RE: ISA 2006 Authentication Page

[Ken Schaefer]

If you logon as "Administrator", which domain is ISA Server supposed to check 
your credentials against?

(The ability to logon without specifying a domain name was removed from IIS 
server for this reason - IIS would try against all domains, but the problem was 
account lockouts could occur if you had two users with the same names but 
different passwords. Or even if they had the same password, you'd be 
authenticated as the wrong user) etc.

Cheers
Ken


From: Don Ely [don@gmail.com]
Sent: Thursday, 16 April 2009 4:33 AM
To: NT System Admin Issues
Subject: Re: ISA 2006 Authentication Page

He is probably out installing Exchange 2010...

On 4/15/09, Micheal Espinola Jr  wrote:
> Surely he's off illustrusizing.
>
> --
> ME2
>
>
> On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>
>> Nobody?  Where's the illustrious Dr. Shinder?
>>
>>
>> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>>
>>> Hey folks,
>>>
>>> I am trying to make ISA not require the NETBIOS domain name as part of
>>> the
>>> username when clients login.  In other words, no "CONTOSO\JackRyan", but
>>> just "JackRyan" for the username.  I can do this for a single domain, but
>>> cannot seem to make it work for the child domains that are a part of the
>>> CONTOSO forest...
>>>
>>> Setup is like this...
>>>
>>> ISA 2006 in Workgroup mode in a DMZ.
>>>
>>> Windows 2003 Native Forest called CONTOSO with three child domains on the
>>> internal network.
>>>
>>> LDAPS authentication is configured from the ISA server to the CONTOSO
>>> forest.
>>>
>>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>>> server in the DMZ which works fine aside from the need to have a domain
>>> name
>>> specified to logon the user.
>>>
>>> I understand that out of the box this is how ISA 2006 works, but I have
>>> heard rumors there are ways around it so I can just provide a username...
>>>
>>> Any thoughts?
>>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

--
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Which Dell laptop to select for office?

[David Baca]

you may want to check out the xps studio linethey have a 16 in available.  
the main problem i have with the xps in a work environment is that there is not 
docking station available for it...not sure if that is an issue for you.





From: Tom Miller 
To: NT System Admin Issues 
Sent: Wednesday, April 15, 2009 12:36:33 PM
Subject: RE: Which Dell laptop to select for office?

 Thanks, y'all!

>>>  4/15/2009 3:26 PM >>>

+1 on the E-series.   The backlit keyboard, built in mic and camera are nice 
addons, but the power and battery life on these are phenemonal.  The 
construction is by far better than previous models.
 
From:Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Wednesday, April 15, 2009 3:23 PM
To: NT System Admin Issues
Subject: RE: Which Dell laptop to select for office?
 
The XPS comes in a 17” version. It’s a very nice machine, although I don’t know 
that I would recommend it for a business environment. I really like the newer E 
series Latitudes for a business laptop.
TVK
 
From:Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, April 15, 2009 2:20 PM
To: NT System Admin Issues
Subject: Re: Which Dell laptop to select for office?
 
I would stick with Lattitudes or Precisions, XPS are more consumer oriented, 
though higher end then Inspiron's.
 
I have to ask, why no external monitor?  Space issues?  IF the 17" is a 
requirement, I think you're looking exclusively at the Precisions, then.
On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller  wrote:
Hi Folks:
 
My wife asked for advice on laptops.  At her work her PC is due for 
replacement, and all new-issues units are laptops.  The unit must be Dell, and 
she has a spending limit of about $2,500.  She's not at her desk all day and 
several days a week she works from home from her home PC.  The work laptop does 
not need to be light since it probably won't be moved much, but a 17" screen 
would be nice, since there will not be an external monitor.
 
All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad line, 
which I like very much.  I don't have much experience with Dell laptops though.
 
Anyone have any recommendations for a particular line?   She's limited to the 
Latitudes, Precisions, and XPS units (Higher Education).
 
Thanks,
Tom
 
Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.
 
 
 
 
 
 
 
 
 

Confidentiality Notice: This e-mail message,  including attachments, is for the 
sole use of the intended recipient(s)  and may contain confidential and 
privileged information. Any  unauthorized review, use, disclosure, or 
distribution is prohibited. If  you are not the intended recipient, please 
contact the sender by reply  e-mail and destroy all copies of the original 
message. 


  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: What to do with old versions of apps using GPO to deploy

[Ben Scott]

On Wed, Apr 15, 2009 at 4:34 PM, Mike Gill  wrote:
> I’m wondering what to do with older versions of frequently updated apps that
> I deploy with Group Policy. For example, I use the Frontmotion Firefox,
> Flash, Java, and others. I have several FF’s and Java’s that when deployed
> were set to upgrade the previous version. Is it safe to delete the older
> versions? Is there a proper method involved?

  Do you mean, delete the old software items from the GPO, or delete
the MSI from the install source share?

  The MSIs something was installed from are often needed during
uninstall/upgrade, so if you have computers that might not have done
their upgrade yet, I'd keep the install kits around until it's all
done.  Then it's okay to delete.

  If you delete the old software items from the GPO... I think that'll
be okay.  The MSI file itself contains the IDs needed to upgrade older
versions.  I think the GPO upgrade stuff is just used to tell the GP
subsystem not to bother trying to install old versions.  Same rule
about clients not updated yet applies, though.  Otherwise, GP will see
it as the GPO falling out of scope, which (depending on your config)
may trigger an uninstall.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Anybody else having patch deployment issues?

[Sherry Abercrombie]

Nope, installed on 3 servers so far in my test domain.  (1 Exchange 2003 and
2 domain controllers)

On Wed, Apr 15, 2009 at 5:35 PM, Richard Stovall <
richard.stov...@researchdata.com> wrote:

> No problems so far...
>
> -Original Message-
> From: Bill Monicher [mailto:bmacd5...@gmail.com]
> Sent: Wednesday, April 15, 2009 7:31 PM
> To: NT System Admin Issues
> Subject: Anybody else having patch deployment issues?
>
> I'm deploying today's crop of MS patches to my first wave test set,
> and I've had 3 of 'em hang during installation so for.
>
> Might be caused by (or the cause of?) my update server having network
> problems.
>
> Lots of other things happening on machines being patched, such as
> 20-30 second periods of apps "not responding"
>
> Don't notice it on machines not being patched.
>
> --V
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>



-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke
Sent from Hurst, TX, United States

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Anybody else having patch deployment issues?

[Richard Stovall]

No problems so far...

-Original Message-
From: Bill Monicher [mailto:bmacd5...@gmail.com] 
Sent: Wednesday, April 15, 2009 7:31 PM
To: NT System Admin Issues
Subject: Anybody else having patch deployment issues?

I'm deploying today's crop of MS patches to my first wave test set,
and I've had 3 of 'em hang during installation so for.

Might be caused by (or the cause of?) my update server having network problems.

Lots of other things happening on machines being patched, such as
20-30 second periods of apps "not responding"

Don't notice it on machines not being patched.

--V

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Anybody else having patch deployment issues?

[Bill Monicher]

I'm deploying today's crop of MS patches to my first wave test set,
and I've had 3 of 'em hang during installation so for.

Might be caused by (or the cause of?) my update server having network problems.

Lots of other things happening on machines being patched, such as
20-30 second periods of apps "not responding"

Don't notice it on machines not being patched.

--V

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[Brian Desmond]

Llts will be more accurate generally speaking so if you can use it you should.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 2:58 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

It's the actual lastLogonTimestamp attribute value with the date/time math done 
for you.  pwage and llts age are values oldcmp computes for you, the other 
fields you show below are the actual attributes themselves.

If you are in DFL2 lastLogonTimeStamp is a replicated attribute and can be used 
by oldcmp... Just use the -llts switch. If you aren't in the right mode, it 
will tell you and won't use it.  IIRC the assumption was that llts would be 
fresher than pwdlastset (oldcmp default) but the tool was written to the lowest 
common denominator and uses pwdlastset to calculate age of the account by 
default.


C:\Admin\Util>oldcmp /?

OldCmp V01.05.00cpp Joe Richards (j...@joeware.net) December 2004

Usage:
 OldCmp [switches]



-llts  If K3 domain in Domain Functional mode uses
   lastLogonTimeStamp instead of pwdLastSet for age options.



Read the help there is some cool stuff in there 


From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, April 15, 2009 11:46 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

What is the "lastLogonTimestamp" field that you get when using OLDCMP.EXE?
pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

There is no specific attribute of a computer acct that tells you the last time 
"it communicated with AD" in the directory.

Modified just tells you what it implies, *something* was modified, not  *what*. 
It is not replicated so it is only an indication of a change to the object *on 
the DC you are looking at*, it will be different on other DC's. You  don't have 
any idea what was changed, it could be anything, even something modified by the 
system.

Depending on the AD version you are running and functional level,  people 
usually look at some combination of  lastlogon, lastlogontimestamp and  
pwdlastset attributes to determine comp acct "activity". (If you are in DFL2 
lastLogonTimeStamp is replicated)  Natively you can get them with 
dsquery,cvsde, ldife, adsiedit, scripting tool of choice, etc.

Personally I would use oldcmp for a report or adfind (joeware.net tools) for a 
quick one-off check for a *stale* comp acct. It is definitely possible to get a 
rough idea with native tools although it is more work.

What are you trying to accomplish and why the native tool requirement?

From: cs [mailto:chr...@gmail.com]
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

Is there a way to tell when a PC last communicated with AD using native tools? 
I was always under the impression the modified field on the Properties tab 
could be used to determine this information???

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[David Lum]

LOL. You win the prize today Bob, I had to look that one up on 
www.m-w.com!

Dave "Bob taught me TWO things today, I should get tomorrow off!" Lum

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 1:42 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

That was a tongue in cheek RTFM most based on self-aggrandizement. *If* you 
were to rtfm you would see my point but I can't ask you to do that and humility 
prevents me from making my point further :)

LOL

From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, April 15, 2009 1:18 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

Eh, I was mixing up last logon timestamp with "last communicated with AD" which 
of course as you said, is different.

RTFM? That's just crazy!

Dave
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 12:58 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

It's the actual lastLogonTimestamp attribute value with the date/time math done 
for you.  pwage and llts age are values oldcmp computes for you, the other 
fields you show below are the actual attributes themselves.

If you are in DFL2 lastLogonTimeStamp is a replicated attribute and can be used 
by oldcmp... Just use the -llts switch. If you aren't in the right mode, it 
will tell you and won't use it.  IIRC the assumption was that llts would be 
fresher than pwdlastset (oldcmp default) but the tool was written to the lowest 
common denominator and uses pwdlastset to calculate age of the account by 
default.


C:\Admin\Util>oldcmp /?

OldCmp V01.05.00cpp Joe Richards (j...@joeware.net) December 2004

Usage:
 OldCmp [switches]



-llts  If K3 domain in Domain Functional mode uses
   lastLogonTimeStamp instead of pwdLastSet for age options.



Read the help there is some cool stuff in there 


From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, April 15, 2009 11:46 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

What is the "lastLogonTimestamp" field that you get when using OLDCMP.EXE?
pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

There is no specific attribute of a computer acct that tells you the last time 
"it communicated with AD" in the directory.

Modified just tells you what it implies, *something* was modified, not  *what*. 
It is not replicated so it is only an indication of a change to the object *on 
the DC you are looking at*, it will be different on other DC's. You  don't have 
any idea what was changed, it could be anything, even something modified by the 
system.

Depending on the AD version you are running and functional level,  people 
usually look at some combination of  lastlogon, lastlogontimestamp and  
pwdlastset attributes to determine comp acct "activity". (If you are in DFL2 
lastLogonTimeStamp is replicated)  Natively you can get them with 
dsquery,cvsde, ldife, adsiedit, scripting tool of choice, etc.

Personally I would use oldcmp for a report or adfind (joeware.net tools) for a 
quick one-off check for a *stale* comp acct. It is definitely possible to get a 
rough idea with native tools although it is more work.

What are you trying to accomplish and why the native tool requirement?

From: cs [mailto:chr...@gmail.com]
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

Is there a way to tell when a PC last communicated with AD using native tools? 
I was always under the impression the modified field on the Properties tab 
could be used to determine this information???

























~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Kill files not accessed in nnn days

[David Lum]

Seems like a N00b question, but does backing up a file change its last accessed 
date, or does it only set the archive attribute bit?

Goal: To have an automated system to delete files that have not been accessed 
in nnn days but that HAVE been backed up.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New machine OU placement

[Greg Mulholland]

Thanks everyone for their input. I think i have enough to look at.

Greg

From: Brian Desmond [br...@briandesmond.com]
Sent: Thursday, 16 April 2009 4:41 AM
To: NT System Admin Issues
Subject: RE: New machine OU placement

Yes I have scripts and this is pretty easy to do (done it many times), but, the 
fields you’re looking for don’t really exist.

Naming conventions are how I usually key this. If you don’t have that then this 
is a lot of work. If you want to do site based you could ping the machine and 
then map the IP to a site. That is pretty easy to do. If you want to do this 
user based, you need to be precreating the computer accounts with something 
that can do the logging for you and ideally put the accounts in the right place.

The other option is to just leave them. If you’re not getting any value from 
moving the machines then don’t bother.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Greg Mulholland [mailto:g...@krystaltek.com]
Sent: Wednesday, April 15, 2009 6:19 AM
To: NT System Admin Issues
Subject: New machine OU placement

Hi Guys

we have an issue where users are creating multiple vm's every day and joining 
them to the network and we end up with a number of machine accounts dumped in 
the default computers container. I would dearly like something that would 
report the machines in that container at the end of the day and possibly the 
user that created it, site it was created in or some such so we could pick them 
up and move them into the right OU.

Before i sit down to script something out has anyone had an experience in this 
respect and could recommend a solution.

Thanks

Greg









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MSI and Exe

[Rod Trent]

It may seem a little steep, but compare it to other offerings like from
Altiris or Acresso and it's cheap.

 

However, there are some freebies out there, along with some that may be a
bit cheaper.  I don't have the links handy right now, but if you want to
search a bit and report back, we can generally give you a good review (pros
and cons) of them.  In fact, you may find a lot of them listed on the
Installsite.org web site  (another good site I forgot about until you jogged
my memory).

