Memory Upgrade question
I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
OT VMware book
I've been contacted by a publisher about co-authoring a book on VMWare management. I'm not up to the task, time or knowledge wise. So I told them I would reach out to my network to see if anyone is interested. If you are, contact me off list and I will provide contact information. Kevin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Run a batch file to send emails
Ok I have the evtvwr_sec_parsed_.csv file created go to go there. I am grabbing three things from my evtvwr_sec file the user, workstation, and IP address from 530 events. I now want to email those offending my log on hours policy by using blat. for something do blat blat header.txt -to [EMAIL PROTECTED] -cc [EMAIL PROTECTED] -s Workstation not shutdown or user still logged on after hours access. -body The Workstation (%2) on IP (%3) was logged into by you (%1) after your log on hours have expired. Please log off your machine everynight and shut down your machine. This helps prevent damage to the workstation and assures the Credit Union no one is trying to access the network with your log on permissions. until eof of evtvwr_sec_parsed_.csv From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:36 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails I use elsave (nightly) to create daily CSV of my security event logs and then it clears the security log. I then run log parser to read the CSV and drop the columns I don't want and give myself cleaned up csv file. Watch the position identifier in the EXTRACT_TOKEN() function as this will grab the column(s) you want. Using DISTINCT in the select will make sure you only grab one instance of the username. Here's the batch file I use. @ECHO OFF REM Get current date for stamping the filename for /F tokens=2,3,4 delims=/ %%i in ('date/t') do set d=%%k%%i%%j REM Grab the full security event log and archive it cd \ logparser -i:EVT -o:CSV -stats:OFF SELECT * FROM Security where eventid = '560' H:\logs\evtvwr_sec_%d%.csv REM Clear the SECURITY log cd c:\scripts elsave -l security -C REM Parse the full file and create an easier to read log file. logparser -i:CSV -o:CSV -stats:OFF -e:-1 -q:ON SELECT DISTINCT EXTRACT_TOKEN(Strings, 10, '|') AS User, EXTRACT_TOKEN(Strings, 2, '|') AS FilePath FROM H:\logs\evtvwr_sec_%d%.csv where eventid = '560' and User 'Administrator' and user '-' ORDER BY FilePath, User H:\logs\parsed\evtvwr_sec_parsed_%d%.csv Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:10 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Ok So I have this to create my blat input file but I am still getting to many results. C:\Program Files\Log Parser 2.2logparser select extract_token(strings, 0, '|') as Account, TimeGenerated into file.csv from \\10.0.50.205\security where eventid in (530) I only want events from today-1. From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:53 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Extract the date field the same way you extract the account field, then add it to your where clause. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:32 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails select distinct extract_token(strings, 0, '|') as Account into file.csv from \\10.0.50.205\security where eventid in (530) How do I get just yesterday's 530 events? From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:40 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Logparser http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4 c25-91b2-f8d975cf8c07 Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:33 PM To: NT System Admin Issues Subject: Run a batch file to send emails I want to read an input file. It would comma delimited. It will have those users that have not logged off and are getting after hours logon events with their names. I only want to send 1 email per user so I would have to sort and then group then blat out the email. My format for the file is like this: 866265068,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:14 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DawnH Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP31090634014W Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.31.40 Source Port: 1087 866265066,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:11 AM,530,SYSTEM\NT AUTHORITY,Logon Failure:
RE: Memory Upgrade question
Absolute rubbish.. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 7:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
I had a similar vendor say that a few years ago with Compaq. Funny when I went to Compaq and told them what the vendor had said they matched the price, and I did get Branded memory for the same price. I was just lucky enough to get the vendor out of the loop and save quite a bit of money in the process. -Original Message- From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: Tuesday, December 02, 2008 7:44 AM To: NT System Admin Issues Subject: RE: Memory Upgrade question Absolute rubbish.. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 7:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Counter Spy T-Shirt sighted
I'd need to get a deal signed for that kind of cash but I'll see what I can do. :) Shook From: Webster [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 5:23 PM To: NT System Admin Issues Subject: RE: Counter Spy T-Shirt sighted Y'all should make Shook buy all the drinks and expense them! :) Webster From: Steve Pruitt [mailto:[EMAIL PROTECTED] Subject: Re: Counter Spy T-Shirt sighted I'm in the area, and I'll try to join in. Steve - Original Message - From: Kevin Lundymailto:[EMAIL PROTECTED] Subject: Re: Counter Spy T-Shirt sighted Count me in! On Mon, Dec 1, 2008 at 9:23 AM, Fred Sawyer [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: If they had a Counterspy shirt on and weren't swimming odds are they are local. As Kevin points out only northerners will go swimming this time of year. Just wondering how many admins on this list live in the Tampa area? If their are enough admins maybe we could start a once a month pub club? Thank you, Fred Sawyer Sunbelt Software From: Kevin Lundy [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Monday, December 01, 2008 9:14 AM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted Not this person :) There were others - seemed a bit cold to me and some people were in the water without a wet suit. Must have been northerners :) On Mon, Dec 1, 2008 at 8:59 AM, John Hornbuckle [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Were they swimming with the manatee? From: Kevin Lundy [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Subject: OT: Counter Spy T-Shirt sighted Ok - who on the list was wearing a Counter Spy t-shirt Friday at Homassassa Wildlife Park? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
If there is a problem with the machine, HP may have you remove non-HP RAM to ensure the RAM is not the cause. I am an HP reseller and I always put Kingston RAM in machines for my customers to save them money. I've had far more Compaq/HP RAM go bad than Kingston and I have never run into a compatibility issue with Kingston RAM in Compaq or HP equipment. -Jeff From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 6:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Userenv 1006, 1030 Domain issues
It happens on a 1-2 hour interval. The latest few that are in the event log as of this AM are: 6:09:48 AM 4:19:44 AM 2:42:41 AM 1:06:38 AM This happens regardless of whether he is logged in to the server or not - I do not know of any processes running under his account on either one of the two machines in question. If it is the AV, it is using the correct account (the domain admin account) on the problem server. And to be honest I am pretty sure the AV is not installed on this machine either... Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 From: Johonn2 [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 4:58 PM To: NT System Admin Issues Subject: RE: Userenv 1006, 1030 Domain issues How often??? We had an issue that some people tried to pass off and say it was our teams fault and when I finally had time to dig into the issue it turned out those same people change some settings in the antivirus policy and had it using the local administrator account instead of the domain account to access a network share. Point to be had is there a pattern with these logs. Knowing the pattern may help to find out what process runs that often. From: Alex Carroll [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 5:29 PM To: NT System Admin Issues Subject: Userenv 1006, 1030 Domain issues I am having issues here. This has been going on for a while and is just a rather large annoyance but I am starting to wonder if something more isn't going on. An account (a domain admin) is getting locked out of our DC (SBS 2003). It starts with a bunch of bad password attempts and then locks his account out after it reaches the maximum bad password limit. This seems to happen every hour and a half or so (between 1-2 hours). Here is the 529 from our DC: Event Type: Failure Audit Event Source:Security Event Category: Logon/Logoff Event ID: 529 Date:12/1/2008 Time:2:44:23 PM User:NT AUTHORITY\SYSTEM Computer: CRAB03SVR Description: Logon Failure: Reason:Unknown user name or bad password User Name: richc Domain:CRAB03SVR Logon Type: 3 Logon Process: NtLmSsp Authentication Package:NTLM Workstation Name:CRAB03SVR-2 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services:- Source Network Address: 192.168.200.205 Source Port: 1379 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Not a big deal right? Until I finally broke down and looked at the other server that the errors were coming from. It states that they are coming from the Administrator account. There are two events that happen simultaneously. 1006 and 1030 both from USERENV. 1030: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1030 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 1006: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1006 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot bind to CRABTREE.LAN domain. (Invalid Credentials). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Any Ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
As far as America goes, there is the Magnusson-Moss Warranty Act of 1975 that protects consumers from that garbage. What the manufacturer can do is ask you to remove the third party memory if they discover that memory is the cause of the problem. They cannot refuse service on any machine under warranty. http://en.wikipedia.org/wiki/Magnuson-Moss_Warranty_Act From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 3:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Userenv 1006, 1030 Domain issues
Logon type 3 is a network logon, so can't be a service or scheduled task as far as I am aware. Does the server run IIS? 2008/12/1 Alex Carroll [EMAIL PROTECTED] I am having issues here. This has been going on for a while and is just a rather large annoyance but I am starting to wonder if something more isn't going on. An account (a domain admin) is getting locked out of our DC (SBS 2003). It starts with a bunch of bad password attempts and then locks his account out after it reaches the maximum bad password limit. This seems to happen every hour and a half or so (between 1-2 hours). *Here is the 529 from our DC:* *Event Type: Failure Audit* *Event Source:Security* *Event Category: Logon/Logoff * *Event ID: 529* *Date:12/1/2008* *Time:2:44:23 PM* *User:NT AUTHORITY\SYSTEM* *Computer: CRAB03SVR* *Description:* *Logon Failure:* *Reason:Unknown user name or bad password* *User Name: richc* *Domain:CRAB03SVR* *Logon Type: 3* *Logon Process: NtLmSsp * *Authentication Package:NTLM* *Workstation Name:CRAB03SVR-2* *Caller User Name: -* *Caller Domain: -* *Caller Logon ID: -* *Caller Process ID: -* *Transited Services:-* *Source Network Address: 192.168.200.205* *Source Port: 1379* * * * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* Not a big deal right? Until I finally broke down and looked at the other server that the errors were coming from. It states that they are coming from the Administrator account. There are two events that happen simultaneously. 1006 and 1030 both from USERENV. 1030: *Event Type: Error* *Event Source:Userenv* *Event Category: None* *Event ID: 1030* *Date:12/1/2008* *Time:2:44:23 PM* *User:CRABTREE\Administrator* *Computer: CRAB03SVR-2* *Description:* *Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.* * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* 1006: *Event Type: Error* *Event Source:Userenv* *Event Category: None* *Event ID: 1006* *Date:12/1/2008* *Time:2:44:23 PM* *User:CRABTREE\Administrator* *Computer: CRAB03SVR-2* *Description:* *Windows cannot bind to CRABTREE.LAN domain. (Invalid Credentials). Group Policy processing aborted. * * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* Any Ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
SBS license question
I seem to remember reading somewhere that the TC's for SBS 2008 allows you to run a backup server, a failover if you like. Is that right ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Userenv 1006, 1030 Domain issues
Good Call. I just went into the directory security of the sites under there. One of them was set to allow anon access using his username. Turned it off. Now we just have to wait a couple of hours to see what is going to happen. I will keep you posted. Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 From: James Rankin [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:24 AM To: NT System Admin Issues Subject: Re: Userenv 1006, 1030 Domain issues Logon type 3 is a network logon, so can't be a service or scheduled task as far as I am aware. Does the server run IIS? 2008/12/1 Alex Carroll [EMAIL PROTECTED] I am having issues here. This has been going on for a while and is just a rather large annoyance but I am starting to wonder if something more isn't going on. An account (a domain admin) is getting locked out of our DC (SBS 2003). It starts with a bunch of bad password attempts and then locks his account out after it reaches the maximum bad password limit. This seems to happen every hour and a half or so (between 1-2 hours). Here is the 529 from our DC: Event Type: Failure Audit Event Source:Security Event Category: Logon/Logoff Event ID: 529 Date:12/1/2008 Time:2:44:23 PM User:NT AUTHORITY\SYSTEM Computer: CRAB03SVR Description: Logon Failure: Reason:Unknown user name or bad password User Name: richc Domain:CRAB03SVR Logon Type: 3 Logon Process: NtLmSsp Authentication Package:NTLM Workstation Name:CRAB03SVR-2 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services:- Source Network Address: 192.168.200.205 Source Port: 1379 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Not a big deal right? Until I finally broke down and looked at the other server that the errors were coming from. It states that they are coming from the Administrator account. There are two events that happen simultaneously. 1006 and 1030 both from USERENV. 1030: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1030 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 1006: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1006 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot bind to CRABTREE.LAN domain. (Invalid Credentials). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Any Ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
VIPRE - Outlook HTTP/RPC
Since migrating a laptop to Vipre, Outlook via HTTP/RPC is running a lot slower than NOD32 did. Are there any tweaks I can try out to speed up performance? Klint ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SBS license question
If you have Software Assurance you get Cold Standby Server rights, but this is not really a seamless failover. Now if you are virtualizing then you could do a proper test without needing to get an additional license, but this is for a machine which is usually powered off. Mike From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 14:26 To: NT System Admin Issues Subject: SBS license question I seem to remember reading somewhere that the TC's for SBS 2008 allows you to run a backup server, a failover if you like. Is that right ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
Sort of the same thing Cisco said BS The memory will be fine. If there is a problem, then switch back to the old memory and go from there. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 3:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
TS 2008 Cal downgrade?
