Sysadmin

About a year ago I introduced Rustdesk as an experiment. For those who don't know Rustdesk is a piece of software that allows remote access. You can use the public servers or you can use your own private server.

It has been a massive success and a game changer in my company. The biggest benefit to Rustdesk is that it allows you not only to share your screen but to connect to other peoples screens. That doesn't sound like much of a game changer but having a simple UI that can be taught to people that aren't tech savvy is very useful. It has powered collaboration internally.

I just thought I'd share my experiences.

I was wondering how often does one choose to make and keep back ups. I know that “It depends on your business needs”, but that is rather vague and unsatisfying, so I was hoping to hear some heuristics from the community. Like say I had a workstation/desktop that is acting as a server at a shop (taking inventory / sales receipts) and would be using something like timeshift to keep snapshots. I feel like keeping two daily and a weekly would be alright for a store, since the two most recent would not be too old or something. I also feel like using the hourly snapshots would be too taxing on a CPU and might be using to much disk space.

So I recently discovered that the camera NVRs are majority insecure. This lead to my company failing to get PCI compliance which wasn't all that unexpected. However, this leads to the awkward situation of me comparing mesh VPNs. I've been playing around with netbird but I'm looking for a more polished solution.

Do any of you use Tailscale in a corporate environment? If so how well does it work and is there any major pain points?

Edit: I gave up on Tailscale as it was a pain in the ass. I'll just use Netbird with a reverse proxy for the cameras.

Has anyone used sunshine/moonlight for low latency remote desktop? I've used it for remote gaming but I since I've had good experiences I though it might be testing for work.

For testing I've used it to access my local machine but that's it.

It's the last Friday before the New Year. Like myself, many of you will be starting their on-call rotation.

To all my brothers and sisters in arms, I wish you a quiet and relaxing New Year's weekend. May your DNS be accurate, your switches be resilient, and your uptimes be high.

Cheers!

[Update:Solution]

It was my router which set STP on by default. Switching it off (in smaller networks) or using RSTP made the delays go away.

[/Update]

Hóla!

For a long time I've got this horribly annoying problem: Upon bootup, ANY domain-machine that is using LAN (no probs with wireless) has an idle-time with "there's no network!" of about 1-2mins until they discovered the network. BUT only windows-machines. Linux boxes get net instantly. Also on LAN.

Setup: 2 Domaincontrollers, Server2019. Both are DNS, one is DHCP and NPS for WIFI. All machines have fixed IPs, the DHCP is just for wireless clients.

I have tried everything I could think of, like NIC-Drivers, OpenDHCP, temporarily changed the switch from a managed one to a dumb one, changed the NIC in the server, let only one DC be alive at a time, rejoined the domain, the usual sfc/dism-approach and whatnot.

I asked once on reddit, but everyone just told me "that's DHCP!", yet it's (seemingly at least) not. All have fixed IPs, but using dhcp doesn't change a thing.

So I'm clueless again, hoping for some nerd that's nerdier than me to have an idea :)

I opened my laptop for unrelated reasons and was greeted by a slightly bloated battery. Idk if the picture makes it clear, but the individual segments of the battery have slightly raised above the solid structure pieces in between. Laptop is just over a year old. I have already contacted the manufacturer, but with the holidays and everything I'm not sure when I'll get an answer.

Basically, I'm worried about the potential danger. I use my laptop a lot (usually plugged in). Since the battery seems to be screwed in and not glued, I could just take it out, but idk if that would be better than just leaving it in until the manufacturer sends me a new one or has me send it in for battery replacement.

Also, I hope that consumer hardware posts like this are accepted in this community. The rules at least don't state otherwise.

Edit: thank you all for your comments. I brought the bloated battery to a recycling center the day after I made this post. Communication with Medion support eventually led to me talking to a very pleasant service technician on the phone. He sent me a new battery, which I just installed. Everything is working great again.

I wrote this a Christmas or two ago and thought it would be nice to share to any of us out there dutifully on call.

