I know we've talked about RDP security before, but I'm bring it up again.

Is there a use case for RD Gateway in a single RDS server setup? (assuming we don't want to use the html5 web client) In this scenario it would be installed on the same server.

To me it seems like it would be only really be useful if it was on the edge separate from the RDS host server. RDP can be already be configured to only use TLS (though it looks like TLS 1.0 is the highest it uses).

Or am I missing something here? Is there something else that makes RD Gateway inherently more secure? I'm not too interested in the additional resource access configurations.

@scottalanmiller said in Hiring infrastructure technician:

@kelly said in Hiring infrastructure technician:

@scottalanmiller said in Hiring infrastructure technician:

The Canadian government hires internationally? That's really surprising.

The posting is on a government site, but the hiring company is a private one: CSS, Inc.

OH!

That's funny. We have a national government run job site, but it's not actually very popular. I do know of one province that has a provincial government run job site though, and is it by far the standard way people search for jobs in that province.

@momurda said in Hiring infrastructure technician:

@flaxking There is no location listed? Is it Vancouver BC? Somewhere further east?

It's listed, you just probably didn't know what you were seeing. It's in Manitoba, in a small town. So we're probably going to have to hire remotely for any special talent.

Not all the positions will need to be on site, and we do have some history of international hiring.

https://www.jobbank.gc.ca/jobsearch/jobposting/27439166

The current job posting is kind of lame, but we probably will have something better out in the future. We are actually hiring multiple positions, with different specialities. I can't say too much right now, but we have some exciting stuff on the horizon, and there is opportunity to get into some cool 'DevOps' style stuff.

I don't think I ever had management access to a router until like 2013. I learned networking fundamentals before that, I was a bench tech at the time and was moving soon and thought it would help me get a job. I guess the basics all kind of make sense when you've dealt with things on the client side.

I don't remember my first time configuring a router at all, so it probably wasn't significant at that point, and it probably wasn't long before I had to doing working with juniper and cisco equipment at bit.

I learned by reading a 'Networking for Dummies' book and Professor Messer Network+ videos. I am a big fan of Pluralsight now though. But I just use it as an first step to get a introduction, and a bit of theory for some familiarity. Then I dive into a hands on project.

I do have to re-learning subnetting every time though. It think I came up in both of my MCSAs.

@black3dynamite said in CentOS 7 - Why Did [Almost] Everyone Switch to Fedora?:

@wrx7m said in CentOS 7 - Why Did [Almost] Everyone Switch to Fedora?:

@black3dynamite said in CentOS 7 - Why Did [Almost] Everyone Switch to Fedora?:

@wrx7m said in CentOS 7 - Why Did [Almost] Everyone Switch to Fedora?:

I have wanted to ask this for awhile, but haven't gotten around to it. CentOS 7 seemed to be used fairly heavily, at least when looking through the tutorials here. Why did most of you stop deploying/using CentOS and start using Fedora instead?

Updated packages. Now I still deploy CentOS when necessary.

Which packages are you referring to?

I'm referring to things like cockpit, mongodb, php, nodejs, etc...

With CentOS you normally have to rely on using epel, IUS, remi or other repos that are provided directly from developers like mongo or saltstack. Since Fedora releases a new version twice a year, it makes it possible to have a more up to date applications without the need to use other repos besides the one Fedora provides.

Or compile from source

Supposedly Foreman also works with Salt, I've only used it with Puppet though.

Surely this can be done through the API?

@wrx7m said in Ubiquiti Unifi APs - Do You Need a Controller?:

@flaxking said in Ubiquiti Unifi APs - Do You Need a Controller?:

@wrx7m said in Ubiquiti Unifi APs - Do You Need a Controller?:

@jaredbusch said in Ubiquiti Unifi APs - Do You Need a Controller?:

@wrx7m said in Ubiquiti Unifi APs - Do You Need a Controller?:

@jaredbusch said in Ubiquiti Unifi APs - Do You Need a Controller?:

But a cloud key.

I hate them, but a home user it is not a bad solution.

Out of curiosity, what is it about them that you hate?

They can barely run the controller and have limited capacity. Just really useless IMO.

Thanks for the insight.

Do you ever use the ios/android app?

I use the app for my outdoor AP, it's pretty simple, can't imagine needing more than that for home use.

Can you go from out-of-the-box to finished config with just the app?

Yep. Connect to it, update the firmware, setup wireless network. I didn't do anything fancy in my config so I don't know what's missing.

