@dbeato said in Adding LDAP role to domain controller:

@Fredtx said in Adding LDAP role to domain controller:

@dbeato So what affect will this new Windows update have in March 2020 if it's in installed on an AD server that is still using the default non secure LDAP? Basically, what will it break? I do know clients who authenticate through their mobile ssl vpn via LDAP (ad user account & pw) so I can see how that will affect them and I'm guessing they will be unable to authenticate and therefore not be able to connect to their vpn?

The LDAP connection between the SSL VPN and your AD Server is the one affected.

In this instance, The SSL-VPN (with AD connection) would need LDAPS setup which, at minimum, would require a internal Windows CA to be setup correct?

@Fredtx said in Follow-Up After Interview:

@scottalanmiller said in Follow-Up After Interview:

@Dashrender said in Follow-Up After Interview:

@scottalanmiller said in Follow-Up After Interview:

@Fredtx said in Follow-Up After Interview:

there is some cons. The pay will be about 15K more a year than what I currently make (below market value) at my company, It will be 5 min away from my home, there is some technology that I will learn that I don't have experience with.

Those are the cons?

this was my question.

So first thing... make sure you have the pros and cons straight. LOLOLOL

I was like, "Are those things not good enough"? Then, I realized I listed it as cons, instead of pros. LOL

I was like, "Man, I wish an extra $15K was a con to me!" :grinning_face_with_smiling_eyes:

@Dashrender said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

Running a MeshCentral training here in 20 minutes.

training? Man, it seemed so straight forward... I'm guessing training will last 5 mins?

For basic usability, you are correct. There are many items/areas/switches in there that are pretty helpful if you don't have much time to play.

@IRJ said in Bash script to manage file directory by size:

I am housekeeping some directories by running a script to delete everything older than X days.

find /var/backups/app1* -mtime +30 -exec rm {} \;

That seems to be working ok, but size is varying among servers. I would rather delete oldest files once I threshold is met.

Example: I have a hard limit of 5GB that I cannot exceed. After keeping 30 days worth of files on some servers I am only using 500MB and others 3GB. I would rather keep more days and just not exceed 5GB so I can use all available space.

So I am thinking something like this :

If directory exceeds 4GB, then delete the 5 oldest days of logs

You can use du -h to get directory usage and then eval it.

Edit: I believe du -hs will give you a summarized in human readable form

@Dashrender
if you run mc from the command line, what error do you get?

Edit: You may need to comment out the "Cert" line. That is equivalent to telling MC that you are using the following Cert at runtime.

@WrCombs said in Anyway I can Learn AD?:

@pmoncho said in Anyway I can Learn AD?:

wrcombs.com is available. Go register it for a year at godaddy (or whoever) for $12.

Then, like @thwr pointed out in his list, use something like ad.wrcombs.com as your AD domain.

doesn't sound horrible. thanks.

Welcome. Staying away from .local domains, plus knowing you are not using somebody else's domain will make your life SO MUCH easier. No need to start learning bad habits in the beginning.

wrcombs.com is available. Go register it for a year at godaddy (or whoever) for $12.

Then, like @thwr pointed out in his list, use something like ad.wrcombs.com as your AD domain.

@G-I-Jones said in Exchange 2016 Install Issue:

@DustinB3403 said in Exchange 2016 Install Issue:

@G-I-Jones said in Exchange 2016 Install Issue:

Since I've got you all here. What are your thoughts on Exchange server built in Esxi? I was told be someone with more experience than me recently that this is a bad idea, but wasn't given much insight into why or how.

The rule of thumb is to virtualize everything, and unless you have a really very good reason

I thought that to be the case. Thanks for that. Just got that PERC H730P installed. I'm going to try again with a VM I think.

I second @DustinB3403 - virtualize 99.999% of everything except for something super special or requires direct access to hardware (USB keys, specific internal PCI cards, etc.)

Good luck with the new PERC. You shouldn't see any issues. I've been messing with my R440 all runs fantastic (SMB and NFS shares).

Also, just in case as I don't remember at the moment, make sure to use the Dell OEM ESXi 6.7 U2 or U3 iso.