Greetings; I have a client that just installed a couple of Windows Server 2008 terminal servers. TS licensing is running on a 2008 server. Now, due to application compatibility, the client needs to add an additional 2003 TS server. What is the proper way to handle licensing for the 2003 TS in this environment? Thanks, --Durf ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SBS license question
Not 100% sure about that, but a second install of the same license for a cold failover (turning on for updates and replication) is one of the standard features included in Software Assurance. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 6:26 AM To: NT System Admin Issues Subject: SBS license question I seem to remember reading somewhere that the TC's for SBS 2008 allows you to run a backup server, a failover if you like. Is that right ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails.
Hi, I assume the RPC server is that of the root CA server, which is the Enterprise level server on the other side of the firewall. It's not going to reply. _SHOULD_ the workstation gain everything it needs from the Domain Controller rather than any CA Server??? No. An AD-intergrated CA publishes a service point into Active Directory which allows clients to locate it. However the actual certificates are issued by the CA itself. As you have a firewall issue, you could creating an offline CA, and making your existing CA a subordinate CA and moving it to the client side of the firewall. Cheers Ken -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Tuesday, 2 December 2008 12:57 AM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. What I'm trying to do: We are attempting to use certificates for SCCM. In the future we would like to extend the certificate structure for IPSEC authentication and we are considering the use of certificates for file encryption. We are utilizing the Enterprise level Windows Server in order to take advantage of the Certificate Templates. The Enterprise Server is generating the root CA and the SCCM certificates outlined in the 'step by step' sccm documentation and publishing those to AD. The problem comes in when the workstation attempts to AutoEnroll the certificates. Via network trace I can see that the workstation is requesting something from the Enterprise Server, which is behind a firewall. The firewall blocks the traffic and the Auto Enrollment fails. Since the firewall was the problem, I thought that MAYBE another CA on the same side of the firewall might be in order. So, back to my original question; do I need a CA Server on the same side of the firewall as the workstations? I only have two servers on the same network as the workstations, both are domain controllers. Or MAYBE the problem is elsewhere? The actual error I get is Event ID 13; Automatic certificate enrollment for local system failed to enroll for one Computer certificate (0x800706ba). The RPC server is unavailable. When I attempt to gain the certificate manually I get the same error. I assume the RPC server is that of the root CA server, which is the Enterprise level server on the other side of the firewall. It's not going to reply. _SHOULD_ the workstation gain everything it needs from the Domain Controller rather than any CA Server??? -Original Message- From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 1:43 PM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Yes, an intermediate CA is the same thing as a subordinate CA. I think subordinate CA is the correct terminology. Sorry about that. From your description, it's not clear to me what you are trying to do. Why do you have 2 CAs? For my experience, the reason why you have two is so that the root CA can be kept off line for added security. The root CA is used to generate the certificate for the subordinate CA, and isn't used again except for CRL updates and to renew the cert on the subordinate CA. The subordinate CA is the one that is used day to day in issuing certificates. From you description below, you say that you have an enterprise CA server publishing to AD. Is that your root CA? What does the subordinate CA do? You don't need windows enterprise to issue certificates - you only need it if you want to make changes to the templates of the certs that are issued. ...Tim -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 3:34 AM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Is the 'intermediate CA' the same thing as a 'subordinate CA.' I installed the CA services on the DC as a subordinate CA server, maybe it needs to be an Enterprise CA server? Overview: Windows Enterprise running Enterprise CA Server publishing to AD Two windows standard running DC == Firewall == (DCs replicate via IPSEC) Two windows standard running DC; one running Enterprise subordinate CA server Workstations. -Original Message- From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 26, 2008 4:22 PM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Our root CA is off line. I only fire it up every couple of months to keep it patched and update the CRL's. You will need an intermediate CA online somewhere to issue certificates. The problem is that, if you want to use certificate templates and modify the defaults, you need windows enterprise for the intermediate CA that actually issues the certs. Our root CA is standard, but the intermediate CA is enterprise. ...Tim
DHCP client release
Hi all, just rejoined the list after a bit of a hiatus; hope someone knows the answer to this. I was reading about a Microsoft DHCP option to release the IP address on shutdown. According to what I read, this should cause the client to send a DHCPRELEASE request to the server prior to shutdown. What I am curious to know is if the client actually releases the address or just tells the server it is released? All of the Technet articles I found dealt with the server side of things and didn't state emphatically what is happening on the client side. Thanks, Jeff ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
+1 From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:18 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP client release
What would happen if you unplugged the cable, fired up the machine, and ran an ipconfig? I've seen some XP laptops come in, get fired up prior to locating a net cable, and find that they still have their home network settings. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org Jeff Bunting [EMAIL PROTECTED] wrote on 12/02/2008 08:59:40 AM: Hi all, just rejoined the list after a bit of a hiatus; hope someone knows the answer to this. I was reading about a Microsoft DHCP option to release the IP address on shutdown. According to what I read, this should cause the client to send a DHCPRELEASE request to the server prior to shutdown. What I am curious to know is if the client actually releases the address or just tells the server it is released? All of the Technet articles I found dealt with the server side of things and didn't state emphatically what is happening on the client side. Thanks, Jeff ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
I've heard Dell reps say the same thing. I went with Crucial sticks. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 6:23 AM To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ***Teletronics Technology Corporation*** This e-mail is confidential and may also be privileged. If you are not the addressee or authorized by the addressee to receive this e-mail, you may not disclose, copy, distribute, or use this e-mail. If you have received this e-mail in error, please notify the sender immediately by reply e-mail or by telephone at 267-352-2020 and destroy this message and any copies. Thank you. *** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Counter Spy T-Shirt sighted
So your settled in then? My office is about 5 minutes from Miami Beach. My home is about 10 minutes from Coconut Grove. Let me know when your in the area. Also if you want to get to know the great outdoors in SoFL, I'm your man. James - Original Message - From: Micheal Espinola Jr [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, December 01, 2008 3:57 PM Subject: Re: Counter Spy T-Shirt sighted Tampa-shmampa. The real fun is in Lauderdale. -- ME2 On Mon, Dec 1, 2008 at 3:23 PM, Andy Shook [EMAIL PROTECTED] wrote: Yeah, that's a done deal. Y'all setup a regular monthly date and I'll get thinking. (Shook goes away to get creative with business justification on getting to Tampa) Shook From: Kevin Lundy [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:12 PM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted Andy - I am about 1 mile from the Tampa data center. If you do ever come to town, let me know. I am sure we can find a watering hole nearby. (ok, there is one right across the street) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Counter Spy T-Shirt sighted
-Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Subject: Re: Counter Spy T-Shirt sighted Also ... in SoFL, I'm your man. How did you know that about ME2? I thought only Shook and TVK knew that! :) Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
I believe he is mistaken. HP's blurb from the DL380 G5's Supplemental Information to Warranty Statement: (http://h2.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00383139lang=encc=ustaskId=prodSeriesId=1121516prodTypeId=15351) * It is possible to void the warranty on an HP product. Any failure caused by an unsupported or third-party component will not be covered by warranty. Opening a sealed component or sealed product will void the warranty. Examples of sealed components or sealed products include drives, monitors, and many handheld products. Opening the case will not void the warranty on products that are designed to be opened and upgraded, such as desktop or tower computers or servers. So the way I read that, Crucial memory is fine to be used in HP servers as long as you don't ring them up trying to get a replacement for your failed motherboard which has mysterious scorch marks encircling the memory sockets. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 11:23 To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. === STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail is intended only for the addressees named in it. The contents should not be disclosed to any other person nor copies taken. Any views or opinions presented are solely those of the sender and do not necessarily represent those of Stemcor unless otherwise specifically stated. Stemcor does not accept legal responsibility for the contents of this message nor responsibility for any change made to it after it was sent by the original sender. You are advised to carry out a virus check before opening any attachment as Stemcor does not accept liability for any damage sustained as a result of any software viruses. You should be aware that Stemcor reserves the right to read incoming and outgoing emails. === ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP client release
That's basically the problem I was trying to troubleshoot. User brings in laptop from different network and can't get an address on new network. First network is supposed to have DHCP release option set. That's why I was wondering if that option actually did cause Windows to release the address on the client side or only tells the DHCP server to release it. Network is foreign, so I don't have a way to test without creating a test environment. Jeff On Tue, Dec 2, 2008 at 10:09 AM, [EMAIL PROTECTED] wrote: What would happen if you unplugged the cable, fired up the machine, and ran an ipconfig? I've seen some XP laptops come in, get fired up prior to locating a net cable, and find that they still have their home network settings. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org Jeff Bunting [EMAIL PROTECTED] wrote on 12/02/2008 08:59:40 AM: Hi all, just rejoined the list after a bit of a hiatus; hope someone knows the answer to this. I was reading about a Microsoft DHCP option to release the IP address on shutdown. According to what I read, this should cause the client to send a DHCPRELEASE request to the server prior to shutdown. What I am curious to know is if the client actually releases the address or just tells the server it is released? All of the Technet articles I found dealt with the server side of things and didn't state emphatically what is happening on the client side. Thanks, Jeff ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: TS 2008 Cal downgrade?
Interesting - OK, I'm just going to presume it isn't successfully finding the 2008 TS licensing server for some reason. I'll go through the Registry hack for it and see if the issue remains. Thanks. --Durf On Tue, Dec 2, 2008 at 10:16 AM, Dallas Burnworth [EMAIL PROTECTED] wrote: Any Microsoft Server or Terminal Server CAL can be used on the same or older version Server OS. Your 2008 TS CALs will work on the 2003 server. If you have any key issues, call the free Microsoft License Key Fulfillment line at 888-352-7140. They will not help with any kind of media issues. For that call 800-248-0655. That is the Microsoft Media Fulfillment line—they don't help with keys. Cool huh? -- *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, December 02, 2008 6:57 AM *To:* NT System Admin Issues *Subject:* TS 2008 Cal downgrade? Greetings; I have a client that just installed a couple of Windows Server 2008 terminal servers. TS licensing is running on a 2008 server. Now, due to application compatibility, the client needs to add an additional 2003 TS server. What is the proper way to handle licensing for the 2003 TS in this environment? Thanks, --Durf -- -- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: TS 2008 Cal downgrade?
