Re: Opensource Imaging software with diff support

[Angus Scott-Fleming]

On 26 Aug 2008 at 18:43, Matt Plahtinsky  wrote:

> I haven't used it for a while but I'm pretty sure driveXML will do diff's

DIXML is neither OSS nor free for commercial use.

--- Included Stuff Follows ---
DriveImage XML Backup Software

Commercial Edition: If you are a business or organization or use 
DriveImage XML commercially, you need to purchase the Commercial Edition. 
The Commercial Edition is available with 5, 10, 20, 50 and 100-user 
licenses. 

- Included Stuff Ends -
More here: http://www.runtime.org/driveimage-xml.htm

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: newisys 2110-i motherboards

[Martin Blackstone]

The 2100 is on the 2003 HCL but I don't see it on the 2008.

http://www.windowsservercatalog.com/item.aspx?idItem=6c0eadca-361e-de5f-976a
-c294349ab8d5
 &bCatID=1282

 

I would "imagine" that 2008 will install, but may not be supported.

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 6:00 PM
To: NT System Admin Issues
Subject: newisys 2110-i motherboards

 

Anyone have a clue whether newisys 2110-I motherboards are natively
recognized by server 2008?

 

Thanks.

 

Regards,

 

Michael B. Smith

MCITP:SA,EMA/MCSE/Exchange MVP

http://TheEssentialExchange.com

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Interactive Whiteboards/Smartboards for Education

[Jon B. Lewis]

Sounds like a plan.  We even seem to have a local reseller.  Thanks
guys.

Jon Lewis


-Original Message-
From: Kennedy, Jim [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 10:26 AM
To: NT System Admin Issues
Subject: RE: Interactive Whiteboards/Smartboards for Education

+1 for SmartTech.

We have a couple hundred of them installed. Other than a bad batch of 25
or so two years ago, which they instantly replaced, it has been a great
unit. The software actually is the key, it rocks.

STRONGLY suggest you set up training for the staff that are going to use
it. It is more than just the technical knowledge of how to use it, it
can and does open up new ways to teach differently..and that is
something they need to see and have help with. There are many
professional trainers you can hire to come in, most of them are
ex-teachers so it goes very well.


> -Original Message-
> From: Candee Vaglica [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 26, 2008 10:52 AM
> To: NT System Admin Issues
> Subject: Re: Interactive Whiteboards/Smartboards for Education
>
> We do a lot of school projects, and we recommend the smartboards from
> here:
> http://smarttech.com/
> We also have one in our conference room.
>
> On Mon, Aug 25, 2008 at 7:22 PM, Jon B. Lewis <[EMAIL PROTECTED]>
wrote:
> > Does anyone here have recommendations for smartboard/interactive
> > whiteboards, particularly for young children?  Our teachers use
> > Bluetooth tablets for the majority of their stuff but the
> administration
> > is wanting something like this for the smaller children to interact
> with
> > the computer/projector system and we've not used one of these in
> quite
> > some time.  Thought I'd see if anyone has any suggestions.
> >
> > Jon Lewis
> >
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

newisys 2110-i motherboards

[Michael B. Smith]

Anyone have a clue whether newisys 2110-I motherboards are natively
recognized by server 2008?

 

Thanks.

 

Regards,

 

Michael B. Smith

MCITP:SA,EMA/MCSE/Exchange MVP

http://TheEssentialExchange.com

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Laundry list

[Ken Schaefer]

You shouldn't be doing laundry in the data center - water and computers don't 
mix.

Are you talking about run books?

Cheers
Ken

From: Dennis Rogov [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 27 August 2008 2:39 AM
To: NT System Admin Issues
Subject: Laundry list

I was wondering if anyone could share what is their data center 
laundry list so I can generate for my team. In our network we are running 50 
windows 03 servers and 20 virtual machines SQL 2k and 2005, Exchange, IIS web 
servers Checkpoint Firewall HP switches whats up gold monitor software HP 
System Manager, Dell Open Manage.

Dr





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain Controller on Hyper-V

[Ken Schaefer]

Other than reading the Microsoft whitepaper on virtualising DCs, I don't think 
there's an issue, provided you can keep the VM hosts secure (you don't want 
someone copying off the VHD files of a DC and doing an offline attack :))

Cheers
Ken

From: Brumbaugh, Luke [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 26 August 2008 11:15 PM
To: NT System Admin Issues
Cc: Miller, Bob
Subject: Domain Controller on Hyper-V


I have 2 new servers with 10 gb Ram and have pondered the possibilities of core 
and Hyper-v with a DC sitting on top and disaster recovery.   Is this a good or 
bad Idea?   Looking for opinions.

TIA

Luke L. Brumbaugh

Network Engineer

Butler Animal Health Supply

Ph:(614) 659-1736

**

CONFIDENTIALITY NOTICE: The information transmitted in this message is intended 
only for the person or entity to which it is addressed and may contain 
confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, 
please contact the sender and destroy all copies of this document. Thank you.

Butler Animal Health Supply

**








~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Perhaps a bit OT - mail bouncing

[Micheal Espinola Jr]

Manually test a failed email.  First, use the Dmoain Dossier tool at
CentralOps.net to find the MX record info that is seen by this
reliable service (example microsoft.com):

http://centralops.net/co/DomainDossier.aspx?addr=microsoft.com&dom_dns=true

Next, use nslookup on your mail server to see if what your mail server
sees matches.  You mail server may be configured to use alternate DNS
resolution than that of the OS - so be mindful of that possibility
(example microsoft.com. :

nslookup -type=MX microsoft.com

Next, try some manual testing from your mail server to the MX
identified recieving server (example microsoft.com):

telnet mail.global.frontbridge.com 25

Specifying 25 on the end instructs the telnet application to connect
to port 25 (SMTP) instead of the default Telnet port of 23.

Tap enter a couple of times and you should get an SMTP connection
banner.  If you know SMTP, you can send some manual commands to test.
You can Google the commands.  Even Microsoft's KB has examples for
that.

Sorry, but I have to go catch a train.  Good luck!

On Tue, Aug 26, 2008 at 3:39 PM,  <[EMAIL PROTECTED]> wrote:
> Greetings!
>
> We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. Our
> wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
> QualityTech.  As NY is the parent office (to say nothing of older and
> bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
> Illinois public addresses (including the IP address stamped onto all our
> outgoing email), we have NS records on the QualityTech system pointing our
> network (mwro.aspca.org) to the AT&T name servers.  All had been well the
> past several months...
>
> Last week, attempts to send mail to various corporations and educational
> institutions has been bouncing.  The headers of our bounce notices say
> simply "Failed to connect to SMTP host COMPANY.COM because: Remote system
> no longer responding"
>
> One company told us it is because the IP address is not resolving
> properly...
>
> I have checked the DNS tables for QualityTech, and they do show "mwro"
> being delegated to a pair of AT&T DNS servers.  I have checked the DNS
> tables for AT&T, and we do have records in both forward and reverse lookup
> zones (br.mwro.aspca.org <-> 12.15.29.130).
>
> Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
> suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
> things so that anything claiming to be from [anything].aspca.org must
> resolve to a QualityTech address and not to an AT&T address.  Still, I
> don't see that we can do much to fix this...
>
> We are considering using a VPN tunnel to try to use a NY machine as an
> outgoing SMTP server.  What else might we try?
>
> Other folks experiencing this?
>
> Thanks!
> --
> Richard McClary, Systems Administrator
> ASPCA Knowledge Management
> 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> 217-337-9761
> http://www.aspca.org
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>



-- 
ME2

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: AP Recommendation (Followup)

[Mark Boersma]

So I bought 4 Cisco 1252's.  Dual radio, 2.4 and 5.  Long story short, I
love them.  I've had them up for almost a month without a single blip on
the bad radar.

 

Given that I paid more for each of them than I had for all 6 of the
Linksys WAP4400's.  Well worth the $$ though.  Moral of the story folks,
it's worth spending the top dollar on your core network equipment,
you'll never regret it.

 

Mark

-

Two rules to success in life:

1. Never tell people everything you know.

 

 

From: Mark Boersma 
Sent: Friday, July 25, 2008 2:31 PM
To: NT System Admin Issues
Subject: RE: AP Recommendation

 

H, I think the responses have probably sold me on the 1200's.  

 

"haven't touched them" and "they just run" J

 

Thanks for the feedback gents.

 

Mark

-

Two rules to success in life:

1. Never tell people everything you know.

 

From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 25, 2008 1:01 PM
To: NT System Admin Issues
Subject: RE: AP Recommendation

 

We've got about a dozen of the Cisco AP's...and Shook hasn't touched
them since install. J

We power them via PoE from our Cisco switches and they just run.

We have reconfigured them a couple of times to upgrade security, but
that is all via web page.

TVK

 

From: Andy Shook [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 25, 2008 11:58 AM
To: NT System Admin Issues
Subject: RE: AP Recommendation

 

+1  I've got six of them and haven't touched them since install.  

 

Shook

 



From: N Parr [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 25, 2008 12:44 PM
To: NT System Admin Issues
Subject: RE: AP Recommendation

 

Most of my Cisco 1200's haven't been rebooted in over 2 years.

 



From: Mark Boersma [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 25, 2008 11:23 AM
To: NT System Admin Issues
Subject: AP Recommendation

Hello all.  I am looking for opinions on 802.11N ap's. 

 

I am currently running 6 Linksys WAP4400N ap's and am quite disgruntled
with them.  If more than a few clients are associated with them then
they tend to disconnect and power cycle themselves.  The Linksys folks
can't even speak English much less solve the issue.