 

http://www.installsite.org/ 

 

From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net] 
Sent: Wednesday, April 15, 2009 4:30 PM
To: NT System Admin Issues
Subject: RE: MSI and Exe

 

Thanks Rod,

 

This product looks great. Am I seeing the price tag on this right (MSI
Studio Admin lic 1yr std support $410.97)? That seems a little steep. 

 

Thanks for your time.

Josh

 

 

From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Wednesday, April 15, 2009 3:47 PM
To: NT System Admin Issues
Subject: RE: MSI and Exe

 

You might want to look at MSI Studio from ScriptLogic.  It does all the work
for you.

 

http://www.scriptlogic.com/products/msi-studio/

 

Keep in mind that the majority of apps (well, apps that follow standards)
already have .MSIs to be used for distribution.  And, if they follow
standards, there will be standard command-line switches that offer options
for installations.  So, you may not need an app, or knowledge of the MSI
database structure to deploy apps in most situations.

 

Appdeploy.com is a great site that deals with specific application
installations.  I've noticed a slowdown in the content contributed there,
but it still has a great repository of information.  myITforum.com is
another good site that deals with deploying apps through management
products, including GPOs.

 

From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net] 
Sent: Wednesday, April 15, 2009 3:03 PM
To: NT System Admin Issues
Subject: MSI and Exe

 

I am trying to move from installing all my applications by hand to
installing through GPOs, scripts and MSI files. I need to know where to find
information on how to make an MSI from an exe and how to automate the
install. 

 

I've looked at a couple of sites already and I think they all assume you
have some knowledge of msiexec, running MSIs silently and the snapshot
process used to make an MSI from an exe. I don't. 

 

Can anyone give me a good website with some tutorials on this, or refer me
to a great program that you've used to do this job? 

 

Thanks for your time.

Josh 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[Free, Bob]

That was a tongue in cheek RTFM most based on self-aggrandizement. *If*
you were to rtfm you would see my point but I can't ask you to do that
and humility prevents me from making my point further J

 

LOL

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, April 15, 2009 1:18 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

Eh, I was mixing up last logon timestamp with "last communicated with
AD" which of course as you said, is different.

 

RTFM? That's just crazy!

 

Dave

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 15, 2009 12:58 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

It's the actual lastLogonTimestamp attribute value with the date/time
math done for you.  pwage and llts age are values oldcmp computes for
you, the other fields you show below are the actual attributes
themselves. 

 

If you are in DFL2 lastLogonTimeStamp is a replicated attribute and can
be used by oldcmp... Just use the -llts switch. If you aren't in the
right mode, it will tell you and won't use it.  IIRC the assumption was
that llts would be fresher than pwdlastset (oldcmp default) but the tool
was written to the lowest common denominator and uses pwdlastset to
calculate age of the account by default.

 

 

C:\Admin\Util>oldcmp /?

 

OldCmp V01.05.00cpp Joe Richards (j...@joeware.net) December 2004

 

Usage:

 OldCmp [switches]

 



 

-llts  If K3 domain in Domain Functional mode uses

   lastLogonTimeStamp instead of pwdLastSet for age options.

 



 

Read the help there is some cool stuff in there 

 

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, April 15, 2009 11:46 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

What is the "lastLogonTimestamp" field that you get when using
OLDCMP.EXE?

pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

There is no specific attribute of a computer acct that tells you the
last time "it communicated with AD" in the directory.

 

Modified just tells you what it implies, *something* was modified, not
*what*. It is not replicated so it is only an indication of a change to
the object *on the DC you are looking at*, it will be different on other
DC's. You  don't have any idea what was changed, it could be anything,
even something modified by the system.

 

Depending on the AD version you are running and functional level,
people usually look at some combination of  lastlogon,
lastlogontimestamp and  pwdlastset attributes to determine comp acct
"activity". (If you are in DFL2 lastLogonTimeStamp is replicated)
Natively you can get them with dsquery,cvsde, ldife, adsiedit, scripting
tool of choice, etc.

 

Personally I would use oldcmp for a report or adfind (joeware.net tools)
for a quick one-off check for a *stale* comp acct. It is definitely
possible to get a rough idea with native tools although it is more work.

 

What are you trying to accomplish and why the native tool requirement? 

 

From: cs [mailto:chr...@gmail.com] 
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

 

Is there a way to tell when a PC last communicated with AD using native
tools? I was always under the impression the modified field on the
Properties tab could be used to determine this information???

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSI and Exe

[Phil Brutsche]

It's only steep if you haven't looked at other MSI authoring tools.

Wise Installation Studio is $1k+.

jbech...@actsconsulting.net wrote:
> This product looks great. Am I seeing the price tag on this right (MSI
> Studio Admin lic 1yr std support $410.97)? That seems a little steep.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

What to do with old versions of apps using GPO to deploy

[Mike Gill]

I'm not quite getting the info I want via google, but if anyone has a link
or advice I would appreciate it.

 

I'm wondering what to do with older versions of frequently updated apps that
I deploy with Group Policy. For example, I use the Frontmotion Firefox,
Flash, Java, and others. I have several FF's and Java's that when deployed
were set to upgrade the previous version. Is it safe to delete the older
versions? Is there a proper method involved?

 

-- 
Mike Gill

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MSI and Exe

[jbechard]

Thanks Rod,

 

This product looks great. Am I seeing the price tag on this right (MSI
Studio Admin lic 1yr std support $410.97)? That seems a little steep. 

 

Thanks for your time.

Josh

 

 

From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Wednesday, April 15, 2009 3:47 PM
To: NT System Admin Issues
Subject: RE: MSI and Exe

 

You might want to look at MSI Studio from ScriptLogic.  It does all the
work for you.

 

http://www.scriptlogic.com/products/msi-studio/

 

Keep in mind that the majority of apps (well, apps that follow
standards) already have .MSIs to be used for distribution.  And, if they
follow standards, there will be standard command-line switches that
offer options for installations.  So, you may not need an app, or
knowledge of the MSI database structure to deploy apps in most
situations.

 

Appdeploy.com is a great site that deals with specific application
installations.  I've noticed a slowdown in the content contributed
there, but it still has a great repository of information.
myITforum.com is another good site that deals with deploying apps
through management products, including GPOs.

 

From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net] 
Sent: Wednesday, April 15, 2009 3:03 PM
To: NT System Admin Issues
Subject: MSI and Exe

 

I am trying to move from installing all my applications by hand to
installing through GPOs, scripts and MSI files. I need to know where to
find information on how to make an MSI from an exe and how to automate
the install. 

 

I've looked at a couple of sites already and I think they all assume you
have some knowledge of msiexec, running MSIs silently and the snapshot
process used to make an MSI from an exe. I don't. 

 

Can anyone give me a good website with some tutorials on this, or refer
me to a great program that you've used to do this job? 

 

Thanks for your time.

Josh 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Vipre

[Stu Sjouwerman]

We blow if out of the water actually.
 
I can send you the results off-line.
 
Warm regards,


Stu Sjouwerman
Founder, VP Marketing.
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  
 



From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, April 15, 2009 4:17 PM
To: NT System Admin Issues
Subject: RE: Vipre



I'd be interested to know how it compares to AVG Anti-virus Network
Edition 8.5. 

 

  

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Wednesday, April 15, 2009 4:07 PM
To: NT System Admin Issues
Cc: clayton.do...@gmail.com
Subject: RE: Vipre

 

And here is the Enterprise Comparison:

 

http://www.vipreenterprise.com/Stats/

 

And here is a pretty one in PDF format for the execs:

 

http://www.sunbeltsoftware.com/documents/vipre-comparison-chart.pdf
 

 

Warm regards,

Stu Sjouwerman
Founder, VP Marketing.
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  

 

 



From: Clayton Doige [mailto:clayton.do...@gmail.com] 
Sent: Wednesday, April 15, 2009 11:48 AM
To: NT System Admin Issues
Subject: Vipre

Few months back there was a comparisson matrix for Vipre versus other AV
vendors, anyone have any idea where I can find that?

 

Thanks

 

Clayton

 

 

 

 

.

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.11.57/2060 - Release Date:
04/15/09 06:34:00

 

 




..
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: When did a PC last communicate with AD?

[David Lum]

Eh, I was mixing up last logon timestamp with "last communicated with AD" which 
of course as you said, is different.

RTFM? That's just crazy!

Dave
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 12:58 PM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

It's the actual lastLogonTimestamp attribute value with the date/time math done 
for you.  pwage and llts age are values oldcmp computes for you, the other 
fields you show below are the actual attributes themselves.

If you are in DFL2 lastLogonTimeStamp is a replicated attribute and can be used 
by oldcmp... Just use the -llts switch. If you aren't in the right mode, it 
will tell you and won't use it.  IIRC the assumption was that llts would be 
fresher than pwdlastset (oldcmp default) but the tool was written to the lowest 
common denominator and uses pwdlastset to calculate age of the account by 
default.


C:\Admin\Util>oldcmp /?

OldCmp V01.05.00cpp Joe Richards (j...@joeware.net) December 2004

Usage:
 OldCmp [switches]



-llts  If K3 domain in Domain Functional mode uses
   lastLogonTimeStamp instead of pwdLastSet for age options.



Read the help there is some cool stuff in there 


From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, April 15, 2009 11:46 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

What is the "lastLogonTimestamp" field that you get when using OLDCMP.EXE?
pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

There is no specific attribute of a computer acct that tells you the last time 
"it communicated with AD" in the directory.

Modified just tells you what it implies, *something* was modified, not  *what*. 
It is not replicated so it is only an indication of a change to the object *on 
the DC you are looking at*, it will be different on other DC's. You  don't have 
any idea what was changed, it could be anything, even something modified by the 
system.

Depending on the AD version you are running and functional level,  people 
usually look at some combination of  lastlogon, lastlogontimestamp and  
pwdlastset attributes to determine comp acct "activity". (If you are in DFL2 
lastLogonTimeStamp is replicated)  Natively you can get them with 
dsquery,cvsde, ldife, adsiedit, scripting tool of choice, etc.

Personally I would use oldcmp for a report or adfind (joeware.net tools) for a 
quick one-off check for a *stale* comp acct. It is definitely possible to get a 
rough idea with native tools although it is more work.

What are you trying to accomplish and why the native tool requirement?

From: cs [mailto:chr...@gmail.com]
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

Is there a way to tell when a PC last communicated with AD using native tools? 
I was always under the impression the modified field on the Properties tab 
could be used to determine this information???

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Vipre

[John Aldrich]

I'd be interested to know how it compares to AVG Anti-virus Network Edition
8.5. 

 

John-AldrichTile-Tools

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Wednesday, April 15, 2009 4:07 PM
To: NT System Admin Issues
Cc: clayton.do...@gmail.com
Subject: RE: Vipre

 

And here is the Enterprise Comparison:

 

http://www.vipreenterprise.com/Stats/

 

And here is a pretty one in PDF format for the execs:

 

 
http://www.sunbeltsoftware.com/documents/vipre-comparison-chart.pdf

 

Warm regards,

Stu Sjouwerman
Founder, VP Marketing.
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  

 

 

  _  

From: Clayton Doige [mailto:clayton.do...@gmail.com] 
Sent: Wednesday, April 15, 2009 11:48 AM
To: NT System Admin Issues
Subject: Vipre

Few months back there was a comparisson matrix for Vipre versus other AV
vendors, anyone have any idea where I can find that?

 

Thanks

 

Clayton

 

 

 

 

.

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.11.57/2060 - Release Date: 04/15/09
06:34:00


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: MSI and Exe

[Tim Vander Kooi]

+24.71
I don't use it as much as I used to, but I never leave home without it. :)
TVK

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Wednesday, April 15, 2009 2:51 PM
To: NT System Admin Issues
Subject: Re: MSI and Exe

+1. Generally a very easy product to use.

--
ME2

On Wed, Apr 15, 2009 at 3:46 PM, Rod Trent 
mailto:rodtr...@myitforum.com>> wrote:

You might want to look at MSI Studio from ScriptLogic.  It does all the work 
for you.



http://www.scriptlogic.com/products/msi-studio/



Keep in mind that the majority of apps (well, apps that follow standards) 
already have .MSIs to be used for distribution.  And, if they follow standards, 
there will be standard command-line switches that offer options for 
installations.  So, you may not need an app, or knowledge of the MSI database 
structure to deploy apps in most situations.



Appdeploy.com is a great site that deals with specific application 
installations.  I've noticed a slowdown in the content contributed there, but 
it still has a great repository of information.  myITforum.com is another good 
site that deals with deploying apps through management products, including GPOs.



From: jbech...@actsconsulting.net 
[mailto:jbech...@actsconsulting.net]
Sent: Wednesday, April 15, 2009 3:03 PM
To: NT System Admin Issues
Subject: MSI and Exe



I am trying to move from installing all my applications by hand to installing 
through GPOs, scripts and MSI files. I need to know where to find information 
on how to make an MSI from an exe and how to automate the install.



I've looked at a couple of sites already and I think they all assume you have 
some knowledge of msiexec, running MSIs silently and the snapshot process used 
to make an MSI from an exe. I don't.



Can anyone give me a good website with some tutorials on this, or refer me to a 
great program that you've used to do this job?



Thanks for your time.

Josh














~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Vipre

[Stu Sjouwerman]

And here is the Enterprise Comparison:
 
http://www.vipreenterprise.com/Stats/
 
And here is a pretty one in PDF format for the execs:
 
http://www.sunbeltsoftware.com/documents/vipre-comparison-chart.pdf
 
 
Warm regards,

Stu Sjouwerman
Founder, VP Marketing.
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  
 



From: Clayton Doige [mailto:clayton.do...@gmail.com] 
Sent: Wednesday, April 15, 2009 11:48 AM
To: NT System Admin Issues
Subject: Vipre


Few months back there was a comparisson matrix for Vipre versus other AV
vendors, anyone have any idea where I can find that?
 
Thanks
 
Clayton

 

 




..
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Sub Laptop Device

[John Cook]

Just realize that �s a hopped up KVM for your handheld.

