Systems Administration

PFSense doesn't switch back to primary connection in multi-WAN setup

Sysadmin - 12 min 36 sec ago

If any of you use PFSense community edition in a VM, did you have the experience with multi-WAN setup to not switch back to the main line after is recovered?

I discovered that the main line even if is back online doesn't ping the monitor IP-s(8.8.8.8). I changed it to 1.1.1.1 and it has the same behavior. If I reboot PFSense the main line starts working. PFSense is up-to-date 2.3.5-RELEASE-p2.

This is not a setup problem, because it was working flawless for more than a year. Than both ISP made some changes. One of them brought a new equipment. The other upgraded the infrastructure but the IP address remained the same.

What do you suggest in this case?

submitted by /u/istvank
[link] [comments]

Say GDP-Aaargh, streamers: Max Schrems is coming for you, Netflix and Amazon

The Register - 26 min 25 sec ago
Apple and others also in firing line as complaints filed

Streaming services aren't complying with EU data protection law - namely the General Data Protection Regulation's right of access - according to a fresh suite of complaints aimed at the likes of Netflix, Amazon and Spotify.…

Sysadmin Haiku #3

Sysadmin - 29 min 12 sec ago
At work I am bored if ($today -eq "Friday"){ Write-Host "a haiku"}

I posted Friday haiku threads a couple of years ago, maybe it's time to revive it.

Previous threads: 1, 2

submitted by /u/billwrugbyling
[link] [comments]

SAP systems and infrastructure?

Sysadmin - 31 min 11 sec ago

SAP seems to be huge, I guess I haven't worked with orgs that are large enough to use SAP? No idea what SAP entails but I tried Googling a few SAP training materials online and didn't find much. Anyone care to give input on SAP and what industry uses it most?

submitted by /u/korr2221
[link] [comments]

Can not having the DNS role on a DC mess with things?

Sysadmin - 34 min 20 sec ago

The guys before me who setup our primary DC never put the DNS role on it. I always thought that was odd and not according to best practice. I think this may be causing our sysvol not to replicate to other DC's. What are your thoughts? Just trying to narrow down this replication issue.

submitted by /u/chugger93
[link] [comments]

Am I Getting Fucked Friday, January 18th, 2019

Sysadmin - 35 min 45 sec ago

Brought to you by the /r/sysadmin 'Trusted VARs': /u/SquizzOC and /u/bad0seed with Trusted Telecom Broker /u/Each1Teach1x27 for Telecom. This weekly thread is here for you to discuss pricing and quotes on hardware and services or ask software questions. Last Post: January 11th.

Required Info for accurate answers:

  • Manufacturer
  • Part Number
  • Quantity
  • Service Type and Location

All questions welcome, keep in mind that there are of course more pieces to this IT puzzle we can dig out of the box

  1. Cloud Options (Hybrid, Azure, AWS, security and storage integrations and migrations…)
  2. Server configs and quote answers
  3. Storage Vendor options, details and selection
  4. Network hardware from routers, switches, load balancing, Aps…
  5. Security - firewalls, 2FA, cloud DNS, layer 7 services, antivirus, email, DLP….
  6. Client-side: Is it a really big quantity? User equipment doesn't have major negotiations without big numbers
  7. Bandwidth - Internet, MPLS, dark fiber, carrier SD-WAN
  8. Voice- SIP, Hosted VoIP, PRI etc.

As always, PMs welcome with your questions any time, not just Fridays.

Warning: This thread is neither vetted, nor approved by the reddit administration or /r/sysadmin moderation team. All interaction is explicitly at your own risk.

submitted by /u/bad0seed
[link] [comments]

Question about RHEL support

Sysadmin - 36 min 27 sec ago

My company runs a research computing cluster that currently runs on Solaris. For obvious reasons we want to get away from anything Oracle so we are thinking about switching to RHEL. Does anyone have experience with their enterprise support? How is it? Any experiences you can share, good or bad, would be helpful.

submitted by /u/billwrugbyling
[link] [comments]

Switch port up and down

Sysadmin - 36 min 46 sec ago

I have a Cisco switch with a port that's going up and down and the device quits working until I shutdown the port and bring it backup.  

 

This is what show log returns:  

 

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/35, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/35, changed state to down shows this over and over with about a 5 minute gap between each  

 

The end device is a camera the switch port is configured exactly like the other cameras on other switch ports. Same config and same cameras type.  

 

I have switched ports, cameras, and cable all have the exact same problem with the port going up and down and the camera shutting down. Duplex settings are set to auto exactly like the other cameras; I even tried to manually set the duplex to full 100mb on the camera and the switch port but the problem kept happening.  

 

My original thought was port security was blocking the device but I removed port security settings from that switch port config and it still had the problem.  

 

The strangest part is if I keep and constant ping on the device it will stay up but if I stop the ping it goes down within 20-30 minutes.  

