Migration works.
Add specific users to this site only in the controller. Even Clients!Now repeat the process from the next client.
Add access to new and existing users as appropriate.
Just took a peak at this migration video. Looks dead simple, as you already pointed out. https://www.youtube.com/watch?v=oUJPhLBFXAw
@JaredBusch said in MSP Ubiquiti Unifi management:
UniFi is entirely designed to be multi-site and multi-tenant.
Spin up a a UniFi controller on Vultr or wherever.
Go into CloudKey #1 and migrate
Go to Cloud instance and import the backup from the migration.
Complete the migration.
Your devices will just show up because that is how the Migration works.
Add specific users to this site only in the controller. Even Clients!Now repeat the process from the next client.
Add access to new and existing users as appropriate.
Are you running your controller on something like Fedora Server?
@JaredBusch said in MSP Ubiquiti Unifi management:
UniFi is entirely designed to be multi-site and multi-tenant.
Spin up a a UniFi controller on Vultr or wherever.
Go into CloudKey #1 and migrate
Go to Cloud instance and import the backup from the migration.
Complete the migration.
Your devices will just show up because that is how the Migration works.
Add specific users to this site only in the controller. Even Clients!Now repeat the process from the next client.
Add access to new and existing users as appropriate.
That sounds pretty sweet. I'll take a look into doing this starting next week.
So with some SaaS, the client has their own tenant and then I just setup delegated access for us to be able to manage their tenant. I'm assuming it's similar, rather than a "site" being treated like a physical location, or extension to a core instance like a hub-spoke of an office headquarters and branch offices?
Re: ubnt CloudKey - refused connection
Forking the dicussion...
@travisdh1 said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
Each client gets their own cloud key. If they have a bunch of servers, at $70 I can't justify each customer not having their own.
$70 seems like a lot for an inferior system. Hosted means better reliability and less effort, for less cost. Let's say you have five customers. That's $350 in non-business class hardware, or $120 / year in hosting fees. So basically three years of hosting for five customers is break even with the hardware in cost.
But with the hosting you have the ability to set up and recover easily. With the hardware, not so much. One creates a lot of expensive labour, while one does not.
I think I'd work it the other way around, even if the dongles were free, I don't think that I could normally justify the small savings versus improvements in reliability, ease of use, and reduction in labour time. Paying $70 for those caveats seems weird. If you had only one user, and they had Internet issues, and were insanely cheap (re: tight wads), then maybe. But for multiple customers?
The shorter answer is I've looked at the hosted option but honestly I just haven't explored it yet for a multi-client setup.
Do you want the customers accessing it too, so you have shared access? Or is it only for you with multiple tenants?
Most of the time (above 90%) it's just us, but there are some places that have onsite IT that might eventually. But honestly I'd say probably just us and tell them they don't have access if delegated access is a pain to configure.
It's easy to configure. I think you're making things 10x harder on yourself.
Aside from just web searching, do you have any particularly useful bookmarks for multiple client configs?
@travisdh1 said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
Each client gets their own cloud key. If they have a bunch of servers, at $70 I can't justify each customer not having their own.
$70 seems like a lot for an inferior system. Hosted means better reliability and less effort, for less cost. Let's say you have five customers. That's $350 in non-business class hardware, or $120 / year in hosting fees. So basically three years of hosting for five customers is break even with the hardware in cost.
But with the hosting you have the ability to set up and recover easily. With the hardware, not so much. One creates a lot of expensive labour, while one does not.
I think I'd work it the other way around, even if the dongles were free, I don't think that I could normally justify the small savings versus improvements in reliability, ease of use, and reduction in labour time. Paying $70 for those caveats seems weird. If you had only one user, and they had Internet issues, and were insanely cheap (re: tight wads), then maybe. But for multiple customers?
The shorter answer is I've looked at the hosted option but honestly I just haven't explored it yet for a multi-client setup.
Do you want the customers accessing it too, so you have shared access? Or is it only for you with multiple tenants?
Most of the time (above 90%) it's just us, but there are some places that have onsite IT that might eventually. But honestly I'd say probably just us and tell them they don't have access if delegated access is a pain to configure.
It's easy to configure. I think you're making things 10x harder on yourself.
I'll check it out.
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
Each client gets their own cloud key. If they have a bunch of servers, at $70 I can't justify each customer not having their own.
