R: Adding groups as members of groups

2008-05-20 Thread HELP_PC 
Thank you , I know XCACLS, but I wanted avoiding at all adding permissions to 
the folders. I thougth that adding groups to the existing ones should make the 
trick. ?! 


GuidoElia
HELPPC

-Messaggio originale-
Da: Rubens Almeida [mailto:[EMAIL PROTECTED] 
Inviato: mercoledì 21 maggio 2008 7.59
A: NT System Admin Issues
Oggetto: Re: Adding groups as members of groups

Windows 2003 Resource Kit includes a utility called XCACLS. It can add the 
security group entry without messing with the existent ones on the ACL. Hope 
that helps.
Regards,

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Defragmentation, Shadow copies and Server 2008

2008-05-20 Thread HELP_PC 
 


It should be the same engine reading softpedia 


GuidoElia
HELPPC

-Messaggio originale-
Da: Jim Dandy [mailto:[EMAIL PROTECTED]
Inviato: mercoledì 21 maggio 2008 0.48
A: NT System Admin Issues
Oggetto: Defragmentation, Shadow copies and Server 2008

I've read that defragmenting a partition with shadowcopy enabled causes the 
shadowcopies to be deleted.

http://support.microsoft.com/kb/312067/en-us

I've also read stuff about the Vista defragmenter being shadowcopy aware

http://support.microsoft.com/kb/942092

Does anyone know if the Server 2008 defragmenter is shadowcopy aware?

Thanks for your help.

Curt 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Adding groups as members of groups

2008-05-20 Thread Rubens Almeida 
Windows 2003 Resource Kit includes a utility called XCACLS. It can add
the security group entry without messing with the existent ones on the
ACL. Hope that helps.
Regards,

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Adding groups as members of groups

2008-05-20 Thread HELP_PC 
I have a customer with a folder in a fileserver (SBS env transitioned to
Win2k3) with many different security groups permissions on various
subfolder. Now I have to add some security groups from a trusted domain.

I want to avoid to visit all the folders and I thought to add the
trusteddomain\securitygroup as member of originaldomain\securitygroup.

I made all groups in both domains as Universal 
Should I have any problem ? 

TIA 

GuidoElia 
HELPPC 


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread Carl Houseman 
I would look to see how many different mstsc.exe's can be found on the C:
drive of this computer.

Bet there's more than one... and you're using a different one depending on
who you are at the time.

Carl

-Original Message-
From: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:49 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

Additionally...
If I am logged into my computer as myself, and "runas" mstsc as a domain
admin - it works fine.


-Original Message-
From: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:34 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

Here's an update...
If I log on to my computer as the domain admin, mstsc.exe works
perfectly and allows me to connect to other machines.
If I log on with my domain account, DEP stops the application, and after
I close that, I get mstsc.exe caused an error and needs to close.
I set my "local administrators" group to include "authenticated users" -
thus making my domain account a local admin on the machine when I log
in.
Strange.


-Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 6:34 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

I thought the MUI caused xpsp3 setup to throw an error and abort and the
issue was with one of the pre-release candidates, 6.1 some thing or
other,  but my recollection could be fuzzy. 

The article you cited seems to confirm what I read in the release notes,
since the OP indicate he got it installed, I thought of the other issue-

Windows XP SP3 cannot be installed if you have the following updates
installed on your computer:
* Microsoft Shared Computer Toolkit 
* Remote Desktop Connection (RDP) 6.0 MUI pack (Update 925877 for
Windows XP)

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 3:13 PM
To: NT System Admin Issues
Subject: Re: Installed XP SP3 now Remote Desktop doesn't work

On Tue, May 20, 2008 at 6:08 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> I recall a KB or readme somewhere mention if you had upgraded the
stock XP
> RDP client to one of the newer versions, IE- RDP 6.0, you had to
remove it
> prior to installing XPSP3.

  As I understand it, it isn't the main MSTSC 6.0 update that got
pushed out to everyone via Windows Update that's the problem, but the
"Multilingual User Interface" pack (MSKB 925877).  See MSKB 950717 for
the official word.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread David Mazzaccaro 
Additionally...
If I am logged into my computer as myself, and "runas" mstsc as a domain
admin - it works fine.


-Original Message-
From: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:34 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

Here's an update...
If I log on to my computer as the domain admin, mstsc.exe works
perfectly and allows me to connect to other machines.
If I log on with my domain account, DEP stops the application, and after
I close that, I get mstsc.exe caused an error and needs to close.
I set my "local administrators" group to include "authenticated users" -
thus making my domain account a local admin on the machine when I log
in.
Strange.


-Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 6:34 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

I thought the MUI caused xpsp3 setup to throw an error and abort and the
issue was with one of the pre-release candidates, 6.1 some thing or
other,  but my recollection could be fuzzy. 

The article you cited seems to confirm what I read in the release notes,
since the OP indicate he got it installed, I thought of the other issue-

Windows XP SP3 cannot be installed if you have the following updates
installed on your computer:
* Microsoft Shared Computer Toolkit 
* Remote Desktop Connection (RDP) 6.0 MUI pack (Update 925877 for
Windows XP)

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 3:13 PM
To: NT System Admin Issues
Subject: Re: Installed XP SP3 now Remote Desktop doesn't work

On Tue, May 20, 2008 at 6:08 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> I recall a KB or readme somewhere mention if you had upgraded the
stock XP
> RDP client to one of the newer versions, IE- RDP 6.0, you had to
remove it
> prior to installing XPSP3.

  As I understand it, it isn't the main MSTSC 6.0 update that got
pushed out to everyone via Windows Update that's the problem, but the
"Multilingual User Interface" pack (MSKB 925877).  See MSKB 950717 for
the official word.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread David Mazzaccaro 
Here's an update...
If I log on to my computer as the domain admin, mstsc.exe works
perfectly and allows me to connect to other machines.
If I log on with my domain account, DEP stops the application, and after
I close that, I get mstsc.exe caused an error and needs to close.
I set my "local administrators" group to include "authenticated users" -
thus making my domain account a local admin on the machine when I log
in.
Strange.


-Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 6:34 PM
To: NT System Admin Issues
Subject: RE: Installed XP SP3 now Remote Desktop doesn't work

I thought the MUI caused xpsp3 setup to throw an error and abort and the
issue was with one of the pre-release candidates, 6.1 some thing or
other,  but my recollection could be fuzzy. 

The article you cited seems to confirm what I read in the release notes,
since the OP indicate he got it installed, I thought of the other issue-

Windows XP SP3 cannot be installed if you have the following updates
installed on your computer:
* Microsoft Shared Computer Toolkit 
* Remote Desktop Connection (RDP) 6.0 MUI pack (Update 925877 for
Windows XP)

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 3:13 PM
To: NT System Admin Issues
Subject: Re: Installed XP SP3 now Remote Desktop doesn't work

On Tue, May 20, 2008 at 6:08 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> I recall a KB or readme somewhere mention if you had upgraded the
stock XP
> RDP client to one of the newer versions, IE- RDP 6.0, you had to
remove it
> prior to installing XPSP3.

  As I understand it, it isn't the main MSTSC 6.0 update that got
pushed out to everyone via Windows Update that's the problem, but the
"Multilingual User Interface" pack (MSKB 925877).  See MSKB 950717 for
the official word.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Backup Miracle

2008-05-20 Thread Benjamin Zachary - Lists 
Run vmware. Backup the vmdk at your leisure. This covers everything you need
and could be scripted with ntbackup and the free version and a 2nd drive in
the system, or use something like netbackup (livestate) to get a vss
snapshot of the drive with vmware on it.

 

Of course the free scenario requires you to suspend (or stop) your vm long
enough to copy it to a secondary area and then back it up from there. 

 

 

 

  _  

From: Neil Standley [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 6:16 PM
To: NT System Admin Issues
Subject: RE: Backup Miracle

 

Hi all,

 

We're looking to upgrade from an Exabyte VXA-2 autoloader to a Tandberg
Magnum LTO 3 or 4 autoloader and was wondering for those of you already
running these, what kind of horsepower do you have in your backup servers
and are you using SCSI or fiber channel?  Single, dual, quad proc?  How much
ram, and are you running multiple backup jobs at once?  I know you can do
that writing to disk but is that even possible while writing to tape? 

 

Neil

 

 

 

From: James Kerr [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, April 16, 2008 10:46 AM
To: NT System Admin Issues
Subject: Re: Backup Miracle

 

That doesn't require a miracle. Our LTO drives get almost a gig a minute
throughput. Well that's what backup exec reports anyhow. The server I just
looked at backs up 130GB with verify in less then 2.5 hours.

- Original Message - 

From: Jim Majorowicz   

To: NT System Admin Issues   

Sent: Wednesday, April 16, 2008 1:27 PM

Subject: Backup Miracle

 

I think I've been tasked with making something near impossible happen, so
I'm going to start by asking the question here then start my google-fu.  My
boss has just asked for a backup solution that will do the following:

 

Complete a full backup of SBS 2003 server.

There is currently nearly 300 GB of data on this server.

Wants Exchange included (Currently about 30 GB in size)

Wants a system state

Wants it verified.

Must be complete in 10 Hours!

 

The current backup system is taking about 24 hours to do this not including
the verify, and I think there may be an I/O problem as it is NTBACKUP with
BackupAssist v.4.0.16 backing up to a USB 2.0 drive.  Unless my math is off,
this backup should only take about 5 hours, assuming the transfer occurs at
about 20 Mbps.  Unfortunately there is some sort of bottleneck that is
throttling this back to about 4.

 

What am I missing that would help me fix this problem?

 

 

 
 
 

 

 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Ken Schaefer 
Did you check the User Accounts control panel? There is an option to manage 
saved passwords for users. Some users may have choosen to cache some 
passwords...

Cheers
Ken

> -Original Message-
> From: Edward B. DREGER [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, 21 May 2008 12:11 AM
> To: NT System Admin Issues
> Subject: RE: extra username/password prompting after DC migration
>
> MBS> Date: Tue, 20 May 2008 09:17:54 -0400
> MBS> From: Michael B. Smith
>
>
> MBS> It has lots of references, especially KB 884453, that you need to
> MBS> know about...(there is no qualitative difference between moving to
> MBS> a new SBS server vs. moving the A/D domain to standard, that I can
> MBS> think of)
>
> Thanks, but perhaps my original wording was vague or misleading.  I'm
> not moving from one SBS box to another.  (However, KB 884453 _is_ handy
> to know.  Many thanks for that!)  I converted an SBS box to Standard.
> That seemed to go okay.
>
> The problems began after demoting the SBS-turned-ServerStandard box.
> Some workstations seem to have cached
>
> OLDSERVER\username + password
>
> for authentication credentials.  Specifying proper domain credentials
> is easy enough (albeit annoying) for shares... but not so great when
> logging off and a profile doesn't sync.  (I've not tried accessing the
> profiles share directly, thus forcing a credentials request, before
> logging off.)
>
> I'm trying to ascertain why workstations are "getting goofy" about
> credentials... and why it coincides with the formerly-SBS server's
> demotion.
>
>
> Eddy
> --
> Everquick Internet - http://www.everquick.net/
> A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
> Bandwidth, consulting, e-commerce, hosting, and network building
> Phone: +1 785 865 5885 Lawrence and [inter]national
> Phone: +1 316 794 8922 Wichita
> ___
> _
> DO NOT send mail to the following addresses:
> [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
> Sending mail to spambait addresses is a great way to get blocked.
> Ditto for broken OOO autoresponders and foolish AV software
> backscatter.
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: opsmgr 2007 and agentless monitoring

2008-05-20 Thread Michael B. Smith 
I simply needed some real world examples that pointed out both the
advantages and disadvantages of agentless monitoring.

The OpsMgr online documentation is poor, at best, on this particular topic;
as is MSDN/Technet.

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: Malcolm Reitz [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 5:14 PM
To: NT System Admin Issues
Subject: RE: opsmgr 2007 and agentless monitoring

Cameron lists a lot of good points there. We've used agentless in a
couple of instances where, as he mentioned, the monitored servers could
not accept the agent.

Out of curiosity, what spurred your question? Are there scenarios you
will be, or are considering, using agentless monitoring? In a centrally
managed corporate environment like mine, I've so far seen relatively few
instances where it would be applicable or preferred over agent-based
monitoring.

Malcolm
-Original Message-
From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 20 May, 2008 14:39
To: NT System Admin Issues
Subject: RE: opsmgr 2007 and agentless monitoring

I asked on another list and got pointed to the link below. It covers the
details quite well and provides links to other informative resources:



Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: Steven Peck [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:50 PM
To: NT System Admin Issues
Subject: Re: opsmgr 2007 and agentless monitoring

When I asked that question during our POC in January I believe the
answer was, lots of stuff will not be available to you if you use WMI.
 To far removed from POC to be more specific.  Also, latency, load,
etc

Steven Peck
http://www.blkmtn.org

On Tue, May 20, 2008 at 10:57 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> Other than management server load, is there any reason NOT to use
agentless
> monitoring?
>
> Regards,
>
> Michael B. Smith
> MCSE/Exchange MVP
> http://TheEssentialExchange.com


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Ken Schaefer 
Additionally an RODC can be configured with a user (or group) as an 
Administrator of that machine (to perform maintenance tasks), without giving 
them Administrator privileges on all machines (via Domain Admins). Since the DC 
is read-only, the Admin can not make changes that would propagate back to the 
rest of the domain.
Cheers
Ken

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 21 May 2008 1:29 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

Thanks, Mike, that helps clarify it a bit. I look forward to learning more 
about Win2K8.


--
Wayne Eisenberg
Server and PC Support Manager
Pepsi Bottling Ventures, LLC



From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 10:48 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question
A RODC doesn't store passwords, except for those in specific groups, especially 
administrative passwords. It may talk to any RWDC, not just the "PDC". It may 
be a GC, or not.
If you want to look at it as a BDC, feel free. But it isn't JUST that.
It's designed to provide DC/GC capabilities in locations where there is little 
or no physical security, without jeopardizing the accounts database.
Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 10:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question


Don't even get me started on the superiority of eDirectory over AD. Novell has 
been eating MS's lunch, technically speaking, for years. I'm still amazed at 
how bad their marketing dept has mangled the company's fortunes.