John W. Cook
Systems Administrator
Partnership For Strong Families
315 SE 2nd Ave
Gainesville, Fl 32601
Office (352) 393-2741 x320
Cell (352) 215-6944
Fax (352) 393-2746
MCSE, MCTS, MCP+I,CompTIA A+, N+

From: Daniel Rodriguez [mailto:drod...@gmail.com]
Sent: Wednesday, April 15, 2009 3:59 PM
To: NT System Admin Issues
Subject: Re: Sub Laptop Device

Thanks, Robert!
On Wed, Apr 15, 2009 at 2:32 PM, Robert Cato 
mailto:cato.rob...@gmail.com>> wrote:

Redfly by Celio   http://www.celiocorp.com/

Pretty cool device, I'm in the middle of a huge migration so I need the 
computing power of my laptop but I'm looking forward to casual use with the 
Redfly.
On Wed, Apr 15, 2009 at 2:22 PM, Daniel Rodriguez 
mailto:drod...@gmail.com>> wrote:
I have seen this on the web and have read about it, but it was over four months 
ago.

There is a company that makes a sub-notebook that connects to your smartphone, 
PPC phone, Blackberry. I can't remember their name or their products name... 
It's 'Red' something.

Are they still in business and does anyone have a link/url to them?
















CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Sub Laptop Device

[Daniel Rodriguez]

Thanks, Robert!

On Wed, Apr 15, 2009 at 2:32 PM, Robert Cato  wrote:

>
> Redfly by Celio   http://www.celiocorp.com/
>
> Pretty cool device, I'm in the middle of a huge migration so I need the
> computing power of my laptop but I'm looking forward to casual use with the
> Redfly.
>
>   On Wed, Apr 15, 2009 at 2:22 PM, Daniel Rodriguez wrote:
>
>> I have seen this on the web and have read about it, but it was over four
>> months ago.
>>
>> There is a company that makes a sub-notebook that connects to your
>> smartphone, PPC phone, Blackberry. I can't remember their name or their
>> products name... It's 'Red' something.
>>
>> Are they still in business and does anyone have a link/url to them?
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ISA 2006 Authentication Page

[Free, Bob]

Not silly at all, if NETBIOS is out one would assume that you use DNS as in the 
UPN..but I think Don would have tried that 

-Original Message-
From: Richard Stovall [mailto:richard.stov...@researchdata.com] 
Sent: Wednesday, April 15, 2009 12:01 PM
To: NT System Admin Issues
Subject: RE: ISA 2006 Authentication Page

I suppose that since the domain NETBIOS name is out, so is u...@domain?

Perhaps it's a silly question with an easy answer, but how would users with the 
same usernames in different domains be differentiated without specifying the 
domain somehow?  (e.g. parent\john.doe, child1\john.doe, and child2\john.doe)

-Original Message-
From: Don Ely [mailto:don@gmail.com] 
Sent: Wednesday, April 15, 2009 2:33 PM
To: NT System Admin Issues
Subject: Re: ISA 2006 Authentication Page

He is probably out installing Exchange 2010...

On 4/15/09, Micheal Espinola Jr  wrote:
> Surely he's off illustrusizing.
>
> --
> ME2
>
>
> On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>
>> Nobody?  Where's the illustrious Dr. Shinder?
>>
>>
>> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>>
>>> Hey folks,
>>>
>>> I am trying to make ISA not require the NETBIOS domain name as part of
>>> the
>>> username when clients login.  In other words, no "CONTOSO\JackRyan", but
>>> just "JackRyan" for the username.  I can do this for a single domain, but
>>> cannot seem to make it work for the child domains that are a part of the
>>> CONTOSO forest...
>>>
>>> Setup is like this...
>>>
>>> ISA 2006 in Workgroup mode in a DMZ.
>>>
>>> Windows 2003 Native Forest called CONTOSO with three child domains on the
>>> internal network.
>>>
>>> LDAPS authentication is configured from the ISA server to the CONTOSO
>>> forest.
>>>
>>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>>> server in the DMZ which works fine aside from the need to have a domain
>>> name
>>> specified to logon the user.
>>>
>>> I understand that out of the box this is how ISA 2006 works, but I have
>>> heard rumors there are ways around it so I can just provide a username...
>>>
>>> Any thoughts?
>>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[Free, Bob]

It's the actual lastLogonTimestamp attribute value with the date/time
math done for you.  pwage and llts age are values oldcmp computes for
you, the other fields you show below are the actual attributes
themselves. 

 

If you are in DFL2 lastLogonTimeStamp is a replicated attribute and can
be used by oldcmp... Just use the -llts switch. If you aren't in the
right mode, it will tell you and won't use it.  IIRC the assumption was
that llts would be fresher than pwdlastset (oldcmp default) but the tool
was written to the lowest common denominator and uses pwdlastset to
calculate age of the account by default.

 

 

C:\Admin\Util>oldcmp /?

 

OldCmp V01.05.00cpp Joe Richards (j...@joeware.net) December 2004

 

Usage:

 OldCmp [switches]

 



 

-llts  If K3 domain in Domain Functional mode uses

   lastLogonTimeStamp instead of pwdLastSet for age options.

 



 

Read the help there is some cool stuff in there 

 

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, April 15, 2009 11:46 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

What is the "lastLogonTimestamp" field that you get when using
OLDCMP.EXE?

pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

 

There is no specific attribute of a computer acct that tells you the
last time "it communicated with AD" in the directory.

 

Modified just tells you what it implies, *something* was modified, not
*what*. It is not replicated so it is only an indication of a change to
the object *on the DC you are looking at*, it will be different on other
DC's. You  don't have any idea what was changed, it could be anything,
even something modified by the system.

 

Depending on the AD version you are running and functional level,
people usually look at some combination of  lastlogon,
lastlogontimestamp and  pwdlastset attributes to determine comp acct
"activity". (If you are in DFL2 lastLogonTimeStamp is replicated)
Natively you can get them with dsquery,cvsde, ldife, adsiedit, scripting
tool of choice, etc.

 

Personally I would use oldcmp for a report or adfind (joeware.net tools)
for a quick one-off check for a *stale* comp acct. It is definitely
possible to get a rough idea with native tools although it is more work.

 

What are you trying to accomplish and why the native tool requirement? 

 

From: cs [mailto:chr...@gmail.com] 
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

 

Is there a way to tell when a PC last communicated with AD using native
tools? I was always under the impression the modified field on the
Properties tab could be used to determine this information???

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSI and Exe

[Micheal Espinola Jr]

+1. Generally a very easy product to use.

--
ME2


On Wed, Apr 15, 2009 at 3:46 PM, Rod Trent  wrote:

>  You might want to look at MSI Studio from ScriptLogic.  It does all the
> work for you.
>
>
>
> http://www.scriptlogic.com/products/msi-studio/
>
>
>
> Keep in mind that the majority of apps (well, apps that follow standards)
> already have .MSIs to be used for distribution.  And, if they follow
> standards, there will be standard command-line switches that offer options
> for installations.  So, you may not need an app, or knowledge of the MSI
> database structure to deploy apps in most situations.
>
>
>
> Appdeploy.com is a great site that deals with specific application
> installations.  I’ve noticed a slowdown in the content contributed there,
> but it still has a great repository of information.  myITforum.com is
> another good site that deals with deploying apps through management
> products, including GPOs.
>
>
>
> *From:* jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net]
> *Sent:* Wednesday, April 15, 2009 3:03 PM
> *To:* NT System Admin Issues
> *Subject:* MSI and Exe
>
>
>
> I am trying to move from installing all my applications by hand to
> installing through GPOs, scripts and MSI files. I need to know where to find
> information on how to make an MSI from an exe and how to automate the
> install.
>
>
>
> I’ve looked at a couple of sites already and I think they all assume you
> have some knowledge of msiexec, running MSIs silently and the snapshot
> process used to make an MSI from an exe. I don’t.
>
>
>
> Can anyone give me a good website with some tutorials on this, or refer me
> to a great program that you’ve used to do this job?
>
>
>
> Thanks for your time.
>
> Josh
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MSI and Exe

[Rod Trent]

You might want to look at MSI Studio from ScriptLogic.  It does all the work
for you.

 

http://www.scriptlogic.com/products/msi-studio/

 

Keep in mind that the majority of apps (well, apps that follow standards)
already have .MSIs to be used for distribution.  And, if they follow
standards, there will be standard command-line switches that offer options
for installations.  So, you may not need an app, or knowledge of the MSI
database structure to deploy apps in most situations.

 

Appdeploy.com is a great site that deals with specific application
installations.  I've noticed a slowdown in the content contributed there,
but it still has a great repository of information.  myITforum.com is
another good site that deals with deploying apps through management
products, including GPOs.

 

From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net] 
Sent: Wednesday, April 15, 2009 3:03 PM
To: NT System Admin Issues
Subject: MSI and Exe

 

I am trying to move from installing all my applications by hand to
installing through GPOs, scripts and MSI files. I need to know where to find
information on how to make an MSI from an exe and how to automate the
install. 

 

I've looked at a couple of sites already and I think they all assume you
have some knowledge of msiexec, running MSIs silently and the snapshot
process used to make an MSI from an exe. I don't. 

 

Can anyone give me a good website with some tutorials on this, or refer me
to a great program that you've used to do this job? 

 

Thanks for your time.

Josh 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Don Ely]

If my name is on the email he should just "assume" I'm complaining!!!

On Wed, Apr 15, 2009 at 12:43 PM, Micheal Espinola Jr <
michealespin...@gmail.com> wrote:

> LOL!  You might be right!
>
> --
> ME2
>
>
>  On Wed, Apr 15, 2009 at 2:55 PM, Jonathan Link 
> wrote:
>
>> Don't you have to complain about ISA, not just ask for howto?
>>
>>
>> On Wed, Apr 15, 2009 at 2:33 PM, Don Ely  wrote:
>>
>>> He is probably out installing Exchange 2010...
>>>
>>> On 4/15/09, Micheal Espinola Jr  wrote:
>>> > Surely he's off illustrusizing.
>>> >
>>> > --
>>> > ME2
>>> >
>>> >
>>> > On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>>> >
>>> >> Nobody?  Where's the illustrious Dr. Shinder?
>>> >>
>>> >>
>>> >> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>>> >>
>>> >>> Hey folks,
>>> >>>
>>> >>> I am trying to make ISA not require the NETBIOS domain name as part
>>> of
>>> >>> the
>>> >>> username when clients login.  In other words, no "CONTOSO\JackRyan",
>>> but
>>> >>> just "JackRyan" for the username.  I can do this for a single domain,
>>> but
>>> >>> cannot seem to make it work for the child domains that are a part of
>>> the
>>> >>> CONTOSO forest...
>>> >>>
>>> >>> Setup is like this...
>>> >>>
>>> >>> ISA 2006 in Workgroup mode in a DMZ.
>>> >>>
>>> >>> Windows 2003 Native Forest called CONTOSO with three child domains on
>>> the
>>> >>> internal network.
>>> >>>
>>> >>> LDAPS authentication is configured from the ISA server to the CONTOSO
>>> >>> forest.
>>> >>>
>>> >>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>>> >>> server in the DMZ which works fine aside from the need to have a
>>> domain
>>> >>> name
>>> >>> specified to logon the user.
>>> >>>
>>> >>> I understand that out of the box this is how ISA 2006 works, but I
>>> have
>>> >>> heard rumors there are ways around it so I can just provide a
>>> username...
>>> >>>
>>> >>> Any thoughts?
>>> >>>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >
>>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> > ~   ~
>>>
>>> --
>>> Sent from my mobile device
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Don Ely]

Yep, UPN is out too...  Actually, I have one more thing to test tonight and
I will know what I need to know...  Will pass it along if it comes true...

On Wed, Apr 15, 2009 at 12:01 PM, Richard Stovall <
richard.stov...@researchdata.com> wrote:

> I suppose that since the domain NETBIOS name is out, so is u...@domain?
>
> Perhaps it's a silly question with an easy answer, but how would users with
> the same usernames in different domains be differentiated without specifying
> the domain somehow?  (e.g. parent\john.doe, child1\john.doe, and
> child2\john.doe)
>
> -Original Message-
> From: Don Ely [mailto:don@gmail.com]
> Sent: Wednesday, April 15, 2009 2:33 PM
> To: NT System Admin Issues
> Subject: Re: ISA 2006 Authentication Page
>
> He is probably out installing Exchange 2010...
>
> On 4/15/09, Micheal Espinola Jr  wrote:
> > Surely he's off illustrusizing.
> >
> > --
> > ME2
> >
> >
> > On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
> >
> >> Nobody?  Where's the illustrious Dr. Shinder?
> >>
> >>
> >> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
> >>
> >>> Hey folks,
> >>>
> >>> I am trying to make ISA not require the NETBIOS domain name as part of
> >>> the
> >>> username when clients login.  In other words, no "CONTOSO\JackRyan",
> but
> >>> just "JackRyan" for the username.  I can do this for a single domain,
> but
> >>> cannot seem to make it work for the child domains that are a part of
> the
> >>> CONTOSO forest...
> >>>
> >>> Setup is like this...
> >>>
> >>> ISA 2006 in Workgroup mode in a DMZ.
> >>>
> >>> Windows 2003 Native Forest called CONTOSO with three child domains on
> the
> >>> internal network.
> >>>
> >>> LDAPS authentication is configured from the ISA server to the CONTOSO
> >>> forest.
> >>>
> >>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
> >>> server in the DMZ which works fine aside from the need to have a domain
> >>> name
> >>> specified to logon the user.
> >>>
> >>> I understand that out of the box this is how ISA 2006 works, but I have
> >>> heard rumors there are ways around it so I can just provide a
> username...
> >>>
> >>> Any thoughts?
> >>>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
>
> --
> Sent from my mobile device
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Micheal Espinola Jr]

HA!


On Wed, Apr 15, 2009 at 3:02 PM, Webster  wrote:

>*From:* Jonathan Link [mailto:jonathan.l...@gmail.com]
> *Subject:* Re: ISA 2006 Authentication Page
>
>
>
> Don't you have to complain about ISA, not just ask for howto?
>
> No, you have to state that a Cisco Pix or ASA device is a real firewall.
>
> Webster
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Which Dell laptop to select for office?

