Updated UNMS and Unifi Controller last night.

@Jimmy9008 said in Office 365/Connector:

Hi folks,

Been struggling with this for a while now (1 day or so) and cannot seem to get this working. I have contacted Office 365 support, but no help yet. (This stopped working on Sunday). Would be great to have some ideas on what to check...

I have a local exchange server. This has a send connector to office 365 for two domains abc.co.uk, and abc.com. This routes emails to our Office 365 smart host address.

Within Office 365 I have a connector for accepting email from our IP and have those two domains entered as accepted domains.

When sending emails to the local exchange, all emails arrive successfully to my @abc.com inbox. When I try to send to an external email account, say, gmail, nothing comes through...

Any ideas?

Best,
Jim

Run the Hybrid Deployment Wizard again and then you should be able to send again. I have needed to do this multiple times for my Hybrid customers when it stops after a reboot or so it decides.

Upgrading Dell and Ubiquiti Switches firmware.

@harshmehta said in Error generating Certificate with Lets Encrypt:

Hi All,

When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure

Any help on this would be really great

Please find below the error for same

Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: gitlab.binex.cc
  Type: connection
  Detail: Fetching
  http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
  Timeout during connect (likely firewall problem)

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address. Additionally, please check that
  your computer has a publicly routable IP address and that no
  firewalls are preventing the server from communicating with the
  client. If you're using the webroot plugin, you should also verify
  that you are serving files from the webroot path you provided.
  root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#

Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?

Happy New year!

@black3dynamite said in Zabbix Server Setup on Debian 9.0:

Nice write up. Do you enable firewall on all your Debian/ubuntu installs?

Yes, only the necessary ports. So I should add that...

Official Guide here for Server 2012 R2 But should be the same process
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831385(v%3Dws.11)
You also need to setup a Failover Cluster for this as well
https://www.dell.com/support/article/hk/en/hkbsd1/sln312477/how-to-configure-dhcp-failover-cluster-on-windows-server-2012?lang=en

@dbeato said in Zabbix Server Setup on Debian 9.0:

@black3dynamite said in Zabbix Server Setup on Debian 9.0:

Nice write up. Do you enable firewall on all your Debian/ubuntu installs?

Yes, only the necessary ports. So I should add that...

Here I come and does the changes now...

Happy birthday @scottalanmiller

@jt1001001 said in NTG NY Offices Relocation (Shopping the NTG "Store"):

Tried to stop o our way back but...well let's just say wife said we do not have anymore room for stuff.

My wife actually made a small space down in the basement for me and my servers so that was cool, so now I can have more technology.

@WrCombs said in What Are You Doing Right Now:

@dbeato said in What Are You Doing Right Now:

Having one of those days...

where you dont wanna wakeup?
everybody sucks?

Well, I am awake but the last 4 days has been like Goundhog day all over.

@black3dynamite said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

Since you are using Nginx for SSL, uninstall mod_ssl?

sudo a2dismod ssl

@scottalanmiller ISP are usually sadness

@JaredBusch said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

@dbeato said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

@black3dynamite said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

@dbeato said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

@black3dynamite said in Fedora 29 Apache HTTPD Keeps Adding ssl.conf:

Since you are using Nginx for SSL, uninstall mod_ssl?

sudo a2dismod ssl

Isn't that a debian/ubuntu command?

Yeah... it is.

in other words.. Totally useless..

Can't help when I have used Debian and Ubuntu since version 3 and 4 respectively... so my apologies again.

@wirestyle22 said in Random Thread - Anything Goes:

After almost 3 weeks in the hospital, my Grandpa is apparently going home tomorrow or friday once the oxygen tank delivery arrives at his home. I was really worried we were going to lose him. We had a lot of scares throughout this time. The guy is 78 years old and survived a confirmed covid case. Hopefully this gives any of you that have sick relatives some hope.

Glad to hear

@wirestyle22 said in Nextcloud Update 14.04 Security Warning:

After updating to the new version, the overview section says this:

There are some warnings regarding your setup.
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ↗.

I'm using nginx as a reverse proxy so I added add_header Strict-Transport-Security: max-age=31536000; to the server block. nginx -t came back successful. Restarting the nginx service and am still receiving the error.

The max age needs to be at least 15552000 your number is way lower than that.

@scottalanmiller said in What Are You Doing Right Now:

@WrCombs said in What Are You Doing Right Now:

Same situation here; You got all your terminals looking for the back office server? You sent me an email 30 minutes ago, and you've lost an estimated 1000 in business because you called me an hour later?

Why aren't you watching your emails, but are sitting by answering your phone and allowing it to interrupt anything tha tyou are doing? That doesn't make sense.

This is like the restaurant where you stand in line and when it is your turn to get help, some yahoo calls and the cashier takes their call first even though you were there and waited in line.

Your system only works because you are intentionally giving phones priority to stop all work you are doing, and ignoring emails. It's you artificially prioritizing a slow, inefficient method creating the requirement. On a technological and more general business level, the opposite is true. If people constantly ignore email and prioritize calls, then suddenly call volume goes way up because people learn that calling gets action and emailing doesn't.

This then makes you less efficient and the customer less efficient.

Why the banter? Like you have never done that? Get interrupted by a phone call? There are two type of people when it comes when submitting tickets, the ones that do call (Which they know will get answered faster than an email almost without fail). Then there are others that actually only email and submit a ticket and you need to go through every single question in the world to get to the answer which they don't provide until like the 10th email and by then your time has been wasted.

@dbeato said in Nextcloud Update 14.04 Security Warning:

@wirestyle22 said in Nextcloud Update 14.04 Security Warning:

After updating to the new version, the overview section says this:

There are some warnings regarding your setup.
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ↗.

I'm using nginx as a reverse proxy so I added add_header Strict-Transport-Security: max-age=31536000; to the server block. nginx -t came back successful. Restarting the nginx service and am still receiving the error.

The max age needs to be at least 15552000 your number is way lower than that.

Nevermind, I read one less 0.. But what about the engine on the actual Nextcloud server?

@EddieJennings Yeah there are some alternatives
https://docs.microsoft.com/en-us/exchange/security-and-compliance/in-place-and-litigation-holds

@wirestyle22 said in Nextcloud Update 14.04 Security Warning:

e positive. I am wondering if what I did is enough hardening-wise though and I can just ignore the error.

I would assume you can ignore it since NextCloud will be going through your Nginx Reverse proxy.