@wirestyle22 said in DNS Update Issue:

@scottalanmiller said in DNS Update Issue:

@JaredBusch said in DNS Update Issue:

@Dashrender said in DNS Update Issue:

@JaredBusch said in DNS Update Issue:

@Dashrender said in DNS Update Issue:

@scottalanmiller said in DNS Update Issue:

@Dashrender said in DNS Update Issue:

@JaredBusch said in DNS Update Issue:

@PhlipElder said in DNS Update Issue:

@JaredBusch said in DNS Update Issue:

@wirestyle22 said in DNS Update Issue:

@Dashrender said in DNS Update Issue:

@wirestyle22 said in DNS Update Issue:

Simple case of me never doing this wrong I guess. What a weird thing to screw up. Didn't really have time to sift through it all.

What do you normally use for your top level domain on an AD build?

ad.domain.com theoretically. Everything I've ever touched is already in place. Although i'd love to rebuild my families infrastructure from the ground up.

If it looks like this, then it owns domain.com

Oh man, what a mess.

Meh, not bad actually. Perfect? No. But small enough to not be a problem really.

Definitely not what I would do now if I set it up new.

This is just a throw back to the new days of AD. MS suggested just this - then after a while they suggested domain.local for the internal domain, and now they recommend ad.domain.com for the internal domain.

MS originally suggested domain.local and stuck to it for a long time. That's how it started.

Pretty sure domain.local wasn't the thing in Windows 2000 days, that came in 2003 and lasted, as you said, a long time.

In 2000, it was simply domain

Man - I know that a TON of people did that - but I didn't think that was the actual recommendation. I guess I'd have to find some old Win2K docs....

I don't know about MS recommendation, but when I was setting up NT4 networks prior to 2000, it was the recommendation from the company on how to setup their stuff.

NT4, yes. But it behaved differently. AD I thought started with the .local recommendation.

We have a .local here

same

@scottalanmiller said in What Are You Doing Right Now:

@Donahue said in What Are You Doing Right Now:

my kid's school doesn't even allow costumes or acknowledge halloween in any way. Kids that showed up in costume were not allowed to enter the school.

Are they opposed to holidays across the board? Or just Christian ones? Or just religious ones? Seems an odd thing to be opposed to as it is so universal both ethnically and religiously. Enough secular input to not make non-religious kids uncomfortable, but a solid religious base so no amount of religious requirement would take exception.

Neither. They are against the distraction that costumes bring. They want to make it a normal school day.

the benefit I see of tags over folders is while you can nest folders, there are times when I would want a file to have more than one tag, and folders or nested folders just wont cut it. I have a good example. We have CAD drawings for standardized parts that we use on several machines we manufacture. We are currently storing two separate (but equal) copies in two folders that are next to each other in the hierarchy. One folder contains all of the standard drawings, and the other folder contains everything categorized by type and keyword, much like a tag. But it's very stupid because there is a pretty high chance for someone to update one, but not the other. A shortcut would work, but they dont do that at the moment. But tags would be perfect. On our other drawings, we could have tags for customer, machine type, year, drawn by, etc. I can see how using tags would allow for seeing and searching the data any way you want. But folders are pretty limited in what they can do, and it all hinges on having a well thought out system, and usually ahead of time. Our primary drawings are all stored by year first, and then by drawing number, which is sort of like a project number. But the drawing number is baked into the file name, and we just have folders for years. In order to find the drawing we need, you have to consult some other document that can do all the cross referencing. Its a major pain. It would be heaven to be be able to do a search that said "show me all drawings related to customer A for Product B". I bet we could do that with tags, but not with folders. You could argue that you could just setup the folders to be by customer and then by product type, but then you wouldn't get a good search for "drawn in the year 2015". You can setup folders to make any one particular search type easy, but it becomes very hard to make a good search against something that the folder structure didn't account for.

TLDR, tags ware way more flexible.

my kid's school doesn't even allow costumes or acknowledge halloween in any way. Kids that showed up in costume were not allowed to enter the school.

sadly, it doesnt work for all file types.

check the link, its at least as old as windows 7

mindblown

I would like to know too. Is there a way to incorporate tags into a windows environment? Perhaps with something like NC?

wow, thanks for all the replies guys, this was unexpected.