 

I am looking at either the 3Com 9550 or the Cisco 1250 series.  

 

I would probably run 4 of them and I don't necessarily need them to be
managed, I can run them as standalone.  At most there may be 15-20
clients associated with each AP, usually probably 5-10.

 

Any input is appreciated in terms of:

-should I just bite the bullet and buy the $800 cisco's

-have I missed any that are worth looking at

 

Thanks,

 

Mark

-

Two rules to success in life:

1. Never tell people everything you know.

 

Mark Boersma

IT Manager

Triangle Associates, Inc.

[EMAIL PROTECTED]

 

 



Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is for the sole use of the intended recipients(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 
 
 
 

 

 

 

 

 

 


Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for 
the sole use of the intended recipients(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[jeff . wilhelm]

No, they would use the Watchguard software. Was a little flaky in version 
7, but 10.0.2 (current) is pretty nice. 

Our site in FL uses PPTP into a pair of X1000s. In RI we have our users 
using IPSEC (MUVPN) into a pair of X5500e's. Users who have used both say 
ours is more stable / reliable.

Could hurt to at least setup one user with MUVPN to see if the problem 
goes away. Of course it shouldn't be happening with PPTP either, but it's 
tough to really say what the problem is without logs.





"Paul Everett" <[EMAIL PROTECTED]> 
08/26/2008 06:26 PM
Please respond to
"NT System Admin Issues" 


To
"NT System Admin Issues" 
cc

Subject
RE: remote access






I am using pptp vpn.  Would muvpn be better?  Someone else set this up. Do 
the clients connect the same way (windows vpn connection wizard) if I was 
using muvpn on the firewall?
 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 3:01 PM
To: NT System Admin Issues
Subject: RE: remote access
 
 
 

 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation - for external laptops

[Sam Cayze]

Stu, is this encrypted/SSL traffic?  I doubt many will enable this if
not.  I wouldn't allow anything NATed unless SSL.

PS - Thanks for the great explanation/tuturial!

Regards, Sam

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 4:33 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.

 
Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\re

Re: Perhaps a bit OT - mail bouncing

[Mike Tavares]

My first thoughts on this.

1. from the smtp server sending the emails can you do an NSLOOKUP (set 
type=mx) of company.com and see what it resolves to.
2. once you have the IP address can you TELNET to that ip address on port 25 
(you should get a banner of some type).

   Almost willing to bet you won't get a banner at this stage.

in most case REMOTE SYSTEM is no longer responding errors mean exactly that, 
the server did not respond to the original request for connection.


in the case of a server not responding because of precevied bad MX records, 
or REVERSE DNS issues, the error message generally states that.


I noticed from your header that you are using Notes as your mail client.  Is 
the Sending SMTP server a Domino server?  if so you can turn up the SMTP 
logging level on outbound mail to show the entire process from the DNS query 
for the MX record, to the handshake, to the message being delivered, and 
that should point you in the right direction as to where to look.


(if you are using domino as the smtp server let me know, there are several 
other things you can check also).


-Mike


- Original Message - 
From: <[EMAIL PROTECTED]>

To: "NT System Admin Issues" 
Sent: Tuesday, August 26, 2008 3:39 PM
Subject: Perhaps a bit OT - mail bouncing



Greetings!

We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. Our
wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
QualityTech.  As NY is the parent office (to say nothing of older and
bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
Illinois public addresses (including the IP address stamped onto all our
outgoing email), we have NS records on the QualityTech system pointing our
network (mwro.aspca.org) to the AT&T name servers.  All had been well the
past several months...

Last week, attempts to send mail to various corporations and educational
institutions has been bouncing.  The headers of our bounce notices say
simply "Failed to connect to SMTP host COMPANY.COM because: Remote system
no longer responding"

One company told us it is because the IP address is not resolving
properly...

I have checked the DNS tables for QualityTech, and they do show "mwro"
being delegated to a pair of AT&T DNS servers.  I have checked the DNS
tables for AT&T, and we do have records in both forward and reverse lookup
zones (br.mwro.aspca.org <-> 12.15.29.130).

Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
things so that anything claiming to be from [anything].aspca.org must
resolve to a QualityTech address and not to an AT&T address.  Still, I
don't see that we can do much to fix this...

We are considering using a VPN tunnel to try to use a NY machine as an
outgoing SMTP server.  What else might we try?

Other folks experiencing this?

Thanks!
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~ 



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Opensource Imaging software with diff support

[Matt Plahtinsky]

I haven't used it for a while but I'm pretty sure driveXML will do diff's



On 8/24/08, Oliver Marshall <[EMAIL PROTECTED]> wrote:
> Does anyone know of an Opensource imaging app that includes differential
> support ? Odd question I know, but I have client who likes OS only apps
> and specifically needs the reduced time/data figures of differential
> imaging.
>
>
>
> Olly
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[Paul Everett]

No, not really.  Sometimes they can ping other servers on the network
(and sometimes not), but they can never ping the TS that they just lost
connection to.  At least not for a while.

I have done a ping -t and the pings time-out when the connection drops.

Everything was working fine until a few weeks ago.  Go figure??

 



From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 2:31 PM
To: NT System Admin Issues
Subject: RE: remote access

 

Just curious, when the user gets dropped out of TS, they are still
connected but not able to 'see' the ts in which they were disconnected?

 

That sounds like some weird routing issue. You may also want to remove
encryption from the ts since you are already encrypting your traffic
with the vpn.

 

You should do a ping -t ts.ip.address and then connect and work and see
if the time outs correlate to the dropping of the connection. If so ,
but you are still online the only thing I can think of that would
'block' would be the firewall. 

 

From: Paul Everett [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 8:54 AM
To: NT System Admin Issues
Subject: RE: remote access

 

Anything in the Event Logs on either end?  On the client as far as a
reason for the connection dropping, or on the server as far as a reason
for the connection being denied?

The only thing in the event log on the TS is event 551 (logoff).  Below
is the description.  Event 538 "sometimes" does not appear after 551,
sometimes it does.  This may explain why we are unable to reconnect
immediately after losing connection to the TS, and is probably separate
from the connection issue.

If a Security 538 message does not appear shortly after the Security 551
message, a program or service might not be managing its access tokens
correctly. Although the user cannot access objects, the program or
service might have cached an access token and therefore retained the
ability to access objects.

On the client there is a Remote Access event that establishes the VPN,
but no events are generated when the RDP session is initiated or
dropped.

During the RDP drop for one user, can another user still use / connect
to the server?

 

I don't know.  There are only a few users who connect at random times.

 

 

Does disconnecting from the VPN as soon as the RDP is dropped, and then
reconnecting to VPN allow the RDP session to be reconnected?

 

I would have to say "sometimes".  

I just got off the phone with a user who was connected to the VPN but
couldn't connect to Remote Desktop.  He couldn't ping anything on my
network.  After disconnecting and re-establishing the VPN he was able to
connect to Remote Desktop, but it was dropped after 9 minutes.

 

Last night I connected to our VPN from home and although I could ping my
network, the connection was so pitifully slow, I couldn't connect to
anything.  It affected everything on my computer as well.  I was
basically dead in the water until I disconnected the VPN.

 

A couple days ago I connected without any problem and stayed connected
to Remote Desktop for almost an hour before I ended my session.

 

The only consistent thing I've found is that none of my users can stay
connected for more than 20-30 minutes, if they are lucky.

 

We are using a Watchguard firewall for VPN access.

 

Paul



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:11 PM
To: NT System Admin Issues
Subject: RE: remote access

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[Paul Everett]

I am using pptp vpn.  Would muvpn be better?  Someone else set this up.
Do the clients connect the same way (windows vpn connection wizard) if I
was using muvpn on the firewall?

 



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 3:01 PM
To: NT System Admin Issues
Subject: RE: remote access

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Perhaps a bit OT - mail bouncing

[RichardMcClary]

A coworker, who manages our Postini incoming mail accounts, spoke with 
Postini.  They told him my complaint has become rather frequent.  Their 
solution is to use Postini for outbound mail as well as incoming mail.  On 
the one hand, all our MX records (aspca.org) are on the Postini system. On 
the other hand, it ain't cheap!  (Still "cheaper" than "vanishing", 
though.)
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


[EMAIL PROTECTED] wrote on 08/26/2008 02:39:54 PM:

> Greetings!
> 
> We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. 
Our 
> wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through 
> QualityTech.  As NY is the parent office (to say nothing of older and 
> bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the 
> Illinois public addresses (including the IP address stamped onto all our 

> outgoing email), we have NS records on the QualityTech system pointing 
our 
> network (mwro.aspca.org) to the AT&T name servers.  All had been well 
the 
> past several months...
> 
> Last week, attempts to send mail to various corporations and educational 

> institutions has been bouncing.  The headers of our bounce notices say 
> simply "Failed to connect to SMTP host COMPANY.COM because: Remote 
system 
> no longer responding"
> 
> One company told us it is because the IP address is not resolving 
> properly...
> 
> I have checked the DNS tables for QualityTech, and they do show "mwro" 
> being delegated to a pair of AT&T DNS servers.  I have checked the DNS 
> tables for AT&T, and we do have records in both forward and reverse 
lookup 
> zones (br.mwro.aspca.org <-> 12.15.29.130).
> 
> Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss 
> suggests the "fix" for last month's "DNS Poisoning" might have "fixed" 
> things so that anything claiming to be from [anything].aspca.org must 
> resolve to a QualityTech address and not to an AT&T address.  Still, I 
> don't see that we can do much to fix this...
> 
> We are considering using a VPN tunnel to try to use a NY machine as an 
> outgoing SMTP server.  What else might we try?
> 
> Other folks experiencing this?
> 
> Thanks!
> --
> Richard McClary, Systems Administrator
> ASPCA Knowledge Management
> 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> 217-337-9761
> http://www.aspca.org
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Perhaps a bit OT - mail bouncing

[RichardMcClary]

MX records are for incoming mail.  All our incoming mail uses the MX 
records for the NY office.

