Turns out that the embedded controller is defective. HPE has a tech arriving today to replace the defective part.

@Pete-S said in Blind swap / automatic rebuild on linux:

@travisdh1 said in Blind swap / automatic rebuild on linux:

@Pete-S said in Blind swap / automatic rebuild on linux:

@travisdh1 said in Blind swap / automatic rebuild on linux:

@Pete-S said in Blind swap / automatic rebuild on linux:

I often see that the argument for using hardware raid is to be able to initiate an automatic rebuild by just swapping a faulty drive for a new one.
A lot of people assume that software raid can't do that. But that's incorrect.

Software raid on linux (as in md managed by mdadm) can do the exact the same thing.

It's under policy and partition policy in mdadm.conf. You'll find on the man mdadm.conf page.
The spare-same-slot option would be the one that works the same way as hardware controllers usually do.

I haven't used it myself since I prefer to initiate the rebuild myself. But I wonder if you guys have used it?

I don't think blind swap is about automatic rebuild, that's a given no matter what software/hardware RAID is running. It's more about seeing the light is red instead of green on drive 6, so you know that is the one to replace.

The only example of not having that available, that I can think of, is https://www.45drives.com/

I don't know man.
A typical SMB would have no monitoring and any server would be stuck in a closet somewhere. Nobody would notice any red lights until several months later or until something breaks and then they'd have no clue what to do about it, wouldn't know who to call and wouldn't have any idea if the server even has warranty (it never has). A spare drive wouldn't be available unless it was an old discarded drive left on the shelf from the last time something was replaced.

While probably true, that doesn't really have anything to do with blind swap.

I'm just saying those that have their server park under control doesn't really need any LEDs. And those that really needs it, doesn't look at it.

But it would actually be a small thing to make a script that would indicate faulty drives. You look at /proc/mdstat and any drive showing a _ instead of U is lit up on the drive bay. It's controlled by SGPIO or SES. That's how the raid controller does it.

I thought MD was already capable of performing this. . .

@scottalanmiller said in MS RDS: How Do You Reset Device License Assignment:

@Dashrender said in MS RDS: How Do You Reset Device License Assignment:

@DustinB3403 said in MS RDS: How Do You Reset Device License Assignment:

Device licenses are held for 90-days, you should be able to force an expiration from within the license manager.

I knew about the 90 days, didn't know about an ability to force expiration though...

You can but it is quite limited. You can't expire willy billy. You only get a few expiry chances per 90 days.

Correct, 20% of the total license count iirc.

@VoIP_n00b said in Virtual WAF:

@Jimmy9008 Why not add "Free" to the title?

Why not read the entire topic?

@Jimmy9008 said in Virtual WAF:

@Dashrender said in Virtual WAF:

@Jimmy9008 said in Virtual WAF:

@VoIP_n00b said in Virtual WAF:

Cloudflare Pro has a WAF but it's $20/month.

I don't think that would be a direction we would use. I like CF but it just wont happen here.

They can't afford $20/m to protect this? does whatever they are doing even make sense to do?

Currently correct, no budget for this. What they want to do makes sense for them, but not for an IT perspective. The applications are demo environments which are shown to potential customers. We have many of these environments to demo the solutions globally.

The product team have decided they want to cut their budget this year and have cut out the WAF which sits in front of their demo applications. I believe they had some form of Citrix solution which sat in front of the webservers to do the higher layer checking like XSS/SQL Injection and stuff like that. Due to their decision, this now sits with IT.

Essentially, this is not in the IT budget and it is rigid. So most likely will be until 2022 until any budget is allowed at all for this. Crazy I know.

Hence, wanting something between the internet and their now less protected application at no real cost. ModSecurity or something like that looks like a good start.

Well reducing costly systems makes sense. If this tool works for you and adds a nominal technical cost to setup and maintain it makes sense if you have the expertise to setup and run this internally.

It's a soft cost rather than a hard cost (time and materials) vs some $ per month.

Best of luck

@VoIP_n00b said in Access 2003 in a 2021 World???:

https://erpnext.com/open-source-manufacturing-erp-software

Have you used this or are just making a generic google search for an open source ERP? I've heard of this one, but haven't used it.

To test and validate if something like this would work would require a large investment (any ERP move would in this case) and without really understanding the business processes wouldn't I recommend anything (far to many unknowns).

My JobBOSS comment above is pointing out that getting an ERP to work the way the business needs is just that, it takes a lot of effort (and money) nothing off the shelf is going to work the way a business has operated for who knows how long.

@Carnival-Boy said in Access 2003 in a 2021 World???:

Even with an established software house you're entering in to a very committed relationship. You're relying on one company for modifications, fixes etc for years to come at an unspecified cost.

Like with any Microsoft Product?

@dafyre said in IT Quotes I Like:

We need to quit asking people "How stupid can you be?"... Some folks are taking that as a challenge.

-- Can't remember where I heard that from.

From ERCOT's leadership.

@dbeato said in Active Directory - User Attribute RFID/HID Badge:

@DustinB3403 said in Active Directory - User Attribute RFID/HID Badge:

The vendor finally got back to me with the below 2 links. . .

https://www.windowstechno.com/how-to-create-custom-attributes-in-active-directory/

https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/user-provisioning-sync-attributes-for-mapping

Why couldn't the vendor just say that custom user attributes would be required?

Hahha, makes sense

It's really insanely poor customer service that

1) You as the vendor don't have this documented for ready access 
2) It takes 3 weeks of calling the vendor to get this information from the vendor
3) That the vendor doesn't even have their own cleaned up copy of this requirement listed in their documentation...

