This is an automated archive.

The original was posted on /r/sysadmin by /u/DoorDelicious8395 on 2024-01-23 15:57:23+00:00.

We have a on premise smtp relay server(postfix) that is used to route emails from our ERP system and various printers to the internet. The relay is setup to forward all of our emails to our exchange online smtp connector using ip auth. Well today exchange is replying to all emails with 550 5.7.1 Service unavailable, Client host [xx.xxx.xxx.xxx] blocked using Spamhaus. To request removal from this list see https://www.spamhaus.org/query/xx.xxx.xxx.xxx Our ip is owned by comcast but is an enterprise plan.

Does anyone have any recommendations on getting around the ip blacklist so we can forward them to our exchange connector?

Update

I opened a case with Comcast and the technician told me that he had 5 of these cases open this morning with the exact same issue. He mentioned that it was an issue on their end.

Either way I should move away from IP auth in exchange as there are more secure alternatives. Thank you everyone for the suggestions.

This is an automated archive.

The original was posted on /r/sysadmin by /u/TheJesusGuy on 2024-01-23 15:56:46+00:00.

GPO is running as computer configuration>Preferences>Windows settings>Files. Source is a Shared folder on the DC with Full Control on the share and NTFS permission for Everyone, Domain Computers, and Authenticated Users. They also have read access in the GPO itself. Destination is C:\Users\Public\desktop, but I've also tried variables. GPO is targeting Workstations OU with several working GPOs in. gpresult /r shows policy as targeting correctly. I've also tried sharing it as above but from our file server, same issue.

Group Policy object did not apply because it failed with error code "0x80070005" Access is denied. This error was suppressed. Event ID 4098.

Any help?

This is an automated archive.

The original was posted on /r/sysadmin by /u/alexferraz on 2024-01-23 12:14:40+00:00.

Hi, fellow sysadmin.

I work in a relative big company with around 6k office users and the thing which is driving me nuts currently is users complaining about every little micro degradation in their MS Teams call they have in office, and saying at home is much better.

We’re talking with some IT service providers and seems like it is a common issue. Here we already changed everything that both cisco and microsoft recommend and still can’t deliver the same experience the user has at home, not sure if it’s even possible, but the company execs think it is.

Are you guys facing similar issue? And if yes, could you gentle share how are you are tackling it?

What did improved a lot for us was changing internet egress to local, but still not the same experience the users have from home.

Thanks in advance for the attention here!

Cheers and happy 2024!

This is an automated archive.

The original was posted on /r/sysadmin by /u/learningdevops on 2024-01-23 12:09:07+00:00.

Curious for smaller organizations that don't have all the bigger tools at their disposal or have a very small dev team.From what I understand, managing vulnerabilities is usually pushed to the back burner (understandably so) or automated and not something people particularly want to think about when they have a product to deliver. We are trying to ideate something in this area, specifically the workflow of what happens after a scanner has been run. Does anyone care to share answers to these?

1. How do you stay on top of vulnerabilities (CVEs) in your environment(s)?
2. Is this something done regularly or adhoc or only when necessary?
3. Who is responsible for this process? Is there a dedicated person or is it put on someone else's plate?
4. What tools are used for managing this process?
5. How much time and effort does your team invest in researching and prioritizing vulnerabilities?

Posting this in different subreddits to get all types of answers from people in different adjacent roles :) enjoying reading all the different answers, please keep them coming!

EDIT: we are working on an MVP type of service () to tackle this- where we take the headache of figuring out what to update and which vulnerability to prioritize specific to one's environment - it's a human expert over 20 years doing this. We know we cannot scale going like this but our intention is to get feedback and understand this problem better- how much time does this tedious work (if you aren't automating) really take? is this something you'd rather not have to do? etc etcIf you have any feedback regarding this MVP or even the landing page- please feel free to dm or share here! We are looking for users for a closed beta at the moment and if you think you'd like to try out such a service- comment below!

This is an automated archive.

The original was posted on /r/sysadmin by /u/cisco_bee on 2024-01-23 15:40:38+00:00.

