I'm a bit of a hoarder, but have been cleaning out space over the holiday.

I used to be a CNE/CNI and have this collection of older Netware disks:

https://ibb.co/xM7vqK0

I'm sure no one is installing Netware anymore, but these are more a collectible for those people that like to display this sort of thing.

I'm sure they don't have much monetary value, but I'm willing to send them to anyone interested who want to pay shipping (I'm in OK, US, these can probably be sent media mail).

I also have some binders and CD binder cases that are Microsoft branded (not pictured) that had MCSE course curriculum and disks (I was also an MCSE/MCT).

If no one is interested in having them, I'd be interested to know if there is a repo anywhere that likes to host this sort of thing. I can at least rip the disks and up them somewhere before I toss them.

I'm looking for an easy, no brainer, no fighting laptop-to-TV casting solution. We always get in a fight with an unreliable cast to the TV.

Any recommendations?

What would it be?

Mine would be mailing list for support purposes.

Yes even in these days there are some opensources which have this kind of support.

I find forum much better suitable.

I just hate reading 10 pages of logs with no formatting, determining what is question and what (or where) is answer... simply it is poorly arranged.

Hi,

We have hot - standby configration for DHCP Server.

I also need to adjust our core CISCO switch IP-Helper address. Currently it is only pointing to the single DHCP server, but how would we adjust it so it points to both new DHCP servers and let the servers handle the failover option, i.e. CISCO forwards to both servers and then on the Windows side the one that is 'active' responds as determined by the failover on Windows? I would assume that a failover on Windows DHCP is pointless if the Cisco only knows

Switch config :

interface Vlan200

ip address 192.168.200.1 255.255.255.0

ip helper-address 192.168.100.10

ip helper-address 192.168.100.11

Hi everyone,

Hope you guys hat great Holidays. I have question about sizing a MS Server RDP host. Till now I didnt have much contact with MS RDP, so im really stupid in that topic.

Would be following configuration ok for simple work load mostly office/Outlook/Browser and simple facturing Programm, no Heavy work load or graphics.

AMD Ryzen 9 9900X with 12/24 C/T 128GB DDR 5 2NVME in Raid 1 2TB and additional ssds for data and stuff.

Would be running proxmox and as vm MS Server 2022/2025 as RDP host.

Did I miss something or is this to underpowerd?

Does anyone have experience with HP Drivelock? I am looking for a way to disable DriveLock before an upgrade process, as it interferes with the process if multiple reboots require the PW first. Was hoping the HP BIOS Configuration Utility would offer a way but haven't found anything yet.

Hi, we have a simple setup hosted in a data center. Firewall, switch, virtual machines. The VM's are mostly web servers and database servers. We are looking to separate the two into a production network and data network and firewall the two apart. I know I can do this with VLAN's and use the main firewall to control access to the data network but it feels like if the edge firewall has access to the data network it defeats the purpose of having them on a separate network. Are there any recommendations for a software firewall I can create as a VM that are free or cheap that are not the standard pfsense and such? The main firewalls are watchguards and I know I can get a watchguard VM but the cost seems high for what it is going to do? What is typically used in the enterprise as a simple internal firewall?

Hi all,

I recently installed Windows Admin Center v2 where I want to install the active directory extension on, but I only have 6 extensions available, none of which are Active Directory.

The feed it is pulling from is https://aka.ms/wac-public-extensions

What feed do I have to add in order to get this extension?
Already tried the https://aka.ms/sme-extension-feed but no luck?

Anyone who experienced the same issue?

Windows error code: 0x80240438, description: There is no route or network connectivity to the endpoint.

Hello. There are several answers out there, which have not resolved the problem of 8 computers. These came over from a migration where WSUS client was used. I have removed the HKLK....Windowsupdate WSUS info and rebooted. Nothing of significance shows in gpresult.html.

We do know the past environment they used wsus, but not sure about SCCM. Perhaps there are more hidden keys?

We tried using wureset[]com and going through all of those steps. Nothing has worked on the two computers we tried.

Just a heads up for any admins who might be in Azure South Central: the Azure service health dashboard is currently tracking two outages, one with app services and the other for virtual machines. We've got VMs down that appear to have lost connection to storage as well as apps down. Not sure if this is related to the SP/OneDrive issues others are seeing, but figured I'd pass along the message.

Edit: Tracking ID is CNF4-N_0. Looks like they had a power outage in zone 3 that took out connections to storage.