'Twas the night before Cristmas and all 'cross the web
I was browsing through Discord, installed from a deb
Not a user was working; the servers were quiet
I perused a new webapp, thinking to try it
When just like the spider, my senses did tingle
Somewhere I knew of the plight of Chris Kringle
I jumped out my chair, nearly fell 'ver my pooch
Waded through wires and gave boxes a scooch
I got out the door and eyes raised towards my roof
What I saw was a joke, certainly just a goof
For a fat jolly man sat so pondering prone
With a quizzical look he was locked to his phone
Not certain my role here not wanting to bother
But asserting my role in this house as the father
I shouted up top "Hey there Santa, what's cookin?
Do you need some help? There's concern how you're lookin?"
He called down to me "Oh shucks there dear boy
I hate this here phone, this ridiculous toy
The elves say to use it to guide my big flight
But I can't seem see it cuz the screen's not too bright.
It's always rerouting, about traffic it's warning,
At this rate I'll still have the toys by the morning!
My route's in the air not on parkways below,
And I'll not be deterred by rain sleet or snow."
"Well Santa," I said only wanting to help
"The reviews for sleigh flight are quite poor here on Yelp.
What you need it to switch your nav mode to airborne,
Not walking or driving, so don't be forlorn.
Just unlock the screen and hand it to me,
I'll get you fixed up and erase your worry."
He handed it to me and to my surprise
Not an android or iphone sat front of my eyes
But a candy cane brick whose innards were magic
I worried for now of an outcome most tragic
But just then I spied it way up at the top
The icon whose presence made mystery stop
"Santa look up here this tiny white car,
'Tis the icon that's stopping you from getting far.
You're mapping as if you're a car on the ground
Which is not too correct for you getting around.
We can change it to sleigh flight by tapping right here,
It'll also find stops where to rest your reindeer!
Let's crank up the brightness by moving this slider
To help your eyes rest and not stay open wider.
Lastly let's stream you some music to play,
Maybe TSO? How 'bout Michael Buble?"
A genuine smile platered St. Nicholas' face
His worries were gone, vanished not with a trace.
"On this night here my friend you feel proud of yourself
The magic you did is like that of an elf!
I'm awed how you fix all this digital stuff,
I used to think reindeer and stockings were tough,
But now I can see that the world is a changing
And the skills that I use need to do some exchanging.
Now that it's working I really must go
To deliver the presents 'fore roosters will crow.
Speaking of morning, why are you awake?
'Tis well after midnight unless I mistake?"
I had but a chuckle, "Oh Santa don't dread,
For I'm an IT guy and hate going to bed!
There's a little more lemmy and masto to browsey
I'll likely spend 3 to 4 hours this drowsy!"
He chuckled, "OK, if that's how it works
You enjoy all your trolling, browsing and lurks!"
He hopped on his ride, took a seat, grabbed a reign
And started to hum with Mariah's refrain.
As he took to the air he gave pause to his song,
"Merry christmas to you, may your uptimes be long!"

Just what the world needs, more software subscriptions. /s

Though we are talking about Broadcom, so I can't say I am surprised.

The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies.

Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, military intelligence officers breached Russia's federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

As Ukraine's Main Directorate of Intelligence says, the repercussions of the cyberattack have been severe, causing a breakdown in communication between Moscow's central office and the 2,300 territorial departments that also got hacked in the attack.

It has led to a virtual collapse of one of Russia's vital governmental agencies with a significant loss of tax-related data, according to GUR, as well as tax data-related internet traffic across Russia falling into the hands of Ukraine's military hackers, as The Record first reported.

"This means a complete destruction of the infrastructure of one of the main state bodies of terrorist Russia and numerous related tax data for a long period," GUR said.

GUR said it hacked Russia's Federal Air Transport Agency last month, gaining access to classified data and leaking it online.

The impact of these cyberattacks underscores Ukraine's increased cyber warfare efforts against Russia, leveraging its military intelligence cyber units to disrupt critical Russian infrastructure.

Summary by smmry.com

From the No-Shit-Sherlock Dpmt .

Hey, I've recently designed a Poster about the FHS since I often forget where I should place or find things. Do you have any feedback how to make it better?

Edit: updated with new version

It's 2023. If your company doesn't offer chat or phone support in this era you are that store that doesn't take credit cards. You're not going to make it.

Lansweeper only offers support via email, and those emails are not returned. I suffered a license issue that took two days to get resolved, all the while down, and Lansweeper could not have cared any less. I decided not to renew our license. Two weeks later they sent me a renewal with a 40% increase.

I had a chuckle as I deleted that email.

Hello everyone.

I haven't had any need for OCR software in probably 15 years, but I have a client who has 7 document boxes worth of forms filled out by hand that they need digitized. They're scanning them into PDFs this week, but want to recover FirstName, LastName, Phone, Email and then a hand written feed back box and load those all into a database.