As far as the ERP, I don't know specifically what part of the application makes it dependent on windows, and honestly, I doubt the software company does either. But, I don't see this particular ERP as being a long term solution for us.

For CAD, one thing that was mentioned and is very true, is that we constantly have to share CAD files with customers, and they are all using either Autocad or Solidworks. While those files dont have to be the native files, there are some more agnostic file types, it does make is simpler if we use the same applications as our customers. However, with that being said, I can easily see something like cloud versions being more common place in the next 5 years. We may not be able to replace the legacy way to do it now, but that will eventually change.

As for Draftsight, its terrible. We have it and it will not really even open any drawings we currently make. This is true of most cheap CAD software. We don't even us most of the crazy features of Autocad (or Solidworks), the feature that draftsight is missing has been in autocad for like 20+ years.

Thanks guys, I will check fedora cinnamon and ubuntu out. One question, cinnamon with just fedora, or both?

@Dashrender said in What makes people want IPSEC at line speed:

You're 10 miles apart, any chance for a site to site wireless link?

OK so making them split between some things local and some remote - why not move them 100% remote? Give the users a full RDS desktop, and have them completely stop using their local system?

1 Gb connection for CAD is still going to be an issue in my mind - I don't really see this solution being better, but who knows, you might get lucky.

What is your end goal for backups? If it's to continue taking tapes to the bank, why not just pick up two tapes/drives, whatever, one from each site and deliver them to the bank instead of copying over the WAN?

no wireless without large towers unfortunately, I looked into it before settling on what we did, but I didnt want to try and deal with renting space on someone else's tower. It was getting intimidating and that plan would have been probably more than I could have pulled off.

I am not sure a full RDS desktop would work under the CAD load, and I know it is not allowed under autodesk licencing without getting Citrix involved.

In theory, the 1gbps WAN should be similar to the 1gbps LAN, at least that was my thought. I realize now that latency may still be an issue, but it has only been in place for maybe 2 months. Time will tell if that is the long term solution.

For backups, I have been and currently am doing everything from my location, which is now the HQ. I am backing up roughly ~600GB onto a 1TB external SSD via usb3. I've got somewhere between 6-8TB of total data that I would like to backup, but I had neither the space nor the time to get that all onto a single device that I could take offsite. This forced me to have to choose what to backup, because of lack of anyone higher than me that could/would give me a solid business policy to follow. I don't like being responsible for deciding what does and what doesn't make it into these offsite backups. One problem I am running into is that the person giving me the requirement for offsite backups (the CEO) has no clue what there even is to backup in the first place, because no one here (with a few possible exceptions) can even understand this stuff. I had a conversation just yesterday with him about wanting some direction on how long he wanted to retain backups, and if he wanted that retention done onsite or offsite. He couldn't really give me an answer, he just wants the "drawings" to be backed up "forever". In the end, I basically talked him into officially telling me to do what I had planned on doing in the first place, just so that we had "officially" talked about it. That is probably off topic though.

Current: Like I said, we are currently backing up 600GB worth of files to a single usb SSD that I rotate out on a weekly basis. Before the IPsec was in place, it took ~150 hours to complete, which since they were weekly backups, took basically the entire week. Now they are completing in ~50 hours, but I am still pulling individual files across the WAN.

My plan at this point is to move everything over to a single new host at my HQ. This host will be running local SSD's, see https://mangolassi.it/topic/18201/large-or-small-raid-5-with-ssd. I've got two existing hosts (I picked one up along the way) that will be repurposed once the new host is in place. One will become a veeam host (it will be getting new storage), and the other will become an empty host used only for restores. All three hosts will be on a new 10G network, and the veeam host will be getting a tape drive (most likely, see https://mangolassi.it/topic/18209/adding-tape-drive). By using LTO-7 tapes, I can backup literally everything I have, and take those offsite. I am going to backing up to disk on the veeam host, and then copying those to tape. I am also going to be copying my backups across to my branch site. With the new setup, I should be able to do the offsite copy job in a matter of hours. So, I will have 4 copies of the data, 1 production, 2 onsite backups, and 1 offsite backup. I will also be able to run everything from veeam instead of trying to mix that with individual files.

I still need to decide on how much storage to give said veeam host, but it seems challenging to determine how much each backup requires in the way of storage space, especially since I am deduping mine now using windows server.

