Posts made by PhlipElder

@scottalanmiller If the timing is regular then look for a chron job running at that time. Or, is it "cron"? Meh ... *NIX skillset is pretty green.

@scottalanmiller Wow, what a set of responses.

The elephant in the room: The U got code committed to the kernel. It could have been anything and no one would be none the wiser.

Assumption is the mother of all f*ckups and anything but the above statement that is stating the obvious is superfluous. Period.

But please, continue to try justifying the results and the behaviour of the Kernel Team.

Just an FYI: It won't wash with me.

@scottalanmiller said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

@PhlipElder said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

The Kernel team showed a really bad side of themselves there. Very immature.

What now? So you think that Windows would just let malicious entities add changes with no ramifications? I think not. And I'm unclear why you'd want that.

I feel like you are racing to defend closed source at any cost and are getting really emotional here. And you are mixing concepts of repos, specific managers, security and other things and using all those things are proxies but then claiming it is the licensing that creates or determines those. What?

No Feelings here Scott just thoughts.

SolarWinds is a good example of the clusterf*ck that can happen with closed source.

Neither are perfect but when it comes to the balance of "trust" I think closed source has the edge.

The U publishing code their parrot could have written under the noses of the Kernel Team makes it clear that anyone with COMMIT status could do so. Anyone.

There's a big difference there as that ANYONE could be a lot more than what should be a closed loop supply chain.

In both cases, there has been a demonstrated failure to test their code prior to publishing and to operate under a zero trust paradigm.

@scottalanmiller said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

@PhlipElder said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

Is OSS any better? Nope.
https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source
In fact, a very big NOPE.

What? It's SO much better. And you provide a famous reference as to why it is better.

Huh?

The U published code under the noses of the Kernel Team with not a peep out of the KT until the U pointed out that they did it?

Seriously?

@Pete-S said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

@PhlipElder said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

So glad we're holding back on deploying Windows 11 and staying out of Microsoft's cloud where we can.

I'm trying to decide if running Windows is more like having a live virus on your computer or if it's like having a government controlled device that you bought and paid for but have no say over (it's for you own good of course).

Is OSS any better? Nope.
https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source

In fact, a very big NOPE.

At least with closed source one can "trust" to some degree that the vendor is not going to outright shoot themselves in the foot.

That story above shows that anyone and their dog can hypocrite commit and no one would be none the wiser. None. Nada. Zippo. Zilch.

The Kernel team showed a really bad side of themselves there. Very immature.

@Dashrender said in Microsoft script recreates shortcuts deleted by bad Defender ASR rule:

Microsoft script recreates shortcuts deleted by bad Defender ASR rule

Microsoft released advanced hunting queries (AHQs) and a PowerShell script to find and recover some of the Windows application shortcuts deleted Friday morning by a buggy Microsoft Defender ASR rule.

https://www.bleepingcomputer.com/news/microsoft/microsoft-script-recreates-shortcuts-deleted-by-bad-defender-asr-rule/?utm_source=spiceworks-snap

Does it work?

What a clusterf*ck of a mess. The number of folks we've seen hit by this is astounding.

So glad we're holding back on deploying Windows 11 and staying out of Microsoft's cloud where we can.

@jt1001001 said in Printer Recommendations??:

@Pete-S HP MMFP 477 they were here before I started; frequent roller issues causing problems with paper jams

We have lots of M4xx and M5xx series HP MFPs in place.

They do v4 printer drivers for their printers which is important.

They are easy to maintain. The WiFi sucks if that's needed on all HP printers. If the printer doesn't get used it drops its connection whether dynamic or static IP. Have to kick it via control panel.

They just drop in. Copiers are a PITA and usually involve contracts that require print/page count monitoring. Lately, copier providers here are requiring a third party app to be installed on the network to "monitor" their machine(s). Nope. Won't do it.

HP drop in, set up, deliver via Group Policy, and done.

We had lots of grief with Lexmark a while back so we don't do anything with them unless specifically requested to do so. Same with Brother. Blech.

Xerox Phaser but they are expensive and are expensive to run. Impeccable prints every time and essentially bulletproof. But, expensive.

@scottalanmiller said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

@scottalanmiller said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

To some respects yes, but we've also had clients who listened to a web dev and flipped the DNS settings at the registrar level to the Web Dev's BIND servers sitting behind fake IPs to make it look like there's more than one (a requirement). To get everything back, including mail flow, can take 24 to 72 hours.

That should have prompted legal action. That's a big deal.

Heh ... we live in the People's Republik of Kanada.

Breathing on a lawyer up here would require a $10K retainer. Most small businesses would just walk away after recovering their assets.