Something seems to be screwy with AT&T as:  nothing on our sub-net seems 
to resolve; and I've been waiting literally for hours waiting to talk to 
someone there.
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


"Candee Vaglica" <[EMAIL PROTECTED]> wrote on 08/26/2008 03:30:03 PM:

> Have you checked your DNS?
> www.dnsreport.com
> I'm not sure I"m understanding you correctly, but there is no MX
> record for mwro.aspca.org
> 
> On Tue, Aug 26, 2008 at 3:39 PM,  <[EMAIL PROTECTED]> wrote:
> > Greetings!
> >
> > We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. 
Our
> > wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
> > QualityTech.  As NY is the parent office (to say nothing of older and
> > bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
> > Illinois public addresses (including the IP address stamped onto all 
our
> > outgoing email), we have NS records on the QualityTech system pointing 
our
> > network (mwro.aspca.org) to the AT&T name servers.  All had been well 
the
> > past several months...
> >
> > Last week, attempts to send mail to various corporations and 
educational
> > institutions has been bouncing.  The headers of our bounce notices say
> > simply "Failed to connect to SMTP host COMPANY.COM because: Remote 
system
> > no longer responding"
> >
> > One company told us it is because the IP address is not resolving
> > properly...
> >
> > I have checked the DNS tables for QualityTech, and they do show "mwro"
> > being delegated to a pair of AT&T DNS servers.  I have checked the DNS
> > tables for AT&T, and we do have records in both forward and reverse 
lookup
> > zones (br.mwro.aspca.org <-> 12.15.29.130).
> >
> > Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
> > suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
> > things so that anything claiming to be from [anything].aspca.org must
> > resolve to a QualityTech address and not to an AT&T address.  Still, I
> > don't see that we can do much to fix this...
> >
> > We are considering using a VPN tunnel to try to use a NY machine as an
> > outgoing SMTP server.  What else might we try?
> >
> > Other folks experiencing this?
> >
> > Thanks!
> > --
> > Richard McClary, Systems Administrator
> > ASPCA Knowledge Management
> > 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> > 217-337-9761
> > http://www.aspca.org
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Perhaps a bit OT - mail bouncing

[RichardMcClary]

OK, as to MX records, all mail comes to us via New York, so there is no MX 
record for mwro.aspca.org.

I wonder if the "Remote system no longer responding" could mean our DNS 
servers are screwy.  They're AD-integrated with forwarders to the AT&T 
servers.  Might dumping our caches fix things?

It is disturbing that we are no longer resolving on whatever servers you 
are using!  I do have a call into AT&T, but I've been waiting to hear from 
them for over 2 hours now.

Thanks!
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


"Kennedy, Jim" <[EMAIL PROTECTED]> wrote on 08/26/2008 03:06:41 
PM:

> I am not sure that I understand your problem, but I will try. You said:
> 
> " Last week, attempts to send mail to various corporations and 
> educational institutions has been bouncing.  The headers of our 
> bounce notices say simply "Failed to connect to SMTP host COMPANY.
> COM because: Remote system no longer responding"
> 
> That tells me you are having a problem sending to others and that 
> your system is not looking up DNS records correctly. Unless I need 
> more coffee.
> 
> That said your reply address is aspca.org, so your email goes to NY 
> and then is routed to you in Illinois?
> 
> Also, there is no MX record for mwro.aspca.org
> 
> br.mwro.aspca.org does not resolve from here. No such record. 12.15.
> 29.130 does resolve back correctly. So you that may be your issue, 
> can't resolve br.mwro.aspca.org so you are failing circular dns 
> checks. But that should cause a hard failure from the receiving 
> server (if they check that) not a 'no longer responding' which 
> sounds like a connection failure.
> 
> What am I missingexplain it again to me maybe. :)
> 
> 
> 
> 
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, August 26, 2008 3:40 PM
> > To: NT System Admin Issues
> > Subject: Perhaps a bit OT - mail bouncing
> >
> > Greetings!
> >
> > We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC.
> > Our
> > wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
> > QualityTech.  As NY is the parent office (to say nothing of older and
> > bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
> > Illinois public addresses (including the IP address stamped onto all
> > our
> > outgoing email), we have NS records on the QualityTech system pointing
> > our
> > network (mwro.aspca.org) to the AT&T name servers.  All had been well
> > the
> > past several months...
> >
> > Last week, attempts to send mail to various corporations and
> > educational
> > institutions has been bouncing.  The headers of our bounce notices say
> > simply "Failed to connect to SMTP host COMPANY.COM because: Remote
> > system
> > no longer responding"
> >
> > One company told us it is because the IP address is not resolving
> > properly...
> >
> > I have checked the DNS tables for QualityTech, and they do show "mwro"
> > being delegated to a pair of AT&T DNS servers.  I have checked the DNS
> > tables for AT&T, and we do have records in both forward and reverse
> > lookup
> > zones (br.mwro.aspca.org <-> 12.15.29.130).
> >
> > Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
> > suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
> > things so that anything claiming to be from [anything].aspca.org must
> > resolve to a QualityTech address and not to an AT&T address.  Still, I
> > don't see that we can do much to fix this...
> >
> > We are considering using a VPN tunnel to try to use a NY machine as an
> > outgoing SMTP server.  What else might we try?
> >
> > Other folks experiencing this?
> >
> > Thanks!
> > --
> > Richard McClary, Systems Administrator
> > ASPCA Knowledge Management
> > 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> > 217-337-9761
> > http://www.aspca.org
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation - for external laptops

[Stu Sjouwerman]

OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.

 
Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if 

RE: Cisco help

[Aaron T. Rohyans]

I don't believe you can use SYSLOG to track logins via AAA on an IOS
router (however you can with a PIX/ASA).  You'll need to setup aaa
accounting to your radius server to track that:

aaa authentication ppp VTYAUTH group radius local
aaa authorization network VTYPRIV group radius local
aaa accounting network VTYACCT start-stop group radius

interface Virtual-Template0
 ip unnumbered Loopback0
 no peer default ip address
 ppp authentication pap VTYAUTH
 ppp authorization VTYPRIV
 ppp accounting VTYACCT

radius-server host X.X.X.X auth-port 1812/1645 acct-port 1813/1646 key
cisco

HTH,

Aaron Rohyans
IT Coordinator, IDC-USA
[EMAIL PROTECTED]
317.244.8307 (V)
317.244.4600 (F)


-Original Message-
From: Neil Standley [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 4:32 PM
To: NT System Admin Issues
Subject: RE: Cisco help

Oh right, sorry should've included that.  

3660 router.

Here's what we currently have.

logging exception 8192
logging buffered 8192 debugging
no logging console
aaa new-model
aaa authentication ppp USWest-dsl group radius local
aaa authorization network default group radius local
aaa accounting update periodic 5
aaa accounting commands 7 default start-stop group radius
aaa accounting network default start-stop group radius

logging history size 300
logging history debugging
logging trap debugging
logging source-interface Ethernet1/0
logging x.x.x.x


Thanks!
Neil

-Original Message-
From: Candee Vaglica [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 1:24 PM
To: NT System Admin Issues
Subject: Re: Cisco help

So, you're logging from what? A PIX? A switch?
If it's a PIX or ASA, you have to set the level of logging on the
appliance itself.

On Tue, Aug 26, 2008 at 4:19 PM, Neil Standley <[EMAIL PROTECTED]>
wrote:
> Hi All,
>
>
>
> I'm pretty green when it comes to Cisco but I need some help and I
haven't
> been able to get the answers I need from Google or my Cisco in a
nutshell
> book.  I am trying to setup syslogging so that I get authentication
info for
> our dial up and DSL customers.  Syslogging itself is working but all I
see
> is stuff like this.
>
>
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115,
> changed state to down
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115,
> changed state to up
>
>
>
> At some point in the past we've been able to see the auth logins and
> failures via the vty console but somehow it stopped working.  I can
gladly
> post the necessary parts of our config if that helps.
>
>
>
>
>
> Thanks in advance!
>
>
>
>
>
> Neil
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Opensource Imaging software with diff support

[Angus Scott-Fleming]

On 24 Aug 2008 at 20:31, Oliver Marshall  wrote:

> Does anyone know of an Opensource imaging app that includes differential
> support ? Odd question I know, but I have client who likes OS only apps and
> specifically needs the reduced time/data figures of differential imaging. 

Good Q.

Clonezilla and G4L are two OSS imaging products I have played with.  Neither 
supports updating an existing image AFAIK.

How many computers need to be imaged?  Perhaps you can address the problem in a 
different way, say having an initial image made with an OSS imager, then use 
BackupPC or some other OSS backup solution to store changes.  


--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation

[Angus Scott-Fleming]

On 24 Aug 2008 at 15:35, Michael D Faulkner  wrote:

> We use NOD32 on our servers. Was a bit disappointed with this recent ranking 
> report. 
> 
> http://mtc.sri.com/live_data/av_rankings/ 

I'd like to see a chart of these test results over time 


--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Cisco help

[Neil Standley]

Oh right, sorry should've included that.  

3660 router.