ChatGPT recommended ABBYY, but it looks like it might be overkill for a one time need like this.

I told them that a couple teenagers doing data entry might be more accurate and cheaper. IDK if that's really true though. I'm not at all an expert on OCR software.

Does anyone have any suggestions?

Oh boy, here we go

"Move to the cloud" they said

Ever since I’ve came to the company as a sole Sys admin (where there was none before) I’ve tried to keep it simple as possible… everyone has MS Office Home&Business, I’ll move everyone to Outlook from the damn Windows Live Mail… and sure thing, I’ll also install Outlook on their phones whoever wants to have Email access on their phones.

And it’s been a mess… people on Windows complaining that they dislike the new Search inside Outlook, sometimes when they try to start it up it doesn’t even open but hangs as a dead process so I had to put a shortcut on their desktop that does ‘taskkill /IM outlook.exe’… it happens on both old Windows 10 setups and brand new Windows 11 setups of all kinds… Also they’re pushing their new look a bit by bit and I’m thinking of migrating to something else before it even happens

On Android sometimes it has hard time syncing with IMAP and the search is also broken… it doesn’t work at all if only one IMAP account is logged in, so I had to login a dummy IMAP email account as a second one because only then you get the search option of which directories to search for and only then it works… idk how else to explain this but I found many people complaining about the same thing and using a solution like this for years…

So, what are your top alternatives for Email clients? It doesn’t have to be free (but a one time payment would be preferable), but it has to be a stable and simple experience for the workers on both Windows and Android. Body

Hi all. I'm not ready to die on this hill, but I am willing to suffer some serious injuries.

Here's the question: Should an IPAM product hand out static IPs when called upon by API for next available address?

Say I setup a machine on vRA using API calls to an enterprisey-IPAM solution using their documented API to poll, and perhaps subsequently pull, the next available IP address.

The API assigns an IP, but the IP assigned is the next IP available in a static range, not an IP address in an established and advertised DHCP range. Thus, any of a number of reserved static IPs will be dynamically assigned via API. The API is not using the IPAM product's built-in DHCP server to dynamically assign addresses. The IPAM product's DHCP and DNS are authoritative.

Bug, or feature?

As an engineer, my take is that the API calls should always pull from DHCP. Static IPs must be considered to be reserved, even if marked unused in IPAM, and should never be assigned whereas DHCP keeps records of IPs assigned and can be trusted to hand out an IP not being used. The idea is, when a new machine is brought online and gets an IP, that machine can either retain the DHCP-assigned addresses or I can assign it a static IP if necessary. Never, ever should my IPAM product think it is OK to hand out a ~~private~~ static IP address.

I can see how some people flip this and want their DHCP pools to be untouched by IPAM, but that's just backwards in my eyes.

I thought this was the right place to ask, let me know if somewhere else was better.

I have a classroom in a public school with around 30 PCs (windows) I need to install software on (python and codium). They are all the same PCs. In the past there was a management system but due to some licensing issues that does not work anymore.

How its been done before: Go to each and every PC and setup everything manually, or do it once and mirror the HDD 30 times .... both ways very time consuming.

I thought there might be a better way to do this, do you have any idea?

I've been trying to swap out a dead computer that operates a scale but the scale software is a pain in the ass. What have you guys been up to?

I started a new job at a school district as a systems manager and one of our bigger problems is our new Windows 11 AIOs are getting stuck on a "please wait" screen at boot which, after enabling verbose, saw it's actually "Applying Computer Settings"

Slight background I came in since they were renewing the entire district, I've been with them about 6 month now and have primarily been their JAMF admin in all honesty. We use WSUS, on prem AD, and an older MDM called ZenWorks or MicroFocus. (Idk but all the docs are for XP and Win7 when I look at it..)

I've worked closely with the network engineer and have taken out any ACL or possible blocking.

It happens on Wi-Fi and ethernet. At seemingly random times, I can never consistently get it to reproduce but one room at one of our schools is having it happen about once a day.

And yes, we're investigating DNS but it all seems in order when we check.

One thing it could be is the server admin was also shouldering my job when I got there so he just simply kept the old Win10 GPOs and never did any updating or checking. I'm not in control of this but he's really helpful and is going to take a look when he can.

I've been grasping at straws and I'm not looking for answers but a bit of venting and curious if anyone else has come across the same thing because I don't have many more straws to grab at.

I just stumbled across this on Newegg and it looks like a nice board for desktops in rugged environments