Any Microsoft Server or Terminal Server CAL can be used on the same or older version Server OS. Your 2008 TS CALs will work on the 2003 server. If you have any key issues, call the free Microsoft License Key Fulfillment line at 888-352-7140. They will not help with any kind of media issues. For that call 800-248-0655. That is the Microsoft Media Fulfillment line-they don't help with keys. Cool huh? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 6:57 AM To: NT System Admin Issues Subject: TS 2008 Cal downgrade? Greetings; I have a client that just installed a couple of Windows Server 2008 terminal servers. TS licensing is running on a 2008 server. Now, due to application compatibility, the client needs to add an additional 2003 TS server. What is the proper way to handle licensing for the 2003 TS in this environment? Thanks, --Durf ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP client release
Is this an XP or Vista machine? Vista does seem to handle networks and DHCP differently but I have had so few issues that I am unsure if they are OS issues or from other sources like the bundled software or Cisco software we add to our laptops. Jon On Tue, Dec 2, 2008 at 10:44 AM, Jeff Bunting [EMAIL PROTECTED]wrote: That's basically the problem I was trying to troubleshoot. User brings in laptop from different network and can't get an address on new network. First network is supposed to have DHCP release option set. That's why I was wondering if that option actually did cause Windows to release the address on the client side or only tells the DHCP server to release it. Network is foreign, so I don't have a way to test without creating a test environment. Jeff On Tue, Dec 2, 2008 at 10:09 AM, [EMAIL PROTECTED] wrote: What would happen if you unplugged the cable, fired up the machine, and ran an ipconfig? I've seen some XP laptops come in, get fired up prior to locating a net cable, and find that they still have their home network settings. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org Jeff Bunting [EMAIL PROTECTED] wrote on 12/02/2008 08:59:40 AM: Hi all, just rejoined the list after a bit of a hiatus; hope someone knows the answer to this. I was reading about a Microsoft DHCP option to release the IP address on shutdown. According to what I read, this should cause the client to send a DHCPRELEASE request to the server prior to shutdown. What I am curious to know is if the client actually releases the address or just tells the server it is released? All of the Technet articles I found dealt with the server side of things and didn't state emphatically what is happening on the client side. Thanks, Jeff ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
password change reminders via email?
Hi all, We have clients who have a very mixed environment. Remote users who only use OWA, Mac users, *nix users etc. Password expiration is a PITA in these environments. Any easy and/or free way to notify users not using domain Windows PCs that their password is going to expire? It would be even better for the notification to include a link to the URL for changing your password. Thanks. Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Userenv 1006, 1030 Domain issues
Removing the anonymous log-in from the virtual directory I found using his username did not fix the issue. Anything else I should check in IIS? Or any other ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 From: James Rankin [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:24 AM To: NT System Admin Issues Subject: Re: Userenv 1006, 1030 Domain issues Logon type 3 is a network logon, so can't be a service or scheduled task as far as I am aware. Does the server run IIS? 2008/12/1 Alex Carroll [EMAIL PROTECTED] I am having issues here. This has been going on for a while and is just a rather large annoyance but I am starting to wonder if something more isn't going on. An account (a domain admin) is getting locked out of our DC (SBS 2003). It starts with a bunch of bad password attempts and then locks his account out after it reaches the maximum bad password limit. This seems to happen every hour and a half or so (between 1-2 hours). Here is the 529 from our DC: Event Type: Failure Audit Event Source:Security Event Category: Logon/Logoff Event ID: 529 Date:12/1/2008 Time:2:44:23 PM User:NT AUTHORITY\SYSTEM Computer: CRAB03SVR Description: Logon Failure: Reason:Unknown user name or bad password User Name: richc Domain:CRAB03SVR Logon Type: 3 Logon Process: NtLmSsp Authentication Package:NTLM Workstation Name:CRAB03SVR-2 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services:- Source Network Address: 192.168.200.205 Source Port: 1379 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Not a big deal right? Until I finally broke down and looked at the other server that the errors were coming from. It states that they are coming from the Administrator account. There are two events that happen simultaneously. 1006 and 1030 both from USERENV. 1030: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1030 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 1006: Event Type: Error Event Source:Userenv Event Category: None Event ID: 1006 Date:12/1/2008 Time:2:44:23 PM User:CRABTREE\Administrator Computer: CRAB03SVR-2 Description: Windows cannot bind to CRABTREE.LAN domain. (Invalid Credentials). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Any Ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: password change reminders via email?
-Original Message- From: wjh [mailto:[EMAIL PROTECTED] Subject: password change reminders via email? We have clients who have a very mixed environment. Remote users who only use OWA, Mac users, *nix users etc. Password expiration is a PITA in these environments. Any easy and/or free way to notify users not using domain Windows PCs that their password is going to expire? It would be even better for the notification to include a link to the URL for changing your password. A note from the payroll dept saying, if you want your next paycheck then click this link to change your friggin password - or else But that may not make it past the legal dept though. Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: password change reminders via email?
Wrappage: http://theessentialexchange.com/blogs/michael/archive/2008/05/22/chapter-12 -exchange-2003-scripting.aspx Has a pwd-expires script. You can easily modify the text to say anything you want. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange -Original Message- From: wjh [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:01 AM To: NT System Admin Issues Subject: password change reminders via email? Hi all, We have clients who have a very mixed environment. Remote users who only use OWA, Mac users, *nix users etc. Password expiration is a PITA in these environments. Any easy and/or free way to notify users not using domain Windows PCs that their password is going to expire? It would be even better for the notification to include a link to the URL for changing your password. Thanks. Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: password change reminders via email?
Tiny url: http://tinyurl.com/6e7kea Sorry, just loaded this addon (create tiny url) into Firefox and tested it out. Pretty nice-just go to the web page , right-click and select create tiny url. I don't believe it works with https, though. Paul Chinnery Network Administrator Memorial Medical Center 231-845-2319 -Original Message- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:07 AM To: NT System Admin Issues Subject: RE: password change reminders via email? Wrappage: http://theessentialexchange.com/blogs/michael/archive/2008/05/22/chapte r-12 -exchange-2003-scripting.aspx Has a pwd-expires script. You can easily modify the text to say anything you want. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange -Original Message- From: wjh [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:01 AM To: NT System Admin Issues Subject: password change reminders via email? Hi all, We have clients who have a very mixed environment. Remote users who only use OWA, Mac users, *nix users etc. Password expiration is a PITA in these environments. Any easy and/or free way to notify users not using domain Windows PCs that their password is going to expire? It would be even better for the notification to include a link to the URL for changing your password. Thanks. Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SBS license question
H as it happens we do virtualise the SBS box. From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 14:53 To: NT System Admin Issues Subject: RE: SBS license question If you have Software Assurance you get Cold Standby Server rights, but this is not really a seamless failover. Now if you are virtualizing then you could do a proper test without needing to get an additional license, but this is for a machine which is usually powered off. Mike From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 14:26 To: NT System Admin Issues Subject: SBS license question I seem to remember reading somewhere that the TC's for SBS 2008 allows you to run a backup server, a failover if you like. Is that right ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails.
I'm glad to hear that you go it figured out. ...Tim -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:47 AM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. It's always the simple stuff... I had forgotten to open the Windows Firewall to certsrv.exe on the sub CA. I now have auto enrollment working like a charm -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 8:57 AM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. What I'm trying to do: We are attempting to use certificates for SCCM. In the future we would like to extend the certificate structure for IPSEC authentication and we are considering the use of certificates for file encryption. We are utilizing the Enterprise level Windows Server in order to take advantage of the Certificate Templates. The Enterprise Server is generating the root CA and the SCCM certificates outlined in the 'step by step' sccm documentation and publishing those to AD. The problem comes in when the workstation attempts to AutoEnroll the certificates. Via network trace I can see that the workstation is requesting something from the Enterprise Server, which is behind a firewall. The firewall blocks the traffic and the Auto Enrollment fails. Since the firewall was the problem, I thought that MAYBE another CA on the same side of the firewall might be in order. So, back to my original question; do I need a CA Server on the same side of the firewall as the workstations? I only have two servers on the same network as the workstations, both are domain controllers. Or MAYBE the problem is elsewhere? The actual error I get is Event ID 13; Automatic certificate enrollment for local system failed to enroll for one Computer certificate (0x800706ba). The RPC server is unavailable. When I attempt to gain the certificate manually I get the same error. I assume the RPC server is that of the root CA server, which is the Enterprise level server on the other side of the firewall. It's not going to reply. _SHOULD_ the workstation gain everything it needs from the Domain Controller rather than any CA Server??? -Original Message- From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 1:43 PM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Yes, an intermediate CA is the same thing as a subordinate CA. I think subordinate CA is the correct terminology. Sorry about that. From your description, it's not clear to me what you are trying to do. Why do you have 2 CAs? For my experience, the reason why you have two is so that the root CA can be kept off line for added security. The root CA is used to generate the certificate for the subordinate CA, and isn't used again except for CRL updates and to renew the cert on the subordinate CA. The subordinate CA is the one that is used day to day in issuing certificates. From you description below, you say that you have an enterprise CA server publishing to AD. Is that your root CA? What does the subordinate CA do? You don't need windows enterprise to issue certificates - you only need it if you want to make changes to the templates of the certs that are issued. ...Tim -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 3:34 AM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Is the 'intermediate CA' the same thing as a 'subordinate CA.' I installed the CA services on the DC as a subordinate CA server, maybe it needs to be an Enterprise CA server? Overview: Windows Enterprise running Enterprise CA Server publishing to AD Two windows standard running DC == Firewall == (DCs replicate via IPSEC) Two windows standard running DC; one running Enterprise subordinate CA server Workstations. -Original Message- From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 26, 2008 4:22 PM To: NT System Admin Issues Subject: RE: PKI Infrastructure / GPO Auto Enroll over Firewall fails. Our root CA is off line. I only fire it up every couple of months to keep it patched and update the CRL's. You will need an intermediate CA online somewhere to issue certificates. The problem is that, if you want to use certificate templates and modify the defaults, you need windows enterprise for the intermediate CA that actually issues the certs. Our root CA is standard, but the intermediate CA is enterprise. ...Tim -Original Message- From: Stephen Wimberly [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 26, 2008 1:06 PM To: NT System Admin Issues
RE: Looking for light laptop
On 1 Dec 2008 at 10:52, Chyka, Robert wrote: Yeah I'm not a big Sony fan.. Their laptops seem to under perform for the specs on them... the new X300 and X200 Lenovos are real nice...and light.. -Original Message- From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:48 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Sony has a few nice looking systems, but I still can't forgive them for the DVD Rootkit fiasco(s) a few years ago. I promised myself I'd avoid buying anything SONY after they refused to apologize and accept responsibility for their negligent actions +1 here. I had a client whose home Sony VAIO desktop got infected, and Sony would not provide restore media at ANY price. They also did not have any downloadable drivers for his hardware, so the machine ended up on the scrap heap because of the lack of support from Sony. I can still download drivers for my ancient IBM laptops from Lenovo's site, they get my vote for any laptop recommendation. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: GFI LANGuard Vs Security Company
Right. Or, if you don't want to spend $$, what about just using Nessus? From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 9:44 PM To: NT System Admin Issues Subject: RE: GFI LANGuard Vs Security Company Have you considered Sunbelt's product? http://www.sunbeltsoftware.com/Business/Sunbelt-Network-Security-Inspect or/ Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Bill Songstad (WCUL) [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 7:21 PM To: NT System Admin Issues Subject: GFI LANGuard Vs Security Company Does anybody have any experience using GFI's Languard for vulnerability scanning? I'm looking for something to scan my computers for known vulnerabilities to common applications. Currently I am using a Security Company's scanner and it is convenient, and easy to report on, but it is quite expensive and I'd like to know what I'd get for the $690 to GFI as compared to ten times that to the company that does our Pen Tests. Does GFI work? Is it easy? Accurate? Anyone have any real-world experiences? Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Looking for light laptop
Fwiw, I have had virtually every brand of laptop -- Acer, IBM Thinkpad, Toshiba, Dell, Sony, etc. I have a Vaio at home and it's really quite a good machine, and the support was really incredible. I would recommend them without question. Oh, on the subject of light, I bought a Dell Mini 9 recently. Not recommended. Unusable keyboard, and a dinky feel to it. Alex -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:35 AM To: NT System Admin Issues Subject: RE: Looking for light laptop On 1 Dec 2008 at 10:52, Chyka, Robert wrote: Yeah I'm not a big Sony fan.. Their laptops seem to under perform for the specs on them... the new X300 and X200 Lenovos are real nice...and light.. -Original Message- From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:48 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Sony has a few nice looking systems, but I still can't forgive them for the DVD Rootkit fiasco(s) a few years ago. I promised myself I'd avoid buying anything SONY after they refused to apologize and accept responsibility for their negligent actions +1 here. I had a client whose home Sony VAIO desktop got infected, and +Sony would not provide restore media at ANY price. They also did not have any downloadable drivers for his hardware, so the machine ended up on the scrap heap because of the lack of support from Sony. I can still download drivers for my ancient IBM laptops from Lenovo's site, they get my vote for any laptop recommendation. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE - Outlook HTTP/RPC
Klint, let me get you to support. There is one tweak if you're just using Outlook for POP and SMTP traffic, disable the Outlook support but keep Email support enabled. But there may be other things that we can do. Alex -Original Message- From: Klint Price - ArizonaITPro [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 9:40 AM To: NT System Admin Issues Subject: VIPRE - Outlook HTTP/RPC Since migrating a laptop to Vipre, Outlook via HTTP/RPC is running a lot slower than NOD32 did. Are there any tweaks I can try out to speed up performance? Klint ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Alex Eckelberry - A Shining Star...
