@scottalanmiller It's OK I got this!

Gentoo - The distro for people who like to beef up 15 year old Honda Civics with fancy lights because blue makes them go faster.

Ubuntu - The distro for people who like artisanal hand crafted coffee and cool backgrounds with each release.

Redhat/CentOS - For Grown ups who just want shit to work.
SuSE - Same as Redhat but for German's and Austrians for some reason.

FreeBSD - For the paranoid
NetBSD - For your weird tin foil hat neighbor who wants to run something on his toaster.

Windows 2000-2008R2 - For someone who likes to click next a lot
Windows 2012R2-2016 - For the people who like writing the longest possible CLI commands (Seriously Powershell!)

MacOSX 1985 - 2009 - HIppies. Damn Dirty Hippies.

Mac OS X 2010 - current - Network and Unix administrators who hated putty, and wanted something as stable as their server to run as their desktop OS.

Linux on Desktop - For masochists who somehow lack my burning hatred for SystemD.

@DustinB3403 said in At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Exchange:

At a prior position they went full tilt "O365/SSO everything" and while it all worked with a LOT of effort the monthly cost was insane per user, something like $42/U/Month for just our 1 location of 160 people.
Globally they had over 9000, that's a huge burden.

Except it's not.

1. It's opex not capex, so it's not dragging down RIOC ratio's for wall street. (big in Mfg and some industries).
2. It's just dumped into the fully burdened cost of an employee. If your average employee is paid 50K they probably cost another 20K in benefits, training, taxes, office space, utilities and other overhead a year. Paying $42 a user per month at that scale gets you out of:
3. "owning" versions of Office Suite is great until you end up with 4 different versions of office in the office. Then it becomes a nightmare
4. Managing Exchange and Sharepoint etc at scale is a full-time job. paying someone else to manage it wins vs. hiring people to do that.
5. Again it's $42 per user per month. We were spending more than that per employee on drinks and snacks before COVID hit. stocking 14 flavors of le croix, and the thousands of pounds of M&M's and "the good nuts" adds up. For a company with 9000 users, something that people are spending hours a day in, that's just cheap.

Assuming he hasn't patched it in a while...

http://[RouterIP]/cgi-bin/;REBOOT

Couple thoughts...

1. Explain the width of the field. Like medicine we have 100 directions you can go with sub specialization to the point that two professionals in the same room might not understand a single thing the other does. (IE Developer vs. Sysadmin, and within Sysadmin a AIX admin vs. a Windows admin will still have a lot of different concepts and tools).

2. Explain how NOT to get in the field. AVOID all for profit scam shops. Note that a large number of people work in IT without holding degree's, or holding non-traditional degree's. Explain how you can learn many concepts at home with a small lab.

3. Explain the role IT plays (Operations, Finance etc). In a lot of ways IT is becoming less of a stand alone field, and discuss how understanding business and operations are critical to the job (It isn't for people who just want to hide in a basement).

@scottalanmiller said in Handling Downvotes:

Votes should be public now.

On the condition that meta bitching about who downvoted you should be a ban :)

@IRJ said in Was It the Last IT Guys Fault:

@Carnival-Boy said in Was It the Last IT Guys Fault:

Probably the main thing that puts me off moving jobs is that it means moving in to someone else's shit, which you then have to spend months, or even years, sorting out.

That is definitely true, but generally when moving jobs, the pay increase is significant. I haven't changed jobs for less than $10k and sometimes closer to $20k.

There are jobs that are "net new roles" (Maybe a DBA for a new project) so you get to avoid some technical debt. Personally I didn't mind cleaning up crazy messes as long as I had the budget to do something about it (Joy of working for a MSP/Consulting company is you can tell people what it costs to fix, and if they balk you just go find someone else with money).

I"ve changed jobs for as little as 4K (but ended up being 8K after 90 day bump).
and I've changed jobs for 80K.

The thing I've seen with changes is that they would advance my career and give me skills I needed to move up and on. I never took a pay raise for a job that would hold me back.

@dashrender said in Looking for virtualization advice:

@tim_g said in Looking for virtualization advice:

@jaredbusch said in Looking for virtualization advice:

@tim_g said in Looking for virtualization advice:

@john-nicholson said in Looking for virtualization advice:

That $20 hr was for a contractor (yah, that's insanely low labor considering someone's skimming something off it). Note I lice in Houston, a fairly cheap city and that rate is what you'd pay a supervisor at a gas Station. It's unskilled cannon fodder here at that rate. Sometimes you get lucky (I hired a guy who moved furniture at IKEA for that for helpdesk, he ended up being smart and had to give him a raise to 56K at the end of the year though to keep him around.

