• 3 Posts
  • 344 Comments
Joined 1 year ago
cake
Cake day: June 20th, 2023

help-circle
  • Just for the sake of testing maybe try it with a oneliner:

    sudo mount -t cifs -o user=testuser,domain=testdomain //192.168.1.100/share /mnt

    Either way using the logs is the best way to check for discepancies. Also check in on the logs on the fileserver. Though idk what to advice to trace the logon stuff and trace whats making it fail.

    Just for the case that you dont know where to look in windows: eventviewer is the place to go. Which predifined filter though - simply google that.

    Wishing ya the best of luck mate!



  • Well not so much the adress of the AD server.

    It should be the domain name of your domain that you have created.

    As in Joh.Doe@CompanyWork.internal

    The part behind the @ is the domain the user is registered to and even though the AD server might be named prod-ad-001 the text should be the domain you are trying to auth towards and the share you are accessing to should obvioisly have a connection the the AD to forward the credentials and ask if Auth is positive.


  • In FSTAB:

    //192.168.188.52/media /home/shareuser/shared/ cifs vers=3.0,credentials=/home/shareuser/.smbcred,uid=1000,gid=1000,iocharset=utf8 0 0
    

    In .smbcred are the credentials. The content of the file:

    username=shareuser
    password=shicjwvfiak                        domain=192.168.188.52
    

    Should work.

    Instead of the IP put the FQDN of your Share holding Server and make sure DNS is properly working.





  • Yes. Documentation. Documentation aaaalll the way.

    You are right. In two months you wont remember the shit you had to enable/disable to make things work.

    Doing things that arent a reocurring doing should be documented. Not crazy. A basic how to set up is enough.

    Common/reocurring errors/situations? Document 'em

    Got a semi permanent fix for problem, so that it will most likely never come up again, but possibly in 5 years? Document it fella.

    You’ll kiss your past self on the head and say thanks when you have an critical ticket in 5 years and remember nothing about the doing itself but that you wrote some documentation.

    It will save your ass and possibly you might come out as the hero of the day for having a solution right away for a super nieche problem.

    I’ve making a private hosted documentation for stuff, tricks and problems i learn at work.

    I’ve had plenty of situatuons where i remembered that i already encountered such a situation yeeeaars ago at my previois employer and that i’ve written somtehting down in my personal documentation. Bam and just by a few mins I’ve got either a really good or at least a shittysysadmin-style solution that works.


  • Das sollte afaik als dienst laufen und entsprechend sudo rights haben.

    Und ja läuft auch wenn der user angemeldet ist. Man kann aber bestimmt irgendwo in der config file einstellen, ob gecheckt werden soll ob in der konsolensitzung (physikalische sitzung) jemand angemeldet ist.

    Wenn nicht, führ einfach nen patch tuesday ein. Da sollen alle ihre laptops eingeschaltet im büro lassen und um 19 uhr oder so läuft das tool und updated.

    Nie wieder manuelle scheiße. Nicht so komplex wie ansible aufsetzen und für ne kleine firma IMO ausreichend.

    Aber vllt wäre es gut zu schauen ob du updates zeitversetzt installieten kannst.

    Dunno though. Nutze das nur im homelab und da isses mir egal. Was kaputt geht wird neu gemacht.


  • Möge ich dir präsentieren: Das package heißt

    unattended-upgrades

    Druff machen, config anpassen und nie wieder updates verwalten.

    Ist ein user endgerät. Die sollen zusehen ihre daten ordentlich auf netzlaufwerken zu speichern. Wenn sie das verkacken sind sie selbst dran schuld. Endgeräte sind wegwerfobjekte. Da gibts keine raid redundanz auf datensicherheit also kann sowas auch nicht verlangt werden. Wenn ein update mal was zerschießen sollte, wird halt neu installiert scheiß drauf.

    Aber somit musst du dir keine sorgen darum machen, ob du deinen gammel usern wirklich root rechte geben willst.




  • Sailing7@lemmy.mltoich_iel@feddit.orgich💻☣️😷iel
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    1 month ago

    Endnutzergeräte. Immer das absolut wiederlichste am First Level.

    Unterm Tisch krabbeln um Kabel zu verlegen ist zwar auch nicht geil, aber JONGE wie heftig ekelhaft Laptops, Tastaturen und Mäuse aussehen können…

    Und dann musst du als Fieldservice dude die teile auchnoch bedienen…

    More than happy, dass ich mittlerweile kaum noch was mit den Endgeräten am hut hab.




