script to add auditing

[Christopher Bodnar]

Anyone care to share a script they may have? I need to audit some folders
on file servers. Trying to add a group to the list on the auditing tab of
the folder. 

 

If someone has something I'd appreciate it.

 

Thanks

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

 




-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Ziots, Edward]

Subinacl.exe will add the auditing. 

 

Subinacl /verbose /subdirectories=directoriesonly /sgrant=domain\name
permissions (look in the subinacl help file for permissions)
path_to_directory

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Monday, April 27, 2009 9:02 AM
To: NT System Admin Issues
Subject: script to add auditing

 

Anyone care to share a script they may have? I need to audit some
folders on file servers. Trying to add a group to the list on the
auditing tab of the folder. 

 

If someone has something I'd appreciate it.

 

Thanks

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

 

 

 



This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, you
are notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have
received this message in error, please notify the sender immediately by
return e-mail and delete the message and any attachments. Thank you. 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: What is Vmware thinking?

[Travis Robinson]

It does seem that VMware is incorporating a lot of these things with releases. 
I do know there are a couple svmotion plugins for the GUI. It definitely makes 
it a lot nicer. We've used this one from Andrew Kutz for a good 6 or 7 months 
and have had no issues with it.

http://sourceforge.net/projects/vip-svmotion/



-Original Message-
From: Greg Mulholland [mailto:g...@krystaltek.com] 
Sent: Friday, April 24, 2009 4:50 PM
To: NT System Admin Issues
Subject: RE: What is Vmware thinking?

Yeah.. snaphunter or even better powershell works a treat!. Svmotion would have 
been cool in the gui but you can do that with powershell as well!

-Original Message-
From: Steven Peck [mailto:sep...@gmail.com]
Sent: Saturday, 25 April 2009 6:43 AM
To: NT System Admin Issues
Subject: Re: What is Vmware thinking?

There was a mandated separation of companies between VMware and EMC
during the merger.  Non-compete, etc.  I believe this was in one of
the announcements at the time.

Well, vKernals looks interesting, I shall have to go look at it.
I currently use a PowerShell script to find snapshots.  If you are not
experimenting with PowerShell and you are managing ESX/Virtual Center,
you are seriously missing out.


Connect-VIServer -server  -protocol https;
$snap = Get-VM | Get-Snapshot
$snap | select VM, Created, Name, Description


Steven Peck

On Fri, Apr 24, 2009 at 8:35 AM, Travis Robinson
 wrote:
> I've been using vKernels SearchMyVM
> (http://www.vkernel.com/products/SearchMyVM/) for finding things like this.
> It has a host of queries and it's FREE. It'll report on VMs with snapshots,
> free space on... etc.
>
> They're also very good with feedback. I suggested a query that will show
> which VMs have moved due to user interactin or DRS and they put it in the
> release that came out about 2 weeks later.
>
>
>
>
>
> From: Ziots, Edward [mailto:ezi...@lifespan.org]
> Sent: Thursday, April 23, 2009 5:33 AM
> To: NT System Admin Issues
> Subject: RE: What is Vmware thinking?
>
>
>
> Yeah I just want a simple thing in the giu where I can search on machines
> with snapshots, or have them marked with a flag if they di have a snap-shot
> because finding the snaps isn't intuitive right now.
>
>
>
> Also S-Motion via GUI could be nice, and a way to backup the entire ESX host
> via Legato would be nice too, since EMC owns them, I would have already
> figured they gotten this hashed out... Naaa, that be too simple...
>
>
>
> Z
>
>
>
> Edward Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
>
> ezi...@lifespan.org
>
> Phone:401-639-3505
>
> 
>
> From: RM [mailto:r...@richardmay.net]
> Sent: Tuesday, April 21, 2009 4:21 PM
> To: NT System Admin Issues
> Subject: Re: What is Vmware thinking?
>
>
>
> I just want thin provisioned VMDK's via vCenter, S-VMotion via vCenter, and
> the fault tolerance active/passive VM hot spare thingy.   :-)
>
>
>
> I'll let Wall Street and Main Street hash out the product strategy.
>
>
>
> RM
>
>
>
>
>
>
>
> On Tue, 21 Apr 2009 16:10 -0400, "Ziots, Edward" 
> wrote:
>
>
>
> http://www.vmware.com/products/vsphere/
>
>
>
> As an Avid Fan of Vmware and big user of the technology, it seems they are
> going the market, and mass confusion route to though something that is no
> further along than Vaporware. Eight different offers for ESX? Are they
> taking a licensing tip from M$ trying to generate more revenue under the
> guise of Cloud computing?
>
>
>
> Does anyone in the ESX server space see this in a different light than I am
> seeing it as first read?
>
>
>
> Z
>
>
>
>
>
> Edward Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
>
> ezi...@lifespan.org
>
> Phone:401-639-3505
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Christopher Bodnar]

Great, thank you.

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

  _  

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, April 27, 2009 9:10 AM
To: NT System Admin Issues
Subject: RE: script to add auditing

 

Subinacl.exe will add the auditing. 

 

Subinacl /verbose /subdirectories=directoriesonly /sgrant=domain\name
permissions (look in the subinacl help file for permissions)
path_to_directory

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505

  _  

From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Monday, April 27, 2009 9:02 AM
To: NT System Admin Issues
Subject: script to add auditing

 

Anyone care to share a script they may have? I need to audit some folders
on file servers. Trying to add a group to the list on the auditing tab of
the folder. 

 

If someone has something I'd appreciate it.

 

Thanks

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

 

 

 

 

 


  _  

This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable law.
If the reader of this message is not the intended recipient, you are
notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have received
this message in error, please notify the sender immediately by return
e-mail and delete the message and any attachments. Thank you. 




-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Dell PE2950 - SBS 2003

[Stefan Jafs]

I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
"Installation and Se4rver Management" CD, however SBS is not part of any of the 
selectable OS'es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Richard Stovall]

You don't really need to use that CD.  It's a convenience.  Just get the
drivers for the perc controller and you should be good.  Once you've
installed the OS you can then download the OpenManage bits and install
them manually.

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 10:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

 

I have an old PE 2950 that I want to install SBS on, I downloaded  the
latest "Installation and Se4rver Management" CD, however SBS is not part
of any of the selectable OS'es.

Can an not use the Dell Startup disk?

 

Any ideas?

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Amico Corpoartion company. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, the company cannot accept responsibility for any loss or damage
that arise from the use of this email or attachments.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[gsweers]

It makes it very simple and all the drivers are included.  I would check
that version you have, older versions did not include SBS, but any of
the latest versions include it as an option.  You can download an ISO
from the website.

 

From: Richard Stovall [mailto:richard.stov...@researchdata.com] 
Sent: Monday, April 27, 2009 11:08 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

You don't really need to use that CD.  It's a convenience.  Just get the
drivers for the perc controller and you should be good.  Once you've
installed the OS you can then download the OpenManage bits and install
them manually.

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 10:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

 

I have an old PE 2950 that I want to install SBS on, I downloaded  the
latest "Installation and Se4rver Management" CD, however SBS is not part
of any of the selectable OS'es.

Can an not use the Dell Startup disk?

 

Any ideas?

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Amico Corpoartion company. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, the company cannot accept responsibility for any loss or damage
that arise from the use of this email or attachments.

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Michael Ross]

Just choose server 2003

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

 

I have an old PE 2950 that I want to install SBS on, I downloaded  the
latest "Installation and Se4rver Management" CD, however SBS is not part of
any of the selectable OS'es.

Can an not use the Dell Startup disk?

 

Any ideas?

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
Amico Corpoartion company. Warning: Although precautions have been taken to
make sure no viruses are present in this email, the company cannot accept
responsibility for any loss or damage that arise from the use of this email
or attachments.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[David W. McSpadden]

Ben I got a usage error for /DCOPY:T ??
I am using robocopy from the Resource Kit??

- Original Message - 
From: "Ben Scott" 

To: "NT System Admin Issues" 
Sent: Thursday, April 23, 2009 2:24 PM
Subject: Re: Replacing Win2k3 DC


On Thu, Apr 23, 2009 at 8:21 AM, David W. McSpadden  wrote:

I can copy from one to the other but how do I keep the permissions in
place??
I will use xcopy \\olddc\users\*.* \\newdc\users\*.* /secvoyhkdr


 Don't use XCOPY, use ROBOCOPY.

ROBOCOPY \\olddc\users \\newdc\users /E /COPYALL /DCOPY:T

/E = everything (subdirs, files, empty subdirs, etc.)
/COPYALL = dates, attributes, permissions, auditing, etc.
/DCOPY:T = directory timestamps

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Data De-duplication tolls

[vbs]

Are there any free report tools to simply identify duplicate data on our
network?