In this case It was an unskilled typist, with no formal equation we taught to do the copy pasta cleanups from some scripts we wrote to try to accelerate it.

How I got out of making $20 an hour (hell slightly less than that when I started in this field) was identifying the lowest skilled things I did and then finding the cheapest resource who could do it for me. If your the god of Oracle RAC but still changing printer toner management is going to pay you like a printer serf. Stop doing cheap labor and you'll get paid more (assuming there are more valuable things to do in the day, if not find a new job).

I don't judge the value of a human being based on how much they are paid (I just spent July mostly in countries where a lot are on less than $2 a day). I do judge the value of labor (I was a hiring manager and had to know fair market rates). If your un-happy getting paid $20 an hour that's honestly your issue. If your unhappy that I say it's a cheap rate for labor in the US in a metro area for someone handling work on an IT department that's just disagreeing with a fact. I hear that's popular these days, but I've never understood it as a concept.

I completely understand. I'm not saying I make that little. My issue lies with how you say things. You seem to always say it in a degrading manner when referencing someone making less than you or boasting how many millions you make. It's not about the 20/hr, or any specific number, or any specific job or task.

Since it does not seem that way to me, then I can only assume that you are the one with the hangup on things here.

You know what they say about assumption.

I do tend to agree that @John-Nicholson posts often mention money and how much he's getting. This particular post isn't one such post. And the benefits post was really asking about compensation, so it's kind of expected there.

But the reality is that this is an SMB forum for the most part. Sure there is a small handful of people in the Enterprise, or have been in the enterprise making hundreds of thousands or millions, but those dollars just aren't the norm around these parts.

Something I learned from being a group admin for Spiceworks for years is that enterprise types lurk heavily in SMB forums. They PM people, and when they post it's often under pseudonyms as they are a bit more easily spooked about revealing who they are, largely for fear of vendors deal registering things or stalking them once they learn they have the budget or need. When you control even something small like 100K in annual capital spend the vendors can get kinda crazy. While they may not purposely come to places like this, Google and odd questions will lead them here. For the longest time "HDS vs. Netapp" led you to a thread on Spiceworks I started. HDS and Netapp both have MASSIVE forums, but they are either largely ghost towns, or hidden from public view (or just have Awful SEO). Also just because a place is a SMB don't assume they have no budget or pay people peanuts. I consulted across plenty of SMB's who paid individual contributors six figures and spent millions a year on IT purchases. I actually kind of hate using the term "SMB" (and some vendors don't even use it internally in account classifications) because it is often associated with a pejorative image of rock farmers, in a 6 man office with 1 IT guy who removes virus's all day. This just isn't reality. Those rock farmers have real time bidding systems on their rocks, and drones that map their piles of rocks several times a day to update their inventory of their rock piles (I'm not joking, an actual company here locally does this). Inversely I consulted in enterprises where they clung to NT4, paper processes, and 10-year-old servers. I've seen companies with 10,000 employees require the CFO's signature to buy a brand new $2000 MacBook Pro they were so cheap on capex!

As Scott's mentioned - If you are thigh well paid and are in IT, it's likely you would never visit a forum like ML as part of your day job because we have little to nothing to offer you. You area already probably as knowledgeable as most support staff at the vendor for whatever thing you're supporting, so it's likely there would be little to gain here.

Even if your not in SMB IT, there's reasons to be at places like ML and SPiceworks.

1. The lolz. There is some funny content here.

2. SMB overlaps with home IT on vendors sometimes (Ubiquit was a great choice for my home router, and wifi and you will not find tips on how to configure them in more enterprise places)

3. It's a forum. Most of the more enterprise conversations I have online are on Twitter, or Telegram or Slack. Forums have some old school charm in their permanence.

4. To give back. Some people got their start in the SMB space in forums like this. Personally, If it wasn't for forums like this my career would have been vastly different (It's been something like 7 years since I met Scott at the first Spiceworks user group).

5. An opportunity to argue with Scott. It's fun, you learn things in forming your arguments and it helps you sharpen your rhetoric.

6. There's a lot more consistency of actors here than you'll find on places like Reddit. You can learn to understand who/what people are about etc. There's a fair amount of people on this community I've had a beer with over the years.

I'm curious, is @John-Nicholson even in IT anymore? I can't quite tell from the conversations. It seems that he's more in a leadership role, but that might be a misunderstanding of what he's posting?

