|
raddevus wrote: MS said it was a bug.
[rolls eyes]
"A bug".
That was something I've been able to reliably count on since Windows 2000. They just can't help themselves but to go and fiddle with things.
|
|
|
|
|
When I remoted into my Azure server this morning, I saw a notification that 'Updates were installed' and thought the same thing. Luckily I didn't have any work in progress and luckily customers aren't hitting that server when it restarted apparently at around 0400 this morning.
For Win10, I do appreciate the new little icon in the system tray that gives me some warning.
"Go forth into the source" - Neal Morse
|
|
|
|
|
I run Windows, including an older server, the same way: via VM's . To manage all Internet activity, I purchased a router/firewall that has application control capability along with normal rules blocking/allowing.
Down at the office, we have 2 such. One of the categories is Windows Updates. I can control (either block, log or both) by all machines, some machines (or none). I can also set a schedule.
For the office, we have a wireless AP for customers and suppliers. It is on a separate public IP address with its own firewall. I block all social media (farcebook and such), webmail and other stuff. Block by IP in the firewall to block streaming. Costs money, but well spent AFAIAC.
Some time back, I set rules to block outbound to every IP group that Windows used to phone home. I think it required about 8 rules. Cut back on activity. Our routers have very flexible logging capability and built in Wireshark. Won't quote any brand names because every time I recommend anything, the recommendee winds up getting screwed.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
Cool story bro.
How is this preventing updates (I do install them) from automatically rebooting a server OS, when it's supposed to wait for me to tell it to go ahead?
|
|
|
|
|
It prevents the updates, not the reboots. I can allow them when it is convenient or when I disable the rule.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
I have zero problem with blocking/allowing updates with WSUS--that's what it's for. Nothing gets installed without me approving it first. That's not the problem I was reporting.
|
|
|
|
|
Did you known the Beatles sang about coffee? "Latte Be"
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Good point, I think I will get one, or may a Tea...
|
|
|
|
|
Not unlike the Rolling Stone's diet-beverage song: "Gimme Seltzer".
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Seltzer, back in the day that would not be on their rider...
|
|
|
|
|
W∴ Balboos wrote: "Gimme Seltzer" Afterbath.
"Five fruits and vegetables a day? What a joke!
Personally, after the third watermelon, I'm full."
|
|
|
|
|
To say nothing of "I Need You", "I'm So Tired", and "Los Paranoias" (when they tried to quit).
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
We're in the process of moving everything over to the cloud.
In order to get to visual studio to do dev work, we have to VPN into the network, RDP to a "jump box", and then RDP from there into our dev environment.
While we're VPN'd into the remote network, we can't access email or a web browser on our local machine. This means we're completely cut off from communications on our own local network.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
|
That sounds exactly like what we're discussing here for even local work, I'm glad to hear it works so well and I've been wrong this entire time!
When I mentioned in meetings that the concept sounds really complicated, will be a drain on productivity due to having to log in/out of the VPN to look up references, and frustrate the developers to the point of hurting morale all I get is blank stares. It must take a government mindset to come up with solutions using such out of the box, counter-intuitive thinking.
|
|
|
|
|
We don't have access to it yet, so we don't really know if it will work, or how well. If history is any indicator, it's gonna be dog-ass slow if we can even maintain something resembling reliable connectivity.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
That's what I'm predicting will happen here if/when we ever implement the same sort of policy. Someone who doesn't have to use it will force it into place, employees will use it and complain about how bad it is with a laundry list of reasons, and finally employees will be ignored and told that is the only
option available.
The other amusing piece being discussed here is that security wants to prohibit VPNing from non-managed (i.e. personal) devices. Problem is we won't purchase laptops for everyone and we're still expected to somehow provide service any time it is needed including after hours and weekends.
|
|
|
|
|
Don't forget the part where all the good employees ragequit for saner employers within 6 months to a year, leaving the office full of Wally's and other useless sorts.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
I don't know if that specific construct will work, but I was working 3 years in something similar going to and back from India to work in a computer here and test with a device downstairs
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
#realJSOP wrote: While we're VPN'd into the remote network, we can't access email or a web browser on our local machine. This means we're completely cut off from communications on our own local network. VM.
That is on your desktop run a VM to VPN to the network to the RDP...
want to check email locally: minimise / window size the VM.
not saying this to buck the system, but sometimes you want to read your email, for instance refer a list of to-do's / bugs someone sent...
Edit: question - if the cloud is everywhere you will be working at home then? No need to wear pants!
after many otherwise intelligent sounding suggestions that achieved nothing the nice folks at Technet said the only solution was to low level format my hard disk then reinstall my signature. Sadly, this still didn't fix the issue!
|
|
|
|
|
Not permitted to run a VM on local machines.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Jeeze. Have they got any vacancies there? It sounds like the ideal place to work.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
JSOP seems to have a knack for finding these places.
|
|
|
|
|
Well, DoD dev work has always been a pain in the ass, and especially so when you dev for the USAF. The cloud crap is simply shoveling more crap in the hole.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
So putting all data on the cloud is OK, but running a VM is not ? I think someone needs a cybersecurity training.
|
|
|
|