Ok_Programmer4949

I've seen a lot of instances where updates seem to be causing the Network zone to be changed to Public causing the machine to firewall necessary ports for services like this. Worth looking on both the clients and server.

Get a list of the users and put them into an excel spreadsheet then write out all of the commands injecting each user's information in so that you don't have to retype all of that garbage by hand. Copy and paste them to the command line one at a time and wait a few seconds between each one. you technically did them all by hand using command line, and you did all of the typing without actually having to type the redundancies. There's always a technical gotcha that you can use to make it easier on yourself. That should satisfy your boss and make your job much simpler than manually entering all of the commands.

We use PfSense for our smaller clients and Barracuda for our enterprise / law enforcement clients. Barracuda is a bit pricy, but damn, it's solid as hell and do just about anything you need with it and their support is absolutely hands down, the best that I've ever worked with.

I've had more than one client keep their most important emails in their deleted box. Once one of my employees went in and completely emptied it out, the client just about had a stroke. 🤣

I would set up a Kubernetes cluster with them, that's a lot of machines, so you could have a fairly healthy/resilient cluster if they're only performing fairly simple tasks service-wise. Link to a how-to below. [https://cavecafe.medium.com/setup-homelab-kubernetes-cluster-cfc3acd4dca5](https://cavecafe.medium.com/setup-homelab-kubernetes-cluster-cfc3acd4dca5)

Start earlier and thank yourself later.

We still run across many vendors that refuse to install SQL on a VM. We find new vendors in that case.

We use Barracuda ngfw devices for our clients that require more stringent security. Specifically healthcare and law enforcement. Larger sites get an F180, satellites an F18. I have noticed that it seems to be able to do just about anything we have needed, and certainly is more feature rich than Meraki, but the learning curve is somewhat steep.

Bonjorno!

physical health is paramount. Take care of yourself, please! I use resistance bands to be able to put in a light workout on a regular basis when I don't need my hands for things. I advise you to take about fifteen minutes every two to three hours and take a short walk or find an exercise routine that you can do quickly to help you stay in shape. It takes a little getting used to, in order to find your rhythm, but it's super important!

It's the job market, it was already getting rough, then federal jobs got cut, many in the infrastructure / cyber security field. It sucks. Just finished my bachelor's to sit on a 60k student loan debt and make payments I can't afford. It sucks right now. Big time!

This is going to be a real bitch for admins of systems that rely on manually edit config files that contain SSL thumbprints that are used to authenticate for systems that are used by I don't know, say, law enforcement. Our vendor takes about a day to get changing SSL certificates out on the system that they built. I really hope they find some way to automate / simplify their current setup before this goes into play.

We used sockscap to get around the firewall and then wrote programs to launch our games. I played quake 2 in high school right in front of my teachers and it pissed them off so bad all the time. 🤣🤣🤣

OP said they were bringing it with them on flash drives.

I did this in highschool, drank a half bottle of jaegermeister and coded in assembly all night, woke up with a functional boot sector on a floppy to turn in, in the morning. Damn, I just totally dated myself. I'll see myself out now.

Several areas in Ohio really are that bad. All me how I know! 🤣

My thought would be to boot to a live linux distribution and rename the folders of that GPO's on a single domain controller and shut the rest of them down. you'll have some messages and errors and potentially some minor broken systems until you get it named back, but that should disable that Group Policy, so that you can maybe sign in to a machine that hasn't received this policy and get things back in working order? I've never been in this situation, but if the environment is virtualized, I feel like there could be a few ways around completely burning it down and rebuilding if you mounted the hard disk files as a secondary drive for another VM and make the required changes needed to break that GPO. That's where I would start anyways.