He's still around the field. he stopped touching production a year and a half ago. He's clearly an individual contributor. If you go to VeeamOn, Dellworld, VMworld he'll buy you a drink and explain.

@tim_g said in Company Benefits:

@jaredbusch said in Company Benefits:

The owner pays out bonuses to all the employees twice yearly, but it is simply profit sharing.

Basically he keeps cash banked to handle XX months of payroll. Then as long as we have that he pays out the overage as a bonus to us based on full time / part time and how long we been here.

Yeah, and bonuses get taxed like crazy. If you get a 5k bonus, you get less than half of it in your pocket.

I'm not sure if your serious but...

@scottalanmiller said in You can't quit, you're fired!!:

want you at the office, and you've given 2 weeks (at least in NY) you're entitled to that pay.

No. They can totally fire you. Otherwise you could put in long notice to avoid being fired

If they fire you can claim unemployment. This raises/spikes their insurance costs though so smart companies go to GREAT lengths to not fire people.

@JaredBusch said in Domain Controller Down (VM):

@wirestyle22 said in Domain Controller Down (VM):

Thanks to @John-Nicholson for the help! A lot of great information.

The problem is now that we stepped up to help a member of our community and the bosses know nothing of how much this should have cost you to get repaired.

VMware GSS is around 24/7 to help with stuff like this.
Just call them next time. 1 (877) 486-9273
Make sure to add yourself to the authorized list ahead of time for faster service, and write down your customer support. This is why you use enterprise products, so you can get help quickly.

@DustinB3403 said in At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Exchange:

At a prior position they went full tilt "O365/SSO everything" and while it all worked with a LOT of effort the monthly cost was insane per user, something like $42/U/Month for just our 1 location of 160 people.
Globally they had over 9000, that's a huge burden.

Except it's not.

1. It's opex not capex, so it's not dragging down RIOC ratio's for wall street. (big in Mfg and some industries).
2. It's just dumped into the fully burdened cost of an employee. If your average employee is paid 50K they probably cost another 20K in benefits, training, taxes, office space, utilities and other overhead a year. Paying $42 a user per month at that scale gets you out of:
3. "owning" versions of Office Suite is great until you end up with 4 different versions of office in the office. Then it becomes a nightmare
4. Managing Exchange and Sharepoint etc at scale is a full-time job. paying someone else to manage it wins vs. hiring people to do that.
5. Again it's $42 per user per month. We were spending more than that per employee on drinks and snacks before COVID hit. stocking 14 flavors of le croix, and the thousands of pounds of M&M's and "the good nuts" adds up. For a company with 9000 users, something that people are spending hours a day in, that's just cheap.

@DustinB3403 said in At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Exchange:

I generally agree with that statement @IRJ except that the long term cost of hosting isn't cost effective as the vendor can price jack the rates any time that they want.

They can't for us. We signed a EA and have fixed price terms for the length of the contract.

@JaredBusch said in Obtaining hardware from terminated remote employee:

Hardware is not worth the fucking time to get back.

If the company thinks wasting man hours on that is a good idea the company is insane

While I largely agree, our R&D laptops are ~2-3K a pop. (fully max spec' MPB or XPS with onsite repair agreements).

I did hear we have started on the Mac's using DEP, so the device will auto-enroll in MDM even if the device is wiped.
https://support.apple.com/en-us/HT204142

@scottalanmiller said in Obtaining hardware from terminated remote employee:

Can't do that legally for US employees though, in most cases.

I worked a place that kept your first week's wages as a deposit against hardware (yes, this is weirdly legal at least in Texas).
Eventually, it got silly as more and more of the office switched to BOYD (The rule dated back to when they issued $600 smart phones and laptops that cost 2K).
This was technically in the signed work contract but many people angrily found out about it after their first paycheck was kinda "light".

@Dashrender said in MPLS alternative:

Nice - sadly not the case with Cox, their gig product has the typical 1 TB cap, which really, if you think about it - if you need the 1 gig, that cap is ridiculous!

When we move to 5G and we just put a 5G Modem in EVERYTHING eventually it will just be "buy a bucket of xxx TB" and stop paying per device, or per peering connection.

@Dashrender said in MPLS alternative:

In that case, the home user upgrades to no cap or to a business connection, at least with Cox that solves the cap problem. On Cox it's about $50/m to go no cap.

He moved to AT&T Fiber. No caps on their gigabit product.