I understand generally what the functions are meant to be, but my question was 
more of a comparison of the 2008 RODC and the NT4 BDC. How are they different, 
if they are different at all? If they're not different, how is this an advance 
for AD? Isn't it then just a roll-back to NT4 due to the inherent weakness of 
AD?


--
Wayne Eisenberg
Server and PC Support Manager
Pepsi Bottling Ventures, LLC



From: Tom Miller [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question
>From what I've read one of the functions of a read-only DC is to enhance 
>security in branch offices.  There's a chapter about it in my 2008 book 
>(Windows 2008 Server) and there are probably white papers on technet as well.

An interesting concept, something Novell's eDirectory has had for years.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>
I have a question that maybe someone here knows the answer to. All this talk 
about this great new advance in AD technology - a read-only DC. Maybe I don't 
have all the information yet, but it sure sounds a whole lot like an NT4 BDC to 
me. That was really the difference between a PDC and a BDC - the PDC was 
writable and the BDC wasn't. It sounds to me like maybe MS is acknowledging 
that AD is not all that robust after all and going back to the NT4 model, but 
spinning it to make people think it's an 'advance'. What do you think? Is it 
really a better AD or is it just the spin-meisters at work?

--
Wayne Eisenberg



Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

















~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Michael B. Smith 
The next O'Reilly book will point out that we've now taken A/D up to 2**32-1
objects for testing, and with Server 2008 A/D, you can stop and start the
directory service.

As for the other items - I have no idea. It really isn't relevant to me
which is "better" in any specific way. I know what pays my bills, and that's
what I support. J

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com

 

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 5:38 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 

Michael Smith's response was a good answer, and I appreciate his help.

 

Your second comment however was not. This is a list about supporting
Windows/AD (which we all do), so I will not get into a flame war about which
technology is better. However, it is known that eDirectory can scale to a
billion objects. According to the O'Reilly book on AD I am now going
through, MS has been able to test AD up to 40 million objects. Directory
replication is more efficient in eDir, partition boundaries and objects that
can be security principals are more robust, you can take the directory
offline for repair without downing the server, etc, etc. There are plenty of
white papers that go into it in depth. You can explore those if you would
like to understand how they compare. I will not discuss it further than
this. As others have already acknowledged, Novell's downfall is not their
technical prowess, but their incredibly weak marketing. That is why Tom,
myself, and other NetWare/eDir admins are now Windows/AD admins.

 

We now return to our regularly scheduled programming.

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 

  _  

From: Troy Meyer [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:14 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

To add,  This is not a step back to NT4 where you had to make your changes
on a single DC.  This is incorporating an additional security measure for
when you don't have physical security as tight in branch or remote
locations.  Yes this is very similar to BDCs, but without the inherent
weaknesses that existed in that model. 

BTW thanks for your comments on eDirectory, your summary has really helped
me understand how its far superior to AD.

 

-troy

 

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 7:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 



Don't even get me started on the superiority of eDirectory over AD. Novell
has been eating MS's lunch, technically speaking, for years. I'm still
amazed at how bad their marketing dept has mangled the company's fortunes.



 

I understand generally what the functions are meant to be, but my question
was more of a comparison of the 2008 RODC and the NT4 BDC. How are they
different, if they are different at all? If they're not different, how is
this an advance for AD? Isn't it then just a roll-back to NT4 due to the
inherent weakness of AD?

 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 

  _  

From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.

 

An interesting concept, something Novell's eDirectory has had for years.



>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>

I have a question that maybe someone here knows the answer to. All this talk
about this great new advance in AD technology - a read-only DC. Maybe I
don't have all the information yet, but it sure sounds a whole lot like an
NT4 BDC to me. That was really the difference between a PDC and a BDC - the
PDC was writable and the BDC wasn't. It sounds to me like maybe MS is
acknowledging that AD is not all that robust after all and going back to the
NT4 model, but spinning it to make people think it's an 'advance'. What do
you think? Is it really a better AD or is it just the spin-meisters at work?

-- 
Wayne Eisenberg 

 

 

Confidentiality Notice: This e-mail message, including attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message. 

 

 

 

 

 

 
 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~

Re: Defragmentation, Shadow copies and Server 2008

2008-05-20 Thread Salvador Manzo 
On 5/20/08 3:48 PM, "Jim Dandy" <[EMAIL PROTECTED]> wrote:

> I've read that defragmenting a partition with shadowcopy enabled causes
> the shadowcopies to be deleted.
> 
> http://support.microsoft.com/kb/312067/en-us

That... Seems incredibly stupid...  I'm guessing there were some very good
performance related reasons why that was chosen as the cutoff, but I don't
think I've ever setup a server partition with a greater than 8KB cluster
size (all DAS experience so far.)


> 
> I've also read stuff about the Vista defragmenter being shadowcopy aware
> 
> http://support.microsoft.com/kb/942092
> 
> Does anyone know if the Server 2008 defragmenter is shadowcopy aware?
> 
> Thanks for your help.
> 
> Curt 
> 
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~

---
Salvador Manzo  [ 620 W. 35th St - Los Angeles, CA 90089  e. [EMAIL PROTECTED] ]
Auxiliary Services IT, Datacenter
University of Southern California
818-612-5112


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Defragmentation, Shadow copies and Server 2008

2008-05-20 Thread Michael B. Smith 
Yes, it is.

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Jim Dandy [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 6:48 PM
To: NT System Admin Issues
Subject: Defragmentation, Shadow copies and Server 2008

I've read that defragmenting a partition with shadowcopy enabled causes
the shadowcopies to be deleted.

http://support.microsoft.com/kb/312067/en-us

I've also read stuff about the Vista defragmenter being shadowcopy aware

http://support.microsoft.com/kb/942092

Does anyone know if the Server 2008 defragmenter is shadowcopy aware?

Thanks for your help.

Curt 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Joe Heaton 
You've mentioned above that you're using something else.  What are you
using? 


Joe Heaton

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:36 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Sorry the short and skinny. 

Logmein loaded on PC's for some silly reason to support a project they
didn't think about a secure remote access solution to be in place. Some
dumb tech from support company started a scan against internal systems
which tripped off some syslogs and what not on internal systems, and
IPS/IDS. 

Basically Logmein is going bye bye never to return, it should have never
been implemented in the first place. 

Another PITA RAS out the door. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Joe Heaton [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 4:29 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Those pain meds are kicking in Z Not sure that was English. 


Joe Heaton

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread Free, Bob 
I thought the MUI caused xpsp3 setup to throw an error and abort and the
issue was with one of the pre-release candidates, 6.1 some thing or
other,  but my recollection could be fuzzy. 

The article you cited seems to confirm what I read in the release notes,
since the OP indicate he got it installed, I thought of the other issue-

Windows XP SP3 cannot be installed if you have the following updates
installed on your computer:
* Microsoft Shared Computer Toolkit 
* Remote Desktop Connection (RDP) 6.0 MUI pack (Update 925877 for
Windows XP)

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 3:13 PM
To: NT System Admin Issues
Subject: Re: Installed XP SP3 now Remote Desktop doesn't work

On Tue, May 20, 2008 at 6:08 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> I recall a KB or readme somewhere mention if you had upgraded the
stock XP
> RDP client to one of the newer versions, IE- RDP 6.0, you had to
remove it
> prior to installing XPSP3.

  As I understand it, it isn't the main MSTSC 6.0 update that got
pushed out to everyone via Windows Update that's the problem, but the
"Multilingual User Interface" pack (MSKB 925877).  See MSKB 950717 for
the official word.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Looking for application packager

2008-05-20 Thread Phil Brutsche 
Like Ben Scott said, if you need to create a transform the cheapest tool
out there is ORCA. The biggest problem with ORCA is knowing what values
in what tables to alter; it helps that quite a few of the more common
applications are listed on http://www.appdeploy.com.

Another one to consider is Advanced Installer
(http://www.advancedinstaller.com) - I have the Enterprise edition
myself, so I'm not unbiased ;) - it has an MSI import facility that has
proven invaluable in helping me determine what properties do what.

It also comes in real handy for those programs that don't have MSIs, but
need to be deployed anyways ;) At $499 US it might sound like a "monster
expensive package", but I assure you that really isn't expensive - the
monster expensive packages are thousands of USD.

Tom Miller wrote:
> Hi Folks:
>  
> Looking for an application for me to create MST files or simply
> re-package an MSI.  For use with a variety of applications.  I don't
> need a monster expensive package since I only need it occasionally.

-- 

Phil Brutsche
[EMAIL PROTECTED]

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Backup Miracle

2008-05-20 Thread Neil Standley 
Hi all,

 

We're looking to upgrade from an Exabyte VXA-2 autoloader to a Tandberg
Magnum LTO 3 or 4 autoloader and was wondering for those of you already
running these, what kind of horsepower do you have in your backup
servers and are you using SCSI or fiber channel?  Single, dual, quad
proc?  How much ram, and are you running multiple backup jobs at once?
I know you can do that writing to disk but is that even possible while
writing to tape? 

 

Neil

 

 

 

From: James Kerr [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, April 16, 2008 10:46 AM
To: NT System Admin Issues
Subject: Re: Backup Miracle

 

That doesn't require a miracle. Our LTO drives get almost a gig a minute
throughput. Well that's what backup exec reports anyhow. The server I
just looked at backs up 130GB with verify in less then 2.5 hours.

- Original Message - 

From: Jim Majorowicz   

To: NT System Admin Issues
  

Sent: Wednesday, April 16, 2008 1:27 PM

Subject: Backup Miracle

 

I think I've been tasked with making something near impossible
happen, so I'm going to start by asking the question here then start my
google-fu.  My boss has just asked for a backup solution that will do
the following:

 

Complete a full backup of SBS 2003 server.

There is currently nearly 300 GB of data on this server.

Wants Exchange included (Currently about 30 GB in size)

Wants a system state

Wants it verified.

Must be complete in 10 Hours!

 

The current backup system is taking about 24 hours to do this
not including the verify, and I think there may be an I/O problem as it
is NTBACKUP with BackupAssist v.4.0.16 backing up to a USB 2.0 drive.
Unless my math is off, this backup should only take about 5 hours,
assuming the transfer occurs at about 20 Mbps.  Unfortunately there is
some sort of bottleneck that is throttling this back to about 4.

 

What am I missing that would help me fix this problem?

 

 

 
 
 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread Ben Scott 
On Tue, May 20, 2008 at 6:08 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> I recall a KB or readme somewhere mention if you had upgraded the stock XP
> RDP client to one of the newer versions, IE- RDP 6.0, you had to remove it
> prior to installing XPSP3.

  As I understand it, it isn't the main MSTSC 6.0 update that got
pushed out to everyone via Windows Update that's the problem, but the
"Multilingual User Interface" pack (MSKB 925877).  See MSKB 950717 for
the official word.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread Ben Scott 
On Tue, May 20, 2008 at 4:57 PM, David Mazzaccaro
<[EMAIL PROTECTED]> wrote:
> So I installed SP3 for XP Professional (previously had SP2 installed), and
> now if I try to run "mstsc.exe" I get DEP (Data Execution Prevention)
> closing this program.

  Sounds like the executable, or something it depends on, is corrupted.

  You might try re-extracting the MSTSC.EXE from the SP3 kit.  If it's
a corrupt DLL file, that's harder to figure out.  Also see if there
are registry entries that MSTSC uses, and delete/rename them (maybe
the registry entries are bogus).  Also check for *.RDP files in your
user profile.  Maybe run it with Process Monitor watching to see what
it's doing right before it blows up.  Or maybe try creating a new user
account profile, and see if the problem persists there.

> I tried putting a check mark next to remote desktop connection in DEP
> settings, so it supposedly doesn't check that program, but it still closes
> it.

  DEP just watches for certain kinds of highly unusual program
behavior.  Such behavior is almost always a program bug (a buffer
overflow), not intended behavior.  So turning off DEP keeps the
program from being killed by DEP, but it doesn't mean the program
isn't going to crash anyway.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread Free, Bob 
I recall a KB or readme somewhere mention if you had upgraded the stock
XP RDP client to one of the newer versions, IE- RDP 6.0, you had to
remove it prior to installing XPSP3.

 

Could that be it?

 

From: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:58 PM
To: NT System Admin Issues
Subject: Installed XP SP3 now Remote Desktop doesn't work

 

So I installed SP3 for XP Professional (previously had SP2 installed),
and now if I try to run "mstsc.exe" I get DEP (Data Execution
Prevention) closing this program.

I tried putting a check mark next to remote desktop connection in DEP
settings, so it supposedly doesn't check that program, but it still
closes it.

Any ideas?

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Looking for application packager

2008-05-20 Thread Ben Scott 
On Tue, May 20, 2008 at 10:00 AM, Tom Miller <[EMAIL PROTECTED]> wrote:
> Looking for an application for me to create MST files or simply re-package
> an MSI.

  If you're just looking to tweak existing MSIs for deployment, the
ORCA tool from Microsoft works great for me.  You can get it for free
from the Microsoft web site, but you have to download the entire 600
MB "Platform SDK" to get it.

  If you're looking to build MSIs from scratch, ORCA's the wrong tool.
 There's the free WiX suite (also from Microsoft).  WiX appears to be
pretty powerful, but it's also correspondingly complex.  It's designed
to be part of an automated software build process; it's not a
stand-alone point-and-click affair.

-- Ben

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Benjamin Zachary - Lists 
The problem isn't logmein it's the function that logmein provides. Its been
my argument about gotomypc for the past few years as well. If someone has
your password they instantly have access to your computer in the office.


While we deploy a 3rd party remote access that's only allowed from our
office IP range, it also provides a proxy that ties into AD so if I let a
consultant go as soon as I disable their account they instantly lose remote
access capability.

its nice, its secure and for the 20 dollars/seat we are happy

Btw, its radmin :)







~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Eisenberg, Wayne 
Michael Smith's response was a good answer, and I appreciate his help.
 