@Dashrender said in Writing a Job Posting:

@wirestyle22 said in Writing a Job Posting:

@Dashrender said in Writing a Job Posting:

I am not on call in the eyes of my boss - but like Scott - I don't care. It's my network, currently I'm more or less ultimately responsible for it (yeah yeah, don't get into the weeds here Scott or anyone) and I personally don't mind calls for higher level things while I'm on vacation. As I've said, they are generally short lived and pretty infrequent. So much so that they don't influence what I am doing on vacation in any way. Some people simply won't agree with that, and that's fine, they don't have to.

I hear ya on this one. I feel pretty much the same way you do.

Wife doesn't much like it sometimes but, hey, have to fix what we have to fix when it needs fixing.

@Dashrender said in HyperVisor:

@pmoncho said in HyperVisor:

@DustinB3403 said in HyperVisor:

@mroth911 said in HyperVisor:

What kinds of servers do you recommend. I have dell R710. Or should I look for getting better servers? I am going to get all SSD drives.

Those servers are perfectly fine servers, if you wanted to upgrade the storage that's perfect too.

No reason to purchase different equipment unless you needed too for whatever reason.

This is where I get confused. Isn't moving up to a 720-730 about the virtualization technologies in the CPU's vs just having newer processors?

In the past, I could not start VM's on Hyper-V on a Dell R300 because the CPU did not support EPT so I stuck with ESXI. I only have this example so I don't know if it applies with the 710 or not with the newest hypervisors.

I have not dealt with the R7xx line and have been mostly in the R5XX line or lower. Is that the difference?

What year did the Dell R300 come out? the R710 was from 2009 - thats ancient from a hypervisor POV. I'm sure moving up as you mention have that in mind, but that's not all, the performance increase is still likely to be noticeable.

It was like 2007/2008 I believe. I know its old but so is the R710. That is where I was getting confused. I wouldn't think that using an R710 would be worth it to run only 2012R2 Hyper-V or ESXI 6.0 if one wants to really learn.

I am still using the R300 but only because I am still able to run the newest OS VM's. It is SLOW, and stinks but it is what I have to work with at the moment.

@DustinB3403 said in HyperVisor:

@mroth911 said in HyperVisor:

What kinds of servers do you recommend. I have dell R710. Or should I look for getting better servers? I am going to get all SSD drives.

Those servers are perfectly fine servers, if you wanted to upgrade the storage that's perfect too.

No reason to purchase different equipment unless you needed too for whatever reason.

This is where I get confused. Isn't moving up to a 720-730 about the virtualization technologies in the CPU's vs just having newer processors?

In the past, I could not start VM's on Hyper-V on a Dell R300 because the CPU did not support EPT so I stuck with ESXI. I only have this example so I don't know if it applies with the 710 or not with the newest hypervisors.

I have not dealt with the R7xx line and have been mostly in the R5XX line or lower. Is that the difference?

@StorageNinja said in ESXi 6.7 Troubleshooting:

@pmoncho said in ESXi 6.7 Troubleshooting:

I have not seen any M.2 on dell servers yet

All 14G servers AFAIK support adding in a "BOSS" card that has 2 M.2 slots.
https://i.dell.com/sites/doccontent/shared-content/data-sheets/en/Documents/Dell-PowerEdge-Boot-Optimized-Storage-Solution.pdf

My bad. Forgot about those. It is an additional card though and that is the stinky part.

@Dashrender said in ESXi 6.7 Troubleshooting:

@StorageNinja said in ESXi 6.7 Troubleshooting:

@DustinB3403 said in ESXi 6.7 Troubleshooting:

ESXi recommends SD card, USB is a bit to fragile for the number of writes you'd be making to it.

M.2 SSD is the recomendation. SD cards lack any kind of ECC and the controllers are too dumb to prevent read discards. Throw in the fact that cheap SD cards are slow on boot, you can log local on a M.2, I'd say for non-lab usage M.2 is the recomendation going forward.

If you must go embedded SD card, I'd get at least 32GB as it will likely have fewer read endurance issues.

are servers starting to come with M.2 slots specifically for this? that would make sense - it also makes booting systems much easier I would think.

