Is it a crime to post nude pictures of my ex girlfriend, that she sent me, on the internet???? Serious question.

crayzjoka · 2012-05-21T02:23:56.691932+00:00

Unless she signed a model release form (which I doubt) then she could at least make a strong enough case to make you have to pay for a lawyer to defend yourself in civil court for emotional damages. Don't do it. Also, just don't be a dick.

TwelveHawks · 2012-05-21T00:18:12.686272+00:00

New York City has these as well, not just Canada. Red squirrels are also prevalent across NY.

Bosley · 2012-05-20T22:35:38.934363+00:00

I don't agree with your assessment. Exchange typically runs fine provided proper administration occurs. What happened here was sort of a perfect storm... Let's recap:

One of his coworkers deleted all the servers. He even bypassed the safety mechanisms intended prevent this sort of thing. Mistakes #1 and 2#.

Next up they failed to do a tombstone recovery and instead added a new server with the same name to the domain, screwing up all the relavent metadata and tanking the SID's for the existing computer account preventing a proper restore. So that's mistakes #3 and #4.

They almost did mistake #5 (which would have been the FUBAR one) and restored it from VSS. Had this occured god help them.

While on the outset it would seem that exchange just sucks, what's really at play here is the necessary complexity that comes with feature rich enterprise software. The more features and integration, the more complexity. That doesn't make the software bad, it just means that more careful management is required. In a similar way, the mistakes of the OP's staff don't mean exchange sucks, it means OP's staff need a lesson about not doing stupid shit like deleting servers.

(OP, if you're reading this, I mean no offense, stuff happens and in a panic people don't thing clearly. I really do hope it all worked out for you!)

EsotericNinja · 2012-05-20T16:09:19.340347+00:00

Nice little structure fire you've got there.

argonauts · 2012-05-20T06:44:34.871129-07:00

I lived just upstate of the city, in a commuter area. I was 19 at the time. And while I wasn't involved in fire/ems (yet), I was a member of the local fire/ems "family", since my father was a very active EMT/firefighter/disaster responder. I was in college at the time. So this sets the stage.

Day of the event: I was working on a cisco networking lab. A student in the back suddenly blurted out "holy shit look on CNN a plane hit the world trade center!" I thought it was crazy, but a fluke accident or something. Shit happens rigth? The teacher continued until the second plane hit. Class basically stopped as we watched what was going on. When the first tower dropped I knew that it had become too big for the local resources alone (again, I knew how fire/ems/etc worked, I just wasn't directly involved). I asked to leave because I knew when that happened my dad would be going. It wasn't even in question to me. He WAS going, and probably already home preparing. So I left and went home.

As expected, he was there getting ready. I asked (rhetorically) "you're going?" He said yes. I helped him pack, my mom got home. We hugged, he left. The next several hours were some of the hardest of my life. Watching the damage unfold knowing he was in there somewhere was horrible. It didn't help that EVERY SINGLE channel and radio station was covering it. There was no escaping the gravity of the event. But, thank god, at the end of the first day the phone rang. And at the end of the second day. etc. until he came home safe and sound.

The first weeks/months after were like nothing I'd seen before. America was unified for the first time in my life. It was inspiring. Left or right, gay, straight, old or young, texan or new yorker. Didn't matter. We were all Americans. Period.

Watching the slow devolution of that beautiful one-ness is, in alot of ways, the hardest long-term thing about the whole experience for me.

QBVII · 1 day

Sounds like you had an unhappy situation, are probably new to the industry, and were learning on your feet. What matters is, at the end of the day you got it fixed, for not a ton of money, and no major loss of data. Crack open a cold one and celebrate!

Ubimo · 1 day

It's even cooler inside!

mississippislide · 2 days

You too eh? I inherited companyweb. I think it was the default BPOS sharepoint site name.

Bosley · 2 days

You weren't the only one wondering...