Your second comment however was not. This is a list about supporting
Windows/AD (which we all do), so I will not get into a flame war about
which technology is better. However, it is known that eDirectory can
scale to a billion objects. According to the O'Reilly book on AD I am
now going through, MS has been able to test AD up to 40 million objects.
Directory replication is more efficient in eDir, partition boundaries
and objects that can be security principals are more robust, you can
take the directory offline for repair without downing the server, etc,
etc. There are plenty of white papers that go into it in depth. You can
explore those if you would like to understand how they compare. I will
not discuss it further than this. As others have already acknowledged,
Novell's downfall is not their technical prowess, but their incredibly
weak marketing. That is why Tom, myself, and other NetWare/eDir admins
are now Windows/AD admins.
 
We now return to our regularly scheduled programming.

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 



From: Troy Meyer [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:14 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question



To add,  This is not a step back to NT4 where you had to make your
changes on a single DC.  This is incorporating an additional security
measure for when you don't have physical security as tight in branch or
remote locations.  Yes this is very similar to BDCs, but without the
inherent weaknesses that existed in that model. 

BTW thanks for your comments on eDirectory, your summary has really
helped me understand how its far superior to AD.

 

-troy

 

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 7:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 



Don't even get me started on the superiority of eDirectory over AD.
Novell has been eating MS's lunch, technically speaking, for years. I'm
still amazed at how bad their marketing dept has mangled the company's
fortunes.



 

I understand generally what the functions are meant to be, but my
question was more of a comparison of the 2008 RODC and the NT4 BDC. How
are they different, if they are different at all? If they're not
different, how is this an advance for AD? Isn't it then just a roll-back
to NT4 due to the inherent weakness of AD?

 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 



From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.

 

An interesting concept, something Novell's eDirectory has had for years.



>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM
>>>

I have a question that maybe someone here knows the answer to. All this
talk about this great new advance in AD technology - a read-only DC.
Maybe I don't have all the information yet, but it sure sounds a whole
lot like an NT4 BDC to me. That was really the difference between a PDC
and a BDC - the PDC was writable and the BDC wasn't. It sounds to me
like maybe MS is acknowledging that AD is not all that robust after all
and going back to the NT4 model, but spinning it to make people think
it's an 'advance'. What do you think? Is it really a better AD or is it
just the spin-meisters at work?

-- 
Wayne Eisenberg 

 

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 





~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Group Policy to disable IP v6?

2008-05-20 Thread Jim Dandy 
Thanks

> -Original Message-
> From: Webster [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 1:56 PM
> To: NT System Admin Issues
> Subject: RE: Group Policy to disable IP v6?
> 
> Since you have Vista and Server 2008, I just know you are using a
Vista
> mgmt
> station to handle all your GPO work.  Use the Group Policy
Preferences,
> that
> makes it easier to push out registry stuff.
> 
> 
> Webster
> 
> > -Original Message-
> > From: Jim Dandy [mailto:[EMAIL PROTECTED]
> > Subject: RE: Group Policy to disable IP v6?
> >
> > Thanks.  I was kind of hoping for a regular policy rather than a reg
> > hack but this may have to do.
> 
> 
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: opsmgr 2007 and agentless monitoring

2008-05-20 Thread Malcolm Reitz 
Cameron lists a lot of good points there. We've used agentless in a
couple of instances where, as he mentioned, the monitored servers could
not accept the agent.

Out of curiosity, what spurred your question? Are there scenarios you
will be, or are considering, using agentless monitoring? In a centrally
managed corporate environment like mine, I've so far seen relatively few
instances where it would be applicable or preferred over agent-based
monitoring.

Malcolm
-Original Message-
From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 20 May, 2008 14:39
To: NT System Admin Issues
Subject: RE: opsmgr 2007 and agentless monitoring

I asked on another list and got pointed to the link below. It covers the
details quite well and provides links to other informative resources:



Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: Steven Peck [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:50 PM
To: NT System Admin Issues
Subject: Re: opsmgr 2007 and agentless monitoring

When I asked that question during our POC in January I believe the
answer was, lots of stuff will not be available to you if you use WMI.
 To far removed from POC to be more specific.  Also, latency, load,
etc

Steven Peck
http://www.blkmtn.org

On Tue, May 20, 2008 at 10:57 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> Other than management server load, is there any reason NOT to use
agentless
> monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> MCSE/Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~
This e-mail, including any attached files, may contain confidential and 
privileged information for the sole use of the intended recipient.  Any review, 
use, distribution, or disclosure by others is strictly prohibited.  If you are 
not the intended recipient (or authorized to receive information for the 
intended recipient), please contact the sender by reply e-mail and delete all 
copies of this message.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Exchange (Serverside) Auto Forwarding

2008-05-20 Thread Cameron 
I don't know if this would help, but we have our E2K3 set to auto forward
and you don't have to be logged in. We have an external contact setup and
then use ADUC to forward to this account. You could leave the move to
another folder setup and it *should* forward to the additional account as
well.

 

HTH

  _  

From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:32 AM
To: NT System Admin Issues
Subject: RE: Exchange (Serverside) Auto Forwarding

 

We have a few rules here that 'send mail' without the clients being open.
It's possible.

 

 

 

 

From: Sean Martin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:25 AM
To: NT System Admin Issues
Subject: Re: Exchange (Serverside) Auto Forwarding

 

I was always under the impression that any rule configured to "send mail"
could only be run with a locally logged in profile.

 

- Sean

 

On 5/20/08, Michael B. Smith <[EMAIL PROTECTED]> wrote: 

Create the rule in OWA. If it can't be created in OWA, then there is a
client-side portion to the rule.

 

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com  

 

From: Aaron T. Rohyans [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 9:42 AM
To: NT System Admin Issues
Subject: Exchange (Serverside) Auto Forwarding

 

Hi all,

I setup a rule within Outlook to autoforward specific e-mails to an offsite
address and move the message to a specific Inbox folder.  The rule is not
marked as "Client-only," however, only part of it runs if left unattended
with Outlook closed.  The message gets moved to the specified folder, but
never forwarded to the offsite e-mail address.  I always end up putting the
emails back into the general Inbox and manually running the rule - which
then works as intended and forwards the messages + moves it back to a
specified folder.

Am I missing something in order to make this work without Outlook running?
Is there a better way to accomplish this for a specific mailbox?

Thanks all,

Aaron

 

 

 

 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread David Lum 
Well OK...I use GPO's and utilize the OS firewalls of XP / 2K3 servers,
so very few ports on my systems can talk to very few ports on other
systems. Run the security configuration wizard and it locks down all
sorts of stuff. Your needs are different than mine, however, I don't
need to completely sandbox anyone, etc.

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:50 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

That might be true, but to me if I am not in full control of the
remote-access solution and it isn't secured, along with configurable (
additional ways to sandbox users to there own systems, and employ
firewalls to stop them talking with other systems, and best of all its
all logged where I retain the logs, then I really don't want to consider
the RAS solution. What we have now does all that pretty nicely. 

Sorry I am a little partial on using 3rd party hosted RAS solutions to
access systems via internet, you just asking for trouble. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:44 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It sounds like it's not Logmein, is the company who implemented it also
had other stuff on the Logmein systems. I had Lockheed come in and do a
vulnerability & PEN test one of my IT Garage client sites, I have
Logmein on three servers..they found nothing unusual, my only big hit
was a Win98 box on the same wire as the rest of the 2K / XP / 2K3
systems.

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It wasn't a server it was a workstation, and we caught scans coming from
those machines (via SNMP and other protocols) which wasn't normal, and
traced it back to the PC's with logmein on them. Plus the solution is
managed by a third party and not all that secure. So it means out with
that solution and in with something we control and is secure ( which we
already own)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:03 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation An

Installed XP SP3 now Remote Desktop doesn't work

2008-05-20 Thread David Mazzaccaro 
So I installed SP3 for XP Professional (previously had SP2 installed),
and now if I try to run "mstsc.exe" I get DEP (Data Execution
Prevention) closing this program.
I tried putting a check mark next to remote desktop connection in DEP
settings, so it supposedly doesn't check that program, but it still
closes it.
Any ideas?


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Group Policy to disable IP v6?

2008-05-20 Thread Webster 
Since you have Vista and Server 2008, I just know you are using a Vista mgmt
station to handle all your GPO work.  Use the Group Policy Preferences, that
makes it easier to push out registry stuff.


Webster

> -Original Message-
> From: Jim Dandy [mailto:[EMAIL PROTECTED]
> Subject: RE: Group Policy to disable IP v6?
> 
> Thanks.  I was kind of hoping for a regular policy rather than a reg
> hack but this may have to do.


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Chyka, Robert 
Hi ed,

Just out of curiosity which product do you use?


Thanks!

-Original Message-
From: "Ziots, Edward" <[EMAIL PROTECTED]>
To: "NT System Admin Issues" 
Sent: 5/20/08 4:49 PM
Subject: RE: [OT] Logmein

That might be true, but to me if I am not in full control of the
remote-access solution and it isn't secured, along with configurable (
additional ways to sandbox users to there own systems, and employ
firewalls to stop them talking with other systems, and best of all its
all logged where I retain the logs, then I really don't want to consider
the RAS solution. What we have now does all that pretty nicely. 

Sorry I am a little partial on using 3rd party hosted RAS solutions to
access systems via internet, you just asking for trouble. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:44 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It sounds like it's not Logmein, is the company who implemented it also
had other stuff on the Logmein systems. I had Lockheed come in and do a
vulnerability & PEN test one of my IT Garage client sites, I have
Logmein on three servers..they found nothing unusual, my only big hit
was a Win98 box on the same wire as the rest of the 2K / XP / 2K3
systems.

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It wasn't a server it was a workstation, and we caught scans coming from
those machines (via SNMP and other protocols) which wasn't normal, and
traced it back to the PC's with logmein on them. Plus the solution is
managed by a third party and not all that secure. So it means out with
that solution and in with something we control and is secure ( which we
already own)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:03 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Ziots, Edward 
That might be true, but to me if I am not in full control of the
remote-access solution and it isn't secured, along with configurable (
additional ways to sandbox users to there own systems, and employ
firewalls to stop them talking with other systems, and best of all its
all logged where I retain the logs, then I really don't want to consider
the RAS solution. What we have now does all that pretty nicely. 

Sorry I am a little partial on using 3rd party hosted RAS solutions to
access systems via internet, you just asking for trouble. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:44 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It sounds like it's not Logmein, is the company who implemented it also
had other stuff on the Logmein systems. I had Lockheed come in and do a
vulnerability & PEN test one of my IT Garage client sites, I have
Logmein on three servers..they found nothing unusual, my only big hit
was a Win98 box on the same wire as the rest of the 2K / XP / 2K3
systems.

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It wasn't a server it was a workstation, and we caught scans coming from
those machines (via SNMP and other protocols) which wasn't normal, and
traced it back to the PC's with logmein on them. Plus the solution is
managed by a third party and not all that secure. So it means out with
that solution and in with something we control and is secure ( which we
already own)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:03 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread David Lum 
It sounds like it's not Logmein, is the company who implemented it also
had other stuff on the Logmein systems. I had Lockheed come in and do a
vulnerability & PEN test one of my IT Garage client sites, I have
Logmein on three servers..they found nothing unusual, my only big hit
was a Win98 box on the same wire as the rest of the 2K / XP / 2K3
systems.

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

It wasn't a server it was a workstation, and we caught scans coming from
those machines (via SNMP and other protocols) which wasn't normal, and
traced it back to the PC's with logmein on them. Plus the solution is
managed by a third party and not all that secure. So it means out with
that solution and in with something we control and is secure ( which we
already own)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:03 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Ziots, Edward 
It wasn't a server it was a workstation, and we caught scans coming from
those machines (via SNMP and other protocols) which wasn't normal, and
traced it back to the PC's with logmein on them. Plus the solution is
managed by a third party and not all that secure. So it means out with
that solution and in with something we control and is secure ( which we
already own)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:03 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Ziots, Edward 
Sorry the short and skinny. 

Logmein loaded on PC's for some silly reason to support a project they
didn't think about a secure remote access solution to be in place. Some
dumb tech from support company started a scan against internal systems
which tripped off some syslogs and what not on internal systems, and
IPS/IDS. 

Basically Logmein is going bye bye never to return, it should have never
been implemented in the first place. 

Another PITA RAS out the door. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Joe Heaton [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 4:29 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Those pain meds are kicking in Z Not sure that was English. 


Joe Heaton

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Group Policy to disable IP v6?

2008-05-20 Thread Jim Dandy 
Thanks.  I was kind of hoping for a regular policy rather than a reg
hack but this may have to do.

Curt

> -Original Message-
> From: Webster [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 12:00 PM
> To: NT System Admin Issues
> Subject: RE: Group Policy to disable IP v6?
> 
> > -Original Message-
> > From: Jim Dandy [mailto:[EMAIL PROTECTED]
> > Subject: Group Policy to disable IP v6?
> >
> > I've had trouble with computers that are joined to my domain and
have
> > IP
> > v6 installed if they are running Vista SP1 or Server 2008.  The
> problem
> > goes away if you disable IP v6.  Is there a group policy to disable
> IP
> > v6?
> 
> First hit on the Google:
> 
> http://support.microsoft.com/kb/929852
> 
> 
> Webster
> 
> 
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Joe Heaton 
Those pain meds are kicking in Z Not sure that was English. 


Joe Heaton

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Sam Cayze 
Yeah, I didn't quite understand that either... 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:37 PM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: VM Mailing Lists?

2008-05-20 Thread Don Guyer 
http://lists.vmware.com/mailman/listinfo/vmi-list

Don Guyer
Systems Engineer
Information Services Department
Prudential Fox Roach/ Trident
431 W. Lancaster Avenue
Devon, PA 19333
Ph: (610) 993-3299
Fax: (610) 650-5306
www.prufoxroach.com
[EMAIL PROTECTED]
-Original Message-
From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:02 PM
To: NT System Admin Issues
Subject: RE: VM Mailing Lists?

