RE: Password Policy - - how do you handle this?

[Ken Schaefer]

My question was rhetorical.

Cheers
Ken


From: Raper, Jonathan [jra...@eaglemds.com]
Sent: Wednesday, 29 April 2009 2:34 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

Walk over to them and slap them? :)

Seriously… Under Global Security Group Policy… (you are using GPOs, right?1?) 
enforce minimum password age (which removes their right to change their 
password on demand more than once every X number of days), combined with…cannot 
repeat any of the last Y passwords, combined with password change required 
every Z days.

Where X, Y, & Z are numbers that you choose to meet your internal security 
requirements. Just make sure that X is less than Z!


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Tuesday, April 28, 2009 11:59 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

How do you stop someone changing their password 5/10/20 times in a couple of 
minutes, so as to get back to their "preferred" password?

Cheers
Ken


From: Micheal Espinola Jr [michealespin...@gmail.com]
Sent: Wednesday, 29 April 2009 3:11 AM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?
IMO the history is a lot more important than the min age.

--
ME2

On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe 
mailto:jlo...@guardianalarm.com>> wrote:

Actually, it’s a good security. If used with history, a minimum age prevents 
users from changing passwords the history length to get their preferred 
password back.



Ie.

qwerty -> qwertu

qwertu -> qwerty

qwerty -> qwerto

qwerto -> qwertp

qwertp -> qwerty





From: Micheal Espinola Jr 
[mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 11:50 AM

To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?



What is the theory behind this password age?



Other people I know don't wash after visiting the restroom.  Just because I 
know or work with them doesn't mean I'd ever shake their hand.

--
ME2

On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.



We have users that forget their passwords every other day (Don’t ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says “Must change password on next logon”



I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.



Security guy says “Not having that set is a bad idea, other companies do it, 
make it happen”



How do you guys deal with this?



Thanks

Jeremy






Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Password Policy - - how do you handle this?

[Micheal Espinola Jr]

Set a much larger history.

--
ME2


On Tue, Apr 28, 2009 at 11:59 PM, Ken Schaefer  wrote:

>  How do you stop someone changing their password 5/10/20 times in a couple
> of minutes, so as to get back to their "preferred" password?
>
> Cheers
> Ken
>
>  --
> *From:* Micheal Espinola Jr [michealespin...@gmail.com]
> *Sent:* Wednesday, 29 April 2009 3:11 AM
> *To:* NT System Admin Issues
> *Subject:* Re: Password Policy - - how do you handle this?
>
>  IMO the history is a lot more important than the min age.
>
> --
> ME2
>
>
> On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe wrote:
>
>>  Actually, it’s a good security. If used with history, a minimum age
>> prevents users from changing passwords the history length to get their
>> preferred password back.
>>
>>
>>
>> Ie.
>>
>> qwerty -> qwertu
>>
>> qwertu -> qwerty
>>
>> qwerty -> qwerto
>>
>> qwerto -> qwertp
>>
>> qwertp -> qwerty
>>
>>
>>
>>
>>
>> *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
>> *Sent:* Tuesday, April 28, 2009 11:50 AM
>>
>> *To:* NT System Admin Issues
>>  *Subject:* Re: Password Policy - - how do you handle this?
>>
>>
>>
>> What is the theory behind this password age?
>>
>>
>>
>> Other people I know don't wash after visiting the restroom.  Just because
>> I know or work with them doesn't mean I'd ever shake their hand.
>>
>> --
>> ME2
>>
>>   On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
>> wrote:
>>
>> The security guy is insisting that we set the Min Password Age to 1 day.
>> I agree in theory that this is a swell idea, but in practice, I think it
>> will be a disaster.
>>
>>
>>
>> We have users that forget their passwords every other day (Don’t ask) and
>> company politics that are going to let this bad habit continue.  Admins
>> reset the password, and set the flag that says “Must change password on next
>> logon”
>>
>>
>>
>> I say, that the user will never get prompted to reset the next time they
>> login, or that changing it will fail, because the password is now less than
>> one day old.
>>
>>
>>
>> Security guy says “Not having that set is a bad idea, other companies do
>> it, make it happen”
>>
>>
>>
>> How do you guys deal with this?
>>
>>
>>
>> Thanks
>>
>> Jeremy
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Raper, Jonathan]

Walk over to them and slap them? :)

Seriously... Under Global Security Group Policy... (you are using GPOs, 
right?1?) enforce minimum password age (which removes their right to change 
their password on demand more than once every X number of days), combined 
with...cannot repeat any of the last Y passwords, combined with password change 
required every Z days.

Where X, Y, & Z are numbers that you choose to meet your internal security 
requirements. Just make sure that X is less than Z!


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Tuesday, April 28, 2009 11:59 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

How do you stop someone changing their password 5/10/20 times in a couple of 
minutes, so as to get back to their "preferred" password?

Cheers
Ken


From: Micheal Espinola Jr [michealespin...@gmail.com]
Sent: Wednesday, 29 April 2009 3:11 AM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?
IMO the history is a lot more important than the min age.

--
ME2

On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe 
mailto:jlo...@guardianalarm.com>> wrote:

Actually, it's a good security. If used with history, a minimum age prevents 
users from changing passwords the history length to get their preferred 
password back.



Ie.

qwerty -> qwertu

qwertu -> qwerty

qwerty -> qwerto

qwerto -> qwertp

qwertp -> qwerty





From: Micheal Espinola Jr 
[mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 11:50 AM

To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?



What is the theory behind this password age?



Other people I know don't wash after visiting the restroom.  Just because I 
know or work with them doesn't mean I'd ever shake their hand.

--
ME2

On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.



We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"



I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.



Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"



How do you guys deal with this?



Thanks

Jeremy






Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Password Policy - - how do you handle this?

[Kurt Buff]

You don't, but users are too lazy to do that, normally - I except
certain classes of users, such as engineers and tech writers, who are
often OCD anyway.

They usually have the attention span of gnats, too, which is why a
24-hour waiting period to change passwords is just as
important/effective.



On Tue, Apr 28, 2009 at 20:59, Ken Schaefer  wrote:
> How do you stop someone changing their password 5/10/20 times in a couple of
> minutes, so as to get back to their "preferred" password?
>
> Cheers
> Ken
>
> 
> From: Micheal Espinola Jr [michealespin...@gmail.com]
> Sent: Wednesday, 29 April 2009 3:11 AM
> To: NT System Admin Issues
> Subject: Re: Password Policy - - how do you handle this?
>
> IMO the history is a lot more important than the min age.
>
> --
> ME2
>
>
> On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe 
> wrote:
>>
>> Actually, it’s a good security. If used with history, a minimum age
>> prevents users from changing passwords the history length to get their
>> preferred password back.
>>
>>
>>
>> Ie.
>>
>> qwerty -> qwertu
>>
>> qwertu -> qwerty
>>
>> qwerty -> qwerto
>>
>> qwerto -> qwertp
>>
>> qwertp -> qwerty
>>
>>
>>
>>
>>
>> From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
>> Sent: Tuesday, April 28, 2009 11:50 AM
>>
>> To: NT System Admin Issues
>> Subject: Re: Password Policy - - how do you handle this?
>>
>>
>>
>> What is the theory behind this password age?
>>
>>
>>
>> Other people I know don't wash after visiting the restroom.  Just because
>> I know or work with them doesn't mean I'd ever shake their hand.
>>
>> --
>> ME2
>>
>> On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
>> wrote:
>>
>> The security guy is insisting that we set the Min Password Age to 1 day.
>> I agree in theory that this is a swell idea, but in practice, I think it
>> will be a disaster.
>>
>>
>>
>> We have users that forget their passwords every other day (Don’t ask) and
>> company politics that are going to let this bad habit continue.  Admins
>> reset the password, and set the flag that says “Must change password on next
>> logon”
>>
>>
>>
>> I say, that the user will never get prompted to reset the next time they
>> login, or that changing it will fail, because the password is now less than
>> one day old.
>>
>>
>>
>> Security guy says “Not having that set is a bad idea, other companies do
>> it, make it happen”
>>
>>
>>
>> How do you guys deal with this?
>>
>>
>>
>> Thanks
>>
>> Jeremy
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re[2]: IE8 and the add dcom storage setting

[Joe User]

Hello Wolf,

Tuesday, April 28, 2009, 7:23:43 PM, you wrote:

> My google-fu is strong

> http://www.microsoft.com/windows/internet-explorer/readiness/developers-new.aspx#dom


Let Me Google That For You . Com
http://lmgtfy.com/


-- 
Regards,
 joeuser - Still looking for the 'any' key...

"...now these points of data make a beautiful line..."


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Ken Schaefer]

How do you stop someone changing their password 5/10/20 times in a couple of 
minutes, so as to get back to their "preferred" password?

Cheers
Ken


From: Micheal Espinola Jr [michealespin...@gmail.com]
Sent: Wednesday, 29 April 2009 3:11 AM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?

IMO the history is a lot more important than the min age.

--
ME2


On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe 
mailto:jlo...@guardianalarm.com>> wrote:

Actually, it’s a good security. If used with history, a minimum age prevents 
users from changing passwords the history length to get their preferred 
password back.



Ie.

qwerty -> qwertu

qwertu -> qwerty

qwerty -> qwerto

qwerto -> qwertp

qwertp -> qwerty





From: Micheal Espinola Jr 
[mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 11:50 AM

To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?



What is the theory behind this password age?



Other people I know don't wash after visiting the restroom.  Just because I 
know or work with them doesn't mean I'd ever shake their hand.

--
ME2


On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.



We have users that forget their passwords every other day (Don’t ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says “Must change password on next logon”



I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.



Security guy says “Not having that set is a bad idea, other companies do it, 
make it happen”



How do you guys deal with this?



Thanks

Jeremy

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Word 2007 docx password cracker?

[gsweers]

I am not aware of one, we had one that we sent up to a brute force
service that hacked it in about a week.   Not overly complicated
password but not something we would have guessed on our own.  

 

Greg

 

From: RM [mailto:r...@richardmay.net] 
Sent: Tuesday, April 28, 2009 10:35 PM
To: NT System Admin Issues
Subject: Word 2007 docx password cracker?

 

Anyone here ever used one?  We've got a couple of Word docx documents
that the (unreachable) ex-employees had password protected.

 

thx,

RM

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Word 2007 docx password cracker?

[RM]

Anyone here ever used one?  We've got a couple of Word docx
documents that the (unreachable) ex-employees had password
protected.

thx,
RM

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: What is Vmware thinking?

[Dean Cunningham]

Lokss like it's just ESX 4 withw a new name and features and different price
points...ho hum... a bit like windows 7... :)

On Thu, Apr 23, 2009 at 6:34 PM, Benjamin Zachary - Lists <
li...@levelfive.us> wrote:

>  No, looks like a product bundle with the new buzzword.
>
>
>
> *From:* Ziots, Edward [mailto:ezi...@lifespan.org]
> *Sent:* Tuesday, April 21, 2009 4:10 PM
> *To:* NT System Admin Issues
> *Subject:* What is Vmware thinking?
>
>
>
> http://www.vmware.com/products/vsphere/
>
>
>
> As an Avid Fan of Vmware and big user of the technology, it seems they are
> going the market, and mass confusion route to though something that is no
> further along than Vaporware. Eight different offers for ESX? Are they
> taking a licensing tip from M$ trying to generate more revenue under the
> guise of Cloud computing?
>
>
>
> Does anyone in the ESX server space see this in a different light than I am
> seeing it as first read?
>
>
>
> Z
>
>
>
>
>
> Edward Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
>
> ezi...@lifespan.org
>
> Phone:401-639-3505
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: IE8 and the add dcom storage setting

[Dean Cunningham]

Doh, thank you master, I have made an appointment with the eye doctor DOM
not DCOM



On Wed, Apr 29, 2009 at 12:23 PM, Wolf  wrote:

> My google-fu is strong
>
>
> http://www.microsoft.com/windows/internet-explorer/readiness/developers-new.aspx#dom
>
>
>
> On Tue, Apr 28, 2009 at 5:08 PM, Dean Cunningham <
> dean.cunning...@gmail.com> wrote:
>
>> Hi,
>> Anyone know what this setting is for. I have googled for it but cannot
>> seem to find any reference
>>
>> It is on by default
>>
>> its in Internet options/advanced tab/security
>>
>> cheers
>> Dean
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: IE8 and the add dcom storage setting

[Wolf]

My google-fu is strong

http://www.microsoft.com/windows/internet-explorer/readiness/developers-new.aspx#dom



On Tue, Apr 28, 2009 at 5:08 PM, Dean Cunningham
wrote:

> Hi,
> Anyone know what this setting is for. I have googled for it but cannot seem
> to find any reference
>
> It is on by default
>
> its in Internet options/advanced tab/security
>
> cheers
> Dean
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

IE8 and the add dcom storage setting

[Dean Cunningham]

Hi,
Anyone know what this setting is for. I have googled for it but cannot seem
to find any reference

It is on by default

its in Internet options/advanced tab/security

cheers
Dean

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Dean Cunningham]

lets try that again

1. for general internet use. if compromised will it matter (e.g. this gamil
account only used for mailign lists)
2. more serious internet use (ebay and other sites that could cause me a bit
of trouble (ie bidding on things i don't want and my reputation being
sullied)
3. internet banking etc. (compromise means i just lost money,job total
reputation)

each are based on an alogrithim .

e.g.
1. a word or two with maybe using 3 for E etc maybe increment by a number at
each change
2. a different word or saying always using 3 @# %
3. a complex arrangement of letters that never chaneg, unless I want to
all memorised

for work, any password, complex with a copy in the safe on usb key and
hardcopy. If my memory fails the safe is the
 next place



On Wed, Apr 29, 2009 at 11:55 AM, Dean Cunningham  wrote:

> I (for personal use) have 3 levels of password "series" or "alogritim"
> based on sensitivity
> 1.
>
>   On Wed, Apr 29, 2009 at 5:33 AM, Jonathan Link 
> wrote:
>
>> I thought I'd hijack this thread and ask how others manage the myriad
>> passwords they have.
>>
>> I did something crazy when I got to 10+ passwords, I started writing them
>> down.  I have two lists, one is a list of sites, the other is a list of
>> passwords.  The list of sites is stored in my network share, the passwords
>> are actually stored in a handwritten note in my wallet.  Neither us useful
>> without the other, and in the event I'm mugged for my wallet, I have a
>> relatively convenient listing of all the myriad passwords I need to set
>> about changing.  And to answer a question, no, my work account password
>> isnt' stored anywhere except in my head.  I've also found I'm much less
>> likely to recycle a password accidentally using this method.
>>
>> I have no idea where I came up with this, I doubt I'm creative enough to
>> think of this on my own.
>>
>> -Jonathan
>>
>> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>>
>>> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
>>> wrote:
>>> > Passowrd Policy is that password expires after 90 days, 10 passwords
>>> > remembered, Min Password age 0.  On the 89th day the user changes their
>>> > password 11 times back to the expiring password.  Changein the Min
>>> password
>>> > age to 1 would prevent that from happening.
>>>
>>>  That's it exactly.
>>>
>>>  For some of our government interest systems, it's min age 7 days, 24
>>> passwords remembered.  That's about half a year's worth of weekly
>>> password cycling to reuse the same password.  Also max age 90 days, 12
>>> character minimum, complexity checking enabled.  There are several
>>> such systems, and you're not supposed to use the same passwords across
>>> multiple systems.  Oy, passwords coming out my ears.
>>>
>>> -- Ben
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>>
>>
>>
>>
>>
>>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Dean Cunningham]

I (for personal use) have 3 levels of password "series" or "alogritim" based
on sensitivity
1.