First off, I'm one of those "inbox zero" type of people.

How do you all utilize the quarantine? If something is an actual threat, do you delete it? When you delete it, do you "temporarily" delete it (the default) or check the "Permanently delete" checkbox? What happens when you "temporarily" delete it? This seems weird to me.

I think my reluctance/confusion comes down to the fact that as a rule I don't "delete" anything. I like data. Additionally, the column "Release status" throws me off. It always says "Needs review". I would expect to be able to say either "Yes, release" (In which case it's gone) or "I have reviewed this and it should not be released". But you can't. It's either "Needs review" or it's not there. Is this status just useless or am I completely missing how to use this tool?

This is an automated archive.

The original was posted on /r/sysadmin by /u/adidasnmotion13 on 2024-01-23 15:40:19+00:00.

Is anyone else using Office 365 experiencing this or is this only happening to us?

This is an automated archive.

The original was posted on /r/sysadmin by /u/Techman2k on 2024-01-23 15:38:59+00:00.

Hopefully the correct sub.

Certificate guy is on leave and we have to update the Web Server Certs.

Can anyone advise what file type a web server template is or how to create?

I have the PEM files and converted to PFX using openSSL as per rough instruction but this is not the correct template type.

Can anyone advise?

This is an automated archive.

The original was posted on /r/sysadmin by /u/neuroticelite on 2024-01-23 15:38:32+00:00.

Hello!

I worked MSP for 10 years before transitioning to an internal IT team the last year and we really need a simple ticketing/project management system and am looking for recommendations.

Before I get into the details I need to stress how simple the product needs to be that we're looking for. We just need something that provides a glance (board) where we can all see active projects and tickets and leave comments as we have updates. The team is just 3 members and we've still worked efficiently without a ticketing system by just working closely together. Projects that last more than a few days have been rare, but are ramping up recently hence this need.

Just some notes on ones I've worked with and why I'm skipping them.

• ConnectWise - Worked with for 7+ years. This is the exact "type" of system we're looking for, but it's way too robust for what we need.
• AirTable - We already have this internally for our marketing team, but again just not the type of product we need.
• Jira - Have internally for our development team, same issue as above.
• Microsoft Project - Seems OK, but haven't found a way to have an accessible glance/board for the entire team without manually sharing each project or ticket?

Thanks!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Cranapplesause on 2024-01-23 15:28:32+00:00.

Hello All,

I am trying to create a working Archive Policy in Exchange Online.

We want users to choose their Archive policy and not force any Archive period on the users.

We have attempted to create two different MRM Retention Policies.

• The first one is set with the following tags:

1. A Tag for the entire mailbox (DPT) with a archive setting of NEVER (This setting will disable the retention action)
2. Seven Personal tags. (Each is for years 1 through 7)

• The second one is set with the following tags:

1. ONLY seven Personal tags. (Each is for years 1 through 7)

• I was not sure if the issue is that the (DPT) from the first one is just disabling the entire archive process. So I built this MRM without a Default. Still nothing.

I can confirm that a stand alone DPT will function with an Archive period set as default, but this removes the power from the users.

I am changing my Retention Policy under the users Mailbox to the MRM I am testing.

I am Connecting to Exchange Online with Powershell. Connect-ExchangeOnline

I am running Start-ManagedFolderAssistant -Identity XXXXXXXXX after each Archive Policy change.

I am setting polices under OWA.

I opened a ticket with Microsoft and the guy told me to just use DPT... Then when we confirmed that DPT worked, he said he was going to close the ticket. I told him no because the personal isn't working. Which I am guessing he has no idea how to fix it. I am thinking of just closing the ticket and opening a new one. Roll the dice and see if I get someone better?

This is an automated archive.

The original was posted on /r/sysadmin by /u/bashb0y on 2024-01-23 15:22:59+00:00.

Hello fellow Admins,

is anybody experienced with shared workspace/desktop solutions.

