We are a law firm based out of LA and the past couple of years we have seen data increase in size dramatically. We have an office in NY and DC who also work on the same network drive that is located here in LA. They are over the VPN and an accelerator. The data continues to increase taking our shared drive capacity to over 8TB.

If we move all of our data to for example, AWS or OneDrive clouds, users will experience much slower speeds compared to local drives (obviously). They are creating ZIP files, opening large PDFs etc daily. We thought about moving data to cloud because technically those drives don't have a capacity and we don't really need to worry about managing backups on our own.

Is there any type of cloud solution that can offer read/write speeds close or similar to that of on site? Easy answer is NO but the challenge is how to beat the expectations of users in regards to speed and performance.

Another solution is to virtualize all desktops in a cloud solution and have all data in the same cloud but that is just way to expensive at this time.

EDIT: NO ONE in our firm is complaining about speed or performance right now. WE have VPNs across sites with Riverbed Accelerators. All is cool on the user side we are just thinking of moving data to cloud to its more easily accessible and backups can be managed in the cloud. We are run lean and mean so we don't have dedicated backup admins/SQL admins etc... Our IT users all wear many different hats so we may not be experts in 1 area we can manage many with the help of our consultants.

EDIT #2: We are using N-able Backup Manager to have local copies on Synologies and also another copy in the cloud. The issue isnt really backups its having to constantly increase the size of the 1 data share that is at 8TB right now.

I work on a small team that is all relatively new with the most senior person on the team being there 2.5 years and the rest less than 1 year. With everyone that built and managed the IT infrastructure retired or fired and the current documentation unorganized or incomplete and outdated this is the perfect opportunity to build documentation and learn the business.

What are some tips to build great documentation? What would you prioritize first?

What free or paid software can help with this goal?

Whats the best way to track licensing and cert and other recurring IT tasks?

I want to take the time to do this right to build the skills and truly help the rest of the IT team.

I don't know if anyone else will find this useful, but it's making my life a lot easier right now. Sadly, it only works with 2 PCs, but it's still cool.

I found an open source hardware and software project called the Deskhop

https://github.com/hrvach/deskhop

It's basically Mouses Without Borders, but in hardware. So, if you have 2 PCs on your desk you can seamlessly move between them with your mouse and it will automagically™ move the keyboard and mouse over, without needing to install anything, REGARDLESS OF OPERATING SYSTEM. You can seamlessly move between Linux and Mac, Linux and Windows, etc.

I'm very impressed with this so far.

A word of warning, though. It does have a "mouse screen saver" in it, which basically acts as a mouse jiggler. It's disabled by default, and I left it disabled on my system, since I find mouse jigglers to be a major security issue.

Prior to this, I was using a USB switch box I got off of Amazon, which worked OK, though a lot of times, when I switched between PCs, Windows would tell me I plugged in an unrecognized USB device and I would need to switch back to the other PC, wait a few seconds and switch back over. I have not had this issue with the Deskhop.

I could also use a KVM, but they won't get me one. Hence why the cheap USB switch box from Amazon.

My current company has been with RingCentral for a long time. I am the Network Engineer of the company and I realised that RingCentral is well known for ripping off customers.

At my previous company I setup FreePBX hosted in AWS and it worked like a charm, but I'm not quite sure how this scale up for mid size company with over 100 branches.

That got me wondering, what are the PBX solutions you are currently using at your company?

I'm sure many of you have seen this CVE:

https://security.paloaltonetworks.com/CVE-2024-3393

At the high level, a crafted packet can reboot your firewall and eventually put it in maintenance mode. The workaround is to disable your anti-spyware DNS policies so that they do not log events.

They do not mention that you cannot change the predefined default value for the spyware policy. So, if you update all your other profiles, make sure to update all your policies not to use your default policy.

Happy patching!

A tenant's Exchange Online mailboxes stopped receiving any external mail late on this 23rd. As in, no trace in its admin center that there was ever anything even processed.

Yesterday the Exchange Online servers at least began replying with an error message (apparently senders got no error before that):

451 4.4.4 Mail received as unauthenticated, incoming to a recipient domain configured in a hosted tenant which has no mail-enabled subscriptions. ATTR5 [etc.]

No error in the admin centers whatsoever. It coincided with the annual license renewal, but those show green, too.

After two days of the tenant's actual MSP not finding anything (or being able to evaluate that error), I contacted Microsoft myself.

So apparently: There's an ongoing "global partial outage". I wasn't told further specifics, at all. Only that doesn't yet have any incident report (or notification of the affected) in the admin center "as the relevant higher-up techies currently only run their holiday skeleton crew".

I'm to wait for the incident report appearing by Monday, the issue hopefully resolved, and otherwise to reopen my ticket (the current one was closed as "it's a global issue").

