We run MC as root. It's the only function on the VM so the idea that running as root as so terrible is really moot. Is it ideal? No. But is it a big deal, absolutely not. That's FUD. If the app is compromised the host is already 100% in danger. Running as root or something else doesn't change anything that matters when it is run correctly overall in a single isolated environment. But it makes updates and stuff SO much easier.

@IRJ said in Verify authenticity of a text thread from a screenshot ...:

@JaredBusch said in Verify authenticity of a text thread from a screenshot ...:

@IRJ said in Verify authenticity of a text thread from a screenshot ...:

@JaredBusch said in Verify authenticity of a text thread from a screenshot ...:

@IRJ said in Verify authenticity of a text thread from a screenshot ...:

Yeah this is honestly either block the number or contact law enforcement. It's not an HR thing, tbh. You cannot get any valid proof.

Company policy could easily make it an HR thing that could cost the other person their job.

Without valid proof?

Proof has nothing to do with if it is an HR thing or not. It is an HR thing if company policy has something about employee behavior between each other that is potentially being violated.

If so, then it is HR's job to deal with things like proof and facts. While doing so, HR can also determine to send it to the authorities even if the recipient does not. Or just keep it as an internal action such as discipline up to termination.

So I create a fake text and get someone else terminated?

Cell companies arent going to turn over texts to HR departments. They would have to get law enforcement involved. So there is basically no way to verify if it is real without getting law enforcement involved.

That's correct. HR departments just don't have the rights to force companies to turn over that kind of data.

Try this instead:

$FolderPath = Get-ChildItem -Recurse -Depth 2 -Path "P:\Public" -Force

Where -Depth is the how many levels deep you want to go.

If you want to see what a cmdlet can do, you can use:

Get-Help Get-ChildItem -Full

@crustachio said in L2 network head scratcher, losing pings to Management VLAN:

Post Script:

Immediately following my last "solution" update, I drove over to the remote site to button things up. En route I noticed a work crew standing around a concrete bridge over a small canal, which our fiber conduit happens to runs alongside. The bridge had just collapsed (nobody injured thankfully). Conduit is torn apart pretty good but the fiber is still in tact. Not sure it will stay that way, I can't see how they'll get the bridge removed without disturbing or removing that conduit entirely. There's also a gas line that runs alongside which complicates things further.

There's never a good time for something like that, but this was just plain uncanny.

oh man - at least you still have the wifi beam connection option.

@Obsolesce

Thanks. That looks to be a good reference and read 🙂

@scottalanmiller said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@stacksofplates said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@scottalanmiller said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@stacksofplates said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@scottalanmiller said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@IRJ said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@scottalanmiller said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

@IRJ said in Engineering vs Administration - That's what makes Windows and FreeNAS so risky:

Admin roles are also dying with immutable infrastructure and HA. Designing a system that is immutable and highly available isn't expensive or time consuming on the cloud anymore.

But someone is still designing the initial system and someone (maybe the same person) is managing it.

Yeah so you don't have an admin here as you admit. You have an engineer designing the system and replacing the system if there is issues. It's all design and no maintenance. Maintenance is automated during build.

Not in the real world. That's a nice theory, but applies to effectively no one anywhere. In the real world, engineering almost always is a trivial effort that involves almost no time, skill or planning, and all the effort goes into years of administration that deals with that haphazard system.

That's completely false. Engineering is almost always a trivial effort......

It's completely true and I've given example after example. In the real world, engineering is generally done without planning or resources and it works enough for people to accept it. Then all the effort is hoisted onto administration. You can argue, but you can't deny that this is what 95%+ of the market does.

No you gave an example of FreeNAS and have completely ignored things like SRE where design upfront including architecture, engineering, coffee design, IaC, etc are all roles for the engineer. Immutability is vital and SREs are embedded in specific teams and only supporting that application.

Yes, but the difference is my example represents nearly the entire market. I didn't say that there weren't exceptions. But that's what they are.

Outside of F500 maybe but outside of F500 you don't normally have systems engineers and systems admins.

@dbeato said in Exchange Database and User Login Report Marriage:

@Texkonc So you don't need the Mailbox status and all that? I just don't understand that requirement?

Yes I do, but I also need these other attributes.

@taurex said in Share From Synology Stopped Working:

On a side note, why on Earth are you using SMB1 protocol? Turn it off everywhere, It's insanely insecure. Ransomware loves SMB1. Also, turn on SMB support on the Synology all the way up to SMB3.

Probably because it was on by default when things were set up. You do not normally even see that screen when setting things up.

@VoIP_n00b said in IPsec Site-to-Site:

Is using a IPsec Site-to-Site VPN safe?

Using a site-to-site VPN is not safe in the first place. It completely bridges two disparate networks. Allowing an attacker on one network to attack the other network, without anything blocking it.

If you are fully prepared to trust everything on both networks, then sure, use it.

Yes, you need to use only known good ciphers. That is no different than any encrypted communications.

