@siringo said in windows based FREE imaging app:

@notverypunny said in windows based FREE imaging app:

@siringo said in windows based FREE imaging app:

@dashrender said in windows based FREE imaging app:

It's not windows based - but Clonzilla does what you want, and you can figure out the script/command line for it too.

Does clonezilla run off a usb stick?? I need something that doesn't require a network.

Yes, I can't recall if you can have the image repo on the bootable media since it' been a while, but it's definitely an off-line option. When I was using it the USB sticks I could afford weren't big enough to hold an image so it was a USB to boot and an external HDD for the images.

Yep, sounds like what I'll do.

They've released a Lite version so you don't need a server anymore, runs off a USB. I'm checking it out now.

I think you're looking for the live version: https://clonezilla.org/clonezilla-live.php

From what I'm seeing, the Lite version looks like it still wants to use a network source as the image repo.

@stuartjordan Are they truly built-in or does it still require a linked onlyoffice or collabora install?

How about this month's updates that sent 2 of our DCs into a wonderful boot loop first thing this morning...

@stuartjordan
Yeah, the fix was pushed yesterday evening from what I can see and is working great this morning.

So far I love it, the only thing that I would change is have a SN check or some other validation to avoid duplicating objects if the agent is uninstalled and re-installed.

Few techs using it in our setup (less than 5 concurrent at any given time) but should be something north of 500 devices. Actually trying to clean things up this morning as I messed things up with some scripting from our main inventory and deployment system.

What about using a refurb (or new) full tower with 2 or 4 drives and a simple server OS install (Ubuntu, Fedora, opensuse or a more focused system like rockstor, freenas etc etc). That way you've got easily replaceable commodity hardware and eliminate dependancies on proprietary HW and probably reduce the timeframe for availability / application of software patches and security fixes.

With it being for a school, are you able to get discounted education pricing?

So FWIW, my previous gig (changed 3 weeks ago) was full on VDI for the office workers.

Without getting into anything that could risk confidentiality here's what was working and was being built on....

Citrix VDI infrastructure (Netscaler, storefront, director etc)
Non-persistent VDI
Nutanix hosts (clustered) with their AHV hypervisor
User profiles managed with Citrix Profile management on dedicated profile servers

There's much more detail that could be explored, but those are the main elements of the 3rd iteration of VDI.

Not sure if the option of Windows / Azure / cloud VDI makes sense unless your workload is in the could as well. Assuming that the main reason that you need / want VDI is to keep the endpoints near your ERP or workload so having the VDI off-site would defeat the purpose and probably cost an arm and a leg.

Wondering what the overall opinion(s) are with regards to ZeroTier and information security / confidentiality when using a hosted controller.

I've had cursory discussions with other IT folks in the past and they seemed to be wary of ZT with regards to confidentiality and information security because:
-- Point 1 - ZT, in their own docs claims to basically emulate a L2 switch
-- Point 2 - L2 switches can be sniffed via span / mirror ports
-- Point 3 - As an IT pro you wouldn't connect your endpoints directly to someone else's L2 switch without due-diligence / NDA etc etc etc legalese necessary for colo and datacenter setups due to Point 2

They (ZT) also make the claim that data is E2E encrypted, "and can't be read by roots or anyone else"

An option that nobody has mentioned is doing split-brain dns for your WSUS.

Assuming that you've got a domain, setup something like updates.company.com with the appropriate security and forwarding externally and the necessary entries on your internal Windows DNS. Make sure that everything is setup with SSL and you're golden. So if the folks are out of the office, they'll still be pulling updates from your WSUS server, under your control. Hell, depending on how your firewall handles hairpinning, it might be best to forget about the entries in the internal DNS and just have everyone connect to the public IP, eliminating any instances of it having to deal with VPNs.

If you're starting from scratch I'd suggest taking a serious look at leveraging TacticalRMM (or something paid if you really want to spend money) instead of WSUS. (As mentioned by others)

If you do have to go the WSUS route for whatever reason(s) make sure to automate the maintenance scripts that microsoft references / provides in their online documentation. Why they don't integrate those scripts into the core product is something that I'll never understand but hey, they're making $$$ and I'm just a sysadmin.

@scottalanmiller said in Tactical RMM:

TacticalRMM is no longer completely free. It's open source, so I'm not completely unhappy about it. But it is at least $50/mo for full functionality (unless you alter the code yourself to disable the fee... which they even say that you can do.)

https://docs.tacticalrmm.com/code_signing/

I don't think that the code-signed agents were ever available free of charge....