[John Aldrich]

We got an XPS unit for one of our carpet design guys. He seems to like it
well enough.

 

John-AldrichTile-Tools

 

From: Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Wednesday, April 15, 2009 3:23 PM
To: NT System Admin Issues
Subject: RE: Which Dell laptop to select for office?

 

The XPS comes in a 17" version. It's a very nice machine, although I don't
know that I would recommend it for a business environment. I really like the
newer E series Latitudes for a business laptop.

TVK

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, April 15, 2009 2:20 PM
To: NT System Admin Issues
Subject: Re: Which Dell laptop to select for office?

 

I would stick with Lattitudes or Precisions, XPS are more consumer oriented,
though higher end then Inspiron's.

 

I have to ask, why no external monitor?  Space issues?  IF the 17" is a
requirement, I think you're looking exclusively at the Precisions, then.

On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller  wrote:

Hi Folks:

 

My wife asked for advice on laptops.  At her work her PC is due for
replacement, and all new-issues units are laptops.  The unit must be Dell,
and she has a spending limit of about $2,500.  She's not at her desk all day
and several days a week she works from home from her home PC.  The work
laptop does not need to be light since it probably won't be moved much, but
a 17" screen would be nice, since there will not be an external monitor.

 

All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
line, which I like very much.  I don't have much experience with Dell
laptops though.

 

Anyone have any recommendations for a particular line?   She's limited to
the Latitudes, Precisions, and XPS units (Higher Education).

 

Thanks,

Tom

 

Confidentiality Notice: This e-mail message, including attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message. 

 

 

 

 

 

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.11.57/2060 - Release Date: 04/15/09
06:34:00


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: ISA 2006 Authentication Page

[Micheal Espinola Jr]

LOL!  You might be right!

--
ME2


On Wed, Apr 15, 2009 at 2:55 PM, Jonathan Link wrote:

> Don't you have to complain about ISA, not just ask for howto?
>
>
> On Wed, Apr 15, 2009 at 2:33 PM, Don Ely  wrote:
>
>> He is probably out installing Exchange 2010...
>>
>> On 4/15/09, Micheal Espinola Jr  wrote:
>> > Surely he's off illustrusizing.
>> >
>> > --
>> > ME2
>> >
>> >
>> > On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>> >
>> >> Nobody?  Where's the illustrious Dr. Shinder?
>> >>
>> >>
>> >> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>> >>
>> >>> Hey folks,
>> >>>
>> >>> I am trying to make ISA not require the NETBIOS domain name as part of
>> >>> the
>> >>> username when clients login.  In other words, no "CONTOSO\JackRyan",
>> but
>> >>> just "JackRyan" for the username.  I can do this for a single domain,
>> but
>> >>> cannot seem to make it work for the child domains that are a part of
>> the
>> >>> CONTOSO forest...
>> >>>
>> >>> Setup is like this...
>> >>>
>> >>> ISA 2006 in Workgroup mode in a DMZ.
>> >>>
>> >>> Windows 2003 Native Forest called CONTOSO with three child domains on
>> the
>> >>> internal network.
>> >>>
>> >>> LDAPS authentication is configured from the ISA server to the CONTOSO
>> >>> forest.
>> >>>
>> >>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>> >>> server in the DMZ which works fine aside from the need to have a
>> domain
>> >>> name
>> >>> specified to logon the user.
>> >>>
>> >>> I understand that out of the box this is how ISA 2006 works, but I
>> have
>> >>> heard rumors there are ways around it so I can just provide a
>> username...
>> >>>
>> >>> Any thoughts?
>> >>>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >
>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> > ~   ~
>>
>> --
>> Sent from my mobile device
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Which Dell laptop to select for office?

[Tom Miller]

Thanks, y'all!

>>>  4/15/2009 3:26 PM >>>

+1 on the E-series.   The backlit keyboard, built in mic and camera are
nice addons, but the power and battery life on these are phenemonal. 
The construction is by far better than previous models.
 

From:Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Wednesday, April 15, 2009 3:23 PM
To: NT System Admin Issues
Subject: RE: Which Dell laptop to select for office?

 
The XPS comes in a 17” version. It’s a very nice machine, although I
don’t know that I would recommend it for a business environment. I
really like the newer E series Latitudes for a business laptop.
TVK
 
From:Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, April 15, 2009 2:20 PM
To: NT System Admin Issues
Subject: Re: Which Dell laptop to select for office?

 

I would stick with Lattitudes or Precisions, XPS are more consumer
oriented, though higher end then Inspiron's.

 

I have to ask, why no external monitor?  Space issues?  IF the 17" is a
requirement, I think you're looking exclusively at the Precisions,
then.

On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller 
wrote:

Hi Folks:

 

My wife asked for advice on laptops.  At her work her PC is due for
replacement, and all new-issues units are laptops.  The unit must be
Dell, and she has a spending limit of about $2,500.  She's not at her
desk all day and several days a week she works from home from her home
PC.  The work laptop does not need to be light since it probably won't
be moved much, but a 17" screen would be nice, since there will not be
an external monitor.

 

All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
line, which I like very much.  I don't have much experience with Dell
laptops though.

 

Anyone have any recommendations for a particular line?   She's limited
to the Latitudes, Precisions, and XPS units (Higher Education).

 

Thanks,

Tom

 
Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
  

 
  
  

 
 

Confidentiality Notice:  This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure, or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Which Dell laptop to select for office?

[gsweers]

+1 on the E-series.   The backlit keyboard, built in mic and camera are
nice addons, but the power and battery life on these are phenemonal.
The construction is by far better than previous models.

 

From: Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Wednesday, April 15, 2009 3:23 PM
To: NT System Admin Issues
Subject: RE: Which Dell laptop to select for office?

 

The XPS comes in a 17" version. It's a very nice machine, although I
don't know that I would recommend it for a business environment. I
really like the newer E series Latitudes for a business laptop.

TVK

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, April 15, 2009 2:20 PM
To: NT System Admin Issues
Subject: Re: Which Dell laptop to select for office?

 

I would stick with Lattitudes or Precisions, XPS are more consumer
oriented, though higher end then Inspiron's.

 

I have to ask, why no external monitor?  Space issues?  IF the 17" is a
requirement, I think you're looking exclusively at the Precisions, then.

On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller  wrote:

Hi Folks:

 

My wife asked for advice on laptops.  At her work her PC is due for
replacement, and all new-issues units are laptops.  The unit must be
Dell, and she has a spending limit of about $2,500.  She's not at her
desk all day and several days a week she works from home from her home
PC.  The work laptop does not need to be light since it probably won't
be moved much, but a 17" screen would be nice, since there will not be
an external monitor.

 

All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
line, which I like very much.  I don't have much experience with Dell
laptops though.

 

Anyone have any recommendations for a particular line?   She's limited
to the Latitudes, Precisions, and XPS units (Higher Education).

 

Thanks,

Tom

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Which Dell laptop to select for office?

[Tim Vander Kooi]

The XPS comes in a 17" version. It's a very nice machine, although I don't know 
that I would recommend it for a business environment. I really like the newer E 
series Latitudes for a business laptop.
TVK

From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Wednesday, April 15, 2009 2:20 PM
To: NT System Admin Issues
Subject: Re: Which Dell laptop to select for office?

I would stick with Lattitudes or Precisions, XPS are more consumer oriented, 
though higher end then Inspiron's.

I have to ask, why no external monitor?  Space issues?  IF the 17" is a 
requirement, I think you're looking exclusively at the Precisions, then.
On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller 
mailto:tmil...@hnncsb.org>> wrote:
Hi Folks:

My wife asked for advice on laptops.  At her work her PC is due for 
replacement, and all new-issues units are laptops.  The unit must be Dell, and 
she has a spending limit of about $2,500.  She's not at her desk all day and 
several days a week she works from home from her home PC.  The work laptop does 
not need to be light since it probably won't be moved much, but a 17" screen 
would be nice, since there will not be an external monitor.

All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad line, 
which I like very much.  I don't have much experience with Dell laptops though.

Anyone have any recommendations for a particular line?   She's limited to the 
Latitudes, Precisions, and XPS units (Higher Education).

Thanks,
Tom


Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Which Dell laptop to select for office?

[Steve Ens]

For $2500 she can get a top of the line unit...I don't buy Dells either, I
just got a new HP Elitebook 8530p with (almost) all the bells and whistles
on it for about half of that.  I run Win2K8 R2 server on it along with three
or four virtual machines running at all times.  It is more than enough.

On Wed, Apr 15, 2009 at 2:11 PM, Tom Miller  wrote:

>  Hi Folks:
>
> My wife asked for advice on laptops.  At her work her PC is due for
> replacement, and all new-issues units are laptops.  The unit must be Dell,
> and she has a spending limit of about $2,500.  She's not at her desk all day
> and several days a week she works from home from her home PC.  The work
> laptop does not need to be light since it probably won't be moved much, but
> a 17" screen would be nice, since there will not be an external monitor.
>
> All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
> line, which I like very much.  I don't have much experience with Dell
> laptops though.
>
> Anyone have any recommendations for a particular line?   She's limited to
> the Latitudes, Precisions, and XPS units (Higher Education).
>
> Thanks,
> Tom
>
>  Confidentiality Notice: This e-mail message, including attachments, is
> for the sole use of the intended recipient(s) and may contain confidential
> and privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Which Dell laptop to select for office?

[Jonathan Link]

I would stick with Lattitudes or Precisions, XPS are more consumer oriented,
though higher end then Inspiron's.

I have to ask, why no external monitor?  Space issues?  IF the 17" is a
requirement, I think you're looking exclusively at the Precisions, then.

On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller  wrote:

>  Hi Folks:
>
> My wife asked for advice on laptops.  At her work her PC is due for
> replacement, and all new-issues units are laptops.  The unit must be Dell,
> and she has a spending limit of about $2,500.  She's not at her desk all day
> and several days a week she works from home from her home PC.  The work
> laptop does not need to be light since it probably won't be moved much, but
> a 17" screen would be nice, since there will not be an external monitor.
>
> All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
> line, which I like very much.  I don't have much experience with Dell
> laptops though.
>
> Anyone have any recommendations for a particular line?   She's limited to
> the Latitudes, Precisions, and XPS units (Higher Education).
>
> Thanks,
> Tom
>
> Confidentiality Notice: This e-mail message, including attachments, is for
> the sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Which Dell laptop to select for office?

[Jonathan Link]

I would stick with Lattitudes or Precisions, XPS are more consumer oriented,
though higher end then Inspiron's.

I have to ask, why no external monitor?  Space issues?  IF the 17" is a
requirement, I think you're looking exclusively at the Precisions, then.

On Wed, Apr 15, 2009 at 3:11 PM, Tom Miller  wrote:

>  Hi Folks:
>
> My wife asked for advice on laptops.  At her work her PC is due for
> replacement, and all new-issues units are laptops.  The unit must be Dell,
> and she has a spending limit of about $2,500.  She's not at her desk all day
> and several days a week she works from home from her home PC.  The work
> laptop does not need to be light since it probably won't be moved much, but
> a 17" screen would be nice, since there will not be an external monitor.
>
> All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
> line, which I like very much.  I don't have much experience with Dell
> laptops though.
>
> Anyone have any recommendations for a particular line?   She's limited to
> the Latitudes, Precisions, and XPS units (Higher Education).
>
> Thanks,
> Tom
>
> Confidentiality Notice: This e-mail message, including attachments, is for
> the sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Which Dell laptop to select for office?

[John Aldrich]

We've been quite happy with our Dell Latitude notebook PCs. That being said,
if you want a "desktop replacement" PC you should go with the XPS.

 

John-AldrichTile-Tools

 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Wednesday, April 15, 2009 3:12 PM
To: NT System Admin Issues
Subject: Which Dell laptop to select for office?

 

Hi Folks:

 

My wife asked for advice on laptops.  At her work her PC is due for
replacement, and all new-issues units are laptops.  The unit must be Dell,
and she has a spending limit of about $2,500.  She's not at her desk all day
and several days a week she works from home from her home PC.  The work
laptop does not need to be light since it probably won't be moved much, but
a 17" screen would be nice, since there will not be an external monitor.

 

All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad
line, which I like very much.  I don't have much experience with Dell
laptops though.

 

Anyone have any recommendations for a particular line?   She's limited to
the Latitudes, Precisions, and XPS units (Higher Education).

 

Thanks,

Tom

 

Confidentiality Notice: This e-mail message, including attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message. 

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.11.57/2060 - Release Date: 04/15/09
06:34:00


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: MSI and Exe

[gsweers]

Appdeploy.com

 

From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net] 
Sent: Wednesday, April 15, 2009 3:03 PM
To: NT System Admin Issues
Subject: MSI and Exe

 

I am trying to move from installing all my applications by hand to
installing through GPOs, scripts and MSI files. I need to know where to
find information on how to make an MSI from an exe and how to automate
the install. 

 

I've looked at a couple of sites already and I think they all assume you
have some knowledge of msiexec, running MSIs silently and the snapshot
process used to make an MSI from an exe. I don't. 

 

Can anyone give me a good website with some tutorials on this, or refer
me to a great program that you've used to do this job? 

 

Thanks for your time.

Josh 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Which Dell laptop to select for office?

[Tom Miller]

Hi Folks:
 
My wife asked for advice on laptops.  At her work her PC is due for 
replacement, and all new-issues units are laptops.  The unit must be Dell, and 
she has a spending limit of about $2,500.  She's not at her desk all day and 
several days a week she works from home from her home PC.  The work laptop does 
not need to be light since it probably won't be moved much, but a 17" screen 
would be nice, since there will not be an external monitor.
 
All of the laptop's I purchase here at work are the Lenovo/IBM ThinkPad line, 
which I like very much.  I don't have much experience with Dell laptops though.
 
Anyone have any recommendations for a particular line?   She's limited to the 
Latitudes, Precisions, and XPS units (Higher Education).
 
Thanks,
Tom

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

MSI and Exe

[jbechard]

I am trying to move from installing all my applications by hand to
installing through GPOs, scripts and MSI files. I need to know where to
find information on how to make an MSI from an exe and how to automate
the install. 