I agree. However, some (most?) folks just don't have the stamina/fortitude/finances to take on a well-funded prosecutor's office with an ambitious tenant. That kind of fight can literally drain the life from you - wreck every part of your world. If the Public Defenders were given a budget anywhere near parity with prosecutors, this kind of thing would be much less common. On Tue, Dec 2, 2008 at 5:17 AM, Ziots, Edward [EMAIL PROTECTED] wrote: Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble… Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
I think the whole mess could have been handled a lot better and teaching novice Internet users how to turn the monitor off would have helped her with the students. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:09 PM To: NT System Admin Issues Subject: Re: Alex Eckelberry - A Shining Star... I agree. However, some (most?) folks just don't have the stamina/fortitude/finances to take on a well-funded prosecutor's office with an ambitious tenant. That kind of fight can literally drain the life from you - wreck every part of your world. If the Public Defenders were given a budget anywhere near parity with prosecutors, this kind of thing would be much less common. On Tue, Dec 2, 2008 at 5:17 AM, Ziots, Edward [EMAIL PROTECTED] wrote: Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
It would have been poetic justice if the lady has turned around and sued the school for creating a hostile work environment. -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:15 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... I think the whole mess could have been handled a lot better and teaching novice Internet users how to turn the monitor off would have helped her with the students. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:09 PM To: NT System Admin Issues Subject: Re: Alex Eckelberry - A Shining Star... I agree. However, some (most?) folks just don't have the stamina/fortitude/finances to take on a well-funded prosecutor's office with an ambitious tenant. That kind of fight can literally drain the life from you - wreck every part of your world. If the Public Defenders were given a budget anywhere near parity with prosecutors, this kind of thing would be much less common. On Tue, Dec 2, 2008 at 5:17 AM, Ziots, Edward [EMAIL PROTECTED] wrote: Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
DNS issue?
Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Looking for light laptop
Sony must have improved their support over the past few years. The last time I had a Vaio in a work environment was about 6 years ago, and when something broke on it, it was an all day thing trying to get into a live support person for help. Back then, the Vaio just wasn't a work PC...fine for home use, but not for office use. Always good news when a company fixes issues, though. Joe Heaton Employment Training Panel -Original Message- From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:38 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Fwiw, I have had virtually every brand of laptop -- Acer, IBM Thinkpad, Toshiba, Dell, Sony, etc. I have a Vaio at home and it's really quite a good machine, and the support was really incredible. I would recommend them without question. Oh, on the subject of light, I bought a Dell Mini 9 recently. Not recommended. Unusable keyboard, and a dinky feel to it. Alex -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:35 AM To: NT System Admin Issues Subject: RE: Looking for light laptop On 1 Dec 2008 at 10:52, Chyka, Robert wrote: Yeah I'm not a big Sony fan.. Their laptops seem to under perform for the specs on them... the new X300 and X200 Lenovos are real nice...and light.. -Original Message- From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:48 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Sony has a few nice looking systems, but I still can't forgive them for the DVD Rootkit fiasco(s) a few years ago. I promised myself I'd avoid buying anything SONY after they refused to apologize and accept responsibility for their negligent actions +1 here. I had a client whose home Sony VAIO desktop got infected, and +Sony would not provide restore media at ANY price. They also did not have any downloadable drivers for his hardware, so the machine ended up on the scrap heap because of the lack of support from Sony. I can still download drivers for my ancient IBM laptops from Lenovo's site, they get my vote for any laptop recommendation. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNS issue?
I am only addressing the specific question below, I did not have much luck trying to hit your site. You already are doing that through DNS, both point to the same IP address. So now make sure the web server is set to answer to the requests for that header. Don't know if that is your problem, but that is the basics on getting forestpost.com and www.forestpost.com to hit the same website. Same DNS (you have that) and the web server itself answering both header requests. -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:07 PM To: NT System Admin Issues Subject: DNS issue? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Userenv 1006, 1030 Domain issues
Alex, I would go back to CRAB03SVR-2 and try to find the process that is running about every 90 minutes. Could it be a GPO refresh and the computer password is out of sync? Did richc setup any processes to check CRAB03SVR or any other networked computer that they would need to authenticate to CRAB03SVR to connect to that they are running from CRAB03SVR-2. Take your next pass guess at the time you think the alert will happen again and setup some monitoring. You can use filemon, netstat –o. I would guess there will be some network connection to CRAB03SVR from CRAB03SVR-2. netstat –o will show the process ID which you can then use to see the process in task manager. This of course can be cumbersome if there are a lot of network connections to begin with from CRAB03SVR-2. Once you run the monitor and if you think you caught a change or a new process running check the logs and see if an event was generated and bingo you have the process. Some thoughts, a log parser, file sync/replication. Anything that is automated from CRAB03SVR-2. If not you can try these http://support.microsoft.com/kb/811082 http://www.tech-archive.net/Archive/Windows/microsoft.public.windows.server.sbs/2008-05/msg01841.html On Tue, Dec 2, 2008 at 11:03 AM, Alex Carroll [EMAIL PROTECTED] wrote: Removing the anonymous log-in from the virtual directory I found using his username did not fix the issue. Anything else I should check in IIS? Or any other ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 -- *From:* James Rankin [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, December 02, 2008 8:24 AM *To:* NT System Admin Issues *Subject:* Re: Userenv 1006, 1030 Domain issues Logon type 3 is a network logon, so can't be a service or scheduled task as far as I am aware. Does the server run IIS? 2008/12/1 Alex Carroll [EMAIL PROTECTED] I am having issues here. This has been going on for a while and is just a rather large annoyance but I am starting to wonder if something more isn't going on. An account (a domain admin) is getting locked out of our DC (SBS 2003). It starts with a bunch of bad password attempts and then locks his account out after it reaches the maximum bad password limit. This seems to happen every hour and a half or so (between 1-2 hours). *Here is the 529 from our DC:* *Event Type: Failure Audit* *Event Source:Security* *Event Category: Logon/Logoff * *Event ID: 529* *Date:12/1/2008* *Time:2:44:23 PM* *User:NT AUTHORITY\SYSTEM* *Computer: CRAB03SVR* *Description:* *Logon Failure:* *Reason:Unknown user name or bad password* *User Name: richc* *Domain:CRAB03SVR* *Logon Type: 3* *Logon Process: NtLmSsp * *Authentication Package:NTLM* *Workstation Name:CRAB03SVR-2* *Caller User Name: -* *Caller Domain: -* *Caller Logon ID: -* *Caller Process ID: -* *Transited Services:-* *Source Network Address: 192.168.200.205* *Source Port: 1379* * * * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* Not a big deal right? Until I finally broke down and looked at the other server that the errors were coming from. It states that they are coming from the Administrator account. There are two events that happen simultaneously. 1006 and 1030 both from USERENV. 1030: *Event Type: Error* *Event Source:Userenv* *Event Category: None* *Event ID: 1030* *Date:12/1/2008* *Time:2:44:23 PM* *User:CRABTREE\Administrator* *Computer: CRAB03SVR-2* *Description:* *Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.* * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* 1006: *Event Type: Error* *Event Source:Userenv* *Event Category: None* *Event ID: 1006* *Date:12/1/2008* *Time:2:44:23 PM* *User:CRABTREE\Administrator* *Computer: CRAB03SVR-2* *Description:* *Windows cannot bind to CRABTREE.LAN domain. (Invalid Credentials). Group Policy processing aborted. * * * *For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.* Any Ideas? Alex Carroll Software Support Crabtree Companies, Inc. 651-688-2727 ~ Finally, powerful
Re: DNS issue?