On Wed, Apr 29, 2009 at 5:33 AM, Jonathan Link wrote:

> I thought I'd hijack this thread and ask how others manage the myriad
> passwords they have.
>
> I did something crazy when I got to 10+ passwords, I started writing them
> down.  I have two lists, one is a list of sites, the other is a list of
> passwords.  The list of sites is stored in my network share, the passwords
> are actually stored in a handwritten note in my wallet.  Neither us useful
> without the other, and in the event I'm mugged for my wallet, I have a
> relatively convenient listing of all the myriad passwords I need to set
> about changing.  And to answer a question, no, my work account password
> isnt' stored anywhere except in my head.  I've also found I'm much less
> likely to recycle a password accidentally using this method.
>
> I have no idea where I came up with this, I doubt I'm creative enough to
> think of this on my own.
>
> -Jonathan
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>
>> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
>> wrote:
>> > Passowrd Policy is that password expires after 90 days, 10 passwords
>> > remembered, Min Password age 0.  On the 89th day the user changes their
>> > password 11 times back to the expiring password.  Changein the Min
>> password
>> > age to 1 would prevent that from happening.
>>
>>  That's it exactly.
>>
>>  For some of our government interest systems, it's min age 7 days, 24
>> passwords remembered.  That's about half a year's worth of weekly
>> password cycling to reuse the same password.  Also max age 90 days, 12
>> character minimum, complexity checking enabled.  There are several
>> such systems, and you're not supposed to use the same passwords across
>> multiple systems.  Oy, passwords coming out my ears.
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Kurt Buff]

On Tue, Apr 28, 2009 at 16:29, Ben Scott  wrote:
> On Tue, Apr 28, 2009 at 7:02 PM, Kurt Buff  wrote:
>>>Of course, the private key is kept on that same
>>> removable media.  I've got a strong passphrase, but XKCD "Security"
>>> applies (http://xkcd.com/538/).
>>
>> XKCD, meet Rubber Hose Deniability:
>
>  The problem is, if you deny you have anything, they'll just keep
> beating you until you break (one way or the other).  Deniability is
> only useful if you can convince someone you have nothing to hide.  If
> people are torturing you to reveal your secrets, they almost certainly
> have already concluded you have something of value.  Like telling a
> mugger you don't have any money.  Even if it's true, he won't believe
> you, and that generally ends badly for you.
>
>  One can posit sacrificial assets, of course.  Give up something of
> lesser value (wallet) but keep the higher value item (money belt).
>
>  But, frankly, in the real world, they'll just bug your
> equipment/office to capture everything they need as you use it.
>
>  Crowley's Law also applies.  :-)
>
> -- Ben

As Schneier has said, encryption is like a huge spike in the middle of
the road. Very impressive, but most will drive right around it...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Ben Scott]

On Tue, Apr 28, 2009 at 7:02 PM, Kurt Buff  wrote:
>>Of course, the private key is kept on that same
>> removable media.  I've got a strong passphrase, but XKCD "Security"
>> applies (http://xkcd.com/538/).
>
> XKCD, meet Rubber Hose Deniability:

  The problem is, if you deny you have anything, they'll just keep
beating you until you break (one way or the other).  Deniability is
only useful if you can convince someone you have nothing to hide.  If
people are torturing you to reveal your secrets, they almost certainly
have already concluded you have something of value.  Like telling a
mugger you don't have any money.  Even if it's true, he won't believe
you, and that generally ends badly for you.

  One can posit sacrificial assets, of course.  Give up something of
lesser value (wallet) but keep the higher value item (money belt).

  But, frankly, in the real world, they'll just bug your
equipment/office to capture everything they need as you use it.

  Crowley's Law also applies.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: NAC - Network Access Control

[Klint Price - ArizonaITPro]

This may be a bit off topic, but what level of obscurity is removed by 
the general public knowing what NAC devices get installed at Liberty 
Bank.  I would think you would want that to remain a black box to the 
good and bad on this list :O)

Klint


Burgess, Jeffrey wrote:
>
>  
>
>  Anyone here using a NAC solution?
>
>  
>
>  What are you using and how do you like it?
>
>  
>
>  I'm looking at a few but would like to see what others are using and 
> how they like it.
>
>  Specifically in how useful it is for out of band devices (Devices not 
> owned by your company, I.E. Vendor laptops etc...)
>
>  
>
>  I like ForeScout so far and I'm also looking at Cisco and 
> Symantec.What do you have?
>
>  
>
>  
>
> Jeffrey T. Burgess
> Sr. Systems Engineer
> Liberty Bank
> 315 Main St.
> Middletown CT, 06457
> (860) 704-2196
> jburg...@liberty-bank.com
> "Ambition is the last refuge of failure." - Oscar Wilde
>
>  
>
> **
>
> Unless you have received this email through the Liberty Bank secure 
> email system, before you respond, please consider that any unencrypted 
> e-mail that is sent to us is not secure. If you send regular e-mail to 
> Liberty Bank, please do not include any private or confidential 
> information such as social security numbers, unlisted telephone 
> numbers, bank account numbers, personal income information, user 
> names, passwords, etc. If you need to provide us with such 
> information, please telephone us at (888)570-0773 during business 
> hours or write to us at 315 Main St. Middletown, CT 06457.
>
>  
>
> The information transmitted is intended only for the person or entity 
> to which it is addressed and may contain confidential and/or 
> privileged material. If you are not the intended recipient of this 
> message you are hereby notified that any use, review, retransmission, 
> dissemination, distribution, reproduction or any action taken in 
> reliance upon this message is prohibited and may be unlawful. If you 
> received this in error, please contact the sender and delete the 
> material from any computer without disclosing it. Any views expressed 
> in this message are those of the individual sender and may not 
> necessarily reflect the views of the Bank. Thank you.
>
> **
>
>  
>
>  
>
>  


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Kurt Buff]

On Tue, Apr 28, 2009 at 15:27, Ben Scott  wrote:

>Of course, the private key is kept on that same
> removable media.  I've got a strong passphrase, but XKCD "Security"
> applies (http://xkcd.com/538/).


XKCD, meet Rubber Hose Deniability:

http://en.wikipedia.org/wiki/Deniable_encryption

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Steven Peck]

I do not miss tape loaders.  I had a C64 with a tape drive (ARG!).
Saved money from my paper route and bought a floppy drive.  I so
wanted a C128 but never got it.  Eventually I got an Amiga 1000.

TRS80s (floppy drives that ate the disks) in school with Apple II, II+ and IIe

Steven


On Tue, Apr 28, 2009 at 3:18 PM, Gene Giannamore
 wrote:
> I miss loading games on my dad's trs80 model 1 from cassette. I also miss 
> modifying the basic code for the star trek game, and storing it back to 
> cassette. That was right after I learned basic on the vic20, in junior high.
>
>
>
>
> Gene Giannamore
> Abide International Inc.
> Technical Support
> 561 1st Street West
> Sonoma,Ca.95476
> (707) 935-1577    Office
> (707) 935-9387    Fax
> (707) 766-4185    Cell
> gene.giannam...@abideinternational.com
> www.abideinternational.com
>
>
>
> -Original Message-
> From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
> Sent: Tuesday, April 28, 2009 11:45 AM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
> Ahh, backing up to 25 x 5 ¼'s using xcopy in Dos 6.22
>
> That was a step up from reel to reel.  I bet it was more fun to watch them 
> spin though..
>
>
>
> Greg
>
>
>
> From: Don Guyer [mailto:don.gu...@prufoxroach.com]
> Sent: Tuesday, April 28, 2009 2:20 PM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I'll never forget my first computer-related job and that room-long Data 
> General mainframe. Probably was x-times slower than most workstations today. 
> I miss reel-to-reel backup tapes.
>
>
>
> J
>
>
>
> Don Guyer
>
> Systems Engineer - Information Services
>
> Prudential, Fox & Roach/Trident Group
>
> 431 W. Lancaster Avenue
>
> Devon, PA 19333
>
> Direct: (610) 993-3299
>
> Fax: (610) 650-5306
>
> don.gu...@prufoxroach.com
>
>
>
> From: Sean Rector [mailto:sean.rec...@vaopera.org]
> Sent: Tuesday, April 28, 2009 2:08 PM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Commodore PET & CBM - that's how I rolled back in the day.
>
>
>
> My 1st look at a computer was looking in on the Interdata main frame at my 
> dad's office.  He was in sales at Interdata, and after they were bought out 
> by Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.
>
>
>
> Sean Rector, MCSE
>
>
>
> From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
> Sent: Tuesday, April 28, 2009 2:04 PM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Ti-994a..Thats how we rolled back then.
>
>
>
> From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
> Sent: Tuesday, April 28, 2009 1:51 PM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I miss Commodore.
>
>
>
> But don't get me started down Memory Lane.
>
>
>
>
>
> From: Cameron Cooper [mailto:ccoo...@aurico.com]
> Sent: Tuesday, April 28, 2009 1:06 PM
> To: NT System Admin Issues
> Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Although. back in the day Amigas were the tool of choice.
>
>
>
> _
>
> Cameron Cooper
>
> IT Director - CompTIA A+ Certified
>
> Aurico Reports, Inc
>
> Phone: 847-890-4021    Fax: 847-255-1896
>
> ccoo...@aurico.com
>
>
>
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail:         sean.rec...@vaopera.org 
> Phone:        (757) 213-4548 (direct line)
> {+}
>
> Virginia Opera's 35th Anniversary Season   The One 
> You Love
> Celebrate with a 2009-2010 Subscription: La Bohème 
>  , The Daughter of the 
> Regiment  , Don 
> Giovanni   and Porgy 
> and BessSM 
> Visit us online at www.vaopera.org   or call 
> 1-866-OPERA-VA
>
> 
>
> This e-mail and any attached files are confidential and intended solely for 
> the intended recipient(s). Unless otherwise specified, persons unnamed as 
> recipients may not read, distribute, copy or alter this e-mail. Any views or 
> opinions expressed in this e-mail belong to the author and may not 
> necessarily represent those of Virginia Opera. Although precautions have been 
> taken to ensure no viruses are present, Virginia Opera cannot accept 
> responsibility for any loss or damage that may arise from the use of this 
> e-mail or attachments.
>
> {*}
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ 

Re: Wierd connectivity issue

[Ben Scott]

On Tue, Apr 28, 2009 at 2:05 PM, Joe Heaton  wrote:
> I opened a DOS prompt, tried pinging the server, and get a Host cannot be
> found error.

  Things to try:

* Try PING by all of {short DNS name, FQDN, NetBIOS name, IP address}
and compare results
* Use NSLOOKUP to see what DNS thinks is going on
* Use NBTSTAT to see what NetBIOS thinks is going on
* Look at "IPCONFIG /ALL"; compare to the working computer

  If none of those help you, describe how you've got name resolution
configured.  That would include:

* What is your AD domain name?
* What DNS nameserver(s) do you have the clients configured to use?
** What are those DNS servers (e.g., your DCs, ISP nameservers, etc.)?
* Is NetBIOS-over-TCP/IP enabled?
** If so, are you using WINS?
*** If so, are the WINS servers all replicating to each other?
*** If not, are all computers on the same IP subnet (broadcast domain)?

  In particular: Don't ever (*EVER!*) configure clients to use
nameservers at Internet providers if you're using a private
(undelegated) DNS zone for your AD domain name.  Not even as
"Secondary DNS".  That can cause the
works-mostly-but-occasionally-stops-working-for-a-little-while problem
you describe.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Dell PE2950 - SBS 2003

[Stefan Jafs]

I finally got it working used the DELL start-up CD and installed Windows 2003 
then booted with the SBS CD and blow away the W2k3 install.

__
Stefan Jafs

From: Pete Howard [mailto:pchow...@yahoo.com]
Sent: April-28-09 2:56 PM
To: NT System Admin Issues
Subject: Re: Dell PE2950 - SBS 2003

Install SMS 2003 ?  Its been a while so I dont remember all the steps but its 
not your typical smooth installation. I would try deleting the raid group and 
then reapply. Then skip the OS setup section because it writes an unattended 
answer file that SBS may not like.


From: Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 4:43:14 PM
Subject: RE: Dell PE2950 - SBS 2003
Yes but I cat get it to boot from CD#1, SBS 2003 R2 Premium Edition! I 
downloaded CD#! from TechNet same problem
Could it be something stupid, like I would have to install SMS 2003 first?

