t only applies the setting when linked to the OU of the user
We'll according to that screenshot, it IS a user setting.
Yeah. I want all users or a group of users who login to the RD00 server (and only this server) to have this GPP modifying HKCU to apply. Is it even possible?
Yes, it's possible.
Ensure the GPO is applying to the user. For example, if User1 is in the Company > Users OU, then make sure that GPO is either in Company or Users OU and the Users OU is inheriting the GPO. Verify with RSOP and gpresult that user is getting the policy.
I think, but it's been awhile since I did much with AD GP... (like you are in the screenshot) use item-level targeting to the server name.
Test it by having one of the in-scope users log on to a difference server, run gpresult and see if it's applying, then try it on the targeted server and see if it applies then.
There's also a lot more that can be done, especially with the credentials... storing them as an encrypted file and retrieving them for the function (function just for that, functions using other functions), keeping all the parameter data in an object to retrieve, or from CSV, etc....
It depends on how far down the rabbit hole you want to go, and how much time you want to spend making it.
Honestly, I'd do this kind of thing with a different project, but this can work too. There's a lot you can do.
@wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.
Yeah, it is at the computer level. I would like to do it via user config but I only want them to apply to users on the RD servers. I need to figure out the proper way to structure AD/GPOs to not screw up everything else.
I am guessing creating another OU as a sub container and move the RD servers into.
Edit: Since it isn't GPP, there isn't any item level targeting, so I can't do it that way.
If you can make those changes directly in the registry, maybe can allow you to use GPP and item level targeting.
Just curious, when you chose UPD, did you choose to store all settings or just certain folders?
Some applications don't play nicely with roaming profiles.
UPDs mount at the usual C:\Users\user.name and the applications can't tell a difference.
Right. But, only when the user is logged in. After they logout, that path doesn't exist. I am trying to figure out how to work around that for adding the custom (for each user) erp shortcut on their desktop in their session.
Add the shortcut to C:\Users\Public\Desktop.
That way it will always show up on each user Desktop.
This would be nice and easy, but each user has a custom shortcut- It has a workstation ID in the target path.
Without using a CM tool, what is the easiest way to automate modifications to several config files across 7-8 servers? I was looking at sed, but am not sure if there is a better tool that isn't a CM.
More specifically, I have several Fedora servers running squid proxy. From time to time, I need to modify the config file to whitelist a particular domain. Because I will soon have a few more servers, I would like to automate these type of file updates so I don't have to manually go into each server's config and copy and paste stuff in to certain sections; some information is specific to a particular server, where as this section would be universally necessary on all servers. So, I would be inserting lines in specific sections.
I intend to move to some sort of CM for this stuff in the future, but I need to get these going sooner than I could learn the CM tool.
Sync with a s3 bucket hourly. Then you only need to update on s3
A simple restart command doesn't perform the update step, just the restart, so the update doesn't get applied.
This has been an issue for a very long time with windows. I am surprised it hasn't been fixed yet. It's really annoying
Well, at least with Win 7, a standard reboot applies updates. At least, I think it does. The main difference between Win 7 and 10, is that they have switched to the osoclient.exe to manage the updates.
I'm pretty sure server 2008 and onward had the issue. I don't remember dealing with it on workstations
I still have a 2008 R2 box and can test it on the next go 'round. I won't have it much longer, as I am dumping it prior to EOS.
LOL - Didn't make this cutoff. Next week, hopefully.
@Pete-S They dropped the price to 1061.24 since I posted. lol Interesting. Yes, but that is a max of 12 nvme. I may have misunderstood that option with 8 SAS/SATA. I am guessing that the max of 12 would allow for more SAS/SATA, although it doesn't mention it. My issue was also with the available drive capacities and cost per TB for spinning disks in the 2.5" spec.
Yeah, especially direct from the OEM. Have you thought about buying the storage from xByte instead?
Are their drives brand new? I did price out a server with specs as similar to Dell's as possible and it was only off by a couple grand.
IMHO, I consider their drives are 99.9% brand new as its possible an OEM install was done on the drive or something like that. Plus testing of the drive by the OEM and xByte.
Their hardware is manufacturer refurbished, not used. Big difference.
If you can get a Dell ProSupport (w/w-out) Plus 7 year warranty on the server with the drives from xByte, it doesn't really matter if they are new or not. They are under warranty for 7 years and you have no worries.
@Pete-S They list both the 61xx and 62xx as options for the R740XD.
What CPUs do you have in the R720 today? 1 or 2 CPUs?
Do you want the new ones to be faster or just capable of running more VMs?
I have 2 x E5-2609 CPUs in each server. I would like faster, but more VMs would be the priority.
The E5-2609 CPUs are at the low end of what was available at the time so no problem there.
Actually, are you looking to keep the old servers around for testing and such?
In that case you could just drop in refurbished CPUs that are faster and/or has more cores for very little money. If the server can take E5-2600 V2 you can get up to 12 core CPUs.
yeah, but Windows licensing is an issue, assuming multiple CPUs... for a test server, not likely worth going over the 16 cores. Not to mention the test server might require licensing (if needed beyond the 90 day test period for something).
Two 8-cores would be an option. For instance two E5-2690. They are 2.9 GHz base frequency and have 8 cores. About $100 each when buying refurbished.
About 50% faster per core (2609 have no turbo) and about 3 times faster multicore performance. Has more cache and faster memory transfer speed. Was a very high end CPU at the time. Was listed at $2000 while the E5-2609 was $300.
The fastest 8-core E5-2600 V2 CPU is the E5-2667 V2. 8 cores and base frequency of 3.3 GHz. It will likely also be an option for the R720XD. V2 uses 22nm technology so uses less power with the same clock speed and can fit more cores or run higher frequencies.
It is common, however just make sure when they configure only the Static IP of the printers to be picking them up. Also make sure the SNMP community is not public (also none of your devices should have that).
I should ask them about this. I am guessing that all the printers are going to have to be networked now.
This would have happened on Server 2012 R2 as well, dual scan has been around and causes a lot of problems as you noted.
It is strange that I didn't have these issues in 2012 R2. I essentially copied the same GPO for 2012 R2 and made some minor changes to it to convert it for 2016. My 2012 R2 show the correct default service.
Weird, I have various Server 2016and now 2019 with WSUS and while dual scan was an issue for me on Server 2012/ 2012 R2 not anymore.