Also, make sure you get on your local vmware user group list. Depending
on
your area you will get some decent notifications and information as well
as
meetings times where you can get some real good technical people in the
same
room to bounce off of. 

-Original Message-
From: Craig Gauss [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:39 AM
To: NT System Admin Issues
Subject: VM Mailing Lists?

We just recently implemented VM and a SAN.  Are there any lists like
this dealing with VM that anyone could recommend?

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity to
whom they are addressed. It may contain information protected by  
state and federal privacy and intellectual property laws. 
If you have received this email in error please 
notify the sender immediately and delete this e-mail from 
your system. If you are not the named addressee you should 
not disseminate, distribute or copy this e-mail, and you are 
notified that disclosing, copying, distributing or taking any 
action in reliance on the contents of this information is
strictly prohibited. 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: opsmgr 2007 and agentless monitoring

2008-05-20 Thread Michael B. Smith 
I asked on another list and got pointed to the link below. It covers the
details quite well and provides links to other informative resources:



Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: Steven Peck [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:50 PM
To: NT System Admin Issues
Subject: Re: opsmgr 2007 and agentless monitoring

When I asked that question during our POC in January I believe the
answer was, lots of stuff will not be available to you if you use WMI.
 To far removed from POC to be more specific.  Also, latency, load,
etc

Steven Peck
http://www.blkmtn.org

On Tue, May 20, 2008 at 10:57 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> Other than management server load, is there any reason NOT to use
agentless
> monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> MCSE/Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: opsmgr 2007 and agentless monitoring

2008-05-20 Thread David Lum 
LOL. I see that as not too different than arguing that a microwave "doesn't 
heat your food". I think it's pretty common to interpret "agentless" as meaning 
"no additional software required on the monitored system". It means one less 
piece to manage and have quit working...

My $0.02..

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 

-Original Message-
From: Dennis Melahn [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:27 AM
To: NT System Admin Issues
Subject: re: opsmgr 2007 and agentless monitoring

There is no such thing as agentless monitoring! You either use the one provided 
by the vendor of the monitoring software or you are using the one built into 
the OS.  That is a marketing scam and don't get sucked into it. 

Dennis


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread David Lum 
Can you clarify what you mean? The server with Logmein is trying to talk
to systems it shouldn't be?

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 


-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:53 AM
To: NT System Admin Issues
Subject: RE: [OT] Logmein

I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Group Policy to disable IP v6?

2008-05-20 Thread Webster 
> -Original Message-
> From: Jim Dandy [mailto:[EMAIL PROTECTED]
> Subject: Group Policy to disable IP v6?
> 
> I've had trouble with computers that are joined to my domain and have
> IP
> v6 installed if they are running Vista SP1 or Server 2008.  The problem
> goes away if you disable IP v6.  Is there a group policy to disable IP
> v6?

First hit on the Google:

http://support.microsoft.com/kb/929852


Webster


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Ziots, Edward 
I have seen weird things from Logmein in which systems with that one it
are initiating communications against internal systems they shouldn't be
touching, therefore logmein is going bye bye. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 2:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: opsmgr 2007 and agentless monitoring

2008-05-20 Thread Steven Peck 
When I asked that question during our POC in January I believe the
answer was, lots of stuff will not be available to you if you use WMI.
 To far removed from POC to be more specific.  Also, latency, load,
etc

Steven Peck
http://www.blkmtn.org

On Tue, May 20, 2008 at 10:57 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> Other than management server load, is there any reason NOT to use agentless
> monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> MCSE/Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [OT] Logmein

2008-05-20 Thread Sam Cayze 
Been solid here.  (Free version) 

-Original Message-
From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 1:24 PM
To: NT System Admin Issues
Subject: [OT] Logmein

Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

re: opsmgr 2007 and agentless monitoring

2008-05-20 Thread Dennis Melahn 
There is no such thing as agentless monitoring! You either use the one provided 
by the vendor of the monitoring software or you are using the one built into 
the OS.  That is a marketing scam and don't get sucked into it. 

Dennis


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

[OT] Logmein

2008-05-20 Thread David Lum 
Has anyone had problems with Logmein lately? I've had problems via
diseparate systems this last week...

Dave Lum  - Systems Engineer 
[EMAIL PROTECTED] - (971)-222-1025
"When you step on the brakes your life is in your foot's hands" 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Group Policy to disable IP v6?

2008-05-20 Thread Jim Dandy 
I've had trouble with computers that are joined to my domain and have IP
v6 installed if they are running Vista SP1 or Server 2008.  The problem
goes away if you disable IP v6.  Is there a group policy to disable IP
v6?

Curt

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

opsmgr 2007 and agentless monitoring

2008-05-20 Thread Michael B. Smith 
Other than management server load, is there any reason NOT to use agentless
monitoring?

 

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com

 


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Something New to worry about?

2008-05-20 Thread Salvador Manzo 
Must everything get a cute little l33t speak name?  Phlashing, seriously?
(solution, don¹t expose your embedded systems,  keep firmware updated on
YOUR schedule, and require some kind of authentication outside of defaults
if the hardware allows it.)


On 5/20/08 10:18 AM, "Krishna Reddy" <[EMAIL PROTECTED]> wrote:

> http://www.darkreading.com/document.asp?doc_id=154270&WT.svl=news1_1
>  
> Krishna Reddy
> IT Manager
> 
> 101 Bilby Road
> Hackettstown, NJ 07840
> t   908-852-3700 x3026
> f   908-852-5832
> m 908-313-6763
> [EMAIL PROTECTED]
> www.nucomm.com 
>  
> The information contained in this email and attachments to this email are the
> proprietary and confidential property
> of Nucomm, Inc.  The information is provided in strict confidence and shall
> not be reproduced, copied, or
> used (partially or wholly) in any manner without prior, express written
> authorization of Nucomm, Inc.
> 
> 

- 
Salvador Manzo  [ 620 W. 35th St - Los Angeles, CA 90089  e. [EMAIL PROTECTED] ]
Auxiliary Services IT, Datacenter
University of Southern California
818-612-5112
--- 
"Sometimes it is said that man can not be trusted with government of
himself. Can he, then, be trusted with the government of others? Or have we
found angels in the forms of kings to govern him? Let history answer this
question."
-- Thomas Jefferson (First Inaugural Address, 3/4 1801)


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~<>

Something New to worry about?

2008-05-20 Thread Krishna Reddy 
http://www.darkreading.com/document.asp?doc_id=154270&WT.svl=news1_1
 
Krishna Reddy
IT Manager
 
101 Bilby Road
Hackettstown, NJ 07840
t   908-852-3700 x3026
f   908-852-5832
m 908-313-6763
[EMAIL PROTECTED]
www.nucomm.com  
 





The information contained in this email and attachments to this email are the 
proprietary and confidential property 
of Nucomm, Inc.  The information is provided in strict confidence and shall not 
be reproduced, copied, or
used (partially or wholly) in any manner without prior, express written 
authorization of Nucomm, Inc.


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~<>

Re: [Robo]copy performance issue

2008-05-20 Thread Micheal Espinola Jr 
I'm terribly ashamed of myself for not thinking of it myself, but you
guys were of course right that it was a duplex issue on the port.

Thanks for the nudge!

-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: VM Mailing Lists?

2008-05-20 Thread Benjamin Zachary - Lists 
Also, make sure you get on your local vmware user group list. Depending on
your area you will get some decent notifications and information as well as
meetings times where you can get some real good technical people in the same
room to bounce off of. 

-Original Message-
From: Craig Gauss [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:39 AM
To: NT System Admin Issues
Subject: VM Mailing Lists?

We just recently implemented VM and a SAN.  Are there any lists like
this dealing with VM that anyone could recommend?

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: CTRL + Scroll wheel

2008-05-20 Thread Jim Majorowicz 
He probably does, but doesn't use the computer enough to know they exsist,
or has long figured out work arounds.

-Original Message-
From: Andy Ognenoff [mailto:[EMAIL PROTECTED] 
Sent: Monday, May 19, 2008 2:28 PM
To: NT System Admin Issues
Subject: RE: CTRL + Scroll wheel

> He has three versions of Office installed and bunch
>of little quirks we would be more than happy to figure out.

Wow...I can't believe he doesn't have more issues...

 - Andy O.




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: [Robo]copy performance issue

2008-05-20 Thread Micheal Espinola Jr 
Now that you and Michael mention it - it does ring of that type of an
issue.  I need to confirm the settings on the switch port.

Thanks!

On Tue, May 20, 2008 at 12:40 PM, mck1012 <[EMAIL PROTECTED]> wrote:
> sounds like a speed/duplex mismatch. I would try to hard code both the
> servers and the switch to 100 or 1000 /full if that does not work set the
> servers to auto, I have seen problems on some server NIC's and switches when
> both are set to 100/Full and network transfers are slow.
>
> Micheal Espinola Jr <[EMAIL PROTECTED]> wrote:
>
> Hi everyone,
>
> I"m seeing something peculiar with robocopy, and quite the opposite of
> anything I have seen before or would expect. I am performing a simple
> robocopy mirror copy between two servers. When these servers were
> attached to different uplinked switches, copy time/performance was as
> expected.
>
> I recently moved one of the servers so that it is connected to the
> same switch, and apparently all copy-related performance has become
> abismal - with network utilization staying below 1% ! Previously,
> when connected to an up-linked switch, the utilization would peak
> close to 50% during a large file copy. This happens with robocopy as
> well as an Windows GUI copy.
>
> The switches involved are Cisco 3560's. Both servers are currently
> attached to the same, while with the prior placement one of the
> servers was attached to a different 3560 that is up-linked via SFP.
>
> I'm currently at a loss as to why this is occuring. Any suggestions/ideas?
>
> TIA!
>
> --
> ME2
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
> ~ ~
>
>



-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: [Robo]copy performance issue

2008-05-20 Thread Micheal Espinola Jr 
The server definately is.  The switch should be, but I will have to
confirm.  Thanks for the idea!

On Tue, May 20, 2008 at 12:33 PM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> Well, the first question I always ask - are the ports locked at speed/duplex
> on both the server NICs and the switch ports?
>
> Regards,
>
> Michael B. Smith
> MCSE/Exchange MVP
> http://TheEssentialExchange.com
>
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: [Robo]copy performance issue
>
> Hi everyone,
>
> I"m seeing something peculiar with robocopy, and quite the opposite of
> anything I have seen before or would expect.  I am performing a simple
> robocopy mirror copy between two servers.  When these servers were
> attached to different uplinked switches, copy time/performance was as
> expected.
>
> I recently moved one of the servers so that it is connected to the
> same switch, and apparently all copy-related performance has become
> abismal - with network utilization staying below 1% !  Previously,
> when connected to an up-linked switch, the utilization would peak
> close to 50% during a large file copy.  This happens with robocopy as
> well as an Windows GUI copy.
>
> The switches involved are Cisco 3560's.  Both servers are currently
> attached to the same, while with the prior placement one of the
> servers was attached to a different 3560 that is up-linked via SFP.
>
> I'm currently at a loss as to why this is occuring.  Any suggestions/ideas?
>
> TIA!
>
> --
> ME2
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>



-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: [Robo]copy performance issue

2008-05-20 Thread mck1012 
sounds like a speed/duplex mismatch. I would try to hard code both the servers 
and the switch to 100 or 1000 /full if that does not work set the servers to 
auto, I have seen problems on some server NIC's and switches when both are set 
to 100/Full and network transfers are slow.

Micheal Espinola Jr <[EMAIL PROTECTED]> wrote:  Hi everyone,

I"m seeing something peculiar with robocopy, and quite the opposite of
anything I have seen before or would expect. I am performing a simple
robocopy mirror copy between two servers. When these servers were
attached to different uplinked switches, copy time/performance was as
expected.

I recently moved one of the servers so that it is connected to the
same switch, and apparently all copy-related performance has become
abismal - with network utilization staying below 1% ! Previously,
when connected to an up-linked switch, the utilization would peak
close to 50% during a large file copy. This happens with robocopy as
well as an Windows GUI copy.

The switches involved are Cisco 3560's. Both servers are currently
attached to the same, while with the prior placement one of the
servers was attached to a different 3560 that is up-linked via SFP.

I'm currently at a loss as to why this is occuring. Any suggestions/ideas?

TIA!

-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ ~


   
~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Nikki Peterson - OETX 
Perhaps a client level issue (of a sort). Windows XP SP3 includes
A patch (per my question to a Softie who confirms this):
You cannot access network resources after you try to log on to a
Windows XP Service Pack 2 based computer: Hotfix KB885887
http://support.microsoft.com/kb/885887/en-us 

I found this after my LCS Communicator clients were
Getting knocked off the server. They were getting the errors
As outlined in the article below. This led me to the KB885887
Hotfix.

You cannot access resources after you install Security
Bulletin MS-04-011 or Windows XP Service Pack 2
http://support.microsoft.com/kb/891559/en-us

Have you checked the clients machines event logs for anything?

Nikki Peterson

-Original Message-
From: Edward B. DREGER [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 8:43 AM
To: NT System Admin Issues
Subject: RE: extra username/password prompting after DC migration

CB> Date: Tue, 20 May 2008 09:37:25 -0500
CB> From: Christopher Boggs

CB> OK, now that you've clarified a bit... maybe you have stored
CB> credentials that don't work anymore?

No; I probably should have specified that at first.  I could well be
wrong, but it "feels" AD-related.

Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: [Robo]copy performance issue

2008-05-20 Thread Michael B. Smith 
Well, the first question I always ask - are the ports locked at speed/duplex
on both the server NICs and the switch ports?

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 12:27 PM
To: NT System Admin Issues
Subject: [Robo]copy performance issue

Hi everyone,

I"m seeing something peculiar with robocopy, and quite the opposite of
anything I have seen before or would expect.  I am performing a simple
robocopy mirror copy between two servers.  When these servers were
attached to different uplinked switches, copy time/performance was as
expected.