-- 
Thanks
Dave Vantine

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[David W. McSpadden]

I don't see /DCOPY in the /? from command line.  
Is DCOPY in Vista but not Win2k3??
  - Original Message - 
  From: Micheal Espinola Jr 
  To: NT System Admin Issues 
  Sent: Monday, April 27, 2009 12:00 PM
  Subject: Re: Replacing Win2k3 DC


  ROBOCOPY.EXE /?, and check what is wrong with the syntax.  Its pretty easy to 
figure out.

  --
  ME2



  On Mon, Apr 27, 2009 at 11:56 AM, David W. McSpadden  wrote:

Ben I got a usage error for /DCOPY:T ??
I am using robocopy from the Resource Kit??

- Original Message - From: "Ben Scott" 
To: "NT System Admin Issues" 
Sent: Thursday, April 23, 2009 2:24 PM

Subject: Re: Replacing Win2k3 DC



On Thu, Apr 23, 2009 at 8:21 AM, David W. McSpadden  wrote:

  I can copy from one to the other but how do I keep the permissions in
  place??
  I will use xcopy \\olddc\users\*.* \\newdc\users\*.* /secvoyhkdr


 Don't use XCOPY, use ROBOCOPY.

ROBOCOPY \\olddc\users \\newdc\users /E /COPYALL /DCOPY:T

/E = everything (subdirs, files, empty subdirs, etc.)
/COPYALL = dates, attributes, permissions, auditing, etc.
/DCOPY:T = directory timestamps

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[Micheal Espinola Jr]

its a typo.

--
ME2


On Mon, Apr 27, 2009 at 12:12 PM, David W. McSpadden wrote:

>  I don't see /DCOPY in the /? from command line.
> Is DCOPY in Vista but not Win2k3??
>
> - Original Message -
> *From:* Micheal Espinola Jr 
> *To:* NT System Admin Issues 
> *Sent:* Monday, April 27, 2009 12:00 PM
> *Subject:* Re: Replacing Win2k3 DC
>
> ROBOCOPY.EXE /?, and check what is wrong with the syntax.  Its pretty easy
> to figure out.
>
> --
> ME2
>
>
> On Mon, Apr 27, 2009 at 11:56 AM, David W. McSpadden wrote:
>
>> Ben I got a usage error for /DCOPY:T ??
>> I am using robocopy from the Resource Kit??
>>
>> - Original Message - From: "Ben Scott" 
>> To: "NT System Admin Issues" 
>> Sent: Thursday, April 23, 2009 2:24 PM
>> Subject: Re: Replacing Win2k3 DC
>>
>>
>>  On Thu, Apr 23, 2009 at 8:21 AM, David W. McSpadden 
>> wrote:
>>
>>> I can copy from one to the other but how do I keep the permissions in
>>> place??
>>> I will use xcopy \\olddc\users\*.* \\newdc\users\*.* /secvoyhkdr
>>>
>>
>>  Don't use XCOPY, use ROBOCOPY.
>>
>> ROBOCOPY \\olddc\users \\newdc\users /E /COPYALL /DCOPY:T
>>
>> /E = everything (subdirs, files, empty subdirs, etc.)
>> /COPYALL = dates, attributes, permissions, auditing, etc.
>> /DCOPY:T = directory timestamps
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[David W. McSpadden]

I don't think it is.  He explains it later in the same message and uses the 
same syntax.  Google came back with it in Vista.
I think all I want is /E /COPYALL and that should be enough.
  - Original Message - 
  From: Micheal Espinola Jr 
  To: NT System Admin Issues 
  Sent: Monday, April 27, 2009 12:19 PM
  Subject: Re: Replacing Win2k3 DC


  its a typo.

  --
  ME2



  On Mon, Apr 27, 2009 at 12:12 PM, David W. McSpadden  wrote:

I don't see /DCOPY in the /? from command line.  
Is DCOPY in Vista but not Win2k3??
  - Original Message - 
  From: Micheal Espinola Jr 
  To: NT System Admin Issues 
  Sent: Monday, April 27, 2009 12:00 PM
  Subject: Re: Replacing Win2k3 DC


  ROBOCOPY.EXE /?, and check what is wrong with the syntax.  Its pretty 
easy to figure out.

  --
  ME2



  On Mon, Apr 27, 2009 at 11:56 AM, David W. McSpadden  
wrote:

Ben I got a usage error for /DCOPY:T ??
I am using robocopy from the Resource Kit??

- Original Message - From: "Ben Scott" 
To: "NT System Admin Issues" 
Sent: Thursday, April 23, 2009 2:24 PM 

Subject: Re: Replacing Win2k3 DC



On Thu, Apr 23, 2009 at 8:21 AM, David W. McSpadden  
wrote:

  I can copy from one to the other but how do I keep the permissions in
  place??
  I will use xcopy \\olddc\users\*.* \\newdc\users\*.* /secvoyhkdr


 Don't use XCOPY, use ROBOCOPY.

ROBOCOPY \\olddc\users \\newdc\users /E /COPYALL /DCOPY:T

/E = everything (subdirs, files, empty subdirs, etc.)
/COPYALL = dates, attributes, permissions, auditing, etc.
/DCOPY:T = directory timestamps

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






 




 





 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[Micheal Espinola Jr]

You're right, its not a typo for the timestamp bugfix in the Vista version
of ROBOCOPY.

--
ME2


On Mon, Apr 27, 2009 at 12:22 PM, David W. McSpadden wrote:

>  I don't think it is.  He explains it later in the same message and uses
> the same syntax.  Google came back with it in Vista.
> I think all I want is /E /COPYALL and that should be enough.
>
> - Original Message -
> *From:* Micheal Espinola Jr 
> *To:* NT System Admin Issues 
> *Sent:* Monday, April 27, 2009 12:19 PM
> *Subject:* Re: Replacing Win2k3 DC
>
> its a typo.
>
> --
> ME2
>
>
> On Mon, Apr 27, 2009 at 12:12 PM, David W. McSpadden wrote:
>
>>  I don't see /DCOPY in the /? from command line.
>> Is DCOPY in Vista but not Win2k3??
>>
>>  - Original Message -
>> *From:* Micheal Espinola Jr 
>> *To:* NT System Admin Issues 
>>   *Sent:* Monday, April 27, 2009 12:00 PM
>> *Subject:* Re: Replacing Win2k3 DC
>>
>> ROBOCOPY.EXE /?, and check what is wrong with the syntax.  Its pretty easy
>> to figure out.
>>
>> --
>> ME2
>>
>>
>> On Mon, Apr 27, 2009 at 11:56 AM, David W. McSpadden wrote:
>>
>>> Ben I got a usage error for /DCOPY:T ??
>>> I am using robocopy from the Resource Kit??
>>>
>>> - Original Message - From: "Ben Scott" 
>>> To: "NT System Admin Issues" 
>>> Sent: Thursday, April 23, 2009 2:24 PM
>>> Subject: Re: Replacing Win2k3 DC
>>>
>>>
>>>  On Thu, Apr 23, 2009 at 8:21 AM, David W. McSpadden 
>>> wrote:
>>>
 I can copy from one to the other but how do I keep the permissions in
 place??
 I will use xcopy \\olddc\users\*.* \\newdc\users\*.* /secvoyhkdr

>>>
>>>  Don't use XCOPY, use ROBOCOPY.
>>>
>>> ROBOCOPY \\olddc\users \\newdc\users /E /COPYALL /DCOPY:T
>>>
>>> /E = everything (subdirs, files, empty subdirs, etc.)
>>> /COPYALL = dates, attributes, permissions, auditing, etc.
>>> /DCOPY:T = directory timestamps
>>>
>>> -- Ben
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>>
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Replacing Win2k3 DC

[Ben Scott]

On Mon, Apr 27, 2009 at 11:56 AM, David W. McSpadden  wrote:
> Ben I got a usage error for /DCOPY:T ??
> I am using robocopy from the Resource Kit??

  There's a newer version of ROBOCOPY available, even for XP/2000.
Version ID is "XP026".  It adds the /DCOPY (Directory Copy) switch,
among several other things.

  Annoyingly, Microsoft only distributes it within the the "Robocopy
GUI" package from a "Utility Spotlight" article for TechNet Magazine.
(How's *THAT* for a distribution channel?)  It's still a freebie,
though.  And you don't need the Robocopy GUI to use it.  The original
URL is:

http://technet.microsoft.com/en-us/magazine/2006.11.utilityspotlight.aspx

  If you don't care about directory timestamps, then the ROBOCOPY from
a Resource Kit should be okay, I think.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server OS opinion

[Ziots, Edward]

Just come from the old school of BIND, I like my DNS and WINS managed
separately, just choice. 

 

Also the there are move controls that you can put on systems so you
don't exploit DNS or WINS or other systems, it's a HIPS, which controls
execution period. 

 

If you like all your eggs in one basket with AD DNS, and like it go with
it, I won't dissuade anyone that is working this way. I just from the
school of though that DC's do just that authenticate users, applications
etc etc and that is it. For small shops this might not be possible due
to lack of systems ( SBS shops, etc, etc) but for larger enterprises it
is an option. 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Friday, April 24, 2009 12:19 PM
To: NT System Admin Issues
Subject: RE: Server OS opinion

 

The logic is you shouldn't be running anything else on your DC.