It's just easier, for us and our clients, to maintain a handle on everything. In the end, they know us and we know them and they trust us to do what's best for them. Everything is in writing so there's no question about ownership.

EDIT: Ideals and Reality: Never the twain shall meet.

Yeah, that makes sense. In the US this would generally be a free item with your attorney. We wouldn't need to pay for that. Same in Nicaragua. Just part of being the corporate attorney. If you really have owners that can't stop handing out their credentials....

Then you have other issues. Which lots of people do, of course, where you can't let them have admin access to anything as they can't stop handing out their passwords (and yes, we see this all the time, too.)

Once we've established ourselves as being point on everything and anything tech related specific to the operation of their business it's fairly easy to keep.

We get calls and e-mails from our clients about requests they get from others every once in a while to confirm what the request was for and whether we should handle it or not.

They have all of their passwords in a password vault on-premises. We have a hit-by-a-bus plan in place for all of them. So, if there is a problem or they want to move on there's no dealing with a Pity Party on our part we gladly hand the Keys of the Kingdom over with the understanding that we would no longer touch anything. Period.

@scottalanmiller said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

Breathing on a lawyer up here would require a $10K retainer. Most small businesses would just walk away after recovering their assets.

It often seems like the best answer is moving businesses out of Canada, lol. You know it is bad when the Americans are like "how is it that bad?"

When I had a chat with our accountant about getting my US Passport (Dad's an American), his answer was, "The Empire would have you by the balls." Quite literally. Our incorporated would be subject to IRS and US taxes assessed before Canadian corporate taxes so essentially Gross Profit. 17% of that number which works out to be a lot higher than what we're paying to the Canadian government.

Nope. :0)

I think it depends on what state we'd take up residence in too? Each state can have a very different corporate tax structure. The People's Republik of Kalifornia would be close to ours from what I've seen. Basically, take everything including the First Born and a litre of blood every month.

@scottalanmiller said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

To some respects yes, but we've also had clients who listened to a web dev and flipped the DNS settings at the registrar level to the Web Dev's BIND servers sitting behind fake IPs to make it look like there's more than one (a requirement). To get everything back, including mail flow, can take 24 to 72 hours.

That should have prompted legal action. That's a big deal.

Heh ... we live in the People's Republik of Kanada.

Breathing on a lawyer up here would require a $10K retainer. Most small businesses would just walk away after recovering their assets.

It's just easier, for us and our clients, to maintain a handle on everything. In the end, they know us and we know them and they trust us to do what's best for them. Everything is in writing so there's no question about ownership.

EDIT: Ideals and Reality: Never the twain shall meet.

@scottalanmiller said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

@JaredBusch said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

Anyone granted access to log in to the registrar can become the sole owner by transferring the registration to someplace that no one else has access to.

Without any legal contracts stating clearly how it all works, the legal owner is whoever is paying for it. That would be you, not them, in the scenario listed.

IANAL, but barring things like previously trademarked names, a company would likely not win (assuming cost of litigation is not an issue) in court if you said they did not own the right to their domain registration.

We actually put it in writing that we are managing their Internet properties and services and that ownership of said properties are theirs. If they decide to move on, it's in the contract that they would pay the fee(s) for the transfer out with the unlock codes presented once that process was initiated.

OK, so if you work with a new customer you will transfer their domains to your registrar and account? And then you can take care of everything - renewals, dns settings etc.

When the relationship ends, you will transfer their domain back to a registrar of their choosing.

That is correct. We manage everything. We drop a few horror stories where web devs made changes, or deleted DNS entries, because they thought they weren't needed.

None of that would make you need to have their registrar data, though. We protect against that without needing that access.

To some respects yes, but we've also had clients who listened to a web dev and flipped the DNS settings at the registrar level to the Web Dev's BIND servers sitting behind fake IPs to make it look like there's more than one (a requirement). To get everything back, including mail flow, can take 24 to 72 hours.

Nope. We hold the cards.

@scottalanmiller said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

So we have a standard for this...

We tell the customer that the Registrar function is a legal one and that on one but the owner and/or their attorney should have access to that the same as any other legal real estate holding. That they must maintain access and keep their info and payment up to date and otherwise never touch it and never, ever let us have access to it.

We manage their DNS and this protects them from us completely (we've had customers have other MSPs steal their identity before), and allows us to protect them from everyone else.

Oh man, the pouty thing is so old. Even larger orgs can be guilty of creating a clusterf*ck when we're involved either to help with the transition or we are the destination of that transition.

@Pete-S said in Manage domains and DNS for customers?:

@PhlipElder said in Manage domains and DNS for customers?:

@JaredBusch said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

Anyone granted access to log in to the registrar can become the sole owner by transferring the registration to someplace that no one else has access to.