 

Any ideas on whats going on or some troubleshooting I can try?

submitted by /u/twisted636
[link] [comments]

symobolic links and permissions

Sysadmin - 42 min 23 sec ago

In linux, if say i have a symbolic link with no owner e.g.

lrwx... 500 501 ...... /mypath/myfile rwx ... root root ... /mypath/myfile.0

myfile is symbolic link to myfile.0 . Does it matter if I leave the unknown user and group as it is for myfile? Or should i change owner to root as well? thanks

submitted by /u/s802645
[link] [comments]

HITRUST vendor

Sysadmin - 42 min 26 sec ago

Hi, im not sure if this is the best place to post this question, but im looking for vendor recommendations to assist us in HITRUST certification. Im the Sysadmin for my company and will not be able to do this without outside help given my workload. Looking to see if anyone here has used and recommends a vendor? thanks!

submitted by /u/Liquidjojo1987
[link] [comments]

Question regarding Java subscription

Sysadmin - 49 min 30 sec ago

This whole Java subscription thing is super confusing. I just need a plain answer here, preferably with a website source for proof.

At our business, we have somewhere around 7,300 computers that have Java on them. When I say they have Java, I mean that they have the Java Runtime Environment (JRE) that you download for free from https://www.java.com/en/download/ . The newest release just a few days ago is Java 8 Update 201. If you look in Programs and Features, it'll say Java (not Java SE, Java JRE, JDK, etc). It's just the end user software that the PC needs to be able to run certain applications for the end user. We do not do any type of developing software. We normally push the Java updates via PDQ.

Under the new Java EULA, apparently starting at the end of this month, will we be required to buy a license to update these 7,300 devices, or can we still download the end user version of Java (JRE) from the website I linked above?

submitted by /u/TechNickGaming
[link] [comments]

Source Control (Git) and Why You Should Absolutely Be Using It as a SysAdmin

Sysadmin - 50 min 57 sec ago

I'm going to start with a bold statement:

If you learn Git and apply it in your daily work (where it makes sense) you WILL find it useful and you WILL be glad you invested the time learning a new and marketable skill.

Source control is all about tracking revisions and sharing changes of sets of files. The files are usually text but can also be binary, images, etc though the benefits of source control in those scenarios are somewhat diminished.

Git is a popular source control tool and for the purposes of this post Git can usually be interchanged with any popular source code management tool. Realistically the world has mostly settled on Git (Google Trends).

"I'm a SysAdmin, not a programmer! I don't write source code. How can Git help me?"

Pretty much any time you want to permanently save the state of any files with a note, timestamp, backup, etc is a perfect time to use Git.

A few examples:

  • Updates to server/application configuration files
  • Updates to deployment scripts
  • Updates to the domain login script
  • Updates to any text-based documentation

"I'm interested in learning. How does Git enhance my workflow?"

  • Encourages you to make save points in the form of commits
  • Encourages you to document and make notes in the form of commit messages
  • Encourages easy experimentation in the form of branches
  • Makes it harder to accidentally lose code (if it's committed!)
  • Metadata is automatically captured such as who changed what and when.
  • Can easily retrieve previous known-good configuration/documentation

Bringing valuable programming practices into the SysAdmin work...

Even if you're not a programmer there are valuable practices from programming that can be implemented into your daily SysAdmin life. You might think of this as "how to begin thinking like and understanding what DevOps really means in practice"...

  • Thinking about changes as "new releases of a service you provide".
    • Say you're updating the script that configures a brand new employee in your environment.
    • Do your testing/experimentation on a "development" branch
    • Once you're satisfied with your new process, merge that "development" branch into the "production" branch.
    • Immediately replace the "real" version of the script, maybe on a file share or in Task Schedule or something, with the production version.
    • You've now "released" an update to your "new employee provisioning service". You now have a changelog of the exact lines that changed on which date.
  • Being more formal about what is in development vs what is in production and being able to quickly see the differences.
    • "I think my deployment script is reliable, what changes am I actually implementing if I load this new version into SCCM?"
    • From the development branch: `git diff production`
    • "Oh yeah I forgot I added that tiny MSI install parameter in addition to the 50 lines I work on to pull the files from the right server. I'll be pushing that new MSI parameter too, good to keep in mind if there are any issues."
  • Collaboration becomes easier than emailing files or copying files to/from shared drives.
    • Each person has their local repository and can make changes locally testing whatever they want whenever they want.
    • Sharing changes involves pushing and pulling the latest changes from the server.
    • Changes are tracked and you can see who edit which lines of the file when.
      • "This line is strange and there are no comments. Lets see who added it..."
      • "Hey Bill, why did you add this line back in June?"
      • "Oh we found some edge case where if a new user had an apostrophe in their last name their username had it as well which screwed up a bunch of their access to systems."
  • More mature practices include continuous delivery concepts such as automatically updating the actual production environment when you submit changes to the production branch.
    • In the scenario of your "new employee provisioning service" you can have your central Git server trigger activity when new commits come in. One of those triggers could be "any time a new commit comes in to the production branch" and the activity that happens is "upload the Create-NewEmployee.ps1 to Z:\IT\Scripts\".
    • In a different scenario maybe you have a login script which needs to be updated. You're a 1000 person company and all of IT dog foods changes like this. When your "testing" branch receives an update it updates the "login-test.vbs" login script. When your "production" branch receives an update it replaces the "login-prod.vbs" login script.