 

I've looked at a couple of sites already and I think they all assume you
have some knowledge of msiexec, running MSIs silently and the snapshot
process used to make an MSI from an exe. I don't. 

 

Can anyone give me a good website with some tutorials on this, or refer
me to a great program that you've used to do this job? 

 

Thanks for your time.

Josh 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ISA 2006 Authentication Page

[Webster]

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Subject: Re: ISA 2006 Authentication Page

 

Don't you have to complain about ISA, not just ask for howto?

No, you have to state that a Cisco Pix or ASA device is a real firewall.

Webster


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ISA 2006 Authentication Page

[Richard Stovall]

I suppose that since the domain NETBIOS name is out, so is u...@domain?

Perhaps it's a silly question with an easy answer, but how would users with the 
same usernames in different domains be differentiated without specifying the 
domain somehow?  (e.g. parent\john.doe, child1\john.doe, and child2\john.doe)

-Original Message-
From: Don Ely [mailto:don@gmail.com] 
Sent: Wednesday, April 15, 2009 2:33 PM
To: NT System Admin Issues
Subject: Re: ISA 2006 Authentication Page

He is probably out installing Exchange 2010...

On 4/15/09, Micheal Espinola Jr  wrote:
> Surely he's off illustrusizing.
>
> --
> ME2
>
>
> On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>
>> Nobody?  Where's the illustrious Dr. Shinder?
>>
>>
>> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>>
>>> Hey folks,
>>>
>>> I am trying to make ISA not require the NETBIOS domain name as part of
>>> the
>>> username when clients login.  In other words, no "CONTOSO\JackRyan", but
>>> just "JackRyan" for the username.  I can do this for a single domain, but
>>> cannot seem to make it work for the child domains that are a part of the
>>> CONTOSO forest...
>>>
>>> Setup is like this...
>>>
>>> ISA 2006 in Workgroup mode in a DMZ.
>>>
>>> Windows 2003 Native Forest called CONTOSO with three child domains on the
>>> internal network.
>>>
>>> LDAPS authentication is configured from the ISA server to the CONTOSO
>>> forest.
>>>
>>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>>> server in the DMZ which works fine aside from the need to have a domain
>>> name
>>> specified to logon the user.
>>>
>>> I understand that out of the box this is how ISA 2006 works, but I have
>>> heard rumors there are ways around it so I can just provide a username...
>>>
>>> Any thoughts?
>>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Jonathan Link]

Don't you have to complain about ISA, not just ask for howto?

On Wed, Apr 15, 2009 at 2:33 PM, Don Ely  wrote:

> He is probably out installing Exchange 2010...
>
> On 4/15/09, Micheal Espinola Jr  wrote:
> > Surely he's off illustrusizing.
> >
> > --
> > ME2
> >
> >
> > On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
> >
> >> Nobody?  Where's the illustrious Dr. Shinder?
> >>
> >>
> >> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
> >>
> >>> Hey folks,
> >>>
> >>> I am trying to make ISA not require the NETBIOS domain name as part of
> >>> the
> >>> username when clients login.  In other words, no "CONTOSO\JackRyan",
> but
> >>> just "JackRyan" for the username.  I can do this for a single domain,
> but
> >>> cannot seem to make it work for the child domains that are a part of
> the
> >>> CONTOSO forest...
> >>>
> >>> Setup is like this...
> >>>
> >>> ISA 2006 in Workgroup mode in a DMZ.
> >>>
> >>> Windows 2003 Native Forest called CONTOSO with three child domains on
> the
> >>> internal network.
> >>>
> >>> LDAPS authentication is configured from the ISA server to the CONTOSO
> >>> forest.
> >>>
> >>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
> >>> server in the DMZ which works fine aside from the need to have a domain
> >>> name
> >>> specified to logon the user.
> >>>
> >>> I understand that out of the box this is how ISA 2006 works, but I have
> >>> heard rumors there are ways around it so I can just provide a
> username...
> >>>
> >>> Any thoughts?
> >>>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
>
> --
> Sent from my mobile device
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[David Lum]

What is the "lastLogonTimestamp" field that you get when using OLDCMP.EXE?

pwdLastSet

pwage

whenCreated

accountExpires

lastLogonTimestamp

lltsAge

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 15, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: When did a PC last communicate with AD?

There is no specific attribute of a computer acct that tells you the last time 
"it communicated with AD" in the directory.

Modified just tells you what it implies, *something* was modified, not  *what*. 
It is not replicated so it is only an indication of a change to the object *on 
the DC you are looking at*, it will be different on other DC's. You  don't have 
any idea what was changed, it could be anything, even something modified by the 
system.

Depending on the AD version you are running and functional level,  people 
usually look at some combination of  lastlogon, lastlogontimestamp and  
pwdlastset attributes to determine comp acct "activity". (If you are in DFL2 
lastLogonTimeStamp is replicated)  Natively you can get them with 
dsquery,cvsde, ldife, adsiedit, scripting tool of choice, etc.

Personally I would use oldcmp for a report or adfind (joeware.net tools) for a 
quick one-off check for a *stale* comp acct. It is definitely possible to get a 
rough idea with native tools although it is more work.

What are you trying to accomplish and why the native tool requirement?

From: cs [mailto:chr...@gmail.com]
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

Is there a way to tell when a PC last communicated with AD using native tools? 
I was always under the impression the modified field on the Properties tab 
could be used to determine this information???









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New machine OU placement

[Brian Desmond]

Yes I have scripts and this is pretty easy to do (done it many times), but, the 
fields you're looking for don't really exist.

Naming conventions are how I usually key this. If you don't have that then this 
is a lot of work. If you want to do site based you could ping the machine and 
then map the IP to a site. That is pretty easy to do. If you want to do this 
user based, you need to be precreating the computer accounts with something 
that can do the logging for you and ideally put the accounts in the right place.

The other option is to just leave them. If you're not getting any value from 
moving the machines then don't bother.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Greg Mulholland [mailto:g...@krystaltek.com]
Sent: Wednesday, April 15, 2009 6:19 AM
To: NT System Admin Issues
Subject: New machine OU placement

Hi Guys

we have an issue where users are creating multiple vm's every day and joining 
them to the network and we end up with a number of machine accounts dumped in 
the default computers container. I would dearly like something that would 
report the machines in that container at the end of the day and possibly the 
user that created it, site it was created in or some such so we could pick them 
up and move them into the right OU.

Before i sit down to script something out has anyone had an experience in this 
respect and could recommend a solution.

Thanks

Greg





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Don Ely]

He is probably out installing Exchange 2010...

On 4/15/09, Micheal Espinola Jr  wrote:
> Surely he's off illustrusizing.
>
> --
> ME2
>
>
> On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:
>
>> Nobody?  Where's the illustrious Dr. Shinder?
>>
>>
>> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>>
>>> Hey folks,
>>>
>>> I am trying to make ISA not require the NETBIOS domain name as part of
>>> the
>>> username when clients login.  In other words, no "CONTOSO\JackRyan", but
>>> just "JackRyan" for the username.  I can do this for a single domain, but
>>> cannot seem to make it work for the child domains that are a part of the
>>> CONTOSO forest...
>>>
>>> Setup is like this...
>>>
>>> ISA 2006 in Workgroup mode in a DMZ.
>>>
>>> Windows 2003 Native Forest called CONTOSO with three child domains on the
>>> internal network.
>>>
>>> LDAPS authentication is configured from the ISA server to the CONTOSO
>>> forest.
>>>
>>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>>> server in the DMZ which works fine aside from the need to have a domain
>>> name
>>> specified to logon the user.
>>>
>>> I understand that out of the box this is how ISA 2006 works, but I have
>>> heard rumors there are ways around it so I can just provide a username...
>>>
>>> Any thoughts?
>>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Sub Laptop Device

[Robert Cato]

Redfly by Celio   http://www.celiocorp.com/

Pretty cool device, I'm in the middle of a huge migration so I need the
computing power of my laptop but I'm looking forward to casual use with the
Redfly.

On Wed, Apr 15, 2009 at 2:22 PM, Daniel Rodriguez  wrote:

> I have seen this on the web and have read about it, but it was over four
> months ago.
>
> There is a company that makes a sub-notebook that connects to your
> smartphone, PPC phone, Blackberry. I can't remember their name or their
> products name... It's 'Red' something.
>
> Are they still in business and does anyone have a link/url to them?
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Sub Laptop Device

[Daniel Rodriguez]

I have seen this on the web and have read about it, but it was over four
months ago.

There is a company that makes a sub-notebook that connects to your
smartphone, PPC phone, Blackberry. I can't remember their name or their
products name... It's 'Red' something.

Are they still in business and does anyone have a link/url to them?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New machine OU placement

[Sherry Abercrombie]

We have changed the default OU that new computers are added to, this OU has
a "special" Group Policy on it that has the machine locked down tight, they
cannot do anything with the machine until it is moved to the correct OU,
this has eliminated the mystery of computers just showing up in active
directory.

On Wed, Apr 15, 2009 at 12:12 PM, Free, Bob  wrote:

>  There are several ways to address it but it all depends on the situation,
> we disabled the ability to add computers to the computers container when we
> first installed AD. All the various workstation and server OU’s have very
> specific delegations on who can add machines to them.
>
>
>
> If you just want reporting, turn on and configure DS  auditing (or use a 3
> rd party tool)
>
>
>
> *From:* Greg Mulholland [mailto:g...@krystaltek.com]
> *Sent:* Wednesday, April 15, 2009 4:19 AM
> *To:* NT System Admin Issues
> *Subject:* New machine OU placement
>
>
>
> Hi Guys
>
>
>
> we have an issue where users are creating multiple vm's every day and
> joining them to the network and we end up with a number of machine accounts
> dumped in the default computers container. I would dearly like something
> that would report the machines in that container at the end of the day and
> possibly the user that created it, site it was created in or some such so we
> could pick them up and move them into the right OU.
>
>
>
> Before i sit down to script something out has anyone had an experience in
> this respect and could recommend a solution.
>
>
>
> Thanks
>
>
>
> Greg
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[Free, Bob]

There is no specific attribute of a computer acct that tells you the
last time "it communicated with AD" in the directory.

 

Modified just tells you what it implies, *something* was modified, not
*what*. It is not replicated so it is only an indication of a change to
the object *on the DC you are looking at*, it will be different on other
DC's. You  don't have any idea what was changed, it could be anything,
even something modified by the system.

 

Depending on the AD version you are running and functional level,
people usually look at some combination of  lastlogon,
lastlogontimestamp and  pwdlastset attributes to determine comp acct
"activity". (If you are in DFL2 lastLogonTimeStamp is replicated)
Natively you can get them with dsquery,cvsde, ldife, adsiedit, scripting
tool of choice, etc.

 

Personally I would use oldcmp for a report or adfind (joeware.net tools)
for a quick one-off check for a *stale* comp acct. It is definitely
possible to get a rough idea with native tools although it is more work.

 

What are you trying to accomplish and why the native tool requirement? 

 

From: cs [mailto:chr...@gmail.com] 
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

 

Is there a way to tell when a PC last communicated with AD using native
tools? I was always under the impression the modified field on the
Properties tab could be used to determine this information???

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Micheal Espinola Jr]

Surely he's off illustrusizing.

--
ME2


On Wed, Apr 15, 2009 at 11:49 AM, Don Ely  wrote:

> Nobody?  Where's the illustrious Dr. Shinder?
>
>
> On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:
>
>> Hey folks,
>>
>> I am trying to make ISA not require the NETBIOS domain name as part of the
>> username when clients login.  In other words, no "CONTOSO\JackRyan", but
>> just "JackRyan" for the username.  I can do this for a single domain, but
>> cannot seem to make it work for the child domains that are a part of the
>> CONTOSO forest...
>>
>> Setup is like this...
>>
>> ISA 2006 in Workgroup mode in a DMZ.
>>
>> Windows 2003 Native Forest called CONTOSO with three child domains on the
>> internal network.
>>
>> LDAPS authentication is configured from the ISA server to the CONTOSO
>> forest.
>>
>> I am trying to publish MOSS 2007 from the Internal Network to the ISA
>> server in the DMZ which works fine aside from the need to have a domain name
>> specified to logon the user.
>>
>> I understand that out of the box this is how ISA 2006 works, but I have
>> heard rumors there are ways around it so I can just provide a username...
>>
>> Any thoughts?
>>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New machine OU placement

[Free, Bob]

There are several ways to address it but it all depends on the
situation, we disabled the ability to add computers to the computers
container when we first installed AD. All the various workstation and
server OU's have very specific delegations on who can add machines to
them.

 

If you just want reporting, turn on and configure DS  auditing (or use a
3rd party tool)

 

From: Greg Mulholland [mailto:g...@krystaltek.com] 
Sent: Wednesday, April 15, 2009 4:19 AM
To: NT System Admin Issues
Subject: New machine OU placement

 

Hi Guys

 

we have an issue where users are creating multiple vm's every day and
joining them to the network and we end up with a number of machine
accounts dumped in the default computers container. I would dearly like
something that would report the machines in that container at the end of
the day and possibly the user that created it, site it was created in or
some such so we could pick them up and move them into the right OU.

 

Before i sit down to script something out has anyone had an experience
in this respect and could recommend a solution.

 

Thanks

 

Greg

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

2003 TS problem with remote control

[Eldridge, Dave]

I have two 03 TS that I am having issues with remote controlling users
on one of them. I can't get any mouse/keyboard response. Also when I
initiate the remote control the user doesn't get a warning to allow me
to start a remote control session. I have tried this from multiple
workstations. Have rebooted server still no. I don't see anything in the
event logs.

My other TS is setup the same way but works just fine.

Any ideas?

 




This message contains confidential information and is intended only for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute or copy this e-mail. Please notify the sender immediately via e-mail 
if you have received this e-mail by mistake; then, delete this e-mail from your 
system.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSDN - To buy, or not to buy?

[Sean Martin]

I don't know why I didn't consider Technet. That's definitely the way to go.
Thanks!