 

That statement is nebulous. If I compromise WINS and run arbitrary code,
I can own your AD. If I compromise DNS and run arbitrary code, I can own
your AD. Anything that runs in the context of SYSTEM or NETWORK SERVICE
on an RWDC pretty much has unfettered access to AD. By the logic below
you shouldn't run DNS or WINS on DCs. If you want to give up AD
integrated DNS, go for it...

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
 

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
 

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Friday, April 24, 2009 11:13 AM
To: NT System Admin Issues
Subject: RE: Server OS opinion

 

I may be missing something, but that article didn't convince me.

 

It says: "...[I]f you're running your DHCP server on a domain controller
then an attacker who compromises your DHCP server gains access to your
accounts database and can cause all sorts of further problems."

 

That's true, but that's a big "if." Is this something that's known to
happen on a regular enough basis to be a concern? Or is the logic that
the attack surface of a DC should be minimized by running absolutely
nothing else on it?

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

318 North Clark Street

Perry, FL 32347

 

www.taylor.k12.fl.us

 

 

 

 

From: David Lum [mailto:david@nwea.org] 
Sent: Friday, April 24, 2009 11:38 AM
To: NT System Admin Issues
Subject: RE: Server OS opinion

 

Security.

 

http://www.windowsecurity.com/articles/DHCP-Security-Part1.html
 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Friday, April 24, 2009 8:33 AM
To: NT System Admin Issues
Subject: RE: Server OS opinion

 

What's the reasoning for no DHCP on a DC - besides the extra stuff you
need

to do to make DNS updates work correctly?

 

We're a very small shop with only 1 domain/2 DCs and I'm implementing
DHCP

soon - again, migrating from Netware.

 

 - Andy O. 



From: Ziots, Edward [mailto:ezi...@lifespan.org] 

Sent: Thursday, April 23, 2009 3:52 AM

To: NT System Admin Issues

Subject: RE: Server OS opinion

 

1) Full Install, with minimal roles, unless core will do it for me and
not

be an admin headache. 

2) Enterprise Edition X64 for E2k7 in a 4 node cluster GEO-Cluster for
FT

and HA. 

3) Domain Controller not with DHCP put that role on a separate server

protected, ( Standard Edition)

4) File server, Standard edition, implement file blocking, quotas, and
ABE. 

5) Always take a minimalist approach, still like gui tools, but if you
can

do all the stuff from the cmdline or via POSH then you GTG. 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Ken Schaefer [mailto:k...@adopenstatic.com] 

Sent: Wednesday, April 22, 2009 8:39 PM

To: NT System Admin Issues

Subject: RE: Server OS opinion

 

Until Server 2008 R2, there is no .NET Framework with Server Core, so

anything that relies on .NET (e.g. Exchange) isn't going to work.

 

Administration via GUI can be done remotely (though I suppose sometimes
you

have to do things at the console) so no having a gui isn't a big -ve in
my

opinion. I would add your Hyper-V hosts to a domain to make it easier to

manage remotely.

 

Cheers

Ken

 



From: Glen Johnson [gjohn...@vhcc.edu]

Sent: Wednesday, 22 April 2009 10:14 PM

To: NT System Admin Issues

Subject

RE: SQLServer 200 question - DTS to DMZ

[Ziots, Edward]

Can you use TCPVIEW or Process explorer on the machine the DTS package
is running from and the one in the DMZ and see if any communications are
being tried? 

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Thursday, April 23, 2009 3:58 PM
To: NT System Admin Issues
Subject: SQLServer 200 question - DTS to DMZ

Anyone know how this works? My DBA is trying to set up a DTS
connection to push data from our production DB to a SQLServer box in
the DMZ.

I've got port 1433 open from from the production machine to the DMZ
machine, and name resolution is good - I've set up a static DNS entry
- but when trying to set up the DTS package through the wizard the
machine in the DMZ doesn't appear in the dropdown list, which makes
some sense to me as it's a standalone box, not on the domain.

I'm also open to the idea that DTS isn't the right way of doing this,
but I don't know what the alternatives would be.


Any help much appreciated.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Windows Server Foundation Edition

[Michael B. Smith]

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Christopher Bodnar]

Can Subinacl remove a single entry from the audit list? I've looked through the 
documentation, but I don't see a way to do this. I know the /audit switch will 
wipe the list out entirely. 

Thanks,

Chris
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE:Data De-duplication tolls

[Raper, Jonathan]

Are you looking for duplicate data within files or duplicate files? EMC can 
provide you with a utility that will tell you how much duplicate data you have 
within your file systems. There are plnty of utilities that will find duplicate 
files, although I don't specifically know of any that would scan your entire 
network...

Jonathan L. Raper, MCSE

Sent from my Windows Mobile ® enabled Smartphone. Please excuse brevity & any 
misspellings.


From: vbs 
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues 
Subject: [SPAM] - Data De-duplication tolls - Email has different SMTP TO: and 
MIME TO: fields in the email addresses

Are there any free report tools to simply identify duplicate data on our 
network?


--
Thanks
Dave Vantine






Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Stickers

[Ziots, Edward]

I do... so? 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Thursday, April 23, 2009 4:06 PM
To: NT System Admin Issues
Subject: RE: Stickers

 

I thought you preferred Cosmos Z...

TVK

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, April 23, 2009 2:52 PM
To: NT System Admin Issues
Subject: RE: Stickers

 

Beer does tend to get a response in IT Circles...

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Kim Longenbaugh [mailto:k...@colonialsavings.com] 
Sent: Thursday, April 23, 2009 3:33 PM
To: NT System Admin Issues
Subject: RE: Stickers

 

M, beer!

 



From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Thursday, April 23, 2009 2:21 PM
To: NT System Admin Issues
Subject: Re: Stickers

 

Did you say beer?

On Thu, Apr 23, 2009 at 9:55 AM, Steve Ens  wrote:

Winnipeg of all places. A local vendor (Epic) put on a day of seminars,
lunches, beer, etc. 

 

On Wed, Apr 22, 2009 at 9:32 PM, Steve Casas 
wrote:

Where did you grab that Vsphere 4 shirt?

On 4/22/09, Steve Ens  wrote:

I have far too many Microsoft shirts, my wife always grits her
teeth when I get back from a conference.  Got a nice VMWare Vsphere 4
shirt yesterday though.

 

On Wed, Apr 22, 2009 at 10:35 AM, Steven Calvanese
 wrote:

I have some Microsoft Office mints.



-Original Message-
From: Matt Plahtinsky [mailto:mplahtin...@gmail.com]
Sent: Wednesday, April 22, 2009 11:21 AM
To: NT System Admin Issues

Subject: Re: Stickers

I hate those smug apple commercials.  I would love to
have some
Microsoft stickers.  Maybe a picture of an 80's style
windows logo
eating an apple logo kind like pacman.  This one would
be kind
hillbillish (I'm riding in a car and there is a car in
frount of me with
one of these but of a sports team). but have a stickman
with a windows
logo for his head peeing on an apple ;).

On 4/22/09, John Cook  wrote:
> I have a PowerShell sticker on my laptop but I can't
remember where I
> got it
> - probably at Win Connections.
>

> John W. Cook
> Systems Administrator
> Partnership For Strong Families

> 315 SE 2nd Ave
> Gainesville, Fl 32601
> Office (352) 393-2741 x320
> Cell (352) 215-6944
> Fax (352) 393-2746
> MCSE, MCTS, MCP+I,CompTIA A+, N+
>
> -Original Message-
> From: Joseph L. Casale
[mailto:jcas...@activenetwerx.com]
> Sent: Tuesday, April 21, 2009 11:30 PM

> To: NT System Admin Issues
> Subject: RE: Stickers
>

>>I am surrounded by Linux and Mac FanBoys, and they all
have stickers.
>
> Just come out of the closet and join us. Life will be
so much happier
> :)
>

> ~ Finally, powerful endpoint security that ISN'T a
resource hog! ~ ~
>
  ~
>

> CONFIDENTIALITY STATEMENT: The information
transmitted, or contained
> or attached to or with this Notice is intended only
for the person or
> entity to which it is addressed and may contain
Protected Health
> Information (PHI), confidential and/or privileged
material. Any
> review, transmission, dissemination, or other use of,
and taking any
> action in reliance upon this information by persons or
entities other
> than the intended recipient without the express
written consent of the

> sender are prohibited. This information may be
protected by the Health

> Insurance Portability and Accountability Act of 1996
(HIPAA), and
> other Federal and Florida laws. Improper or
unauthorized use or
> disclosure of this information could result in civil
and/or criminal
penalties.
>  Consider the environment. Please don't print this
e-mail unless you
> really need to.
>

> ~ Fin

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS CD :(


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
"Installation and Se4rver Management" CD, however SBS is not part of any of the 
selectable OS'es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Jeremy Phillips]

I have looked far and wide and unfortunately found the same as you. I would be 
interested in trying it out though.

