@penguinwrangler said in Connect Ubiquiti APs to a New Controller:

@jaredbusch said in Connect Ubiquiti APs to a New Controller:

@penguinwrangler said in Connect Ubiquiti APs to a New Controller:

@jaredbusch said in Connect Ubiquiti APs to a New Controller:

Controlled migrations have lots of tools and options.

But a downed controller has pretty much no option except to default the APs and readopt.

You will not even be able to SSH into the APs if you cannot log into the controller and get the device admin password for the site.

@JaredBusch is right. If you lost the controller it is a reset process. I recently went through something similar, however, it was the fact that our ISP at a location I manage decided to change out there cable modem and in doing so changed them from a static IP to a dynamic IP. Which is fine and easier for me but they didn't tell the client that they might have to reconfigure their equipment and didn't even bother to make sure they had internet. Switch cable modem and left. Client calls me and I get there and well the Ubiquiti Secure Gateway wasn't working because it was set to use a static IP on the WAN side. I was mad. So I had to reset the Ubiquiti Secure Gateway. Now here is the kicker, it would show up in my controller once I set the inform address but for some reason at least on the smaller USG's is that you had to ssh into them and set the inform address. Click on adopt in the controller and then while it says adopting in the controller run the inform command in ssh again. If you didn't do that it would be adopted but say disconnected. It was a long night until I found those instructions. Grrrr.

I hate the USG. Such a piece of crap.

I know, I wasn't the one that put it in, it is this one: https://www.ubnt.com/unifi-routing/usg/
They have the newer USG that are bigger. Are those any better?
https://www.ubnt.com/unifi-routing/unifi-security-gateway-pro-4/
https://unifi-xg.ubnt.com/usg-xg-8

Any better? No. They just give you more throughput and can handle higher density. Same concepts/software. If something requires more than the basic USG, I'm probably going a much different route. Ubiquiti switching/wireless is great, their security though... not so much. Maybe that will change; who knows.

@wrx7m said in Handling user AppData - Windows:

@dbeato said in Handling user AppData - Windows:

@wrx7m said in Handling user AppData - Windows:

@bbigford said in Handling user AppData - Windows:

@dbeato said in Handling user AppData - Windows:

I responded to you on another forum but basically I said was Sync bookmarks through Firefox and Chrome Sync with their accounts. For signatures copy it from a sent message.

Relying on users to log in is too much manual. Needs to be fully automated where possible.

Are you the one that creates their signatures in the first place? If not, they can copy and paste that from a sent message in a few seconds. It is way easier than creating a signature from scratch.

Edit: Also, how often do you have a system fail this bad, where copying and pasting a signature is TMW?

Unless they have multipe RDS servers

@dbeato said in Handling user AppData - Windows:

@wrx7m said in Handling user AppData - Windows:

@bbigford said in Handling user AppData - Windows:

@dbeato said in Handling user AppData - Windows:

I responded to you on another forum but basically I said was Sync bookmarks through Firefox and Chrome Sync with their accounts. For signatures copy it from a sent message.

Relying on users to log in is too much manual. Needs to be fully automated where possible.

Are you the one that creates their signatures in the first place? If not, they can copy and paste that from a sent message in a few seconds. It is way easier than creating a signature from scratch.

Edit: Also, how often do you have a system fail this bad, where copying and pasting a signature is TMW?

Unless they have multipe RDS servers

Good point. I didn't see RDS in the OP, though. Also, I would hope his RDS servers are regularly backed up (including user profiles)

RDS is separate from file services (where RDS is used at remote offices). All systems are backed up (VMware/Veeam environment). Doesn't apply to this thread though so I didn't bring it up.

@wrx7m said in DC fsmo role issue:

Yeah. This type of scenario and even worse ones are why seizing FSMO roles is a thing. In this situation, you should have just chalked up the infected DC-A as a complete loss (in terms of AD) and just seized the roles on DC-B. Restoring a DC would only be done if all DCs were wiped out.

Agreed. Restoring a DC (especially FSMO role holder) back that far is just asking for trouble.

I would seize the roles on whatever DC you want to hold your forest roles. Pick any one you like. After that, go through DNS and start removing anything with that old server. Might have to look for it in ADSI Edit as well, if it no longer exists in Active Directory.

@wrx7m said in Raised Floor budget estimate:

@coliver said in Raised Floor budget estimate:

Best option would be to get someone in to quote it out. I'm not a fan of raised floor systems I prefer overhead and if you have the space for a raised floor you often have the space to go overhead as well.

I have never dealt with a raised floor system, but I definitely don't want to crawl around if I can stand on a short step ladder instead. I had a very basic overhead ladder system installed in our server room and it is super easy to route new cables or pull old ones out.

Agreed. Though a raised floor looks much nicer, it is going to be less convenient for any maintenance. Usually aesthetics doesn't go along with convenience in my experience.

While diagnosing someone else's client server issue, I noticed vSphere power supply count shows PSUs 2-6 as healthy, 1 as failed.

Server is only capable of 2 PSUs. Any idea why it would show 6?

Currently running vCenter/ESXi 5.5, HP custom ISO.

I've been trying to find a great tool to determine where websites are hosted.

Certain sites like Web Hosting Hero, or Who's Hosting This might show a site is with Bluehost, GoDaddy, or even showing the datacenter provider such as United Layer (but not the web hosting company, such as Bluehost).

When I think I have found a good, accurate tool, I test it against clients where I know who's hosting the site. But I eventually come to a client who's on, let's say GoDaddy, and it says they are on AK Web Hosting (way off).

