Posts made by krisleslie

Already smell what ya cooking
https://help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site

Nothing spectacular just UBNT Firewalls.

I had a lifetime deal with Pertino but after they got absorbed that eventually faded away, unfortunately.

@Dashrender absolutely yea. Because I actually have one staff member who unfortunately has no other option but to go to Starbucks.

So what was all the fuss about putting the IPv6 Address in at some point in the long thread yal had before?

@Dashrender that becomes a shit storm is what it becomes.

@IRJ Azure AD shouldn't even be in the conversation lol. Thanks though. Azure AD doesn't work like "AD" entirely. We are a Windows office but we are also vested in Linux and Google Chrome OS. I'm leaning very hard to Chrome OS in the future as most of our needs and staff are about 90-95% fully functional with Chrome OS. At some point the only "Windows" devices will be held by IT and where absolutely necessary.

@JaredBusch said in Anyone figured out how to ZeroTier with AD?:

Your AD server needs ZT and the ZT adapter needs to be marked as listened on in DNS server setup. The problem with this is that non ZT devices might get the ZT address of the server when they do a DNS look up and that will break things.

This is complicated.

I installed the latest ZT client on my AD server and a few laptops. So, for the most part, they "talk" and can ping etc. I attempted to "sign on" with a new user (not cached) and it won't see it just yet.

I have two remote sites - no servers at them. All authentication is over the site to site VPN between my firewalls.
So what are you using for authentication? So each site just "talks" to each other over vpn, I gotcha there, but authentication is handled by what?

@Dashrender to avoid confusion I'm labeling SIte A (my HQ my main AD), Site B (a site that has a "sister" AD and was goofed up with a Site to Site link) and Site C (my new site no server in place). I'm trying to not have to put a server in place at all if able.

@Dashrender because one person I'm dealing with attempted to do that before (without my approval or knowledge) and messed up that Site to Site already at one of our other offices. While setting up a static vpn site to site can work, I have people that will eventually take those laptops home (read staff only about a handful) and will want most of the same access remotely.

Remote Office / Branch Office (ROBO)

@wirestyle22 Yes, we are in different cities. They are a new office, my office is where the AD is setup at. Potentially, if I can get this to work I would be moving another ROBO to this method for authentication.

Haven't even made it to the DNS side of it ;(

I'm setting up a ROBO and wanted to see if I can get aprox. 30 laptops remotely authenticating to my AD in another city/network. I've gotten a MiFi link setup to a laptop so far that was prior connected to the proper server (via LAN) and it can see it now also via the MiFi through the ZT app. So I want to "prove" it's talking to the AD kinda like we use to be able to do in Pertino with AD Client.

@scottalanmiller just read this post from Intuit support which I know what your talking about is different. But I recall Intuit not even supporting NAS/SAN unless it was built on a Windows or Linux system. But some reports from intuit say defragmentation causes the problem, even when on an SSD. I smell fish.


@scottalanmiller that's hardly any difference than Intuit Quickbooks. I have the same issue. However, it's more than likely SMB that causes that crap.

@scottalanmiller what specifically do you not like about it?

The tabular reports (5 total from the Reports section) aren't as flexible as I'm used to with Spiceworks (or any other solution) but for the reports, I'm able to create, it works for an executive summary kinda. The report you can produce for assests is basically just a csv export and I mean for my intentions, that's fine. I can either take that CSV and put it in a 3rd party tool if I really need to like Quickbase or Google Studio if I really reall need to. Dashboard wise, I would say it's better than what I used to with Spiceworks. It is a bit more insightful. I can easily look at the dashboard and get the general health of my 2 environments.

I will say for the Helpdesk it gets the job done, it's a bit dated but it works. May not work at a huge scale though.

Can't say I've come across a time where I needed to run the Comodo Cleaning Essentials and Unknown File Hunter Tool and doubt if I ever will. The Remote Access/Remote control do work fine. It's not better than Anydesk but it works. I've used the Auto-Discovery and Deployment tool but honestly your just as fine with deploying with a GPO the small app you need to push out to your devices.

I forgot to mention as far as a Wiki is concerned, I switched to Nuclino (www.nuclino.com) and have been happy ever since. It's the kinda Wiki these tools like Comodo etc should have implemented in the first place.

Sadly - sometimes it's due to the fact that they are trying for SUPER thin and SUPER light.. so making things modular costs both thickness and weight.

Hell no it's not because of the "lightweight" and "thin size". That is cost-driven to make you purchase the same model that adds one frigging slot. If you look at the PCB, it's got the solder points there already! I hate to say it, this is the same effect and the same thing as what Apple does in certain scenarios.

@scottalanmiller it works but could be tweaked to be awesome if they spent more time developing the KB and Helpdesk. I just like calling it comodo one still lol ITarian is still new for folks.