Thanks,

Jeremy Phillips
Managing Consultant | Cohesive Logic  LLC | M: 540-322-7980 | BB PIN: 318A6889


From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 10:22 AM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Brian Desmond]

My understanding is that HP was supposed to launch it for these products today


  *   ML110 G5 ML115 G5
  *   ML310 G5p DL120 G5
  *   DL120 G5 DL320 G5p


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[David Lum]

Is there a GPO way to prevent something from modifying this registry key? If I 
could prevent that and stuff from auto-populating the \Startup folder for "all 
users" I would be a happy camper.

Tools like Spybot can do it, but that's not enterprise grade (read, centrally 
manageable). McAfee has a product that can do it - and we even have it and are 
licensed for it, but it's interface is so atrocious I'd probably nuke half my 
systems just attempting it.

I'm looking for something other than "not local admin".
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Brian Desmond]

You'd have to hook the writes if you want to have it effective for local admins 
as well. Haven't seen a product that does that.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry key? If I 
could prevent that and stuff from auto-populating the \Startup folder for "all 
users" I would be a happy camper.

Tools like Spybot can do it, but that's not enterprise grade (read, centrally 
manageable). McAfee has a product that can do it - and we even have it and are 
licensed for it, but it's interface is so atrocious I'd probably nuke half my 
systems just attempting it.

I'm looking for something other than "not local admin".
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Kennedy, Jim]

2008 domain? I think this is only available via that. The Group Policy 
extensions update added to xp make it work.

Computer config...Policies...Windows Settings...Sec. Settings...Registry.  You 
add the key and change the perms to read and Execute, taking away right/full 
control from everyone, or everyone except Domain Admins

I did that for conflicker to svchost to stop the spread.


From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 27, 2009 2:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry key? If I 
could prevent that and stuff from auto-populating the \Startup folder for "all 
users" I would be a happy camper.

Tools like Spybot can do it, but that's not enterprise grade (read, centrally 
manageable). McAfee has a product that can do it - and we even have it and are 
licensed for it, but it's interface is so atrocious I'd probably nuke half my 
systems just attempting it.

I'm looking for something other than "not local admin".
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[gsweers]

Its actually an Option to select SBS 2003 as the OS.  If you are
selecting 2003 Server as the OS install option that will not work.  I
have done it at least a few dozen times.

 

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

It does not work keeps insisting that the SBS is not the 2003 CD!

I downloaded the latest version, I guess I have to Download the PERC
drivers and start from the SBS CD L

 

 

___

Stefan Jafs

 

From: Michael Ross [mailto:mr...@itwif.com] 
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

Just choose server 2003

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

 

I have an old PE 2950 that I want to install SBS on, I downloaded  the
latest "Installation and Se4rver Management" CD, however SBS is not part
of any of the selectable OS'es.

Can an not use the Dell Startup disk?

 

Any ideas?

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Amico Corpoartion company. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, the company cannot accept responsibility for any loss or damage
that arise from the use of this email or attachments.

 

 

 

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Amico Corpoartion company. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, the company cannot accept responsibility for any loss or damage
that arise from the use of this email or attachments.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Michael B. Smith]

while that is certainly possible, i can't find them on the HP partner website 
nor were the "online chat" people i chatted with aware of them...i'll try again 
tomorrow, but after that i've got to break down and eat the price difference...


From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding is that HP was supposed to launch it for these products today


  *   ML110 G5 ML115 G5
  *   ML310 G5p DL120 G5
  *   DL120 G5 DL320 G5p


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Murray Freeman]

I'm being asked to investigate the use of a few MAC's in our network. I
know that it would be only used by a few of our staff for graphics and a
few other apps. I'm concerned about the ability of a MAC to interface
into our network and Exchange Server email.Obviously we would purchase
new machines, so they could be dual boot machines. I'm also aware of
virtualization, but haven't looked into that as of yet. Any suggestions,
warnings or concerns from anyone with this kind of experience would be
greatly appreciated.
 

Murray

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Todd Lemmiksoo]

Is this version only for the HP models below?



From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition


while that is certainly possible, i can't find them on the HP partner
website nor were the "online chat" people i chatted with aware of
them...i'll try again tomorrow, but after that i've got to break down
and eat the price difference...
 


From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition



My understanding is that HP was supposed to launch it for these products
today

 

*   ML110 G5 ML115 G5 
*   ML310 G5p DL120 G5 
*   DL120 G5 DL320 G5p 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
 

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
 

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

 

Has anyone actually SEEN this SKU for sale anywhere?

 

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

 

Anyone have a source?

 

Thanks,

M

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Sherry Abercrombie]

Macs are a pain.  Not only do I have about 2 dozen of them on my network,
I've got a stupid Mac Server also.

Macs use Entourage for interaction with Exchange (OWA), it's not perfect,
there are issues, and it's on the Mac side.  Not any issues with having them
on your network, I just don't like Macs.


On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman  wrote:

>  I'm being asked to investigate the use of a few MAC's in our network. I
> know that it would be only used by a few of our staff for graphics and a few
> other apps. I'm concerned about the ability of a MAC to interface into our
> network and Exchange Server email.Obviously we would purchase new machines,
> so they could be dual boot machines. I'm also aware of virtualization, but
> haven't looked into that as of yet. Any suggestions, warnings or concerns
> from anyone with this kind of experience would be greatly appreciated.
>
>
> *Murray*
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke
Sent from Haslet, TX, United States

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

Sorry it's an PE2850 and I just spoke to Dell support, SMS is not supported on 
the 2850, that's why it's not an option on the CD.
So I'm getting the PERC drivers however now I can't boot from the SMS disk #1, 
getting error:
NTLDR not found looks like it does not want to boot from  the CD#1!

___
Stefan Jafs

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.


From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS CD :(


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
"Installation and Se4rver Management" CD, however SBS is not part of any of the 
selectable OS'es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Ben Schorr]

I sort of second Sherry's comments.  I say sort of because I have a Mac
or two myself and don't have anything against Macs...but they are often
a pain to support in a mixed network.

 

We support one network that USED to have a single Mac (among about 50
PCs and half a dozen Windows servers).  That single Mac user generated
about three times as many support calls as any other user on the
network.

 

You can do it and it will work, but be prepared that you may find
yourself spending a lot more helpdesk resources on them.

 

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com  
b...@rolandschorr.com  

Twitter: http://www.twitter.com/bschorr

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Monday, April 27, 2009 8:49 AM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Macs are a pain.  Not only do I have about 2 dozen of them on my
network, I've got a stupid Mac Server also.  

Macs use Entourage for interaction with Exchange (OWA), it's not
perfect, there are issues, and it's on the Mac side.  Not any issues
with having them on your network, I just don't like Macs. 



On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman 
wrote:

I'm being asked to investigate the use of a few MAC's in our network. I
know that it would be only used by a few of our staff for graphics and a
few other apps. I'm concerned about the ability of a MAC to interface
into our network and Exchange Server email.Obviously we would purchase
new machines, so they could be dual boot machines. I'm also aware of
virtualization, but haven't looked into that as of yet. Any suggestions,
warnings or concerns from anyone with this kind of experience would be
greatly appreciated.

 

Murray

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke
Sent from Haslet, TX, United States 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Terry Dickson]

Even if you did do that, as a local admin they could just take ownership of the 
folder and boom they are writing to the registry key again and the startup 
folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry key? If I 
could prevent that and stuff from auto-populating the \Startup folder for "all 
users" I would be a happy camper.

 

Tools like Spybot can do it, but that's not enterprise grade (read, centrally 
manageable). McAfee has a product that can do it - and we even have it and are 
licensed for it, but it's interface is so atrocious I'd probably nuke half my 
systems just attempting it.

 

I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spotted this a couple of days ago...

[Mike Gill]

Just tested on Vista. Works as advertised. Also worked on me e6500 with the
hard drive ATA password set. Apparently, the password is asked for before
the boot devices are offered, so the drive is already unlocked by the time
you tell it to boot from CD. It didn't work with my Ubuntu install on a
separate partition of the same machine however.

-- 
Mike Gill

-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Sunday, April 26, 2009 8:05 PM
To: NT System Admin Issues
Subject: RE: Spotted this a couple of days ago...

The tool's website says you need to boot from the CD or Floppy disk. 

I suspect that type of tool is not going to get around Bitlocker-ed
partitions, or other similar types of full-disk encryption.

Cheers
Ken



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

I'm reading that SBS will not install on a DELL rack mounted server!!

http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867

Could that be correct?

___
Stefan Jafs

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Sorry it's an PE2850 and I just spoke to Dell support, SMS is not supported on 
the 2850, that's why it's not an option on the CD.
So I'm getting the PERC drivers however now I can't boot from the SMS disk #1, 
getting error:
NTLDR not found looks like it does not want to boot from  the CD#1!

___
Stefan Jafs

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.


