@JasGot said in GPO question:

@taurex said in GPO question:

From my experience, BYODs make resetting AD passwords for students a time-waster for IT. You should delegate this to non-IT staff like school librarians and teach them how to use a password reset app like Wisesoft's Password Control (with giving them appropriate permissions like only for students OU, of course) or get your software developer to create a web-based password reset kiosk for students and staff with BYODs.

We've learned since the original post, this is not an AD/OU environment. Your point about 3rd party password control is a great option for domain admins though.....

But those students still have accounts in OP's AD, right? It's only their devices are BYOD.

From my experience, BYODs make resetting AD passwords for students a time-waster for IT. You should delegate this to non-IT staff like school librarians and teach them how to use a password reset app like Wisesoft's Password Control (with giving them appropriate permissions like only for students OU, of course) or get your software developer to create a web-based password reset kiosk for students and staff with BYODs.

I wonder if the new feature in Server 2019 called SMB WriteThrough would help in this situation. https://www.veeam.com/blog/new-smb-client-parameter-windows-server.html

DataCore's Hyper-Converged VSAN. Apparently quite reasonably-priced but I haven't heard much else about it.

Is adding all of the devices and the servers in the data centre to a ZeroTier network an option? You wouldn't even need to set up a traditional S2S VPN for that.

Honestly, anything higher than the 1080p resolution on a 13-inch laptop is a gimmick. The screen size is simply too small for any practical case of higher resolution. And even with 1080p, I have to scale my 13.3-inch laptop to 150%.

@justin867

There is no such thing as the best backup product. For instance, Veeam is great but it doesn't back up network shares. Unitrends is good too but its appliance needs Hyper-V installed as a role and so on. It all comes down to finding the right product to suit particular needs, rather than trying to look for ones with all bells and whistles.

Regardless, you simply can't properly propose or suggest anything related to backups without knowing organisational RTO/RPO for the said services (file servers). Business continuity and disaster recovery documentation should include these objectives. Otherwise, work with the finance dept to find out how much downtime are they're able to sustain without much harm to the business and go from there.

AFAIK, only internal licenced O365 users can have access to a shared mailbox. The client needs to keep their domains (and emails) on the same O365 tenant alongside each other to make it work. Seems like a desirable feature, though.

Just don't make the common mistake many IT enthusiasts do. Always run apps on the fastest storage e.g the Samsung 970 Evo Plus, 970 Pro etc, not the O/S. You'll see how much difference the ultra low storage latency makes. Also, don't partition any disks, just have an entire SATA SSD for the O/S and a large and fast PCIe for all the apps, including games. AFAIK the modern Z390 motherboard even supports dual M.2 PCIe sticks so does its Ryzen analogue.

I'd recommend looking at userbenchmark.com website, specifically at their PC Builder page. Although some of you may argue their benchmark is not really that accurate, it still gives a good idea of how a PC component will perform in typical gaming, desktop or workstation roles.