- Sean

On Wed, Apr 15, 2009 at 7:50 AM, Jeff Bunting wrote:

> Agreed; technet plus is only $300 or so and they run occasional promotions
> that discount it.  I think I got it for about $225 last year.
>
> If you need Visual Studio as well, you could get a single license of it
> plus technet for much less than MSDN.  MSDN offers more, but is probably
> more than you need unless you are a developer targeting multiple
> platforms/apps.
>
> Jeff
>
> On Wed, Apr 15, 2009 at 11:38 AM, Jeremy Phillips <
> jere...@cohesivelogic.com> wrote:
>
>>  Look at TechNet Plus as well. It’s significantly cheaper.
>>
>>
>>
>> Thanks,
>>
>>
>>
>> Jeremy Phillips
>>
>> Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D:
>> 425-949-1337 | BB PIN: 318A6889
>>
>>
>>
>>
>>
>> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
>> *Sent:* Wednesday, April 15, 2009 8:38 AM
>> *To:* NT System Admin Issues
>> *Subject:* MSDN - To buy, or not to buy?
>>
>>
>>
>> I've been toying with the idea of purchasing an MSDN subscription. My goal
>> is to setup a lab environment for testing, training, etc. I'm primarily
>> focused on obtaining copies of Windows Server and Exchange 2007 (or 2010),
>> but it would be nice to have access to most of the software. For what I
>> want, it looks like the Visual Studio Professional with MSDN Premium is
>> required.
>>
>>
>>
>> My question to you all is do you feel it would be worth  the $2500 initial
>> purchase and $1999 annual renewal? I see it as an investment in my education
>> and I know it could be a write off, but that's a lot of money for me to part
>> with. Are there other avenues available for obtaining legitimate copies of
>> Windows products for home based test labs that might be cheaper?
>>
>>
>>
>> - Sean
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSDN - To buy, or not to buy?

[Sean Martin]

MAPS looks promising but I don't believe I'm eligible.

- Sean

On Wed, Apr 15, 2009 at 8:01 AM, Lee Douglas  wrote:

> Have you looked at - do you qualify for MAPS? It includes Visual Studio and
> lots of other software.
>
> https://partner.microsoft.com/40016455
>
>
>
> On Wed, Apr 15, 2009 at 11:50 AM, Jeff Bunting wrote:
>
>> Agreed; technet plus is only $300 or so and they run occasional promotions
>> that discount it.  I think I got it for about $225 last year.
>>
>> If you need Visual Studio as well, you could get a single license of it
>> plus technet for much less than MSDN.  MSDN offers more, but is probably
>> more than you need unless you are a developer targeting multiple
>> platforms/apps.
>>
>> Jeff
>>
>> On Wed, Apr 15, 2009 at 11:38 AM, Jeremy Phillips <
>> jere...@cohesivelogic.com> wrote:
>>
>>>  Look at TechNet Plus as well. It’s significantly cheaper.
>>>
>>>
>>>
>>> Thanks,
>>>
>>>
>>>
>>> Jeremy Phillips
>>>
>>> Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D:
>>> 425-949-1337 | BB PIN: 318A6889
>>>
>>>
>>>
>>>
>>>
>>> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
>>> *Sent:* Wednesday, April 15, 2009 8:38 AM
>>> *To:* NT System Admin Issues
>>> *Subject:* MSDN - To buy, or not to buy?
>>>
>>>
>>>
>>> I've been toying with the idea of purchasing an MSDN subscription. My
>>> goal is to setup a lab environment for testing, training, etc. I'm primarily
>>> focused on obtaining copies of Windows Server and Exchange 2007 (or 2010),
>>> but it would be nice to have access to most of the software. For what I
>>> want, it looks like the Visual Studio Professional with MSDN Premium is
>>> required.
>>>
>>>
>>>
>>> My question to you all is do you feel it would be worth  the $2500
>>> initial purchase and $1999 annual renewal? I see it as an investment in my
>>> education and I know it could be a write off, but that's a lot of money for
>>> me to part with. Are there other avenues available for obtaining legitimate
>>> copies of Windows products for home based test labs that might be cheaper?
>>>
>>>
>>>
>>> - Sean
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Terminal Server 2008 TS Web Access

[Tom Miller]

I have several Windows 2008 TS Web Access servers.  I've enabled the Session 
broker role and followed the instructions in the Microsoft white paper.  I use 
wildcard certificates and both of my TS Web Access servers have certificates.
 
One of my terminal servers has several applications the other server does not 
have.  I would expect with TS Web Access configured this way I would see all 
associated applications, but that's not happening. I either get the apps from 
one server or the other, but not both.
 
What am I missing?
 
 

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MSDN - To buy, or not to buy?

[David Lum]

+1 MAPS.   Been subscribed to it for 3 years now, worth every penny.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Lee Douglas [mailto:lee.doug...@gmail.com]
Sent: Wednesday, April 15, 2009 9:02 AM
To: NT System Admin Issues
Subject: Re: MSDN - To buy, or not to buy?

Have you looked at - do you qualify for MAPS? It includes Visual Studio and 
lots of other software.

https://partner.microsoft.com/40016455

On Wed, Apr 15, 2009 at 11:50 AM, Jeff Bunting 
mailto:bunting.j...@gmail.com>> wrote:
Agreed; technet plus is only $300 or so and they run occasional promotions that 
discount it.  I think I got it for about $225 last year.

If you need Visual Studio as well, you could get a single license of it plus 
technet for much less than MSDN.  MSDN offers more, but is probably more than 
you need unless you are a developer targeting multiple platforms/apps.

Jeff
On Wed, Apr 15, 2009 at 11:38 AM, Jeremy Phillips 
mailto:jere...@cohesivelogic.com>> wrote:

Look at TechNet Plus as well. It's significantly cheaper.



Thanks,



Jeremy Phillips

Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D: 425-949-1337 | 
BB PIN: 318A6889





From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Wednesday, April 15, 2009 8:38 AM
To: NT System Admin Issues
Subject: MSDN - To buy, or not to buy?



I've been toying with the idea of purchasing an MSDN subscription. My goal is 
to setup a lab environment for testing, training, etc. I'm primarily focused on 
obtaining copies of Windows Server and Exchange 2007 (or 2010), but it would be 
nice to have access to most of the software. For what I want, it looks like the 
Visual Studio Professional with MSDN Premium is required.



My question to you all is do you feel it would be worth  the $2500 initial 
purchase and $1999 annual renewal? I see it as an investment in my education 
and I know it could be a write off, but that's a lot of money for me to part 
with. Are there other avenues available for obtaining legitimate copies of 
Windows products for home based test labs that might be cheaper?



- Sean



















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Vipre

[Clayton Doige]

exactly what I was looking for, thanks :-)

2009/4/15 Axcess Mailing List 

>  Clayton:
>
>
>
> http://www.vipreantivirus.com/Stats/
>
>
>
> Regards,
>
> Jim
>
>
>
> *From:* Clayton Doige [mailto:clayton.do...@gmail.com]
> *Sent:* Wednesday, April 15, 2009 08:48
> *To:* NT System Admin Issues
> *Subject:* Vipre
>
>
>
> Few months back there was a comparisson matrix for Vipre versus other AV
> vendors, anyone have any idea where I can find that?
>
>
>
> Thanks
>
>
>
> Clayton
>
>
>
>
>
>
>
>
>
>


-- 
Regards,

Clayton
clay...@alsipius.com
http://alsipius.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSDN - To buy, or not to buy?

[Lee Douglas]

Have you looked at - do you qualify for MAPS? It includes Visual Studio and
lots of other software.

https://partner.microsoft.com/40016455


On Wed, Apr 15, 2009 at 11:50 AM, Jeff Bunting wrote:

> Agreed; technet plus is only $300 or so and they run occasional promotions
> that discount it.  I think I got it for about $225 last year.
>
> If you need Visual Studio as well, you could get a single license of it
> plus technet for much less than MSDN.  MSDN offers more, but is probably
> more than you need unless you are a developer targeting multiple
> platforms/apps.
>
> Jeff
>
> On Wed, Apr 15, 2009 at 11:38 AM, Jeremy Phillips <
> jere...@cohesivelogic.com> wrote:
>
>>  Look at TechNet Plus as well. It’s significantly cheaper.
>>
>>
>>
>> Thanks,
>>
>>
>>
>> Jeremy Phillips
>>
>> Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D:
>> 425-949-1337 | BB PIN: 318A6889
>>
>>
>>
>>
>>
>> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
>> *Sent:* Wednesday, April 15, 2009 8:38 AM
>> *To:* NT System Admin Issues
>> *Subject:* MSDN - To buy, or not to buy?
>>
>>
>>
>> I've been toying with the idea of purchasing an MSDN subscription. My goal
>> is to setup a lab environment for testing, training, etc. I'm primarily
>> focused on obtaining copies of Windows Server and Exchange 2007 (or 2010),
>> but it would be nice to have access to most of the software. For what I
>> want, it looks like the Visual Studio Professional with MSDN Premium is
>> required.
>>
>>
>>
>> My question to you all is do you feel it would be worth  the $2500 initial
>> purchase and $1999 annual renewal? I see it as an investment in my education
>> and I know it could be a write off, but that's a lot of money for me to part
>> with. Are there other avenues available for obtaining legitimate copies of
>> Windows products for home based test labs that might be cheaper?
>>
>>
>>
>> - Sean
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Vipre

[Axcess Mailing List]

Clayton:

http://www.vipreantivirus.com/Stats/

Regards,
Jim

From: Clayton Doige [mailto:clayton.do...@gmail.com]
Sent: Wednesday, April 15, 2009 08:48
To: NT System Admin Issues
Subject: Vipre

Few months back there was a comparisson matrix for Vipre versus other AV 
vendors, anyone have any idea where I can find that?

Thanks

Clayton





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Vipre

[John Cook]

Most likely on the Sunbelt site.
John W. Cook
Systems Administrator
Partnership For Strong Families
Sent to you from my Blackberry in the Cloud


From: Clayton Doige
To: NT System Admin Issues
Sent: Wed Apr 15 11:48:23 2009
Subject: Vipre

Few months back there was a comparisson matrix for Vipre versus other AV 
vendors, anyone have any idea where I can find that?

Thanks

Clayton






CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: MSDN - To buy, or not to buy?

[Jeff Bunting]

Agreed; technet plus is only $300 or so and they run occasional promotions
that discount it.  I think I got it for about $225 last year.

If you need Visual Studio as well, you could get a single license of it plus
technet for much less than MSDN.  MSDN offers more, but is probably more
than you need unless you are a developer targeting multiple platforms/apps.

Jeff

On Wed, Apr 15, 2009 at 11:38 AM, Jeremy Phillips  wrote:

>  Look at TechNet Plus as well. It’s significantly cheaper.
>
>
>
> Thanks,
>
>
>
> Jeremy Phillips
>
> Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D:
> 425-949-1337 | BB PIN: 318A6889
>
>
>
>
>
> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
> *Sent:* Wednesday, April 15, 2009 8:38 AM
> *To:* NT System Admin Issues
> *Subject:* MSDN - To buy, or not to buy?
>
>
>
> I've been toying with the idea of purchasing an MSDN subscription. My goal
> is to setup a lab environment for testing, training, etc. I'm primarily
> focused on obtaining copies of Windows Server and Exchange 2007 (or 2010),
> but it would be nice to have access to most of the software. For what I
> want, it looks like the Visual Studio Professional with MSDN Premium is
> required.
>
>
>
> My question to you all is do you feel it would be worth  the $2500 initial
> purchase and $1999 annual renewal? I see it as an investment in my education
> and I know it could be a write off, but that's a lot of money for me to part
> with. Are there other avenues available for obtaining legitimate copies of
> Windows products for home based test labs that might be cheaper?
>
>
>
> - Sean
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: ISA 2006 Authentication Page

[Don Ely]

Nobody?  Where's the illustrious Dr. Shinder?

On Tue, Apr 14, 2009 at 9:47 AM, Don Ely  wrote:

> Hey folks,
>
> I am trying to make ISA not require the NETBIOS domain name as part of the
> username when clients login.  In other words, no "CONTOSO\JackRyan", but
> just "JackRyan" for the username.  I can do this for a single domain, but
> cannot seem to make it work for the child domains that are a part of the
> CONTOSO forest...
>
> Setup is like this...
>
> ISA 2006 in Workgroup mode in a DMZ.
>
> Windows 2003 Native Forest called CONTOSO with three child domains on the
> internal network.
>
> LDAPS authentication is configured from the ISA server to the CONTOSO
> forest.
>
> I am trying to publish MOSS 2007 from the Internal Network to the ISA
> server in the DMZ which works fine aside from the need to have a domain name
> specified to logon the user.
>
> I understand that out of the box this is how ISA 2006 works, but I have
> heard rumors there are ways around it so I can just provide a username...
>
> Any thoughts?
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Vipre

[Clayton Doige]

Few months back there was a comparisson matrix for Vipre versus other AV
vendors, anyone have any idea where I can find that?

Thanks

Clayton

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MSDN - To buy, or not to buy?

[Jeremy Phillips]

Look at TechNet Plus as well. It's significantly cheaper.

Thanks,

Jeremy Phillips
Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D: 425-949-1337 | 
BB PIN: 318A6889


From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Wednesday, April 15, 2009 8:38 AM
To: NT System Admin Issues
Subject: MSDN - To buy, or not to buy?

I've been toying with the idea of purchasing an MSDN subscription. My goal is 
to setup a lab environment for testing, training, etc. I'm primarily focused on 
obtaining copies of Windows Server and Exchange 2007 (or 2010), but it would be 
nice to have access to most of the software. For what I want, it looks like the 
Visual Studio Professional with MSDN Premium is required.

My question to you all is do you feel it would be worth  the $2500 initial 
purchase and $1999 annual renewal? I see it as an investment in my education 
and I know it could be a write off, but that's a lot of money for me to part 
with. Are there other avenues available for obtaining legitimate copies of 
Windows products for home based test labs that might be cheaper?

- Sean





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

MSDN - To buy, or not to buy?

[Sean Martin]

I've been toying with the idea of purchasing an MSDN subscription. My goal
is to setup a lab environment for testing, training, etc. I'm primarily
focused on obtaining copies of Windows Server and Exchange 2007 (or 2010),
but it would be nice to have access to most of the software. For what I
want, it looks like the Visual Studio Professional with MSDN Premium is
required.

