Outside of IP-blocking known popular DoH hosts (e.g. https://github.com/jameshas/Public-DoH-Lists, and even then it's not the best since there's overlap with popular DNS hosts like Cloudflare), there's no good way to do it without break-and-inspect. That's because DoH is TLS traffic over 443, just with DNS inside instead of HTTP.
(Personal background: I currently work in the enterprise identity space, where problems like this are bog-standard.)
Everyone else seems to be going on about SSO. That's good for end users signing into websites & laptops, but I'm getting the sense that you're more worried about admin-level permissions management.
First, some terminology to help you Google for things:
> new hire be given access to all required passwords day 1
> when such new hire gets promoted, how can we give access to the additional passwords
> if someone leaves the company, how can we change only the sensible passwords they had access to and preferably notify everyone with access
The more technical/sales-y way to say this is "I want a PAM solution with JML workflow integration for my secrets management" (JML: Joiner, Mover, Leaver, PAM: Privileged Access Management), and it'd be part of your overall identity management (IdM) strategy.
Some big-name companies in the IdM space: Sailpoint, Quest One Identity, CyberArk. Those'll give extended management of your canonical source(s) of identity & authorization info (typically Active Directory/Entra ID, but with the big-name products you can also integrate with modern solutions like Workday, FOSS e.g. LDAP servers, or old-fashioned stuff like CSV drops on an FTP share, and set up push or pull workflows to set user attributes & permissions based on your needs).
So you want IdM, plus (at least) 1 of 2 things:
1. Secrets management (for static secrets). I've personally seen folks using Thycotic Secret Server and LastPass Enterprise (although there's lots more companies in that space). That gets you the basic "get admin X a password that was created by admin Y". This is more of a requirement for servers you can't integrate IdM with (so it'd be licensed to admins only), because for day-to-day admin work (stuff like "add this user to that group"), what you'd ideally want is:
2. Full PAM. Essentially, you'd set up a workflow to temporarily "check out" a secret (i.e. password) for a set period of time (which the user could request some capped number of extensions to), that's then automatically-changed by the IdM once their time's up. (You can also do things like "give anyone who asks & gets manager signoff group permissions to XYZ that expires in 90 days".) Sailpoint and CyberArk can both do this.
Now, all that's for server admin. If you're talking about handing out admin permissions for endpoints (this is your classic "Tech support needs to privesc to fix something, but I don't want to leave the Windows admin passwords lying around in random techs' clipboards, and I don't want to let just anyone use ADUC (which, IIRC, is required to effectively use LAPS)"), you want something slightly different (in addition to an IdM solution):
3. EPM (Endpoint Privilege Management). BeyondTrust is the big name here. This lets you grant some permissions to end users (e.g. "install pre-approved software", "change (only some) networking settings"), while locking everything else behind an admin account (which you can gate access to using your PAM; that gets you auto-rotation of Windows admin PWs right after they're touched, plus JML workflows for your tech support personnel).
Now, go forth and Google (and when you start asking for demos, try not to let the salespeople drown you in buzzwords like I just did)!
Just a layman, but the reasoning given by the NLRB kind of makes sense to me. FTA:
> Public statements by employees about the workplace are central to the exercise of employee rights under the Act.… [T]he comprehensive ban would encompass employee conduct regarding any labor issue, dispute, or term and condition of employment of the Respondent.… [E]mployee critique of employer policy pursuant to the clear right under the Act to publicize labor disputes is subject only to the requirement that employees' communications not be so "disloyal, reckless or maliciously untrue as to lose the Act's protection.
In other words, I think it's because these discussions could be said to be part of collective bargaining: the text of these sorts of agreements is something that, at the very least, your union (or coworkers who're interested in forming one) would want to know about, right?
My (uninformed) guess is that the Court of Appeals would rule along the lines of "the NLRB can regulate away banning these clauses from applying to discussions with coworkers and union representatives, but not the general public," since banning them in general could be considered as acting outside their regulatory mandate.