From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS CD :(


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
"Installation and Se4rver Management" CD, however SBS is not part of any of the 
selectable OS'es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.





This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Don Guyer]

I think the OP meant he was looking for suggestions other than "don't
put them in the local administrators group".

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 2:25 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Even if you did do that, as a local admin they could just take ownership
of the folder and boom they are writing to the registry key again and
the startup folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry
key? If I could prevent that and stuff from auto-populating the \Startup
folder for "all users" I would be a happy camper.

 

Tools like Spybot can do it, but that's not enterprise grade (read,
centrally manageable). McAfee has a product that can do it - and we even
have it and are licensed for it, but it's interface is so atrocious I'd
probably nuke half my systems just attempting it.

 

I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Terry Dickson]

I understood that also, however if they are a local admin it might not matter.  
They could simply logon take ownership and they again have the rights to do 
what they want.  

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 2:07 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Bingo.

-Original Message-
From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Monday, April 27, 2009 11:35 AM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I think the OP meant he was looking for suggestions other than "don't
put them in the local administrators group".

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 2:25 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Even if you did do that, as a local admin they could just take ownership
of the folder and boom they are writing to the registry key again and
the startup folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry
key? If I could prevent that and stuff from auto-populating the \Startup
folder for "all users" I would be a happy camper.

 

Tools like Spybot can do it, but that's not enterprise grade (read,
centrally manageable). McAfee has a product that can do it - and we even
have it and are licensed for it, but it's interface is so atrocious I'd
probably nuke half my systems just attempting it.

 

I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Art DeKneef]

Not correct. And that's an old article. While I can't speak to the PE2850 I
have installed on a basic PE 800 or 850 (I don't remember) and a PE1950.
These were lab installs and not at customer sites. Downloaded all the
drivers, updated all firmware and installed from the SBS CDs.

 

I remember having an issue with CD#1 some time ago. For me it was a bad
CD#1. Used another CD and it work fine.

 

Art

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

I'm reading that SBS will not install on a DELL rack mounted server!!

 

http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867

 

Could that be correct?

 

___

Stefan Jafs

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

Sorry it's an PE2850 and I just spoke to Dell support, SMS is not supported
on the 2850, that's why it's not an option on the CD.

So I'm getting the PERC drivers however now I can't boot from the SMS disk
#1, getting error: 

NTLDR not found looks like it does not want to boot from  the CD#1!

 

___

Stefan Jafs

 

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

Its actually an Option to select SBS 2003 as the OS.  If you are selecting
2003 Server as the OS install option that will not work.  I have done it at
least a few dozen times.

 

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

It does not work keeps insisting that the SBS is not the 2003 CD!

I downloaded the latest version, I guess I have to Download the PERC drivers
and start from the SBS CD L

 

 

___

Stefan Jafs

 

From: Michael Ross [mailto:mr...@itwif.com] 
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

 

Just choose server 2003

 

From: Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

 

I have an old PE 2950 that I want to install SBS on, I downloaded  the
latest "Installation and Se4rver Management" CD, however SBS is not part of
any of the selectable OS'es.

Can an not use the Dell Startup disk?

 

Any ideas?

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
Amico Corpoartion company. Warning: Although precautions have been taken to
make sure no viruses are present in this email, the company cannot accept
responsibility for any loss or damage that arise from the use of this email
or attachments.

 

 

 

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
Amico Corpoartion company. Warning: Although precautions have been taken to
make sure no viruses are present in this email, the company cannot accept
responsibility for any loss or damage that arise from the use of this email
or attachments.

 

 

 

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
Amico Corpoartion company. Warning: Although precautions have been taken to
make sure no viruses are present in this email, the company cannot accept
responsibility for any loss or damage that arise from the use of this email
or attachments.

 

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
Amico Corpoartion company. Warning: Although precautions have been taken to
make sure no viruses are present in this email, the company cannot accept
responsibility for any loss or damage that arise from the use of this email
or attachments.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jonathan Link]

I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and can
launch the windows version of Outlook for the full integrated email
experience.



On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman  wrote:

>  I'm being asked to investigate the use of a few MAC's in our network. I
> know that it would be only used by a few of our staff for graphics and a few
> other apps. I'm concerned about the ability of a MAC to interface into our
> network and Exchange Server email.Obviously we would purchase new machines,
> so they could be dual boot machines. I'm also aware of virtualization, but
> haven't looked into that as of yet. Any suggestions, warnings or concerns
> from anyone with this kind of experience would be greatly appreciated.
>
>
> *Murray*
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: SQLServer 200 question - DTS to DMZ

[Kurt Buff]

Didn't need it - it started working just fine once we applied SQLServer SP4.

Kurt

On Mon, Apr 27, 2009 at 10:16, Ziots, Edward  wrote:
> Can you use TCPVIEW or Process explorer on the machine the DTS package
> is running from and the one in the DMZ and see if any communications are
> being tried?
>
> Z
>
> Edward Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
> ezi...@lifespan.org
> Phone:401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Thursday, April 23, 2009 3:58 PM
> To: NT System Admin Issues
> Subject: SQLServer 200 question - DTS to DMZ
>
> Anyone know how this works? My DBA is trying to set up a DTS
> connection to push data from our production DB to a SQLServer box in
> the DMZ.
>
> I've got port 1433 open from from the production machine to the DMZ
> machine, and name resolution is good - I've set up a static DNS entry
> - but when trying to set up the DTS package through the wizard the
> machine in the DMZ doesn't appear in the dropdown list, which makes
> some sense to me as it's a standalone box, not on the domain.
>
> I'm also open to the idea that DTS isn't the right way of doing this,
> but I don't know what the alternatives would be.
>
>
> Any help much appreciated.
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Art DeKneef]

My understanding from the MS/HP web training was that HP was limiting it to
a few select models because of the limitations built in to Foundation
Server. And currently it will only be available from the direct OEMs. (like
HP and Dell)

 

From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] 
Sent: Monday, April 27, 2009 11:36 AM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

Is this version only for the HP models below?

 

  _  

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

while that is certainly possible, i can't find them on the HP partner
website nor were the "online chat" people i chatted with aware of
them...i'll try again tomorrow, but after that i've got to break down and
eat the price difference...

 

  _  

From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding is that HP was supposed to launch it for these products
today

 

*   ML110 G5 ML115 G5 
*   ML310 G5p DL120 G5 
*   DL120 G5 DL320 G5p 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

 

Has anyone actually SEEN this SKU for sale anywhere?

 

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

 

Anyone have a source?

 

Thanks,

M

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

Ok I'm getting a new image from TechNet.
My outside consultant wanted 15 - 20 hours and I said what are you crazy I can 
do it in a few hours myself, maybe he is not so crazy after all!

___
Stefan Jafs

From: Art DeKneef [mailto:art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:16 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Not correct. And that's an old article. While I can't speak to the PE2850 I 
have installed on a basic PE 800 or 850 (I don't remember) and a PE1950. These 
were lab installs and not at customer sites. Downloaded all the drivers, 
updated all firmware and installed from the SBS CDs.

I remember having an issue with CD#1 some time ago. For me it was a bad CD#1. 
Used another CD and it work fine.

Art

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

I'm reading that SBS will not install on a DELL rack mounted server!!

http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867

Could that be correct?

___
Stefan Jafs

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Sorry it's an PE2850 and I just spoke to Dell support, SMS is not supported on 
the 2850, that's why it's not an option on the CD.
So I'm getting the PERC drivers however now I can't boot from the SMS disk #1, 
getting error:
NTLDR not found looks like it does not want to boot from  the CD#1!

___
Stefan Jafs

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.


From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS CD :(


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
"Installation and Se4rver Management" CD, however SBS is not part of any of the 
selectable OS'es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.





This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to ma

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Michael White]

As has been mentioned, Entourage is the semi-equivalent to Outlook for
Exchange connectivity.  Snow Leopard is supposed to have increased
integration with an Exchange environment natively.  In what ways are you
having concerns about Macs interacting w/your network?
Michael.



On Mon, Apr 27, 2009 at 11:34 AM, Murray Freeman wrote:

>  I'm being asked to investigate the use of a few MAC's in our network. I
> know that it would be only used by a few of our staff for graphics and a few
> other apps. I'm concerned about the ability of a MAC to interface into our
> network and Exchange Server email.Obviously we would purchase new machines,
> so they could be dual boot machines. I'm also aware of virtualization, but
> haven't looked into that as of yet. Any suggestions, warnings or concerns
> from anyone with this kind of experience would be greatly appreciated.
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[David Lum]

Bingo.

-Original Message-
From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Monday, April 27, 2009 11:35 AM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I think the OP meant he was looking for suggestions other than "don't
put them in the local administrators group".

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 2:25 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Even if you did do that, as a local admin they could just take ownership
of the folder and boom they are writing to the registry key again and
the startup folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry
key? If I could prevent that and stuff from auto-populating the \Startup
folder for "all users" I would be a happy camper.