So yeah… happy holidays.

Anyone have an explain like I'm 5 tutorial, video or whatever you can point me to?

I'm sure it's not as hard as I'm making it, but obviously getting it wrong is a problem. Obviously the interwebs has tons of stuff, too much almost. We don't have certs issued anywhere currently, so need to undo and redo.

We've got a CA server, everything has expired. VPN cert from outside. I'd like to get rid of the internal and start over, but want to start from day 1 kinda thing, never really understood it and don't want to learn the hard way.

Thanks all

5yo me.

Edit: I'll take both, what/how from a general perspective and from a CA server perspective.

Hey, anyone have a whitelist for updating windows I can copy?

I have the following, but it's still failing for me so I think i'm just missing some FQDNs

set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.microsoft.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.windowsupdate.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.windows.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.akadns.net
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.akamaitechnologies.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.msocdn.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.office365.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.msftconnecttest.com
set security utm custom-objects url-pattern SSl-Inspect-Bypass value *.msftncsi.com

Update: Okay looking at logs, it looks like there are still some FQDNS that aren't listed, appears some are in azure.

Hi All,

I’m looking to get an NFR tenant for the above for the purposes of self-education and customer demonstrations of lesser-used features. Is this something Microsoft are known to provide upon request if I were to go via my corporate email (we’re an MSP)?

I don’t quality for the free E5 Developer instance, unfortunately.

I'm preparing for the RHCSA 9 exam and was wondering if scripting questions are part of the exam. If there are, for those who've recently taken the exam, any insights on how much scripting knowledge is required would be really helpful. Thanks in advance!

Last night I updated to windows 11 24H2 and it lost access to a network drive I have, which I can still access from another PC that doesn't have the update.

If I try to connect via File manager I get this following error

Windows cannot access MYDRIVE check the spelling of the name. Error code: 0x80070035

If I try via command prompt to do

net use w: MYDRIVE folder /p:yes

then I get a message that the password is invalid and when I enter my credentials as prompted, the response I get is this:
System error 1272 has occurred.

You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.

does anyone have an idea about this?

Having issue with an unsupported Nimble array CS300, as management had decided not to get support, and now we have issues.

Currently we are seeing this error pop-up frequently and we are certain it is causing issues with our virtual machines:

"The Data Service stopped unexpectedly on the array, system will try to recover from this failure. For the several seconds that the recovery takes, data access will be affected."

I had found a link that said that the scratch area may need to be cleaned up, but when I ssh into the array I can't find the scratch area. Mind you I dont even know if the scratch area is the issue

Hi All,

I finally got a script that I can test with regarding user password notification.

The only hiccup right now is that when the emails comes through it is showing negative expiration calculations. This is most likely because of the "Lastpasswordchangedatetime" syntax coming back as null.

I am using MS Graph to send emails and have the appropriate permissions assigned. See below script:

#Connect to Microsoft Graph using App

Connect-MgGraph -ClientID $ClientID -TenantId $TenantID -CertificateThumbprint $CertThumbPrint

# Define the number of days before expiration to notify

$daysBeforeExpiration = 90

# Get the current date

$currentDate = Get-Date

# Define the user email or user ID

$userEmail = "testuser@contoso.com"

# Get the user

$user = Get-MgUser -Filter "mail eq '$userEmail'"

if ($user) {

# Get the password last set date

$passwordLastSet = $user.PasswordPolicies.LastPasswordChangeDateTime

# Calculate the expiration date

$expirationDate = $passwordLastSet.AddDays(90) # Assuming a 90-day expiration policy

# Calculate the days until expiration

$daysUntilExpiration = ($expirationDate - $currentDate).Days

if ($daysUntilExpiration -le $daysBeforeExpiration) {

# Send notification email

$emailBody = "Hello $($user.DisplayName), your password will expire in $daysUntilExpiration days. Please change it soon."

Send-MgUserMail -UserId $user.Id -Message @{

Subject = "Password Expiration Notice"

Body = @{

ContentType = "Text"

Content = $emailBody

}

ToRecipients = @(@{EmailAddress = @{Address = $user.Mail}})

}

}

} else {

Write-Output "User not found."

}

Since it stands for "robust" copy.

Hello, I am new to my company which uses Google Workspace (I've only ever lived in the 365 world) and just found out Google is planning on removing basic auth, which means our current method of connecting to their SMTP servers for sending email from copiers and other services is going away (Google Support told me today that this article is outdated and implementation is not happening in Jan 2025, but obviously I still need to plan for this change).

Previously I set up a postfix server to act as an internal relay to a Microsoft 365 Exchange Connector to be able to send email, but it doesn't seem like Google has an equivalent option. They do have unrestricted smtp (option 3 in this article) but that apparently doesn't allow emailing to users outside Gmail/Workspace, which isn't a valid solution for us.