@JaredBusch said in What flavor of linux to replace windows?:

@Donahue said in What flavor of linux to replace windows?:

@JaredBusch said in What flavor of linux to replace windows?:

I woudn't bother even trying until you work out your ERP solution to not be dependent on Windows.

I want to start looking into it now, by getting used to it from personal use. I know we are a long way off before we could run linux at any sort of scale, but I can personally start.

You can run Fedora + Cinnamon and use a Windows 10 VM for your ERP needs. I assume you do not need CAD.

unfortunately, I do use CAD. I still make drawings from time to time. back in the other thread, when I explained where we were 4 years ago, I was a mechanical engineer with this company. I have been doing the IT thing full time for only the last two years or so.

@Dashrender said in What makes people want IPSEC at line speed:

I don't see any solution making those remote engineers happy with data access to the CAD drawings.

What was wrong with RDS for the users not at the ERP location?

Mostly, its about user confusion. In a vacuum, RDS isn't so bad, but the way that the application tolerates it leaves a lot to be desired. Since I am just sharing the application itself, the user never sees their desktop or any other part of their user profile on the RDS server. So they are constantly trying to save items to the desktop or documents folder, not realizing that they are actually seeing said folders on the RDS server and not their workstations. They also have no way to kill the app when it freezes, which is somewhat common. This is mostly due to them treating RDP like it's magic, so I have to log in and kill it for them. I have trained them to always try a restart before they call me, and this is one area in which that does absolutely nothing. We also have small issues with the way the application integrates with email. One main reason is a conflict between said ERP and CAD file viewers that also have to be running on RDS. This conflict alone probably causes half of the issues that people call me about regarding RDS.

At the end of the day, the users experience is generally better when running the local client, but the performance is worse. It's kind of a lose lose situation.

The only solution I could think of to help make the remote engineers happy is to have a 1gbps IPsec tunnel. Latency is still an issue and will continue to be, but total bandwidth is better.

Having said all this, my actual tunnel speed is really about 650-700mbps. I learned after doing all this that the small regional ISP only gets a 2gbps total connection to their provider, and that I am trying to take half of it. Their provider is my other ISP, FYI. Both plans are in bad locations for fiber.

@JaredBusch said in What flavor of linux to replace windows?:

I woudn't bother even trying until you work out your ERP solution to not be dependent on Windows.

I want to start looking into it now, by getting used to it from personal use. I know we are a long way off before we could run linux at any sort of scale, but I can personally start.

The main performance problem we have with it is that it is only a 2 tier design. We have had many problems related to functionality too, but that is not really the topic of this thread.

https://www.ecisolutions.com/m1/

a mix of client programs on the computers, and client programs on an RDS server.

@gjacobse said in Documenting rack, servers, drives, CPU, RAM etc:

So I asked... seems it's a 'highly' formatted Excel spreadsheet..

those are the best kind.

so because of that, I was trying to get line speed out of IPsec so that it would all behave like local speed, and that service location would not impact the users so much.

A large portion of my plan is to move our file server over to the same location as the ERP, and treat that location as the HQ. This has many benefits, but the one main drawback is that the majority of engineers still work at the (now) branch location and they will now have to access all files remotely, as will all the other users at that location.

Something like nextcloud may be part of my solution, but I have not got that far yet.

@JaredBusch said in What flavor of linux to replace windows?:

@Donahue said in What flavor of linux to replace windows?:

The two main workflows we have that I have not found viable solutions for yet are ERP and CAD. The ERP is dependent on both windows and SQL.

It doesn't matter what the ERP runs on (Windows + MS SQL).

It matters how it is accessed.

@Donahue said in What flavor of linux to replace windows?:

CAD, specifically both Autocad and Solidworks, are both dependent on windows at this point,

Pretty much screwed here without changing solutions. To what, I have no idea as no one has asked me to look.

our current ERP has to be accessed from windows. It needs SQL on the back end, and windows endpoints for the clients. I am already looking into my options for what might replace it, but I cannot at the moment.

what about wine, is that still a thing? In a similar vein, I had been talking with @scottalanmiller about video games and he mentioned something about steam basically reverse engineering windows to be able to play games without windows. I had wondered at the time if some sort of emulation like that may be able to run these types of applications. Honestly, I doubt it.