andybond
ClioSport Club Member
I used to be a ECDL examiner and marker many years back.
Many, many years back
Many, many years back
ClioSport.net
Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
-
When you purchase through links on our site, we may earn an affiliate commission. Read more here.
The 'I work in I.T' thread
- Thread starter Donny_Dog
- Start date
Donny_Dog
ClioSport Club Member
Jim's rejects
I'd be worried stating that out loud pal. Wouldn't pass a DBS check
andybond
ClioSport Club Member
I think I failed most of those doing the DBS check so I know I am safe.
Krarl
ClioSport Club Member
Krarl
ClioSport Club Member
charltjr
ClioSport Club Member
Anyone else get clobbered by the AWS authentication outage this morning? Knocked out our automated monitoring for every customer in North America, so that was a fun 90 minutes until they got it working again 😂
R3k1355
ClioSport Club Member
Couple of weeks work and several grand of research grant money down the swanny, thanks to Microsoft forcing an update midway through the analysis run. By the time it'd finished f**king around the samples were ruined.
Not me, I just house the machine in one of my Labs. Things been nothing but trouble.
Not me, I just house the machine in one of my Labs. Things been nothing but trouble.
Donny_Dog
ClioSport Club Member
Jim's rejects
Could it not have been offline? For any serious local number crunching, we isolate 🤷
Krarl
ClioSport Club Member
andybond
ClioSport Club Member
MS doesn’t force updates.
Your box either checked in with MS and updated or SCCM set a deadline , or a group policy was defined to check in , update and reboot.
Your box either checked in with MS and updated or SCCM set a deadline , or a group policy was defined to check in , update and reboot.
R3k1355
ClioSport Club Member
It breaks down all the time and they need to access the machine, pull the log files and try to rescue data 🤦♂️
It's not ours, it's here on trial so none of us are in a position to fiddle with the configuration.
.Joe
ClioSport Club Member
who changes ospf at 6 oclock in the morning
charltjr
ClioSport Club Member
Someone who hates the support team?
Donny_Dog
ClioSport Club Member
Jim's rejects
.Joe
ClioSport Club Member
aaaand relax
i think someone forgot to run the saviour of commands "commit confirmed 1" when the pushing the update
now to procure some backup storage
i think someone forgot to run the saviour of commands "commit confirmed 1" when the pushing the update
now to procure some backup storage
.Joe
ClioSport Club Member
May god have mercy on my stress levels today, ask one of the lads to set a static ip on a remote machine
for some unbeknownst reason he's logged onto a firewall in the lab and starts looking at the static routes.
The decided to star the ip range under a 169.254
Bearing in mind he's been self studying Network+ and ICND for the past 12 months.
for some unbeknownst reason he's logged onto a firewall in the lab and starts looking at the static routes.
The decided to star the ip range under a 169.254
Bearing in mind he's been self studying Network+ and ICND for the past 12 months.
rctempire
ClioSport Moderator
Just got a WDS Server to wipe 500 client machines, then install Windows 11 OOBE with autopilot ps script to auto provision it.
Feel proud of it, but we are not doing the rollout. Good luck PS - Client wants it rolled out by October and have a 1:1 device swappage in place.
Feel proud of it, but we are not doing the rollout. Good luck
PS - Client wants it rolled out by October and have a 1:1 device swappage in place.
Gavin.
ClioSport Club Member
We removed it from VDI as it was causing the fslogix profiles to balloon, been fixed in the VDI configured setup but can’t be arsed to try it.
Rojer
ClioSport Club Member
Just got a WDS Server to wipe 500 client machines, then install Windows 11 OOBE with autopilot ps script to auto provision it.
Feel proud of it, but we are not doing the rollout. Good luck
Did you consider Intune?
TIDL
Project Managers
Asked them to order a new phone system, our procurement team ran into an issue and the PM advised them to use a domain for a different customer instead 🤦♂️ Now the customer has to be deleted and remade.
Darren S
ClioSport Club Member
Had O365 installed on my works laptop for a long time.
Found out yesterday that as part of that, Microsoft Publisher is installed. Does anyone actually use it? Surely it has to be in less use generally than Microsoft Access?
