Where do I start with replacing the whole MS AD stack
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
Walah, reservations active.
-
@scottalanmiller said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
Walah, reservations active.
-
@scottalanmiller said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
Walah, reservations active.
Tomato tomatto
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
Tomato tomatto
Chaning the pronunciation does not change the spelling.
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@scottalanmiller said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
Walah, reservations active.
Tomato tomatto
-
I just want to confirm, the general idea is that the DHCP server is static, and EVERYTHING else is just a reservation?
-
@Donahue said in Where do I start with replacing the whole MS AD stack:
I just want to confirm, the general idea is that the DHCP server is static, and EVERYTHING else is just a reservation?
Why statically assign at all? You're in a tight spot because you've already statically assigned a lot of devices.
Instead, just create reservations and let DHCP handle it from there.
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@Donahue said in Where do I start with replacing the whole MS AD stack:
I just want to confirm, the general idea is that the DHCP server is static, and EVERYTHING else is just a reservation?
Why statically assign at all? You're in a tight spot because you've already statically assigned a lot of devices.
Instead, just create reservations and let DHCP handle it from there.
I dont want to be static anymore, I want to use reservations. are you saying yes to my question above?
-
@Donahue said in Where do I start with replacing the whole MS AD stack:
I just want to confirm, the general idea is that the DHCP server is static, and EVERYTHING else is just a reservation?
Not everything.
You AD server is not. That is just begging for trouble in the super rare case that the DHCP is not available when it boots.
Your hypervisor should not be either. Then your router. Those things are about it.Then you make reservations for the things that need a fixed IP like application servers, storage devices, and printers.
Finally you make a reservation for things you simply want in a certain place like switches and such.
Then just let DHCP go wild for the rest. Because there is seriously no reason that you need to care about desktops and desk phones, etc.
-
@Donahue yes, don't assign IP addresses manually on your systems.
Use DHCP Reservations instead.
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@Donahue yes, don't assign IP addresses manually on your systems.
Use DHCP Reservations instead.
That's what he said. I have no idea WTF you are going on about.
-
@JaredBusch said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@Donahue yes, don't assign IP addresses manually on your systems.
Use DHCP Reservations instead.
That's what he said. I have no idea WTF you are going on about.
He's going in circles and not understanding what is being said. Hence it gets explained in a different manner.
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@JaredBusch said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@Donahue yes, don't assign IP addresses manually on your systems.
Use DHCP Reservations instead.
That's what he said. I have no idea WTF you are going on about.
He's going in circles and not understanding what is being said. Hence it gets explained in a different manner.
I understood @JaredBusch, I dont think you understood me.
-
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@JaredBusch said in Where do I start with replacing the whole MS AD stack:
@DustinB3403 said in Where do I start with replacing the whole MS AD stack:
@Donahue yes, don't assign IP addresses manually on your systems.
Use DHCP Reservations instead.
That's what he said. I have no idea WTF you are going on about.
He's going in circles and not understanding what is being said. Hence it gets explained in a different manner.
WUT?
-
Apparently Fortigate wont let me create reservations outside of the lease pool. I even tried setting an excluded range, but it simply will not allow me to do it.
I can either:
- Get a different DHCP server
- Abandon using reservations
- Open the lease pool to the entire scope and live with the mixed results
- Open the lease pool to the entire scope and create 254 dummy reservations to be edited later.
My plan was to have 10.0.0.1/22 as my network, with the lease pool of 10.0.1.0 thru 10.0.3.254 and 10.0.0.2 thru 10.0.0.255 reserved for all these devices using reservations.
-
@Donahue said in Where do I start with replacing the whole MS AD stack:
Apparently Fortigate wont let me create reservations outside of the lease pool. I even tried setting an excluded range, but it simply will not allow me to do it.
I can either:
- Get a different DHCP server
- Abandon using reservations
- Open the lease pool to the entire scope and live with the mixed results
- Open the lease pool to the entire scope and create 254 dummy reservations to be edited later.
My plan was to have 10.0.0.1/22 as my network, with the lease pool of 10.0.1.0 thru 10.0.3.254 and 10.0.0.2 thru 10.0.0.255 reserved for all these devices using reservations.
- replace fortigate
-
@Donahue said in Where do I start with replacing the whole MS AD stack:
Apparently Fortigate wont let me create reservations outside of the lease pool. I even tried setting an excluded range, but it simply will not allow me to do it.
I can either:
- Get a different DHCP server
- Abandon using reservations
- Open the lease pool to the entire scope and live with the mixed results
- Open the lease pool to the entire scope and create 254 dummy reservations to be edited later.
My plan was to have 10.0.0.1/22 as my network, with the lease pool of 10.0.1.0 thru 10.0.3.254 and 10.0.0.2 thru 10.0.0.255 reserved for all these devices using reservations.
Even windows lets you make the full scope and then blackout ranges.
Most Linux systems let you make a reservation anywhere within the subnet of the scope, even outside of the start and stop range also specified.
-
@JaredBusch said in Where do I start with replacing the whole MS AD stack:
@Donahue said in Where do I start with replacing the whole MS AD stack:
Apparently Fortigate wont let me create reservations outside of the lease pool. I even tried setting an excluded range, but it simply will not allow me to do it.
I can either:
- Get a different DHCP server
- Abandon using reservations
- Open the lease pool to the entire scope and live with the mixed results
- Open the lease pool to the entire scope and create 254 dummy reservations to be edited later.
My plan was to have 10.0.0.1/22 as my network, with the lease pool of 10.0.1.0 thru 10.0.3.254 and 10.0.0.2 thru 10.0.0.255 reserved for all these devices using reservations.
- replace fortigate
@Donahue Setup a DHCP/DNS VM and use VyOS, there is a awesome user guide for setting up DHCP and DNS.
-
For me this works and it is simple and not tied to anything but single Linux VM machine:
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.win_lgpo.html
You dont even need to backup the VM, just remeber its IP cause if it fails, recreate a new one and it will receive requests on the same IP, you can make setting to auto accept keys and back it will accept all those clients and you can start controlling them again.
-
thanks for the info guys, I will take a look. I like the idea of using a VM.