I recently moved one of the servers so that it is connected to the
same switch, and apparently all copy-related performance has become
abismal - with network utilization staying below 1% !  Previously,
when connected to an up-linked switch, the utilization would peak
close to 50% during a large file copy.  This happens with robocopy as
well as an Windows GUI copy.

The switches involved are Cisco 3560's.  Both servers are currently
attached to the same, while with the prior placement one of the
servers was attached to a different 3560 that is up-linked via SFP.

I'm currently at a loss as to why this is occuring.  Any suggestions/ideas?

TIA!

-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

[Robo]copy performance issue

2008-05-20 Thread Micheal Espinola Jr 
Hi everyone,

I"m seeing something peculiar with robocopy, and quite the opposite of
anything I have seen before or would expect.  I am performing a simple
robocopy mirror copy between two servers.  When these servers were
attached to different uplinked switches, copy time/performance was as
expected.

I recently moved one of the servers so that it is connected to the
same switch, and apparently all copy-related performance has become
abismal - with network utilization staying below 1% !  Previously,
when connected to an up-linked switch, the utilization would peak
close to 50% during a large file copy.  This happens with robocopy as
well as an Windows GUI copy.

The switches involved are Cisco 3560's.  Both servers are currently
attached to the same, while with the prior placement one of the
servers was attached to a different 3560 that is up-linked via SFP.

I'm currently at a loss as to why this is occuring.  Any suggestions/ideas?

TIA!

-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: TS Clusters and PST Files - Looking for Suggestions

2008-05-20 Thread S Conn. 
PostPath is a stack of pretty right there.  I'm downloading the VM
appliance of it right now for testing.

I'm not sure if I'd be able to get it (politics with the email admins
again) but I'm definitely going to give it a shot.

Seth

On Tue, May 20, 2008 at 8:51 AM, Eisenberg, Wayne
<[EMAIL PROTECTED]> wrote:
> Have you looked at PostPath?
>
>
> --
> Wayne Eisenberg
>
> 
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 8:45 AM
> To: NT System Admin Issues
> Subject: Re: TS Clusters and PST Files - Looking for Suggestions
>
>
> "S Conn." <[EMAIL PROTECTED]> wrote on 05/20/2008 01:49:16 AM:
>
>> Hey guys I'm looking for suggestions.  Here's the deal.  I have NO
>> Exchange server.  Management won't buy it, too expensive, especially
>> since Linux alternatives are "cheaper".  I've been fighting this
>> losing battle for years now.  If I did have Exchange, the upcoming
>> question would be null.
>
> I used to run a small Exchange 5.5, then upgraded to Ex 2007, for like 60
> users. Linux alternatives (if all you're looking for is mail, and not things
> like shared/workgroup calenders, public folders, etc), then Linux probably
> would be cheaper, both in upfront license costs, hardware requirements, and
> time maintaining.
>
>> All 400+ of my users are using POP3 with Outlook 2003 or 2007.  I just
>> gotten the ability to do IMAP, but the trick there is that there is a
>> 90 day message limit on the server.  This causes issues with many
>> users since they like to keep EVERYTHING.
>
> So the POP server is *not* one you control?
>
> And every user wants to either keep everything forever, or not keep anything
> ever. :-)
>
>> Setting up local PSTs on most user's PCs is ok, especially since most
>> users understand the risks associated with doing so.  Where I'm
>> running into issues is on my Terminal Servers.  I have a few
>> "stand-alone" Terminal Servers, where users are assigned one specific
>> server and that's it.  They have a local profile on these servers, so
>> their PSTs don't move across the network at all.  I'm not using Citrix
>> here, just normal Windows 2003 Terminal Server.
>
> I'd go IMAP (probably Courier) on Linux, if it were me, and you're not
> looking for collaboration (such as calendaring; there are other
> add-ons/programs for that, none quite as easy or integrated as Exchange).
> This presumes that I can run and control my own Linux server, of course. You
> can even web front-end it, using sqwebmail or Squirrelmail (which I prefer).
>
>>
>> My current setup will not last.  I need to find a way to either not
>> use the PST files at all or find a way to reliably provide access to
>> PSTs without killing my network.  I thought about using a logon/logoff
>> script to copy the PSTs to/from the network shares, but I'm afraid
>> that it'll be too slow (my users like to have 1gb+ PSTs) and it won't
>> handle non-logoff situations well (like a sudden reboot).
>
> Yeah, I don't think that'll work well. You're trying to emulate offline
> files then.
>
>>
>> Does anyone have any suggestions, workarounds, or solutions?  Anyone
>> dealing with this issue now or found a way to deal with it?
>>
>> I really appreciate your help and suggestions on this.
>>
>> Thanks,
>>
>> Seth
>
> So your POP server is owned and maintained by your ISP? Do they offer IMAP
> services?
>
> Good luck.
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Internet Faxing

2008-05-20 Thread Rod Trent 
http://www.fax.com/ 

 

From: Joseph L. Casale [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 11:49 AM
To: NT System Admin Issues
Subject: Internet Faxing

 

Can anyone vouch for a quality NA provider hopefully in Canada that does
this?
Although a quick search in Google yields many, I was hoping to go with a
vendor that is known by someone to work well.

 

Thanks!
jlc

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Internet Faxing

2008-05-20 Thread Joseph L. Casale 
Can anyone vouch for a quality NA provider hopefully in Canada that does this?
Although a quick search in Google yields many, I was hoping to go with a vendor 
that is known by someone to work well.

Thanks!
jlc

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Edward B. DREGER 
CB> Date: Tue, 20 May 2008 09:37:25 -0500
CB> From: Christopher Boggs

CB> OK, now that you've clarified a bit... maybe you have stored
CB> credentials that don't work anymore?

No; I probably should have specified that at first.  I could well be
wrong, but it "feels" AD-related.


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Exchange (Serverside) Auto Forwarding

2008-05-20 Thread Sam Cayze 
We have a few rules here that 'send mail' without the clients being
open.  It's possible.

 

 

 

 

From: Sean Martin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:25 AM
To: NT System Admin Issues
Subject: Re: Exchange (Serverside) Auto Forwarding

 

I was always under the impression that any rule configured to "send
mail" could only be run with a locally logged in profile.

 

- Sean

 

On 5/20/08, Michael B. Smith <[EMAIL PROTECTED]> wrote: 

Create the rule in OWA. If it can't be created in OWA, then there is a
client-side portion to the rule.

 

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com  

 

From: Aaron T. Rohyans [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 9:42 AM
To: NT System Admin Issues
Subject: Exchange (Serverside) Auto Forwarding

 

Hi all,

I setup a rule within Outlook to autoforward specific e-mails to an
offsite address and move the message to a specific Inbox folder.  The
rule is not marked as "Client-only," however, only part of it runs if
left unattended with Outlook closed.  The message gets moved to the
specified folder, but never forwarded to the offsite e-mail address.  I
always end up putting the emails back into the general Inbox and
manually running the rule - which then works as intended and forwards
the messages + moves it back to a specified folder.

Am I missing something in order to make this work without Outlook
running?  Is there a better way to accomplish this for a specific
mailbox?

Thanks all,

Aaron

 

 

 

 


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: xonbi: a warning (cached mode no longer a requirement)

2008-05-20 Thread Micheal Espinola Jr 
Perhaps there is a setting that can be enforced via GPO.  I dont know
myself, but I would certainly hope so.


On Tue, May 20, 2008 at 11:08 AM, Senter, John <[EMAIL PROTECTED]> wrote:
> Well that sucks.  So what do you when users start downloading this app
> and cause your Exchange servers to grind to a halt as the indexes run.
> I guess it is time to try and block the executable from running.
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 20, 2008 10:36 AM
> To: NT System Admin Issues
> Subject: xonbi: a warning (cached mode no longer a requirement)
>
> A recent update to xonbi now allows it to run in regular mode -
> instead of only in cached mode.  It will display a performance warning
> at the top of its frame in Outlook.
> --
> ME2
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>



-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Eisenberg, Wayne 
Thanks, Mike, that helps clarify it a bit. I look forward to learning
more about Win2K8.
 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 



From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:48 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question



A RODC doesn't store passwords, except for those in specific groups,
especially administrative passwords. It may talk to any RWDC, not just
the "PDC". It may be a GC, or not.

If you want to look at it as a BDC, feel free. But it isn't JUST that.

It's designed to provide DC/GC capabilities in locations where there is
little or no physical security, without jeopardizing the accounts
database.

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com

 

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 



Don't even get me started on the superiority of eDirectory over AD.
Novell has been eating MS's lunch, technically speaking, for years. I'm
still amazed at how bad their marketing dept has mangled the company's
fortunes.



 

I understand generally what the functions are meant to be, but my
question was more of a comparison of the 2008 RODC and the NT4 BDC. How
are they different, if they are different at all? If they're not
different, how is this an advance for AD? Isn't it then just a roll-back
to NT4 due to the inherent weakness of AD?

 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 



From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.

 

An interesting concept, something Novell's eDirectory has had for years.



>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM
>>>

I have a question that maybe someone here knows the answer to. All this
talk about this great new advance in AD technology - a read-only DC.
Maybe I don't have all the information yet, but it sure sounds a whole
lot like an NT4 BDC to me. That was really the difference between a PDC
and a BDC - the PDC was writable and the BDC wasn't. It sounds to me
like maybe MS is acknowledging that AD is not all that robust after all
and going back to the NT4 model, but spinning it to make people think
it's an 'advance'. What do you think? Is it really a better AD or is it
just the spin-meisters at work?

-- 
Wayne Eisenberg 

 

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 






~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Exchange (Serverside) Auto Forwarding

2008-05-20 Thread Sean Martin 
I was always under the impression that any rule configured to "send mail"
could only be run with a locally logged in profile.

- Sean


On 5/20/08, Michael B. Smith <[EMAIL PROTECTED]> wrote:
>
>  Create the rule in OWA. If it can't be created in OWA, then there is a
> client-side portion to the rule.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> MCSE/Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Aaron T. Rohyans [mailto:[EMAIL PROTECTED]
> *Sent:* Tuesday, May 20, 2008 9:42 AM
> *To:* NT System Admin Issues
> *Subject:* Exchange (Serverside) Auto Forwarding
>
>
>
> Hi all,
>
> I setup a rule within Outlook to autoforward specific e-mails to an offsite
> address and move the message to a specific Inbox folder.  The rule is not
> marked as "Client-only," however, only part of it runs if left unattended
> with Outlook closed.  The message gets moved to the specified folder, but
> never forwarded to the offsite e-mail address.  I always end up putting the
> emails back into the general Inbox and manually running the rule – which
> then works as intended and forwards the messages + moves it back to a
> specified folder.
>
> Am I missing something in order to make this work without Outlook running?
> Is there a better way to accomplish this for a specific mailbox?
>
> Thanks all,
>
> Aaron
>
>
>
>
>
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Steve Kelsay 
I know what you mean. Novel is years ahead of Microsoft in networking,
but has been losing market share for years.

 

 

From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:54 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 

OT:  No, Novell has not been eating Microsoft's lunch.  However the
company has a terrible history with marketing its good products to the
right people and unless they do something soon.  Hence, I"m dumping eDir
for AD DS as well.  Tired of being the only one here who can support it.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 10:38 AM
>>>



Don't even get me started on the superiority of eDirectory over AD.
Novell has been eating MS's lunch, technically speaking, for years. I'm
still amazed at how bad their marketing dept has mangled the company's
fortunes.



 

I understand generally what the functions are meant to be, but my
question was more of a comparison of the 2008 RODC and the NT4 BDC. How
are they different, if they are different at all? If they're not
different, how is this an advance for AD? Isn't it then just a roll-back
to NT4 due to the inherent weakness of AD?

 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 



From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.

 

An interesting concept, something Novell's eDirectory has had for years.



>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM
>>>

I have a question that maybe someone here knows the answer to. All this
talk about this great new advance in AD technology - a read-only DC.
Maybe I don't have all the information yet, but it sure sounds a whole
lot like an NT4 BDC to me. That was really the difference between a PDC
and a BDC - the PDC was writable and the BDC wasn't. It sounds to me
like maybe MS is acknowledging that AD is not all that robust after all
and going back to the NT4 model, but spinning it to make people think
it's an 'advance'. What do you think? Is it really a better AD or is it
just the spin-meisters at work?

-- 
Wayne Eisenberg 

 

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Troy Meyer 
To add,  This is not a step back to NT4 where you had to make your changes on a 
single DC.  This is incorporating an additional security measure for when you 
don't have physical security as tight in branch or remote locations.  Yes this 
is very similar to BDCs, but without the inherent weaknesses that existed in 
that model.
BTW thanks for your comments on eDirectory, your summary has really helped me 
understand how its far superior to AD.

-troy

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 7:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question


Don't even get me started on the superiority of eDirectory over AD. Novell has 
been eating MS's lunch, technically speaking, for years. I'm still amazed at 
how bad their marketing dept has mangled the company's fortunes.


I understand generally what the functions are meant to be, but my question was 
more of a comparison of the 2008 RODC and the NT4 BDC. How are they different, 
if they are different at all? If they're not different, how is this an advance 
for AD? Isn't it then just a roll-back to NT4 due to the inherent weakness of 
AD?


--
Wayne Eisenberg
Server and PC Support Manager
Pepsi Bottling Ventures, LLC



From: Tom Miller [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question
>From what I've read one of the functions of a read-only DC is to enhance 
>security in branch offices.  There's a chapter about it in my 2008 book 
>(Windows 2008 Server) and there are probably white papers on technet as well.

An interesting concept, something Novell's eDirectory has had for years.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>
I have a question that maybe someone here knows the answer to. All this talk 
about this great new advance in AD technology - a read-only DC. Maybe I don't 
have all the information yet, but it sure sounds a whole lot like an NT4 BDC to 
me. That was really the difference between a PDC and a BDC - the PDC was 
writable and the BDC wasn't. It sounds to me like maybe MS is acknowledging 
that AD is not all that robust after all and going back to the NT4 model, but 
spinning it to make people think it's an 'advance'. What do you think? Is it 
really a better AD or is it just the spin-meisters at work?

