IT/Software career thread: Invert binary trees for dollars.

Mist · Jan 11, 2020

Ao- said:
What fucking product is this? CyberArk works for x120k assets for us...

ManageEngine? It's crap. It's just a password vault.

CyberArk is a whole remote session management platform? That doesn't really work for us, because our remote access into/alarming from client environments is all over the map. Some remote access is direct NATed VPN, though most of those have gone away, some is various SSL client-based VPNs that the customer provides, plus we have Avaya SAL, Meraki cloud, and two other monitoring platforms that provide remote access/jump servers.

Louis · Jan 11, 2020

Mist said:
ManageEngine? It's crap. It's just a password vault.

CyberArk is a whole remote session management platform? That doesn't really work for us, because our remote access into/alarming from client environments is all over the map. Some remote access is direct NATed VPN, though most of those have gone away, some is various SSL client-based VPNs that the customer provides, plus we have Avaya SAL, Meraki cloud, and two other monitoring platforms that provide remote access/jump servers.

That's password manager pro I believe. After reading your description I knew it had to be this. There is some session management available in PMP, but yea I definitely agree. It's not a very user friendly system to get it to do anything beyond using it as a vault and even then that functionality is shit too.

We demoed that and Thycotic, but ended up going with Manage Engine's b/c it was cheap and it shows.

Mist · Jan 11, 2020

We are definitely not using the session manager in PMP and it still sucks and doesn't work for even just basic password vaulting.

Ao- · Jan 11, 2020

Mist said:
ManageEngine? It's crap. It's just a password vault.

CyberArk is a whole remote session management platform? That doesn't really work for us, because our remote access into/alarming from client environments is all over the map. Some remote access is direct NATed VPN, though most of those have gone away, some is various SSL client-based VPNs that the customer provides, plus we have Avaya SAL, Meraki cloud, and two other monitoring platforms that provide remote access/jump servers.

It depends how you license it. It can handle session management or just password vaulting (and tie into AD). It's licenses by user, not endpoint or password for vaulting.

TJT · Jan 12, 2020

We use One Password for everything at my office. Never had an issue with it.

chaos · Jan 13, 2020

I don't suppose any of you use gentoo? emerge is the most confusing fucking package manager I've ever heard of,non stop dependency issues with no apparent way to resolve them

Noodleface · Jan 14, 2020

I tried Gentoo exactly once. Literally the shittiest and most obnoxious community I've ever dealt with.

chaos · Jan 14, 2020

Yeah, I'm going to give it one more good try. What one man can do, another can do, and all that. But holy fuck this thing is gross.

sadris · Jan 14, 2020

Mist said:
Here's a good one.

We monitor/manage over 100,000 devices. Switches, routers, firewalls, servers, voice gateways, DC blades/chassis, etc for about 2000 customers.

All of these these need passwords, obviously.
...

All password management systems are awful. Every single one. We wrote our own and it works pretty well.

Noodleface · Jan 14, 2020

chaos said:
Yeah, I'm going to give it one more good try. What one man can do, another can do, and all that. But holy fuck this thing is gross.

They pride themselves on how 'customizable' it is, but I found dealing with Gentoo absolutely horrid. If I want a real barebones tinkerer OS I just do Arch Linux

Vinen · Jan 14, 2020

Noodleface said:
They pride themselves on how 'customizable' it is, but I found dealing with Gentoo absolutely horrid. If I want a real barebones tinkerer OS I just do Arch Linux

The Gentoo community is the autists in the Linux community. It's pretty much the THIS IS SO HARD AND WE ARE BETTER THEN EVERYONE BECAUSE WE UNDERSTAND IT (kinda) crowd.

Mist · Jan 14, 2020

TJT said:
We use One Password for everything at my office. Never had an issue with it.

How many devices? And for internal gear or for external customers?

