Month: May 2019

Did you know … you can open files in VSCode over SSH!?

The plug-in is a preview and you need to use VS Code Insiders to install it … but you can open files and folders directly from a *n?x server via SSH. This is a great way to circumvent Samba quirks (changing the case of a file name, filemode differences between the Samba share and the local files causing all files to be marked as changed, etc) – and can even eliminate the need to load file sharing servers like Samba in the first place.

Once the plug-in is installed, a “Remote – SSH” icon appears in the left-hand menu bar. There is a single configuration option for a file containing host definitions. You’ll want to set up key-based authentication and include the path to the authorized private key in your host config.

Right-clicking a host will allow you to open a file or folder within the current VSCode window or launch a new window.

One caveat – you are running git commands from the context of the remote machine … this means you’ll need a user name set up there or your commits show up with the local logged on username and username@hostname address.

 

The Federal Budget (aka there’s no such thing as a fiscal conservative)

The federal budget numbers for 2019 and 2020 are, of course, estimates … but it perplexes me how persistent the myth of the “tax and spend” Democrat and the “reduce government spending” Republican is. There’s no party shrinking the federal budget. Having a huge increase and then dropping back down to where you started isn’t much of a “decrease”. And outright increasing certainly isn’t a decrease.

If the difference is “tax and spend” and “just spend” … the fiscally conservative position should always be “don’t spend money you don’t have”.

Information Barriers: Microsoft Teams

Information barriers preclude someone from communicating someone else (additional O365 services are going to implement it eventually, Teams just happens to be on the leading edge). Now there are lines of business where this is an awesome feature — law firm representing both sides of a case, for instance, don’t want people on side A chatting with people from side B. A company with a large front-line workforce may want to preclude the unwashed masses from communicating with Corporate.
If it were free and low effort to set up and maintain, I could come up with use cases for it here. Say, isolating the C11 people so someone unauthorized to talk to C11 people aren’t accidentally disclosing information. En mass blocking people from using federated communication is an interesting option — basically disallow it for everyone & have a specific request to be thrown into the “talks to people outside the company” group.
There’s some initial setup effort in building out the policies and applying them, and there would be effort in getting some mechanism for people to be moved into and out of policies. So it probably passes the ‘low effort’ test. Cost, not so much. It looks like, while anyone with an E3 SKU can use it during this preview, barrier’d accounts need an E5 or an add-on compliance/regulatory license once this goes GA.
Based on cost, I’m thinking we don’t want go dig into it. It’s an additional 8$/month for the compliance add-on license. Something like 15$/month to go from an E3 to an E5. And I don’t particularly care 8$ a user if people in our call center are inviting their friends from the MS call center to lunch over the chat federation.
Anyone else see a use case where it’d be worth the additional money for the technologically enforced barrier?

Shadowing Remote Desktop Sessions – Windows 2016

You need the session ID of the console you want to remote control. How do you get this? Log into the server under your ID and run “query session” in a command prompt – the session ID is in the “ID” column. Yes there are a lot of ways to do this. Ask the person you want to remote control to run quser, add the ‘session ID’ column to task manager, etc.

I am lisa, which makes my session ID 40.

The person who wants to control the session needs to run mstsc with the /shadow option. You need to run mstsc as a user that is an administrator on the target host.

Run: mstsc /v:hostname /shadow:# /control

e.g. mstsc /v:server1726.example.com /shadow:40 /control

The session being controlled will see a control request – click ‘yes’ and the session will be shadowed. Click ‘no’ and it won’t.