DNS on the outside resolves the same for both www.forespost.com and forestpost.com Can you post the code that loads the xml? Klint It may not be Eric Brouwer wrote: Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
On Tue, Dec 2, 2008 at 1:06 PM, Eric Brouwer [EMAIL PROTECTED] wrote: ... using Flash ... There's your problem. (Ha Ha Only Serious.) FYI: A website which consists of nothing but Flash -- like yours -- is essentially invisible to search engines (like Google). So you're hurting your search engine rankings considerably. When you go to www.forestpost.com, everything works fine. ... If you go to forestpost.com, the XML never loads ... I see the same here. Firefox 3.0 and MSIE 6.0, both Flash 9. Can I do anything through DNS? Both www.forestpost.com. and forestpost.com. return the same A record (209.237.151.15), so it is not a DNS problem. Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? That's HTTP, not DNS. It can be done using most web servers. I don't know how to do it in IIS 7.0 (which you're apparently using), but I bet Google would tell you. But that would really just be working around a bug. I'd suggest fixing the bug. I'm guessing you've got a request (Flash or JavaScript) that's triggering a cross-domain security check somehow. Most web client technologies try to limit web pages to requests within their domain (so that visiting http://www.example.com/exploit.js won't mean giving up your eBay login cookies). The specifics I have no idea on. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Editing distribution lists within Outlook
Server 2K3 Exchange 2K3 Outlook 2K3 I have a director, who would like to manage their unit's distribution list. By default, users don't have access to adding/removing members of the list, through the GAL. I also know there is a way of setting this up so that you can give someone rights to do this, but I can't seem to think straight enough to remember where I saw it. Is it through Outlook, as an admin, or is it on the backend somewhere? Also, the director that I'm speaking of is not a technical person. Is it wise to allow users this type of access? Thanks, Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Looking for light laptop
I wrote off buying anything Sony years ago and will never buy anything with their name on it ever again. - Original Message - From: Joe Heaton [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, December 02, 2008 1:16 PM Subject: RE: Looking for light laptop Sony must have improved their support over the past few years. The last time I had a Vaio in a work environment was about 6 years ago, and when something broke on it, it was an all day thing trying to get into a live support person for help. Back then, the Vaio just wasn't a work PC...fine for home use, but not for office use. Always good news when a company fixes issues, though. Joe Heaton Employment Training Panel -Original Message- From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:38 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Fwiw, I have had virtually every brand of laptop -- Acer, IBM Thinkpad, Toshiba, Dell, Sony, etc. I have a Vaio at home and it's really quite a good machine, and the support was really incredible. I would recommend them without question. Oh, on the subject of light, I bought a Dell Mini 9 recently. Not recommended. Unusable keyboard, and a dinky feel to it. Alex -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:35 AM To: NT System Admin Issues Subject: RE: Looking for light laptop On 1 Dec 2008 at 10:52, Chyka, Robert wrote: Yeah I'm not a big Sony fan.. Their laptops seem to under perform for the specs on them... the new X300 and X200 Lenovos are real nice...and light.. -Original Message- From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:48 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Sony has a few nice looking systems, but I still can't forgive them for the DVD Rootkit fiasco(s) a few years ago. I promised myself I'd avoid buying anything SONY after they refused to apologize and accept responsibility for their negligent actions +1 here. I had a client whose home Sony VAIO desktop got infected, and +Sony would not provide restore media at ANY price. They also did not have any downloadable drivers for his hardware, so the machine ended up on the scrap heap because of the lack of support from Sony. I can still download drivers for my ancient IBM laptops from Lenovo's site, they get my vote for any laptop recommendation. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Editing distribution lists within Outlook
Set the director as the manager of the DL in ADUC? Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:38 PM To: NT System Admin Issues Subject: Editing distribution lists within Outlook Server 2K3 Exchange 2K3 Outlook 2K3 I have a director, who would like to manage their unit's distribution list. By default, users don't have access to adding/removing members of the list, through the GAL. I also know there is a way of setting this up so that you can give someone rights to do this, but I can't seem to think straight enough to remember where I saw it. Is it through Outlook, as an admin, or is it on the backend somewhere? Also, the director that I'm speaking of is not a technical person. Is it wise to allow users this type of access? Thanks, Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
I think that is probably still an option. Then go after the DA for wrongful prosecution.. Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + -Original Message- From: Kim Longenbaugh [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:23 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... It would have been poetic justice if the lady has turned around and sued the school for creating a hostile work environment. -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:15 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... I think the whole mess could have been handled a lot better and teaching novice Internet users how to turn the monitor off would have helped her with the students. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:09 PM To: NT System Admin Issues Subject: Re: Alex Eckelberry - A Shining Star... I agree. However, some (most?) folks just don't have the stamina/fortitude/finances to take on a well-funded prosecutor's office with an ambitious tenant. That kind of fight can literally drain the life from you - wreck every part of your world. If the Public Defenders were given a budget anywhere near parity with prosecutors, this kind of thing would be much less common. On Tue, Dec 2, 2008 at 5:17 AM, Ziots, Edward [EMAIL PROTECTED] wrote: Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Editing distribution lists within Outlook
Ya, that's what I was thinking, and found right after I posted my initial message. Are there any other AD ramifications to this, or is it as it appears, and limited to the membership of the distribution list? Joe Heaton Employment Training Panel From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:43 AM To: NT System Admin Issues Subject: RE: Editing distribution lists within Outlook Set the director as the manager of the DL in ADUC? Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:38 PM To: NT System Admin Issues Subject: Editing distribution lists within Outlook Server 2K3 Exchange 2K3 Outlook 2K3 I have a director, who would like to manage their unit's distribution list. By default, users don't have access to adding/removing members of the list, through the GAL. I also know there is a way of setting this up so that you can give someone rights to do this, but I can't seem to think straight enough to remember where I saw it. Is it through Outlook, as an admin, or is it on the backend somewhere? Also, the director that I'm speaking of is not a technical person. Is it wise to allow users this type of access? Thanks, Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Alex Eckelberry - A Shining Star...
Or write a book (makes lots of money) and do a lecture tour to many schools (makes more money). -Original Message- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:46 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... I think that is probably still an option. Then go after the DA for wrongful prosecution.. Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + -Original Message- From: Kim Longenbaugh [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:23 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... It would have been poetic justice if the lady has turned around and sued the school for creating a hostile work environment. -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:15 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... I think the whole mess could have been handled a lot better and teaching novice Internet users how to turn the monitor off would have helped her with the students. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 12:09 PM To: NT System Admin Issues Subject: Re: Alex Eckelberry - A Shining Star... I agree. However, some (most?) folks just don't have the stamina/fortitude/finances to take on a well-funded prosecutor's office with an ambitious tenant. That kind of fight can literally drain the life from you - wreck every part of your world. If the Public Defenders were given a budget anywhere near parity with prosecutors, this kind of thing would be much less common. On Tue, Dec 2, 2008 at 5:17 AM, Ziots, Edward [EMAIL PROTECTED] wrote: Too bad the lady pleaded guilty to anything, she wasn't at fault, on top of it, she lost her teaching license. Again Lawyers, grumble... Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 3:06 PM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Thanks, I really appreciate all the kind words. Alex From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2008 8:30 AM To: NT System Admin Issues Subject: RE: Alex Eckelberry - A Shining Star... Agreed. Excellent work, Alex! Chris From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2008 07:59 hrs. To: NT System Admin Issues Subject: Alex Eckelberry - A Shining Star... http://www.cio.com/article/print/466478 WAY TO GO ALEX! Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ This message contains confidential information and is intended only for the intended recipient(s). If you are not the named recipient you should not read, distribute or copy this e-mail. Please notify the sender immediately via e-mail if you have received this e-mail by mistake; then, delete this e-mail from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Editing distribution lists within Outlook
AFAIK, the director will be limited to managing that DL only. Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:47 PM To: NT System Admin Issues Subject: RE: Editing distribution lists within Outlook Ya, that's what I was thinking, and found right after I posted my initial message. Are there any other AD ramifications to this, or is it as it appears, and limited to the membership of the distribution list? Joe Heaton Employment Training Panel From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:43 AM To: NT System Admin Issues Subject: RE: Editing distribution lists within Outlook Set the director as the manager of the DL in ADUC? Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:38 PM To: NT System Admin Issues Subject: Editing distribution lists within Outlook Server 2K3 Exchange 2K3 Outlook 2K3 I have a director, who would like to manage their unit's distribution list. By default, users don't have access to adding/removing members of the list, through the GAL. I also know there is a way of setting this up so that you can give someone rights to do this, but I can't seem to think straight enough to remember where I saw it. Is it through Outlook, as an admin, or is it on the backend somewhere? Also, the director that I'm speaking of is not a technical person. Is it wise to allow users this type of access? Thanks, Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Looking for light laptop
You've got to forget their consumer line. That stuff was impossible to get parts and support for, and definitely not worth managing in a business environment. They have had a business lineup with standardized hardware architecture for over 2 years. They currently have the lightest full-power notebook on the market, the TT series. We are talking an 11.1 notebook with DVDRW or Bluray, 256GB SSD, and 9 hours of battery life (as long as you're not burning) and it comes in at 2.9lbs. You will definitely pay for that technology though. Their workhorse BZ series you can compare to the HP 6930's and most are in the $700-1200 range. -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:38 AM To: NT System Admin Issues Subject: Re: Looking for light laptop I wrote off buying anything Sony years ago and will never buy anything with their name on it ever again. - Original Message - From: Joe Heaton [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, December 02, 2008 1:16 PM Subject: RE: Looking for light laptop Sony must have improved their support over the past few years. The last time I had a Vaio in a work environment was about 6 years ago, and when something broke on it, it was an all day thing trying to get into a live support person for help. Back then, the Vaio just wasn't a work PC...fine for home use, but not for office use. Always good news when a company fixes issues, though. Joe Heaton Employment Training Panel -Original Message- From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:38 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Fwiw, I have had virtually every brand of laptop -- Acer, IBM Thinkpad, Toshiba, Dell, Sony, etc. I have a Vaio at home and it's really quite a good machine, and the support was really incredible. I would recommend them without question. Oh, on the subject of light, I bought a Dell Mini 9 recently. Not recommended. Unusable keyboard, and a dinky feel to it. Alex -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:35 AM To: NT System Admin Issues Subject: RE: Looking for light laptop On 1 Dec 2008 at 10:52, Chyka, Robert wrote: Yeah I'm not a big Sony fan.. Their laptops seem to under perform for the specs on them... the new X300 and X200 Lenovos are real nice...and light.. -Original Message- From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 10:48 AM To: NT System Admin Issues Subject: RE: Looking for light laptop Sony has a few nice looking systems, but I still can't forgive them for the DVD Rootkit fiasco(s) a few years ago. I promised myself I'd avoid buying anything SONY after they refused to apologize and accept responsibility for their negligent actions +1 here. I had a client whose home Sony VAIO desktop got infected, and +Sony would not provide restore media at ANY price. They also did not have any downloadable drivers for his hardware, so the machine ended up on the scrap heap because of the lack of support from Sony. I can still download drivers for my ancient IBM laptops from Lenovo's site, they get my vote for any laptop recommendation. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP client release