Here's what we currently have.

logging exception 8192
logging buffered 8192 debugging
no logging console
aaa new-model
aaa authentication ppp USWest-dsl group radius local
aaa authorization network default group radius local
aaa accounting update periodic 5
aaa accounting commands 7 default start-stop group radius
aaa accounting network default start-stop group radius

logging history size 300
logging history debugging
logging trap debugging
logging source-interface Ethernet1/0
logging x.x.x.x


Thanks!
Neil

-Original Message-
From: Candee Vaglica [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 1:24 PM
To: NT System Admin Issues
Subject: Re: Cisco help

So, you're logging from what? A PIX? A switch?
If it's a PIX or ASA, you have to set the level of logging on the
appliance itself.

On Tue, Aug 26, 2008 at 4:19 PM, Neil Standley <[EMAIL PROTECTED]>
wrote:
> Hi All,
>
>
>
> I'm pretty green when it comes to Cisco but I need some help and I
haven't
> been able to get the answers I need from Google or my Cisco in a
nutshell
> book.  I am trying to setup syslogging so that I get authentication
info for
> our dial up and DSL customers.  Syslogging itself is working but all I
see
> is stuff like this.
>
>
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115,
> changed state to down
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115,
> changed state to up
>
>
>
> At some point in the past we've been able to see the auth logins and
> failures via the vty console but somehow it stopped working.  I can
gladly
> post the necessary parts of our config if that helps.
>
>
>
>
>
> Thanks in advance!
>
>
>
>
>
> Neil
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Perhaps a bit OT - mail bouncing

[Candee Vaglica]

Have you checked your DNS?
www.dnsreport.com
I'm not sure I"m understanding you correctly, but there is no MX
record for mwro.aspca.org

On Tue, Aug 26, 2008 at 3:39 PM,  <[EMAIL PROTECTED]> wrote:
> Greetings!
>
> We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. Our
> wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
> QualityTech.  As NY is the parent office (to say nothing of older and
> bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
> Illinois public addresses (including the IP address stamped onto all our
> outgoing email), we have NS records on the QualityTech system pointing our
> network (mwro.aspca.org) to the AT&T name servers.  All had been well the
> past several months...
>
> Last week, attempts to send mail to various corporations and educational
> institutions has been bouncing.  The headers of our bounce notices say
> simply "Failed to connect to SMTP host COMPANY.COM because: Remote system
> no longer responding"
>
> One company told us it is because the IP address is not resolving
> properly...
>
> I have checked the DNS tables for QualityTech, and they do show "mwro"
> being delegated to a pair of AT&T DNS servers.  I have checked the DNS
> tables for AT&T, and we do have records in both forward and reverse lookup
> zones (br.mwro.aspca.org <-> 12.15.29.130).
>
> Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
> suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
> things so that anything claiming to be from [anything].aspca.org must
> resolve to a QualityTech address and not to an AT&T address.  Still, I
> don't see that we can do much to fix this...
>
> We are considering using a VPN tunnel to try to use a NY machine as an
> outgoing SMTP server.  What else might we try?
>
> Other folks experiencing this?
>
> Thanks!
> --
> Richard McClary, Systems Administrator
> ASPCA Knowledge Management
> 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> 217-337-9761
> http://www.aspca.org
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: SV: SV: Citrix printing

[Tom Miller]

I believe so.  We tell users that these are the only two lines we
support printing via Citrix (but they are welcome to try other brands). 
I use a Brother at home, USB and IP and it works fine.

>>> "Erik Fog-Morrissette" <[EMAIL PROTECTED]> 8/26/2008 4:20 PM >>>

Are they PCL printers?
 
I was considering the HP 1505n USB attached
 

Fra:Tom Miller [mailto:[EMAIL PROTECTED] 
Sendt: 26. august 2008 21:24
Til: NT System Admin Issues
Emne: Re: SV: Citrix printing

 
We support HP and Brother printers for home offices.  No issues that I
am aware of with those vendors.

>>> "Erik Fog-Morrissette" <[EMAIL PROTECTED]> 8/26/2008 2:47 PM >>>

I am talking about printers to be used for home offices
 

Fra: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sendt: 21. august 2008 22:26
Til: NT System Admin Issues
Emne: RE: Citrix printing

 
Are you talking about local printers or networked printers?

We have good results w/ various HP models here.

 


 

From:Erik Fog-Morrissette [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 21, 2008 4:19 PM
To: NT System Admin Issues
Subject: Citrix printing
Hello all
 
Can anyone suggest a printer for the following configuration:
 
I have a client who runs a citrixserver on a window 2003 server. 
 
The clients are MetaFrame Presentation Server Web Client for Win32.
 
I tried HP 1005 that didn’t at all go well. HP presales suggested
HP1505 which didn’t work either. So I am kind of stuck here.
 
 
 
Best regards 
SysTek
Erik Fog-Morrissette
 
 
Never, ever approach a computer saying or even thinking "I will just do
this quickly."
 
 
 
 
  
 
  

 
  
 
Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
 
  


 
 

Confidentiality Notice:  This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure, or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Cisco help

[Candee Vaglica]

So, you're logging from what? A PIX? A switch?
If it's a PIX or ASA, you have to set the level of logging on the
appliance itself.

On Tue, Aug 26, 2008 at 4:19 PM, Neil Standley <[EMAIL PROTECTED]> wrote:
> Hi All,
>
>
>
> I'm pretty green when it comes to Cisco but I need some help and I haven't
> been able to get the answers I need from Google or my Cisco in a nutshell
> book.  I am trying to setup syslogging so that I get authentication info for
> our dial up and DSL customers.  Syslogging itself is working but all I see
> is stuff like this.
>
>
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1 (x.x.x.x)
>
> 25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1 (x.x.x.x)
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access115,
> changed state to down
>
> 25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access115,
> changed state to up
>
>
>
> At some point in the past we've been able to see the auth logins and
> failures via the vty console but somehow it stopped working.  I can gladly
> post the necessary parts of our config if that helps.
>
>
>
>
>
> Thanks in advance!
>
>
>
>
>
> Neil
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Terminal Server licensing question

[Free, Bob]

Yes-

Open Terminal Services Configuration.

In the console tree, click Server Settings. 

In the details pane, right-click Licensing Mode, and then click
Properties. 

Select either Per User or Per Device, and then click OK.

-Original Message-
From: Joe Heaton [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 4:04 PM
To: NT System Admin Issues
Subject: RE: Terminal Server licensing question

Terminal Server Licensing Config?

Joe Heaton

-Original Message-
From: Don Ely [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 2:48 PM
To: NT System Admin Issues
Subject: Re: Terminal Server licensing question

Its in the config



On 8/25/08, Joe Heaton <[EMAIL PROTECTED]> wrote:
> Anyone know why Terminal Services would give out Temporary per device
> licenses instead of paid-for per user licenses?  Is there somewhere in
> the configuration that I need to tell it to use per user, or do we
need
> to go back and purchase per device?  We're using them in conjunction
> with Citrix Presentation Server 4.0...
>
>
>
> Joe Heaton
>
> AISA
>
> Employment Training Panel
>
> 1100 J Street, 4th Floor
>
> Sacramento, CA  95814
>
> (916) 327-5276
>
> [EMAIL PROTECTED]
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

No virus found in this incoming message.
Checked by AVG - http://www.avg.com 
Version: 8.0.138 / Virus Database: 270.6.7/1632 - Release Date:
8/25/2008 7:05 AM

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

SV: SV: Citrix printing

[Erik Fog-Morrissette]

Are they PCL printers?

 

I was considering the HP 1505n USB attached

 

Fra: Tom Miller [mailto:[EMAIL PROTECTED] 
Sendt: 26. august 2008 21:24
Til: NT System Admin Issues
Emne: Re: SV: Citrix printing

 

We support HP and Brother printers for home offices.  No issues that I am aware 
of with those vendors.

>>> "Erik Fog-Morrissette" <[EMAIL PROTECTED]> 8/26/2008 2:47 PM >>>

I am talking about printers to be used for home offices

 

Fra: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sendt: 21. august 2008 22:26
Til: NT System Admin Issues
Emne: RE: Citrix printing

 

Are you talking about local printers or networked printers?

We have good results w/ various HP models here.

 


 

  _  

From: Erik Fog-Morrissette [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 21, 2008 4:19 PM
To: NT System Admin Issues
Subject: Citrix printing

Hello all

 

Can anyone suggest a printer for the following configuration:

 

I have a client who runs a citrixserver on a window 2003 server. 

 

The clients are MetaFrame Presentation Server Web Client for Win32.

 

I tried HP 1005 that didn’t at all go well. HP presales suggested HP1505 which 
didn’t work either. So I am kind of stuck here.

 

 

 

Best regards 

SysTek

Erik Fog-Morrissette

 

 

Never, ever approach a computer saying or even thinking "I will just do this 
quickly."

 

 

 

 

 

 

 

 

 

 

 

 

 

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Cisco help

[Neil Standley]

Hi All,

 

I'm pretty green when it comes to Cisco but I need some help and I
haven't been able to get the answers I need from Google or my Cisco in a
nutshell book.  I am trying to setup syslogging so that I get
authentication info for our dial up and DSL customers.  Syslogging
itself is working but all I see is stuff like this.

 

25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)

25w3d: %SYS-5-CONFIG_I: Configured from console by admin on vty1
(x.x.x.x)

25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115, changed state to down

25w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Virtual-Access115, changed state to up

 

At some point in the past we've been able to see the auth logins and
failures via the vty console but somehow it stopped working.  I can
gladly post the necessary parts of our config if that helps.

 

 

Thanks in advance!