___
Stefan Jafs

From: Pete Howard [mailto:pchow...@yahoo.com]
Sent: Monday, April 27, 2009 4:30 PM
To: NT System Admin Issues
Subject: Re: Dell PE2950 - SBS 2003


It will definately work. I have an SBS03 instance thats been running on a Dell  
2850 perc4e\dc for over 3 years. Just had to supply the perc drivers during the 
SBS install


From: Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 3:35:24 PM
Subject: RE: Dell PE2950 - SBS 2003
Ok �m getting a new image from TechNet.
My outside consultant wanted 15 ��� 20 hours and I said what are you crazy 
I can do it in a few hours myself, maybe he is not so crazy after all!

___
Stefan Jafs

From: Art DeKneef [mailto:art.dekn...@cox.net]
Sent: Monday, April 27, 2009 3:16 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Not correct. And th���s an old article. While I�t speak to 
the PE2850 I have installed on a basic PE 800 or 850 (I d��t remember) 
and a PE1950. These were lab installs and not at customer sites. Downloaded all 
the drivers, updated all firmware and installed from the SBS CDs.

I remember having an issue with CD#1 some time ago. For me it was a bad CD#1. 
Used another CD and it work fine.

Art

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003


http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867

Could that be correct?

___
Stefan Jafs

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Sorry is an PE2850 and I just spoke to Dell support, SMS is not 
supported on the 2850, th��s why it���s not an option on the CD.
Sm getting the PERC drivers however now I c���t boot from 
the SMS disk #1, getting error:
NTLDR not found looks like it does not want to boot from  the CD#1!

___
Stefan Jafs

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Its actually an Option to select SBS 2003 as the OS.  If you are selecting 2003 
Server as the OS install option that will not work.  I have done it at least a 
few dozen times.


From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

It does not work keeps insisting that the SBS is not the 2003 CD!
I downloaded the latest version, I guess I have to Download the PERC drivers 
and start from the SBS C�


___
Stefan Jafs

From: Michael Ross [mailto:mr...@itwif.com]
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003

Just choose server 2003

From: Stefan Jafs [mailto:sj...@amico.com]
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003

I have an old PE 2950 that I want to install SBS on, I downloaded  the 
latesInstallation and Se4rver Manage CD, however SBS is not 
part of any of the selectable ���es.
Can an not use the Dell Startup disk?

Any ideas?
___
Stefan Jafs


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email o

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Ben Scott]

On Tue, Apr 28, 2009 at 5:15 PM, James Winzenz  wrote:
> ... the database is triple encrypted for added security ...

  Triple encrypted!  Wow, that's three times as good as regular
encryption!  /SARCASM  :-)  I'm looking at their website, and their
security explanation seems bogus.  They invite an independent audit,
but don't publish any real details about the security kernel, so
there's nothing to audit.  The diagram doesn't explain what those
arrows mean, and without such the diagram is nonsensical.  It smells
like security snake oil to me.  Note that this doesn't mean they're
trying to swindle anyone, just that the their public claims regarding
their security design are suspect.  For all I know they hired Bruce
Schneier to write their security kernel, but if so they're
surprisingly tight-lipped about it.

http://en.wikipedia.org/wiki/Snake_oil_(cryptography)

  FWIW: For personal use, I keep passwords protecting low-value
resources in text files or in my browser's password-saving mechanism.
Moderately sensitive passwords get recorded in text files stored on a
USB flash drive and normally kept unmounted.  I've never felt a need
to, but if I had something really sensitive, I'd encrypt it using
GnuPG (PGP).  Of course, the private key is kept on that same
removable media.  I've got a strong passphrase, but XKCD "Security"
applies (http://xkcd.com/538/).

  At work, the more sensitive corporate passwords (e.g., domain admin)
are recorded on paper log sheets, which are kept in a locked file
cabinet in a locked office.  They are never kept in an electronic
file.  (Obviously, the hashes are stored in the authentication
database, but that's not the same thing.)

  For systems under government security jurisdiction, keeping
passwords anywhere but in your head is generally prohibited.  Should
it be allowed, any password record must be protected to a level
commensurate with the information the password protects.  So if you
write down a password on a Post-It Note, and that password protects
TOP SECRET information, then the Post-It Note should thus be protected
as TOP SECRET.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Gene Giannamore]

I miss loading games on my dad's trs80 model 1 from cassette. I also miss 
modifying the basic code for the star trek game, and storing it back to 
cassette. That was right after I learned basic on the vic20, in junior high.




Gene Giannamore
Abide International Inc.
Technical Support
561 1st Street West
Sonoma,Ca.95476
(707) 935-1577Office
(707) 935-9387Fax
(707) 766-4185Cell
gene.giannam...@abideinternational.com
www.abideinternational.com



-Original Message-
From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Tuesday, April 28, 2009 11:45 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Ahh, backing up to 25 x 5 ¼'s using xcopy in Dos 6.22

That was a step up from reel to reel.  I bet it was more fun to watch them spin 
though..

 

Greg

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Tuesday, April 28, 2009 2:20 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I'll never forget my first computer-related job and that room-long Data General 
mainframe. Probably was x-times slower than most workstations today. I miss 
reel-to-reel backup tapes.

 

J

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Commodore PET & CBM - that's how I rolled back in the day.

 

My 1st look at a computer was looking in on the Interdata main frame at my 
dad's office.  He was in sales at Interdata, and after they were bought out by 
Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.

 

Sean Rector, MCSE

 

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Ti-994a..Thats how we rolled back then.  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I miss Commodore.

 

But don't get me started down Memory Lane.

 

 

From: Cameron Cooper [mailto:ccoo...@aurico.com] 
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Although. back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com

 
 

 

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: NAC - Network Access Control

[Jim Dandy]

I've implemented Microsoft's Network Access Protection with VPN and
Terminal Server Gateway.  I don't have much experience with it at this
point but it seems to work well.  I'm considering also using it on my
LAN.  You can use DHCP, IPSec or 802.1x enforcement.  See

 

http://blogs.technet.com/nap/archive/2007/04/26/updated-nap-step-by-step
-guides-for-longhorn-beta-3.aspx

 

for links to the step-by-step guides.

 

Curt Finley

 

From: Burgess, Jeffrey [mailto:jburg...@liberty-bank.com] 
Sent: Tuesday, April 28, 2009 8:13 AM
To: NT System Admin Issues
Subject: NAC - Network Access Control

 

 

 Anyone here using a NAC solution?

 

 What are you using and how do you like it?

 

 I'm looking at a few but would like to see what others are using and
how they like it.

 Specifically in how useful it is for out of band devices (Devices not
owned by your company, I.E. Vendor laptops etc...)

 

 I like ForeScout so far and I'm also looking at Cisco and Symantec.
What do you have?

 

 

Jeffrey T. Burgess
Sr. Systems Engineer
Liberty Bank
315 Main St.
Middletown CT, 06457
(860) 704-2196
jburg...@liberty-bank.com 
"Ambition is the last refuge of failure." - Oscar Wilde 

 

**

Unless you have received this email through the Liberty Bank secure
email system, before you respond, please consider that any unencrypted
e-mail that is sent to us is not secure. If you send regular e-mail to
Liberty Bank, please do not include any private or confidential
information such as social security numbers, unlisted telephone numbers,
bank account numbers, personal income information, user names,
passwords, etc. If you need to provide us with such information, please
telephone us at (888)570-0773 during business hours or write to us at
315 Main St. Middletown, CT 06457.

 

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the intended recipient of this message you are
hereby notified that any use, review, retransmission, dissemination,
distribution, reproduction or any action taken in reliance upon this
message is prohibited and may be unlawful. If you received this in
error, please contact the sender and delete the material from any
computer without disclosing it. Any views expressed in this message are
those of the individual sender and may not necessarily reflect the views
of the Bank. Thank you. 

**

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Office 2007 SP2 Out now

[Michael Hoffman]

Well what more can I say 

Downloaded, installed, and .msp files added to the Office folder for 
slipstreaming. Today really is a day for patching.
Remember to get those other patches for Groove, Sharepoint etc.

Mike


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[David Lum]

51?  :)  True geeks chewed on tubes that used to be in radios, TV's etc :-P


Dave

From: Murray Freeman [mailto:mfree...@alanet.org]
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

As usual, these discussions go off topic, but I appreciate all the answers so 
far. But as long as we're going back into history, I remember cutting my teeth 
on IBM 604 machines, programming by wiring boards. then on to the more 
"sophisticated machines like the 7070 and the famous 1401. BTW, I still have a 
Commodore 64 at home in storage. I guess I should add that I've been in the 
computer field for nearly 50 years, so I'll just let you guys guess my age! LOL


Murray



From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 1:46 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
Oh man...prior to Interdata, he was at DG - at that time, he was designing the 
boards being put in them.

Sean Rector, MCSE

From: Don Guyer [mailto:don.gu...@prufoxroach.com]
Sent: Tuesday, April 28, 2009 2:20 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I'll never forget my first computer-related job and that room-long Data General 
mainframe. Probably was x-times slower than most workstations today. I miss 
reel-to-reel backup tapes...

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Commodore PET & CBM - that's how I rolled back in the day...

My 1st look at a computer was looking in on the Interdata main frame at my 
dad's office.  He was in sales at Interdata, and after they were bought out by 
Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.

Sean Rector, MCSE

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Ti-994a..Thats how we rolled back then.

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I miss Commodore.

But don't get me started down Memory Lane...


From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Although... back in the day Amigas were the tool of choice.

_
Cameron Cooper
IT Director - CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021Fax: 847-255-1896
ccoo...@aurico.com












Information Technology Manager
Virginia Opera Association

E-Mail: sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
Virginia Opera's 35th Anniversary Season The One You 
Love
Celebrate with a 2009-2010 Subscription: La 
Bohème, The Daughter of 
the Regiment, Don 
Giovanni and Porgy and 
BessSM
Visit us online at www.vaopera.org or call 
1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[David Lum]

ACK!   My first tech job was running nightly batch jobs, tweaking the JCL's to 
get the reports to sequence a nth better, and swapping reel-to-reels...

From: Don Guyer [mailto:don.gu...@prufoxroach.com]
Sent: Tuesday, April 28, 2009 11:20 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I'll never forget my first computer-related job and that room-long Data General 
mainframe. Probably was x-times slower than most workstations today. I miss 
reel-to-reel backup tapes...

:)

Don Guyer
Systems Engineer - Information Services
Prudential, Fox & Roach/Trident Group
431 W. Lancaster Avenue
Devon, PA 19333
Direct: (610) 993-3299
Fax: (610) 650-5306
don.gu...@prufoxroach.com

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Commodore PET & CBM - that's how I rolled back in the day...

My 1st look at a computer was looking in on the Interdata main frame at my 
dad's office.  He was in sales at Interdata, and after they were bought out by 
Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.

Sean Rector, MCSE

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Ti-994a..Thats how we rolled back then.

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I miss Commodore.

But don't get me started down Memory Lane...


From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Although... back in the day Amigas were the tool of choice.

_
Cameron Cooper
IT Director - CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021Fax: 847-255-1896
ccoo...@aurico.com












Information Technology Manager
Virginia Opera Association

E-Mail: sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
Virginia Opera's 35th Anniversary Season The One You 
Love
Celebrate with a 2009-2010 Subscription: La 
Bohème, The Daughter of 
the Regiment, Don 
Giovanni and Porgy and 
BessSM
Visit us online at www.vaopera.org or call 
1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[James Winzenz]

Oh yeah, and the database is triple encrypted for added security, and if you go 
with AD integration for the authentication, users have to synchronize their old 
and new AD passwords when they log in to prevent malicious tampering with a 
user's account.

Thanks,

James Winzenz
Infrastructure Systems Engineer II - Security
Pulte Homes Information Services

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Tuesday, April 28, 2009 2:07 PM
To: NT System Admin Issues
Subject: Re: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

How much for this?

I've been longing for a decent (any!) OSS heirarchical password
manager, where the super user has access to all passwords, and other
have access to only the passwords they've been granted.

Haven't found one yet.

On Tue, Apr 28, 2009 at 10:40, James Winzenz  wrote:
> We use a web-based tool called Enterprise Password Safe.  It allows us to
> store both personal passwords as well as passwords for service accounts that
> need to be shared between groups of IS employees.  It can use either its own
> authentication mechanism or active directory authentication for accessing
> the website.  As it does not effectively tie into other systems, it is not
> an enterprise password manager (which we would prefer, but too expensive),
> but it does a good job for the price.
>
>
>
> http://www.enterprise-password-safe.com/
>
>
>
> Thanks,
>
>
>
> James Winzenz
>
> Infrastructure Systems Engineer II - Security
>
> Pulte Homes Information Services
>
> 
>
> From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> Sent: Tuesday, April 28, 2009 10:33 AM
> To: NT System Admin Issues
> Subject: Managing your passwords was (RE:Password Policy - - how do you
> handle this?)
>
>
>
> I thought I'd hijack this thread and ask how others manage the myriad
> passwords they have.
>
>
>
> I did something crazy when I got to 10+ passwords, I started writing them
> down.  I have two lists, one is a list of sites, the other is a list of
> passwords.  The list of sites is stored in my network share, the passwords
> are actually stored in a handwritten note in my wallet.  Neither us useful
> without the other, and in the event I'm mugged for my wallet, I have a
> relatively convenient listing of all the myriad passwords I need to set
> about changing.  And to answer a question, no, my work account password
> isnt' stored anywhere except in my head.  I've also found I'm much less
> likely to recycle a password accidentally using this method.
>
>
>
> I have no idea where I came up with this, I doubt I'm creative enough to
> think of this on my own.
>
>
>
> -Jonathan
>
>
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>
> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
> wrote:
>> Passowrd Policy is that password expires after 90 days, 10 passwords
>> remembered, Min Password age 0.  On the 89th day the user changes their
>> password 11 times back to the expiring password.  Changein the Min
>> password
>> age to 1 would prevent that from happening.
>
>  That's it exactly.
>
>  For some of our government interest systems, it's min age 7 days, 24
> passwords remembered.  That's about half a year's worth of weekly
> password cycling to reuse the same password.  Also max age 90 days, 12
> character minimum, complexity checking enabled.  There are several
> such systems, and you're not supposed to use the same passwords across
> multiple systems.  Oy, passwords coming out my ears.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
> material for the sole use of the intended recipient(s). Any review, use,
> distribution or disclosure by others is strictly prohibited. If you have
> received this communication in error, please notify the sender immediately
> by email and delete the message and any file attachments from your computer.
> Thank you.
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


CONFIDENTIALITY NOTICE:  This email may contain confidential and privileged 
material for the sole use of the intended recipient(s).  Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately by 
email and delete the message and any file attachments from your computer.  
Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Sharepoint assistance needed...