Where you might have trouble...

Git is not always easy and some of the error messages may be confusing. My best advice is here:

  • Any time you see "origin" it usually means "the central point of truth for this repository, usually remote, like GitHub".
  • Errors usually mean you're doing something your not supposed to, or more commonly, one of these:
    • Local Repository is Behind - Someone has made changes to the branch you're working on, you need to pull their changes down to your repository before you can push your new code. Merging never happens on the server.
    • Merge Conflict - Someone has edited the files you have also edited and Git needs help settling some disputes (called merge conflict resolution). This can sometimes happen when you pull from a repository that has new changes.
  • If you are totally just screwed up it is always OK to rename the repository folder and re-clone it from the server, copy your change into the file and commit. It's not the "right way" but it's a normal and common thing for git newbies.
  • "git commit --amend" is very useful and will stop you from making pointless commit messages like "Trying new value" 20 times in a row, or wasting time writing seemly valuable but overly-verbose messages like "Trying True instead of False because False did X".

Some Anecdotes

  • Make commits often and push them often.
    • As long as your make a commit AND push it you will ALWAYS be able to recover that committed code as long as the repository exists on the central server.
  • GitHub is not Git. Git is a source control tool. GitHub is the most popular public repository hosting service unrelated to the creators/maintainers of Git.
  • As you gain more experience what you're doing will feel better and more natural. This is when you see the real value.
    • The first time you and a co-worker are working on the same file at the same time and you recognize and resolve a merge conflict you'll be like "wow, that was pretty slick".
    • The first time you and your team work together to review the diffs or changes for an update to production you'll have newfound confidence that everyone understands what is changing and why.
  • GitHub now supports unlimited private repositories for free (up to 3 collaborators). You do not need to use GitHub, there are many alternatives including self-hosted ones like GitLab (unrelated to GitHub). You also use any file share or SSH endpoint to store your repositories.
  • I personally recommend using the the git command line all the time. There are many great GUIs out there that may be more your style but it will hide some of the inner workings and why git does what it does will make less sense to you.
  • For those nitpicking, I know Git is a decentralized source code management tool. However it is almost always used in a client-server kind of relationship with a central repository as an intermediary for many developers. In the 8 years I've been using Git I have never pulled directly from another person's machine. I have simplified the explanations here since the distinction isn't really valuable to new users.
submitted by /u/SpectralCoding
[link] [comments]

Is listening for Intents batteryfriendly?

Hey i wondered if i set up a profile which listens for broadcast intents has a big impact on battery life. For example i want to monitor if my Wifi connection changes.

I could do that with a timed profile:

trigger task which checks %WIFII every 10 min or so.

Or:

wait for intent android.net.wifi.STATE_CHANGE and then trigger a task wich checks %WIFII.

I would guess the intent way is better, because with the first method running a task every 10 min does WAKE the device if im right and for the second, the Intents are send by the system anyway, so why dont catch them...???

Or does the benefit go away because tasker has to monitor the broadcast intents?

submitted by /u/bastiman1
[link] [comments]

Dell Boomi 2019 Predictions: The Year of Technology Trends Convergence

For 2019, all of these technology trends will continue to evolve, many of which will accelerate and converge....(read more)

Can someone explain Ariba by sap, punchout2go, EDI like I'm 5?

Sysadmin - 1 hour 5 min ago

I inherited a new environment that has our ERP system. We also have Ariba as a supplier to customers. Punchout and looking to implement edi.

I want to streamline a lot of things we have currently that is being manually done.

  1. Can I integrate ariba with my erp system to have the orders and PO going directly to ERP and back and forth? What can I use?

  2. Can Ariba do EDI? I can't find a clear answer from searching.

  3. can we use punchout to do what I asked above?

We currently have our erp system with customers on Ariba. I like to where the orders, PO, and invoices going directly into our erp system and back out if necessary. If there is a best practice or best way, I would love to find out more.

I know a lot of this stuff is vague is because I'm still new to all of this.

submitted by /u/itman404
[link] [comments]

Microsoft partner portal 'exposes 'every' support request filed worldwide' today

The Register - 1 hour 9 min ago
No customer data visible but hell's bells, Redmond, what have you borked now?

Exclusive Alarmed Microsoft support partners can currently view support tickets submitted from all over the world, in what appears to be a very wide-ranging blunder by the Redmond-based biz.…

What shell should I use?

Command Line - 1 hour 15 min ago

Right now, I'm using zsh. I want something a that is a whole lot more minimal. It should be POSIX compliant.

It should have a vi mode and ideally (I know that this is a stretch) I would really like syntax highlighting in the interactive shell

submitted by /u/milanoscookie
[link] [comments]

Nutanix 2019 Predictions: Cloud Architecture and Emerging Growth Areas in 2019

While 2019 will present its own challenges, we believe the future of cloud computing is not nebulous - it is bright and complex....(read more)

Pages