ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • When you purchase through links on our site, we may earn an affiliate commission. Read more here.

The 'I work in I.T' thread



Krarl

ClioSport Club Member
FB_IMG_1724457055444.jpg
 

charltjr

ClioSport Club Member
Anyone else get clobbered by the AWS authentication outage this morning? Knocked out our automated monitoring for every customer in North America, so that was a fun 90 minutes until they got it working again 😂
 

R3k1355

ClioSport Club Member
Couple of weeks work and several grand of research grant money down the swanny, thanks to Microsoft forcing an update midway through the analysis run. By the time it'd finished f**king around the samples were ruined.

Not me, I just house the machine in one of my Labs. Things been nothing but trouble.

IMG_3060.jpeg
 

Donny_Dog

ClioSport Club Member
  Jim's rejects
Couple of weeks work and several grand of research grant money down the swanny, thanks to Microsoft forcing an update midway through the analysis run. By the time it'd finished f**king around the samples were ruined.

Not me, I just house the machine in one of my Labs. Things been nothing but trouble.

View attachment 1709098
Could it not have been offline? For any serious local number crunching, we isolate 🤷
 

Krarl

ClioSport Club Member
Couple of weeks work and several grand of research grant money down the swanny, thanks to Microsoft forcing an update midway through the analysis run. By the time it'd finished f**king around the samples were ruined.

Not me, I just house the machine in one of my Labs. Things been nothing but trouble.

View attachment 1709098
PEBKAC

Take it offline for any work like that or force stop the updates completely
 

R3k1355

ClioSport Club Member
Could it not have been offline? For any serious local number crunching, we isolate 🤷

It breaks down all the time and they need to access the machine, pull the log files and try to rescue data 🤦‍♂️

It's not ours, it's here on trial so none of us are in a position to fiddle with the configuration.
 

.Joe

ClioSport Club Member
May god have mercy on my stress levels today, ask one of the lads to set a static ip on a remote machine
for some unbeknownst reason he's logged onto a firewall in the lab and starts looking at the static routes.
The decided to star the ip range under a 169.254
Bearing in mind he's been self studying Network+ and ICND for the past 12 months.
1725448500609.gif
 

rctempire

ClioSport Moderator
Just got a WDS Server to wipe 500 client machines, then install Windows 11 OOBE with autopilot ps script to auto provision it.

Feel proud of it, but we are not doing the rollout. Good luck :) PS - Client wants it rolled out by October and have a 1:1 device swappage in place.
 

boultonn

ClioSport Club Member
  Macan S
Anyone had much hands on with Windows365?
our digital leadership has decided it’s the silver bullet to solving our platform issues.
Teams in a VDI, can’t wait
 

Rojer

ClioSport Club Member
Just got a WDS Server to wipe 500 client machines, then install Windows 11 OOBE with autopilot ps script to auto provision it.

Feel proud of it, but we are not doing the rollout. Good luck :) PS - Client wants it rolled out by October and have a 1:1 device swappage in place.

Did you consider Intune?

TIDL

Project Managers

Asked them to order a new phone system, our procurement team ran into an issue and the PM advised them to use a domain for a different customer instead 🤦‍♂️ Now the customer has to be deleted and remade.
 

Darren S

ClioSport Club Member
Had O365 installed on my works laptop for a long time.

Found out yesterday that as part of that, Microsoft Publisher is installed. Does anyone actually use it? Surely it has to be in less use generally than Microsoft Access?

Apparently the plug is being pulled on Publisher in 2026.
 

hopgop1

ClioSport Club Member
Ok my rant is recruitment.
Like is it that hard to find decent people?
Interviewed someone yesterday who’d spent 10 years on the service desk and decided that qualified them for a senior security consultant role.
Plz. Find sea. Get in.
How did they not get filtered out pre-interview?
 

Advikaz

ClioSport Club Member
Ok my rant is recruitment.
Like is it that hard to find decent people?
Interviewed someone yesterday who’d spent 10 years on the service desk and decided that qualified them for a senior security consultant role.
Plz. Find sea. Get in.


Tbf, it’s so hard to get cyber guys atm that he/she probably just thought ‘f**k it, I’ll have a bash, maybe they’ll take me’
 

Darren S

ClioSport Club Member
Ok my rant is recruitment.
Like is it that hard to find decent people?
Interviewed someone yesterday who’d spent 10 years on the service desk and decided that qualified them for a senior security consultant role.
Plz. Find sea. Get in.
Oh, I hear you.

Got an apprentice supposedly starting anytime soon and the agency called to say that he hasn't got a valid passport. How this wasn't picked up beforehand, I've no idea.
 
  340i
That was my first question to our recruitment guy, he didn’t Have a good answer…
Tbh I think sometimes he thinks IT and security are the same thing

IT, Security, Computers, Servers, Networking, Development, Electricity... All exactly the same, what you talking about 👀
 

Rojer

ClioSport Club Member
The way we have got around this in the past is to provide the recruiters with some questions. If they successfully answer those, then they can have an interview.
 