--
Wayne Eisenberg



Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.







~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: xonbi: a warning (cached mode no longer a requirement)

2008-05-20 Thread Senter, John 
Well that sucks.  So what do you when users start downloading this app
and cause your Exchange servers to grind to a halt as the indexes run.
I guess it is time to try and block the executable from running.

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:36 AM
To: NT System Admin Issues
Subject: xonbi: a warning (cached mode no longer a requirement)

A recent update to xonbi now allows it to run in regular mode -
instead of only in cached mode.  It will display a performance warning
at the top of its frame in Outlook.
-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: OT Cisco switch password recovery

2008-05-20 Thread Christopher J. Bosak 
I would have rebuilt just to be on the safe side. It's rare that only the
filename itself gets corrupted without the file contents getting corrupted
as well.

 

As we said back in my CCNA days, it's better to be safe than sorry. 

 

Christopher J. Bosak

Vector Company

c. 847.603.4673

[EMAIL PROTECTED]

 

"You need to install an RTFM Interface, due to an LBNC issue."

- B.O.F.H. (Merged 2 into 1) - Me

 

From: Eldridge, Dave [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 08:35 hrs
To: NT System Admin Issues
Subject: OT Cisco switch password recovery

 

OffTopic:

 

I have this posted elsewhere but I know there's some Cisco smarts here.

I had to do a pw recovery on a couple of 3750's and when I went to rename
the config.text.old file back to config.text I showed the following dir
flash:

Directory of flash:/

 

2  -rwx6443   Mar 8 1993 23:12:38 +00:00
config.old^[[D^[[D^[[Dtext.old

3  -rwx   5   Mar 8 1993 23:12:38 +00:00  private-config.text

4  -rwx3976   May 4 1993 23:55:00 +00:00  vlan.dat

6  drwx 192   Mar 1 1993 00:09:33 +00:00
c3750-ipbase-mz.122-35.SE5

 

Something must have gotten corrupt  in the first reboot but I still should
have been able to rename the file anyway.

This is what I was getting.

 

rename flash:config.old^[[D^[[D^[[Dtext.old flash:config.text

Destination filename [config.text]? 

%Error renaming flash:config.old^[[D^[[D^[[Dtext.old to flash:config.text
(No such file or directory)

 

I was pressed for time so I had to rebuild the config. L 

Should renaming this have worked?

 

 

This e-mail contains the thoughts and opinions of the sender and does not
represent official Parkview Medical Center policy.

This communication is intended only for the recipient(s) named above, may be
confidential and/or legally privileged: and, must be treated as such in
accordance with state and federal laws. If you are not the intended
recipient, you are hereby notified that any use of this communication, or
any of its contents, is prohibited. If you have received this communication
in error, please return to sender and delete the message from your computer
system.

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Tom Miller 
OT:  No, Novell has not been eating Microsoft's lunch.  However the company has 
a terrible history with marketing its good products to the right people and 
unless they do something soon.  Hence, I"m dumping eDir for AD DS as well.  
Tired of being the only one here who can support it.  

>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 10:38 AM >>>

Don't even get me started on the superiority of eDirectory over AD. Novell has 
been eating MS's lunch, technically speaking, for years. I'm still amazed at 
how bad their marketing dept has mangled the company's fortunes.

 
I understand generally what the functions are meant to be, but my question was 
more of a comparison of the 2008 RODC and the NT4 BDC. How are they different, 
if they are different at all? If they're not different, how is this an advance 
for AD? Isn't it then just a roll-back to NT4 due to the inherent weakness of 
AD?
 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 
 

From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance 
>security in branch offices.  There's a chapter about it in my 2008 book 
>(Windows 2008 Server) and there are probably white papers on technet as well.
 
An interesting concept, something Novell's eDirectory has had for years.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>
I have a question that maybe someone here knows the answer to. All this talk 
about this great new advance in AD technology - a read-only DC. Maybe I don't 
have all the information yet, but it sure sounds a whole lot like an NT4 BDC to 
me. That was really the difference between a PDC and a BDC - the PDC was 
writable and the BDC wasn't. It sounds to me like maybe MS is acknowledging 
that AD is not all that robust after all and going back to the NT4 model, but 
spinning it to make people think it's an 'advance'. What do you think? Is it 
really a better AD or is it just the spin-meisters at work?

-- 
Wayne Eisenberg 





Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 






Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: xonbi: a warning (cached mode no longer a requirement)

2008-05-20 Thread Alex Eckelberry 
This is good to know, thanks.  I didn't like that previous requirement
(which wasn't in the earlier betas). 

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:36 AM
To: NT System Admin Issues
Subject: xonbi: a warning (cached mode no longer a requirement)

A recent update to xonbi now allows it to run in regular mode - instead
of only in cached mode.  It will display a performance warning at the
top of its frame in Outlook.
--
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Michael B. Smith 
A RODC doesn't store passwords, except for those in specific groups,
especially administrative passwords. It may talk to any RWDC, not just the
"PDC". It may be a GC, or not.

If you want to look at it as a BDC, feel free. But it isn't JUST that.

It's designed to provide DC/GC capabilities in locations where there is
little or no physical security, without jeopardizing the accounts database.

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com

 

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:38 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 AD question

 



Don't even get me started on the superiority of eDirectory over AD. Novell
has been eating MS's lunch, technically speaking, for years. I'm still
amazed at how bad their marketing dept has mangled the company's fortunes.



 

I understand generally what the functions are meant to be, but my question
was more of a comparison of the 2008 RODC and the NT4 BDC. How are they
different, if they are different at all? If they're not different, how is
this an advance for AD? Isn't it then just a roll-back to NT4 due to the
inherent weakness of AD?

 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 

 

  _  

From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question

>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.

 

An interesting concept, something Novell's eDirectory has had for years.



>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>

I have a question that maybe someone here knows the answer to. All this talk
about this great new advance in AD technology - a read-only DC. Maybe I
don't have all the information yet, but it sure sounds a whole lot like an
NT4 BDC to me. That was really the difference between a PDC and a BDC - the
PDC was writable and the BDC wasn't. It sounds to me like maybe MS is
acknowledging that AD is not all that robust after all and going back to the
NT4 model, but spinning it to make people think it's an 'advance'. What do
you think? Is it really a better AD or is it just the spin-meisters at work?

-- 
Wayne Eisenberg 

 

 

Confidentiality Notice: This e-mail message, including attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message. 

 

 

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: VM Mailing Lists?

2008-05-20 Thread Rod Trent 
http://www.myitforum.com/lists/#Virtualization 

-Original Message-
From: Craig Gauss [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:39 AM
To: NT System Admin Issues
Subject: VM Mailing Lists?

We just recently implemented VM and a SAN.  Are there any lists like
this dealing with VM that anyone could recommend?

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

VM Mailing Lists?

2008-05-20 Thread Craig Gauss 
We just recently implemented VM and a SAN.  Are there any lists like
this dealing with VM that anyone could recommend?

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Eisenberg, Wayne 

Don't even get me started on the superiority of eDirectory over AD.
Novell has been eating MS's lunch, technically speaking, for years. I'm
still amazed at how bad their marketing dept has mangled the company's
fortunes.

 
I understand generally what the functions are meant to be, but my
question was more of a comparison of the 2008 RODC and the NT4 BDC. How
are they different, if they are different at all? If they're not
different, how is this an advance for AD? Isn't it then just a roll-back
to NT4 due to the inherent weakness of AD?
 

-- 
Wayne Eisenberg 
Server and PC Support Manager
Pepsi Bottling Ventures, LLC 

 



From: Tom Miller [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:12 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 AD question


>From what I've read one of the functions of a read-only DC is to enhance
security in branch offices.  There's a chapter about it in my 2008 book
(Windows 2008 Server) and there are probably white papers on technet as
well.
 
An interesting concept, something Novell's eDirectory has had for years.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM
>>>

I have a question that maybe someone here knows the answer to. All this
talk about this great new advance in AD technology - a read-only DC.
Maybe I don't have all the information yet, but it sure sounds a whole
lot like an NT4 BDC to me. That was really the difference between a PDC
and a BDC - the PDC was writable and the BDC wasn't. It sounds to me
like maybe MS is acknowledging that AD is not all that robust after all
and going back to the NT4 model, but spinning it to make people think
it's an 'advance'. What do you think? Is it really a better AD or is it
just the spin-meisters at work?

-- 
Wayne Eisenberg 




Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Christopher Boggs 

OK, now that you've clarified a bit... maybe you have stored credentials
that don't work anymore?

On the offending workstations, Check in Control Panel>User
Accounts>Advanced Tab>Manage Passwords and see if any user/pass is
listed.  If so, clear it and windows should use the currently logged on
credentials when accessing shares.


-Original Message-
From: Edward B. DREGER [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 9:35 AM
To: NT System Admin Issues
Subject: RE: extra username/password prompting after DC migration

MBS> Date: Tue, 20 May 2008 10:16:05 -0400
MBS> From: Michael B. Smit

MBS> Oh, I understood. My point was, the process should be the same.

Ah, okay.  Pardon my tired brain.


MBS> I can't explain exactly WHY you are getting what you are getting -
MBS> but this (also from the SBS Migration white paper) should provide
MBS> you a mechanism for working around it:

I have reason to doubt that I should try that exact procedure, but it
gives much insight about what's happening "behind the scenes".  Details
about the underlying principles give me a starting point for what to try
next.

I'd much rather learn to fish than to be given a fish, so I thank you...
now that I know you were indeed talking about fishing. :-)


Thanks again!
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

xonbi: a warning (cached mode no longer a requirement)

2008-05-20 Thread Micheal Espinola Jr 
A recent update to xonbi now allows it to run in regular mode -
instead of only in cached mode.  It will display a performance warning
at the top of its frame in Outlook.
-- 
ME2

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Edward B. DREGER 
MBS> Date: Tue, 20 May 2008 10:16:05 -0400
MBS> From: Michael B. Smit

MBS> Oh, I understood. My point was, the process should be the same.

Ah, okay.  Pardon my tired brain.


MBS> I can't explain exactly WHY you are getting what you are getting -
MBS> but this (also from the SBS Migration white paper) should provide
MBS> you a mechanism for working around it:

I have reason to doubt that I should try that exact procedure, but it
gives much insight about what's happening "behind the scenes".  Details
about the underlying principles give me a starting point for what to try
next.

I'd much rather learn to fish than to be given a fish, so I thank you...
now that I know you were indeed talking about fishing. :-)


Thanks again!
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Windows 2008 AD question

2008-05-20 Thread Tim Vander Kooi 
I don't believe that RODC's have anything to do with AD not being robust 
enough. It is an acknowledgement that not all locations that might require a 
Domain Controller can be physically secured. An RODC allows you to control if 
any, all, or some (and if some then which) security credentials get cached to 
the RODC based on your personal situation and security requirements.
TVK

From: Eisenberg, Wayne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 20, 2008 8:55 AM
To: NT System Admin Issues
Subject: Windows 2008 AD question

I have a question that maybe someone here knows the answer to. All this talk 
about this great new advance in AD technology - a read-only DC. Maybe I don't 
have all the information yet, but it sure sounds a whole lot like an NT4 BDC to 
me. That was really the difference between a PDC and a BDC - the PDC was 
writable and the BDC wasn't. It sounds to me like maybe MS is acknowledging 
that AD is not all that robust after all and going back to the NT4 model, but 
spinning it to make people think it's an 'advance'. What do you think? Is it 
really a better AD or is it just the spin-meisters at work?

--
Wayne Eisenberg




~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Vista system will not boot into anything but the recovery tool.

2008-05-20 Thread R. Mac 
Sorry for the bad description earlier...here is a more detailed description
of what is happening.
There is a startup repair feature that starts and tries to repair the system
every time the system boots (even if you hit f8 and try safe mode or last
known good). Then the startup repair tool tries to repair the OS but it
stops with a message stating it cannot repair the system automatically. the
menu options are " send info" "don't send" with a detailed window below of
the error the startup repair tool is having.
details are

Problem signature:
Prob Event Name:StartupRepairV2
Prob Signature 01:   AutoFailover
Prob Signature 02:   6.0.6000.16386.6.0.6000.16386
Prob Signature 03:   6
Prob Signature 04:   2031647
Prob Signature 05:   CorruptFile
Prob Signature 06:   BadDriver
Prob Signature 07:   0
Prob Signature 08:   3
Prob Signature 09:   WrpRepair
Prob Signature 10:   10
OS Version: 6.0.6000.2.0.0.256.1
Local ID:  1033


When i choose to "don't send" i can view the diagnosis and repair details
from the startup repair.
which shows you the tests and diags that were run and has a "root cause
found" at the end that states that  Start up Repair has tried several times
but still cannot determine the cause of the problem.

I can then go to advanced repair options. which brings me the system
recovery options. this has the following options available.

Startup repair  (can't fixit)
System Restore (none found)
windows Complete PC Restore (don't want to wipe it yet. would like to
recover without dumping OS)
Windows Memory Tool (100% pass)
command prompt   ( not like previous ASR can't seem to get the right command
for this issue)
Toshiba Recovery Wizard  ( Don't want to lose the data)

>From the command prompt i get the path X:\sources\recovery\Tools>
run a chdsk c: /F completes with no problems.

reboot and symptoms repeat...

I think its a hardware issue now because i have now been running "chkdsk c:
/R"
And its been trying to repair bad sectors and moving items around for 20
hours now.
So, looks like it will end up being a disk issue but i will run a disk util
(spinrite or disk doctor)  next to see if it can get it running.

Thanx!