Apparently the plug is being pulled on Publisher in 2026.
Found out yesterday that as part of that, Microsoft Publisher is installed. Does anyone actually use it? Surely it has to be in less use generally than Microsoft Access?
Apparently the plug is being pulled on Publisher in 2026.
How did they not get filtered out pre-interview?
Advikaz
ClioSport Club Member
Tbf, it’s so hard to get cyber guys atm that he/she probably just thought ‘f**k it, I’ll have a bash, maybe they’ll take me’
Darren S
ClioSport Club Member
Oh, I hear you.
Got an apprentice supposedly starting anytime soon and the agency called to say that he hasn't got a valid passport. How this wasn't picked up beforehand, I've no idea.
boultonn
ClioSport Club Member
Macan S
That was my first question to our recruitment guy, he didn’t Have a good answer…
Tbh I think sometimes he thinks IT and security are the same thing
IT, Security, Computers, Servers, Networking, Development, Electricity... All exactly the same, what you talking about 👀
boultonn
ClioSport Club Member
Macan S
Yeah how do you fancy a job in recruitment?
Krarl
ClioSport Club Member
Had one of the lads hand his written notice in earlier. He's off to work abroad in another DC
I'll be opening up an entry level position as a Datacentre operations engineer in Leeds if anyone is interested/knows of suitable candidates
Pm me for more details
Also, we'll be opening up to colocation customers too if anyone needs rackspace
I'll be opening up an entry level position as a Datacentre operations engineer in Leeds if anyone is interested/knows of suitable candidates
Pm me for more details
Also, we'll be opening up to colocation customers too if anyone needs rackspace
Advikaz
ClioSport Club Member
Krarl
ClioSport Club Member
It's something he's expressed to me since we got involved with a sister DC in Strasbourg
He's dual nationality which made things easier for him, I wouldn't ever stand in someone's way if an opportunity like that came around. Especially not one he's been banging on about for about 4/5 years🤣🤣
rctempire
ClioSport Moderator
Ya, they are going intune.
But they currently are on SCCM and want a FULL break with no old shite in azure. Which is fully understandable.
Anyway, was off on holiday, the minions used the WDS box to prep the machines, no need to find hashes either, it does that and uploads it on the OOBE.
Win win and it works fine and then intune provisions right after too.
rctempire
ClioSport Moderator
Stay tuned, its next for said client. i can see it going horribly as Windows365 is laggy on camera stuff in testing's so far.
boultonn
ClioSport Club Member
Macan S
It sounds bandwidth intensive and for the rural folk with dial up it’s going to make even basic tasks choppy.
I’m not sure if our guys will split tunnel it or pipe all the traffic over the always on VPN.
ChrisR
ClioSport Club Member
Teams/365 is just crap anyway. I had an issue where whenever I had my camera on or was screen sharing it'd keep stuttering and I'd freeze for everyone, that was with my machine on a wired 500 meg connection.
Raised a ticket with our support team, their soluion was to replace the laptop as it was nearly at it's 4 year refresh.
So the solution to fix my wonky teams experience (Zoom was fine...) was to give me a new 3 to 4 grand laptop, seems reasonable.
Raised a ticket with our support team, their soluion was to replace the laptop as it was nearly at it's 4 year refresh.
So the solution to fix my wonky teams experience (Zoom was fine...) was to give me a new 3 to 4 grand laptop, seems reasonable.
Donny_Dog
ClioSport Club Member
Jim's rejects
ESSAY
#### Providing locked/less/restricted access to the infrastructure for remote users ####
I've been asked the above a couple of times this year and I keep giving the same answer. The requestors don't like the answer, so go off and ask other architects/senior engineers etc. These folk have no clue about what is required & usually have no funding. They come at it from a 1 person/1 user/1 project perspective every time. Which is annoying as fck.
The scenario - Some 3rd party engineers need access to our platform. They only need to access certain parts. They are not based in country. The applications cannot be 'published' and they need to collaborate with colleagues (full fat clients on the network already) for part of their duties. We do not and cannot offer a 'clientless' VPN service - they HAVE to use a 'desktop' (virtual or physical) that is owned and managed by the sovereign entity. It can be sent abroad and used, with some export control... but alas, it makes no odds really where they are in the world - the technical solution is the same, barring some Geo-unlocking on the perimeter.