We are implementing a shared workspace solution in which employees have their own end devices (mouse/keyboard/headset). These are to be connected to static thin clients via Bluetooth. Ideally, the user does not have to pair the end devices every morning at their new workstation.

We use NoTouchOS for our Devices.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Koen1997NL on 2024-01-23 15:16:49+00:00.

Hello,

My name is Koen and I am responsible for Microsoft 365 in my organization. I have the following problem.

We are using Windows laptops, with an Microsoft 365 installation. The mobile phones are all iPhones.

We are using the GAL for company-specific contacts. Our users can copy the GAL data to their personal address books, so they can keep a copy of it in their phone. But after a period of time, most of the contacts have been duplicated (multiple times).

So when you are getting a call from John Doe and he has multiple contact entries in your phone, it shows John Doe and xxx others. It also messes up Bluetooth vehicles of ours, because it cannot take so much contacts.

The contacts are added from the Microsoft 365 > Outlook app.

Does anyone know how I can solve this problem?

I already found this article: Duplicate Outlook contacts appear in iOS Contacts app - Exchange | Microsoft Learn but this only acknowledges the issue instead of offering a solution

Any kind of help will be very much appreciated!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Project__5 on 2024-01-23 15:01:24+00:00.

I'm familiar with using Entra AD (Azure AD) to review sign-in logs. E.g. if a user fails conditional access policy, looking up the Request ID from their error message in the sign in logs to gain more information.

I'm assisting a vendor log into our Azure DevOps site (https://dev.azure.com/[ourOrganization]). Everyone logging into this is using an Entra AD account managed at our tenant.

The problem is, I'm not seeing any logins getting logged ANYWHERE. I have a vendor failing to log in, he gives me the Request ID from his error message, but that ID is nowhere to be found in Entra. Everything else BUT DevOps logins seems to be getting logged just fine.

I have tried enabling auditing in DevOps, but shows auditing for object changes, not logins. I have confirmed DevOps is linked to our tenant.

Where can I find this information or where can I troubleshoot failed login attempts for Azure DevOps?

Thanks.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Jusan999 on 2024-01-23 14:57:17+00:00.

Hi everyone, I'm new to the community and had a question. I'm currently studying system administration and for my final project was thinking about making a plug and play firewall, mainly marketed to homes and small shops maybe. I know some already exist, but I haven't seen any that really seem useful or don't plain out steal your data or slow your network too much to be worthy.

If anyone knew of any I could check out or any recommendations on how to do this, please leave a comment it would help a lot.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Intelligent_Ad3362 on 2024-01-23 14:52:46+00:00.

Hello Reddit Community,

I hope you're all doing well. I'm currently facing the challenge of running a PowerShell script via Task Scheduler and wondering what the minimum permissions required for successful execution are.

So far, I've only been able to execute the script successfully as a domain administrator. However, I'd like to grant only the essential permissions to adhere to security policies. I'm seeking information on the specific permissions needed to run the script properly.

The script involves actions such as gathering information on Remote Desktop Sessions. Could you please share insights on the exact permissions required for Task Scheduler to successfully run the script without needing extensive domain administrator rights?

Thank you in advance for your assistance!

# Verification

$Date = (Get-Date).AddMonths(-1).ToString('MM.yyyy') if (-Not (Test-Path "C:\Scripts\RDS\Archive\RDS $Date.csv")) { if ((Get-Date).Day -eq '1') { Move-Item -Path "$pathForCsv\RDS.csv" -Destination "C:\Scripts\RDS\Archive\RDS $Date.csv" Move-Item -Path "$pathForCsv\RDSNamen.csv" -Destination "C:\Scripts\RDS\Archive\RDSNamen $Date.csv" } }

Get our FQDN

$ourname = "$env:COMPUTERNAME.$env:USERDNSDOMAIN".ToLower()

FQDN of the Active Management Server

$rdsMgmtServer = (Get-RDConnectionBrokerHighAvailability | Select-Object -ExpandProperty ActiveManagementServer).ToLower() $rdsMgmtServer if (-Not ($ourname.Equals($rdsMgmtServer))) { Write-Host 'Error: The Remote Desktop Services deployment is not present on "cb1.company.co.at". This operation can be performed after creating a deployment.' exit }