Roy MacDonald




On Mon, May 19, 2008 at 11:33 AM, Carl Houseman <[EMAIL PROTECTED]>
wrote:

>  Hmm, Vista doesn't have a "recovery console" per se.  What exactly is
> your friend seeing that says there's no errors?
>
>
>
> The standard Vista recovery menu has these and possible other choices:
>
>   Startup Repair
>   System Restore
>   Windows Complete PC Restore
>   Windows Memory Diagnostic Tool
>   Command Prompt
>
>
>
> So your friend would have had to choose something before being told that it
> "cannot detect any errors."   If your friend sees something wildly different
> from the above menu, then it's vendor-specific and he needs to get help from
> that vendor (or reinstall Vista from a recovery DVD).
>
>
>
> Carl
>
>
>
> *From:* R. Mac [mailto:[EMAIL PROTECTED]
> *Sent:* Sunday, May 18, 2008 8:21 PM
> *To:* NT System Admin Issues
> *Subject:* Vista system will not boot into anything but the recovery tool.
>
>
>
> Hi All,
>Trying to bail out a friend who probably got some virus on his vista
> laptop.
> the system will not boot to a login no matter what options i try at boot.
> safe mode,LKG,Debug,etc. the thing just comes right up to the recovery
> console and that says it cannot detect any errors.
> but yet it keeps showing up every time. any help would be great!
>
> Thanx!
>
> Roy MacDonald
>
>

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Michael B. Smith 
Oh, I understood. My point was, the process should be the same. I can't
explain exactly WHY you are getting what you are getting - but this (also
from the SBS Migration white paper) should provide you a mechanism for
working around it:

Create an alias that maps the source server name to the destination server
name

To facilitate the appropriate communication between client computers and the
destination server, you must create an alias that maps the source server
name to the destination server name.

 To create an alias
 
1.  On the destination server, click Start, click Run, type cmd, and then
click OK.
 
2.  At the command prompt, type:

netdom computername DestinationServerName
/add:SourceServerName.DomainName.local

(SourceServerName.DomainName.local is the FQDN of the source server.)

For more information about using netdom.exe, see "Netdom Overview" at the
Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=98942).

Using the alias that you created, add an entry to the registry to allow SMB
connections.

Caution:  
Incorrectly editing the registry may severely damage your system. Before
making changes to the registry, you should back up valued data from the
computer.
 
 To add a registry entry
 
1.  Start Registry Editor and locate the following registry entry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
 
2.  Right-click parameters, point to New, and then click DWORD Value.
 
3.  Type DisableStrictNameChecking in the Name column, and then press Enter.
 
4.  Right-click the DisableStrictNameChecking DWORD value, and then click
Modify.
 
5.  In the Value data box, type 1, and then click OK.
 
6.  On the File menu, click Exit.
 
7.  Restart the server.
 


Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Edward B. DREGER [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 10:11 AM
To: NT System Admin Issues
Subject: RE: extra username/password prompting after DC migration

MBS> Date: Tue, 20 May 2008 09:17:54 -0400
MBS> From: Michael B. Smith


MBS> It has lots of references, especially KB 884453, that you need to
MBS> know about...(there is no qualitative difference between moving to
MBS> a new SBS server vs. moving the A/D domain to standard, that I can
MBS> think of)

Thanks, but perhaps my original wording was vague or misleading.  I'm
not moving from one SBS box to another.  (However, KB 884453 _is_ handy
to know.  Many thanks for that!)  I converted an SBS box to Standard.
That seemed to go okay.

The problems began after demoting the SBS-turned-ServerStandard box.
Some workstations seem to have cached

OLDSERVER\username + password

for authentication credentials.  Specifying proper domain credentials
is easy enough (albeit annoying) for shares... but not so great when
logging off and a profile doesn't sync.  (I've not tried accessing the
profiles share directly, thus forcing a credentials request, before
logging off.)

I'm trying to ascertain why workstations are "getting goofy" about
credentials... and why it coincides with the formerly-SBS server's
demotion.


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: Windows 2008 AD question

2008-05-20 Thread Tom Miller 
>From what I've read one of the functions of a read-only DC is to enhance 
>security in branch offices.  There's a chapter about it in my 2008 book 
>(Windows 2008 Server) and there are probably white papers on technet as well.
 
An interesting concept, something Novell's eDirectory has had for years.


>>> "Eisenberg, Wayne" <[EMAIL PROTECTED]> 5/20/2008 9:54 AM >>>
I have a question that maybe someone here knows the answer to. All this talk 
about this great new advance in AD technology - a read-only DC. Maybe I don't 
have all the information yet, but it sure sounds a whole lot like an NT4 BDC to 
me. That was really the difference between a PDC and a BDC - the PDC was 
writable and the BDC wasn't. It sounds to me like maybe MS is acknowledging 
that AD is not all that robust after all and going back to the NT4 model, but 
spinning it to make people think it's an 'advance'. What do you think? Is it 
really a better AD or is it just the spin-meisters at work?

-- 
Wayne Eisenberg 




Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Edward B. DREGER 
MBS> Date: Tue, 20 May 2008 09:17:54 -0400
MBS> From: Michael B. Smith


MBS> It has lots of references, especially KB 884453, that you need to
MBS> know about...(there is no qualitative difference between moving to
MBS> a new SBS server vs. moving the A/D domain to standard, that I can
MBS> think of)

Thanks, but perhaps my original wording was vague or misleading.  I'm
not moving from one SBS box to another.  (However, KB 884453 _is_ handy
to know.  Many thanks for that!)  I converted an SBS box to Standard.
That seemed to go okay.

The problems began after demoting the SBS-turned-ServerStandard box.
Some workstations seem to have cached

OLDSERVER\username + password

for authentication credentials.  Specifying proper domain credentials
is easy enough (albeit annoying) for shares... but not so great when
logging off and a profile doesn't sync.  (I've not tried accessing the
profiles share directly, thus forcing a credentials request, before
logging off.)

I'm trying to ascertain why workstations are "getting goofy" about
credentials... and why it coincides with the formerly-SBS server's
demotion.


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Looking for application packager

2008-05-20 Thread Tom Miller 
Hi Folks:
 
Looking for an application for me to create MST files or simply re-package an 
MSI.  For use with a variety of applications.  I don't need a monster expensive 
package since I only need it occasionally.
 
Suggestions?
 
Thanks,
Tom

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Exchange (Serverside) Auto Forwarding

2008-05-20 Thread Michael B. Smith 
Create the rule in OWA. If it can't be created in OWA, then there is a
client-side portion to the rule.

 

Regards,

 

Michael B. Smith

MCSE/Exchange MVP

http://TheEssentialExchange.com

 

From: Aaron T. Rohyans [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 9:42 AM
To: NT System Admin Issues
Subject: Exchange (Serverside) Auto Forwarding

 

Hi all,

I setup a rule within Outlook to autoforward specific e-mails to an offsite
address and move the message to a specific Inbox folder.  The rule is not
marked as "Client-only," however, only part of it runs if left unattended
with Outlook closed.  The message gets moved to the specified folder, but
never forwarded to the offsite e-mail address.  I always end up putting the
emails back into the general Inbox and manually running the rule - which
then works as intended and forwards the messages + moves it back to a
specified folder.

Am I missing something in order to make this work without Outlook running?
Is there a better way to accomplish this for a specific mailbox?

Thanks all,

Aaron

 

 

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Windows 2008 AD question

2008-05-20 Thread Eisenberg, Wayne 
I have a question that maybe someone here knows the answer to. All this
talk about this great new advance in AD technology - a read-only DC.
Maybe I don't have all the information yet, but it sure sounds a whole
lot like an NT4 BDC to me. That was really the difference between a PDC
and a BDC - the PDC was writable and the BDC wasn't. It sounds to me
like maybe MS is acknowledging that AD is not all that robust after all
and going back to the NT4 model, but spinning it to make people think
it's an 'advance'. What do you think? Is it really a better AD or is it
just the spin-meisters at work?

-- 
Wayne Eisenberg 



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: TS Clusters and PST Files - Looking for Suggestions

2008-05-20 Thread S Conn. 
On Tue, May 20, 2008 at 7:45 AM,  <[EMAIL PROTECTED]> wrote:
>
>
>> All 400+ of my users are using POP3 with Outlook 2003 or 2007.  I just
>> gotten the ability to do IMAP, but the trick there is that there is a
>> 90 day message limit on the server.  This causes issues with many
>> users since they like to keep EVERYTHING.
>
> So the POP server is *not* one you control?
>


The POP server is company controlled, but not by me.  It is one of the
few servers outside of my control and the way the politics are set up
I don't have much say in any form of its setup.

> And every user wants to either keep everything forever, or not keep anything
> ever. :-)
>

My users tend to keep just about everything forever.  The average PST
size for a POP user is about 1 GB, and some folks have archives back
to 2002 that they still reference.

>> Setting up local PSTs on most user's PCs is ok, especially since most
>> users understand the risks associated with doing so.  Where I'm
>> running into issues is on my Terminal Servers.  I have a few
>> "stand-alone" Terminal Servers, where users are assigned one specific
>> server and that's it.  They have a local profile on these servers, so
>> their PSTs don't move across the network at all.  I'm not using Citrix
>> here, just normal Windows 2003 Terminal Server.
>
> I'd go IMAP (probably Courier) on Linux, if it were me, and you're not
> looking for collaboration (such as calendaring; there are other
> add-ons/programs for that, none quite as easy or integrated as Exchange).
> This presumes that I can run and control my own Linux server, of course. You
> can even web front-end it, using sqwebmail or Squirrelmail (which I prefer).
>

The guys running the email server recently set up IMAP, but Outlook
still requires a PST file for settings and calendar/task/contact
information.  The IMAP setup itself creates its own PST file, but it
will automatically regenerate each time Outlook opens.  This mean two
PST files; one for Outlook to function, the other for IMAP mail (which
can regenerate).

I tried testing by setting up Outlook for IMAP, testing email
functions, closing Outlook, deleting the PST files, then reopening
Outlook.  Upon opening, it complains that it can't find the
Outlook.pst file.

Seth

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: TS Clusters and PST Files - Looking for Suggestions

2008-05-20 Thread Eisenberg, Wayne 
Have you looked at PostPath?
 

-- 
Wayne Eisenberg 





From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 8:45 AM
To: NT System Admin Issues
Subject: Re: TS Clusters and PST Files - Looking for Suggestions



"S Conn." <[EMAIL PROTECTED]> wrote on 05/20/2008 01:49:16 AM:

> Hey guys I'm looking for suggestions.  Here's the deal.  I have NO
> Exchange server.  Management won't buy it, too expensive, especially
> since Linux alternatives are "cheaper".  I've been fighting this
> losing battle for years now.  If I did have Exchange, the upcoming
> question would be null. 

I used to run a small Exchange 5.5, then upgraded to Ex 2007, for like
60 users. Linux alternatives (if all you're looking for is mail, and not
things like shared/workgroup calenders, public folders, etc), then Linux
probably would be cheaper, both in upfront license costs, hardware
requirements, and time maintaining. 

> All 400+ of my users are using POP3 with Outlook 2003 or 2007.  I just
> gotten the ability to do IMAP, but the trick there is that there is a
> 90 day message limit on the server.  This causes issues with many
> users since they like to keep EVERYTHING. 

So the POP server is *not* one you control? 

And every user wants to either keep everything forever, or not keep
anything ever. :-) 

> Setting up local PSTs on most user's PCs is ok, especially since most
> users understand the risks associated with doing so.  Where I'm
> running into issues is on my Terminal Servers.  I have a few
> "stand-alone" Terminal Servers, where users are assigned one specific
> server and that's it.  They have a local profile on these servers, so
> their PSTs don't move across the network at all.  I'm not using Citrix
> here, just normal Windows 2003 Terminal Server.

I'd go IMAP (probably Courier) on Linux, if it were me, and you're not
looking for collaboration (such as calendaring; there are other
add-ons/programs for that, none quite as easy or integrated as
Exchange). This presumes that I can run and control my own Linux server,
of course. You can even web front-end it, using sqwebmail or
Squirrelmail (which I prefer). 

> 
> My current setup will not last.  I need to find a way to either not
> use the PST files at all or find a way to reliably provide access to
> PSTs without killing my network.  I thought about using a logon/logoff
> script to copy the PSTs to/from the network shares, but I'm afraid
> that it'll be too slow (my users like to have 1gb+ PSTs) and it won't
> handle non-logoff situations well (like a sudden reboot).

Yeah, I don't think that'll work well. You're trying to emulate offline
files then. 

> 
> Does anyone have any suggestions, workarounds, or solutions?  Anyone
> dealing with this issue now or found a way to deal with it?
> 
> I really appreciate your help and suggestions on this.
> 
> Thanks,
> 
> Seth

So your POP server is owned and maintained by your ISP? Do they offer
IMAP services? 

Good luck. 



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Exchange (Serverside) Auto Forwarding

2008-05-20 Thread Aaron T. Rohyans 
Hi all,

I setup a rule within Outlook to autoforward specific e-mails to an
offsite address and move the message to a specific Inbox folder.  The
rule is not marked as "Client-only," however, only part of it runs if
left unattended with Outlook closed.  The message gets moved to the
specified folder, but never forwarded to the offsite e-mail address.  I
always end up putting the emails back into the general Inbox and
manually running the rule - which then works as intended and forwards
the messages + moves it back to a specified folder.

Am I missing something in order to make this work without Outlook
running?  Is there a better way to accomplish this for a specific
mailbox?

Thanks all,
Aaron

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

OT Cisco switch password recovery

2008-05-20 Thread Eldridge, Dave 
OffTopic:

 

I have this posted elsewhere but I know there's some Cisco smarts here.

I had to do a pw recovery on a couple of 3750's and when I went to
rename the config.text.old file back to config.text I showed the
following dir flash:

Directory of flash:/

 

2  -rwx6443   Mar 8 1993 23:12:38 +00:00
config.old^[[D^[[D^[[Dtext.old

3  -rwx   5   Mar 8 1993 23:12:38 +00:00
private-config.text

4  -rwx3976   May 4 1993 23:55:00 +00:00  vlan.dat

6  drwx 192   Mar 1 1993 00:09:33 +00:00
c3750-ipbase-mz.122-35.SE5

 

Something must have gotten corrupt  in the first reboot but I still
should have been able to rename the file anyway.