[Eustace "Doc"]

I may be missing something simple, but it's got me bagged.


   - Sharepoint Server 2.0
   - Only the default site is enabled.
   - Users from another domain are accessing the web site and after getting
   authenticated,
   - When they use the server name they keep getting prompted for
   authentication no matter where they go on the site.
   - If they user the IP address they do NOT get prompted again for
   authentication.

Can someone point me in the right direction?
Is it a DNS issue? If so what?

Thanks in advance,
DOC

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Micheal Espinola Jr]

Ditto.  Pay for it.  Go Pro, and go Portable.  It will change your life.

--
ME2


On Tue, Apr 28, 2009 at 1:53 PM, lists  wrote:

> +1  manage over 2000 passwords and such.
>
> -Original Message-
> From: Andy Ognenoff [mailto:andyognen...@gmail.com]
> Sent: Tuesday, April 28, 2009 12:41 PM
> To: NT System Admin Issues
> Subject: RE: Managing your passwords was (RE:Password Policy - - how do you
> handle this?)
>
> Take a look at Roboform Pro.  You'll never look back.  I use it for
> managing
> over 250 different passwords - all completely different, and using the
> maximum complexity the site in question allows. For those passwords that
> aren't for web sites (service accounts, application accounts, etc.) I just
> use a Safenote and look them up when needed - all encrypted. I don't think
> I
> could function anymore without it.  (And you can print your list of
> passwords to keep in a safe somewhere too.)
>
>  - Andy O.
> 
> From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> Sent: Tuesday, April 28, 2009 11:33 AM
> To: NT System Admin Issues
> Subject: Managing your passwords was (RE:Password Policy - - how do you
> handle this?)
>
> I thought I'd hijack this thread and ask how others manage the myriad
> passwords they have.
>
> I did something crazy when I got to 10+ passwords, I started writing them
> down.  I have two lists, one is a list of sites, the other is a list of
> passwords.  The list of sites is stored in my network share, the passwords
> are actually stored in a handwritten note in my wallet.  Neither us useful
> without the other, and in the event I'm mugged for my wallet, I have a
> relatively convenient listing of all the myriad passwords I need to set
> about changing.  And to answer a question, no, my work account password
> isnt' stored anywhere except in my head.  I've also found I'm much less
> likely to recycle a password accidentally using this method.
>
> I have no idea where I came up with this, I doubt I'm creative enough to
> think of this on my own.
>
> -Jonathan
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
> wrote:
> > Passowrd Policy is that password expires after 90 days, 10 passwords
> > remembered, Min Password age 0.  On the 89th day the user changes their
> > password 11 times back to the expiring password.  Changein the Min
> password
> > age to 1 would prevent that from happening.
>  That's it exactly.
>
>  For some of our government interest systems, it's min age 7 days, 24
> passwords remembered.  That's about half a year's worth of weekly
> password cycling to reuse the same password.  Also max age 90 days, 12
> character minimum, complexity checking enabled.  There are several
> such systems, and you're not supposed to use the same passwords across
> multiple systems.  Oy, passwords coming out my ears.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[James Winzenz]

For US Dollars:

$45/user license (minimum 5, I think,)
$1100 support
$1100 software maintenance

http://www.enterprise-password-safe.com/order_enter_USD.php

They may also have discounts for large numbers of licenses - I don't remember 
how much we paid, but we definitely like it.  We actually have separate 
accounts for our own passwords, plus admin accounts to allow us to perform 
setup and admin-type functions.  Oh, and you can also designate users as 
"password administrators" for their folders, which allows them to be able to 
add, edit and delete passwords for their folder only, plus they can set the 
permissions themselves (we have had to work on training even our IT users on 
this to make sure they are using it properly).  All in all, a pretty cool tool 
for what it does.  We are hoping to be able to move up to a real password 
manager that can integrate with all our systems and automatically change 
system/service account passwords at some point, but can't yet justify the 100K+ 
for one.

Thanks,

James Winzenz
Infrastructure Systems Engineer II - Security
Pulte Homes Information Services

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Tuesday, April 28, 2009 2:07 PM
To: NT System Admin Issues
Subject: Re: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

How much for this?

I've been longing for a decent (any!) OSS heirarchical password
manager, where the super user has access to all passwords, and other
have access to only the passwords they've been granted.

Haven't found one yet.

On Tue, Apr 28, 2009 at 10:40, James Winzenz  wrote:
> We use a web-based tool called Enterprise Password Safe.  It allows us to
> store both personal passwords as well as passwords for service accounts that
> need to be shared between groups of IS employees.  It can use either its own
> authentication mechanism or active directory authentication for accessing
> the website.  As it does not effectively tie into other systems, it is not
> an enterprise password manager (which we would prefer, but too expensive),
> but it does a good job for the price.
>
>
>
> http://www.enterprise-password-safe.com/
>
>
>
> Thanks,
>
>
>
> James Winzenz
>
> Infrastructure Systems Engineer II - Security
>
> Pulte Homes Information Services
>
> 
>
> From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> Sent: Tuesday, April 28, 2009 10:33 AM
> To: NT System Admin Issues
> Subject: Managing your passwords was (RE:Password Policy - - how do you
> handle this?)
>
>
>
> I thought I'd hijack this thread and ask how others manage the myriad
> passwords they have.
>
>
>
> I did something crazy when I got to 10+ passwords, I started writing them
> down.  I have two lists, one is a list of sites, the other is a list of
> passwords.  The list of sites is stored in my network share, the passwords
> are actually stored in a handwritten note in my wallet.  Neither us useful
> without the other, and in the event I'm mugged for my wallet, I have a
> relatively convenient listing of all the myriad passwords I need to set
> about changing.  And to answer a question, no, my work account password
> isnt' stored anywhere except in my head.  I've also found I'm much less
> likely to recycle a password accidentally using this method.
>
>
>
> I have no idea where I came up with this, I doubt I'm creative enough to
> think of this on my own.
>
>
>
> -Jonathan
>
>
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>
> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
> wrote:
>> Passowrd Policy is that password expires after 90 days, 10 passwords
>> remembered, Min Password age 0.  On the 89th day the user changes their
>> password 11 times back to the expiring password.  Changein the Min
>> password
>> age to 1 would prevent that from happening.
>
>  That's it exactly.
>
>  For some of our government interest systems, it's min age 7 days, 24
> passwords remembered.  That's about half a year's worth of weekly
> password cycling to reuse the same password.  Also max age 90 days, 12
> character minimum, complexity checking enabled.  There are several
> such systems, and you're not supposed to use the same passwords across
> multiple systems.  Oy, passwords coming out my ears.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
> material for the sole use of the intended recipient(s). Any review, use,
> distribution or disclosure by others is strictly prohibited. If you have
> received this communication in error, please notify the sender immediately
> by email and delete the message and any file attachments from your computer.
> Thank you.
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ 

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Kurt Buff]

How much for this?

I've been longing for a decent (any!) OSS heirarchical password
manager, where the super user has access to all passwords, and other
have access to only the passwords they've been granted.

Haven't found one yet.

On Tue, Apr 28, 2009 at 10:40, James Winzenz  wrote:
> We use a web-based tool called Enterprise Password Safe.  It allows us to
> store both personal passwords as well as passwords for service accounts that
> need to be shared between groups of IS employees.  It can use either its own
> authentication mechanism or active directory authentication for accessing
> the website.  As it does not effectively tie into other systems, it is not
> an enterprise password manager (which we would prefer, but too expensive),
> but it does a good job for the price.
>
>
>
> http://www.enterprise-password-safe.com/
>
>
>
> Thanks,
>
>
>
> James Winzenz
>
> Infrastructure Systems Engineer II - Security
>
> Pulte Homes Information Services
>
> 
>
> From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> Sent: Tuesday, April 28, 2009 10:33 AM
> To: NT System Admin Issues
> Subject: Managing your passwords was (RE:Password Policy - - how do you
> handle this?)
>
>
>
> I thought I'd hijack this thread and ask how others manage the myriad
> passwords they have.
>
>
>
> I did something crazy when I got to 10+ passwords, I started writing them
> down.  I have two lists, one is a list of sites, the other is a list of
> passwords.  The list of sites is stored in my network share, the passwords
> are actually stored in a handwritten note in my wallet.  Neither us useful
> without the other, and in the event I'm mugged for my wallet, I have a
> relatively convenient listing of all the myriad passwords I need to set
> about changing.  And to answer a question, no, my work account password
> isnt' stored anywhere except in my head.  I've also found I'm much less
> likely to recycle a password accidentally using this method.
>
>
>
> I have no idea where I came up with this, I doubt I'm creative enough to
> think of this on my own.
>
>
>
> -Jonathan
>
>
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>
> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
> wrote:
>> Passowrd Policy is that password expires after 90 days, 10 passwords
>> remembered, Min Password age 0.  On the 89th day the user changes their
>> password 11 times back to the expiring password.  Changein the Min
>> password
>> age to 1 would prevent that from happening.
>
>  That's it exactly.
>
>  For some of our government interest systems, it's min age 7 days, 24
> passwords remembered.  That's about half a year's worth of weekly
> password cycling to reuse the same password.  Also max age 90 days, 12
> character minimum, complexity checking enabled.  There are several
> such systems, and you're not supposed to use the same passwords across
> multiple systems.  Oy, passwords coming out my ears.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
> material for the sole use of the intended recipient(s). Any review, use,
> distribution or disclosure by others is strictly prohibited. If you have
> received this communication in error, please notify the sender immediately
> by email and delete the message and any file attachments from your computer.
> Thank you.
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Kurt Buff]

Password Safe, or Keepass - and I believe each has a version available for PDAs.

On Tue, Apr 28, 2009 at 10:33, Jonathan Link  wrote:
>
> I thought I'd hijack this thread and ask how others manage the myriad 
> passwords they have.
>
> I did something crazy when I got to 10+ passwords, I started writing them 
> down.  I have two lists, one is a list of sites, the other is a list of 
> passwords.  The list of sites is stored in my network share, the passwords 
> are actually stored in a handwritten note in my wallet.  Neither us useful 
> without the other, and in the event I'm mugged for my wallet, I have a 
> relatively convenient listing of all the myriad passwords I need to set about 
> changing.  And to answer a question, no, my work account password isnt' 
> stored anywhere except in my head.  I've also found I'm much less likely to 
> recycle a password accidentally using this method.
>
> I have no idea where I came up with this, I doubt I'm creative enough to 
> think of this on my own.
>
> -Jonathan
>
> On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
>>
>> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson  
>> wrote:
>> > Passowrd Policy is that password expires after 90 days, 10 passwords
>> > remembered, Min Password age 0.  On the 89th day the user changes their
>> > password 11 times back to the expiring password.  Changein the Min password
>> > age to 1 would prevent that from happening.
>>
>>  That's it exactly.
>>
>>  For some of our government interest systems, it's min age 7 days, 24
>> passwords remembered.  That's about half a year's worth of weekly
>> password cycling to reuse the same password.  Also max age 90 days, 12
>> character minimum, complexity checking enabled.  There are several
>> such systems, and you're not supposed to use the same passwords across
>> multiple systems.  Oy, passwords coming out my ears.
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Jay Dale]

I used to use Password Administrator, but now experimenting with Roboform.

Jay

-Original Message-
From: Stephan Barr [mailto:stephan.b...@bdtechnology.org] On Behalf Of lists
Sent: Tuesday, April 28, 2009 12:53 PM
To: NT System Admin Issues
Subject: RE: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

+1  manage over 2000 passwords and such.

-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Tuesday, April 28, 2009 12:41 PM
To: NT System Admin Issues
Subject: RE: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

Take a look at Roboform Pro.  You'll never look back.  I use it for managing
over 250 different passwords - all completely different, and using the
maximum complexity the site in question allows. For those passwords that
aren't for web sites (service accounts, application accounts, etc.) I just
use a Safenote and look them up when needed - all encrypted. I don't think I
could function anymore without it.  (And you can print your list of
passwords to keep in a safe somewhere too.)

 - Andy O. 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Tuesday, April 28, 2009 11:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you
handle this?)

I thought I'd hijack this thread and ask how others manage the myriad
passwords they have.
 
I did something crazy when I got to 10+ passwords, I started writing them
down.  I have two lists, one is a list of sites, the other is a list of
passwords.  The list of sites is stored in my network share, the passwords
are actually stored in a handwritten note in my wallet.  Neither us useful
without the other, and in the event I'm mugged for my wallet, I have a
relatively convenient listing of all the myriad passwords I need to set
about changing.  And to answer a question, no, my work account password
isnt' stored anywhere except in my head.  I've also found I'm much less
likely to recycle a password accidentally using this method.
 
I have no idea where I came up with this, I doubt I'm creative enough to
think of this on my own.
 
-Jonathan
 
On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes their
> password 11 times back to the expiring password.  Changein the Min
password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 
 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Ralph Smith]

No, I was just saying that the minimum password age is useful in conjunction 
with enforced password history, as others have pointed out and I guess I didn't 
make clear. 

 



From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 12:13 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I think you're thinking of Enforce Password History.