Bosley · 2 days

Explain to me what about exchange you consider to be "legacy". I'm honestly curious.

Bosley · 2 days

Exchange is deeply integrated into active directory. It isn't just installed on a server. Exchange essentially becomes part of active directory. It modifies the schema, creates tons of special objects, intgrates into replication, and such. These things it does are awesome and help make it as good as it is at what it does, but they also make fixing issues like this a fucking nightmare.

Also, FWIW, exchange does waaayyy more than dovecot and postfix. It's not an even comparison.

spookybarn · 2 days

Sounds like it's tombstone time! You might also want to fix all that other stuff.

As for me... I recently accidentally the wrong VPN line despite doing my usual double checking thing.

thecompu · 2 days

I use an Ecessa Powerlink device. It's in inbound/outbound WAN aggregator and load balancer. It also has a load balanced DNS server built into it. I manage my own zone authoritiatively and have NS records to my external addresses of each ISP. The last time we went completely dark was hurricane Irene.

Bosley · 2 days

Honestly, unless you are REALLY comfy with ADSI Edit and its ilk this may be one best left to the true experts. I consider myself DAMN good at AD, (I've written my own schema extensions!) but TBH, I would already be on the phone with Microsoft at this point.

EDIT: Ask yourself one question: is your companies ability to email/communicate smoothly worth the money it will cost to repair this mistake? How much money per hour are you losing as a result of this? There are more than just technical considerations at play here I suspect.

Bosley · 2 days

Ouch. I can't say that I've ever seen anyone accidentally delete exchange from their directory. That sucks, I feel for you. However, even if you do a VSS restore, you risk doing further and significant damage to your directory as exchange is HEAVILY integrated into AD, so unless you roll back literally every DC at once and bring everything back from snapshot restore you could do unexpected and truely bizarre things to AD. My recommendation is to call Microsoft.

mistawac · 2 days

Check your security logs for logon and special logon events. This will make which things are signing in very apparent, very quickly. If you're feeling saucy, you could even set up log forwarding and/or collection to a single server so you don't have to RDP into each server.

vocatus · 2 days

Currently I'm a VBScript guy. But as I learn more powershell VBScript is starting to lose its lustre.

bobwonder · 3 days

MDT is quite nice for locally run, but diverse installations. I made a portable USB drive that would install XP, Vista, or 7 with office 2003, 2007, or 2010.

stealthmodeactive · 3 days

oooh. Almost forget. The Oreilly press book "Active Directory" is actually quite amazing. It goes into way more depth than the MS books. I'm currently working my way through it and learning much more than I expected.

stealthmodeactive · 3 days

It's been a LONG DAY with a moment of weakness. I've thought better of it.

My wonderful peers reminded me that perhaps I had mis-stepped.

Thanks guys!

stealthmodeactive · 3 days

You're right. Message deleted sir. Thanks for keeping me honest.

Enxer · 3 days

Ah, first off don't put a writable DC in the DMZ if you can possibly avoid it. It's VERY bad practice.

That said, if you split your network into two logical AD sites, one for internal, one for DMZ, and configure the clients in the respective sites to use the appropriate servers for DNS they will do what you want.

EDIT: FWIW, an RODC would almost certainly do what you want. While it's not a writable DC, it can pass writes back to writable DC's. The difference is that it doesn't keep cached copies of the kerberos keys on the DC. Hence if it's compromised, you don't lose the whole network at once, only the accounts which are cached on the RODC. Really, check into RODC for this. Alternately AD LDS would probably work here as well.

MMDeveloper · 3 days

Agreed. At my last gig where we actually had an IT team any "all staff" emails were reviewed by another person before going out.

MMDeveloper · 3 days

Don't accidentally a word!

stealthmodeactive · 3 days

This. I used nothing but this and hyper-v and passed first try.

labmansteve

TROPHY CASE

labmansteve

TROPHY CASE

you'll need to login or register to do that

create a new account

login