@wirestyle22 said in Sell the business??:

@siringo said in Sell the business??:

I am the sole support person for a medical clinic business. I've been supporting them for around 7 years.

When I started it was a simple 2 server business with 1 external site and in house Exchange.

Now they have 7 sites and all the things that go along with that.

I'll be wanting to get out of this IT game in about 4 years & spend my days on the beach.

So the question is, how do I go about finding someone to take over the support of this client without doing myself out of a job & income before my beach days arrive?

It's not just about trying to find an alternate support solution for what happens in 4 years, it's for now mainly, due to me being the only person who knows their entire IT setup. If I get hit by that bus, they will be in trouble.

The business has sites in rural areas which from time to time will require on site visits, so more than online only support will be required.

Should I sell the support service as a business? If so, how do you work out what it's worth?

Just interested to hear the thoughts of others.

I'd probably create as much documentation as humanly possible and hand it over to an MSP that you vet. Getting rid of the single point of failure (you) is important. Your documentation is what dictates how smooth the transition will be.

Using something like Bookstack would very likely make this super easy too.

@wirestyle22 said in Ipad guru/ Site connectivity issue:

@DustinB3403 said in Ipad guru/ Site connectivity issue:

@wirestyle22 said in Ipad guru/ Site connectivity issue:

@scottalanmiller Can't you rate limit the guest network and use QoS to mitigate at least a portion of this?

I don't see any options to limit the wireless performance, you can limit the bit rate (for high density environments) but that could cause other issues with other devices.

As for QoS, that doesn't fix the issue of devices being dropped from the network.

wouldn't packet loss be the cause of devices being dropped? I'd think QoS would at least stop the businesses devices from being dropped, no?

Not in this case, because if the APs are being overwhelmed with to much traffic, they are just dumping all traffic and starting over.

@Mario-Jakovina said in Another RDS server?:

Does it mean that in my case (4-core CPU) VM should use only 3 vCPU even if it is only VM on the host?

Generally you don't want to match 1:1 because the management interface (vmware exi, hyper-v dom0, XCP-ng etc) all have some overhead.

I don't believe there is a mass restore function. You'll likely need to do something like this through the cli.

https://help.nextcloud.com/t/mass-restore-files-from-recent-version-or-find-all-files-with-0-length/78741

Libre office works well to, especially if you have additional needs besides just appending.

@wrcombs He's facepalming the fact that someone, thought adding APs (regardless of settings) would fix the issue.

In particular the fact that these are so close together.

@dafyre no, the label changes, week 1, week 2 etc.

The reason for wanting for check in some duration (5m) is because apparently these people can't be bothered to actually swap the drive every week.

So, eject the drive, and check in 5 if the disk uid is still around and reconnect

@pete-s said in Ha-lizard on the XCP-NG 8.2 in 2021. Progress of my deployment:

@dustinb3403 said in Ha-lizard on the XCP-NG 8.2 in 2021. Progress of my deployment:

@fabiorpn said in Ha-lizard on the XCP-NG 8.2 in 2021. Progress of my deployment:

So we are betting on this solution. We are hopeful.

Quoting this again, so you don't need High Availability, you just need near HA, 99.9% uptime. Use Continuous Replication, I assume you've installed Xen Orchestra to administer these hypervisors, correct?

If not, see my github

I was thinking the same thing. The only thing is that there is no fail-over mechanism in Xen Orchestra for this right?

So if one host fails, you have to start the replicated VMs on the other host manually. Is that correct?

You're asking "how do we ensure the system is running" and the challenge to that is even with HA, the Host doesn't know that the guest is actually hosting services, it just knows that it's powered up (or attempting to start).

The services this guest is providing (and if its running or not) is something of a fuzzy situation.

You can get the guest to automatically start on the remote if a host goes offline by enabling HA (auto start) with best effort for the pool.

But this is again a "fuzzy" situation because running to the Host means "I see it has "power" so it must be running."

Running to your users means "I can access the services this system is hosting." Your mileage may vary...

@pete-s said in Ha-lizard on the XCP-NG 8.2 in 2021. Progress of my deployment:

@dustinb3403 said in Ha-lizard on the XCP-NG 8.2 in 2021. Progress of my deployment:

There are too many unknowns to solidly answer this, but the two options I would be looking at would be CR or just a standard pool with HA turned on for the VM's.

But you need shared storage for a standard pool with HA. So either your have a SPOF in which case HA doesn't really make sense or you're back to finding some kind of hyperconverged solution.

Or do you mean to restore the VM from backup on the second host?

With many HA systems you still have a single point of failure, the SAN. . .

A converter is the best thing I've used, we used this at my last position, but its only 100M and 1080p.

@stacksofplates said in Managing Publicly hosted Linux Servers through Cockpit:

@dustinb3403 said in Managing Publicly hosted Linux Servers through Cockpit:

@stacksofplates said in Managing Publicly hosted Linux Servers through Cockpit:

@dustinb3403 said in Managing Publicly hosted Linux Servers through Cockpit:

@stacksofplates said in Managing Publicly hosted Linux Servers through Cockpit:

There's a big movement now around SBOM with tools like in-toto, SPIFFE/SPIRE, TUF, and a lot more. We are working with gov't clients and they are headed towards requiring SBOM information for each release.

It's been mandated that software now include a SBOM (see my recent post in IT news).

Yeah but that mandate is only for open source (for whatever dumb reason). I'm all for SBOMs for open source software, but it's ignoring the fact that the issue has historically come from closed source software. An SBOM is much less effective when you already have access to 99% of what's included in the product.

Well it mentions open source specifically, but also targets close source

Ah I read the first part. It made it sound like it was only open source.

Not that anyone but the US Government will know what is actually included in any specific closed source software