 

Sean Rector, MCSE

 

From: Ralph Smith [mailto:m...@gatewayindustries.org] 
Sent: Tuesday, April 28, 2009 12:05 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I think the idea is that if you prohibit the reuse of the same password for x 
number of changes, this prevents the user from cycling through several 
consecutive changes in order to be able to use the same password they started 
with, thus defeating the policy requiring password changes.

 



From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Tuesday, April 28, 2009 11:58 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I don't think the behavior is as you expect.

 

Fire up a virtual AD and check. :-)

 

But I still think it's silly. YMMV.

 



From: Jeremy Anderson [jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:39 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

 

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

 

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

 

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

 

 

 

Confidentiality Notice:

**

This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

Confidentiality Notice: 

--



This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Vicky Spelshaus]

ahh the days of dip switches when you upgraded anything oh and later the
joy of a 24(?) disk install of Borland Office where the very last floppy was
bad.

On Tue, Apr 28, 2009 at 1:58 PM, Steve Ens  wrote:

> 24?
>
>
> On Tue, Apr 28, 2009 at 1:54 PM, Murray Freeman wrote:
>
>>  As usual, these discussions go off topic, but I appreciate all the
>> answers so far. But as long as we're going back into history, I remember
>> cutting my teeth on IBM 604 machines, programming by wiring boards. then on
>> to the more "sophisticated machines like the 7070 and the famous 1401. BTW,
>> I still have a Commodore 64 at home in storage. I guess I should add that
>> I've been in the computer field for nearly 50 years, so I'll just let you
>> guys guess my age! LOL
>>
>>
>> *Murray*
>>
>>
>>  --
>>  *From:* Sean Rector [mailto:sean.rec...@vaopera.org]
>> *Sent:* Tuesday, April 28, 2009 1:46 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>Oh man…prior to Interdata, he was at DG – at that time, he was
>> designing the boards being put in them.
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> *From:* Don Guyer [mailto:don.gu...@prufoxroach.com]
>> *Sent:* Tuesday, April 28, 2009 2:20 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>
>>
>> I’ll never forget my first computer-related job and that room-long Data
>> General mainframe. Probably was x-times slower than most workstations today.
>> I miss reel-to-reel backup tapes…
>>
>>
>>
>> J
>>
>>
>>
>> Don Guyer
>>
>> Systems Engineer - Information Services
>>
>> Prudential, Fox & Roach/Trident Group
>>
>> 431 W. Lancaster Avenue
>>
>> Devon, PA 19333
>>
>> Direct: (610) 993-3299
>>
>> Fax: (610) 650-5306
>>
>> don.gu...@prufoxroach.com
>>
>>
>>
>> *From:* Sean Rector [mailto:sean.rec...@vaopera.org]
>> *Sent:* Tuesday, April 28, 2009 2:08 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>
>>
>> Commodore PET & CBM – that’s how *I* rolled back in the day…
>>
>>
>>
>> My 1st look at a computer was looking in on the Interdata main frame at
>> my dad’s office.  He was in sales at Interdata, and after they were bought
>> out by Perkin Elmer, he sold the computer that’s in the Hubble Space
>> Telescope.
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> *From:* gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
>> *Sent:* Tuesday, April 28, 2009 2:04 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>
>>
>> Ti-994a..Thats how we rolled back then.
>>
>>
>>
>> *From:* John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
>> *Sent:* Tuesday, April 28, 2009 1:51 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>
>>
>> I miss Commodore.
>>
>>
>>
>> But don’t get me started down Memory Lane…
>>
>>
>>
>>
>>
>> *From:* Cameron Cooper [mailto:ccoo...@aurico.com]
>> *Sent:* Tuesday, April 28, 2009 1:06 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>>
>>
>>
>> Although… back in the day Amigas were the tool of choice.
>>
>>
>>
>> _
>>
>> *Cameron Cooper*
>>
>> *IT Director - CompTIA A+ Certified*
>>
>> Aurico Reports, Inc
>>
>> Phone: 847-890-4021Fax: 847-255-1896
>>
>> ccoo...@aurico.com
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Information Technology Manager
>> Virginia Opera Association
>>
>> E-Mail: sean.rec...@vaopera.org
>> Phone:(757) 213-4548 (direct line)
>> {+}
>>
>> *Virginia Opera's 35th Anniversary Season * *The
>> One You Love*
>> *Celebrate with a 2009-2010 Subscription: La 
>> Bohème,
>> The Daughter of the 
>> Regiment,
>> Don Giovanni  and Porgy
>> and BessSM *
>> Visit us online at www.vaopera.org or call 1-866-OPERA-VA
>>  --
>>
>> This e-mail and any attached files are confidential and intended solely
>> for the intended recipient(s). Unless otherwise specified, persons unnamed
>> as recipients may not read, distribute, copy or alter this e-mail. Any views
>> or opinions expressed in this e-mail belong to the author and may not
>> necessarily represent those of Virginia Opera. Although precautions have
>> been taken to ensure no viruses are present, Virginia Opera cannot accept
>> responsibility for any loss or damage that may arise from the use of this
>> e-mail or attachments.
>>
>> {*}
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>


-- 
Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

~ Finally, powerful endpoint security that ISN'T a 

RE: Installing Acrobat with GP

[Jim Dandy]

> I wrote an article on generating the customized MSI you need to push
out
> Acrobat Reader 9 and another for 9.1.  The same process works for all
> versions of Acrobat.  I tested with both Acrobat Reader and Pro.
> 
> http://www.dabcc.com/article.aspx?id=10082
> 
> Did you know that you are required to sign up for the Adobe
Distribution
> License if you are going to push out any Adobe product on your
network?

I have a distribution license for Adobe Reader.  Do I have to sign up
for another one for Adobe Pro?

> Webster

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Steve Ens]

24?

On Tue, Apr 28, 2009 at 1:54 PM, Murray Freeman  wrote:

>  As usual, these discussions go off topic, but I appreciate all the
> answers so far. But as long as we're going back into history, I remember
> cutting my teeth on IBM 604 machines, programming by wiring boards. then on
> to the more "sophisticated machines like the 7070 and the famous 1401. BTW,
> I still have a Commodore 64 at home in storage. I guess I should add that
> I've been in the computer field for nearly 50 years, so I'll just let you
> guys guess my age! LOL
>
>
> *Murray*
>
>
>  --
> *From:* Sean Rector [mailto:sean.rec...@vaopera.org]
> *Sent:* Tuesday, April 28, 2009 1:46 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>  Oh man…prior to Interdata, he was at DG – at that time, he was designing
> the boards being put in them.
>
>
>
> Sean Rector, MCSE
>
>
>
> *From:* Don Guyer [mailto:don.gu...@prufoxroach.com]
> *Sent:* Tuesday, April 28, 2009 2:20 PM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I’ll never forget my first computer-related job and that room-long Data
> General mainframe. Probably was x-times slower than most workstations today.
> I miss reel-to-reel backup tapes…
>
>
>
> J
>
>
>
> Don Guyer
>
> Systems Engineer - Information Services
>
> Prudential, Fox & Roach/Trident Group
>
> 431 W. Lancaster Avenue
>
> Devon, PA 19333
>
> Direct: (610) 993-3299
>
> Fax: (610) 650-5306
>
> don.gu...@prufoxroach.com
>
>
>
> *From:* Sean Rector [mailto:sean.rec...@vaopera.org]
> *Sent:* Tuesday, April 28, 2009 2:08 PM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Commodore PET & CBM – that’s how *I* rolled back in the day…
>
>
>
> My 1st look at a computer was looking in on the Interdata main frame at my
> dad’s office.  He was in sales at Interdata, and after they were bought out
> by Perkin Elmer, he sold the computer that’s in the Hubble Space Telescope.
>
>
>
> Sean Rector, MCSE
>
>
>
> *From:* gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net]
> *Sent:* Tuesday, April 28, 2009 2:04 PM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Ti-994a..Thats how we rolled back then.
>
>
>
> *From:* John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
> *Sent:* Tuesday, April 28, 2009 1:51 PM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I miss Commodore.
>
>
>
> But don’t get me started down Memory Lane…
>
>
>
>
>
> *From:* Cameron Cooper [mailto:ccoo...@aurico.com]
> *Sent:* Tuesday, April 28, 2009 1:06 PM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Although… back in the day Amigas were the tool of choice.
>
>
>
> _
>
> *Cameron Cooper*
>
> *IT Director - CompTIA A+ Certified*
>
> Aurico Reports, Inc
>
> Phone: 847-890-4021Fax: 847-255-1896
>
> ccoo...@aurico.com
>
>
>
>
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: sean.rec...@vaopera.org
> Phone:(757) 213-4548 (direct line)
> {+}
>
> *Virginia Opera's 35th Anniversary Season * *The
> One You Love*
> *Celebrate with a 2009-2010 Subscription: La 
> Bohème,
> The Daughter of the 
> Regiment,
> Don Giovanni  and Porgy
> and BessSM *
> Visit us online at www.vaopera.org or call 1-866-OPERA-VA
>  --
>
> This e-mail and any attached files are confidential and intended solely for
> the intended recipient(s). Unless otherwise specified, persons unnamed as
> recipients may not read, distribute, copy or alter this e-mail. Any views or
> opinions expressed in this e-mail belong to the author and may not
> necessarily represent those of Virginia Opera. Although precautions have
> been taken to ensure no viruses are present, Virginia Opera cannot accept
> responsibility for any loss or damage that may arise from the use of this
> e-mail or attachments.
>
> {*}
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Dell PE2950 - SBS 2003

[Pete Howard]

Install SMS 2003 ?  Its been a while so I dont remember all the steps but its 
not your typical smooth installation. I would try deleting the raid group and 
then reapply. Then skip the OS setup section because it writes an unattended 
answer file that SBS may not like. 






From: Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 4:43:14 PM
Subject: RE: Dell PE2950 - SBS 2003

 
Yes but I canяя™t get it to boot
from CD#1, SBS 2003 R2 Premium Edition! I downloaded CD#! from TechNet same
problem
Could it be something stupid, like
I would have to install SMS 2003 first?
 
___
Stefan Jafs
 
From:Pete Howard
[mailto:pchow...@yahoo.com] 
Sent: Monday, April 27, 2009 4:30 PM
To: NT System Admin Issues
Subject: Re: Dell PE2950 - SBS 2003
 

It will definately work. I have an SBS03 instance thats been running on
a Dell  2850 perc4e\dc for over 3 years. Just had to supply the perc
drivers during the SBS install 
 


 
From:Stefan Jafs 
To: NT System Admin Issues 
Sent: Monday, April 27, 2009 3:35:24 PM
Subject: RE: Dell PE2950 - SBS 2003
Ok яяЂ™m getting a new image from
TechNet. 
My outside consultant wanted 15
яя“ 20 hours and I said what are you crazy I can do it in a few hours myself,
maybe he is not so crazy after all! 
 
___
Stefan Jafs
 
From:Art DeKneef
[mailto:art.dekn...@cox.net] 
Sent: Monday, April 27, 2009 3:16 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Not correct. And thяявя™s an old
article. While I cяявя™t speak to the PE2850 I have installed on a basic PE 800
or 850 (I doяяЂ™t remember) and a PE1950. These were lab installs and not at
customer sites. Downloaded all the drivers, updated all firmware and installed
from the SBS CDs.
 
I remember having an issue with
CD#1 some time ago. For me it was a bad CD#1. Used another CD and it work fine.
 
Art
 
From:Stefan Jafs
[mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 12:00 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
 
http://it.toolbox.com/blogs/it-guy/sbs-and-dell-rack-servers-what-gives-7867
 
Could that be correct?
 
___
Stefan Jafs
 
From:Stefan Jafs
[mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 2:53 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Sorry itяя™s an PE2850 and I just
spoke to Dell support, SMS is not supported on the 2850, thaяяЂ™s why itяя™s 
not an
option on the CD.
Soяявя™m getting the PERC drivers
however now I cяявя™t boot from the SMS disk #1, getting error: 
NTLDR not found looks like it does
not want to boot from  the CD#1!
 
___
Stefan Jafs
 
From:gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Monday, April 27, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Its actually an Option to select
SBS 2003 as the OS.  If you are selecting 2003 Server as the OS install
option that will not work.  I have done it at least a few dozen times.
 
 
From:Stefan Jafs
[mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 1:38 PM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
It does not work keeps insisting
that the SBS is not the 2003 CD!
I downloaded the latest version,
I guess I have to Download the PERC drivers and start from the SBS CD L
 
 
___
Stefan Jafs
 
From:Michael Ross
[mailto:mr...@itwif.com] 
Sent: Monday, April 27, 2009 11:32 AM
To: NT System Admin Issues
Subject: RE: Dell PE2950 - SBS 2003
 
Just choose server 2003
 
From:Stefan Jafs
[mailto:sj...@amico.com] 
Sent: Monday, April 27, 2009 9:56 AM
To: NT System Admin Issues
Subject: Dell PE2950 - SBS 2003
 
I have an old PE 2950 that I want to install SBS on, I
downloaded  the latest яяњInstallation and Se4rver Managemeяявяќ CD, however
SBS is not part of any of the selectable яявя™es.
Can an not use the Dell Startup disk?
 
Any ideas?
___
Stefan Jafs
 
This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed in
this email are those of the author and do not represent those of the Amico
Corpoartion company. Warning: Although precautions have been taken to make sure
no viruses are present in this email, the company cannot accept responsibility
for any loss or damage that arise from the use of this email or attachments.
 
 
 
 
This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed in
this email are those of the author and do not represent those of the Amico
Corpoartion company. Warning: Although precautions have bee

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Murray Freeman]

As usual, these discussions go off topic, but I appreciate all the answers so 
far. But as long as we're going back into history, I remember cutting my teeth 
on IBM 604 machines, programming by wiring boards. then on to the more 
"sophisticated machines like the 7070 and the famous 1401. BTW, I still have a 
Commodore 64 at home in storage. I guess I should add that I've been in the 
computer field for nearly 50 years, so I'll just let you guys guess my age! LOL
 

Murray

 



From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 1:46 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT



Oh man...prior to Interdata, he was at DG - at that time, he was designing the 
boards being put in them.