This is what I was getting.

 

rename flash:config.old^[[D^[[D^[[Dtext.old flash:config.text

Destination filename [config.text]? 

%Error renaming flash:config.old^[[D^[[D^[[Dtext.old to
flash:config.text (No such file or directory)

 

I was pressed for time so I had to rebuild the config. L 

Should renaming this have worked?

 

 




This message contains confidential information and is intended only for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute or copy this e-mail. Please notify the sender immediately via e-mail 
if you have received this e-mail by mistake; then, delete this e-mail from your 
system.
~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: extra username/password prompting after DC migration

2008-05-20 Thread Michael B. Smith 
Take a look here:

http://theessentialexchange.com/blogs/michael/archive/2008/05/18/sbs-2003-ha
rdware-migration-upgrade.aspx

It has lots of references, especially KB 884453, that you need to know
about...(there is no qualitative difference between moving to a new SBS
server vs. moving the A/D domain to standard, that I can think of)

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Edward B. DREGER [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 9:09 AM
To: NT System Admin Issues
Subject: extra username/password prompting after DC migration

1. Convert SBS to Server Standard;

2. Add new server to domain;

3. Promote new server to DC, and migrate all FSMO roles to it;

4. Demote formerly-SBS server so it is no longer a DC;

5. Get annoying username/password prompts (where username is prefilled
as "oldserver\username") when accessing network shares;

6. Use Google in attempts to fix #5;

7. When #6 fails, post to ntsysadmin about #5.

Any suggestions?  There are currently no firewalls in place between the
two servers; Kerberos, LDAP, and friends should not be impeded.

It strikes me as something that should be extremely simple.  However,
perhaps because I've been spending more time eating than sleeping in the
recent past, I'm just missing something...


TIA!
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

extra username/password prompting after DC migration

2008-05-20 Thread Edward B. DREGER 
1. Convert SBS to Server Standard;

2. Add new server to domain;

3. Promote new server to DC, and migrate all FSMO roles to it;

4. Demote formerly-SBS server so it is no longer a DC;

5. Get annoying username/password prompts (where username is prefilled
as "oldserver\username") when accessing network shares;

6. Use Google in attempts to fix #5;

7. When #6 fails, post to ntsysadmin about #5.

Any suggestions?  There are currently no firewalls in place between the
two servers; Kerberos, LDAP, and friends should not be impeded.

It strikes me as something that should be extremely simple.  However,
perhaps because I've been spending more time eating than sleeping in the
recent past, I'm just missing something...


TIA!
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: TS Clusters and PST Files - Looking for Suggestions

2008-05-20 Thread Michael . Leone 
"S Conn." <[EMAIL PROTECTED]> wrote on 05/20/2008 01:49:16 AM:

> Hey guys I'm looking for suggestions.  Here's the deal.  I have NO
> Exchange server.  Management won't buy it, too expensive, especially
> since Linux alternatives are "cheaper".  I've been fighting this
> losing battle for years now.  If I did have Exchange, the upcoming
> question would be null.

I used to run a small Exchange 5.5, then upgraded to Ex 2007, for like 60 
users. Linux alternatives (if all you're looking for is mail, and not 
things like shared/workgroup calenders, public folders, etc), then Linux 
probably would be cheaper, both in upfront license costs, hardware 
requirements, and time maintaining.

> All 400+ of my users are using POP3 with Outlook 2003 or 2007.  I just
> gotten the ability to do IMAP, but the trick there is that there is a
> 90 day message limit on the server.  This causes issues with many
> users since they like to keep EVERYTHING.

So the POP server is *not* one you control?

And every user wants to either keep everything forever, or not keep 
anything ever. :-)

> Setting up local PSTs on most user's PCs is ok, especially since most
> users understand the risks associated with doing so.  Where I'm
> running into issues is on my Terminal Servers.  I have a few
> "stand-alone" Terminal Servers, where users are assigned one specific
> server and that's it.  They have a local profile on these servers, so
> their PSTs don't move across the network at all.  I'm not using Citrix
> here, just normal Windows 2003 Terminal Server.

I'd go IMAP (probably Courier) on Linux, if it were me, and you're not 
looking for collaboration (such as calendaring; there are other 
add-ons/programs for that, none quite as easy or integrated as Exchange). 
This presumes that I can run and control my own Linux server, of course. 
You can even web front-end it, using sqwebmail or Squirrelmail (which I 
prefer).

> 
> My current setup will not last.  I need to find a way to either not
> use the PST files at all or find a way to reliably provide access to
> PSTs without killing my network.  I thought about using a logon/logoff
> script to copy the PSTs to/from the network shares, but I'm afraid
> that it'll be too slow (my users like to have 1gb+ PSTs) and it won't
> handle non-logoff situations well (like a sudden reboot).

Yeah, I don't think that'll work well. You're trying to emulate offline 
files then.

> 
> Does anyone have any suggestions, workarounds, or solutions?  Anyone
> dealing with this issue now or found a way to deal with it?
> 
> I really appreciate your help and suggestions on this.
> 
> Thanks,
> 
> Seth

So your POP server is owned and maintained by your ISP? Do they offer IMAP 
services?

Good luck.

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

Re: TS Clusters and PST Files - Looking for Suggestions

2008-05-20 Thread jeff . wilhelm 
What about implementing the 2X application server, where the launching of 
a specific application is launched on a remote terminal server and 
presented as a local application? If you have one box dedicated to be the 
"TS User Outlook Box" and the launching of Outlook always occurs against 
that one server, then the PST files can all be stored on that one box, 
called locally, and presented on any of the other load balanced terminal 
servers that the users happen to be connected to for their general 
computing needs.

Jeff






"S Conn." <[EMAIL PROTECTED]> 
05/20/2008 01:49 AM
Please respond to
"NT System Admin Issues" 


To
"NT System Admin Issues" 
cc

Subject
TS Clusters and PST Files - Looking for Suggestions






Hey guys I'm looking for suggestions.  Here's the deal.  I have NO
Exchange server.  Management won't buy it, too expensive, especially
since Linux alternatives are "cheaper".  I've been fighting this
losing battle for years now.  If I did have Exchange, the upcoming
question would be null.

All 400+ of my users are using POP3 with Outlook 2003 or 2007.  I just
gotten the ability to do IMAP, but the trick there is that there is a
90 day message limit on the server.  This causes issues with many
users since they like to keep EVERYTHING.

Setting up local PSTs on most user's PCs is ok, especially since most
users understand the risks associated with doing so.  Where I'm
running into issues is on my Terminal Servers.  I have a few
"stand-alone" Terminal Servers, where users are assigned one specific
server and that's it.  They have a local profile on these servers, so
their PSTs don't move across the network at all.  I'm not using Citrix
here, just normal Windows 2003 Terminal Server.

Where this gets trickier is when I decided to create a Terminal Server
cluster (or farm) for reliability reasons (using 2X's Load Balancer).
This means that I have to have roaming profiles since the user won't
know which server they'll log into at any given time.  I redirect all
the folders that Microsoft allows (desktop, my docs, etc).  But,
roaming profiles nor folder redirection covers the Local Settings
folder, where the PST is stored.  I can tell Outlook to use a PST file
hosted on a network share, but it has been covered on this list
several times that Network-based PSTs is really, really bad.  I've
also experienced that badness first hand on one of my file servers.

So, my only option is to ditch the POP3 function and go with IMAP,
which will download the user's email each time Outlook is open.  But
two issues arise:  One, the users are limited to only 90 days of
email, which is bad.  Two, Outlook needs a pst to open and to store
contacts/calendar information.  Right now I have a small PST file set
up over the network on each Outlook user's home folder for the
contacts/calendar.  I'm hoping that since the files are small and not
as used this will work long enough to find a good solution.  Right
now, the majority of "farm" users are using webmail to workaround the
issues.

My current setup will not last.  I need to find a way to either not
use the PST files at all or find a way to reliably provide access to
PSTs without killing my network.  I thought about using a logon/logoff
script to copy the PSTs to/from the network shares, but I'm afraid
that it'll be too slow (my users like to have 1gb+ PSTs) and it won't
handle non-logoff situations well (like a sudden reboot).

Does anyone have any suggestions, workarounds, or solutions?  Anyone
dealing with this issue now or found a way to deal with it?

I really appreciate your help and suggestions on this.

Thanks,

Seth

~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

RE: Server Monitor: M$ SCOM or Servers Alive???

2008-05-20 Thread Ken Schaefer 
Hi,

With Ops Manager you get a bunch of "management packs" to monitor various 
services you have (e.g. DHCP, DFS, Exchange, whatever). You install the MPs you 
want.

Each MP provides a "health model" for what a healthy environment should look 
like, and what an unhealthy environment looks like. To work out whether your 
environment is healthy or not, various rules are placed inside the MP. These 
rules say things like "if this event occurs then there's a problem" or "if this 
perfmon counter goes over this value for this period of time, there's a 
critical issue". There are a bunch of providers in Ops Manager that lets the 
agent look at event logs, arbitrary log files, perfmon counters etc. 
Additionally, some MPs implement "synthetic transactions" that simulate end 
user behaviour to alert if you there's a problem from an end user perspective 
(e.g. simulated MAPI logon, or HTTP request)

You can customise the existing rules if required (e.g. tune thresholds are one 
of the more common tasks) or create your own MPs with your own rules.

Cheers
Ken

> -Original Message-
> From: Stephen Wimberly [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, 20 May 2008 10:03 PM
> To: NT System Admin Issues
> Subject: RE: Server Monitor: M$ SCOM or Servers Alive???
>
> I've not downloaded the trial yet, so forgive my ignorance when I ask:
>
> One of the main points of interest is just how granular the monitoring
> is,
> for example we rely very heavily on domain DFS with replication.
> Recently
> the File Replication Service failed and within a few hours we had
> issues
> with critical processes.
>
> SA: can monitor the service and let us know if it stops running.
>
> CAN SCOM monitor different aspects that affect the service, like is it
> running into other errors, is disk space getting low, is the staging
> area
> getting full "too regularly", in other words can SCOM provide that
> "warm and
> fuzzy" feeling that the service is actually working like it should.
>
> ==
>
> Stephen Wimberly
>
> ==
>
>
> -Original Message-
> From: Rankin, James R [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 19, 2008 8:05 AM
> To: NT System Admin Issues
> Subject: RE: Server Monitor: M$ SCOM or Servers Alive???
>
> We are also a non-profit and with the discounts available we ended up
> going
> for SCOM rather than Servers Alive or other cheaper options. We use
> Citrix,
> VMWare and AppSense amongst other software and it was vital for us to
> be
> able to monitor these from one console, which the MPs make very
> straightforward. Personally I was going to use SCE, but we have VMWare
> Update Manager which takes care of the WSUS stuff so we ended up going
> for
> the full version of SCOM 2007.
>
> Having said that, configuring SCOM is a bit of a pain if you haven't
> used
> any of the previous incarnations.
>
> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: 19 May 2008 12:44
> To: NT System Admin Issues
> Subject: RE: Server Monitor: M$ SCOM or Servers Alive???
>
> I use Servers alive, to monitor about 250+ servers right now. All you
> need
> is time to set it up, but most of the time it will tell me whatever I
> want
> to know.
>
> And it's a hell of a lot cheaper than SCOM.
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Stephen Wimberly [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 16, 2008 2:26 PM
> To: NT System Admin Issues
> Subject: Server Monitor: M$ SCOM or Servers Alive???
>
> We are looking into Server monitoring with the ability to notify us
> when
> certain services or applications fail.  I have used Servers Alive
> before,
> it's inexpensive and fairly easy to configure.  Although at the
> nonprofit
> higher educational institution I am at we get many Microsoft products
> at a
> severe discount.  Talking with our software sales rep he is pushing me
> to
> consider the System Center Suite, which includes System Center
> Operations
> Manager for both server and critical workstation monitoring.
>
> Anyone like to comment on the benefit of System Center Operations
> Manager
> over Servers Alive for service and application monitoring and
> alerting???  -
> THANKS!
>
> The full Suite he's pushing includes:
> System Center Configuration Manager 2007 (we will do this either way)
> System
> Center Data Protection Manager 2007 (Would be a nice add on) System
> Center
> Operations Manager 2007 System Center Virtual Machine Manager (we have
> no
> current use for this)
>
>
>
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>
> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
> ~   ~
>
>
> ~ Upgrade to Next Generation Antispam/Antivirus

RE: SCOM log review??

2008-05-20 Thread Michael B. Smith 
An agented workstation will 'push'. An agentless workstation will be
'pulled' from the server.

It's a little more complicated than that, but that's the basic statement.

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Stephen Wimberly [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, May 20, 2008 8:22 AM
To: NT System Admin Issues
Subject: RE: SCOM log review??

This might sound nitpicky, but does the server 'pull' the logs or do the
workstations 'push' logs?

Our plan is to put the SCOM server behind a firewall from the workstations.


Server to Workstations: all ports are open, so SNMP will go from Server to
Workstation.

Workstations to Server: only select ports are open and SNMP (161) is closed,
so SNMP from workstation will be ignored at firewall.

==

Stephen Wimberly

==



-Original Message-
From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Monday, May 19, 2008 1:34 PM
To: NT System Admin Issues
Subject: RE: SCOM log review??

SCOM works great with either V1 or 2 SNMP for your firewall. Server and
Updates logs are collected by default if you are using WSUS for patching.

TVK

 

From: Phil Guevara [mailto:[EMAIL PROTECTED] 
Sent: Monday, May 19, 2008 12:25 PM
To: NT System Admin Issues
Subject: SCOM log review??

 

Can SCOM pull logs for review and auditing?

Firewall Log Review

Server Log Review

Patch Log

 

Our firewall is a checkpoint firewall, could scom pull logs from
non-microsoft products?

 

 





~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~   ~

  1   2   >