 

 

Neil

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Perhaps a bit OT - mail bouncing

[Kennedy, Jim]

I am not sure that I understand your problem, but I will try. You said:

" Last week, attempts to send mail to various corporations and educational 
institutions has been bouncing.  The headers of our bounce notices say simply 
"Failed to connect to SMTP host COMPANY.COM because: Remote system no longer 
responding"

That tells me you are having a problem sending to others and that your system 
is not looking up DNS records correctly. Unless I need more coffee.

That said your reply address is aspca.org, so your email goes to NY and then is 
routed to you in Illinois?

Also, there is no MX record for mwro.aspca.org

br.mwro.aspca.org does not resolve from here. No such record. 12.15.29.130 does 
resolve back correctly. So you that may be your issue, can't resolve 
br.mwro.aspca.org so you are failing circular dns checks. But that should cause 
a hard failure from the receiving server (if they check that) not a 'no longer 
responding' which sounds like a connection failure.

What am I missingexplain it again to me maybe. :)




> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 26, 2008 3:40 PM
> To: NT System Admin Issues
> Subject: Perhaps a bit OT - mail bouncing
>
> Greetings!
>
> We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC.
> Our
> wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through
> QualityTech.  As NY is the parent office (to say nothing of older and
> bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the
> Illinois public addresses (including the IP address stamped onto all
> our
> outgoing email), we have NS records on the QualityTech system pointing
> our
> network (mwro.aspca.org) to the AT&T name servers.  All had been well
> the
> past several months...
>
> Last week, attempts to send mail to various corporations and
> educational
> institutions has been bouncing.  The headers of our bounce notices say
> simply "Failed to connect to SMTP host COMPANY.COM because: Remote
> system
> no longer responding"
>
> One company told us it is because the IP address is not resolving
> properly...
>
> I have checked the DNS tables for QualityTech, and they do show "mwro"
> being delegated to a pair of AT&T DNS servers.  I have checked the DNS
> tables for AT&T, and we do have records in both forward and reverse
> lookup
> zones (br.mwro.aspca.org <-> 12.15.29.130).
>
> Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss
> suggests the "fix" for last month's "DNS Poisoning" might have "fixed"
> things so that anything claiming to be from [anything].aspca.org must
> resolve to a QualityTech address and not to an AT&T address.  Still, I
> don't see that we can do much to fix this...
>
> We are considering using a VPN tunnel to try to use a NY machine as an
> outgoing SMTP server.  What else might we try?
>
> Other folks experiencing this?
>
> Thanks!
> --
> Richard McClary, Systems Administrator
> ASPCA Knowledge Management
> 1717 S Philo Rd, Ste 36, Urbana, IL  61802
> 217-337-9761
> http://www.aspca.org
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Perhaps a bit OT - mail bouncing

[RichardMcClary]

Greetings!

We are the mid-west office of the ASPCA (Illinois).  Our HQ is in NYC. Our 
wires, DNS, etc are via AT&T.  Their wires, DNS, etc are through 
QualityTech.  As NY is the parent office (to say nothing of older and 
bigger), the QualityTech system is the SOA for ASPCA.ORG.  For the 
Illinois public addresses (including the IP address stamped onto all our 
outgoing email), we have NS records on the QualityTech system pointing our 
network (mwro.aspca.org) to the AT&T name servers.  All had been well the 
past several months...

Last week, attempts to send mail to various corporations and educational 
institutions has been bouncing.  The headers of our bounce notices say 
simply "Failed to connect to SMTP host COMPANY.COM because: Remote system 
no longer responding"

One company told us it is because the IP address is not resolving 
properly...

I have checked the DNS tables for QualityTech, and they do show "mwro" 
being delegated to a pair of AT&T DNS servers.  I have checked the DNS 
tables for AT&T, and we do have records in both forward and reverse lookup 
zones (br.mwro.aspca.org <-> 12.15.29.130).

Any ideas (while I wait and wait and wait to talk to AT&T)?  The Boss 
suggests the "fix" for last month's "DNS Poisoning" might have "fixed" 
things so that anything claiming to be from [anything].aspca.org must 
resolve to a QualityTech address and not to an AT&T address.  Still, I 
don't see that we can do much to fix this...

We are considering using a VPN tunnel to try to use a NY machine as an 
outgoing SMTP server.  What else might we try?

Other folks experiencing this?

Thanks!
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: SV: Citrix printing

[Tom Miller]

We support HP and Brother printers for home offices.  No issues that I
am aware of with those vendors.

>>> "Erik Fog-Morrissette" <[EMAIL PROTECTED]> 8/26/2008 2:47 PM >>>

I am talking about printers to be used for home offices
 

Fra: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sendt: 21. august 2008 22:26
Til: NT System Admin Issues
Emne: RE: Citrix printing

 
Are you talking about local printers or networked printers?

We have good results w/ various HP models here.

 


 


From:Erik Fog-Morrissette [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 21, 2008 4:19 PM
To: NT System Admin Issues
Subject: Citrix printing
Hello all
 
Can anyone suggest a printer for the following configuration:
 
I have a client who runs a citrixserver on a window 2003 server. 
 
The clients are MetaFrame Presentation Server Web Client for Win32.
 
I tried HP 1005 that didn’t at all go well. HP presales suggested
HP1505 which didn’t work either. So I am kind of stuck here.
 
 
 
Best regards 
SysTek
Erik Fog-Morrissette
 
 
Never, ever approach a computer saying or even thinking "I will just do
this quickly."
 
 
 
 
  
 
  


 
 

Confidentiality Notice:  This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure, or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: User Account lockout?

[Joseph L. Casale]

Nope, user *only* has owa access? I check AD for locked accounts and its not 
locked?
I am baffled?

Jlc


From: Klint Price - ArizonaITPro [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 1:02 PM
To: NT System Admin Issues
Subject: Re: User Account lockout?

I would suspect the user is logged in elsewhere.  When the password expires, 
they change it on their end, but their logged in session elsewhere keeps the 
old cached credentials, which eventually locks out the account.

Klint

Joseph L. Casale wrote:
Yeah and I don't see anything? So weird.
jlc

From: John Hornbuckle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 12:20 PM
To: NT System Admin Issues
Subject: RE: User Account lockout?

Have you checked the logs on the Exchange server for entries that mention this 
user's account?



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us



From: Joseph L. Casale [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 12:38 PM
To: NT System Admin Issues
Subject: User Account lockout?

I have this one user in a single 2008 DC setup that cant get at owa for 
exchange 2007 every few weeks.
The account as reported by AD is not locked out, nor is the pw expired, but 
resetting the password fixes it?

They don't change the pw? What can I look at to see what is causing this 
account to be "locked" but not?

Thanks!
jlc





















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: User Account lockout?

[Klint Price - ArizonaITPro]

I would suspect the user is logged in elsewhere.  When the password 
expires, they change it on their end, but their logged in session 
elsewhere keeps the old cached credentials, which eventually locks out 
the account.

Klint

Joseph L. Casale wrote:
>
> Yeah and I don't see anything? So weird.
>
> jlc
>
>  
>
> *From:* John Hornbuckle [mailto:[EMAIL PROTECTED]
> *Sent:* Tuesday, August 26, 2008 12:20 PM
> *To:* NT System Admin Issues
> *Subject:* RE: User Account lockout?
>
>  
>
> Have you checked the logs on the Exchange server for entries that 
> mention this user's account?
>
>  
>
>  
>
>  
>
> John Hornbuckle
>
> MIS Department
>
> Taylor County School District
>
> 318 North Clark Street
>
> Perry, FL 32347
>
>  
>
> www.taylor.k12.fl.us
>
>  
>
>  
>
>  
>
> *From:* Joseph L. Casale [mailto:[EMAIL PROTECTED]
> *Sent:* Tuesday, August 26, 2008 12:38 PM
> *To:* NT System Admin Issues
> *Subject:* User Account lockout?
>
>  
>
> I have this one user in a single 2008 DC setup that cant get at owa 
> for exchange 2007 every few weeks.
>
> The account as reported by AD is not locked out, nor is the pw 
> expired, but resetting the password fixes it?
>
>  
>
> They don't change the pw? What can I look at to see what is causing 
> this account to be "locked" but not?
>
>  
>
> Thanks!
> jlc
>
>  
>
>  
>
>  
>
>  
>
>  
>
>  
>
>  
>
>  


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[jeff . wilhelm]

Two things to try / check:
1) In the Watchguard Policy Manager turn the logging level up for the VPN 
connection, and then watch the logs when the RDP drops.
2) In your Mobile User VPN settings (assuming you're used the WG MUVPN 
Client and not PPTP or SSLVPN check the timeout length (set bandwidth to 0 
and time to 24 hours for example).





"Paul Everett" <[EMAIL PROTECTED]> 
08/26/2008 08:53 AM
Please respond to
"NT System Admin Issues" 


To
"NT System Admin Issues" 
cc

Subject
RE: remote access






Anything in the Event Logs on either end?  On the client as far as a 
reason for the connection dropping, or on the server as far as a reason 
for the connection being denied?
The only thing in the event log on the TS is event 551 (logoff).  Below is 
the description.  Event 538 ?sometimes? does not appear after 551, 
sometimes it does.  This may explain why we are unable to reconnect 
immediately after losing connection to the TS, and is probably separate 
from the connection issue.
If a Security 538 message does not appear shortly after the Security 551 
message, a program or service might not be managing its access tokens 
correctly. Although the user cannot access objects, the program or service 
might have cached an access token and therefore retained the ability to 
access objects.
On the client there is a Remote Access event that establishes the VPN, but 
no events are generated when the RDP session is initiated or dropped.
During the RDP drop for one user, can another user still use / connect to 
the server?
 