Array with all collections to query

$collectionArray = @("Collection1")

Get current date and time

$currentDatetime = (Get-Date).ToString('dd.MM.yyyy HH:mm:ss')

Path for CSV

$pathForCsv = 'C:\Scripts\RDS'

Actual CSV names

$csvCount = "$pathForCsv\RDS.csv" $csvNames = "$pathForCsv\RDSNamen.csv"

foreach ($collectionName in $collectionArray) {

List of all currently logged-in users

$rdsUserList = (Get-RDUserSession -CollectionName $collectionName -ConnectionBroker $rdsMgmtServer).UserName

Number of currently logged-in users

$rdsUserCount = $rdsUserList.Count

# We now save individual usernames to the $csvNames file
foreach ($username in $rdsUserList) {
    $namesText = "$collectionName`t$currentDatetime`t$username"
    $namesText | Add-Content -Path $csvNames -Encoding UTF8 -Force
}

# Composition of the CSV file `t indicates tab
$countText = "$collectionName`t$currentDatetime`t$rdsUserCount"
$countText | Add-Content -Path $csvCount -Encoding UTF8 -Force

}

This is an automated archive.

The original was posted on /r/sysadmin by /u/Alzzary on 2024-01-23 14:31:39+00:00.

Hello there !

I am the sole IT for a 100 users law firm and our baseline policy is that all sharing websites such as Box, Dropbox, Google Drive, etc are blocked by default, mainly for security reasons.

However, it regularly happens that I must allow exception because clients and third parties use that medium, even though we have our own file sharing solution, and so I constantly enable and disable exceptions for these cases.

I was wondering if there were more efficent ways to manage this ?

I am using a FortiGate for web filtering / application control.

At first I thought about developping myself a small Outlook addin that would interact with the FortiGate's API with a small input for URLs, so I'd just enter a link and it would push the URL to the FortiGate, changing dynamically the rule, but it seems that unless you have a subscription with Fortinet's developer network, you can't get an API key to begin with.

Any better idea on how to handle this ?

This is an automated archive.

The original was posted on /r/sysadmin by /u/tperondi on 2024-01-23 14:28:51+00:00.

Hi everyone,

I have a dilemma at work today. One of our customers has asked us for a specific type of GPU for machine learning operations to be installed in their ML350 Gen11. HP officially supports only a few graphics accelerators that are out of the budget for this project. Has anyone of you ever tried to install non-officially supported video cards on these servers? Unfortunately, since they are relatively new models, I have found very little information about it. My fear is that HP may have inserted some hardware block that prevents unauthorized hardware from working. What do you think?

Thanks.

This is an automated archive.

The original was posted on /r/sysadmin by /u/that_afro_guy on 2024-01-23 14:24:26+00:00.

Do you know of any success stories of a company that used multiple login IDs or methods and switched to SSO?

If possible, I would like to know what the scenario was like before, what was done and the results of implementing SSO.

Feel free to point me to any documentation or site that describes such cases.

Thanks in advance.

This is an automated archive.

The original was posted on /r/sysadmin by /u/the_DOS_god on 2024-01-23 14:09:19+00:00.

I am curious about Firmware management and who is responsible for it. It seems that most places I've been at or know about nobody really updates FW on servers regularly and it always gets passed around to some other group.

So who would be responsible for that? Sysadmins? Data Center personnel? NOC? Engineers? Also if you manage and update FW on servers what do you normally use?

This is an automated archive.

The original was posted on /r/sysadmin by /u/RestinRIP1990 on 2024-01-23 13:52:11+00:00.

In an effor to reduce ntlm authentication, I have built an ELK based dash to monitor any NTLM auths in the enterprise. I was able to get rid of a lot, however one that is sticking is the print servers on the network.

The issue is as described here:

I have made this registry change organization wide, and it seemingly does not work. I have run a query on this key and it is set on every machine. I am not sure how to procede further. klist shows valid tickets for the print servers as well

This is an automated archive.