 

Sean Rector, MCSE

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Tuesday, April 28, 2009 2:20 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I'll never forget my first computer-related job and that room-long Data General 
mainframe. Probably was x-times slower than most workstations today. I miss 
reel-to-reel backup tapes...

 

J

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Commodore PET & CBM - that's how I rolled back in the day...

 

My 1st look at a computer was looking in on the Interdata main frame at my 
dad's office.  He was in sales at Interdata, and after they were bought out by 
Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.

 

Sean Rector, MCSE

 

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Ti-994a..Thats how we rolled back then.  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I miss Commodore.

 

But don't get me started down Memory Lane...

 

 

From: Cameron Cooper [mailto:ccoo...@aurico.com] 
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Although... back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com

 
 

 

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Password Policy - - how do you handle this?

[Kurt Buff]

For all of the reasons discussed below, I thoroughly agree with the
security guy.

Get your users used to it, and you'll have fewer problems overall.

Kurt

On Tue, Apr 28, 2009 at 08:39, Jeremy Anderson  wrote:
> The security guy is insisting that we set the Min Password Age to 1 day.  I
> agree in theory that this is a swell idea, but in practice, I think it will
> be a disaster.
>
>
>
> We have users that forget their passwords every other day (Don’t ask) and
> company politics that are going to let this bad habit continue.  Admins
> reset the password, and set the flag that says “Must change password on next
> logon”
>
>
>
> I say, that the user will never get prompted to reset the next time they
> login, or that changing it will fail, because the password is now less than
> one day old.
>
>
>
> Security guy says “Not having that set is a bad idea, other companies do it,
> make it happen”
>
>
>
> How do you guys deal with this?
>
>
>
> Thanks
>
> Jeremy
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[gsweers]

Ahh, backing up to 25 x 5 ¼'s using xcopy in Dos 6.22

That was a step up from reel to reel.  I bet it was more fun to watch them spin 
though..

 

Greg

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Tuesday, April 28, 2009 2:20 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I'll never forget my first computer-related job and that room-long Data General 
mainframe. Probably was x-times slower than most workstations today. I miss 
reel-to-reel backup tapes...

 

J

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Commodore PET & CBM - that's how I rolled back in the day...

 

My 1st look at a computer was looking in on the Interdata main frame at my 
dad's office.  He was in sales at Interdata, and after they were bought out by 
Perkin Elmer, he sold the computer that's in the Hubble Space Telescope.

 

Sean Rector, MCSE

 

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Ti-994a..Thats how we rolled back then.  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I miss Commodore.

 

But don't get me started down Memory Lane...

 

 

From: Cameron Cooper [mailto:ccoo...@aurico.com] 
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Although... back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com

 
 

 

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Roger Wright]

Password Corral

 

http://www.cygnusproductions.com/freeware/pc.asp

   

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

_  

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Tuesday, April 28, 2009 1:33 PM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you
handle this?)

 

I thought I'd hijack this thread and ask how others manage the myriad
passwords they have.

 

I did something crazy when I got to 10+ passwords, I started writing
them down.  I have two lists, one is a list of sites, the other is a
list of passwords.  The list of sites is stored in my network share, the
passwords are actually stored in a handwritten note in my wallet.
Neither us useful without the other, and in the event I'm mugged for my
wallet, I have a relatively convenient listing of all the myriad
passwords I need to set about changing.  And to answer a question, no,
my work account password isnt' stored anywhere except in my head.  I've
also found I'm much less likely to recycle a password accidentally using
this method.

 

I have no idea where I came up with this, I doubt I'm creative enough to
think of this on my own.

 

-Jonathan

 

On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:

On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes
their
> password 11 times back to the expiring password.  Changein the Min
password
> age to 1 would prevent that from happening.

 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Sean Rector]

Commodore PET & CBM - that's how I rolled back in the day...

 

My 1st look at a computer was looking in on the Interdata main frame at
my dad's office.  He was in sales at Interdata, and after they were
bought out by Perkin Elmer, he sold the computer that's in the Hubble
Space Telescope.

 

Sean Rector, MCSE

 

From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] 
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Ti-994a..Thats how we rolled back then.  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I miss Commodore.

 

But don't get me started down Memory Lane...

 

 

From: Cameron Cooper [mailto:ccoo...@aurico.com] 
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Although... back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com

 
 

 

 

 

 

Virginia Opera's 35th Anniversary Season The One You Love
Celebrate with a 2009-2010 Subscription: La Boh?me, The Daughter of the 
Regiment, Don Giovanni and Porgy and BessSM 
Visit us online at www.vaopera.org or call 1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[John Hornbuckle]

Bah.

I traded up to a C-128.




From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Tuesday, April 28, 2009 2:04 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Oh the good ol days of the Commodore 64 and SX-64.

_
Cameron Cooper
IT Director - CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021Fax: 847-255-1896
ccoo...@aurico.com

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Tuesday, April 28, 2009 12:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I miss Commodore.

But don't get me started down Memory Lane...


From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Although... back in the day Amigas were the tool of choice.

_
Cameron Cooper
IT Director - CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021Fax: 847-255-1896
ccoo...@aurico.com













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Wierd connectivity issue

[Christopher Bodnar]

After you tried to PING the server did you do an NSLOOKUP? What were the
results? If you ping the server by IP address what happens? TRACERT to the
server? 

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

  _  

From: Joe Heaton [mailto:jhea...@etp.ca.gov] 
Sent: Tuesday, April 28, 2009 2:06 PM
To: NT System Admin Issues
Subject: Wierd connectivity issue

 

We have an app, that has a couple of drive mappings involved with it to
make it work.  I have a user that came to me today, saying that the app
was working this morning, but stopped responding about 20 minutes ago.  He
said the same thing happened yesterday, at about the same time.
Yesterday, he let it sit for about 15 minutes or so, and the app started
responding again.

 

I went to his desk, tried to open the mappings through My Computer and got
an error message:  blah, blah blah.  The device name is already in use.

 

I opened a DOS prompt, tried pinging the server, and get a Host cannot be
found error.  Pinging the domain controller works.  He's able to access
e-mail fine, the file server fine, able to print, etc.  Just the
connection to this specific server is gone.  Someone sitting about 15 feet
away is able to access the application just fine.

 

Instinctively, I want to say something is wrong with DNS, just because of
the old adage, everything is related to DNS.  But I just don't understand
this.

 

Any advice/tips/suggestions are very much welcome.

 

Thanks,

 

Joe Heaton

AISA

Employment Training Panel

1100 J Street, 4th Floor

Sacramento, CA  95814

(916) 327-5276

jhea...@etp.ca.gov

 

 

 



-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Cameron Cooper]

Oh the good ol days of the Commodore 64 and SX-64.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 12:51 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I miss Commodore.

 

But don't get me started down Memory Lane...

 

 

From: Cameron Cooper [mailto:ccoo...@aurico.com] 
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Although... back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com

 
 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Sam Cayze]

+1 on Roboform.

I also have an Excel Spreadsheet will all my passwords/bank accounts/etc in 
Excel, which is stored in a TrueCrypt volume, accessible via DropBox.

-Sam



-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Tuesday, April 28, 2009 12:41 PM
To: NT System Admin Issues
Subject: RE: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

Take a look at Roboform Pro.  You'll never look back.  I use it for managing 
over 250 different passwords - all completely different, and using the maximum 
complexity the site in question allows. For those passwords that aren't for web 
sites (service accounts, application accounts, etc.) I just use a Safenote and 
look them up when needed - all encrypted. I don't think I could function 
anymore without it.  (And you can print your list of passwords to keep in a 
safe somewhere too.)

 - Andy O. 

From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Tuesday, April 28, 2009 11:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you handle 
this?)

I thought I'd hijack this thread and ask how others manage the myriad passwords 
they have.
 
I did something crazy when I got to 10+ passwords, I started writing them 
down.  I have two lists, one is a list of sites, the other is a list of 
passwords.  The list of sites is stored in my network share, the passwords are 
actually stored in a handwritten note in my wallet.  Neither us useful without 
the other, and in the event I'm mugged for my wallet, I have a relatively 
convenient listing of all the myriad passwords I need to set about changing.  
And to answer a question, no, my work account password isnt' stored anywhere 
except in my head.  I've also found I'm much less likely to recycle a password 
accidentally using this method.
 
I have no idea where I came up with this, I doubt I'm creative enough to think 
of this on my own.
 
-Jonathan
 
On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords 
> remembered, Min Password age 0.  On the 89th day the user changes 
> their password 11 times back to the expiring password.  Changein the 
> Min
password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24 passwords 
remembered.  That's about half a year's worth of weekly password cycling to 
reuse the same password.  Also max age 90 days, 12 character minimum, 
complexity checking enabled.  There are several such systems, and you're not 
supposed to use the same passwords across multiple systems.  Oy, passwords 
coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

 
 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[lists]

+1  manage over 2000 passwords and such.

-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Tuesday, April 28, 2009 12:41 PM
To: NT System Admin Issues
Subject: RE: Managing your passwords was (RE:Password Policy - - how do you 
handle this?)

Take a look at Roboform Pro.  You'll never look back.  I use it for managing
over 250 different passwords - all completely different, and using the
maximum complexity the site in question allows. For those passwords that
aren't for web sites (service accounts, application accounts, etc.) I just
use a Safenote and look them up when needed - all encrypted. I don't think I
could function anymore without it.  (And you can print your list of
passwords to keep in a safe somewhere too.)

 - Andy O. 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Tuesday, April 28, 2009 11:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you
handle this?)

I thought I'd hijack this thread and ask how others manage the myriad
passwords they have.
 
I did something crazy when I got to 10+ passwords, I started writing them
down.  I have two lists, one is a list of sites, the other is a list of
passwords.  The list of sites is stored in my network share, the passwords
are actually stored in a handwritten note in my wallet.  Neither us useful
without the other, and in the event I'm mugged for my wallet, I have a
relatively convenient listing of all the myriad passwords I need to set
about changing.  And to answer a question, no, my work account password
isnt' stored anywhere except in my head.  I've also found I'm much less
likely to recycle a password accidentally using this method.
 
I have no idea where I came up with this, I doubt I'm creative enough to
think of this on my own.
 
-Jonathan
 
On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes their
> password 11 times back to the expiring password.  Changein the Min
password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 
 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[John Hornbuckle]

I miss Commodore.

But don't get me started down Memory Lane...


From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Tuesday, April 28, 2009 1:06 PM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Although... back in the day Amigas were the tool of choice.

_
Cameron Cooper
IT Director - CompTIA A+ Certified
Aurico Reports, Inc
Phone: 847-890-4021Fax: 847-255-1896
ccoo...@aurico.com





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[James Winzenz]

We use a web-based tool called Enterprise Password Safe.  It allows us to store 
both personal passwords as well as passwords for service accounts that need to 
be shared between groups of IS employees.  It can use either its own 
authentication mechanism or active directory authentication for accessing the 
website.  As it does not effectively tie into other systems, it is not an 
enterprise password manager (which we would prefer, but too expensive), but it 
does a good job for the price.

http://www.enterprise-password-safe.com/


Thanks,



James Winzenz

Infrastructure Systems Engineer II - Security

Pulte Homes Information Services


From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Tuesday, April 28, 2009 10:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you handle 
this?)

I thought I'd hijack this thread and ask how others manage the myriad passwords 
they have.

I did something crazy when I got to 10+ passwords, I started writing them down. 
 I have two lists, one is a list of sites, the other is a list of passwords.  
The list of sites is stored in my network share, the passwords are actually 
stored in a handwritten note in my wallet.  Neither us useful without the 
other, and in the event I'm mugged for my wallet, I have a relatively 
convenient listing of all the myriad passwords I need to set about changing.  
And to answer a question, no, my work account password isnt' stored anywhere 
except in my head.  I've also found I'm much less likely to recycle a password 
accidentally using this method.

I have no idea where I came up with this, I doubt I'm creative enough to think 
of this on my own.

-Jonathan

On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott 
mailto:mailvor...@gmail.com>> wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes their
> password 11 times back to the expiring password.  Changein the Min password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~







CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited. If you have 
received this communication in error, please notify the sender immediately by 
email and delete the message and any file attachments from your computer. Thank 
you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Andy Ognenoff]

Take a look at Roboform Pro.  You’ll never look back.  I use it for managing
over 250 different passwords – all completely different, and using the
maximum complexity the site in question allows. For those passwords that
aren’t for web sites (service accounts, application accounts, etc.) I just
use a Safenote and look them up when needed - all encrypted. I don’t think I
could function anymore without it.  (And you can print your list of
passwords to keep in a safe somewhere too.)

 - Andy O. 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Tuesday, April 28, 2009 11:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you
handle this?)

I thought I'd hijack this thread and ask how others manage the myriad
passwords they have.
 
I did something crazy when I got to 10+ passwords, I started writing them
down.  I have two lists, one is a list of sites, the other is a list of
passwords.  The list of sites is stored in my network share, the passwords
are actually stored in a handwritten note in my wallet.  Neither us useful
without the other, and in the event I'm mugged for my wallet, I have a
relatively convenient listing of all the myriad passwords I need to set
about changing.  And to answer a question, no, my work account password
isnt' stored anywhere except in my head.  I've also found I'm much less
likely to recycle a password accidentally using this method.
 
I have no idea where I came up with this, I doubt I'm creative enough to
think of this on my own.
 
-Jonathan
 
On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes their
> password 11 times back to the expiring password.  Changein the Min
password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 
 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Micheal Espinola Jr]

Its all about the UI, and Mac's have an exceptional one. It very functional,
and the graphics, layers, transitions, effects, always look flawless.
 Creative/artsy people love it.  I appreciate it.