Surprised only one other person has mentioned this! (well, OK, not really, since this is still kind of a weird tip)
The current gold standard for weight loss is a combination of medication (for appetite suppression) and following the advice of a registered dietician (for implementing the lifestyle changes that are required for maintenance). If you're in the US, you can search your insurance company's website for a list of RDs in your area that take your insurance.
The medication you want is semaglutide (brand name Wegovy), which was FDA-approved in June of 2021 for weight loss (it was previously approved for treatment of type 2 diabetes mellitus, under the brand name Ozempic; Wegovy is just a dose increase from 1.0mg to 2.4mg). Stephan Guyenet has a good article on the subject [1], which links directly to the FDA studies [2][3] that consistently find a previously-unheard-of 15-18% weight loss over 68 weeks.
You'd be taking this as a once-weekly subcutaneous autoinjection, and its function would roughly be described as appetite suppression (although hunger/satiety is a very complex mechanism, and it actually does a lot more than that). Your primary care doctor could prescribe this to you, assuming you can get prior authorization for it from your insurance (for me, they asked for my current weight and what I've tried previously, which was a lot). My doctor also recommended that I test my blood sugar regularly, since this can result in you not eating enough at first, which can cause issues.
The hard part with this approach initially would be getting a hold of the first 3 dose packs, since Novo Nordisk underestimated demand and was impacted by supply chain issues. I called around at every pharmacy in my local area, and found that my local Costco (supplied by McKesson) was the best at getting it in stock. NN focused their initial efforts on building up manufacturing capacity of the final two doses, so once you get up to 1.7mg you should be in the clear on this problem.
The second hard part (besides insurance shenanigans) is tapering off. That's where you start heavily relying on the habits your dietician helped you set, the lifestyle changes you've made, and good old-fashioned willpower. Ultimately, though, the consensus on most obesity experts is that since obesity is a chronic condition, most people who want to maintain the weight loss will need to stay on this drug indefinitely. Personally, I'm keeping an eye on the semaglutide subreddit [4] to see how this develops.
Exercise has a wide variety of health benefits, including assisting with weight loss, but many overweight and obese people find that it's hard to stick with (probably because carrying around the equivalent of a 30 kg. weighted vest means most of the movements you'd be doing require much more energy), and ultimately most of your weight loss is going to come from dietary changes. Also, losing weight requires you to eat less, which in the short term means you have less energy to exercise and it's much harder in general, and focusing on the weight loss will make it easier to exercise in the long term (because you're ditching the weighted vest). So I'd recommend starting with the weight loss first, and then you can work on setting habits around exercise as you continue to lose weight.
I'd also recommend that you work with a licensed psychologist who specializes in obesity to examine the factors that led you to develop the obesity in the first place, and work on addressing those concurrently. For me, this turned out to be chronic stress caused by multiple undiagnosed mental health issues, and getting treatment for those (which did include making other lifestyle changes) helped immensely. If you're in the US, Psychology Today's Find A Therapist tool [5] is good for finding someone.
I started at 132kg five months ago, and now I'm down to 111kg with 34kg more to go, and this is how I did it so far. It's a lot of balls to juggle at first, but setting those initial habits around weight loss helped me set more habits, which makes this easier.
One last thing I want to address: increasing the amount of oxygen in your environment may help give you some more energy (taking it from a canister very likely won't in practice, since those canisters are quite heavy and any affects would only last for as long as your increase in O2 saturation does, which would be about 1-2 minutes after you disconnect from it to do any sort of physical activity), but for many people it's not practical to redo their home/work's HVAC to add a concentrated O2 line. However, going outside regularly (where the CO2 buildup is very likely much lower than it is in indoor environments), as well as finding a good place to work outside when the weather permits (if you work from home), can definitely increase how energetic you feel and provide a wide variety of other health benefits.
So, to summarize:
* Start by talking to your primary care, as well as a registered dietician
* Try Wegovy if you can, it's pretty great
* Talk to a psychologist who specializes in obesity
* Carrying around an O2 canister probably won't help, but going outside probably will