@scottalanmiller said in Website down, but only for organization Network:

@dafyre said in Website down, but only for organization Network:

The website goes down, or appears to for about 5 minutes. Hosting Provider assures me there is no PHP issues and everything looks to be in order.
Tricky thing is, if I take my phone off of our organizations WiFi, the site is still operational. In fact, the site never really goes down to the rest of the world.

Putting these two things together, I'm going to say it's almost certainly Fail2Ban. I bet something on your network is sending a bad password automatically and causing an auto-ban for a few minutes,.

Could be a password, could just be some of the actions actions that your editor / editing is performing that are triggering rules, depending on what the setup is like on the other end. See if they can either whitelist your corp IP(s) or tune out the false-positive rule.

@Saba

Without knowing more details: https://www.supergrubdisk.org/

Anyone have any thoughts / recommendations / experience with regards to keeping tabs on an OT environment? The only thing that seems to be out there from a discovery and management perspective seems to be OT-BASE https://www.langner.com/

Does anyone know of any alternatives beyond a network scanner and some spreadsheets?

@scottalanmiller Yeah, it all depends on what kind of effort is going to be put into setup / maintenance / use.... also might be just a regulatory checkmark that has to be satisfied.... The comment about graphing is what got me thinking about the "why" and that a monitoring solution like Zabbix might be more in line with what would actually be appropriate.

@scottalanmiller FWIW they (BeeLink, don't know model) were being seriously looked at for digital signage controllers at my previous employer. Don't know how far they went with them but if they're competing in that space then the reliability should be decent as they wouldn't get any traction if they were causing issues and warranty claims on signage (boom truck and signage installer calls aren't cheap)

I know that there probably aren't too many folks on here using the full MS security platform but I figure it's worth checking in.

For the life of me, I can't get the below Attack Surface Reduction rules to apply, regardless of the method... Is there some sort of spell, incantation or sacred offering that must be performed for this to work?

As usual, Microsoft's "documentation" isn't exactly straightforward and direct. I tried configuring via the custom MEM OMA-URI method this morning, I'll have to wait until Monday to see if it's actually going to take this time. I've already got the same restrictions set via Endpoint Security with no success.

We're still in a hybrid AD scenario, so I could technically try to use GPO, but we're trying to do as much via Intune / cloud as possible.

Any known issues that folks have come across with this stuff?

@Mario-Jakovina said in Todays' replacement for Teamviewer:

@gjacobse said in Todays' replacement for Teamviewer:

@Dashrender said in Todays' replacement for Teamviewer:

are you needing a free solution?

I wouldn't expect Teamviewer to give you unattended access for free. Heck they start nagging and possible disabling the use if they see you abusing the 'free' option.

This is for a 70+ year old club member for his own personal use between his laptop while in Florida and his home computer... so needs to be super simple and reliable and repeatable and - yea... free. And stupid simple.

Then try Ultraviewer: https://www.ultraviewer.net/en/

EDIT: It is free to but it has some ads.
Also, I'm not sure whether the free license allows you to wake up system if it goes to sleep.

Honestly doubt that any solution will be able to wake the remote machine if it's in sleep and it's the only client on the far end. The products that I've used or looked at usually rely on another "awake" node at the same site to send WoL. If it's just the 1 machine in FL and 1 machine at home, there's nothing available to kick the sleeping machine... Unless there's something that I'm missing?

Don't know if anyone else here uses or supports GLPI, but I upgraded our install and there's a bug in the automatic migration when installing the GLPI Inventory Plugin.

Specifically, associating SNMP creds to a network range wasn't working, so SNMP-based network discovery and inventory went titsup (Total Inability To Support Usual Performance)

https://github.com/glpi-project/glpi-inventory-plugin/issues/112#issuecomment-1130072974

^^ This was the fix for my setup.

Am I imagining things or did Windows licensing at one point allow for use of a virtual environment on top of the physical install? If this is (still?) the case, would a W10 install in vbox do the trick?

Don't know if anyone is still looking for other options, but I had looked at these guys before and it seemed like a decent product:

https://horizondatasys.com/rollback-rx-time-machine/rollback-rx-home/

They've got a pro version as well as a deepfreeze-like product that automatically reverts to a saved state when the machine is rebooted.