 

Tools like Spybot can do it, but that's not enterprise grade (read,
centrally manageable). McAfee has a product that can do it - and we even
have it and are licensed for it, but it's interface is so atrocious I'd
probably nuke half my systems just attempting it.

 

I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Michael B. Smith]

The press release, the day it was released (six weeks ago??) said "immediate 
availability".

Now, try to find it on those vendor's websites!!!


From: Art DeKneef [art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:31 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding from the MS/HP web training was that HP was limiting it to a 
few select models because of the limitations built in to Foundation Server. And 
currently it will only be available from the direct OEMs. (like HP and Dell)

From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com]
Sent: Monday, April 27, 2009 11:36 AM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

Is this version only for the HP models below?


From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition
while that is certainly possible, i can't find them on the HP partner website 
nor were the "online chat" people i chatted with aware of them...i'll try again 
tomorrow, but after that i've got to break down and eat the price difference...


From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition
My understanding is that HP was supposed to launch it for these products today


  *   ML110 G5 ML115 G5
  *   ML310 G5p DL120 G5
  *   DL120 G5 DL320 G5p


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[David Lum]

Understood - I'm looking for an interim stopgap. We don't have the resources to 
bring everyone off local admins very quickly, so if a GPO could help me 
mitigate things with minimal effort it would be extremely helpful.

Dave

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us]
Sent: Monday, April 27, 2009 12:19 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I understood that also, however if they are a local admin it might not matter.  
They could simply logon take ownership and they again have the rights to do 
what they want.

-Original Message-
From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 27, 2009 2:07 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Bingo.

-Original Message-
From: Don Guyer [mailto:don.gu...@prufoxroach.com]
Sent: Monday, April 27, 2009 11:35 AM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I think the OP meant he was looking for suggestions other than "don't
put them in the local administrators group".

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us]
Sent: Monday, April 27, 2009 2:25 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Even if you did do that, as a local admin they could just take ownership
of the folder and boom they are writing to the registry key again and
the startup folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry
key? If I could prevent that and stuff from auto-populating the \Startup
folder for "all users" I would be a happy camper.



Tools like Spybot can do it, but that's not enterprise grade (read,
centrally manageable). McAfee has a product that can do it - and we even
have it and are licensed for it, but it's interface is so atrocious I'd
probably nuke half my systems just attempting it.



I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764








~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Michael Hoffman]

In the UK it is listed on the HP top config tool with distribution. There seems 
to be a choice of device cals or user cals and up to 20 users. There is no 
pricing as yet and a 10 day build time, so I guess they add the pricing in 
after the order is placed. So you can specify an ml110 with 13 cals pre-built. 
It might be that the big disties will just order 100's of the minimum spec 
builds, but we'll have to see.

Mike

From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: 27 April 2009 20:37
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

The press release, the day it was released (six weeks ago??) said "immediate 
availability".

Now, try to find it on those vendor's websites!!!


From: Art DeKneef [art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:31 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition
My understanding from the MS/HP web training was that HP was limiting it to a 
few select models because of the limitations built in to Foundation Server. And 
currently it will only be available from the direct OEMs. (like HP and Dell)

From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com]
Sent: Monday, April 27, 2009 11:36 AM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

Is this version only for the HP models below?


From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition
while that is certainly possible, i can't find them on the HP partner website 
nor were the "online chat" people i chatted with aware of them...i'll try again 
tomorrow, but after that i've got to break down and eat the price difference...


From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition
My understanding is that HP was supposed to launch it for these products today


 *   ML110 G5 ML115 G5
 *   ML310 G5p DL120 G5
 *   DL120 G5 DL320 G5p


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Michael B. Smith [mailto:mich...@owa.smithcons.com]
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

Has anyone actually SEEN this SKU for sale anywhere?

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

Anyone have a source?

Thanks,
M

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows Server Foundation Edition

[Art DeKneef]

That means "I might maybe eventually decide I actually envisioned"
availability. 

 

I sent you an address that might be able to answer your question on
availability.

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 12:37 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

The press release, the day it was released (six weeks ago??) said "immediate
availability".

 

Now, try to find it on those vendor's websites!!!

 

  _  

From: Art DeKneef [art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:31 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding from the MS/HP web training was that HP was limiting it to
a few select models because of the limitations built in to Foundation
Server. And currently it will only be available from the direct OEMs. (like
HP and Dell)

 

From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] 
Sent: Monday, April 27, 2009 11:36 AM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

Is this version only for the HP models below?

 

  _  

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

while that is certainly possible, i can't find them on the HP partner
website nor were the "online chat" people i chatted with aware of
them...i'll try again tomorrow, but after that i've got to break down and
eat the price difference...

 

  _  

From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding is that HP was supposed to launch it for these products
today

 

*   ML110 G5 ML115 G5 
*   ML310 G5p DL120 G5 
*   DL120 G5 DL320 G5p 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

 

Has anyone actually SEEN this SKU for sale anywhere?

 

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

 

Anyone have a source?

 

Thanks,

M

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Ziots, Edward]

Setup GPO and ACL the key so only Domain Admins have write permission to
the key and all users only have read Permission. They cant take
ownership if they don't have local administrative permissions or take
ownership right. 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 3:55 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

Understood - I'm looking for an interim stopgap. We don't have the
resources to bring everyone off local admins very quickly, so if a GPO
could help me mitigate things with minimal effort it would be extremely
helpful.

 

Dave

 

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 12:19 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

I understood that also, however if they are a local admin it might not
matter.  They could simply logon take ownership and they again have the
rights to do what they want.  

 

-Original Message-

From: David Lum [mailto:david@nwea.org] 

Sent: Monday, April 27, 2009 2:07 PM

To: NT System Admin Issues

Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

Bingo.

 

-Original Message-

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 

Sent: Monday, April 27, 2009 11:35 AM

To: NT System Admin Issues

Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

I think the OP meant he was looking for suggestions other than "don't

put them in the local administrators group".

 

:)

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

-Original Message-

From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 

Sent: Monday, April 27, 2009 2:25 PM

To: NT System Admin Issues

Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

Even if you did do that, as a local admin they could just take ownership

of the folder and boom they are writing to the registry key again and

the startup folder again.

 

-Original Message-

From: David Lum [mailto:david@nwea.org] 

Sent: Monday, April 27, 2009 1:15 PM

To: NT System Admin Issues

Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

 

Is there a GPO way to prevent something from modifying this registry

key? If I could prevent that and stuff from auto-populating the \Startup

folder for "all users" I would be a happy camper.

 

 

 

Tools like Spybot can do it, but that's not enterprise grade (read,

centrally manageable). McAfee has a product that can do it - and we even

have it and are licensed for it, but it's interface is so atrocious I'd

probably nuke half my systems just attempting it.

 

 

 

I'm looking for something other than "not local admin".

 

David Lum // SYSTEMS ENGINEER 

NORTHWEST EVALUATION ASSOCIATION

(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

[Ziots, Edward]

Move the take Ownership right from the Local Administrators, via User
Rights in GPO...

That will fix the taking Ownership of the resource issue. 

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 3:19 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I understood that also, however if they are a local admin it might not
matter.  They could simply logon take ownership and they again have the
rights to do what they want.  

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 2:07 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Bingo.

-Original Message-
From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Monday, April 27, 2009 11:35 AM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

I think the OP meant he was looking for suggestions other than "don't
put them in the local administrators group".

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

-Original Message-
From: Terry Dickson [mailto:te...@treasurer.state.ks.us] 
Sent: Monday, April 27, 2009 2:25 PM
To: NT System Admin Issues
Subject: RE: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Even if you did do that, as a local admin they could just take ownership
of the folder and boom they are writing to the registry key again and
the startup folder again.

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Monday, April 27, 2009 1:15 PM
To: NT System Admin Issues
Subject: Prevent mods to HKLM\Software\Microsoft\CurrentVersion\Run

Is there a GPO way to prevent something from modifying this registry
key? If I could prevent that and stuff from auto-populating the \Startup
folder for "all users" I would be a happy camper.

 

Tools like Spybot can do it, but that's not enterprise grade (read,
centrally manageable). McAfee has a product that can do it - and we even
have it and are licensed for it, but it's interface is so atrocious I'd
probably nuke half my systems just attempting it.

 

I'm looking for something other than "not local admin".

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Ziots, Edward]

I think the sdeny will setup a deny acl, but unless you can combine with
/revoke switch that might not be possible...

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

-Original Message-
From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Monday, April 27, 2009 1:28 PM
To: NT System Admin Issues
Subject: RE: script to add auditing

Can Subinacl remove a single entry from the audit list? I've looked
through the documentation, but I don't see a way to do this. I know the
/audit switch will wipe the list out entirely. 