Krarl

ClioSport Club Member
Had one of the lads hand his written notice in earlier. He's off to work abroad in another DC

I'll be opening up an entry level position as a Datacentre operations engineer in Leeds if anyone is interested/knows of suitable candidates

Pm me for more details

Also, we'll be opening up to colocation customers too if anyone needs rackspace
 

Advikaz

ClioSport Club Member
Had one of the lads hand his written notice in earlier. He's off to work abroad in another DC

I'll be opening up an entry level position as a Datacentre operations engineer in Leeds if anyone is interested/knows of suitable candidates

Pm me for more details

Also, we'll be opening up to colocation customers too if anyone needs rackspace


A lot of skilled bods shifting abroad in the last few years. Can’t blame them tbh
 

Krarl

ClioSport Club Member
A lot of skilled bods shifting abroad in the last few years. Can’t blame them tbh
It's something he's expressed to me since we got involved with a sister DC in Strasbourg

He's dual nationality which made things easier for him, I wouldn't ever stand in someone's way if an opportunity like that came around. Especially not one he's been banging on about for about 4/5 years🤣🤣
 

rctempire

ClioSport Moderator
Did you consider Intune?

TIDL

Project Managers

Asked them to order a new phone system, our procurement team ran into an issue and the PM advised them to use a domain for a different customer instead 🤦‍♂️ Now the customer has to be deleted and remade.
Ya, they are going intune.
But they currently are on SCCM and want a FULL break with no old shite in azure. Which is fully understandable.
Anyway, was off on holiday, the minions used the WDS box to prep the machines, no need to find hashes either, it does that and uploads it on the OOBE.

Win win and it works fine and then intune provisions right after too.
 

boultonn

ClioSport Club Member
  Macan S
Stay tuned, its next for said client. i can see it going horribly as Windows365 is laggy on camera stuff in testing's so far.
It sounds bandwidth intensive and for the rural folk with dial up it’s going to make even basic tasks choppy.
I’m not sure if our guys will split tunnel it or pipe all the traffic over the always on VPN.
 

ChrisR

ClioSport Club Member
Teams/365 is just crap anyway. I had an issue where whenever I had my camera on or was screen sharing it'd keep stuttering and I'd freeze for everyone, that was with my machine on a wired 500 meg connection.

Raised a ticket with our support team, their soluion was to replace the laptop as it was nearly at it's 4 year refresh.

So the solution to fix my wonky teams experience (Zoom was fine...) was to give me a new 3 to 4 grand laptop, seems reasonable.
 

Donny_Dog

ClioSport Club Member
  Jim's rejects
ESSAY
#### Providing locked/less/restricted access to the infrastructure for remote users ####

I've been asked the above a couple of times this year and I keep giving the same answer. The requestors don't like the answer, so go off and ask other architects/senior engineers etc. These folk have no clue about what is required & usually have no funding. They come at it from a 1 person/1 user/1 project perspective every time. Which is annoying as fck.

The scenario - Some 3rd party engineers need access to our platform. They only need to access certain parts. They are not based in country. The applications cannot be 'published' and they need to collaborate with colleagues (full fat clients on the network already) for part of their duties. We do not and cannot offer a 'clientless' VPN service - they HAVE to use a 'desktop' (virtual or physical) that is owned and managed by the sovereign entity. It can be sent abroad and used, with some export control... but alas, it makes no odds really where they are in the world - the technical solution is the same, barring some Geo-unlocking on the perimeter.

The first thing they always ask is "if we give them one of our laptops, can you then lock them down on RAS - as to what they can and cannot access?".

And I have always said FCK NO. Creating DACL's for what a full fat domain joined client can and cannot access - is not the job of the RAS appliances or service. It would be a pig to get right, administer, change... blah blah blah. Yes it can be done, but we'd burn tonnes of man hours just finessing the fucker. Besides, I know about 1% of the actual applications and who owns them - fck trying to track them down and get exacting specs a client needs + all the AD s**t that comes with a bloated client...theres tonnes of s**t on them. Bearing in mind also, micro-segmentation is not complete (is it ever). So it's partly useless trying to copy the rules/tags and all that s**t.

I have always suggested VDI.
OR... more recently.... a form of privileged access manager like Bomgar or cyberark or something (not that I've got any experience with them)... but using some sort of bastion service and citrix/vmware based VDI or whatever. Control what the user even has on the endpoint first - then build the rules out of the applications from there.

I can't think of any other way (other than some endpoint software - which I don't even know exists).
Anyone any others?

Suggesting VDI obviously goes down like a lead balloon. Despite us already running it & providing some lock down for other services.
As this is not just a 'network' task, the requestor can just pass the need onto - the requestors usually boot off - as if we are the blocker. Yawn.
 
  340i
This comes up on a regular basis at work... The answer, and our company posture is simply "No" - Even to the likes of Microsoft , Cisco etc.

The only 'approved' method we support is an internal employee hosting a Teams / Webex etc. meeting, and providing screen sharing, with the employee fully in control at all times.
 


Top