Jump to content

bigdog09

Members
  • Content Count

    57
  • Joined

  • Last visited

  • Days Won

    10

bigdog09 last won the day on March 27

bigdog09 had the most liked content!

Community Reputation

25 Excellent

My Information

  • Location
    Missouri
  • Agent Count
    1500 - 2000 Agents

Recent Profile Visitors

369 profile views
  1. bigdog09

    Automate - Patch Upgrade Guide

    Thanks for the update @EssentialSteve. I'll keep a lookout to see if anyone else is experiencing this. If so then, I'll definitely add that to the original post.
  2. bigdog09

    Patch 2019.3

    Thanks. I added that to the thread as well.
  3. bigdog09

    RMM Security Best Practices

    Couple of questions 1. Are any of you using a WAF or some other way of securing your remote admin capabilities? Everything comes through on the same port, so we're looking into a way of separating out agent traffic while securing remote admin traffic. 2. Are any of you monitoring the user audit logs closely? We're wanting a monitoring service to comb through those logs and alert us for items we care about.
  4. bigdog09

    Patch 2019.3

    @troms I added this as a known issue/bug for Patch 2019.3 in the patch upgrade thread and I linked the source here to this thread. Thanks for the information!
  5. bigdog09

    Automate - Patch Upgrade Guide

    "New" is probably giving it a bit more credit than it deserves, it's just fixed. The big takeaways from the LDAP update: - When LDAP syncs initially it creates a group in AD to match every group in Automate. Apparently it was a pretty hit or miss if your AD groups didn't match the Automate groups precisely. - Also prior to this update the sync worked by comparing "incorrect" automate passwords with AD and if it was a match, then it would rewrite your automate password to match. The process took about 30 seconds, so that's why it would fail initially and then 30 seconds later it would accept the password. I'm not sure exactly what they mean by "consistent sync," but I've heard a lot of positive feedback on it. It's still not perfect. In pilot there were issues with usernames that had a period in the middle, so `big.dog` would not sync with AD. I'm not sure if that was corrected prior to the production release.
  6. bigdog09

    Automate - Patch Upgrade Guide

    Patch 2019.3 has been released and updated on the front page. Please post any issues, bugs, etc that you run into.
  7. bigdog09

    Should we Update to version 2019 ??

    2FA is very important. There's no such thing as a truly "trusted" network anymore. The perimeter is dead and the zero trust model is what you should be shooting for.
  8. bigdog09

    Should we Update to version 2019 ??

    There haven't been any major complaints that I've seen. There are some issues carried over from patch 12 that are still lingering, but nothing new introduced in 2019.2 that we're aware of. The biggest complaint I've seen is a minor aesthetic issue. If your Client/Group list is too long to fit in the view, then there is a visible scroll bar. Functionally it works the same as it always has, but in the past the scroll bar was invisible. When that's the biggest complaint, then it's pretty safe to assume that the patch is fine.
  9. bigdog09

    Should we Update to version 2019 ??

    If you're on 12.0.12.497, then you're ok. However, installing the hotfix and installing 2019.2 is the same exact process, so you might as well get on the latest considering it's stable and the most secure for the time being. Security flaws are patched in almost every release, so while holding off for a couple of weeks is a smart approach... you should always be willing to install the latest patch once it's been confirmed that it's stable. Especially considering that CWA12 > CWA2019 isn't a major release, just a name change.
  10. bigdog09

    Should we Update to version 2019 ??

    If he's truly on the latest build of patch 12, then he's fine. There was a hotfix released to amend the issue. @Technigogo Automate 12 and Automate 2019 are the same exact product, just different patches. There wasn't a major release, they just updated the patch naming scheme to match the rest of the CW suite. 2019.2 is essentially Automate 12 patch 14.
  11. bigdog09

    Automate - Patch Upgrade Guide

    Thanks @dpltadmin. I've got your posts sourced on the OP now.
  12. bigdog09

    RMM Security Best Practices

    It should be in the wwwroot folder, so most likely c:\inetpub\wwwroot\robots.txt
  13. bigdog09

    RMM Security Best Practices

    Here are a couple of SQL queries to help make sure that your users are set up correctly in Automate. Make sure that all of your user accounts are being audited for everything they're doing. The logs don't take up much space, so it's worth it to audit everything. -- Auditing not set to Everything SELECT `users`.`Name` FROM `users` WHERE `AuditLevel` != 5 AND `users`.`Name` != 'root'; You should limit your SuperAdmins. Like @danrdj said, just because they have the admin title it doesn't mean that they need full access. Run this below to find your current SuperAdmins and make sure there isn't someone on that list that doesn't need to be there. -- Users have SuperAdmin SELECT `users`.`UserID`, `users`.`Name`, IF((BIT_OR(`userclasses`.`Permissions`) & (1 << 0) = (1 << 0)), 'True', 'False') AS 'SuperAdmin', COUNT(`userclasses`.`name`) AS 'Class Count' FROM `users` LEFT JOIN `userclasses` ON FIND_IN_SET(`userclasses`.ClassID, `users`.`ClientID`) WHERE `users`.`Name` != 'root' GROUP BY `users`.`UserID`;
  14. bigdog09

    Automate - Patch Upgrade Guide

    Sure thing. The goal of this thread is to inform people on the state of each patch good and bad. 2019.2 is slightly less of a priority now that they have hotfixes in place, but there are still good benefits that comes with the new patch. I try to source all the issues back to Connectwise statements or detailed comments in this thread. Please feel free to post any 2019.2 in here and I'll cite them on the OP.
  15. bigdog09

    RMM Security Best Practices

    Most people should be using the default. User-agent: * Disallow: / I'm sure several people already understand what robots.txt is and does, but I'll elaborate a bit for those that might be out of the loop. When web robots crawl your site the standard is to first look for <domain>/robots.txt to see if there are any rules that it needs to abide by. This is an industry standard that's been around since the 90s. Some websites use it to prevent certain sections of their website from being indexed online and therefore not searchable in a search engine. In Automate's case we don't want anything indexed, so you'll want to make sure that your robots.txt matches the above text. Granted there are exceptions to every rule, so it's possible that someone out there has a good reason to have a more customized robots script, but I can't think of any reason. This is obviously an oversimplification, so I'll link a more detailed overview below. For more information: http://www.robotstxt.org/robotstxt.html
×