I'm thinking through how these situations can be handled with FreePBX. Here is how it's handled in the Altigen world.

User with multiple phones:
Sales person has a phone at their desk, which is used to log into their extension. User leaves their desk, and takes their laptop with them. User sits in another room, opens MaxCommunicator with the IP Talk softphone enabled. Once that's done their extension is now logged in using the softphone, and automatically logged out of the desk phone.

Phones with multiple users:
This scenario is similar to the above. This sales person works from home and comes into the office once per week. They have an Altigen IP phone at home, and there is another IP phone at their workstation in the office. This workstation has multiple users -- depending on which work-from-home sales person is in the office that day.

When a sales person comes into the office, they go to the workstation, and use #27 to remove the currently logged in extension of the phone, and log into their extension (which logs them out of their phone at home). I encourage them to use #26 at the end of the day to log out of the at-work phone; however, when they return home and use #27 to log back into that phone, they will be logged out of their office phone.

Extension authentication
In the Altigen world (at least in my Altigen world with Max Server 8.0), extension and voice mail authentication is one in the same. When users do the #27 function, they enter their extension number and passcode. If they access voice mail, it uses the same passcode. The credentials are the same for if they log into MaxCommunicator, which, if the IP Talk selection isn't chosen at login, is call management software.

From what I've seen in FreePBX, the extension, voice mailbox, and user portal are three different sets of credentials. Mind you, I'm not saying this is a bad thing. I'm simply thinking through the paradigm shifts my users will need to complete when we leave the Altigen world.

Yay! My little dokuwiki test seems like it's functioning!

@dustinb3403 said in Ping time for VoIP:

@eddiejennings said in Ping time for VoIP:

@jaredbusch said in Ping time for VoIP:

@scottalanmiller said in Ping time for VoIP:

@eddiejennings said in Ping time for VoIP:

I think the Networking Gods are screwing with me. I ran traceroute to try to get an idea of the number of hops between FreePBX and I. Everything timed out, except for the last hop (#10), which was the FreePBX host itself, which was a 30ms ping.

Now, pinging my FreePBX again shows 24ms average with 19/20 echo requests received.

LOL, there you go. You just had a bad route or something.

But this is something you need to continually check prior to deploying a system. Because you need to know how stable your ISP is to your host.

I will be. Unfortunately, I have no choice in ISP.

Everyone has a choice, just pay way more money for the choice. .

Correction. There are no choices that will pass the laugh test with the owners.

@travisdh1 I hope I do. I'm playing a concert with the Peachtree Symphonic Winds later that day.

@dafyre said in To Cable, or Not to Cable:

@eddiejennings said in To Cable, or Not to Cable:

|can|———string———|can|

I win security!

*snip, hides scissors*

Curses! Foiled by the script kiddie who googled how to compromise a yarn-based connection.

</silliness>

@dafyre I ask my students: "Do you have a closet? If so, that's your best friend for practicing"

@jaredbusch said in Need some Yaelink Material:

Oh, and hire me

Don't be like @EddieJennings and throw me aside..

Look. It was a one-time fling. It meant nothing.

@DustinB3403 said in What Are You Doing Right Now:

@EddieJennings said in What Are You Doing Right Now:

@scottalanmiller I shouldn't gloat though. All of our servers have Server 2012 R2 installed on the bare metal.

I'm so impressed, I don't even know how to install to baremetal /S

It's easy. Place server box on metal shelf. Done!

Not specific to Yealink phones, but I just posted this in my chat channel with my supervisor + On High.

@channel Ok folks, the moment you've been waiting for.

Average Windstream bill for 2017: $795.25
Average Windstream bill for 2016: $743.60
November 2017 cost of new phone system: $162.08 (breakdown is below)

Vultr phone server hosting: $6.00
Twilio SIP trunking: $105.3245
Numbers toll (39): $39.00
Numbers tollfree (1): $2.00
E911: $1.00
Voip.ms fax number: $1.99
Voip.ms fax usage: $1.0150
CallerID Lookup: $5.7525

Total: $162.082 or $162.08

This is for monthly cost. Buying new phones + shipping to external folks was around $3.5k I believe. Your mileage my vary, but these are real numbers.

Just now starting Sage server maintenance because of a forever-call with a user.

@scottalanmiller said in AD Emulation on *Nix:

@jrc said in AD Emulation on *Nix:

However the company that makes the software could care less about Windows client licensing, and as a franchisee they have zero options on using this software.

Of course they don't care, the responsibility for that falls 100% onto the end client to ensure that they have properly licensed their environment. The vendor has zero responsibility here.

Reminds me of a PBX appliance vendor that shipped their "server" with Windows XP Pro as the OS.

! I've got it! I'm going to make a Cisco+ certification! I'll be richer than Tron from Chapelle.

In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

Reaping the benefits of sudo cp httpd.conf httpd.conf.backup.

Alas, I don't have experience with transferring or seizing FSMO roles, but here's a thought that might spur better ideas. Was DC-A offering services other than AD and DNS? Perhaps it's worth taking it offline, having another DC seize the roles, make a new domain controller for DC-A and just let AD replicate.

User: Windows Defender keeps popping up about malware. Is this something you need to look at?
Me: Yes. . .

One that I love

Get-ADPrincipalGroupMembership -Identity SOMEUSERNAME | Select name

List all of the groups in which the user is a member.

So user shipped an "malfunctioning" Altigen IP phone back to me. Box included two power adapters (one connected to the phone), neither of which were the ones I provided with the phone. >(

This guide has worked perfectly for me -- great for learning as well, as I had a chance to take pieces and look them up.

Just to make sure my thinking is right, tell me if this is what's happening if I try to reach my site using HTTP.

URL for the example is http://testweb1.ejsllc.com

1. Request gets to the reverseproxy.
2. Request does not match the first server block, as it is specifically listening on port 443.
3. Request does match the second server block since server_name matches and it's listening on port 80.
4. The second server block rewrites the URL to use https.
5. The reverse proxy now evaluates the request again, which is now written as https://testweb1.ejsllc.com.
6. Since no port was specified in the request, reverse proxy assumes the port will be 443, which will match the first server block, which is specifically listening on 443 and matches the server_name.
7. The reverse proxy unencrypts the request and follows theproxy_pass directive to send it to http://SERVER_IP.
8. SERVER_IPis listening on port 80, receives the unencrypted request, processes it, and sends the response back to the reverse proxy.
9. The reverse proxy encrypts the response and send its back to the original requester.

2nd of 3 instances of RAID 5 in my company has been vanquished. Time to sleep.