MSPs are in the fairly unique position of having to store credentials for hundreds of devices, for hundreds or thousands of customers.

chaos · Jan 15, 2020

no surprise, i'll be using debian for this instead. gentoo can suck a hot fuck

Lendarios · Jan 15, 2020

So my home pc MSDTC is giving issues, my sql server is failing because dtsmis not running, but is running.

gonna try next a docker sql.

TJT · Jan 15, 2020

Mist said:
How many devices? And for internal gear or for external customers?

MSPs are in the fairly unique position of having to store credentials for hundreds of devices, for hundreds or thousands of customers.

Our company specifically handles infrastructure monitoring. We don't have to access customer infrastructure directly as our product doesn't need it to capture data on your stuff.

So probably not nearly as bad an an MSP directly managing all those devices for N number of clients.

I did get a lulzy request from an MSP customer the other day through our customer management team. It was satisfying telling that guy it was his problem.

Neranja · Jan 15, 2020

Vinen said:
The Gentoo community is the autists in the Linux community. It's pretty much the THIS IS SO HARD AND WE ARE BETTER THEN EVERYONE BECAUSE WE UNDERSTAND IT (kinda) crowd.

Maybe that was the case at the beginning, but after a surge of Devs were recruited from "friends and family" through nepotism and IRC interviews (I kid you not) the quality rapidly sunk, especially after the founder of Gentoo left the project. Captain Obvious at the time said that watching things someone else wrote compile for hours does not make you a Linux expert.

I only used Gentoo only once in my life, and that was to build a very specific hardened server with PaX/GRSecurity kernels and a userland built with patched compilers (SSP and stuff like that).

Fun story: At one point in time the devs decided to remove all old versions of autoconf+automake "to clean up the repository". But autotools are mostly a set of M4 macros, and older software at the time needed specific versions to build (Current Debian and RHEL7 still have autoconf 2.13 together a newer version for that reason). The result was a fuckup, as a lot of programs just didn't build anymore. First reaction was "Why do you need the older versions? The current ones are stable!" - I think it took a week or so until they even realized they fucked up and put the old versions back in.

Not once did someone have the bright idea to grep through the portage tree and check if any package requested specific old versions of autoconf/automake before they removed them. Which is amazing in itself, as every Gentoo install has a copy of the complete portage tree.

The only useful thing ever out of Gentoo was the "keychain" utility for the ssh- and gpg-agents, and they even fucked this one up because they removed the webhome of the founder once he left (again) where the sources were hosted.

Noodleface · Jan 15, 2020

Anyone used Microsoft Teams before?

Should I be mad they pushed that on us instead of Slack?

Deathwing · Jan 15, 2020

Yes. Bugchaser gay doesn't even come close to describing how gay Teams is.

Noodleface · Jan 15, 2020

I just won't use it then

Deathwing · Jan 15, 2020

No, use it, share in the misery.

I'm obviously being hyperbolic. I would have preferred Slack too, but Teams is still an upgrade from IRC we were using previously. The designed-for-mobile UI is the biggest sticking point. If you're on 2FA, that will get annoying too. Teams does not play well, authenticating wise, with Outlook.

Oh, and nothing reads like a straight log, everything is a conversation. So if your workflow depends on having a general "chat room" where you can ask questions, be prepared for that to dry up. No one's going to read every conversation to see if there's something they can help with.

Search

IT/Software career thread: Invert binary trees for dollars.

Mist

Eeyore Enthusiast

Louis

Trakanon Raider

Mist

Eeyore Enthusiast

Ao-

¯\_(ツ)_/¯

TJT

Mr. Poopybutthole

chaos

Buzzfeed Editor

Noodleface

A Mod Real Quick

chaos

Buzzfeed Editor

sadris

Karen

Noodleface

A Mod Real Quick

Vinen

God is dead

Mist

Eeyore Enthusiast

chaos

Buzzfeed Editor

Lendarios

Trump's Staff

TJT

Mr. Poopybutthole

Neranja

Noodleface

A Mod Real Quick

Deathwing

Noodleface

A Mod Real Quick

Deathwing