The first thing they always ask is "if we give them one of our laptops, can you then lock them down on RAS - as to what they can and cannot access?".
And I have always said FCK NO. Creating DACL's for what a full fat domain joined client can and cannot access - is not the job of the RAS appliances or service. It would be a pig to get right, administer, change... blah blah blah. Yes it can be done, but we'd burn tonnes of man hours just finessing the fucker. Besides, I know about 1% of the actual applications and who owns them - fck trying to track them down and get exacting specs a client needs + all the AD s**t that comes with a bloated client...theres tonnes of s**t on them. Bearing in mind also, micro-segmentation is not complete (is it ever). So it's partly useless trying to copy the rules/tags and all that s**t.
I have always suggested VDI.
OR... more recently.... a form of privileged access manager like Bomgar or cyberark or something (not that I've got any experience with them)... but using some sort of bastion service and citrix/vmware based VDI or whatever. Control what the user even has on the endpoint first - then build the rules out of the applications from there.
I can't think of any other way (other than some endpoint software - which I don't even know exists).
Anyone any others?
Suggesting VDI obviously goes down like a lead balloon. Despite us already running it & providing some lock down for other services.
As this is not just a 'network' task, the requestor can just pass the need onto - the requestors usually boot off - as if we are the blocker. Yawn.
#### Providing locked/less/restricted access to the infrastructure for remote users ####
I've been asked the above a couple of times this year and I keep giving the same answer. The requestors don't like the answer, so go off and ask other architects/senior engineers etc. These folk have no clue about what is required & usually have no funding. They come at it from a 1 person/1 user/1 project perspective every time. Which is annoying as fck.
The scenario - Some 3rd party engineers need access to our platform. They only need to access certain parts. They are not based in country. The applications cannot be 'published' and they need to collaborate with colleagues (full fat clients on the network already) for part of their duties. We do not and cannot offer a 'clientless' VPN service - they HAVE to use a 'desktop' (virtual or physical) that is owned and managed by the sovereign entity. It can be sent abroad and used, with some export control... but alas, it makes no odds really where they are in the world - the technical solution is the same, barring some Geo-unlocking on the perimeter.
The first thing they always ask is "if we give them one of our laptops, can you then lock them down on RAS - as to what they can and cannot access?".
And I have always said FCK NO. Creating DACL's for what a full fat domain joined client can and cannot access - is not the job of the RAS appliances or service. It would be a pig to get right, administer, change... blah blah blah. Yes it can be done, but we'd burn tonnes of man hours just finessing the fucker. Besides, I know about 1% of the actual applications and who owns them - fck trying to track them down and get exacting specs a client needs + all the AD s**t that comes with a bloated client...theres tonnes of s**t on them. Bearing in mind also, micro-segmentation is not complete (is it ever). So it's partly useless trying to copy the rules/tags and all that s**t.
I have always suggested VDI.
OR... more recently.... a form of privileged access manager like Bomgar or cyberark or something (not that I've got any experience with them)... but using some sort of bastion service and citrix/vmware based VDI or whatever. Control what the user even has on the endpoint first - then build the rules out of the applications from there.
I can't think of any other way (other than some endpoint software - which I don't even know exists).
Anyone any others?
Suggesting VDI obviously goes down like a lead balloon. Despite us already running it & providing some lock down for other services.
As this is not just a 'network' task, the requestor can just pass the need onto - the requestors usually boot off - as if we are the blocker. Yawn.
This comes up on a regular basis at work... The answer, and our company posture is simply "No" - Even to the likes of Microsoft , Cisco etc.
The only 'approved' method we support is an internal employee hosting a Teams / Webex etc. meeting, and providing screen sharing, with the employee fully in control at all times.
The only 'approved' method we support is an internal employee hosting a Teams / Webex etc. meeting, and providing screen sharing, with the employee fully in control at all times.
Similar threads