On Tue, Dec 2, 2008 at 9:59 AM, Jeff Bunting [EMAIL PROTECTED] wrote: I was reading about a Microsoft DHCP option to release the IP address on shutdown. Yup, we use this, just to make things a little easier for roaming users. Keeps the lease database cleaner, too. What I am curious to know is if the client actually releases the address or just tells the server it is released? There's no way in the protocol for a DHCP server to acknowledge a DHCPRELEASE message. So the client has to assume the message worked (spray-and-pray), and considers the interface to have no lease and no address (until/unless renewed). If the client is sending DHCPRELEASE and then keeping the lease, that would be a DHCP protocol violation. It should be easy enough to test. Before booting the troublesome laptop, plug it into a hub without any upstream link (so the laptop sees a link, but can't reach a DHCP server). Boot the laptop, and see if it still thinks it has a DHCP lease. For added bonus points, watch with a network sniffer. On Tue, Dec 2, 2008 at 10:44 AM, Jeff Bunting [EMAIL PROTECTED] wrote: User brings in laptop from different network and can't get an address on new network. Are you sure the user is doing a full shut down? I've sometimes seen Windows not notice a change in link state. In other words, computer is left running (or standby/suspend), unplugged from one network and plugged into another, and Windows never realizes the Ethernet cable was unplugged. Not much you can do about that. In the ISC DHCP server, there's an option that marks a DHCP scope as authoritative or not. If it's authoritative, the DHCP server will send DHCPNAK to a client trying to get an address from a different network. If it is not authoritative, the DHCP server will just not answer. I dunno if MSFT DHCP has a similar option. If it does, might help. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
That's easy. Remove aftermarket RAM before placing a service call. There's a reason why my car (with trailer towing expressly contraindicated by the mfr) has a no-splice wiring harness that removes in two minutes. RM On Tue, 2 Dec 2008 15:40:21 -, Steve Burkett [EMAIL PROTECTED] said: So the way I read that, Crucial memory is fine to be used in HP servers as long as you dont ring them up trying to get a replacement for your failed motherboard which has mysterious scorch marks encircling the memory sockets. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 11:23 To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. _ ___ This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. _ ___ === STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail is intended only for the addressees named in it. The contents should not be disclosed to any other person nor copies taken. Any views or opinions presented are solely those of the sender and do not necessarily represent those of Stemcor unless otherwise specifically stated. Stemcor does not accept legal responsibility for the contents of this message nor responsibility for any change made to it after it was sent by the original sender. You are advised to carry out a virus check before opening any attachment as Stemcor does not accept liability for any damage sustained as a result of any software viruses. You should be aware that Stemcor reserves the right to read incoming and outgoing emails. === ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
Yep. My son can get all the blue tooth and GPS hacks out of his car in under 15 minutes. From: RM [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:13 PM To: NT System Admin Issues Subject: RE: Memory Upgrade question That's easy. Remove aftermarket RAM before placing a service call. There's a reason why my car (with trailer towing expressly contraindicated by the mfr) has a no-splice wiring harness that removes in two minutes. RM On Tue, 2 Dec 2008 15:40:21 -, Steve Burkett [EMAIL PROTECTED] said: So the way I read that, Crucial memory is fine to be used in HP servers as long as you don't ring them up trying to get a replacement for your failed motherboard which has mysterious scorch marks encircling the memory sockets. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 11:23 To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. === STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail is intended only for the addressees named in it. The contents should not be disclosed to any other person nor copies taken. Any views or opinions presented are solely those of the sender and do not necessarily represent those of Stemcor unless otherwise specifically stated. Stemcor does not accept legal responsibility for the contents of this message nor responsibility for any change made to it after it was sent by the original sender. You are advised to carry out a virus check before opening any attachment as Stemcor does not accept liability for any damage sustained as a result of any software viruses. You should be aware that Stemcor reserves the right to read incoming and outgoing emails. === ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: GFI LANGuard Vs Security Company
I don't mind spending money. It's the spending more than I need to that I find fault with. Our Security auditors provide a vulnerability scanner built on Nessus, which I think the GFI product is built on as well, the value add is of course the GUI and updating of the vulnerability databases. So I look at my vendor's product and it works well for $3k/yr. SNSI apparently does much the same for $2k and GFI does the same for $700 each without the high annual maintenance. I guess I'll have to just try them out and see how I like them. From the sales rhetoric, I see very little difference in product features. But I do see quite a difference in price. Time to fire up the VMs... Bill . From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:35 AM To: NT System Admin Issues Subject: RE: GFI LANGuard Vs Security Company Right. Or, if you don't want to spend $$, what about just using Nessus? From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 9:44 PM To: NT System Admin Issues Subject: RE: GFI LANGuard Vs Security Company Have you considered Sunbelt's product? http://www.sunbeltsoftware.com/Business/Sunbelt-Network-Security-Inspect or/ Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Bill Songstad (WCUL) [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 7:21 PM To: NT System Admin Issues Subject: GFI LANGuard Vs Security Company Does anybody have any experience using GFI's Languard for vulnerability scanning? I'm looking for something to scan my computers for known vulnerabilities to common applications. Currently I am using a Security Company's scanner and it is convenient, and easy to report on, but it is quite expensive and I'd like to know what I'd get for the $690 to GFI as compared to ten times that to the company that does our Pen Tests. Does GFI work? Is it easy? Accurate? Anyone have any real-world experiences? Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
We don't host the site internally. When I contact them, what do I tell them I need done? That I need the header requests for the two domains answered the same? On Dec 2, 2008, at 1:23 PM, Kennedy, Jim wrote: I am only addressing the specific question below, I did not have much luck trying to hit your site. You already are doing that through DNS, both point to the same IP address. So now make sure the web server is set to answer to the requests for that header. Don't know if that is your problem, but that is the basics on getting forestpost.com and www.forestpost.com to hit the same website. Same DNS (you have that) and the web server itself answering both header requests. -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 1:07 PM To: NT System Admin Issues Subject: DNS issue? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
It's a simple line of Actionscript in the Flash file: xml.load(editorialicons.xml); On Dec 2, 2008, at 1:27 PM, Klint Price - ArizonaITPro wrote: DNS on the outside resolves the same for both www.forespost.com and forestpost.com Can you post the code that loads the xml? Klint It may not be Eric Brouwer wrote: Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Counter Spy T-Shirt sighted
Sooyou like to take men camping? Shook -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:10 AM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted So your settled in then? My office is about 5 minutes from Miami Beach. My home is about 10 minutes from Coconut Grove. Let me know when your in the area. Also if you want to get to know the great outdoors in SoFL, I'm your man. James - Original Message - From: Micheal Espinola Jr [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, December 01, 2008 3:57 PM Subject: Re: Counter Spy T-Shirt sighted Tampa-shmampa. The real fun is in Lauderdale. -- ME2 On Mon, Dec 1, 2008 at 3:23 PM, Andy Shook [EMAIL PROTECTED] wrote: Yeah, that's a done deal. Y'all setup a regular monthly date and I'll get thinking. (Shook goes away to get creative with business justification on getting to Tampa) Shook From: Kevin Lundy [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:12 PM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted Andy - I am about 1 mile from the Tampa data center. If you do ever come to town, let me know. I am sure we can find a watering hole nearby. (ok, there is one right across the street) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNS issue?
That should do it. -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:55 PM To: NT System Admin Issues Subject: Re: DNS issue? We don't host the site internally. When I contact them, what do I tell them I need done? That I need the header requests for the two domains answered the same? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
can you change that line of code so it loads from www.yoursite.com/editorialicons.xml ? Eric Brouwer wrote: It's a simple line of Actionscript in the Flash file: xml.load(editorialicons.xml); On Dec 2, 2008, at 1:27 PM, Klint Price - ArizonaITPro wrote: DNS on the outside resolves the same for both www.forespost.com and forestpost.com Can you post the code that loads the xml? Klint It may not be Eric Brouwer wrote: Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
no, what you want it to have yoursite.com redirect via IIS to www.yoursite.com Although you could do it the way Jim suggested, many search engines will ding rankings for duplicate content. Klint Kennedy, Jim wrote: That should do it. -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:55 PM To: NT System Admin Issues Subject: Re: DNS issue? We don't host the site internally. When I contact them, what do I tell them I need done? That I need the header requests for the two domains answered the same? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memory Upgrade question
I've heard of guys swapping out entire cat-back exhaust systems just to get their vehicles inspected... way too much work for me. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:37 PM To: NT System Admin Issues Subject: RE: Memory Upgrade question Yep. My son can get all the blue tooth and GPS hacks out of his car in under 15 minutes. From: RM [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:13 PM To: NT System Admin Issues Subject: RE: Memory Upgrade question That's easy. Remove aftermarket RAM before placing a service call. There's a reason why my car (with trailer towing expressly contraindicated by the mfr) has a no-splice wiring harness that removes in two minutes. RM On Tue, 2 Dec 2008 15:40:21 -, Steve Burkett [EMAIL PROTECTED] said: So the way I read that, Crucial memory is fine to be used in HP servers as long as you don't ring them up trying to get a replacement for your failed motherboard which has mysterious scorch marks encircling the memory sockets. From: Kelsay, Mark [mailto:[EMAIL PROTECTED] Sent: 02 December 2008 11:23 To: NT System Admin Issues Subject: Memory Upgrade question I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. === STEMCOR CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail is intended only for the addressees named in it. The contents should not be disclosed to any other person nor copies taken. Any views or opinions presented are solely those of the sender and do not necessarily represent those of Stemcor unless otherwise specifically stated. Stemcor does not accept legal responsibility for the contents of this message nor responsibility for any change made to it after it was sent by the original sender. You are advised to carry out a virus check before opening any attachment as Stemcor does not accept liability for any damage sustained as a result of any software viruses. You should be aware that Stemcor reserves the right to read incoming and outgoing emails. === ***Teletronics Technology
RE: Run a batch file to send emails
I think this gets it for me. Thanks for your help. call C:\Program Files\Log Parser 2.2\logparser -i:CSV -o:CSV -stats:OFF -e:-1 -q:ON SELECT DISTINCT EXTRACT_TOKEN(Strings, 0, '|') AS User, EXTRACT_TOKEN(Strings, 5, '|') AS Workstation, EXTRACT_TOKEN(Strings, 11, '|') AS IP_Address FROM Sec530.csv.%date6% where eventid = '530' and User 'User' and User '-' Order by User, Workstation Sec530.email.%date6% FOR /F tokens=1,2,3 delims=, %%i IN (Sec530.email.%date6%) DO p:\in01\oper\blat240\full\blat begin.txt -to [EMAIL PROTECTED] -bcc [EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED] .indianafcu.com -f Daily Network Security Audit -s After hours access has been reported to auditors. -body The Workstation (%%j) on IP (%%k) was not signed off and was still logged on with (%%i) after network logon hours had expired. Please log off and shut down the workstation everynight. This helps prevent damage to the workstation and assures the Credit Union that no one is trying to access the network after hours using your network logon. -priority 1 From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:36 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails I use elsave (nightly) to create daily CSV of my security event logs and then it clears the security log. I then run log parser to read the CSV and drop the columns I don't want and give myself cleaned up csv file. Watch the position identifier in the EXTRACT_TOKEN() function as this will grab the column(s) you want. Using DISTINCT in the select will make sure you only grab one instance of the username. Here's the batch file I use. @ECHO OFF REM Get current date for stamping the filename for /F tokens=2,3,4 delims=/ %%i in ('date/t') do set d=%%k%%i%%j REM Grab the full security event log and archive it cd \ logparser -i:EVT -o:CSV -stats:OFF SELECT * FROM Security where eventid = '560' H:\logs\evtvwr_sec_%d%.csv REM Clear the SECURITY log cd c:\scripts elsave -l security -C REM Parse the full file and create an easier to read log file. logparser -i:CSV -o:CSV -stats:OFF -e:-1 -q:ON SELECT DISTINCT EXTRACT_TOKEN(Strings, 10, '|') AS User, EXTRACT_TOKEN(Strings, 2, '|') AS FilePath FROM H:\logs\evtvwr_sec_%d%.csv where eventid = '560' and User 'Administrator' and user '-' ORDER BY FilePath, User H:\logs\parsed\evtvwr_sec_parsed_%d%.csv Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:10 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Ok So I have this to create my blat input file but I am still getting to many results. C:\Program Files\Log Parser 2.2logparser select extract_token(strings, 0, '|') as Account, TimeGenerated into file.csv from \\10.0.50.205\security where eventid in (530) I only want events from today-1. From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:53 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Extract the date field the same way you extract the account field, then add it to your where clause. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:32 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails select distinct extract_token(strings, 0, '|') as Account into file.csv from \\10.0.50.205\security where eventid in (530) How do I get just yesterday's 530 events? From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:40 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Logparser http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4 c25-91b2-f8d975cf8c07 Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:33 PM To: NT System Admin Issues Subject: Run a batch file to send emails I want to read an input file. It would comma delimited. It will have those users that have not logged off and are getting after hours logon events with their names. I only want to send 1 email per user so I would have to sort and then group then blat out the email. My format for the file is like this: 866265068,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:14 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DawnH Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP31090634014W Caller