Edit 2: We're seeing app service and VM recovery now. Our apps are up and all but one of our VMs. VMs are showing a weird status in the portal, but they're fully operational

Edit 3: Microsoft marked the virtual machine part of the incident as resolved but we've still got one VM down. It's zonal, so not sure if they just didn't redeploy zonal VMs to another zone or if they just forgot about my last VM :(

Edit 4: Sounds like the power outage knocked out network gear, so some storage is still offline and they're having to physically replace stuff to bring it back up. Guess Microsoft didn't budget for any UPS when they built the datacenter

Hey everyone,

I’m running into a problem with Proxmox on an Azure VM, and I could really use some help. Here’s the issue:

I have a Proxmox server set up on an Azure virtual machine. When I try to start a VM in Proxmox with UEFI firmware, it fails and gives me the following error:

However, if I switch the VM firmware to BIOS (SeaBIOS), it works fine. I suspect it’s something to do with nested virtualization, as this is running on Azure.

KVM: entry failed, hardware error 0xffffffff
kvm_amd: kvm_amd_dump_invalid_vmcb=1 to dump internal KVM state.Hey everyone,I’m running into a problem with Proxmox on an Azure VM, and I could really use some help. Here’s the issue:I have a Proxmox server set up on an Azure virtual machine. When I try to start a VM in Proxmox with UEFI firmware, it fails and gives me the following error:vbnet
Copia el codi
KVM: entry failed, hardware error 0xffffffff
kvm_amd: kvm_amd_dump_invalid_vmcb=1 to dump internal KVM state.

FYI

status.cloud.com

I am using vpn and I can ping and Ssh on the other machines that are in the network but I can’t ping or ssh on the a specific machine I need . I used nmap scan and I know it is up also in used arp -a and I found some articles saying I should use wake on Lan but I am not sure it’s enabled in my machine plus I already know it’s up. The people in site can’t troubleshoot the connection problem. I am using windows 11 and my remote machine is ubuntu.

Hi Team,

Is there anyone who has gone from Sysadmin to Solutions Architect? I've been in Sysadmin roles for the last 11ish years and bored. I imagine SA is like being a PM, can anyone give me the real run down of the expectations of a SA?

We are currently using a secure email gateway solution which we are moving away from to an API solution that filters directly inside of our tenant. As such I need to update our MX records (hosted with Cloudflare) to point our email back to Office 365.

I have read through Microsoft's documentation and this guide about what changes need to be made.

Currently we have four mx records with priorities set from 10 up to 40. These are all set for our.domain.com.au and not the root/@ record (might be using the wrong term).

My understanding is that I simply need to add our-domain-com-au.mail.protection.outlook.com entry which is found in Microsoft 365 admin console with the priority of 0 and remove the old entries and the change is complete. Is it as simple as that?

The Microsoft documentation says to use root/@ but our current records are all set to our.domain.com.au so I assume that there was a reason it was setup this way in the first place and I am currently ignorant as to what the reason is.

Have I over looked anything or misunderstood something? It is not the greatest time of year to make changes but I am just working with what I have been given.

Hello

I wanted to check what should we budget to hire someone to deploy Entra ID and inTune for a small company of 20 people in Chicago area.

I understand "it all depends" so if you could just give me an approximate range that would be great! Thanks!

More details:

Looking for the simplest setup possible for a small business. The goal is to deploy something that would allow the company a control over user accounts and devices. So an Active Directory, but from what I understand Entra ID would be the way to go instead.

Right now everyone just logs in with a local profile to their computer, which is finally starting to become a problem.

Users will need to be able to log in with a company username and password to the laptop and any SSO-enabled portals; users will need access to Office365 apps.

Someone at the company will need to be able to add/remove users and reset their passwords and grant permissions and licenses etc.

Windows Defender would be nice.

No sharepoint, no Teams.

20 computers, 20 users.

Hey Guys I was wondering what all hardware and software you are using for access control. I would hire a 3rd party to do this execpt were not big enough to actually need that kind of support but we do want to add in the card readers and what not. I was wondering what kind of hardware and software you are using in your facilities if you did a self install of this kind of system?

EDIT:

We're looking at this for a gate and some garage doors not specifically building access as a construction company we just want to be able to provide some control to who has access

Hello,

One of our sysadmins made the repo to small, the problem is this weekend it's going to be full. To fix this we already have set up a second repo. The problem is on the first repo when i want to delete something, we run into this error. Because the back up was immutable. (Deleting from veaam console)

When we tried deleting from the linux repo it self, we can also not delete it because we don't have root rights.

anyone has any idea, how we can delete the back ups that already have been moved to the second repo?
So i can have a quite new years weekend :)

I might be a bit of a bee-otch, but as I am working on creating scripts for a new RMM implementation, I all but decided I really hate the way MSFT manages TLS and ciphers in Windows.

Maybe you all can help me to understand this better so I can get these scripts the way I would like them?