@Dashrender said in MPLS alternative:

you meant that they somehow exposed those AD servers directly to the Internet - which is just crazy. But leaving them in the background behind the RDS/ICA servers should be pretty secure.?

Normally the RDS/ICA don't sit on the internet at all either and they hide behind reverse proxy's (Netscaler/F5/AVI etc for Citrix as they deprecated CSG) at the scale you'll want something that can do the load balancing and have some awareness of server load (more than just session count).

@scottalanmiller said in MPLS alternative:

Right, those would be the options. Obviously the colo approach is cheap and easy and going to AWS/Azure would require the gift of a firstborn child, but technically both work.

You put VDI in public cloud for a few reasons:

1. You have some shitty DB2 based app that requires 1ms of latency from the app to the DB and the dataset is in that cloud (and for political/gravity reasons you can't move it)

2. At a certain scale being able to spin up a Desktop pool for 8 hours then shut it down (and not pay for it) for 16 a day (and roll through regions and follow employees) you can do some wacky things to cut costs.

3. Microsoft licensing being punitive as hell for some things that are not in Azure, or Oracle kinda forcing people to put things in Oracle Cloud and you want desktops that are "close" to other applications.

@scottalanmiller said in MPLS alternative:

Exactly. And once LANless, there is no need for XenApp to sit on your LAN at all. You can move it to colo or cloud whenever you want. Ours is in colo and uses zero LAN resources.

Xenapp can be thirsty on bandwidth to the home site with certain apps. I've seen someone hit their data transfer allowance with Comcast entirely using Xenapp (Geologist looking at 3D models all day though).

@scottalanmiller said in MPLS alternative:

MPLS is the alternative here. MPLS acts identically to a VPN aggregator in a mesh edge VPN gateway design. So on the very, very rare case that you want to replicate MPLS, you simple use the VPN design that MPLS is modeled on.

So there is one "difference". MPLS as a private line WILL honor your DSCP (QoS Tagging at layer 3) tags over the WAN. Historically for latency-sensitive apps (Voice) you could do stuff like Tag SIP control traffic to EF (Expedited Forwarding) and tag AF31 (priority) to RTP (the voice payload) and the CoS to DSCP mappings at your MPLS router would make sure that that if anything was going to drop or have issues with buffering the Voice traffic would "ride through" with priority. When your alternative was a T1 for 500, paying 800 for a MPLS T1 was "worth it" because to get the equivalent experience you'd probably need a 10Mbps Fiber handoff that back in 200x was going to cost you 8K a month or something insane.

Now a TON of people who buy MPLS doesn't realize.

1. You gotta tag your traffic.
2. you need to CALL YOUR PROVIDER and find out what the priority queues and tags they support and profile look like (or apply one). By default they often just ignore tags.
3. In most of the world these days it's cheaper to just buy more bandwidth, and aggregate links from multiple providers, and do dynamic traffic shaping with VPN meshes across them. You can also do stuff like inject parity into streams that have packet loss on bulk traffic, and for skinny flows that you need 100% delivery on (Voice) do things like double deliver the packets (If I've got a 64Kbps voice call, sending that down both the Cable Modem and the 5G connection isn't really a big deal).

What does all these magical things? SD-WAN. SD-WAN is a marketing term for next-generation magic bandwidth massaging router/mesh systems that generally have a really nice central control. Could you do similar things with ISRs and Performance-based routing and DMVPN meshes? (ehhhh, maybe 1/2 of it, but it would cost a fortune and require a damn CCIE to manage)

My employer is a player in this space (NSX SD-WAN, formerly VeloCloud). There's also Cisco Viptela and a ton of other players (RiverBed, F5 networks, HPE bought someone I'm forgetting).

A thing to note on SD-WAN is you can "buy it" yourself, but also a lot of Telcos and bandwidth aggregators will sell it to you (Then you just get a CPE box, and they handle the billing and sourcing of backup providers). There are pro-cons to how much ownership you want of this (PacketPushers has had some strong opinions on why you want to own, but given the savings vs. MPLS if you need to get out of a contract now even a MSP managed one is going to be 1000x better than renewing a MPLS line).

The general trend I'm seeing is people get Fiber if they can, COAX if they can't and then they bolt 2-3 different wireless dongles onto the box and they prioritize the circuits they don't pay per packet on, but have options if things go sideways. 5G having 4 major network operators is going to make wireless be an even player against Fiber and Coax soon enough (AT&T/T-Mobile/Verizon/Dish/cable company in a 5 way bidding war will get fun).