  • Well then, lemme give you something more specific to look into:

    Most Android Phones kinda hide the option to turn the Work-Profile on. But it is implemented at the core of android and should really be available on any android device thats from the last 5 years.

    Once you turn it on once you will be always able to see it. And you will also get one of those buttons available in your notification center. Just like those, that turn on and off your Wifi - this one will turn on your work profile. Or off - if Off, alllll the apps installed in the work profile will be disabled completely until you enable the work profile again.

    Very handy for splitting private and work stuff - since you can just turn off work profile when you walk out of the office and wont be bothered anymore.

    Lets get to the turnings thing on part:

    You simply need one app to activate the work profile.

    “Shelter” –> this app is not on the google playstore.

    This app is in the F-Droid Store. Since this is also a new thing lemme explain this real quick. F-Droid is an store just like Google Play Store. You can download and install apps from there. It comes as an app for your device, or you can just simply browse it in the webbrowser and download the apps you want from it from there. The F-Droid Store is well known in the Opem Source Community and is the Go-To Place if you want privacy respecting apps. - I am saying this to make sure you can trust this new and to you unknown store.

    Soooo. Back to the topic. Download either the complete F-Droid Store and in this app then search for the “Shelter” app - or simply download the shelter app once from the Website of F-Droid directly. Keep in mind if you go with the downloading F-Droid route: on its first launch, F-Droid will take ~30 secs to update its repositories and you wont find any apps in the search menu. So let it stay put for a few secs before starting your search.

    To make it as less of a hassle as possible ill go forward and describe the route where we will install the app directly from the website.

    1. Go here: https://f-droid.org/packages/net.typeblog.shelter/
    2. Click download F-Droid (for the full F-Droid Route)
    3. Or simply download “Shelter” directly by looking furhter down at the latest App Versions. Scroll down one of the paragraphs until you see the Linked Text “Download APK” (or similar - i have the UI on german, so idk what exactly the text will be. Just look for “APK”)
    4. Once its downlaoding and you have made sure your browser actually downloads it (chrome warns you about downloading APKs)
    5. Click the install/open button on the just downloaded APK.
    6. It will say that the setting for enabling app installation from untrusted sources is turned off right now - and the reason why it cannot be installed.
    7. Go to your system settings and search for “sources” – it should get you right to this exact setting. Turn it on/enable it.
    8. Go back to your browser and click install again. Then you will be prompted/asked if you want to enable, that your Browser is capable of installing APPS. Accept that – later you can disable both of those settings again. On this path we only need them for the initial installation.
    9. The app should be installed now.
    10. Search for the “Shelter” app in your app menu and open it.
    11. It will prompt you lots of stuff and explain many things. Read through them. It wont take long but will make you understand how it works better.
    12. Once set up - look for the play store app in the work profile. If you cant find it - use the Shelter app to clone apps from your personal profile to the work profile - such ass the playstore, or simply install the Cisco app once in normal profile and clone it over to work. Then delete it again from the normal profile. Though i would prefer getting the playstore and getting cisco directly from there - since this way you will auto-recieve updates and such.
    13. Learn to use work apps and how to disable them (look for the previously mentioned toggle in your notification center - you might have to edit this zone to find the button hidden under those not displayed by default)
    14. At this point you can install your apps for your work profile and disable your browser from being allowed to install apps and disabling the “apps from third party sources” option all together. (Though this one only, if you didnt choose the Full F-Droid installlation path. If you chose the full install path, this option will be neccesary for F-Droid to install updates in the future)

    I hope this helps ya!




  • Sailing7@lemmy.mltoich_iel@feddit.orgich🚘iel
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    2 months ago

    Dat ist was anderes. Ihr quatscht an einander vorbei.

    Du meinst strecken, die durch einen dicken trennstreifen getrennt sind.

    Er meint den klassischen abfahrt-streifen, der meist zuvor der Standstreifen ist. Also dat, wo auch die 300m, 200m und 100m markierungen die abfahrt ankündigen.

    Und ich muss euch beiden zustimmen.

    Bei dicken streifen darf man auch rechts schneller fahren (auch wenns grad nicht so geil ist, wenn da einer mit <80kmh differenzgeschwindigkeit langfetzt)

    Bei ganz normalen streifen für Autobahnabfahrten – das sind streifen auf denen abgebremst wird. Das ist kein beschleunigungsstreifen, auf dem das in ordnung ist. Hier is nix mit rechts über ziehen und den streifen für ein überholmanöver nutzen.