--
ME2


On Tue, Apr 28, 2009 at 1:05 PM, Cameron Cooper  wrote:

>  IMO I agree that Macs can be great for graphics/video.. but the pc has
> made some really good strides to match that… if not take over that area.
>
>
>
> _
>
> *Cameron Cooper*
>
> *IT Director - CompTIA A+ Certified*
>
> Aurico Reports, Inc
>
> Phone: 847-890-4021Fax: 847-255-1896
>
> ccoo...@aurico.com
>
>
>
> *From:* John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
> *Sent:* Tuesday, April 28, 2009 8:01 AM
> *To:* NT System Admin Issues
> *Subject:* RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> Not to my knowledge, but I’m open to correction.
>
>
>
>
>
>
>
> John Hornbuckle
>
> MIS Department
>
> Taylor County School District
>
> 318 North Clark Street
>
> Perry, FL 32347
>
>
>
> www.taylor.k12.fl.us
>
>
>
>
>
>
>
> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
> *Sent:* Monday, April 27, 2009 7:28 PM
> *To:* NT System Admin Issues
> *Subject:* Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I've heard in the past that Macs were superior for Graphic Design, Video
> editing, etc., but is that really the case anymore?
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Tim Evans]

http://keepass.info/

There are others too, but this is what I use and you can't beat the price.


...Tim

From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Tuesday, April 28, 2009 10:33 AM
To: NT System Admin Issues
Subject: Managing your passwords was (RE:Password Policy - - how do you handle 
this?)

I thought I'd hijack this thread and ask how others manage the myriad passwords 
they have.

I did something crazy when I got to 10+ passwords, I started writing them down. 
 I have two lists, one is a list of sites, the other is a list of passwords.  
The list of sites is stored in my network share, the passwords are actually 
stored in a handwritten note in my wallet.  Neither us useful without the 
other, and in the event I'm mugged for my wallet, I have a relatively 
convenient listing of all the myriad passwords I need to set about changing.  
And to answer a question, no, my work account password isnt' stored anywhere 
except in my head.  I've also found I'm much less likely to recycle a password 
accidentally using this method.

I have no idea where I came up with this, I doubt I'm creative enough to think 
of this on my own.

-Jonathan

On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott 
mailto:mailvor...@gmail.com>> wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0.  On the 89th day the user changes their
> password 11 times back to the expiring password.  Changein the Min password
> age to 1 would prevent that from happening.
 That's it exactly.

 For some of our government interest systems, it's min age 7 days, 24
passwords remembered.  That's about half a year's worth of weekly
password cycling to reuse the same password.  Also max age 90 days, 12
character minimum, complexity checking enabled.  There are several
such systems, and you're not supposed to use the same passwords across
multiple systems.  Oy, passwords coming out my ears.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Cameron Cooper]

Although... back in the day Amigas were the tool of choice.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 8:01 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Not to my knowledge, but I'm open to correction.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

318 North Clark Street

Perry, FL 32347

 

www.taylor.k12.fl.us

 

 

 

From: Sean Martin [mailto:seanmarti...@gmail.com] 
Sent: Monday, April 27, 2009 7:28 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I've heard in the past that Macs were superior for Graphic Design, Video
editing, etc., but is that really the case anymore?

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Managing your passwords was (RE:Password Policy - - how do you handle this?)

[Jonathan Link]

I thought I'd hijack this thread and ask how others manage the myriad
passwords they have.

I did something crazy when I got to 10+ passwords, I started writing them
down.  I have two lists, one is a list of sites, the other is a list of
passwords.  The list of sites is stored in my network share, the passwords
are actually stored in a handwritten note in my wallet.  Neither us useful
without the other, and in the event I'm mugged for my wallet, I have a
relatively convenient listing of all the myriad passwords I need to set
about changing.  And to answer a question, no, my work account password
isnt' stored anywhere except in my head.  I've also found I'm much less
likely to recycle a password accidentally using this method.

I have no idea where I came up with this, I doubt I'm creative enough to
think of this on my own.

-Jonathan

On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott  wrote:

> On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson 
> wrote:
> > Passowrd Policy is that password expires after 90 days, 10 passwords
> > remembered, Min Password age 0.  On the 89th day the user changes their
> > password 11 times back to the expiring password.  Changein the Min
> password
> > age to 1 would prevent that from happening.
>
>  That's it exactly.
>
>  For some of our government interest systems, it's min age 7 days, 24
> passwords remembered.  That's about half a year's worth of weekly
> password cycling to reuse the same password.  Also max age 90 days, 12
> character minimum, complexity checking enabled.  There are several
> such systems, and you're not supposed to use the same passwords across
> multiple systems.  Oy, passwords coming out my ears.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Louis, Joe]

I agree, but they are used together. One doesn't replace the other. History 
itself doesn't prevent changing your password back to what it was. The default 
history is 6 IIRC. A six day cycle to get back to qwerty is a likely deterrent 
to use the same password.

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 1:11 PM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?

IMO the history is a lot more important than the min age.

--
ME2

On Tue, Apr 28, 2009 at 12:14 PM, Louis, Joe 
mailto:jlo...@guardianalarm.com>> wrote:

Actually, it's a good security. If used with history, a minimum age prevents 
users from changing passwords the history length to get their preferred 
password back.



Ie.

qwerty -> qwertu

qwertu -> qwerty

qwerty -> qwerto

qwerto -> qwertp

qwertp -> qwerty





From: Micheal Espinola Jr 
[mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 11:50 AM

To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?



What is the theory behind this password age?



Other people I know don't wash after visiting the restroom.  Just because I 
know or work with them doesn't mean I'd ever shake their hand.

--
ME2

On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.



We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"



I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.



Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"



How do you guys deal with this?



Thanks

Jeremy




















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Phillip Partipilo]

We're told by the DSS audit guys to set the minimum password age to 1 day as
well.  If the gubmint says so, they have to have some kind of reason.
 
 
Phillip Partipilo
Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107
 
 
 

  _  

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Tuesday, April 28, 2009 11:50 AM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?


What is the theory behind this password age? 

Other people I know don't wash after visiting the restroom.  Just because I
know or work with them doesn't mean I'd ever shake their hand.

--
ME2



On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
wrote:


The security guy is insisting that we set the Min Password Age to 1 day.  I
agree in theory that this is a swell idea, but in practice, I think it will
be a disaster.

 

We have users that forget their passwords every other day (Don't ask) and
company politics that are going to let this bad habit continue.  Admins
reset the password, and set the flag that says "Must change password on next
logon"

 

I say, that the user will never get prompted to reset the next time they
login, or that changing it will fail, because the password is now less than
one day old.

 

Security guy says "Not having that set is a bad idea, other companies do it,
make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 



 




 


 


  _  

If this email is spam, report it here:
http://www.OnlyMyEmail.com/ReportSpam
  


THIS ELECTRONIC MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL
AND PROPRIETARY PROPERTY OF THE SENDER. THE INFORMATION IS 
INTENDED FOR USE BY THE ADDRESSEE ONLY. ANY OTHER INTERCEPTION,
COPYING, ACCESSING, OR DISCLOSURE OF THIS MESSAGE IS PROHIBITED.
IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY
NOTIFY THE SENDER AND DELETE THIS MAIL AND ALL ATTACHMENTS. DO NOT
FORWARD THIS MESSAGE WITHOUT PERMISSION OF THE SENDER. 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Cameron Cooper]

IMO I agree that Macs can be great for graphics/video.. but the pc has
made some really good strides to match that... if not take over that
area.

 

_

Cameron Cooper

IT Director - CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021Fax: 847-255-1896

ccoo...@aurico.com  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 8:01 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Not to my knowledge, but I'm open to correction.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

318 North Clark Street

Perry, FL 32347

 

www.taylor.k12.fl.us

 

 

 

From: Sean Martin [mailto:seanmarti...@gmail.com] 
Sent: Monday, April 27, 2009 7:28 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I've heard in the past that Macs were superior for Graphic Design, Video
editing, etc., but is that really the case anymore?

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Louis, Joe]

Yes it makes sense. Good sense.

From: Jeremy Anderson [mailto:jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 12:29 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?


Yes, the min password age requires the passwors to be at leaste 24 hours old 
before a user can change it.

The theory of having a 1 day minimum is so that the users cant just cycle 
through 10 Passwords and go back to the password they used when it expired.

(does that make sense?)

Passowrd Policy is that password expires after 90 days, 10 passwords 
remembered, Min Password age 0.  On the 89th day the user changes their 
password 11 times back to the expiring password.  Changein the Min password age 
to 1 would prevent that from happening.

Thats the security guys logic.

Jeremy

From: Sean Rector [sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 9:10 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?
IIRC, Min. Pwd. Age is the minimum time before they can change their own 
password - as in this process:


1.   I reset their password.  Check box for must reset upon next logon.

2.   User logs on.  They're prompted to change their pwd. & they do.

3.   Within the next 24 hours, they're not allowed to change their pwd. 
again.

Sean Rector, MCSE

From: Holstrom, Don [mailto:dholst...@nbm.org]
Sent: Tuesday, April 28, 2009 12:04 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

At the last place I was at, a p .r. firm, an outside "computer expert group"  
recommended that we set everyone's password to password. I couldn't stop 
laughing, but the operating v.p. wasn't laughing, I recall. There are large 
groups of companies who do this, apparently. I left soon, for other reasons, 
don't know what they did...

Here at the Museum, when I showed up, seven years ago, everyone's password was 
password. When I set them up with OWA, I made them all adopt a password. Many 
complained. Our outside auditing firm made me give passwords a 50-day life. I 
also added the three-of-four rule, they liked that.

Changing passwords each day would be a bit much for these folks. But I know 
three people (one is my neighbor) who have one-minute-password key chains, so...

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

I do it, and it 1) doesn't create heartburn for our folks and 2) it does prompt 
my folks for the reset pwd upon next logon.

Sean Rector, MCSE

From: Jeremy Anderson [mailto:jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

How do you guys deal with this?

Thanks
Jeremy




Information Technology Manager
Virginia Opera Association

E-Mail: sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
Virginia Opera's 35th Anniversary Season The One You 
Love
Celebrate with a 2009-2010 Subscription: La 
Bohème, The Daughter of 
the Regiment, Don 
Giovanni and Porgy and 
BessSM
Visit us online at www.vaopera.org or call 
1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: NAC - Network Access Control

[Ben Scott]

On Tue, Apr 28, 2009 at 12:20 PM, Hart, Robert
 wrote:
> One positive,  There are no rouge PCs on our network.

  Same here.  Most of our PCs are beige or black.  ;-)

  Sorry, couldn't resist.  Your post was actually quite informative;
thank you.  I just can't pass up a straight line.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Brian Desmond]

Correct.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 11:11 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

IIRC, Min. Pwd. Age is the minimum time before they can change their own 
password - as in this process:


1.   I reset their password.  Check box for must reset upon next logon.

2.   User logs on.  They're prompted to change their pwd. & they do.

3.   Within the next 24 hours, they're not allowed to change their pwd. 
again.

Sean Rector, MCSE

From: Holstrom, Don [mailto:dholst...@nbm.org]
Sent: Tuesday, April 28, 2009 12:04 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

At the last place I was at, a p .r. firm, an outside "computer expert group"  
recommended that we set everyone's password to password. I couldn't stop 
laughing, but the operating v.p. wasn't laughing, I recall. There are large 
groups of companies who do this, apparently. I left soon, for other reasons, 
don't know what they did...

Here at the Museum, when I showed up, seven years ago, everyone's password was 
password. When I set them up with OWA, I made them all adopt a password. Many 
complained. Our outside auditing firm made me give passwords a 50-day life. I 
also added the three-of-four rule, they liked that.

Changing passwords each day would be a bit much for these folks. But I know 
three people (one is my neighbor) who have one-minute-password key chains, so...

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

I do it, and it 1) doesn't create heartburn for our folks and 2) it does prompt 
my folks for the reset pwd upon next logon.

Sean Rector, MCSE

From: Jeremy Anderson [mailto:jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

How do you guys deal with this?

Thanks
Jeremy




Information Technology Manager
Virginia Opera Association

E-Mail: sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
Virginia Opera's 35th Anniversary Season The One You 
Love
Celebrate with a 2009-2010 Subscription: La 
Bohème, The Daughter of 
the Regiment, Don 
Giovanni and Porgy and 
BessSM
Visit us online at www.vaopera.org or call 
1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Windows 2008 server - local access only

[Tom Miller]

That's already there.  

>>> Jon Harris  4/28/2009 12:37 PM >>>
Network and sharing Center. Manage Network connections. Right click NIC choose 
Properties. Choose the IP v4 properties add the IP address for the Gateway. OK 
your way out Done!
Jon

On Tue, Apr 28, 2009 at 12:24 PM, Tom Miller  wrote:


I have several 2008 servers. On one of them I somehow configured it for "local 
access" only (Control Panel --> Network and Sharing Center). I'm having a brain 
cramp and can't figure it out how to allow access to the Internet.
Suggestions appreciated.
Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 






 
 

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Windows 2008 server - local access only

[Jon Harris]

Network and sharing Center.  Manage Network connections. Right click NIC
choose Properties.  Choose the IP v4 properties add the IP address for the
Gateway.  OK your way out  Done!

Jon

On Tue, Apr 28, 2009 at 12:24 PM, Tom Miller  wrote:

>  I have several 2008 servers.  On one of them I somehow configured it for
> "local access" only (Control Panel --> Network and Sharing Center).  I'm
> having a brain cramp and can't figure it out how to allow access to the
> Internet.
>
> Suggestions appreciated.
>
>
> Tom Miller
> Engineer, Information Technology
> Hampton-Newport News Community Services Board
> 757-788-0528
>
> Confidentiality Notice: This e-mail message, including attachments, is for
> the sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: NAC - Network Access Control

[Blackman, Woody]

As an educational institution we went with Bradford Networks NAC
solution.  They have been in the market space since before it had an
acronym.  They started out helping to secure residence halls for student
housing and have been successfully growing their product offering
through the years.  It is multi-platform ( Win, Mac, *nix), can be
configured out of band, and gives you choice of agent or agent-less
implementation.  They even provide you the ability to offer to your
clients self-service pre-screening via a website before they even
connect to your network!