@wrx7m said in Ubiquiti Unifi APs - Do You Need a Controller?:

@jaredbusch said in Ubiquiti Unifi APs - Do You Need a Controller?:

@wrx7m said in Ubiquiti Unifi APs - Do You Need a Controller?:

@jaredbusch said in Ubiquiti Unifi APs - Do You Need a Controller?:

But a cloud key.

I hate them, but a home user it is not a bad solution.

Out of curiosity, what is it about them that you hate?

They can barely run the controller and have limited capacity. Just really useless IMO.

Thanks for the insight.

Do you ever use the ios/android app?

I use the app for my outdoor AP, it's pretty simple, can't imagine needing more than that for home use.

@scottalanmiller said in Trying to correctly understand core licensing in a vmware environment:

@flaxking said in Trying to correctly understand core licensing in a vmware environment:

This is how I got the go ahead to look into Docker. We were looking at datacenter licences for our new IIS project. However, you can have unlimited windows containers on Windows Standard

That's because there isn't another OS, it's just an app encapsulated.

And the benefit to us is that the OS is now no longer the smallest unit of isolation. The original plan has a ton of VMs so that parts of the stack could be updated without affecting other parts, and without any downtime. Basically they were trying to design a modern app stack, but trying to avoid learning new technology, and Windows licencing costs saved the day.

This is how I got the go ahead to look into Docker. We were looking at datacenter licences for our new IIS project. However, you can have unlimited windows containers on Windows Standard

There's an RDS farm at work where the time zone is set to where the server is physically, so depending on which server you happen to hit, the time displayed is different. Doesn't make any sense to me.

@wrx7m said in Anyone Attempting Deploying Printers through SaltStack?:

@black3dynamite said in Anyone Attempting Deploying Printers through SaltStack?:

@wrx7m said in Anyone Attempting Deploying Printers through SaltStack?:

@flaxking said in Anyone Attempting Deploying Printers through SaltStack?:

@scottalanmiller This makes me miss my old job. I was working on replacing all of our GPOs with Salt and printer deployment was coming up. However, as a solo SMB IT employee, I had an insane amount of time on my hands.

I am a solo SMB employee and have no time on my hands. We just hired about 10 people in the last 4 weeks and 2 start in a week and 2 more possibly the week after. No real time to do anything more than setup new employees.

HR and Workday handles most of the onboarding and the rest is automated.

I am talking about account creation and computer setup, installation etc.

I can't think of any business case for why IT has to handle account setup. Most of the time it's just a technology deficiency as to why HR doesn't have the ability to do so.

98% of the time computer setup and software installation can be completely automated. Even when the software support says it can't. So you might be dealing with the 2%, or you could be bogged down with so much technical debt that you haven't been able to dedicate the cycle required in order to automate

@wrx7m said in Anyone Attempting Deploying Printers through SaltStack?:

@flaxking said in Anyone Attempting Deploying Printers through SaltStack?:

@scottalanmiller This makes me miss my old job. I was working on replacing all of our GPOs with Salt and printer deployment was coming up. However, as a solo SMB IT employee, I had an insane amount of time on my hands.

I am a solo SMB employee and have no time on my hands. We just hired about 10 people in the last 4 weeks and 2 start in a week and 2 more possibly the week after. No real time to do anything more than setup new employees.

What makes new employee setup so labour intensive at your SMB?

I used to get notified of new employees on their start day :ogre:

On my to-do list was to make a way for HR to handle most of what was required with new employees. A lot of stuff required pairs more nicely with HR than with IT, IT just need to provide a friendly abstraction on top of automation for them to use.

@scottalanmiller This makes me miss my old job. I was working on replacing all of our GPOs with Salt and printer deployment was coming up. However, as a solo SMB IT employee, I had an insane amount of time on my hands.

I've created a Salt execution module before, and it wasn't that hard, anyone with a bit of Python experience should be able to make one. I imagine a state module wouldn't be much harder.

• Here is how I would tackle this:
  • Take a look at how you would do this in powershell
    • Use Process Monitor so see anything behind the scenes that is being done
  • If Powershell isn't enough, reverse engineer lgpo
    • I haven't done this before so I don't know if there might be a better way to do this other than
    • Process Monitor
  • Look at the Salt source code to see what interfaces they provide to interacting with Windows already
  • Create module

Somewhere in my email I have a PDF about deploying printers via Powershell. My plan was if I ever wanted to create something in salt to deploy printers I would look at that first.

I used it for documentation at a job that was gsuite based. If adding pictures was easier and there was a shortcut for block quote it might have been acceptable