@Dashrender said in MeshCentral - Increased Security Installation:

@syko24 said in MeshCentral - Increased Security Installation:

@scottalanmiller said in MeshCentral - Increased Security Installation:

We run as root to allow for the automatic updates. There are security benefits to running as a service account, for sure. But the system is isolated and we run from /opt and do everything like they would on most machines. It's a minor security point. The fear is that someone will break the application and get access to the server more broadly. But as the risks on the machine are entirely access to this app, it's a minor fear.

When you say it is isolated, do mean that it is on a vlan or you guys are hosting it offsite on Vultr or similar and it does not have access to your internal systems?

Lol none of that stuff really matters as much because at the jacked point you now have remote access to all of the machines it connects to.

True but I thought @scottalanmiller had said at one time they use it for on-demand access and not unattended

@scottalanmiller said in MeshCentral - Increased Security Installation:

We run as root to allow for the automatic updates. There are security benefits to running as a service account, for sure. But the system is isolated and we run from /opt and do everything like they would on most machines. It's a minor security point. The fear is that someone will break the application and get access to the server more broadly. But as the risks on the machine are entirely access to this app, it's a minor fear.

When you say it is isolated, do mean that it is on a vlan or you guys are hosting it offsite on Vultr or similar and it does not have access to your internal systems?

Are you guys using this recommendation on your installs? This is from section 6.8 in the online manual. I am trying to understand the added benefit to this install method or in the end is it just a headache.

On Debian based Linux distributions like Ubuntu, a better and more secure way to install MeshCentral is to have it run 
within a user account this restricted privileges.

Veeam Agent for Windows Free works great. I also like the Synology Active Backup if you happen to have a Synology NAS that’s capable.

@Pete-S said in Quality difference Dell Optiplex micro versus HP Prodesk/Elitedesk mini?:

Is there any difference in quality between Dell's versus HP's small micro computers?

Any difference in the Windows installations on these?

I run with both as well. The HPs tend to be cheaper than the Dells which is a plus. I have the Ryzen5 models for the HP elite desks and my only complaint with those are the fans kick on frequently and are a little noisy. The Dells you never hear the fan on.

@krisleslie said in Delays on servers from Dell:

@scottalanmiller my two orders got through and will be shipped 3 weeks ahead of time.

@krisleslie - Was that a Dell order or HP?

We ended up ordering refurbs and have already installed them.

@DustinB3403 said in Windows File Explorer 260 Character Limit:

@syko24 said in Windows File Explorer 260 Character Limit:

I agree but again lots of data and lots of renaming to something that still makes sense to them. Plus you always get the "Well we didn't have a problem on the old system".

But you would simply respond with the old system worked because it was old, this new system doesn't work because it's new and the way forward. So we need to change the process a bit.

As for the renaming, it's a rather automatic setup. I'll grab it and post it so you can see it.

Cool I appreciate it!!

@DustinB3403 said in Windows File Explorer 260 Character Limit:

@syko24 said in Windows File Explorer 260 Character Limit:

@DustinB3403 said in Windows File Explorer 260 Character Limit:

Where did you see that Microsoft changed the max path character limit from 260 (255 really) to 400?

Sorry not an official link but near the bottom - https://helpdeskgeek.com/how-to/how-to-fix-filename-is-too-long-issue-in-windows/

Gotcha, yeah that isn't actually a resolution in my mind. One because there are always going to be issues down the road attempting to access Sharepoint with a file path of <255 characters and secondly you're going to end up with all sorts of performance issues from Sharepoint.

I think fixing the path lengths would make more sense, rather than editing the system registry on each client.

I agree but again lots of data and lots of renaming to something that still makes sense to them. Plus you always get the "Well we didn't have a problem on the old system".

@DustinB3403 said in Windows File Explorer 260 Character Limit:

Also worth asking/mentioning if you can would reducing the length of these file paths break anything major? I have a powershell script that makes this trivial in the sense that it can remove numerous repeated characters and replace them with a single hyphen or space mark. (really anything you wanted)

Construction client - so they like to have folders setup "Complete Projects\JobName\Change Orders\VendorType\Some long file name.xlxs"

Part of the issue is that when the data was hosted on their server the shares were mapped so the paths were shorter. With OneDrive the full path shows up as "C:\users\username\Sharepoint CompanyName - Documents Directory...."

That's a long path by itself.

@DustinB3403 said in Windows File Explorer 260 Character Limit:

Where did you see that Microsoft changed the max path character limit from 260 (255 really) to 400?

Sorry not an official link but near the bottom - https://helpdeskgeek.com/how-to/how-to-fix-filename-is-too-long-issue-in-windows/