Thanks,

Chris
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Dell PE2950 - SBS 2003

[Pete Howard]

It will definately work. I have an SBS03 instance thats been running on a Dell  
2850 perc4e\dc for over 3 years. Just had to supply the perc drivers during the 
SBS install 





From: Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 3:35:24 PM
Subject: RE: Dell PE2950 - SBS 2003


Ok I’m getting a new image from TechNet. 
My outside consultant wanted 15 – 20 hours and I said what are you crazy I can 
do it in a few hours myself, maybe he is not so crazy after all! 
 
___
Stefan Jafs
 
From:Art DeKneef [mailto:art.dekn...@cox.net] 
Sent: Monday, April 27, 2009 3:16 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Not correct. And that’s an old article. While I can’t speak to the PE2850 I 
have installed on a basic PE 800 or 850 (I don’t remember) and a PE1950. These 
were lab installs and not at customer sites. Downloaded all the drivers, 
updated all firmware and installed from the SBS CDs.
 
I remember having an issue with CD#1 some time ago. For me it was a bad CD#1. 
Used another CD and it work fine.
 
Art
 
From:Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
I’m reading that SBS will not install on a DELL rack mounted server!!
 
http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867
 
Could that be correct?
 
___
Stefan Jafs
 
From:Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Sorry it’s an PE2850 and I just spoke to Dell support, SMS is not supported on 
the 2850, that’s why it’s not an option on the CD.
So I’m getting the PERC drivers however now I can’t boot from the SMS disk #1, 
getting error: 
NTLDR not found looks like it does not want to boot from  the CD#1!
 
___
Stefan Jafs
 
From:gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.
 
 
From:Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS CD L
 
 
___
Stefan Jafs
 
From:Michael Ross [mailto:mr...@itwif.com] 
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Just choose server 2003
 
From:Stefan Jafs [mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003
 
I have an old PE 2950 that I want to install SBS on, I downloaded  the latest 
“Installation and Se4rver Management” CD, however SBS is not part of any of the 
selectable OS’es.
Can an not use the Dell Startup disk?
 
Any ideas?
___
Stefan Jafs
 
This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.
 
 
 
 
This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.
 
 
 
 
This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.
 
 
This email and any a

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

Yes but I cat get it to boot from CD#1, SBS 2003 R2 Premium Edition! I 
downloaded CD#! from TechNet same problem
Could it be something stupid, like I would have to install SMS 2003 first?

___
Stefan Jafs

From: Pete Howard [mailto:pchow...@yahoo.com]
Sent: Monday, April 27, 2009 4:30 PM
To: NT System Admin Issues
Subject: Re: Dell PE2950 - SBS 2003


It will definately work. I have an SBS03 instance thats been running on a Dell  
2850 perc4e\dc for over 3 years. Just had to supply the perc drivers during the 
SBS install


From: Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 3:35:24 PM
Subject: RE: Dell PE2950 - SBS 2003
Ok I���m getting a new image from TechNet.
My outside consultant wanted 15 ��� 20 hours and I said what are you crazy I 
can do it in a few hours myself, maybe he is not so crazy after all!

___
Stefan Jafs

From: Art DeKneef [mailto:art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:16 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Not correct. And thas an old article. While I can���t speak to the PE2850 I 
have installed on a basic PE 800 or 850 (I dot remember) and a PE1950. 
These were lab installs and not at customer sites. Downloaded all the drivers, 
updated all firmware and installed from the SBS CDs.

I remember having an issue with CD#1 some time ago. For me it was a bad CD#1. 
Used another CD and it work fine.

Art

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

I���m reading that SBS will not install on a DELL rack mounted server!!

http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867

Could that be correct?

___
Stefan Jafs

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Sorry �s an PE2850 and I just spoke to Dell support, SMS is not supported 
on the 2850, th�s why is not an option on the CD.
So I���m getting the PERC drivers however now I c�t boot from the SMS disk 
#1, getting error:
NTLDR not found looks like it does not want to boot from  the CD#1!

___
Stefan Jafs

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.


From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS C�


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the 
lates�Installation and Se4rver Managemen CD, however SBS is not part of 
any of the selectable OS���es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.









This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alte

RE: Windows Server Foundation Edition

[Art DeKneef]

There are only user CALs. It includes 15 CALs and 15 is the limit legally.

 

From: Michael Hoffman [mailto:m...@drumbrae.net] 
Sent: Monday, April 27, 2009 1:09 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

In the UK it is listed on the HP top config tool with distribution. There
seems to be a choice of device cals or user cals and up to 20 users. There
is no pricing as yet and a 10 day build time, so I guess they add the
pricing in after the order is placed. So you can specify an ml110 with 13
cals pre-built. It might be that the big disties will just order 100's of
the minimum spec builds, but we'll have to see.

 

Mike

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: 27 April 2009 20:37
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

The press release, the day it was released (six weeks ago??) said "immediate
availability".

 

Now, try to find it on those vendor's websites!!!

 

  _  

From: Art DeKneef [art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:31 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding from the MS/HP web training was that HP was limiting it to
a few select models because of the limitations built in to Foundation
Server. And currently it will only be available from the direct OEMs. (like
HP and Dell)

 

From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] 
Sent: Monday, April 27, 2009 11:36 AM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

 

Is this version only for the HP models below?

 

  _  

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 2:28 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

while that is certainly possible, i can't find them on the HP partner
website nor were the "online chat" people i chatted with aware of
them...i'll try again tomorrow, but after that i've got to break down and
eat the price difference...

 

  _  

From: Brian Desmond [br...@briandesmond.com]
Sent: Monday, April 27, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Windows Server Foundation Edition

My understanding is that HP was supposed to launch it for these products
today

 

*   ML110 G5 ML115 G5 
*   ML310 G5p DL120 G5 
*   DL120 G5 DL320 G5p 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Monday, April 27, 2009 12:22 PM
To: NT System Admin Issues
Subject: Windows Server Foundation Edition

 

Has anyone actually SEEN this SKU for sale anywhere?

 

Dell, HP, Ingram Micro, and CDW don't have it. Or claim not to.

 

Anyone have a source?

 

Thanks,

M

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: DFS issues

[Miller Bonnie L .]

Sorry to jump in so late-If you're just talking about the checkbox next to read 
only, that is by design on folders as per 
http://support.microsoft.com/kb/326549.

How are the share and NTFS permissions?  Any quota software being used?  What 
program are they having trouble saving with?

-B

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Tuesday, April 21, 2009 11:44 AM
To: NT System Admin Issues
Subject: RE: DFS issues

When I looked at the properties of the shared folder on the second server, the 
"read only" checkbox was checked.

[cid:image001.jpg@01C9C73F.EBB62660][cid:image002@01c9c73f.ebb62660]

From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Tuesday, April 21, 2009 2:24 PM
To: NT System Admin Issues
Subject: RE: DFS issues

What do you mean permissions set to read only?

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Tuesday, April 21, 2009 11:05 AM
To: NT System Admin Issues
Subject: DFS issues

We just recently switched from using Synctoy for keeping our two servers 
(DC/File Server combos) synchronized to using DFS. I just started having some 
issues after it's been in place for a couple weeks... the "public" file share 
(really mostly a public file dump) started being read-only to people for some 
reason. I checked our primary server (in my office) and the permissions and 
everything we correct. Then today, after it happened again on someone else, I 
got a wild hair and checked our other server and it had the permission set to 
"read only" for the "public" share.

Anyone ever seen anything like this happen before? Is it just coincidence that 
about two weeks after we implement DFS the file share goes "read only"???

Any ideas how to keep it from happening in the future?

[cid:image001.jpg@01C9C73F.EBB62660][cid:image002@01c9c73f.ebb62660]










No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.12.1/2071 - Release Date: 04/21/09 
08:30:00





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Citrix Video

[Webster]

Oh yeah, this video really convinces me that Citrix is the way to go! J

 

http://www.xenserver5.com/videos/mythbusters/

 

Hey Stu, need a link for your next newsletter?

 

 

Webster


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Citrix Video

[Stu Sjouwerman]

One for the faves this week !!
 

Warm regards,


Stu Sjouwerman
Founder, VP Marketing.
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  

 



From: Webster [mailto:webs...@carlwebster.com] 
Sent: Monday, April 27, 2009 4:57 PM
To: NT System Admin Issues
Subject: Citrix Video



Oh yeah, this video really convinces me that Citrix is the way to go! J

 

http://www.xenserver5.com/videos/mythbusters/

 

Hey Stu, need a link for your next newsletter?

 

 

Webster

 

 




..
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Steven Peck]

It has been our experience that while the technical issues of MAC's
can be resolved, most issues come from the MAC users themselves.
Having got themselves a little exception to the overall IT policy,
they will often refuse to play nice with things like storing files on
network shares which are backed up.  Consume support resources with
their custom needs the drain your teams time.  Make constant snide
comments about Windows and support and get really irritable when you
produce the article clearly showing it was a MAC issue.

The last time we looked at 'some groups' needs, there were Windows
versions of all the applications available but they were able to
maintain their separate resource stance.  Of course we were all
sympathy when they lost a major amount of data do to their refusal to
play nice with corporate IT policy.

Of course, I may be biased.