Re: Counter Spy T-Shirt sighted
I cant think of an answer that doesnt dig myself deeper...LOL - Original Message - From: Andy Shook [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, December 02, 2008 3:04 PM Subject: RE: Counter Spy T-Shirt sighted Sooyou like to take men camping? Shook -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:10 AM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted So your settled in then? My office is about 5 minutes from Miami Beach. My home is about 10 minutes from Coconut Grove. Let me know when your in the area. Also if you want to get to know the great outdoors in SoFL, I'm your man. James - Original Message - From: Micheal Espinola Jr [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, December 01, 2008 3:57 PM Subject: Re: Counter Spy T-Shirt sighted Tampa-shmampa. The real fun is in Lauderdale. -- ME2 On Mon, Dec 1, 2008 at 3:23 PM, Andy Shook [EMAIL PROTECTED] wrote: Yeah, that's a done deal. Y'all setup a regular monthly date and I'll get thinking. (Shook goes away to get creative with business justification on getting to Tampa) Shook From: Kevin Lundy [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:12 PM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted Andy - I am about 1 mile from the Tampa data center. If you do ever come to town, let me know. I am sure we can find a watering hole nearby. (ok, there is one right across the street) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Counter Spy T-Shirt sighted
No need to think...You have obviously already piqued his interest. ;-) -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 2:31 PM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted I cant think of an answer that doesnt dig myself deeper...LOL - Original Message - From: Andy Shook [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, December 02, 2008 3:04 PM Subject: RE: Counter Spy T-Shirt sighted Sooyou like to take men camping? Shook -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 10:10 AM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted So your settled in then? My office is about 5 minutes from Miami Beach. My home is about 10 minutes from Coconut Grove. Let me know when your in the area. Also if you want to get to know the great outdoors in SoFL, I'm your man. James - Original Message - From: Micheal Espinola Jr [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, December 01, 2008 3:57 PM Subject: Re: Counter Spy T-Shirt sighted Tampa-shmampa. The real fun is in Lauderdale. -- ME2 On Mon, Dec 1, 2008 at 3:23 PM, Andy Shook [EMAIL PROTECTED] wrote: Yeah, that's a done deal. Y'all setup a regular monthly date and I'll get thinking. (Shook goes away to get creative with business justification on getting to Tampa) Shook From: Kevin Lundy [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:12 PM To: NT System Admin Issues Subject: Re: Counter Spy T-Shirt sighted Andy - I am about 1 mile from the Tampa data center. If you do ever come to town, let me know. I am sure we can find a watering hole nearby. (ok, there is one right across the street) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
On 2 Dec 2008 at 13:06, Eric Brouwer wrote: Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another [gag]. I'm on DSL and it takes a L-O-N-G T-I-M-E to load the home page and move between pages (and I have to disable NoScript's protections), dump the Flash ASAP. You could also create a non-flash version of the site which loads when your vistors don't have Flash available (for example, iPhone users have no Flash capabilities). You could certainly offer the Flashy version to everyone, just have a no-Flash version also. individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Would this work for your site? --- Included Stuff Follows --- Force www vs non-www to avoid duplicate content on Google Recently, it has been talked a lot about Google and duplicate content as well as Google Canonical problems.That is, when you have your site accessible both under your_domain.com and www.your_domain.com. To avoid such problems you can use the following lines in your .htaccess file to force only the www version of your web site: RewriteEngine on RewriteCond %{HTTP_HOST} !^www.your_domain.com$ RewriteRule ^(.*)$ http://www.your_domain.com/$1 [R=301] Please, note that the .htaccess should be located in the web site main folder. This will redirect all requests to the non-www version of your site to the www version using 301 Permanent redirect which will make the search engines to index your site only using the www.your_domain.com URL. In this way you will avoid a duplicate content penalty. - Included Stuff Ends - More here with links: http://www.besthostratings.com/articles/force-www-htaccess.html Another version that also suggests a different approach: --- Included Stuff Follows --- How To Force www (or no-www) In Domain Name | ProgramimiCOM If you don´t have access to .htaccess, you could also accomplish the same thing through php with a simple script at the top of every page that will try to find www in the URL and redirect if found. Not the most elegant solution, but it does what it needs to do for those who can´t edit .htaccess for some reason. if(!substr($_SERVER[´HTTP_HOST´], `www´)) //check if www exists in URL { header(´Location: http://www.programimi.com/´); //redirect to www.programimi.com } Or for those using wordpress, you could simply install a plugin that does all this for you! One example plugin is WWW-Redirect. - Included Stuff Ends - More here with links: http://www.programimi.com/2008/04/02/how-to-force-www-or-no-www-in-domain- name/ -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
OT: Interesting File Sharing Option
http://drop.io/howto Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image003.jpg
RE: Run a batch file to send emails
No problem. Let me know how it works for you. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 3:20 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails I think this gets it for me. Thanks for your help. call C:\Program Files\Log Parser 2.2\logparser -i:CSV -o:CSV -stats:OFF -e:-1 -q:ON SELECT DISTINCT EXTRACT_TOKEN(Strings, 0, '|') AS User, EXTRACT_TOKEN(Strings, 5, '|') AS Workstation, EXTRACT_TOKEN(Strings, 11, '|') AS IP_Address FROM Sec530.csv.%date6% where eventid = '530' and User 'User' and User '-' Order by User, Workstation Sec530.email.%date6% FOR /F tokens=1,2,3 delims=, %%i IN (Sec530.email.%date6%) DO p:\in01\oper\blat240\full\blat begin.txt -to [EMAIL PROTECTED] -bcc [EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED] .indianafcu.com -f Daily Network Security Audit -s After hours access has been reported to auditors. -body The Workstation (%%j) on IP (%%k) was not signed off and was still logged on with (%%i) after network logon hours had expired. Please log off and shut down the workstation everynight. This helps prevent damage to the workstation and assures the Credit Union that no one is trying to access the network after hours using your network logon. -priority 1 From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:36 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails I use elsave (nightly) to create daily CSV of my security event logs and then it clears the security log. I then run log parser to read the CSV and drop the columns I don't want and give myself cleaned up csv file. Watch the position identifier in the EXTRACT_TOKEN() function as this will grab the column(s) you want. Using DISTINCT in the select will make sure you only grab one instance of the username. Here's the batch file I use. @ECHO OFF REM Get current date for stamping the filename for /F tokens=2,3,4 delims=/ %%i in ('date/t') do set d=%%k%%i%%j REM Grab the full security event log and archive it cd \ logparser -i:EVT -o:CSV -stats:OFF SELECT * FROM Security where eventid = '560' H:\logs\evtvwr_sec_%d%.csv REM Clear the SECURITY log cd c:\scripts elsave -l security -C REM Parse the full file and create an easier to read log file. logparser -i:CSV -o:CSV -stats:OFF -e:-1 -q:ON SELECT DISTINCT EXTRACT_TOKEN(Strings, 10, '|') AS User, EXTRACT_TOKEN(Strings, 2, '|') AS FilePath FROM H:\logs\evtvwr_sec_%d%.csv where eventid = '560' and User 'Administrator' and user '-' ORDER BY FilePath, User H:\logs\parsed\evtvwr_sec_parsed_%d%.csv Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 3:10 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Ok So I have this to create my blat input file but I am still getting to many results. C:\Program Files\Log Parser 2.2logparser select extract_token(strings, 0, '|') as Account, TimeGenerated into file.csv from \\10.0.50.205\security where eventid in (530) I only want events from today-1. From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:53 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Extract the date field the same way you extract the account field, then add it to your where clause. Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:32 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails select distinct extract_token(strings, 0, '|') as Account into file.csv from \\10.0.50.205\security where eventid in (530) How do I get just yesterday's 530 events? From: Jake Gardner [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:40 PM To: NT System Admin Issues Subject: RE: Run a batch file to send emails Logparser http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4 c25-91b2-f8d975cf8c07 Thanks, Jake Gardner TTC Network Administrator Ext. 246 From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 1:33 PM To: NT System Admin Issues Subject: Run a batch file to send emails I want to read an input file. It would comma delimited. It will have those users that have not logged off and are getting after hours logon events with their names. I only want to send 1 email per user so I would have to sort and then group then blat out the email. My format for the file is like this:
Online File Storage Summary
There was a recent discussion of online file storage sites and solutions. I just ran across this link and thought it was relative: http://tomuse.com/ultimate-review-list-of-best-free-online-storage-and-b ackup-application-services/ Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image003.jpg
Recovering data from a mirrored drive
I need some help on how to restore some data from a crashed server. Let me explain. I don't know many of the how and why details here, but a call came in from a small company I work with. Said company has a single Windows Small Business Server 2003 - that went into an endless boot loop. Last Known Good was no good, Safe Mode hung an an ACPI.dll, Recovery Console hung on examining disk configuration - BartPE bluescreened - anyway - it was not a good experience. Oh, and did I mention the customer has no backups of any kind. So the OS is installed on 80GB drive - best as I can tell no data was actually stored on this hard drive. The importanta data was stored on a mirrored set of 250GB SATA drives connected via a HightPoint Technologies Inc, RocketRaid 1640 card. I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Recovering data from a mirrored drive
Sometimes yes, sometimes no. It depends entirely on the drive controller. What is 100% guaranteed to work is to take the *entire* *drive* *array* and hook it up into another machine. Bryan Garmon wrote: I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Recovering data from a mirrored drive
But then you have to put in the drivers BEFORE you actually install the entire hardware but I agree I have had more luck that way. Good luck, Jon On Tue, Dec 2, 2008 at 4:33 PM, Phil Brutsche [EMAIL PROTECTED] wrote: Sometimes yes, sometimes no. It depends entirely on the drive controller. What is 100% guaranteed to work is to take the *entire* *drive* *array* and hook it up into another machine. Bryan Garmon wrote: I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Recovering data from a mirrored drive
So stupid question time - I disconnected them from the controller card - I assumed since they are mirroed it didn't really matter how they were connected - but as I type this I'm worried I might have shot myself in the foot does the order they are connected to the controller matter? On Tue, Dec 2, 2008 at 4:35 PM, Jon Harris [EMAIL PROTECTED] wrote: But then you have to put in the drivers BEFORE you actually install the entire hardware but I agree I have had more luck that way. Good luck, Jon On Tue, Dec 2, 2008 at 4:33 PM, Phil Brutsche [EMAIL PROTECTED] wrote: Sometimes yes, sometimes no. It depends entirely on the drive controller. What is 100% guaranteed to work is to take the *entire* *drive* *array* and hook it up into another machine. Bryan Garmon wrote: I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Recovering data from a mirrored drive