MSFT supports versions of TLS and ciphers on their server OSes as documented here:
Protocols in TLS/SSL (Schannel SSP) - Win32 apps | Microsoft Learn

TLS 1.0 and TLS 1.1 deprecation in Windows - Win32 apps | Microsoft Learn

Ok - fine. So why is it - unless I am waaay off in outer space - that none of these TLS versions or ciphers are listed anywhere in the registry unless we go and create them?

Using a Win 2022 Standard reference server, after a clean install and most recent cumulatives, I look in the registry, and there is nothing there:
HKML:SystemCurrentControlSetControlSecurityProvidersSCHANNEL

If I want to control what versions of TLS and ciphers should be active, I need to create all the registry keys and key values myself. I don't mind working in the registry and modifying stuff as needed. It just seems that - with nothing there to begin with - how do we know what is enabled or disabled so we can set them how we want (need)??

Yes, I can use IIS Crypto to do stuff, and can leverage Get-TLSCipherSuite, but then there is back and forth and what TLS version is each cipher associated with, yadda yadda... harumph.
It should jsut be easier (?)

How are you all doing this?
PoSH?
IISCrypto?
Something else?
(I am trying to stay away from GPO as on-prem AD is way too fragmented in our ever-expanding M&A world)

Cheers and Happy Holidays!

Anyone else getting "503 SERVICE UNAVAILABLE" on M365 SharePoint and OneDrive today?

I'm on the east coast.

We have a basic setup

Server 1 - RDS broker, licensing, web access

server 2 and 3 - Session hosts

We are trying to get rid of the cert errors when we connect to the session hosts so we purchased a godaddy cert and installed it. We are trying to have all connections go through the broker to get rid of the cert errors but when we connect it just sends our RDP traffic to the broker itself instead of the session hosts. We don't need a gateway as all traffic is internal and we don't have ADCS deployed. The reason this came up is issues with the cert pop ups when trying to connect ipads.

Any ideas?

Merry Christmas and Happy Holidays to all who celebrate!

While sharing stories around the Christmas table, my father in law (a master plumber by trade) brought up a bullet he dodged due too being busy. Long story short: a guy needed 6 feet of main replaced, but my father in law wasn't available on Sunday (the 22nd) for Monday to do the work. The client called my FIL back and told him he found someone who could do the repair cheaper.

Fast forward to Monday evening, and this cheaper man who didn't do any prep work ripped out 3 2.5 inch fiber conduits, damaged 30 feet of storm drain, and about 20 feet of sidewalk. From what my tech illiterate FIL says, something like 5000 strands per conduit were destroyed.

So if you're in the Columbus Metro area and without fiber, now you know the reason

Ball parking the repair estimate at 4.5-6.5 million seems reasonable, but is fiber truly that expensive to repair?

Also, as a side note, the client is a late 20s fresh out of med school Doctor, and the attitude fits.

Lastly, thank God for copper backup.

Asking for a friend. Midwest USA

Position start 2021 Help Desk starting salary $40K. A.S. Information Technology and Networking. 2022 B.S. Computer Information Systems emphasis in cybersecurity. Current salary $53K (plus on call bonuses $200 for the week and $30 for the first 15 minutes of a call and $10 thereafter). Acting Service Manager until they find replacement, no compensation.

Certifications: CNSP, CNVP, PenTest+, CSAP, CySA+, Security+, Network+

M.S. Cybersecurity and Information Assurance expected graduation date July 2026

Was offered a position as security admin for $60K. Should they take it?

Edit: I don’t know if this makes a difference, they work with an MSP.

Edit 2: I was wrong. They will be working directly with the head of technology and the two of them would be doing basically CISO duties as the company does not have a CISO.

Quick background:

Server 2019 & SQL 2019 (both STD)

Both nodes running both the RDS servicesroles and as a two node SQL AO DB for HA. After much fighting through appropriate order of setup and installation etc.. I have the RDS connection broker service running in HA, I have the two other default roles running but when I try to add one of the servers as a secondary connection broker (after installing and it restarts) I get an error that it cant find a connection broker and RDP sessions fail.

Not sure what I am missing, banging head against wall for weeks now and it seems like 2 forward one back with each step. Any idea are greatly appreciated.

Unfortunately, I wish I could just reprovision the VM's and try with them from new without the weeks of back and forth changes but its not a viable option with the hosted setup.

Does WireShark actually change anything permanently system config-wise? We've been having issues with Forticlient not connecting on random computers, no correlation that we've been able to find, and when we installed WireShark to attempt a packet capture, the Forticlient issues completely go away.

We've uninstalled WireShark and reinstalled Forticlient and it's still fixed. Does anyone know what could've even changed to fix that?