My question to you all is do you feel it would be worth  the $2500 initial
purchase and $1999 annual renewal? I see it as an investment in my education
and I know it could be a write off, but that's a lot of money for me to part
with. Are there other avenues available for obtaining legitimate copies of
Windows products for home based test labs that might be cheaper?

- Sean

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: 64bit Print Server

[Webb, Brian (Corp)]

We just lost one and are down to 5 plus a supervisor.  We have other
admin type people though who handle application software, Exchange, AV,
etc.  We are responsible for the hardware, OS, AD, Group Policy, some
other infrastructure, VMWare, and other stuff "as assigned".  We have a
total of between 600 and 700 Windows servers depending on how many of
the test/dev systems you count.  Plenty to do most of the time...


-Brian


-Original Message-
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] 
Sent: Wednesday, April 15, 2009 10:23 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

130? How mamny admins in your org?


From: Webb, Brian (Corp) [brian.w...@teldta.com]
Sent: Wednesday, April 15, 2009 9:11 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

You're welcome - now, if I can just figure out a way to automate adding
the 64-bit drivers to all the printers on all 130+ 32-bit print servers
in our environment I'll be in good shape...


-Brian


-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com]
Sent: Wednesday, April 15, 2009 9:40 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

When I connected to the printer it didn't complain about the x64 driver
(and yes, I'm on 32bit WinXP) but your suggestion about going to File >
Server Properties > Drivers did allow me to add the 32bit driver from
there and now it shows up in Print Management too.  Awesome!  Thanks for
your help.

 - Andy O.

>-Original Message-
>From: Webb, Brian (Corp) [mailto:brian.w...@teldta.com]
>Sent: Wednesday, April 15, 2009 7:59 AM
>To: NT System Admin Issues
>Subject: RE: 64bit Print Server
>
>
>I've been doing something similar recently and it is a pain.  The trick

>is to install the print driver on the server from a client.  You don't 
>need the print management snap-in. You have to do is connect to the 
>printer from a 32-bit client - when it complains that the server 
>doesn't have a driver for you, tell it you will find a driver and then 
>install the driver from your driver.cab.  Once you do that, you should 
>be able to add the driver from the client by browsing to 
>\\server\printers and opening the Server Properties from the File menu.

>Go to the Drivers tab and Add the x86 driver.
>
>Hopefully that is close enough that you can figure it out...
>
>-Brian


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~ ~
Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: 64bit Print Server

[Joseph L. Casale]

130? How mamny admins in your org?


From: Webb, Brian (Corp) [brian.w...@teldta.com]
Sent: Wednesday, April 15, 2009 9:11 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

You're welcome - now, if I can just figure out a way to automate adding
the 64-bit drivers to all the printers on all 130+ 32-bit print servers
in our environment I'll be in good shape...


-Brian


-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com]
Sent: Wednesday, April 15, 2009 9:40 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

When I connected to the printer it didn't complain about the x64 driver
(and yes, I'm on 32bit WinXP) but your suggestion about going to File >
Server Properties > Drivers did allow me to add the 32bit driver from
there and now it shows up in Print Management too.  Awesome!  Thanks for
your help.

 - Andy O.

>-Original Message-
>From: Webb, Brian (Corp) [mailto:brian.w...@teldta.com]
>Sent: Wednesday, April 15, 2009 7:59 AM
>To: NT System Admin Issues
>Subject: RE: 64bit Print Server
>
>
>I've been doing something similar recently and it is a pain.  The trick

>is to install the print driver on the server from a client.  You don't
>need the print management snap-in. You have to do is connect to the
>printer from a 32-bit client - when it complains that the server
>doesn't have a driver for you, tell it you will find a driver and then
>install the driver from your driver.cab.  Once you do that, you should
>be able to add the driver from the client by browsing to
>\\server\printers and opening the Server Properties from the File menu.

>Go to the Drivers tab and Add the x86 driver.
>
>Hopefully that is close enough that you can figure it out...
>
>-Brian


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[Webb, Brian (Corp)]

Add the Advanced Features option form the View menu in ADUC and look at
the extra tab.  It has something about the last time the computer
password was reset.  Or, just use oldcmp from joeware.
 
-Brian

 



From: cs [mailto:chr...@gmail.com] 
Sent: Wednesday, April 15, 2009 9:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?


Is there a way to tell when a PC last communicated with AD using native
tools? I was always under the impression the modified field on the
Properties tab could be used to determine this information???


 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: When did a PC last communicate with AD?

[David Lum]

OLDCMP.EXE (joeware.net) can give you that info. Modified in ADUC will tell you 
when the last action was taken on that object - change the description or OU 
location and that modified stamp changes. OLDCMP.EXE will tell you the last 
time a PC talked to AD or reset it's machine password, etc.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764
From: cs [mailto:chr...@gmail.com]
Sent: Wednesday, April 15, 2009 7:42 AM
To: NT System Admin Issues
Subject: When did a PC last communicate with AD?

Is there a way to tell when a PC last communicated with AD using native tools? 
I was always under the impression the modified field on the Properties tab 
could be used to determine this information???





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: 64bit Print Server

[Webb, Brian (Corp)]

You're welcome - now, if I can just figure out a way to automate adding
the 64-bit drivers to all the printers on all 130+ 32-bit print servers
in our environment I'll be in good shape...


-Brian


-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Wednesday, April 15, 2009 9:40 AM
To: NT System Admin Issues
Subject: RE: 64bit Print Server

When I connected to the printer it didn't complain about the x64 driver
(and yes, I'm on 32bit WinXP) but your suggestion about going to File >
Server Properties > Drivers did allow me to add the 32bit driver from
there and now it shows up in Print Management too.  Awesome!  Thanks for
your help.

 - Andy O.

>-Original Message-
>From: Webb, Brian (Corp) [mailto:brian.w...@teldta.com]
>Sent: Wednesday, April 15, 2009 7:59 AM
>To: NT System Admin Issues
>Subject: RE: 64bit Print Server
>
>
>I've been doing something similar recently and it is a pain.  The trick

>is to install the print driver on the server from a client.  You don't 
>need the print management snap-in. You have to do is connect to the 
>printer from a 32-bit client - when it complains that the server 
>doesn't have a driver for you, tell it you will find a driver and then 
>install the driver from your driver.cab.  Once you do that, you should 
>be able to add the driver from the client by browsing to 
>\\server\printers and opening the Server Properties from the File menu.

>Go to the Drivers tab and Add the x86 driver.
>
>Hopefully that is close enough that you can figure it out...
>
>-Brian


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: iSCSI and Initialize Disk issues

[S Conn.]

On Tue, Apr 14, 2009 at 4:56 PM, Joseph L. Casale
 wrote:

>>I could try that, but I have two other windows 2003 servers connected
>>to the SAN right now and are using it fine.
>
> Could be an issue with just those luns?
>

I remasked the LUNs to show for an existing (and working) server.  The
server sees the disk but has the same issue as the other two; can't
initialize it.  It's still using its existing drive just fine.  It's
starting to look a lot like an IBM issue at this point.  I deleted the
LUN, recreated it, added it directly to the "working" server, still
same error.

>>I'm doing that now.  Both servers are running MS Initiator over a
>>regular NIC.  One of the servers has a Qlogic Fiber HBA in it to
>>connect to a Fiber Channel SAN, but is trying to do all iSCSI vial MS
>>Initiator.
>
> I got nothing man :( If it were me, I would still wanna know if the
> san was to blame or the servers...
>
> What NIC and what driver out of curiosity?
>
> jlc

All my NICs are Broadcom, but I'm not sure that's the issue.  I'm
working with IBM support now, I'll post back the fix when I get it.

Thanks Joseph.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Noise reducing server racks

[Sean Martin]

Oops, wrong thread!

- Sean

On Tue, Apr 14, 2009 at 6:46 PM, Sean Martin  wrote:

> So after all that BS, it was apparently some combination of removing the
> cmos battery and resetting the bios back to default. It then allowed me to
> change the integrated controller option from ata to raid, and actually
> retain the setting.
>
> Thanks to everyone for the assistance.
>
> P.S. I have a backup running right now.
>
> Sent from my iPhone
>
>
> On Apr 14, 2009, at 5:59 PM, Ben Scott  wrote:
>
> On Tue, Apr 14, 2009 at 9:52 PM, Mark Boersma 
>> wrote:
>>
>>> Trying to determine if it’s worth almost $5000 though vs. $2800 for the
>>> Xrackpro.
>>>
>>
>> Wow.  For $5000, you might be able to just get a new room/partition
>> built.  No joke.
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: eFax

[Jeremy Phillips]

Intermedia fax to e-mail. Don't remember the cost but they do a good job.

Thanks,

Jeremy Phillips
Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | D: 425-949-1337 | 
BB PIN: 318A6889


From: Vue, Za [mailto:z...@emory.edu]
Sent: Wednesday, April 15, 2009 6:40 AM
To: NT System Admin Issues
Subject: eFax


Anyone here uses some type of e-fax for your fax solution? What company and the 
costs are?

-Z.V.


This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

When did a PC last communicate with AD?

[cs]

Is there a way to tell when a PC last communicated with AD using native
tools? I was always under the impression the modified field on the
Properties tab could be used to determine this information???

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: 64bit Print Server

[Andy Ognenoff]

When I connected to the printer it didn't complain about the x64 driver (and
yes, I'm on 32bit WinXP) but your suggestion about going to File > Server
Properties > Drivers did allow me to add the 32bit driver from there and now
it shows up in Print Management too.  Awesome!  Thanks for your help.

 - Andy O.

>-Original Message-
>From: Webb, Brian (Corp) [mailto:brian.w...@teldta.com]
>Sent: Wednesday, April 15, 2009 7:59 AM
>To: NT System Admin Issues
>Subject: RE: 64bit Print Server
>
>
>I've been doing something similar recently and it is a pain.  The trick
>is to install the print driver on the server from a client.  You don't
>need the print management snap-in. You have to do is connect to the
>printer from a 32-bit client - when it complains that the server doesn't
>have a driver for you, tell it you will find a driver and then install
>the driver from your driver.cab.  Once you do that, you should be able
>to add the driver from the client by browsing to \\server\printers and
>opening the Server Properties from the File menu.  Go to the Drivers tab
>and Add the x86 driver.
>
>Hopefully that is close enough that you can figure it out...
>
>-Brian


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: eFax

[John Aldrich]

We have a couple fax modems built into our AS/400 and send invoices and
order confirmations from there for the most part. We also have a fax board
in one of our copiers and the client is installed on the workstations.

 

John-AldrichTile-Tools

 

From: Vue, Za [mailto:z...@emory.edu] 
Sent: Wednesday, April 15, 2009 9:40 AM
To: NT System Admin Issues
Subject: eFax

 

 

Anyone here uses some type of e-fax for your fax solution? What company and
the costs are?

 

-Z.V.

 

  _  

This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.11.57/2060 - Release Date: 04/15/09
06:34:00


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

re: eFax

[Dennis Melahn]

I still have an old 33.6 modem on my Server 2003 print server with MS fax 
driver installed.  Does everything we need.  Even the accounting software uses 
it to send invoices to customers and vendors who still refuse to give up that 
technology. 

-Dennis


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Too to find what .exe has a port open

[Steven M. Caesare]

One of the pstools from  sysinternals can do this.


-sc

-Original Message-
From: c.e. gene connor 
Sent: Tuesday, April 14, 2009 11:40 AM
To: NT System Admin Issues 
Subject: RE: Too to find what .exe has a port open

I have tools that tell me WHAT port is open, but nothing to tell me what app 
has the port open. What do you guys use?

 

This may be a wrong answer to your question ? But, when I use a “”stand alone 
network system”” to download,read or surf to bad and known unsafe websites etc. 
I always have a program called active ports running in the background and watch 
what ports,programs files are either opened or started after I go to any of the 
evil sites.

 

Google = Active Ports 1.2 Free

 

 Gene C.

In Memory of my little brother
http://genec-lori.com/

PackRat GarageSale
http://genec-lori.biz/

Genes-Computers Inc.
Yulee ,Fl
Established 1981, Microsoft OEM Registered member, system builder & Active
registered Microsoft Partner
Active Charter Partner of The Association of System Builders and Integrators
If you think you're beaten, Then you are!
If you give up the fight, Accept it !!



From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, April 14, 2009 8:02 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open

 

I would use Nmap to do your scanning, and then use Process Explorer from 
sysinternals to find out which .exe has the port open. 

 

BTW: GO PENN STATE NIT Champs: 

 

BSME PENN STATE 1996..

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: andy [mailto:afo...@psu.edu] 
Sent: Friday, April 10, 2009 8:47 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open

 

I recently scanned some of my computers with a languard beta scanner that I 
have been using for years.  And then scanned some computers on my subnet and 
then on other subnets.  They all showed ports 25 and 110 open.  Since I never 
got false results from my languard beta in years, I immediately suspected that 
all of these computers were infected with some type of spam bot.  I picked out 
one machine and installed every type of free port monitor on it that I could 
find.  All results showed that that the ports 25 and 110 are not open.  I think 
our firewall guys, they just started installing and learning about firewalls, 
have it setup so that the firewall intercepts any telnet session to 25 or 110 
and gives it a window.  Is this possible?

 I have not tried moving my languard beta scanner outside the firewall to test 
the ports.

On another note, a few years ago, I used the languard scanner to look for a 
trojan that was infecting computers and found a port open on a linux machine 
that corresponded to the port the trojan was infecting.  Come to find out, the 
linux machine was using some type of proprietary software that used the same 
port as the trojan.  We said, eh ok, you are clean, you can get back on the 
network. 


At 02:47 PM 4/9/2009, Derek Lidbom wrote:

Are they UDP ports?
 
Does it say immediately after it checks them that they are closed again?
 
My guess would be Languard see the port number and immediately associates with 
Trojan, without checking to see if it is udp or tcp.
 
 
 
From: David Lum [ mailto:david@nwea.org  ] 
Sent: Thursday, April 09, 2009 2:42 PM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open
 
NETSTAT…I shoulda known
 
Netstat –ano shows nothing in that range.
 