Steven

On Mon, Apr 27, 2009 at 12:24 PM, Jonathan Link  wrote:
> I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and can
> launch the windows version of Outlook for the full integrated email
> experience.
>
>
> On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman  wrote:
>>
>> I'm being asked to investigate the use of a few MAC's in our network. I
>> know that it would be only used by a few of our staff for graphics and a few
>> other apps. I'm concerned about the ability of a MAC to interface into our
>> network and Exchange Server email.Obviously we would purchase new machines,
>> so they could be dual boot machines. I'm also aware of virtualization, but
>> haven't looked into that as of yet. Any suggestions, warnings or concerns
>> from anyone with this kind of experience would be greatly appreciated.
>>
>>
>> Murray
>>
>>
>>
>>
>>
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Gene Giannamore]

Amen to that, and we only have 1 mac user. 




Gene Giannamore
Abide International Inc.
Technical Support
561 1st Street West
Sonoma,Ca.95476
(707) 935-1577Office
(707) 935-9387Fax
(707) 766-4185Cell
gene.giannam...@abideinternational.com
www.abideinternational.com


-Original Message-
From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Monday, April 27, 2009 4:07 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

It has been our experience that while the technical issues of MAC's
can be resolved, most issues come from the MAC users themselves.
Having got themselves a little exception to the overall IT policy,
they will often refuse to play nice with things like storing files on
network shares which are backed up.  Consume support resources with
their custom needs the drain your teams time.  Make constant snide
comments about Windows and support and get really irritable when you
produce the article clearly showing it was a MAC issue.

The last time we looked at 'some groups' needs, there were Windows
versions of all the applications available but they were able to
maintain their separate resource stance.  Of course we were all
sympathy when they lost a major amount of data do to their refusal to
play nice with corporate IT policy.

Of course, I may be biased.

Steven

On Mon, Apr 27, 2009 at 12:24 PM, Jonathan Link  wrote:
> I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and can
> launch the windows version of Outlook for the full integrated email
> experience.
>
>
> On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman  wrote:
>>
>> I'm being asked to investigate the use of a few MAC's in our network. I
>> know that it would be only used by a few of our staff for graphics and a few
>> other apps. I'm concerned about the ability of a MAC to interface into our
>> network and Exchange Server email.Obviously we would purchase new machines,
>> so they could be dual boot machines. I'm also aware of virtualization, but
>> haven't looked into that as of yet. Any suggestions, warnings or concerns
>> from anyone with this kind of experience would be greatly appreciated.
>>
>>
>> Murray
>>
>>
>>
>>
>>
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Sean Martin]

We support Macs for our Marketing department. I don't believe we deal with
too many issues, but that's probably because most of their productivity
applications are delivered via Citrix. We use ExtremeZ-IP from Group Logics
to handle file sharing from a Windows 2003 server.

I guess I would put the responsibility on the requestor to prove why a PC
solution would not be sufficient. I've heard in the past that Macs were
superior for Graphic Design, Video editing, etc., but is that really the
case anymore? As someone else pointed out, most of the applications (or
comparable applications) these days are available for PC.

I'm all for catering to the business needs of users, but sometimes a line
has to be drawn in an effort to streamline your support guidelines. Are you,
or do you have someone on staff, experienced with Macs in an AD environment
(I'm assuming you're running AD)? If not, you should be able to make a case
for equipment standards.

- Sean
On Mon, Apr 27, 2009 at 3:06 PM, Steven Peck  wrote:

> It has been our experience that while the technical issues of MAC's
> can be resolved, most issues come from the MAC users themselves.
> Having got themselves a little exception to the overall IT policy,
> they will often refuse to play nice with things like storing files on
> network shares which are backed up.  Consume support resources with
> their custom needs the drain your teams time.  Make constant snide
> comments about Windows and support and get really irritable when you
> produce the article clearly showing it was a MAC issue.
>
> The last time we looked at 'some groups' needs, there were Windows
> versions of all the applications available but they were able to
> maintain their separate resource stance.  Of course we were all
> sympathy when they lost a major amount of data do to their refusal to
> play nice with corporate IT policy.
>
> Of course, I may be biased.
>
> Steven
>
> On Mon, Apr 27, 2009 at 12:24 PM, Jonathan Link 
> wrote:
> > I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and
> can
> > launch the windows version of Outlook for the full integrated email
> > experience.
> >
> >
> > On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman 
> wrote:
> >>
> >> I'm being asked to investigate the use of a few MAC's in our network. I
> >> know that it would be only used by a few of our staff for graphics and a
> few
> >> other apps. I'm concerned about the ability of a MAC to interface into
> our
> >> network and Exchange Server email.Obviously we would purchase new
> machines,
> >> so they could be dual boot machines. I'm also aware of virtualization,
> but
> >> haven't looked into that as of yet. Any suggestions, warnings or
> concerns
> >> from anyone with this kind of experience would be greatly appreciated.
> >>
> >>
> >> Murray
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Ben Schorr]

Yes, that was exactly our experience as well.  Every month there was some new 
special Mac app that they just HAD to have working and that our helpdesk staff 
had never heard of before.

So we had to spend resources getting up to speed with and supporting an 
application that only one user (out of 50+) was going to use and even then the 
business case for that app was a little tenuous I thought.

And, naturally every now and then one of these special-case apps apparently 
broke his legitimate business apps and that meant even more support time 
sitting at his Mac trying to get everything working again. He'd complain about 
all of the problems, but the guys in the offices next to his, running standard 
Dell PCs on the same network, just got their work done day after day with few 
if any problems.

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com
b...@rolandschorr.com
Twitter: http://www.twitter.com/bschorr


-Original Message-
From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Monday, April 27, 2009 1:07 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

It has been our experience that while the technical issues of MAC's
can be resolved, most issues come from the MAC users themselves.
Having got themselves a little exception to the overall IT policy,
they will often refuse to play nice with things like storing files on
network shares which are backed up.  Consume support resources with
their custom needs the drain your teams time.  Make constant snide
comments about Windows and support and get really irritable when you
produce the article clearly showing it was a MAC issue.

The last time we looked at 'some groups' needs, there were Windows
versions of all the applications available but they were able to
maintain their separate resource stance.  Of course we were all
sympathy when they lost a major amount of data do to their refusal to
play nice with corporate IT policy.

Of course, I may be biased.

Steven

On Mon, Apr 27, 2009 at 12:24 PM, Jonathan Link  wrote:
> I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and can
> launch the windows version of Outlook for the full integrated email
> experience.
>
>
> On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman  wrote:
>>
>> I'm being asked to investigate the use of a few MAC's in our network. I
>> know that it would be only used by a few of our staff for graphics and a few
>> other apps. I'm concerned about the ability of a MAC to interface into our
>> network and Exchange Server email.Obviously we would purchase new machines,
>> so they could be dual boot machines. I'm also aware of virtualization, but
>> haven't looked into that as of yet. Any suggestions, warnings or concerns
>> from anyone with this kind of experience would be greatly appreciated.
>>
>>
>> Murray
>>
>>
>>
>>
>>
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Ken Schaefer]

Auditing is stored in the SACL not the DACL right?

I was going to recommend icacls.exe which has a /remove switch, but I think it 
only does DACLs not SACLs

Cheers
Ken


From: Ziots, Edward [ezi...@lifespan.org]
Sent: Tuesday, 28 April 2009 6:27 AM
To: NT System Admin Issues
Subject: RE: script to add auditing

I think the sdeny will setup a deny acl, but unless you can combine with
/revoke switch that might not be possible...

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

-Original Message-
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Monday, April 27, 2009 1:28 PM
To: NT System Admin Issues
Subject: RE: script to add auditing

Can Subinacl remove a single entry from the audit list? I've looked
through the documentation, but I don't see a way to do this. I know the
/audit switch will wipe the list out entirely.

Thanks,

Chris
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spotted this a couple of days ago...

[Ken Schaefer]

Hi,

I was talking about full-disk encryption like Tru-Crypt (rather than hard disk 
based systems that ask for passwords prior to booting).

Does this defeat Bitlocker? or Tru-Crypt?

Cheers
Ken


From: Mike Gill [lis...@canbyfoursquare.com]
Sent: Tuesday, 28 April 2009 4:27 AM
To: NT System Admin Issues
Subject: RE: Spotted this a couple of days ago...

Just tested on Vista. Works as advertised. Also worked on me e6500 with the
hard drive ATA password set. Apparently, the password is asked for before
the boot devices are offered, so the drive is already unlocked by the time
you tell it to boot from CD. It didn't work with my Ubuntu install on a
separate partition of the same machine however.

--
Mike Gill

-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Sunday, April 26, 2009 8:05 PM
To: NT System Admin Issues
Subject: RE: Spotted this a couple of days ago...

The tool's website says you need to boot from the CD or Floppy disk.

I suspect that type of tool is not going to get around Bitlocker-ed
partitions, or other similar types of full-disk encryption.

Cheers
Ken



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~