Without any legal contracts stating clearly how it all works, the legal owner is whoever is paying for it. That would be you, not them, in the scenario listed.

IANAL, but barring things like previously trademarked names, a company would likely not win (assuming cost of litigation is not an issue) in court if you said they did not own the right to their domain registration.

We actually put it in writing that we are managing their Internet properties and services and that ownership of said properties are theirs. If they decide to move on, it's in the contract that they would pay the fee(s) for the transfer out with the unlock codes presented once that process was initiated.

OK, so if you work with a new customer you will transfer their domains to your registrar and account? And then you can take care of everything - renewals, dns settings etc.

When the relationship ends, you will transfer their domain back to a registrar of their choosing.

That is correct. We manage everything. We drop a few horror stories where web devs made changes, or deleted DNS entries, because they thought they weren't needed.

@JaredBusch said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

Anyone granted access to log in to the registrar can become the sole owner by transferring the registration to someplace that no one else has access to.

Without any legal contracts stating clearly how it all works, the legal owner is whoever is paying for it. That would be you, not them, in the scenario listed.

IANAL, but barring things like previously trademarked names, a company would likely not win (assuming cost of litigation is not an issue) in court if you said they did not own the right to their domain registration.

We actually put it in writing that we are managing their Internet properties and services and that ownership of said properties are theirs. If they decide to move on, it's in the contract that they would pay the fee(s) for the transfer out with the unlock codes presented once that process was initiated.

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

We take care of everything including DNS. Too many times where the "Web Experts" have messed with DNS settings and broke things.

We roll the cost into our monthly management fees.

@scottalanmiller It's a bit of a no-brainer though I've not watched the vid.

The Cult of the Lowest Common Denominator will win in most cases. There are some niche players out there not a part of the Cult, but one needs to sift through the chaff to find them.

@Pete-S said in How to fix RDP dpi awareness problems:

@PhlipElder said in How to fix RDP dpi awareness problems:

@Pete-S We have a few older accounting apps we support that don't scale well in RemoteApp no matter what the client setting is. The menu items appear to be microscopic.

Great for Session Host desktops but what about RemoteApp?

Windows DPI scaling is not working 100% so it is what it is.

I have on purpose avoided purchasing any display / resolution combination that doesn't fall between 90 to 110 dpi. So I don't really get into much trouble.

Anyway, I don't have any specific experience with remoteapp. But since it uses RDP I would disable the scaling in the registry on the server. And then work on setting the dpi on the server to whatever is needed. There is also the possibility of setting DPI scaling behavior on a per application basis.

That's the route I would go.

DPI settings are normally per user but if you have users with multiple devices with widely different dpi I don't think you can get it right.

Yeah, we learned that lesson with the first batch of ultra-high resolution laptops that we deployed and users started complaining almost immediately. We were able to bandaid to some degree as the Session Host settings would get picked up by the RemoteApps after the user tweaked them and logged out of the SH Desktop but those legacy menus never did get addressed.

Folks need a magnifying glass.

@Pete-S We have a few older accounting apps we support that don't scale well in RemoteApp no matter what the client setting is. The menu items appear to be microscopic.

Great for Session Host desktops but what about RemoteApp?

@siringo said in Corrupted file, unless ...:

Got this problem at work:

Got a laptop.

Windows 10 and Office 2016.

If I download an Office file, (mostly just used Excel and Powerpoint files so far), the files won't open in the application, a warning pops up saying the file is corupt.

I've done a 'Repair' on Office.

If I copy the downloaded file from the Downloads folder, to a usb stick and open it from the usb stick, the file will open without error.

If I copy the downloaded file from the Downloads folder, to the Desktop, and open it, I get the error.

If I copy the file from the Downloads folder, to the usb stick, don't open it on the usb stick, but copy it to the Desktop and open it from the Desktop, it opens.

But all that happens with files that have been emailed to this user as well.

I've checked System and Application event logs, nothing looks out of the ordinary.

In summing up, if the user receives an Office file via email or downloaded from the web, it generates a 'File is Corrupt' error message when opened. But once the file has been copied & pasted back, the file will open without error.

Thanks for any help.

Right click on the file after downloading it, Properties --> Unblock. Look down just above the APPLY button.

@JasGot said in OEM MS Office now has Expiry date:

@DustinB3403 said in OEM MS Office now has Expiry date:

but why order direct through Dell with OEM office?

What do the other methods offer that would be better for us?

Find a local and reputable system builder that is signed on with a SPLA Agreement and get your Office licenses through them or buy an Open License Agreement with the 3 year split payment option (Open Value) before they are gone.

Perpetual does not go away. So, stick with what works.