Hey, if you have TCPView running when you also run a Nessus scan on same 
system…now that’s funny right there…
 
Nessus shows nothing, TCPView shows nothing, NETSTAT shows nothing…only 
Languard shows something at those ports…
 
Dave
 
From: Michael B. Smith [ mailto:mich...@owa.smithcons.com 
 ] 
Sent: Thursday, April 09, 2009 11:23 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open
 
KISS
 
"netstat -ano". The "o" gives you the process owning the port, which you can 
use TaskList or Task Manager to find.
 
If it isn't in the list - you've been pwned. (probably)
 



From: David Lum [david@nwea.org]
Sent: Thursday, April 09, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open
Perfect thanks!
 
Now I have something, or not…GFI Languard scanned a machine that says I have 
two KiLo ports open (,6667). TCPView shows nothing in that range….comments?
 
Dave
 
From: Jake Gardner [ mailto:jgard...@ttcdas.com  ] 
Sent: Thursday, April 09, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open
 
TCPView from SysInternals
 
Thanks,
 
Jake Gardner
TTC Network Administrator
Ext. 246
 
 



From: 

re: eFax

[Dennis Melahn]

http://www.faxcompare.com/


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Sterling, etc...

[Bill Lambert]

Thought this would be interesting to those that watched the Forefront
thread last week...

 

http://redmondmag.com/news/article.asp?EditorialsID=10754

 

 

Bill Lambert

Windows System Administrator

Concuity

A healthcare division of Trintech, Inc.  

Phone  847-941-9206

Fax  847-465-9147

 

NASDAQ: TTPA

The information contained in this e-mail message, including any attached
files, is intended only for the personal and confidential use of the
recipient(s) named above. If you are not the intended recipient (or
authorized to receive information for the recipient) you are hereby
notified that you have received this communication in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please contact the sender by reply email and delete all copies of this
message.  Thank you.

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: 64bit Print Server

[Webb, Brian (Corp)]

 
I've been doing something similar recently and it is a pain.  The trick
is to install the print driver on the server from a client.  You don't
need the print management snap-in. You have to do is connect to the
printer from a 32-bit client - when it complains that the server doesn't
have a driver for you, tell it you will find a driver and then install
the driver from your driver.cab.  Once you do that, you should be able
to add the driver from the client by browsing to \\server\printers and
opening the Server Properties from the File menu.  Go to the Drivers tab
and Add the x86 driver.

Hopefully that is close enough that you can figure it out...

-Brian


-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Tuesday, April 14, 2009 3:58 PM
To: NT System Admin Issues
Subject: 64bit Print Server

I'm sure this is a no brainer for most but I'm new to Windows print
management (finally migrating from Netware 6 - woohoo!)

I have a new Windows 2003 R2 64bit print server and I'm trying to add
32bit drivers for a generic text only printer (dot matrix) using the
built in Windows drivers.  It works fine to add the 64bit version since
that's what is on the print server but the 32bit ones need a location of
the driver files, as expected.

Understanding that I probably need to load those from a 32bit machine, I
installed the print management snap-in on my WinXP box and I can connect
to the print server and see all the printers, ports and installed
drivers but I don't get the options for adding new drivers.  I logged in
as a domain admin and still nothing.  Is there a setting I need to
configure to allow full remote printer administration or what am I
missing?

TIA,

 - Andy O.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

eFax

[Vue, Za]

Anyone here uses some type of e-fax for your fax solution? What company and the 
costs are?

-Z.V.


This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New machine OU placement

[David Lum]

Would it help if you change the default OU systems and users are placed in when 
added to the domain?
http://support.microsoft.com/kb/324949

Alternately you could schedule an OLDCMP.EXE job daily and work with that data.

Dave

From: Greg Mulholland [mailto:g...@krystaltek.com]
Sent: Wednesday, April 15, 2009 4:19 AM
To: NT System Admin Issues
Subject: New machine OU placement

Hi Guys

we have an issue where users are creating multiple vm's every day and joining 
them to the network and we end up with a number of machine accounts dumped in 
the default computers container. I would dearly like something that would 
report the machines in that container at the end of the day and possibly the 
user that created it, site it was created in or some such so we could pick them 
up and move them into the right OU.

Before i sit down to script something out has anyone had an experience in this 
respect and could recommend a solution.

Thanks

Greg





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Free Solarwinds Lansurveyor Express for Visio 2007

[Jon Harris]

I have noticed it did not identify my 3Com NBX phone system, but did find
it, and missed all the telephones.  It also found but did not identify some
of our APC UPSs.  It also found all the web servers and labeled them, so it
is a bit of a mixed bag for me.  Over all it seems to be pretty good.

Jon

On Wed, Apr 15, 2009 at 8:51 AM, Roger Wright  wrote:

>  I haven’t received the download link yet but the demo was impressive.
>
>
>
>
>
>
>
> Roger Wright
>
> Network Administrator
>
> Evatone, Inc.
>
> 727.572.7076  x388
>
> _
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Wednesday, April 15, 2009 5:44 AM
> *To:* NT System Admin Issues
> *Subject:* Re: Free Solarwinds Lansurveyor Express for Visio 2007
>
>
>
> Have you tried it?
>
>
>
> Jon
>
> On Tue, Apr 14, 2009 at 10:20 PM, Roger Wright 
> wrote:
>
> Looks like a handy freebie:
>
>
>
>
> http://www.solarwinds.com/register/registrationform.aspx?Program=583&c=7015000ELCT&CMP=BIZ-EML-MSFT-LSE-DL
>
>
>
>
>
> Roger Wright
>
> Network Administrator
>
> Evatone, Inc.
>
> 727.572.7076  x388
>
>
>
> [image: ET E-mail Signature Logo]
>
> _
>
>
>
>
>
> "I wish people who have trouble communicating would just shut up." - Tom
> Lehrer
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: Noise reducing server racks

[Mark Boersma]

That does factor in to the equation.  That's why I had no resistance
when I ran it up the chain for approval.

Mark
-
Two rules to success in life:
1. Never tell people everything you know.



-Original Message-
From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Wednesday, April 15, 2009 8:40 AM
To: NT System Admin Issues
Subject: RE: Noise reducing server racks

I'd ask yourself... what is my hearing worth?
 

-Original Message-
From: Mark Boersma [mailto:ma...@triangle-inc.com] 
Sent: Tuesday, April 14, 2009 10:07 PM
To: NT System Admin Issues
Subject: RE: Noise reducing server racks

Thought about that but you can't just whip up some drywall walls and a
hollow core door and think that you won't hear the machines.  I've got a
big enough office that I could segment off a small room for the
equipment but the cost involved with soundproofing, power, and A/C would
make it more hassle than it is worth.

Mark
-
Two rules to success in life:
1. Never tell people everything you know.


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Tuesday, April 14, 2009 10:00 PM
To: NT System Admin Issues
Subject: Re: Noise reducing server racks

On Tue, Apr 14, 2009 at 9:52 PM, Mark Boersma 
wrote:
> Trying to determine if it's worth almost $5000 though vs. $2800 for
the Xrackpro.

  Wow.  For $5000, you might be able to just get a new room/partition
built.  No joke.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~



Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is for the sole use of the intended recipients(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for 
the sole use of the intended recipients(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Free Solarwinds Lansurveyor Express for Visio 2007

[Roger Wright]

I haven't received the download link yet but the demo was impressive.

 

   

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

_  

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Wednesday, April 15, 2009 5:44 AM
To: NT System Admin Issues
Subject: Re: Free Solarwinds Lansurveyor Express for Visio 2007

 

Have you tried it?

 

Jon

On Tue, Apr 14, 2009 at 10:20 PM, Roger Wright 
wrote:

Looks like a handy freebie:

 

http://www.solarwinds.com/register/registrationform.aspx?Program=583&c=7
015000ELCT&CMP=BIZ-EML-MSFT-LSE-DL

 

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

  

 

_

 

 

"I wish people who have trouble communicating would just shut up." - Tom
Lehrer 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: Noise reducing server racks

[David Mazzaccaro]

I'd ask yourself... what is my hearing worth?
 

-Original Message-
From: Mark Boersma [mailto:ma...@triangle-inc.com] 
Sent: Tuesday, April 14, 2009 10:07 PM
To: NT System Admin Issues
Subject: RE: Noise reducing server racks

Thought about that but you can't just whip up some drywall walls and a
hollow core door and think that you won't hear the machines.  I've got a
big enough office that I could segment off a small room for the
equipment but the cost involved with soundproofing, power, and A/C would
make it more hassle than it is worth.

Mark
-
Two rules to success in life:
1. Never tell people everything you know.


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Tuesday, April 14, 2009 10:00 PM
To: NT System Admin Issues
Subject: Re: Noise reducing server racks

On Tue, Apr 14, 2009 at 9:52 PM, Mark Boersma 
wrote:
> Trying to determine if it's worth almost $5000 though vs. $2800 for
the Xrackpro.

  Wow.  For $5000, you might be able to just get a new room/partition
built.  No joke.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~



Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is for the sole use of the intended recipients(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Noise reducing server racks

[David Mazzaccaro]

 

-Original Message-
From: Mark Boersma [mailto:ma...@triangle-inc.com] 
Sent: Tuesday, April 14, 2009 10:07 PM
To: NT System Admin Issues
Subject: RE: Noise reducing server racks

Thought about that but you can't just whip up some drywall walls and a
hollow core door and think that you won't hear the machines.  I've got a
big enough office that I could segment off a small room for the
equipment but the cost involved with soundproofing, power, and A/C would
make it more hassle than it is worth.

Mark
-
Two rules to success in life:
1. Never tell people everything you know.


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Tuesday, April 14, 2009 10:00 PM
To: NT System Admin Issues
Subject: Re: Noise reducing server racks

On Tue, Apr 14, 2009 at 9:52 PM, Mark Boersma 
wrote:
> Trying to determine if it's worth almost $5000 though vs. $2800 for
the Xrackpro.

  Wow.  For $5000, you might be able to just get a new room/partition
built.  No joke.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~



Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is for the sole use of the intended recipients(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New machine OU placement

[Greg Mulholland]

I can but i dont want to do this globally and i do mean globally and i would 
still need to now where they are supposed to go if we were to move them 
manually. I guess i could force them to use the netdom command to place the 
machine in the OU of their particular section. Thanks for the info, i had 
thought of using this tool, i guess i just need to find a way to do it whatever 
fits best

Greg

From: James Rankin [kz2...@googlemail.com]
Sent: Wednesday, 15 April 2009 9:25 PM
To: NT System Admin Issues
Subject: Re: New machine OU placement

Can't you redirect them with redircmp? If you are creating VMs, you can script 
this to run after the machine is created

2009/4/15 Greg Mulholland mailto:g...@krystaltek.com>>
Hi Guys

we have an issue where users are creating multiple vm's every day and joining 
them to the network and we end up with a number of machine accounts dumped in 
the default computers container. I would dearly like something that would 
report the machines in that container at the end of the day and possibly the 
user that created it, site it was created in or some such so we could pick them 
up and move them into the right OU.

Before i sit down to script something out has anyone had an experience in this 
respect and could recommend a solution.

Thanks

Greg










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Noise reducing server racks

[Rob Bonfiglio]

Lift with your knees?

>> I’m tossing around a server rack..Have I missed any that I should
consider?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Free Solarwinds Lansurveyor Express for Visio 2007

[Jon Harris]

It is nice BTW, did a good job on my network.  I am still looking at the
results though.

Jon

On Wed, Apr 15, 2009 at 5:43 AM, Jon Harris  wrote:

>  Have you tried it?
>
> Jon
>
>  On Tue, Apr 14, 2009 at 10:20 PM, Roger Wright wrote:
>
>>  Looks like a handy freebie:
>>
>>
>>
>>
>> http://www.solarwinds.com/register/registrationform.aspx?Program=583&c=7015000ELCT&CMP=BIZ-EML-MSFT-LSE-DL
>>
>>
>>
>>
>>
>> Roger Wright
>>
>> Network Administrator
>>
>> Evatone, Inc.
>>
>> 727.572.7076  x388
>>
>>
>>
>> [image: ET E-mail Signature Logo]
>>
>> _
>>
>>
>>
>>
>> "I wish people who have trouble communicating would just shut up." - Tom
>> Lehrer
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

Re: New machine OU placement

[James Rankin]

Can't you redirect them with redircmp? If you are creating VMs, you can
script this to run after the machine is created

2009/4/15 Greg Mulholland 

>  Hi Guys
>
> we have an issue where users are creating multiple vm's every day and
> joining them to the network and we end up with a number of machine accounts
> dumped in the default computers container. I would dearly like something
> that would report the machines in that container at the end of the day and
> possibly the user that created it, site it was created in or some such so we
> could pick them up and move them into the right OU.
>
> Before i sit down to script something out has anyone had an experience in
> this respect and could recommend a solution.
>
> Thanks
>
> Greg
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

New machine OU placement

[Greg Mulholland]

Hi Guys

we have an issue where users are creating multiple vm's every day and joining 
them to the network and we end up with a number of machine accounts dumped in 
the default computers container. I would dearly like something that would 
report the machines in that container at the end of the day and possibly the 
user that created it, site it was created in or some such so we could pick them 
up and move them into the right OU.

Before i sit down to script something out has anyone had an experience in this 
respect and could recommend a solution.

Thanks

Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Free Solarwinds Lansurveyor Express for Visio 2007

[Jon Harris]

Have you tried it?

Jon

On Tue, Apr 14, 2009 at 10:20 PM, Roger Wright  wrote:

>  Looks like a handy freebie:
>
>
>
>
> http://www.solarwinds.com/register/registrationform.aspx?Program=583&c=7015000ELCT&CMP=BIZ-EML-MSFT-LSE-DL
>
>
>
>
>
> Roger Wright
>
> Network Administrator
>
> Evatone, Inc.
>
> 727.572.7076  x388
>
>
>
> [image: ET E-mail Signature Logo]
>
> _
>
>
>
>
> "I wish people who have trouble communicating would just shut up." - Tom
> Lehrer
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>