I have not seen any M.2 on dell servers yet. With that being said, they R840 the OP has, there are two rear 2.5" SATA (HDD/SDD) bays that may/may not be used for a boot device. Have not looked to find out if it is possible though.

@Dashrender said in Writing a Job Posting:

@Carnival-Boy said in Writing a Job Posting:

@JaredBusch said in Writing a Job Posting:

*We currently run on an hourly payment model. The time you bill to clients is what you are paid.
There is no vacation, but the hourly rate accounts for that. If you can't swing taking time off, it is your own fault.

Wow, seems like a tough gig.

Yeah this is pretty uncertain - is there any type of assured number of hours? I mean - i seriously doubt it, but one should ask.

I was thinking about this also. Just figured it would be a question during the interview process vs being listed on the job posting.

Didn't want to get a FFS or WTF!

@Dashrender said in ESXi 6.7 Troubleshooting:

@G-I-Jones said in ESXi 6.7 Troubleshooting:

The H330 is like for labs or testing. Shouldn't be found in a production environment. It's a fine card for what it is, just not a production use card

Begs the question why when ordering a server for a specific purpose, they would even ship that out.

Because they are not your IT - at least, they shouldn't be.

I get it, although, to even sell an H330 on a Dell PowerEdge R840 is like selling standard breaks on a Audi A6 and making the driver request anti-lock breaks. While there are some users that prefer standard breaks, my guess would be the amount of users requesting a trade down to standard brakes is minuscule.

Also, Dell does not even have a Celeron processor on the list for anything higher than a T340. Logic tells me they know its is not a good idea. Apparently selling an H330 on a T/R440 or higher hasn't hit the "not a good idea" level yet.

EDIT - Reread my post - Dell just gets under my skin sometimes! Didn't mean to come off jerky.

Do you have any of these policies set?

User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Remove Notifications and Action Center

User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off all balloon notifications

User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off feature ad balloon notifications

User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off notification area cleanup

@Jimmy9008 said in New IT Position UK, any advice/feedback?:

@IRJ said in New IT Position UK, any advice/feedback?:

You're asking for a cloud expert in competencies, but are saying it's entry level infrastructure. Which one is it?

Maybe its terminology? I use the term 'competent' to mean acceptable/satisfactory. Not expert. After 5 years of being a professional in IT with interests in technology, I would like somebody that knows a little bit about most of those items. 'Competent', not 'Expert'.

For example, if they have been doing support for 5 years for a range of companies, but does not have any competency at all with Office 365, then they would not be a good match.

Maybe like @Obsolesce mentioned, create a few different categories of skills/qualifications.

We all understand that the applicant may touch all areas during the course of a month but what is 80% of their daily duties? You mentioned certain %'s in your post but will they do mostly support calls, setup/config O365, Azure AD setup/support and login to a hypervisor host?

If they are only going to touch the SAN/NAS, support Oracle and do network security only for 10 hours a month, that could go under a "Limited skills" segment.

You stated you are willing to train the individual, so items in the competency category should cover most of their required daily duties. They can learn the rest through training, working in a team and further education.

@G-I-Jones said in ESXi 6.7 Troubleshooting:

The H330 is like for labs or testing. Shouldn't be found in a production environment. It's a fine card for what it is, just not a production use card

Begs the question why when ordering a server for a specific purpose, they would even ship that out.

I have thought the same thing for a long time on Dell 4XX's on up. Either no controller at all or start at the H730 and up. Just an opinion though.

@G-I-Jones said in ESXi 6.7 Troubleshooting:

@pmoncho said in ESXi 6.7 Troubleshooting:

@G-I-Jones said in ESXi 6.7 Troubleshooting:

@pmoncho We're ditching the H330. Boss just ordered the H730P.

That, in the long run, is probably the best call. Any way you can get the boss to add on the SD Card module? That will be a benefit also if you stay with ESXi.

haha, yes. Working on that as we speak.

Sweet. Keep going. See if your boss can get iDRAC enterprise license if you don't have that. Not really required but it is nice to have.

When you were trying to copy files and so forth, were you viewing the Disk Monitor on the host? If so, did you notice abnormal latency?