Does anyone have any thoughts or know if Google does have an equivalent solution that I am missing?

I’ve been using IT glue for a number of years now, but I’ve been primarily using it as a documentation platform. Something to manage vendor contacts, manage documentation and shared credentials (especially when it’s helpful to add a link to a credential to use in a how to), and we utilize the licensing module to help keep track of licensing and renewals on subscriptions.

Things we don’t use effectively or don’t trust to be accurate: Configurations Entra ID contacts via integration

What I want to know is how do you use IT Glue.

What custom flexible assets have your created and what’s the use case?

How do you effectively use configurations

What other devices/services do you integrate with?

How do you organize your documentation? We recently reorganized ours to be more of a pooled document library with less sub folders. We found we were digging in folders, and we often placed documents in the “wrong” location. How do you manage this? Is there a naming scheme you work with? Is there a folder structure that makes sense?

As the title says, we have a few old but very good serial scales in production and we seem to encounter this problem.

Thank you

I have a domain with the email hosted by G suite. Ive had mta-sts set up for about 5 weeks, with the enforce policy on for about 4 weeks. Multiple Mta-sts checkers say it is set up properly. I have all the DNS entries I need. I have a very long ttl for it- the largest number minus 1 second (31557599)

Everything works. I've only gotten back Pass reports, but I get very few of them. I mainly get them from Microsoft, occasionally from Comcast. And never from anyone else.

From what I can tell few reports is a good thing? That unlike DMARC, a lot of mta-sts providers (Google?) don't send reports unless there are errors?

I seem to be receiving all emails properly...

Just wanted to double check/get reassurance.

Our company primarily uses Dell Latitude devices (5420, 5440, 5440) and for over a year our users have been experiencing frequent audio issues. Our fleet is somewhere around 600-800 laptops and this issue seems to strike at random for anyone with one of these Dells. This has also been a recurring issue for some users.

The issues consist of users not being able to hear speaker audio and microphones not working. We've seen issues where microphones don't work but speakers do, speakers not working when the microphone does, both not working all of the time, both not working sometimes, everything working fine for two minutes in a meeting then all of the sudden mic/speakers stop working, etc! We've also noticed sometimes duplicate Realtek drivers somehow get installed on the machines, one being "Realtek Audio" and one being "Realtek (R) Audio".

Our usual fix for these issues is to reinstall audio drivers, which usually fixes the issue. However, some of these users have called back as soon as a few days later reporting the same issues and we reinstall drivers again.

Lots of Googling leads to basic troubleshooting steps we've tried with no success (windows settings, registry keys). We've tried installing older versions of the Realtek (R) Audio driver as well as installing drivers from the Realtek website.

Does anyone have a similar experience or any ideas why this would be happening? We hear reports of these issues around 1-10 times a week and it seems like they keep cycling. Thank you!

Edit, for clarity: This is only an issue with the onboard speakers/mic. USB devices seem to be unaffected.

I was thinking the other day that we have 600+ licenses that have Defender included. We currently use Cisco Secure Endpoint for our EDR everywhere. I have few problems with it for the most part but it also scores not very good in almost any benchmark I found (particularly https://attackevals.mitre-engenuity.org/results/enterprise). There are also instances where it just didn't stop adware from showing/installing.

Part of the reason for this post is that I am in charge of end user devices. Another person is in charge of the server infrastructure (700+ desktops, ~140 servers). I have little influence over the server infrastructure. Would it be considered "wrong" if I suggested we make use of our licenses for end-user devices and let the server team continue on using Cisco Secure Endpoint (if they wanted)?

For some context:

- We have a SIEM that gets alert data from a variety of sources. So it's not like I'd have to log into 2 different portals to check for alerts

- The policies for servers are on audit mode and I can't really change them due to rights and responsibilities.

TL;DR: I need to automate deployment/provisioning of new computers. There's a lot more options available now and I'm feeling overwhelmed by options. I want to find a tool that fits our existing business structure, rather than have to change all 160+ existing customers to fit the tool. Our customers have us order machines from all manufacturers, which get shipped to us. We set them up to a baseline, adding things like antivirus as contracts dictate. We treat these computers as customer-owned, so we're pretty hands-off. Sorry for the long post, buckle up.

Background: I work at a tiny MSP in a small rural area. It's just my boss and I (2 full time technicians), boss's old boss from a previous job (part-time tech), and boss's wife (I like to say she cooks the books for us). We're the only IT provider in my mostly rural corner of the state, and we now support 160+ businesses and countless individuals across our mostly rural area, supporting computers/software, phone systems, networks, cameras, and other infrastructure. I've gained more responsibilities and I'm realizing there are several tools/processes needed to support our growth that have been neglected for quite a while. I'm trying to get these tools in place, but I hardly have time with the constant interruptions/phone calls.

