@FATeknollogee said in HCI (Scale, Starwind etc): vm layout:

@PhlipElder said in HCI (Scale, Starwind etc): vm layout:

I'm not sure what "Hyper-V partition" means.

I meant to say the host o/s partition.

I kinda gathered that is what it meant. Thanks for clarifying.

@FATeknollogee said in HCI (Scale, Starwind etc): vm layout:

@PhlipElder said in HCI (Scale, Starwind etc): vm layout:

We've taken to setting up a dedicated pair of domain controllers in the node's local Hyper-V setup as opposed to making them highly available in our Storage Spaces Direct and disaggregate (Nodes + shared SAS JBOD(s)).

Setting up the DC in the Hyper-V partition?

We set up a RAID 1 SSD pair for each host node. The partition created would be carved up to leave 60GB or 75GB free that would then be used for the guest VHDX file hosting the domain controller's OS.

I'm not sure what "Hyper-V partition" means.

function Test-PendingReboot
{
 if (Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending" -EA Ignore) { 
 $reboot = 'Component Based Servicing\RebootPending'
 Write-Host $reboot  }
 if (Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -EA Ignore) { 
 $reboot = 'WindowsUpdate\Auto Update\RebootRequired' 
 Write-Host $reboot }
 if (Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -EA Ignore) { 
   $reboot = 'CurrentControlSet\Control\Session Manager' 
   Write-Host $reboot}
 try { 
   $util = [wmiclass]"\\.\root\ccm\clientsdk:CCM_ClientUtilities"
   $status = $util.DetermineIfRebootPending()
   if(($status -ne $null) -and $status.RebootPending){
     $reboot = 'Configuration Manager'
     $reboot
   }
 }catch{}
 
 $reboot = 'no reboot required'
 Write-Host $reboot
}

Test-PendingReboot

@FATeknollogee said in HCI (Scale, Starwind etc): vm layout:

For those of you with 2-3 node Scale, Starwind type HCI: are all your VMs run in the cluster or do you run a service like AD or backup vm on a separate host?

We've taken to setting up a dedicated pair of domain controllers in the node's local Hyper-V setup as opposed to making them highly available in our Storage Spaces Direct and disaggregate (Nodes + shared SAS JBOD(s)).

On top of that, with the number of folks getting hit by encryption events we've started to keep the cluster AD separate from the company AD operating the environment the same way we do our cloud tenant infrastructure.

@JaredBusch said in Windows Offline files won't sync:

I don't even bother to try anymore.

• Make a copy outside of sync location.
• delete form sync location and hidden sync location
• make sure folder in solid sync
• put file back

Yup. Don't mess with it.

Drop a copy of the files in question into a \Temp folder then delete from the local and redirected folder, sync, and finally put it back into the local folder. Then sync again.

@creayt said in Spec'ing a new computer from Dell or?:

@black3dynamite said in Spec'ing a new computer from Dell or?:

@creayt said in Spec'ing a new computer from Dell or?:

@PhlipElder What's Teams?

Microsoft Teams

Ah, I think I've maybe heard of that. I don't use it though and have confirmed it's not installed. I do use Slack though, but it's running identically on all my devices so I don't think it'd be the cause for performance differences.

ProcessExplorer or ProcessMonitor digs right in to give you a direct eye on all services that can be seen and in the background. That may be the next step to see what's soaking up those CPU cycles.

EDIT: Unless you already know the culprit?

@creayt said in Spec'ing a new computer from Dell or?:

9900K

Uninstall Teams if it's there and see if the lag goes away.

My go-to right now is a Core i7 Extreme 3000 series with 64GB RAM and a bunch of Intel SSDs in RAID 1 and RAID 0 along with a few Intel NVMe Add-in-Cards for extra speed.

I'm on the fence as far as a replacement as it's been pushed well beyond its shelf life with the SSD RAID 0 helping to extend and then the NVMe PCIe AiC also pushing things out yet another year.

The CPU has become a bottleneck. :S

@anthonyh said in Active Directory - Finding Source Of Repeated Lockouts:

I have an account that is being repeatedly locked out. The user recently changed their password, so I'm pretty sure there is something out there still trying to authenticate using their old credentials. I've been analyzing the Security log on both of our DCs (Server 2016), but it's not super helpful. I see Audit Failures, but these are attempts after the account has become locked. I am having a hard time finding the login event that triggers the lockout. Various articles I've read say to look for event 4740, but these don't seem to exist in the Security log on either DC. Is there some additional logon auditing I need to enable via GPO?

Some resources for you:

https://community.spiceworks.com/how_to/48758-trace-the-source-of-a-bad-password-and-account-lockout-in-ad
https://jackstromberg.com/2013/03/finding-the-source-to-something-that-keeps-locking-a-domain-user/
https://support.microsoft.com/en-us/help/4469275/introduction-to-the-account-lockout-and-management-tools
https://www.microsoft.com/en-us/download/details.aspx?id=15201 (LockoutStatus.EXE tool)
https://www.netwrix.com/account_lockout_examiner.html

@scottalanmiller said in Spec'ing a new computer from Dell or?:

@PhlipElder said in Spec'ing a new computer from Dell or?:

dictate the direction of said companies.

The US can do this, too. So by your logic, all companies, in all countries, must be avoided. It's not a usable approach, even if true.

Scott, not going there.

There is a distinct difference between what happens in China and what happens in the USofA.

I'm out.

@scottalanmiller said in Spec'ing a new computer from Dell or?:

@PhlipElder said in Spec'ing a new computer from Dell or?:

The catch is that the backdoors are backed by a Communist Dictatorship. Thanks. But no thanks.

HAHAH, um okay. So this is made up. So yes, it's fine that you are not supporting Huawei for personal political reasons, but please don't claim things like backdoors that were never actually found. And don't claim a communist backing, also something no one has provided evidence of.

Statements like this are some of the best support you could give for Huawei being the best vendor... that absolutely nothing actually negative can be said about them.

Dude, I find it very perplexing that one can separate the government backing the companies in a country when they essentially own all of the companies in that country and can, and do, dictate the direction of said companies.