@scottalanmiller what about the other locations that have it?

http://no.archive.ubuntu.com/ubuntu/dists/impish/main/

http://no.archive.ubuntu.com/ubuntu/ubuntu/dists/impish/main/

@dashrender outbound web filtering? or web routing?

@scottalanmiller Okay, but lets see can we request API access to any of them yes. But doing manual work its just not great. Are you saying that you control just a subset of servers and the rest is on their own and the customer cannot give you DNS access even as a request? or is it trying not to get involved with the other vendors or DNS hosting provider?

@scottalanmiller I am confused, if you certbot or any other Lets Encrypt client, it can use DNS verification automatically without needing any server enabled externally. That's what I have been doing with CloudFlare and their API, are you doing something different?
I even apply it to current web facing servers so I don't need to open port 80 as well.

@siringo Glad you had backups.

Had an issue with a Server 2021 R2 Server not installing the 2022-02 Monthly Rollups. The error was

Windows updates failed to install with error code: 800F0831

as noted here.

https://social.technet.microsoft.com/wiki/contents/articles/37901.windows-server-2012-r2-troubleshooting-windows-updates-failed-to-install-with-error-code-800f0831-in.aspx

Found the offending update under the C:\Windows\Logs\CBS folder and it was the KB5005613 and since I had a few servers, created this PowerShell script. Hopefully it is useful.

https://github.com/dbeato/scripts/blob/master/Windows/W2K12-R2-Update-Fix.ps1

@dashrender Outlook on the Web just prints what you have showing only and 1 page. So you will have to scroll down to each part of the notes and print. That's the only way. You can even send the calendar to OneNote but that also is not great.

@pete-s said in Free Hosted Help Desk?:

@scottalanmiller said in Free Hosted Help Desk?:

@dbeato said in Free Hosted Help Desk?:

@pete-s If for internal helpdesk, Zoho is okay but for a business that does manage other customers not so much.

Same experience. Tried Zoho (as we use it for everything else) and it's only so so for external clients.

We use Zoho Desk but we are on the highest tier so we can have unlimited departments, full customization of every department and automate everything that the lower tiers can't.

While we're not doing helpdesk for other companies, I can't really see where it would fall short if you did. But maybe there is a feature missing that you needed and we don't use.

EDIT: @scottalanmiller Maybe I misunderstood - what do you mean by "external clients" Scott?

I am speaking regarding invoicing and contract management on it.

@pete-s If for internal helpdesk, Zoho is okay but for a business that does manage other customers not so much.

@dashrender If you want a portal for OME then yes it is a higher subscription.
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome?view=o365-worldwide

https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-version-comparison?view=o365-worldwide

@dustinb3403 Not that I see.

@dashrender said in New customer - greenfield setup:

A NGFW from Sohos will run around
1 year - $900
5 years - $1800

It's definitely not cheap, but the idea of scanning all of the traffic inbound seems nice. Of course it's really only worthwhile where we can do SSL inspection (can this be down without installing certs on the clients to allow MiTM inspection?)

With the appliance - we could also have multilayers of email scanning - i.e. MX points to Sophos - Sophos then sends to M365.

With Sophos you can do Web Proxy filtering.
Youtube Video

@dashrender said in New customer - greenfield setup:

A NGFW from Sohos will run around
1 year - $900
5 years - $1800

It's definitely not cheap, but the idea of scanning all of the traffic inbound seems nice. Of course it's really only worthwhile where we can do SSL inspection (can this be down without installing certs on the clients to allow MiTM inspection?)

With the appliance - we could also have multilayers of email scanning - i.e. MX points to Sophos - Sophos then sends to M365.

Don't do SPam filtering on the Sophos Hardware, a proper Spam Filtering in Office 365 or Through Mimecast or any other spam filtering.

@pattonb I am assuming you did this already? https://forums.zimbra.org/viewtopic.php?t=65887 and also Ubuntu 16.04 and ZImbra 8.8.12 are old and need to be updated. You can also try to update to the 8.8.15 version but check the prerequisites before doing so. Also can you detail any other issues you are experiencing on the client side?

@pattonb said in any zimbra specialists:

@dbeato 8.8.12 and centos 16

CentOS 16 ?

@pattonb said in any zimbra specialists:

All nginx lookup handlers are unavailable while SSL handshaking to lookup handler

What is your Zimbra Version and OS?

@dave247 said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@dbeato said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@pete-s said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@dave247 Can you use 2FA on the VPN connection when doing it like that? Otherwise that would be a major concern.

Another issue with forced VPN is that if your VPN is down then the users can't login at all and can't work. That's a lot of eggs in the same basket. Does your company have HA firewalls, redundant internet, redundant power etc?

Otherwise using the cached domain password the users could login locally. Then they would be able to use their computers with local files and software and also have access to online resources such as M365 and whatever else you use.

No, you cannot use 2FA from within Windows Login screen with Sonicwall NetExtender.

Actually you can. You just click the icon to pull up NetExtender and punch your creds in, then it asks you for the TOTP.

yea, you are right. I was more thinking the SSO MFA SSL VPN but the TOTP either via email (not as secure) or the Authenticator app works well.

@pete-s said in Looking for simplest/secure setup for connecting a domain joined computer to corporate network when remote:

@dave247 Can you use 2FA on the VPN connection when doing it like that? Otherwise that would be a major concern.

Another issue with forced VPN is that if your VPN is down then the users can't login at all and can't work. That's a lot of eggs in the same basket. Does your company have HA firewalls, redundant internet, redundant power etc?

Otherwise using the cached domain password the users could login locally. Then they would be able to use their computers with local files and software and also have access to online resources such as M365 and whatever else you use.

No, you cannot use 2FA from within Windows Login screen with Sonicwall NetExtender.

@dave247 Yeah correct. Removed by a bug.

@obsolesce said in Windows 11 auto upgrade?:

@dashrender said in Windows 11 auto upgrade?:

@voip_n00b said in Windows 11 auto upgrade?:

@dashrender said in Windows 11 auto upgrade?:

Plus I'm really trying to get away from local AD.

What's that have to do with MDT?

Perhaps nothing, though I've never heard of anyone using MDT outside of AD

It's used all the time without AD.

Sure but with offline media. Deployment would happen with some sort of other PXE Boot Server or service outside of the Windows computer.