Current Process: Most of the time, we only deploy 2-6 machines per week. When we get busy, like we will be next year, we can do 20-30 machines in a week. When I started here, it wasn't a big deal to deploy manually when that was my only task, but just this week I already have 12 machines for various customers looming on my desk, 4 repairs waiting, and a half dozen projects that would automate/streamline almost all of it. With Windows 10 support ending next year and consistent growth, I need to automate as much as possible.

1. Unbox
2. OOBE
3. Windows Updates/Driver updates from manufacturer (Dell SupportAssist, HP Support Assistant, Lenovo Vantage)
4. Change windows settings (Time Zone, disable taskbar junk)
5. Remove bloat, disable startup programs
6. Install packages: Firefox, Chrome, and Adobe Reader, remote access, Antivirus/EDR depending on contract, Office
7. Transfer files, if necessary

Options I'm Aware Of:

1. Imaging Server - This was my initial thought, since my impression of Sysprep was that it would do exactly what we need. I was imagining PXE reimage a fresh image with our packages installed, then just install matching manufacturer drivers from SupportAssist/Vantage after boot. However, my boss shies away from this route. When he worked in a school a little over a decade or so ago, he had issues with having to inject manufacturer drivers into the image. He thinks there'd be too many drivers with all the different models we touch. Is that still a concern? Maybe Sysprep works best with identical/similar hardware from the same manufacturer, but not so great imaging between different brands?
2. Intune/Autopilot - Our customers are mom & pop shops that think computers are magic boxes where lightning goes in and pretty pictures come out. Convincing our customers to pay extra subscriptions isn't an option, unfortunately.
3. Windows System Image Manager (SIM)- I was going to use this to make the unattend answer files to bypass OOBE, and just script the rest of deployment with powershell, but SIM only seems to work with .wim files, and windows ISOs use .esd files now. Unless I'm misunderstanding something, I'd have to capture my own .wim for this, at which point I might as well do option 1.
4. Windows Configuration Designer - I've only had a few minutes to browse the options available, but this doesn't seem like a one stop tool either. I might be able to set the same settings as the OOBE, but I'd still need at least some scripting to make it work for us. I don't see much benefit vs. just scripting the whole thing.
5. Ansible, etc. - I don't remember why I ruled out config managers like this. I think it had something to do with customers having full ownership of their computers, and us wanting to minimize the agents running on those machines once they leave our office. Might have also had something to do with the machine needing to be setup to an extent before the agent can be added, at which point most of the time consuming tedium is already done and there'd be little further use for the agent.
6. WDS/MDT - I haven't had time to look into this much yet. I imagine it's similar to 3 & 4 in functionality.

I'm trying to find something that would allow us to just use the OEM images since we don't make that many changes. Something that lets us unbox, connect a network/USB, and come back to a (nearly) finished machine with as little interaction as possible. Are there any other options you guys use that might fit our use case? Am I misunderstanding an option above that does what we need? Maybe we're just big enough and put off a fix long enough that it'll get worse before better? Maybe we need to restructure some things to better suit the tools available?

Is it possible to achieve the following goal.?
Deploy a pooled Azure Virtual Desktop (AVD) host pool where Azure Entra ID users can log in, and their profiles persist.

So far, everything I have found requires Active Directory to leverage FSLogix Profile Containers. Is there a cloud only solution that allows this for AVD for pooled users where users can login with their existing Entra ID creds and access the pooled vm? Ive been successful with the personal vm host type.

I'm looking for an easy, no brainer, no fighting laptop-to-TV casting solution. We always get in a fight with an unreliable cast to the TV.

Any recommendations?

I'm a bit of a hoarder, but have been cleaning out space over the holiday.

I used to be a CNE/CNI and have this collection of older Netware disks:

https://ibb.co/xM7vqK0

I'm sure no one is installing Netware anymore, but these are more a collectible for those people that like to display this sort of thing.

I'm sure they don't have much monetary value, but I'm willing to send them to anyone interested who want to pay shipping (I'm in OK, US, these can probably be sent media mail).

I also have some binders and CD binder cases that are Microsoft branded (not pictured) that had MCSE course curriculum and disks (I was also an MCSE/MCT).

If no one is interested in having them, I'd be interested to know if there is a repo anywhere that likes to host this sort of thing. I can at least rip the disks and up them somewhere before I toss them.

I am new to Dell SAN Storage, my current company is using Dell SCv3020 and the endurances of the read-intensive SSD are going 0 (4 out of 6 , 1.92tb each).

When I tried to release the endurance 0 disk to replace it with a new one(no spare disk space available) the message popped up asking if I should do the rebalancing (3 options), which option should I go for?

Perform immediately

Schedule Raid balance

I will start Raid balance later