$70 seems like a lot for an inferior system. Hosted means better reliability and less effort, for less cost. Let's say you have five customers. That's $350 in non-business class hardware, or $120 / year in hosting fees. So basically three years of hosting for five customers is break even with the hardware in cost.
But with the hosting you have the ability to set up and recover easily. With the hardware, not so much. One creates a lot of expensive labour, while one does not.
I think I'd work it the other way around, even if the dongles were free, I don't think that I could normally justify the small savings versus improvements in reliability, ease of use, and reduction in labour time. Paying $70 for those caveats seems weird. If you had only one user, and they had Internet issues, and were insanely cheap (re: tight wads), then maybe. But for multiple customers?
The shorter answer is I've looked at the hosted option but honestly I just haven't explored it yet for a multi-client setup.
Do you want the customers accessing it too, so you have shared access? Or is it only for you with multiple tenants?
Most of the time (above 90%) it's just us, but there are some places that have onsite IT that might eventually. But honestly I'd say probably just us and tell them they don't have access if delegated access is a pain to configure.
Edit: Except I dislike telling a client they don't have access to their own stuff. Only in instances where a client has taken something down due to lack of knowledge and inadvertently caused an outage. The issue really hasn't come up though.
@scottalanmiller said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
Each client gets their own cloud key. If they have a bunch of servers, at $70 I can't justify each customer not having their own.
$70 seems like a lot for an inferior system. Hosted means better reliability and less effort, for less cost. Let's say you have five customers. That's $350 in non-business class hardware, or $120 / year in hosting fees. So basically three years of hosting for five customers is break even with the hardware in cost.
But with the hosting you have the ability to set up and recover easily. With the hardware, not so much. One creates a lot of expensive labour, while one does not.
I think I'd work it the other way around, even if the dongles were free, I don't think that I could normally justify the small savings versus improvements in reliability, ease of use, and reduction in labour time. Paying $70 for those caveats seems weird. If you had only one user, and they had Internet issues, and were insanely cheap (re: tight wads), then maybe. But for multiple customers?
The shorter answer is I've looked at the hosted option but honestly I just haven't explored it yet for a multi-client setup.
@travisdh1 said in ubnt CloudKey - refused connection:
@bbigford said in ubnt CloudKey - refused connection:
@scottalanmiller said in ubnt CloudKey - refused connection:
Might be hardware failure.
I was thinking the same thing. Putting the SD card into another CK did nothing, so I was thinking maybe a bad SD card. I did a factory reboot and left it sitting for about a half hour while I was doing some stuff and filling out an RMA. Suddenly it started performing exactly as it's supposed to. Going to keep my eye on it but it's been solid the rest of the day. Weirdness though; this is only the second CK I've had issues with (another one spontaneously turned off after running for about an hour and refused to come back on).
Any reason you use multiple cloud keys instead of a single online software controller?
Each client gets their own cloud key. If they have a bunch of servers, at $70 I can't justify each customer not having their own. If an engineer shows up onsite and needs to take a look at their controller, they can scan the network if they can't easily find what server the software controller is on (I would hope our documentation was better than that though).
Aside from that, I don't want to centrally manage their stuff and tie them to our services anyway. If a customer gets super pissed and fires us, I want them to easily be able to offboard us. It's frustrating when we take on a client and have to rip services away from another provider that locked them in with management. Granted, we rarely lose clients, but I like to structure it that way in case the day ever does come. It's still easily managed though.
@scottalanmiller said in ubnt CloudKey - refused connection:
Might be hardware failure.
I was thinking the same thing. Putting the SD card into another CK did nothing, so I was thinking maybe a bad SD card. I did a factory reboot and left it sitting for about a half hour while I was doing some stuff and filling out an RMA. Suddenly it started performing exactly as it's supposed to. Going to keep my eye on it but it's been solid the rest of the day. Weirdness though; this is only the second CK I've had issues with (another one spontaneously turned off after running for about an hour and refused to come back on).
This is a new one to me. Got a new CloudKey with a Unifi switch and nanoHD WAPs. CloudKey would allow me to login to it, but I would get a 'connection refused' when trying to access the controller. Powered it on today and was greeted with a boot loop. I put it in recovery mode and manually updated the firmware; that resolved the boot loop.
But doing an IP scan verified that the fallback IP is being used. When logging into the fall back IP, I just get 'connection refused' from any updated browser and using both HTTP/S.
Any ideas?
