I wish it would have 2 ports, top and bottom, so I can be more creative with my accessories.

I think you could boil it down to something like Set-ADUser bob -otherattributes {uidNumber=1005, gidNumber=1005}

sorry I don’t have any real documentation but I have a snippet of powershell that explains it pretty well here this comes from a user creation script I wrote back when they removed the unix UI.

I was using Get-AdUser and discovered that the properties still existed but you have to manually shove those in, when an sssd “domain bound” linux machine has a user with these props login, they get the defined UID and GID and homefolder etc.

$otherAttributes = @{}
Write-Host -ForegroundColor Yellow "Adding Linux Attributes"

# get the next numeric uid number from AD
$uidNumber=((get-aduser -Filter * -Properties * | where-object {$_.uidNumber} | select uidNumber | sort uidNumber | select -Last 1).uidNumber)+1

$otherAttributes.Add("unixHomeDirectory","/homefolder/path/$($samAccountName)")
$otherAttributes.Add("uid","$($samAccountName)")
$otherAttributes.Add("gidNumber","$($gidNumber)")
$otherAttributes.Add("uidNumber","$($uidNumber)")
$otherAttributes.Add("loginShell","$($loginShell)")

$UserArgs = @{
    Credential = $creds
    Enabled = $true
    ChangePasswordAtLogon = $true
    Path = $usersOU
    HomeDirectory = "$homeDirPath\$samAccountName"
    HomeDrive = $homeDriveLetter
    GivenName = $firstName
    Surname = $lastName
    DisplayName = $displayName
    SamAccountName = $samAccountName
    Name = $displayName
    AccountPassword = $securePW
    UserPrincipalName = "$($aliasName)@DOMAIN.COM"
    OtherAttributes = $otherAttributes
}

$newUser = New-ADUser @UserArgs

basically the “OtherAttributes” on the ADUser object is a hashtable that holds all the special additional LDAP attributes, so in this example we use $otherAttributes to add all the fields we need, you can do the same with “Set-Aduser” if you just wanna edit an existing user and add these props

the @thing on New-ADuser is called a splat, very useful if you’re not familiar, it turns a hashtable into arguments

lemme know if you have any questions

I like ydotool, uses a systemd user service, but fulfills my needs of KB shortcuts to paste text into vnc sessions

Microsoft pulled those from the UI, but if you’re adventurous you can just shove those attributes in to user with power shell and it works the same.

Then just use sssd instead of NIS, surprised me at work when this worked.

Metasploit and Gitlab are both my main uses of ruby, hasn’t made me think any better of it tho.

What a great series that is, I should get the kit

If you’re mixing a dedicated GPU and onboard graphics you need to set the dedicated GPU as primary somewhere, otherwise all screens get rendered on the onboard and “reverse PRIME’d” to the dedi GPU outputs.

I’ll see if I can find the snippet that fixed this for me.

So add your user to the new docker group made on install of that package and you’ll be able to docker without sudo. You may need to relogin or newgrp docker before it works tho

Similar story for me, Ubuntu w/ wobbly windows and desktop cube in Jr High (I was a particularly nerdy kid), arch w/ i3 in HS and college, now I’m a DevSecOps Developer (engineer is a sacred term in Canada)

Learning to do naughty things to the WEP wifi around me is what led me to now doing penetration tests at my org.

Funny how goofing around on a computer as a kid can lead to careers and passions.

This also adds the benefit that any other devices that wanna VPN can just use the gateway

I’ve read some of the comments and it sounds like you’ve already tried installing proton VPN and tailscale on the same machine, but depending on your setup maybe you could make a “VPN gateway”

Like take your pi, install protonvpn, then enable IP forwarding and use a little nat IP tables script to nat your lan to your proton VPN interface like a home router would with the wan and lan ports.

Then on your tailscale gateway set the default route to be that box instead of your normal router. Then just use the tailscale node as the exit node on your client and check your IP.

In theory this would be similar to a qubes type setup which is what I tend to use for this kind of work.

I’m a torrenter with the sonarr radar lidarr prowlarr *arr setups.

I’ve dabbled with Usenet and here’s my understanding.

With torrents you’re all sharing something live, if you want ubuntu.iso and I have ubuntu.iso you can get it from me and many others who seed this file. A torrent tracker (or the dht) helps put us in touch so you know where the file is.

With Usenet it’s more like I dead drop this file, zipped and encrypted(?) onto a Usenet news server. All the Usenet providers mirror each other or something like that, so if you’re on a diff provider than me that same file should still be available. Then I tell an indexer, like dognzb or nzbgeek that this file is in fact ubuntu.iso and not garbage data. When you want ubuntu.iso you ask the indexer, indexer gives you a link and you get the file.

Beyond this, I don’t know about how much safer it is, but my immediate guess is that since you’re not seeding there’s less risk.

Now if you’re really snobby like me, you’ll quickly realize that the release groups you’re used to aren’t as well represented. I’ve often landed in situations where episode 7 of 20 is missing on Usenet…

As a snob, I’ve decided private trackers are probably the best place to be to keep my quality expectations satisfied.

Hope this helps.