@travisdh1 said in Disable Screensaver and User Lockout with PowerShell:

I'm resurrecting this old ghost today.

I've got a couple of police computers that they want the screensaver password turned off for. Our remote registry editor doesn't have HKCU available of course, and Powershell is giving me the same sort of errors it was for @gjacobse. Did anyone ever get it figured out, or am I stuck waiting for them to call me back?

You can always browse to the HKEY_Users then the SID for the current user that is loggged in using remote registry, this is the same thing as HKCU.

Tip: if you don't want to look up the SID using powershell just right click on the SID and check the security settings, it should give you hints to who is who unless it's been customized.

@biggen said in Xeoma NVR:

I get it. But most don't companies that give free software for reviews usually target well known review sites/bloggers in private. They don't simply have a web page for all to see that is dedicated so that any Tom, Dick, and Harry that can open up a Wordpress account, post a 250 word review, and get free stuff.

It’s just led to some shady practices in the past where they were asking people to spam forums with reviews if you didn't have a blog to post the review to.

I actually purchased a 2 camera license from them but decided to move onto Blue Iris that seems to have better documentation and development. I was also a bit concerned on what information from the Xeoma server instance "phones home" to the Kremlin while its running. Its bad enough we have to use Dahua and Hikvision cameras that are Chinese made and ripe with security issues most of the time.

I use Unifi cameras. Pretty good and an easy NVR.

@dbeato said in Anyone ever return a server to Dell?:

Don't accept the shipment and let it get back to Dell. That is the only way.

My rep finally got back to me and told me to do the same thing. I just wish there was a way to stop the shipment before it reaches my door. I tried to put a call in to Mach1 but couldn't get through to anyone.

Well, it's crucial to keep them warm and evenly moist until they germinate, then give them plenty of sunshine until they're big enough to transplant...

@anamanp said in Office 365 NDR for strange email address.:

@Romo Can you please tell me if this was resolved?

Yes, his reply with the solution was three above your post.

Rules set on OWA to keyword autoforward. The account was compromised.

I see 🙂 I haven't tried your solution yet. But I did read about your kind of solution on Redhat Access sites.
The case with default.target is that, if podman containers runs as user they have no access on multi-user.target through systemd. If I did understand right 😄 That's why you have to use default.target instead.

I'll try your solution in a VM soonly.

@stacksofplates said in Password manager for ordinary users?:

I'm not sure what there is to 'release' though. Chromium works natively on Linux right now, I don't see what they would have to do.

All their extras and stuff. There's already a beta insider for linux and Mac released in may. They have an Android version (and I assume iOS too)

I guess the beta isn't open yet.. but I can download it when logged in to my insiders account.

https://www.microsoftedgeinsider.com/en-us/

Another advantage to application containers is integrations with things like VSCode. Your whole dev environment for a project can live in the container. It makes entry to helping with projects much easier. For example you can include a Dockerfile in your project and VSCode will build the container according to your Dockerfile. Then you can have VSCode spin up the container and attach to it and you can do the development inside of the container. That way the contributors don't need to install anything on their systems to work with your project. It's a really nice work flow.

@magicmarker said in File transfer drop:

Server 2019 enables by default some Hyper-v feature called RSC. I wonder if this is your issue. Someone had this same issue as me and turned it off and my Read speed went up to the 900Mbps limited by switch speed now.

https://serverfault.com/questions/976324/very-poor-network-performance-with-server-2019

@Jimmy9008 Looks like this might be your silver bullet

@Joel said in Hyper V Image reset on startup/shutdown + NIC Settings:

Hi Guys
Wonder if you can help share thoughts on this.
A client of ours has a technical team that often like to test new routers, factory reset them and set them up for small remote sites. The tricky thing is, these guys should not be local admins on their computer (needed to change NIC settings etc and configure static ip's etc).

I was wondering how we can get around this and thought we could have a Hyper V solution installed on their laptops with a Windows 10 image - which they have full admin access too and could simply play around and do whatever they want in that environment (including configuring a Local router). My questions are:

can we pass through NIC cards on the hyper V image? So if they plug in Ethernet cable to the laptop and into a local router, they can see this within the VM image and change/configure things from there?

Would it be possible to have that VM Image reset each time they finish? IE. Can it reset back to the base image each time the VM is either started or shut down?

Let me know thoughts on this.
Thanks
Joel

Yes

Yes, via a script, using event log that looks for a VM action can revert to specified checkpoint.

For example:
aad09557-10e9-43e4-86b7-470dac4ea951-image.png

@JaredBusch said in Client VPN - Openswan / Strongswan:

@CCWTech said in Client VPN - Openswan / Strongswan:

I have a Ubiquiti USG that I have the Remote User VPN setup on (LT2P with PSK).

Can Openswan / Strongswan connect to that? I haven't found a walk through on the internet.

Background: I am using a Raspberry Pi running Raspbian that I am using to connect to the USG.

That is IPSEC. It is different settings, so not with your L2TP. But yes.

Awesome, thank you!