I don?t know.  There are only a few users who connect at random times.
 
 
Does disconnecting from the VPN as soon as the RDP is dropped, and then 
reconnecting to VPN allow the RDP session to be reconnected?
 
I would have to say ?sometimes?. 
I just got off the phone with a user who was connected to the VPN but 
couldn?t connect to Remote Desktop.  He couldn?t ping anything on my 
network.  After disconnecting and re-establishing the VPN he was able to 
connect to Remote Desktop, but it was dropped after 9 minutes.
 
Last night I connected to our VPN from home and although I could ping my 
network, the connection was so pitifully slow, I couldn?t connect to 
anything.  It affected everything on my computer as well.  I was basically 
dead in the water until I disconnected the VPN.
 
A couple days ago I connected without any problem and stayed connected to 
Remote Desktop for almost an hour before I ended my session.
 
The only consistent thing I?ve found is that none of my users can stay 
connected for more than 20-30 minutes, if they are lucky.
 
We are using a Watchguard firewall for VPN access.
 
Paul

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:11 PM
To: NT System Admin Issues
Subject: RE: remote access
 
 
 

 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: User Account lockout?

[Joseph L. Casale]

Yeah and I don't see anything? So weird.
jlc

From: John Hornbuckle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 12:20 PM
To: NT System Admin Issues
Subject: RE: User Account lockout?

Have you checked the logs on the Exchange server for entries that mention this 
user's account?



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us



From: Joseph L. Casale [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 12:38 PM
To: NT System Admin Issues
Subject: User Account lockout?

I have this one user in a single 2008 DC setup that cant get at owa for 
exchange 2007 every few weeks.
The account as reported by AD is not locked out, nor is the pw expired, but 
resetting the password fixes it?

They don't change the pw? What can I look at to see what is causing this 
account to be "locked" but not?

Thanks!
jlc











~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

SV: Citrix printing

[Erik Fog-Morrissette]

I am talking about printers to be used for home offices

 

Fra: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sendt: 21. august 2008 22:26
Til: NT System Admin Issues
Emne: RE: Citrix printing

 

Are you talking about local printers or networked printers?

We have good results w/ various HP models here.

 


 

  _  

From: Erik Fog-Morrissette [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 21, 2008 4:19 PM
To: NT System Admin Issues
Subject: Citrix printing

Hello all

 

Can anyone suggest a printer for the following configuration:

 

I have a client who runs a citrixserver on a window 2003 server. 

 

The clients are MetaFrame Presentation Server Web Client for Win32.

 

I tried HP 1005 that didn't at all go well. HP presales suggested HP1505
which didn't work either. So I am kind of stuck here.

 

 

 

Best regards 

SysTek

Erik Fog-Morrissette

 

 

Never, ever approach a computer saying or even thinking "I will just do this
quickly."

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[Benjamin Zachary - Lists]

Just curious, when the user gets dropped out of TS, they are still connected
but not able to 'see' the ts in which they were disconnected?

 

That sounds like some weird routing issue. You may also want to remove
encryption from the ts since you are already encrypting your traffic with
the vpn.

 

You should do a ping -t ts.ip.address and then connect and work and see if
the time outs correlate to the dropping of the connection. If so , but you
are still online the only thing I can think of that would 'block' would be
the firewall. 

 

From: Paul Everett [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 8:54 AM
To: NT System Admin Issues
Subject: RE: remote access

 

Anything in the Event Logs on either end?  On the client as far as a reason
for the connection dropping, or on the server as far as a reason for the
connection being denied?

The only thing in the event log on the TS is event 551 (logoff).  Below is
the description.  Event 538 "sometimes" does not appear after 551, sometimes
it does.  This may explain why we are unable to reconnect immediately after
losing connection to the TS, and is probably separate from the connection
issue.

If a Security 538 message does not appear shortly after the Security 551
message, a program or service might not be managing its access tokens
correctly. Although the user cannot access objects, the program or service
might have cached an access token and therefore retained the ability to
access objects.

On the client there is a Remote Access event that establishes the VPN, but
no events are generated when the RDP session is initiated or dropped.

During the RDP drop for one user, can another user still use / connect to
the server?

 

I don't know.  There are only a few users who connect at random times.

 

 

Does disconnecting from the VPN as soon as the RDP is dropped, and then
reconnecting to VPN allow the RDP session to be reconnected?

 

I would have to say "sometimes".  

I just got off the phone with a user who was connected to the VPN but
couldn't connect to Remote Desktop.  He couldn't ping anything on my
network.  After disconnecting and re-establishing the VPN he was able to
connect to Remote Desktop, but it was dropped after 9 minutes.

 

Last night I connected to our VPN from home and although I could ping my
network, the connection was so pitifully slow, I couldn't connect to
anything.  It affected everything on my computer as well.  I was basically
dead in the water until I disconnected the VPN.

 

A couple days ago I connected without any problem and stayed connected to
Remote Desktop for almost an hour before I ended my session.

 

The only consistent thing I've found is that none of my users can stay
connected for more than 20-30 minutes, if they are lucky.

 

We are using a Watchguard firewall for VPN access.

 

Paul

  _  

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:11 PM
To: NT System Admin Issues
Subject: RE: remote access

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: User Account lockout?

[John Hornbuckle]

Have you checked the logs on the Exchange server for entries that mention this 
user's account?



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us



From: Joseph L. Casale [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 12:38 PM
To: NT System Admin Issues
Subject: User Account lockout?

I have this one user in a single 2008 DC setup that cant get at owa for 
exchange 2007 every few weeks.
The account as reported by AD is not locked out, nor is the pw expired, but 
resetting the password fixes it?

They don't change the pw? What can I look at to see what is causing this 
account to be "locked" but not?

Thanks!
jlc






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

classic - local users authenticate as themselves

[Kennedy, Jim]

Any caveats to turning this on?



It seems to be the solution to Remote Desktop issues I am having. Without it on 
it seems simple file sharing is turned on in our domain desktops. That seems to 
be the issue with our Remote Desktop. Interesting that Server 2008 DC's seems 
to have raised this issue.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Roaming Profile Environments

[Sean Martin]

Hello all,

I'm doing some research in attempt to identify how other medium to large
organizations have architected their roaming profile environments. Here's a
brief synopsis of our current environment:

- Windows 2003 AD Domain
- Citrix Presentation Server 4.5 - Single Farm, two Sites (Site A and Site
B), Several Application Silos
- Roughly 90 Citrix Servers
- 2000 Users
- Mix of XP SP2 PCs and XPEmbedded Thin Clients
- EMC CX700 at both sites providing storage to Home Directory/Terminal
Service Roaming Profile servers. We have SAN Copy and SnapView installed,
but not MirrorView. McData Eclipse 1600 iFCP Routers facilitate data
replication between the CX700s.

Home Directories and Terminal Service Roaming Profiles are stored on Windows
2003 R2 SP2 file servers which are members of a DFS Namespace and
participate in DFS Replication. (Site A = Server 1, Server 2) (Site B =
Server 1, Server 2). We architected the DFS environment, using specific
profile paths pointing to folder targets within Site A and Site B
respectively, and used DFS referral ordering to lock down which servers
users connect to in their respective site. Microsoft originally 'blessed'
this design but ultimately still had concerns about hosting roaming profiles
in a DFS environment.

After several months of troubleshooting various profile related issues,
Microsoft has ultimately stated they can no longer provide support because
our configuration is technically 'unsupported'. While we're well aware the
majority of our profile issues are a direct result of our Citrix
environment, specifically the different application silos causing profile
contention during logoff, it has been decided we do not want to maintain an
unsupported environment.

Our primary goal is to provide a highly available and fault tolerant profile
environment. We're willing to look at host based replication software, SAN
Based replication, etc. We're currently researching DoubleTake's
capabilities.

I'm looking for some feedback on how others have architected roaming
profiles in similar environments.

 - Sean

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation - for external laptops

[John Gwinner]

eMail updates wouldn't be so bad, although the return path might be a
little tricky - there's a lot of mail settings to setup.  You'd need to
build in mailbox maintenance.

I don't have an issue opening a port up, however.  

Let's not forget the installation part - some of these laptops are never
in the enterprise.  

So you need some way to install it remotely, usually a web
site/intranet.  So the port is pretty much already open.

You'd also need a way to reject machines or remotely cause an uninstall.
The latter would be a HUGE security hole of course, it would take some
tricky implementation.  For Trend, we can delete the laptop out of the
console and it won't get updates.

Removing an external machine isn't so much a security issue, it's more
of a licensing issue.  

