Just checking in to say thanks for asking that question. Always had that same question as a fellow sysadmin :D

Now since i see all those ideas: hell yes. I will reach out to the maintainers of the next project that I find that could use some support and offer them my support :D

Nah you dont need a special image for the touchscreen and stuff. Check the advanced update settings for optional downloads and also give the surface app in the microsoft store a shot. It actually is not terrible for troubleshooting.

Other than that: Create your own custom image if you deeply wish to. Here is the help doc:

https://support.microsoft.com/en-gb/surface/download-drivers-and-firmware-for-surface-09bb2e09-2a4b-cb69-0951-078a7739e120

I guess the following are the modt liked:

https://alternativeto.net/software/teamviewer-quicksupport/

https://alternativeto.net/software/teamviewer/

Maybe even windows remote help tool if you got a AD with microsoft accounts. (For fat clients - thinclients mostly have VNC or you could at least look at what they do by opening their RDP session)

You were ready for reading the manual. Darn good that you’ve made it without passing that line. Once you pass it you never come back to being sane again, you know?

:D

Holy moly Networking Class… I’m getting flashbacks to my time when in the Simulated Cisco Environment we tried the SPT out and yes you are right. It takes a short but nonetheless weird amount of time for it to timeout.

Thanks for giving me the updates. If I or somebody else ever has similar symptoms maybe they will find this thread :D

I gotta say I think I would never had targeted SPT as the culprit. Though to be fair I only use dumb switches in my homelab and at the corp, the Networking department gatekeeps the nice stuff a bit :3

Anyway, I’m happy you found out and were able to fix it. <3

I know this is stupid to ask but can you test setting up servers fresh from a .iso? No template, no domain join, no nothing that would create any predefined settings. If the issue doesnt persist, maybe there is a legacy gpo or something that forces it for domain recognition before allowing other network traffic. Or something completely different but we gotta corner the problem in with troubleshooting.

And also maybe create a script that’s being fired at bootup. The script could write the timecode and the “ipconfig /all” and “route print” into a textfile every few miliseconds.

This would create large logfiles but might help. Since if you are even uncapable of pinging local adresses with IPv4 adresses, maybe the network stack just simply doesn’t load fast enough.

Also some additional info might help with cornering it in such as:

• is it only occuring on Virtualized Machines?
• what Hypervisor is being used?
• are there more than one kind of hypervisor brand? (For e.g. Vmware and Hyper-V)
• is the problem also ocurring on Bare Metal Servers? (Windows Server OS being installed directly on the Server without usage of Virtualisation)
• is your Domain Forest an old one, that you didnt create initially - or another way of asking: could there be GPO’s or Templates that have settings in them, that you dont know about?
• did you already try to connect two servers together by directly connecting them to each other and sniffing the NIC output via Wireshark? Maybe you can use this to parallel Check the behaviour of the bootup script with the Routing Tables and IP-Settings. Maybe somthing sticks out weirdly enough to catch your attention?

Thanks for the info. Maybe something is bugged with mine. I’ll have a look into it. Currently its not being used of the first few months of use, that were… lets say bumpy at best…

Their plugins arent really reliable. Can tell you that. The Mullvad VPN Plugin does not like it at all if you ever should run out of VPN Time. If your VPN is not being paid the connection shits itself and doesnt reconnect properly when the VPN is being paid for again. Besides that, the Seamless-Tunnel Option (aka. dont allow network traffic if its not through the VPN) is working but hella buggy if you want to disable it for testing.

Got myself a Opal one. Not sure what I will be using it from now on tbh. Maybe the other Options are more reliable but I couldnt be bothered to check em out in the last months.

Thanks for this. Was a pleasant read and a good mood lifter after recieving an emergency call for a useless alarm in the monitoring ^^

Argh good god. Ansible. Another topic that I wanted to dive in recently. It seems to be more and more used in all kinds of environments. Gotta get my fingers on it and get to know my way around in it.

Sadly oVirt has also reached EOL it seems. There hasnt been an update for it for eternities. oVirt is actually pretty nice in some aspects but yeah it has some weird bugs. Running a prod environment though is actually possible if you have enough hypervisor in a cluster then even patching runs quite smoothly. Autobalancing also works nice.

The only thing I haaateee about it is the awful one-time consoles.

The fact that Windows Server .iso’s dont have the needed drivers to recognise a virtual drive is also not the best for a productive environment with many windows servers. Its possible, yes. But it brings a little headache at the beginning of setting everything up with it. After all you only need to mount em manually a few times. Only so many times, as you create a fresh VM-template for your environment. After that it isnt any hassle anymore.

Well thats weird. Maybe try the nightly build, they have additional features and patches. Maybe its a weird bug that got patched with this version or it is a random problem that occurred whilst the installation.

Well thats because as soon as you search you are actually using a website. If the website doesnt support darkmode or was someday configured to be whitemode, then it will always show up bright. If the website doesnt support darkmodes: use the newest install that comes in a few days the 120 version. Or switch to the nightly-installation where you can already now install plugins/extentions. Then install the darkreader extention. Done. Ezpz

This is the way. The dude in the comment above the one I am replying to described a different way where you have to change the config, which would be neccesary to do on every new installation. Via the bookmarks/shortcuts method you will have the BANG Search on every new installation just by importing your bookmarks - or if you use an firefox account with synchronisation you will already have it with your login.

Be advised that duckduckgo has already some predefined BANG Searches, that you can use without having to change anything. Just type in the search bar:

• !g for google searches
• !ddg for duckduckgo searches
• !yt for youtube searches
• !mindfactory for searches on a german pc hardware shop “mindfactory.de” Yes they have very broadly implemented websites. Even such nieche sites are already listed.

Look into the 3-2-1 strategy. Also: At least one Backup should be taken offline after the backup is done. This might be done via Tapes on a Tapelibary, where you would put your Used tapes into a fireproof safe (certified for Tape fire protection - ask me if you dont know what that means). Those backups that are not connected to a network are most reliable in such a scenario. Most encrypters encrypt right away and thus offline/archived backups are most likely not already affected.

If your trojan was keeping itself silent for a couple of months (some specialised do that) even your archives are at risk. In such a situation mostly the only solution is to build from fresh.

Holy moly even though the graphes have a slight decrease - but that cause has been explained in the text - but those are still huuge numbers.

Holy moly there are a lot of guys on this platform! Nice to see!

Thanks for sharing and explaining mate!