The original was posted on /r/sysadmin by /u/chewy747 on 2024-01-23 13:42:22+00:00.

We have an offline root and online sub Microsoft cert authority. We are going to be moving them to new servers with new names and new IP's. Anything special we need to do besides these broad steps?

backup cert authority database & config

export ca registry key

stop services on original

restore CA backup & config

restore registry

Do we need to do anything in DNS? Or anything else Im missing?

This is an automated archive.

The original was posted on /r/sysadmin by /u/Altruistic_Movie_997 on 2024-01-23 13:35:50+00:00.

Hi y'all,

please I have VNC service applied and installed through GPO with mst transformation for password to whole AD but on some password from mst file doesn't work so VNC is not usable.

On 70% of computers it works but on some it's only TightVNC installed but password from mst file doesn't work.

Do you know where could be a problem?

Thank you

This is an automated archive.

The original was posted on /r/sysadmin by /u/ServiceFun7651 on 2024-01-23 13:17:07+00:00.

Hey everyone,

Could use some advice.

We are a small temp agency having 15 users. 8 months ago, I migrated from Simply to M365 for all our emails and have since then been onboarding users. I really enjoy Microsoft.

backstory: the company was run by blue-collars directors, who was great in their field, but have a very low understanding of IT.

Our COO has made a makeshift CRM in Google Sheets. It's great work (really impressive) but it's stored on a Google Drive he made with his company email. Now the whole company uses this Google Sheets system for everything: hour registration, sales calculations, and storing data.

We are growing fast, and the director is really concerned about GDPR and cyper-safety, and so am I.

My plan was to quickly fix this by buying G Suite licenses and migrating the Google Sheets system to that. Then we could control users, but I have a few concerns.

1. Can we even have both domains at the same time?
2. Dual licensing seems like a bad idea price-wise. If we are to be a big company with 500+ users, this could get really expensive.

Has anyone been in the same situation or have any idea on how to go about this?

Thanks in advance.

This is an automated archive.

The original was posted on /r/sysadmin by /u/Mario_do_agreste on 2024-01-23 12:06:48+00:00.

Hello everyone! I live in Brazil, and I'm planning to move to Europe in the next few years. The IT market has a lot of facets; however, I don't know how I can use my experience abroad. In Brazil, governmental entities need to create a technical document to make acquisitions. That said, companies interested in selling their equipment need to "prove" that they are in accordance with the technical document and the equipment's technical guide. So, basically, I work in consulting, quoting, sizing data center equipment (storage, servers, switches, backup appliances, HCI, and so on), and analyzing their technical specifications. That said, I don't manage or implement anything; I'm more of a liaison between the sales sector and a "Datacenter architect." Any tips for jobs that require these skills and qualifications?

This is an automated archive.

The original was posted on /r/sysadmin by /u/SJPearson on 2024-01-23 11:53:53+00:00.

This seems like a simple question but I can't find a definitive answer, so I'm hoping someone can advise me!

I'm looking at a single domain, all on one site. 2 DC's both server 2016 build 1607, one is standard, the other is datacentre (not that this should make any difference.)

The sysvol replication has been migrated from FRS to DFSR.

The AD is syncing correctly but the login scripts (netlogon) are only syncing changes to existing scripts not any new scripts.

The DC's have the DFS replication tools installed but NOT the DFS replication role. The onsite IT pointed out that the migration instructions from FRS to DFSR do not mention that the role is required, whereas I would think it is a requirement.

There are no errors in any of the event logs, in dcdiag, in repadmin or in the DFS admin reports.

I've added a third DC, 2019 datacenter but that is showing the same effect.

Any ideas or suggestions would be welcome!

This is an automated archive.

The original was posted on /r/sysadmin by /u/Scary-Jury1059 on 2024-01-23 11:22:52+00:00.

“Whoever wrote this code clearly has no understanding of elementary mathematics or the most basic rules of programming."

Computer weekly