   == John ==
 


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:45 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> That would be sweet..Umm very sweet indeed..  Talk about a simplified
> rock solid compliance tool for remote offices and at home/on the road
> employees.
> 
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:59 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> What would be cool would be an AV agent that could generate an email
> with it's data  - could be encrypted - and send it to an email account
> on your domain that is checked by the AV server.  The server then
reads
> the email, updates the database and deletes the email.  No open ports
on
> the firewall, no special VPN to set up.  Could something like that be
> workable?
> 
> -Original Message-
> From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:35 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> I think yes, but I'm going to make sure and ask the lead dev !!
> 
> Stu
> 
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:36 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> You mean you would like it to check in for status and reporting
> purposes?
> With VIPRE, or any other product that has similar options, what would
> happen if you set the update options for laptops to update from
> Sunbelt's servers over the Internet, but set the policy\reporting
server
> to the public IP address on your router, and port forwarded those
ports
> to your VIPRE server.
> Would that work?
> 
> -Original Message-
> From: Andy Shook [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:19 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> Vipre\CSE has the option to get update from the Internet if internal
> servers are not available.  Works very well...
> 
> Shook
> 
> 
> From: Matt Plahtinsky [EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:15 PM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation - for external laptops
> 
> Good question!  I just sent this exact same question into sunbelts
> support page this morning.  Were in the same boat.  Our laptop users
> only connect to our network a few times a year but we still provide
> remote support.  We need an antivirus product that will check in with
us
> every time its online.
> 
> Matt
> 
> 
> 
> On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> > I went through all of the emails, and didn't see much on this ...
what
> 
> > A/V solutions work OK with distributed clients, meaning someone
who's
> > never been inside the firewall or VPN'd so that Group Policy could
> > install it?
> >
> >
> > We have a lot of laptops that never set foot in our office, and I'd
> like
> > to protect them centrally to reduce ownership costs, make
> > troubleshooting easier, and allow us to proactively spot things like
> > common infections.
> >
> >
> >
> > So far Trend's OfficeScan and Panda are about the only ones that
seem
> to
> > do that.
> >
> >
> >
> > Stu, or anyone else - does anything else work OK for traveling
laptops
> 
> > (no VPN)?
> >
> >
> >
> >== John ==
> >
> >
> > From: Devin Meade [mailto:[EMAIL PROTECTED]
> > Sent: Friday, August 22, 2008 11:46 AM
> > To: NT System Admin Issues
> > Subject: Re: Corporate antivirus recommendation
> >
> >
> >
> > I have to agree on number four.  We have more and more laptops and
> this
> > is key.  Question - will VIPRE do this?  If so, its on our short
list
> in
> > a few months with Trend expires.
> >
> >
> >
> > Devin
> >
> >
> >
> >
> >
> > On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> > wrote:
> >
> > Regarding understanding tech's, I think that's anywhere

RE: Vista and deploying apps, install notification removed?

[Mike Gill]

Thanks! :D

 

-- 
Mike Gill

 

From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 7:49 AM
To: NT System Admin Issues
Subject: RE: Vista and deploying apps, install notification removed?

 

Mike,

Using regedit, you need to go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Policies\System, create a DWORD named  VerboseStatus and set its value to 1.

HTH,

Tim

 

From: Mike Gill [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 9:14 AM
To: NT System Admin Issues
Subject: Vista and deploying apps, install notification removed?

 

For a little while now I noticed that Vista gives no notification when apps
are deployed to it at startup. I could've sworn it did this at some point
though (pre sp1?). XP mentions it's installing Managed Applications, but
Vista doesn't. Is there a way to turn this back on? It's aggravating when
the login is taking forever with no notice as to what's going on for users.

 

-- 
Mike Gill

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: skill assessment

[Roger Wright]

I think I recall something along these lines on Tech Republic a couple
years ago.

 

   

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

_  

 

From: David Mazzaccaro [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 12:29 PM
To: NT System Admin Issues
Subject: RE: skill assessment

 

I would be very interested in something like this as well.

Managers don't always have an accurate understanding of their employees'
computer literacy!

 

 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 12:26 PM
To: NT System Admin Issues
Subject: OT: skill assessment

So I have to ask, does anyone have a computer skill assessment test you
can share? More on the expression of end-user general use of the basic
applications and computer usage?

 

TIA, 

 

Thomas Gonzalez

Technology Manager

Girl Scouts of Southwest Texas

210.349.2404 phone
210.403.1586 DID

210.349.2666 fax

www.girlscouts-swtx.org

[EMAIL PROTECTED]

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Girl Scouts of Southwest Texas. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, Girl Scouts of Southwest Texas cannot accept responsibility for
any loss or damage that arise from the use of this email or attachments.

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Laundry list

[Dennis Rogov]

I was wondering if anyone could share what is their data
center laundry list so I can generate for my team. In our network we are
running 50 windows 03 servers and 20 virtual machines SQL 2k and 2005,
Exchange, IIS web servers Checkpoint Firewall HP switches whats up gold
monitor software HP System Manager, Dell Open Manage. 

 

Dr

 

 

Dennis Rogov

Senior Network Analyst 
THE Peer GROUP an informed medical communications company 

379 thornall street, 12th floor  | edison, nj 08837 usa

Direct: 732-205-8376 | fax: 732.321.0636 |Cell:732.861.2277

[EMAIL PROTECTED] 
www.peergroupinc.com  
[This e-mail and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged and/or
confidential information. No confidentiality or privilege is waived or
lost by any mistransmission. If you are not the intended recipient of
this e-mail, you are hereby notified any dissemination, distribution or
copying of this email, and any attachments thereto, is strictly
prohibited. If you receive this email in error please immediately notify
me at (732) 205-8376 and permanently delete the original copy and any
copy of any e-mail, and any printout thereof. ]

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

User Account lockout?

[Joseph L. Casale]

I have this one user in a single 2008 DC setup that cant get at owa for 
exchange 2007 every few weeks.
The account as reported by AD is not locked out, nor is the pw expired, but 
resetting the password fixes it?

They don't change the pw? What can I look at to see what is causing this 
account to be "locked" but not?

Thanks!
jlc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: skill assessment

[David Mazzaccaro]

I would be very interested in something like this as well.
Managers don't always have an accurate understanding of their employees'
computer literacy!

 




From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 12:26 PM
To: NT System Admin Issues
Subject: OT: skill assessment



So I have to ask, does anyone have a computer skill assessment test you
can share? More on the expression of end-user general use of the basic
applications and computer usage?

 

TIA, 

 

Thomas Gonzalez

Technology Manager

Girl Scouts of Southwest Texas

210.349.2404 phone
210.403.1586 DID

210.349.2666 fax

www.girlscouts-swtx.org  

[EMAIL PROTECTED]  

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Girl Scouts of Southwest Texas. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, Girl Scouts of Southwest Texas cannot accept responsibility for
any loss or damage that arise from the use of this email or attachments.


 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: skill assessment

[tgonzalez]

So I have to ask, does anyone have a computer skill assessment test you
can share? More on the expression of end-user general use of the basic
applications and computer usage?

 

TIA, 

 

Thomas Gonzalez

Technology Manager

Girl Scouts of Southwest Texas

210.349.2404 phone
210.403.1586 DID

210.349.2666 fax

www.girlscouts-swtx.org  

[EMAIL PROTECTED]  

 




This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Girl Scouts of 
Southwest Texas company. Warning: Although precautions have been taken to make 
sure no viruses are present in this email, the company cannot accept 
responsibility for any loss or damage that arise from the use of this email or 
attachments.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Revised MS07-050 IE7/XP2 VML vulnerability -- details?

[Angus Scott-Fleming]

Interesting, MS has issued an out-of-band update for IE7, but the original KB 
has no reference to any update or changes.  Anyone have any more details?

Searching the MS download center for 938127 turns this up:

http://www.microsoft.com/downloads/results.aspx?pocId=7&freetext=938127

Only the first hit has a 2008 date, and none of the older KBs or SecBulls 
mentions the update.

--- Included Stuff Follows ---
Security Update for Internet Explorer 7 for Windows XP (KB938127)

A security issue has been identified in the way Vector Markup Language 
(VML) is handled that could allow an attacker to compromise a computer 
running Microsoft Windows and gain control over it. You can help protect 
your computer by installing this update from Microsoft.

Quick Details
File Name:  IE7-WindowsXP-KB938127-v2-x86-ENU.exe
Version:938127
Security Bulletins:  MS07-050
Knowledge Base (KB) Articles:  KB938127
Date Published:  8/25/2008
- Included Stuff Ends -
Updated patch here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9f5da816-194c-478e-
8a96-9421a0c52c9f&DisplayLang=en 
or here if the above wraps unusably: http://preview.tinyurl.com/2yeozr

More here:
  Original KB938127 and security bulletin articles here:
MS07-050: Vulnerability in Vector Markup Language could allow remote code 
execution
http://support.microsoft.com/kb/938127
  Microsoft Security Bulletin MS07-050 - Critical: Vulnerability in 
  Vector Markup Language Could Allow Remote Code Execution (938127)  
http://www.microsoft.com/technet/security/bulletin/ms07-050.mspx


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Interactive Whiteboards/Smartboards for Education

[Kennedy, Jim]

+1 for SmartTech.

We have a couple hundred of them installed. Other than a bad batch of 25 or so 
two years ago, which they instantly replaced, it has been a great unit. The 
software actually is the key, it rocks.

STRONGLY suggest you set up training for the staff that are going to use it. It 
is more than just the technical knowledge of how to use it, it can and does 
open up new ways to teach differently..and that is something they need to 
see and have help with. There are many professional trainers you can hire to 
come in, most of them are ex-teachers so it goes very well.


> -Original Message-
> From: Candee Vaglica [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 26, 2008 10:52 AM
> To: NT System Admin Issues
> Subject: Re: Interactive Whiteboards/Smartboards for Education
>
> We do a lot of school projects, and we recommend the smartboards from
> here:
> http://smarttech.com/
> We also have one in our conference room.
>
> On Mon, Aug 25, 2008 at 7:22 PM, Jon B. Lewis <[EMAIL PROTECTED]> wrote:
> > Does anyone here have recommendations for smartboard/interactive
> > whiteboards, particularly for young children?  Our teachers use
> > Bluetooth tablets for the majority of their stuff but the
> administration
> > is wanting something like this for the smaller children to interact
> with
> > the computer/projector system and we've not used one of these in
> quite
> > some time.  Thought I'd see if anyone has any suggestions.
> >
> > Jon Lewis
> >
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Interactive Whiteboards/Smartboards for Education

[Candee Vaglica]

We do a lot of school projects, and we recommend the smartboards from here:
http://smarttech.com/
We also have one in our conference room.