I think that just about every hardware RAID card I've used recently store the configuration on the drive itself, so order shouldn't matter. It doesn't matter even on Nvidia onboard pseudo-raid. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 -Original Message- From: Bryan Garmon [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 4:59 PM To: NT System Admin Issues Subject: Re: Recovering data from a mirrored drive So stupid question time - I disconnected them from the controller card - I assumed since they are mirroed it didn't really matter how they were connected - but as I type this I'm worried I might have shot myself in the foot does the order they are connected to the controller matter? On Tue, Dec 2, 2008 at 4:35 PM, Jon Harris [EMAIL PROTECTED] wrote: But then you have to put in the drivers BEFORE you actually install the entire hardware but I agree I have had more luck that way. Good luck, Jon On Tue, Dec 2, 2008 at 4:33 PM, Phil Brutsche [EMAIL PROTECTED] wrote: Sometimes yes, sometimes no. It depends entirely on the drive controller. What is 100% guaranteed to work is to take the *entire* *drive* *array* and hook it up into another machine. Bryan Garmon wrote: I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- If this email is spam, report it here: http://www.onlymyemail.com/view/?action=reportSpamId=ODEzNjQ6ODA1NTYyMzgwOn BqcEBwc25ldC5jb20%3D ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Memory Upgrade question
They live... I mean, they lie... -- ME2 On Tue, Dec 2, 2008 at 6:22 AM, Kelsay, Mark [EMAIL PROTECTED] wrote: I have been told by our usual hardware vendor that if I use Crucial RAM to upgrade several HP ProLiant DL380 G5 servers that I will void my warranty with HP. He states that we can only use HP branded RAM. There is a £300 difference between the HP branded RAM they quoted us and the price we could get from Crucial. I just spoke with Crucial and they state that this is not true. Anyone else ever come across this issue? Thanks, Mark ** This email is sent for and on behalf of Inspop.com Limited ** Authorised and regulated by the Financial Services Authority. Registration no. 310635. Inspop.com Limited (also trading as Confused.com) is registered in England and Wales at 2nd Floor, Friary House, Greyfriars Road, Cardiff, CF10 3AE (Reg. No. 03857130 ). Any opinions expressed in this email are those of the individual and not necessarily the company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the Information Security Officer by telephone on +44 (0) 29 2043 4252. Please then delete this email and destroy any copies of it. This email has been swept for viruses before leaving our system. Security Warning: Please note that this email has been created in the knowledge that Internet email is not a 100% secure communications medium. We advise that you understand and accept this lack of security when emailing us. Viruses: Although we have taken steps to ensure that this email and any attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. We may monitor the content of E-mails sent and received via our network for viruses or unauthorised use and for other lawful business purposes. This e-mail has been scanned for all viruses by Messagelabs. The service is powered by MessageLabs. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Recovering data from a mirrored drive
I got antsy and called HighPoint Technologies tech support - they said that for the default config using mirrored drives, taking one of the drives and connecting it to a 2nd system should be fine. The only time this would be a problem is if the card was configured with a setting called disk spin up which if configured, will prevent the drives from spinning unless they are connected to this specific raid card - but he said that setting is rarerly used. I'm keeping my fingers crossed and will give it a shot. On Tue, Dec 2, 2008 at 5:08 PM, Phillip Partipilo [EMAIL PROTECTED] wrote: I think that just about every hardware RAID card I've used recently store the configuration on the drive itself, so order shouldn't matter. It doesn't matter even on Nvidia onboard pseudo-raid. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 -Original Message- From: Bryan Garmon [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 4:59 PM To: NT System Admin Issues Subject: Re: Recovering data from a mirrored drive So stupid question time - I disconnected them from the controller card - I assumed since they are mirroed it didn't really matter how they were connected - but as I type this I'm worried I might have shot myself in the foot does the order they are connected to the controller matter? On Tue, Dec 2, 2008 at 4:35 PM, Jon Harris [EMAIL PROTECTED] wrote: But then you have to put in the drivers BEFORE you actually install the entire hardware but I agree I have had more luck that way. Good luck, Jon On Tue, Dec 2, 2008 at 4:33 PM, Phil Brutsche [EMAIL PROTECTED] wrote: Sometimes yes, sometimes no. It depends entirely on the drive controller. What is 100% guaranteed to work is to take the *entire* *drive* *array* and hook it up into another machine. Bryan Garmon wrote: I haven't worked with recovering data off of a Mirrored drive so I'm a little nervous here - but what I was hoping that what I could do is unplug one of the 250GB SATA drives from the RAID card, set it as a slave drive on another system running server 2003, turn on the other system and then pull the data off the partition. Will this work for me to recovery the data? Thanks for any input. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- If this email is spam, report it here: http://www.onlymyemail.com/view/?action=reportSpamId=ODEzNjQ6ODA1NTYyMzgwOn BqcEBwc25ldC5jb20%3D ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
Believe me, I hear you on the anti-flash stuff. That was the first thing I told them when I started. We are invisible to search engines. With our work, form always trumps function. Our designers need to have total control over how things look down to specifying exactly what font the user sees. I'm trying to get a hold of our hosting company. According to their website, we should be able to use the IIS Remote Manager, but I'm not sure of the connection information. I think I can set the redirect that way. On Dec 2, 2008, at 1:37 PM, Ben Scott wrote: On Tue, Dec 2, 2008 at 1:06 PM, Eric Brouwer [EMAIL PROTECTED] wrote: ... using Flash ... There's your problem. (Ha Ha Only Serious.) FYI: A website which consists of nothing but Flash -- like yours -- is essentially invisible to search engines (like Google). So you're hurting your search engine rankings considerably. When you go to www.forestpost.com, everything works fine. ... If you go to forestpost.com, the XML never loads ... I see the same here. Firefox 3.0 and MSIE 6.0, both Flash 9. Can I do anything through DNS? Both www.forestpost.com. and forestpost.com. return the same A record (209.237.151.15), so it is not a DNS problem. Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? That's HTTP, not DNS. It can be done using most web servers. I don't know how to do it in IIS 7.0 (which you're apparently using), but I bet Google would tell you. But that would really just be working around a bug. I'd suggest fixing the bug. I'm guessing you've got a request (Flash or JavaScript) that's triggering a cross-domain security check somehow. Most web client technologies try to limit web pages to requests within their domain (so that visiting http://www.example.com/exploit.js won't mean giving up your eBay login cookies). The specifics I have no idea on. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
Tried that, but it still doesn't work. I think Jim or Ben was right. Seems like a cross domain security issue. On Dec 2, 2008, at 3:08 PM, Klint Price - ArizonaITPro wrote: can you change that line of code so it loads from www.yoursite.com/editorialicons.xml ? Eric Brouwer wrote: It's a simple line of Actionscript in the Flash file: xml.load(editorialicons.xml); On Dec 2, 2008, at 1:27 PM, Klint Price - ArizonaITPro wrote: DNS on the outside resolves the same for both www.forespost.com and forestpost.com Can you post the code that loads the xml? Klint It may not be Eric Brouwer wrote: Good afternoon, I've run into an issue at work related to our web site that I can't figure out. Our site was developed in house using Flash by another individual who can't explain the issue, either. When you go to www.forestpost.com, everything works fine. If you click on of the links on the left, you'll see a carousel featuring our staff. This data is XML driven. If you go to forestpost.com, the XML never loads, so you don't see the carousels. While we look at a long term solution, I'm trying to find a quick fix. Can I do anything through DNS? Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS issue?
You are only invisable if you do not also supply standard content. You dont need to trash the Flash to accomplish that. -- ME2 On Tue, Dec 2, 2008 at 5:25 PM, Eric Brouwer [EMAIL PROTECTED] wrote: Believe me, I hear you on the anti-flash stuff. That was the first thing I told them when I started. We are invisible to search engines. With our work, form always trumps function. Our designers need to have total control over how things look down to specifying exactly what font the user sees. I'm trying to get a hold of our hosting company. According to their website, we should be able to use the IIS Remote Manager, but I'm not sure of the connection information. I think I can set the redirect that way. On Dec 2, 2008, at 1:37 PM, Ben Scott wrote: On Tue, Dec 2, 2008 at 1:06 PM, Eric Brouwer [EMAIL PROTECTED] wrote: ... using Flash ... There's your problem. (Ha Ha Only Serious.) FYI: A website which consists of nothing but Flash -- like yours -- is essentially invisible to search engines (like Google). So you're hurting your search engine rankings considerably. When you go to www.forestpost.com, everything works fine. ... If you go to forestpost.com, the XML never loads ... I see the same here. Firefox 3.0 and MSIE 6.0, both Flash 9. Can I do anything through DNS? Both www.forestpost.com. and forestpost.com. return the same A record (209.237.151.15), so it is not a DNS problem. Some way to force all traffic destined for forestpost.com to redirect to www.forestpost.com? That's HTTP, not DNS. It can be done using most web servers. I don't know how to do it in IIS 7.0 (which you're apparently using), but I bet Google would tell you. But that would really just be working around a bug. I'd suggest fixing the bug. I'm guessing you've got a request (Flash or JavaScript) that's triggering a cross-domain security check somehow. Most web client technologies try to limit web pages to requests within their domain (so that visiting http://www.example.com/exploit.js won't mean giving up your eBay login cookies). The specifics I have no idea on. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: password change reminders via email?
You can also check out ADSelfService Plus. The free edition will do what you want and has a host of other features. I believe the free edition is unlimited in the amount of users that notifies for the email reminder, but limited to 50 users for the portal features. http://manageengine.adventnet.com/products/self-service-password/features.html -Original Message- From: Chinnery, Paul [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 8:18 AM To: NT System Admin Issues Subject: RE: password change reminders via email? Tiny url: http://tinyurl.com/6e7kea Sorry, just loaded this addon (create tiny url) into Firefox and tested it out. Pretty nice-just go to the web page , right-click and select create tiny url. I don't believe it works with https, though. Paul Chinnery Network Administrator Memorial Medical Center 231-845-2319 -Original Message- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:07 AM To: NT System Admin Issues Subject: RE: password change reminders via email? Wrappage: http://theessentialexchange.com/blogs/michael/archive/2008/05/22/chapte r-12 -exchange-2003-scripting.aspx Has a pwd-expires script. You can easily modify the text to say anything you want. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange -Original Message- From: wjh [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2008 11:01 AM To: NT System Admin Issues Subject: password change reminders via email? Hi all, We have clients who have a very mixed environment. Remote users who only use OWA, Mac users, *nix users etc. Password expiration is a PITA in these environments. Any easy and/or free way to notify users not using domain Windows PCs that their password is going to expire? It would be even better for the notification to include a link to the URL for changing your password. Thanks. Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Performance Analysis of Logs
I apologize if this has already made the rounds, but I was just made aware of this tool and thought it was worth sharing. http://www.codeplex.com/PAL *Project Description *Ever have a performance problem, but don't know what performance counters to collect or how to analyze them? The PAL (Performance Analysis of Logs) tool is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (provided). The tool generates an HTML based report which graphically charts important performance counters and throws alerts when thresholds are exceeded. The thresholds are originally based on thresholds defined by the Microsoft product teams and members of Microsoft support, but continue to be expanded by this ongoing project. This tool is not a replacement of traditional performance analysis, but it automates the analysis of performance counter logs enough to save you time. This is a VBScript and requires Microsoft LogParser (free download). Features - Thresholds files for most of the major Microsoft products such as IIS, MOSS, SQL Server, BizTalk, Exchange, and Active Directory. - An easy to use GUI interface which makes creating batch files for the PAL.vbs script. - A GUI editor for creating or editing your own threshold files. - Creates an HTML based report for ease of copy/pasting into other applications. - Analyzes performance counter logs for thresholds using thresholds that change their critieria based on the computer's role or hardware specs. To use PAL The PAL tool is primarily a VBScript that requires arguments/parameters passed to it in order to properly analyze performance monitor logs. In v1.1 and later of PAL, a GUI interface has been added to help with this process. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
removal of security GUID from deleted accounts
We had to delete/recreate the security group in AD 2003 environment which is used to populate local administrator membership on PC workstations. However, as a result of the deletion the security group now shows up with the deleted Security ID instead of a recognizable name. We tried to set the startup script to delete the old name, e.g. net localgroup /delete but it doesn't work because only the phantom SID exists. Inputing the string of SID in script doesn't work either. Any idea on how to remove this SID via script? TIA! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~