Anyone using a reliable tool to see where a website is being hosted?

@dbeato said in vSphere power supply count:

@bbigford said in vSphere power supply count:

@dbeato said in vSphere power supply count:

How many Host though you have in Vcenter? Or is it just one server with Vmware.

3 hosts, but the hardware status that is showing is only for the one host.

I found this:
https://kb.vmware.com/s/article/1010716
might not apply but it is where I am going to.

Hmm... appears to be a known bug then due to lack of support for certain things. Maybe it'll change in 6.7 but only an upgrade will tell.

That generates another question then... Are you using HP/Dell tools (thereby having to configure VIB with the tools being on a management/LOB VM), are you relying on 3rd party systems monitoring tools/vmware/etc?

@dbeato said in RDP to Server without Requesting Login Details:

Yes, you can use credential delegation:

Under Computer Configuration\Policies\Administrative Templates\System\Credential Delegation

Likely the culprit. Some environments this is required to be enabled; inconvenient though.

@jt1001001 said in Unifi WAP nanoHD - pre order:

Of couse, right after I just bought their Lite AP. Hmm, return and wait for these? The camo one would look cool in my garage

If you're comparing those two, I absolutely would.

5GHz has better performance on the nanoHD (866 Mbps difference... 1733 compared to 867), 2.4GHz is the same at 300.

The only one I've had to stop and think about is the AC Pro. It has 150 Mbps on 2.4GHz difference (Pro favored); so better for older laptops. But 5GHz it is 433 Mbps difference (nano favored).

I just called a number listed for Facebook, on a Facebook forum, and was told "having the ability to bypass the 6 digit PIN using logon approvals is a feature by design", which is a nice way of saying "it's a security issue that there is no work around for". Just before being disconnected from the call, I had requested that the call be elevated; no dice.

@gjacobse said in Facebook - 2FA question:

I'm about to tell everyone I have 'friended' on FB to go take a flying leap... and then delete it. all I see is crap and negative.. and I deal with enough of that now.

so - 2FA - not worth my time.

I've removed friends that just post junk. But there are plenty of other things I find worth my time, such as seeing tons of photos and videos of my nieces/nephews/events I can't attend.

Meh, whatever. I'll probably end up dropping Facebook again soon anyway.

@mattbagan said in Apple ID on Company-Issued iOS Devices?:

It took me 6 months to setup DEP and VPP. It was a pain. So many hoops to jump through. With DEP, you do not have to worry about having one master AppleID. Users can use their own. The whole point of DEP is to supervise devices better so you can clear that damn activation lock.

With Jamf we did it in about 2 hours.

@scottalanmiller said in Is RD Gateway useful?:

@bbigford said in Is RD Gateway useful?:

"I would be looking into Guacamole, but no one has requested a web client." -What does that have to do with anything? Do you want to use Guacamole, or Windows Server RDS? Now is the time you should pick one.

Guac is a front end to RDS. It's not one or the other.

Ah, I thought it could be stand alone. My mistake then.

Someone made a mistake... StorageCraft sites are all unreachable and have been for a while this morning (tried from multiple networks). Hope it comes up soon so I can troubleshoot offsite backups!

Edit: Main site is back online, but any replication/MSP portals are still offline.

Edit: Everything is back online now.

@obsolesce said in Windows Server - AppCmd crashing:

@bbigford said in Windows Server - AppCmd crashing:

@obsolesce said in Windows Server - AppCmd crashing:

What OS?

Server 2012 R2

Is it fully up to date? Did it start happening soon after a patch? Does the fist occurrence of the error line up with any installed patches?

It's fully up to date, but it's actually been happening for a very long time from what I can see. This is a system that was neglected by the previous IT provider so it's hard to say if it was ever healthy.

Also found vssadmin crashing. Found a scheduled task to create a shadow copy, which conflicts with backup software installed on the server. Not sure wtf they have been thinking after cleaning up this server so far. This one is definitely going to be redone before too long.

Backups are officially healthy; completing without error.

@dustinb3403 said in Unifi VoIP:

Now what I do find interesting is this is a Android device, so if you can install apps (you can) you should be able to install SfB and then you'd have SfB on the phone as well.

It would likely work as a secondary phone service though that is in no way associated with the SIP service you have. FreePBX etc

Using something like SfB on it might go beyond its intended use... using it for that would save on cost of buying Polycom, but if cost and quality was a concern then the client wouldn't use SfB at all.

Wondering if this solution is a weird little niche where Ubiquiti can just check a box that says "we offer VoIP".

@dustinb3403 said in Unifi VoIP:

@bbigford said in Unifi VoIP:

@dustinb3403 said in Unifi VoIP:

Now what I do find interesting is this is a Android device, so if you can install apps (you can) you should be able to install SfB and then you'd have SfB on the phone as well.

It would likely work as a secondary phone service though that is in no way associated with the SIP service you have. FreePBX etc

Using something like SfB on it might go beyond its intended use... using it for that would save on cost of buying Polycom, but if cost and quality was a concern then the client wouldn't use SfB at all.

Wondering if this solution is a weird little niche where Ubiquiti can just check a box that says "we offer VoIP".

Well this isn't a VoIP offering, its another device that takes advantage of the VoIP capabilities. These don't work without a phone system.

From the documentation I found, it looked like the USG would be able to control the devices; but I haven't looked into exactly what extent or if they are just devices with an Internet connection and an Android phone app.

At about an hour a year, I would say four 9's is acceptable.