On Mon, Aug 25, 2008 at 7:22 PM, Jon B. Lewis <[EMAIL PROTECTED]> wrote:
> Does anyone here have recommendations for smartboard/interactive
> whiteboards, particularly for young children?  Our teachers use
> Bluetooth tablets for the majority of their stuff but the administration
> is wanting something like this for the smaller children to interact with
> the computer/projector system and we've not used one of these in quite
> some time.  Thought I'd see if anyone has any suggestions.
>
> Jon Lewis
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Vista and deploying apps, install notification removed?

[Tim Vander Kooi]

Mike,
Using regedit, you need to go to 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Policies\System, 
create a DWORD named  VerboseStatus and set its value to 1.
HTH,
Tim

From: Mike Gill [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 9:14 AM
To: NT System Admin Issues
Subject: Vista and deploying apps, install notification removed?

For a little while now I noticed that Vista gives no notification when apps are 
deployed to it at startup. I could've sworn it did this at some point though 
(pre sp1?). XP mentions it's installing Managed Applications, but Vista 
doesn't. Is there a way to turn this back on? It's aggravating when the login 
is taking forever with no notice as to what's going on for users.

--
Mike Gill







~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Vista and deploying apps, install notification removed?

[Mike Gill]

For a little while now I noticed that Vista gives no notification when apps
are deployed to it at startup. I could've sworn it did this at some point
though (pre sp1?). XP mentions it's installing Managed Applications, but
Vista doesn't. Is there a way to turn this back on? It's aggravating when
the login is taking forever with no notice as to what's going on for users.

 

-- 
Mike Gill

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Remembering Custom Search Web Page of old Michael

[René de Haas]

That was Micheal Espinola Jr iirc.
You'll need to ask him. I seem to remember he retracted the code.

Hth
René

-Original Message-
From: Ajay Kulsh [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 5:55 AM
To: NT System Admin Issues
Subject: Remembering Custom Search Web Page of old Michael

Many years ago --at least 5 -- a Michael in this group provided a custom web 
page where one could search in Google, Google groups, EventID etc etc. by 
selecting a radio button for them.

I would very much like to get code of such a webpage, especially since 
search box in Google bar often freezes in my IE7 of Vista. I am willing to 
pay for such a page. Thanks.

Jay Kulsh
So. Pasadena, CA 



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


***
The information in this e-mail is confidential and intended solely for the 
individual or entity to whom it is addressed.  If you have received this e-mail 
in error please notify the sender by return e-mail delete this e-mail and 
refrain from any disclosure or action based on the information.
***

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain Controller on Hyper-V

[Jon Harris]

Doing it now planning to have another on a dedicated machine running Virtual
Server with the DC being the only thing on it.  The VS machine will not
upgrade to 2008 and Hyper-V for those saying I should not do it.  I have no
choice other than putting the pDCe on the Hyper-V and the bDC on the Virtual
Server which I may do.

Jon

On Tue, Aug 26, 2008 at 9:15 AM, Brumbaugh, Luke <
[EMAIL PROTECTED]> wrote:

>  I have 2 new servers with 10 gb Ram and have pondered the possibilities
> of core and Hyper-v with a DC sitting on top and disaster recovery.   Is
> this a good or bad Idea?   Looking for opinions.
>
> TIA
>
> ***Luke L. Brumbaugh*
>
> Network Engineer
>
> Butler Animal Health Supply
>
> Ph:(614) 659-1736
>
>  **
>
> CONFIDENTIALITY NOTICE: The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review, retransmission,
> dissemination or other use of this information by persons or entities other
> than the intended recipient is prohibited. If you received this in error,
> please contact the sender and destroy all copies of this document. Thank
> you.
>
> Butler Animal Health Supply
>
> **
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Domain Controller on Hyper-V

[Brumbaugh, Luke]

I have 2 new servers with 10 gb Ram and have pondered the possibilities
of core and Hyper-v with a DC sitting on top and disaster recovery.   Is
this a good or bad Idea?   Looking for opinions.

TIA 

Luke L. Brumbaugh
Network Engineer
Butler Animal Health Supply
Ph:(614) 659-1736



**
CONFIDENTIALITY NOTICE:  The information transmitted in this message is 
intended only for the person or entity to which it is addressed and may contain 
confidential and/or privileged material.  Any review, retransmission, 
dissemination or other use of this information by persons or entities other 
than the intended recipient is prohibited.  If you received this in error, 
please contact the sender and destroy all copies of this document.  Thank you.  
Butler Animal Health Supply
**


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: AV on an System Center Essentials server

[Jon Harris]

Thank you I am bookmarking that one.

Jon

On Tue, Aug 26, 2008 at 7:11 AM, Steve Burkett <[EMAIL PROTECTED]>wrote:

>   Should be ok as long as you exclude certain directories and processes
> from scanning. Rod's got a good list here for Ops Manager 2007, but probably
> similar to SCE:
>
>
>
>
> http://myitforum.com/cs2/blogs/rtrent/archive/2008/07/18/recommended-antivirus-exclusions-for-opsmgr.aspx
>
>
>
>
>
>
>
> *From:* Jon Harris [mailto:[EMAIL PROTECTED]
> *Sent:* 26 August 2008 11:01
> *To:* NT System Admin Issues
> *Subject:* AV on an System Center Essentials server
>
>
>
> Okay I am not seeing anything about this but what about adding AntiVirus to
> a System Center Essentials machine, or for that matter any System Center
> machine?  Is that bad or good?
>
>
>
> Thanks,
>
>
>
> Jon
>
>
>
>
>
>
>
> ===
> STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE
> This e-mail is intended only for the addressees named in it. The contents
> should not be disclosed to any other person nor copies taken. Any views or
> opinions presented are solely those of the sender and do not necessarily
> represent those of Stemcor unless otherwise specifically stated. Stemcor
> does not accept legal responsibility for the contents of this message nor
> responsibility for any change made to it after it was sent by the original
> sender. You are advised to carry out a virus check before opening any
> attachment as Stemcor does not accept liability for any damage sustained as
> a result of any software viruses. You should be aware that Stemcor reserves
> the right to read incoming and outgoing emails.
> ===
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: remote access

[Paul Everett]

Anything in the Event Logs on either end?  On the client as far as a
reason for the connection dropping, or on the server as far as a reason
for the connection being denied?

The only thing in the event log on the TS is event 551 (logoff).  Below
is the description.  Event 538 "sometimes" does not appear after 551,
sometimes it does.  This may explain why we are unable to reconnect
immediately after losing connection to the TS, and is probably separate
from the connection issue.

If a Security 538 message does not appear shortly after the Security 551
message, a program or service might not be managing its access tokens
correctly. Although the user cannot access objects, the program or
service might have cached an access token and therefore retained the
ability to access objects.

On the client there is a Remote Access event that establishes the VPN,
but no events are generated when the RDP session is initiated or
dropped.

During the RDP drop for one user, can another user still use / connect
to the server?

 

I don't know.  There are only a few users who connect at random times.

 

 

Does disconnecting from the VPN as soon as the RDP is dropped, and then
reconnecting to VPN allow the RDP session to be reconnected?

 

I would have to say "sometimes".  

I just got off the phone with a user who was connected to the VPN but
couldn't connect to Remote Desktop.  He couldn't ping anything on my
network.  After disconnecting and re-establishing the VPN he was able to
connect to Remote Desktop, but it was dropped after 9 minutes.

 

Last night I connected to our VPN from home and although I could ping my
network, the connection was so pitifully slow, I couldn't connect to
anything.  It affected everything on my computer as well.  I was
basically dead in the water until I disconnected the VPN.

 

A couple days ago I connected without any problem and stayed connected
to Remote Desktop for almost an hour before I ended my session.

 

The only consistent thing I've found is that none of my users can stay
connected for more than 20-30 minutes, if they are lucky.

 

We are using a Watchguard firewall for VPN access.

 

Paul



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:11 PM
To: NT System Admin Issues
Subject: RE: remote access

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: AV on an System Center Essentials server

[Steve Burkett]

Should be ok as long as you exclude certain directories and processes
from scanning. Rod's got a good list here for Ops Manager 2007, but
probably similar to SCE:

 

http://myitforum.com/cs2/blogs/rtrent/archive/2008/07/18/recommended-ant
ivirus-exclusions-for-opsmgr.aspx

 

 

 

From: Jon Harris [mailto:[EMAIL PROTECTED] 
Sent: 26 August 2008 11:01
To: NT System Admin Issues
Subject: AV on an System Center Essentials server

 

Okay I am not seeing anything about this but what about adding AntiVirus
to a System Center Essentials machine, or for that matter any System
Center machine?  Is that bad or good?

 

Thanks,

 

Jon 
 
=== 
STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE 
This e-mail is intended only for the addressees named in it. The contents 
should not be disclosed to any other person nor copies taken. Any views or 
opinions presented are solely those of the sender and do not necessarily 
represent those of Stemcor unless otherwise specifically stated. Stemcor does 
not accept legal responsibility for the contents of this message nor 
responsibility for any change made to it after it was sent by the original 
sender. You are advised to carry out a virus check before opening any 
attachment as Stemcor does not accept liability for any damage sustained as a 
result of any software viruses. You should be aware that Stemcor reserves the 
right to read incoming and outgoing emails. 
===

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

AV on an System Center Essentials server

[Jon Harris]

Okay I am not seeing anything about this but what about adding AntiVirus to
a System Center Essentials machine, or for that matter any System Center
machine?  Is that bad or good?

Thanks,

Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~