 

http://www.bradfordnetworks.com

 

 

From: Hart, Robert [mailto:robert.h...@genexservices.com] 
Sent: Tuesday, April 28, 2009 9:21 AM
To: NT System Admin Issues
Subject: RE: NAC - Network Access Control

 

We are about half way through our deployment.  While I am not involved
with the network side of things it is a pain in the a$$ and I would not
recommend any Network Access Control that requires a client.  It has
done nothing but cause more work really.  We are using Cisco's Secure
Services Client.  It now take longer to boot and log into any PC.  If
there is a problem with a remote machine it now takes one extra step to
check the logs to make sure NAC has not failed and check the client to
make sure it actually works.  Even though the software is installed does
not mean it actually works on the PC.  We had problems with licensing
and had to get Cisco involved to give us a new configuration file to
apply.  If we ever need to upgrade the software it will be a pain
because it has to be uninstalled before upgrading because of this
configuration file that was applied at installation.  

 

If you have any Cisco 7910 phones, they fail to release the MAC address
when a computer is unplugged and therefore you cannot use another
computer on the phone until it is reset.  We have a lot of laptops that
come and go.  Doing a MAC bypass is a pain because while I do not have
access to the routers I need to be able to add MAC address (custom
solution).  Since our users never tell us beforehand that someone,
vendor, etc is coming in, it is always a problem.  Oh ya, computers with
virtual PCs, there is another problem and custom setup on the port.
Don't forget about those managed UPS's.  I can't seem to get in
installed on our image before sysprep because when I do after sysprep it
searches for the domain for 30 minutes before letting you log on.  Ya
ya, I know you can force the domain list in the registry but it is
another problem that came up.  

  

 

After talking to some friends the idea was brought up to do a ACL list
sync'ed with AD instead of a client based solution.  In theory the ACL
list sounded pretty easy and controllable  with the same downsides of
vendor's coming in and all.  The theory was a little over my head on the
network side so I will not say much on the chance that I would be wrong.


 

 

One positive,  There are no rouge PCs on our network.  

 

 

Bob

 

 

 

 

From: Burgess, Jeffrey [mailto:jburg...@liberty-bank.com] 
Sent: Tuesday, April 28, 2009 11:13 AM
To: NT System Admin Issues
Subject: NAC - Network Access Control

 

 

 Anyone here using a NAC solution?

 

 What are you using and how do you like it?

 

 I'm looking at a few but would like to see what others are using and
how they like it.

 Specifically in how useful it is for out of band devices (Devices not
owned by your company, I.E. Vendor laptops etc...)

 

 I like ForeScout so far and I'm also looking at Cisco and Symantec.
What do you have?

 

 

Jeffrey T. Burgess
Sr. Systems Engineer
Liberty Bank
315 Main St.
Middletown CT, 06457
(860) 704-2196
jburg...@liberty-bank.com 
"Ambition is the last refuge of failure." - Oscar Wilde 

 

**

Unless you have received this email through the Liberty Bank secure
email system, before you respond, please consider that any unencrypted
e-mail that is sent to us is not secure. If you send regular e-mail to
Liberty Bank, please do not include any private or confidential
information such as social security numbers, unlisted telephone numbers,
bank account numbers, personal income information, user names,
passwords, etc. If you need to provide us with such information, please
telephone us at (888)570-0773 during business hours or write to us at
315 Main St. Middletown, CT 06457.

 

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the intended recipient of this message you are
hereby notified that any use, review, retransmission, dissemination,
distribution, reproduction or any action taken in reliance upon this
message is prohibited and may be unlawful. If you received this in
error, please contact the sender and delete the material from any
computer without disclosing it. Any views expressed in this message are
those of the individual sende

RE: Password Policy - - how do you handle this?

[Michael B. Smith]

I don't think the behavior is as you expect.

Fire up a virtual AD and check. :-)

But I still think it's silly. YMMV.


From: Jeremy Anderson [jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:39 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

We have users that forget their passwords every other day (Don’t ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says “Must change password on next logon”

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

Security guy says “Not having that set is a bad idea, other companies do it, 
make it happen”

How do you guys deal with this?

Thanks
Jeremy





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Jeremy Anderson]

Yes, the min password age requires the passwors to be at leaste 24 hours old 
before a user can change it.

The theory of having a 1 day minimum is so that the users cant just cycle 
through 10 Passwords and go back to the password they used when it expired.

(does that make sense?)

Passowrd Policy is that password expires after 90 days, 10 passwords 
remembered, Min Password age 0.  On the 89th day the user changes their 
password 11 times back to the expiring password.  Changein the Min password age 
to 1 would prevent that from happening.

Thats the security guys logic.

Jeremy

From: Sean Rector [sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 9:10 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

IIRC, Min. Pwd. Age is the minimum time before they can change their own 
password – as in this process:


1.   I reset their password.  Check box for must reset upon next logon.

2.   User logs on.  They’re prompted to change their pwd. & they do.

3.   Within the next 24 hours, they’re not allowed to change their pwd. 
again.

Sean Rector, MCSE

From: Holstrom, Don [mailto:dholst...@nbm.org]
Sent: Tuesday, April 28, 2009 12:04 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

At the last place I was at, a p .r. firm, an outside "computer expert group"  
recommended that we set everyone's password to password. I couldn't stop 
laughing, but the operating v.p. wasn't laughing, I recall. There are large 
groups of companies who do this, apparently. I left soon, for other reasons, 
don't know what they did...

Here at the Museum, when I showed up, seven years ago, everyone's password was 
password. When I set them up with OWA, I made them all adopt a password. Many 
complained. Our outside auditing firm made me give passwords a 50-day life. I 
also added the three-of-four rule, they liked that.

Changing passwords each day would be a bit much for these folks. But I know 
three people (one is my neighbor) who have one-minute-password key chains, so...

From: Sean Rector [mailto:sean.rec...@vaopera.org]
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

I do it, and it 1) doesn’t create heartburn for our folks and 2) it does prompt 
my folks for the reset pwd upon next logon.

Sean Rector, MCSE

From: Jeremy Anderson [mailto:jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

We have users that forget their passwords every other day (Don’t ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says “Must change password on next logon”

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

Security guy says “Not having that set is a bad idea, other companies do it, 
make it happen”

How do you guys deal with this?

Thanks
Jeremy




Information Technology Manager
Virginia Opera Association

E-Mail: sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
Virginia Opera's 35th Anniversary Season The One You 
Love
Celebrate with a 2009-2010 Subscription: La 
Bohème, The Daughter of 
the Regiment, Don 
Giovanni and Porgy and 
BessSM
Visit us online at www.vaopera.org or call 
1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Windows 2008 server - local access only

[Tom Miller]

I have several 2008 servers.  On one of them I somehow configured it for "local 
access" only (Control Panel --> Network and Sharing Center).  I'm having a 
brain cramp and can't figure it out how to allow access to the Internet.
 
Suggestions appreciated.
 
 
Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 
Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: NAC - Network Access Control

[Hart, Robert]

We are about half way through our deployment.  While I am not involved
with the network side of things it is a pain in the a$$ and I would not
recommend any Network Access Control that requires a client.  It has
done nothing but cause more work really.  We are using Cisco's Secure
Services Client.  It now take longer to boot and log into any PC.  If
there is a problem with a remote machine it now takes one extra step to
check the logs to make sure NAC has not failed and check the client to
make sure it actually works.  Even though the software is installed does
not mean it actually works on the PC.  We had problems with licensing
and had to get Cisco involved to give us a new configuration file to
apply.  If we ever need to upgrade the software it will be a pain
because it has to be uninstalled before upgrading because of this
configuration file that was applied at installation.  

 

If you have any Cisco 7910 phones, they fail to release the MAC address
when a computer is unplugged and therefore you cannot use another
computer on the phone until it is reset.  We have a lot of laptops that
come and go.  Doing a MAC bypass is a pain because while I do not have
access to the routers I need to be able to add MAC address (custom
solution).  Since our users never tell us beforehand that someone,
vendor, etc is coming in, it is always a problem.  Oh ya, computers with
virtual PCs, there is another problem and custom setup on the port.
Don't forget about those managed UPS's.  I can't seem to get in
installed on our image before sysprep because when I do after sysprep it
searches for the domain for 30 minutes before letting you log on.  Ya
ya, I know you can force the domain list in the registry but it is
another problem that came up.  

  

 

After talking to some friends the idea was brought up to do a ACL list
sync'ed with AD instead of a client based solution.  In theory the ACL
list sounded pretty easy and controllable  with the same downsides of
vendor's coming in and all.  The theory was a little over my head on the
network side so I will not say much on the chance that I would be wrong.


 

 

One positive,  There are no rouge PCs on our network.  

 

 

Bob

 

 

 

 

From: Burgess, Jeffrey [mailto:jburg...@liberty-bank.com] 
Sent: Tuesday, April 28, 2009 11:13 AM
To: NT System Admin Issues
Subject: NAC - Network Access Control

 

 

 Anyone here using a NAC solution?

 

 What are you using and how do you like it?

 

 I'm looking at a few but would like to see what others are using and
how they like it.

 Specifically in how useful it is for out of band devices (Devices not
owned by your company, I.E. Vendor laptops etc...)

 

 I like ForeScout so far and I'm also looking at Cisco and Symantec.
What do you have?

 

 

Jeffrey T. Burgess
Sr. Systems Engineer
Liberty Bank
315 Main St.
Middletown CT, 06457
(860) 704-2196
jburg...@liberty-bank.com 
"Ambition is the last refuge of failure." - Oscar Wilde 

 

**

Unless you have received this email through the Liberty Bank secure
email system, before you respond, please consider that any unencrypted
e-mail that is sent to us is not secure. If you send regular e-mail to
Liberty Bank, please do not include any private or confidential
information such as social security numbers, unlisted telephone numbers,
bank account numbers, personal income information, user names,
passwords, etc. If you need to provide us with such information, please
telephone us at (888)570-0773 during business hours or write to us at
315 Main St. Middletown, CT 06457.

 

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the intended recipient of this message you are
hereby notified that any use, review, retransmission, dissemination,
distribution, reproduction or any action taken in reliance upon this
message is prohibited and may be unlawful. If you received this in
error, please contact the sender and delete the material from any
computer without disclosing it. Any views expressed in this message are
those of the individual sender and may not necessarily reflect the views
of the Bank. Thank you. 

**

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Louis, Joe]

Actually, it's a good security. If used with history, a minimum age prevents 
users from changing passwords the history length to get their preferred 
password back.

Ie.
qwerty -> qwertu
qwertu -> qwerty
qwerty -> qwerto
qwerto -> qwertp
qwertp -> qwerty


From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Tuesday, April 28, 2009 11:50 AM
To: NT System Admin Issues
Subject: Re: Password Policy - - how do you handle this?

What is the theory behind this password age?

Other people I know don't wash after visiting the restroom.  Just because I 
know or work with them doesn't mean I'd ever shake their hand.

--
ME2

On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson 
mailto:jer...@mapiadmin.net>> wrote:

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.



We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"



I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.



Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"



How do you guys deal with this?



Thanks

Jeremy










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Sean Rector]

I think you're thinking of Enforce Password History.

 

Sean Rector, MCSE

 

From: Ralph Smith [mailto:m...@gatewayindustries.org] 
Sent: Tuesday, April 28, 2009 12:05 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I think the idea is that if you prohibit the reuse of the same password
for x number of changes, this prevents the user from cycling through
several consecutive changes in order to be able to use the same password
they started with, thus defeating the policy requiring password changes.

 



From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Tuesday, April 28, 2009 11:58 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I don't think the behavior is as you expect.

 

Fire up a virtual AD and check. :-)

 

But I still think it's silly. YMMV.

 



From: Jeremy Anderson [jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:39 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.
I agree in theory that this is a swell idea, but in practice, I think it
will be a disaster.

 

We have users that forget their passwords every other day (Don't ask)
and company politics that are going to let this bad habit continue.
Admins reset the password, and set the flag that says "Must change
password on next logon"

 

I say, that the user will never get prompted to reset the next time they
login, or that changing it will fail, because the password is now less
than one day old.

 

Security guy says "Not having that set is a bad idea, other companies do
it, make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

 

 

 

Confidentiality Notice:

**

This communication, including any attachments, may contain confidential
information and is intended only for the individual or entity to whom it
is addressed. Any review, dissemination, or copying of this
communication by anyone other than the intended recipient is strictly
prohibited. If you are not the intended recipient, please contact the
sender by reply email, delete and destroy all copies of the original
message.

 

 

 

Virginia Opera's 35th Anniversary Season The One You Love
Celebrate with a 2009-2010 Subscription: La Boh?me, The Daughter of the 
Regiment, Don Giovanni and Porgy and BessSM 
Visit us online at www.vaopera.org or call 1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Sean Rector]

IIRC, Min. Pwd. Age is the minimum time before they can change their own 
password - as in this process:

 

1.   I reset their password.  Check box for must reset upon next logon.

2.   User logs on.  They're prompted to change their pwd. & they do.

3.   Within the next 24 hours, they're not allowed to change their pwd. 
again.

 

Sean Rector, MCSE

 

From: Holstrom, Don [mailto:dholst...@nbm.org] 
Sent: Tuesday, April 28, 2009 12:04 PM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

At the last place I was at, a p .r. firm, an outside "computer expert group"  
recommended that we set everyone's password to password. I couldn't stop 
laughing, but the operating v.p. wasn't laughing, I recall. There are large 
groups of companies who do this, apparently. I left soon, for other reasons, 
don't know what they did...

 

Here at the Museum, when I showed up, seven years ago, everyone's password was 
password. When I set them up with OWA, I made them all adopt a password. Many 
complained. Our outside auditing firm made me give passwords a 50-day life. I 
also added the three-of-four rule, they liked that.

 

Changing passwords each day would be a bit much for these folks. But I know 
three people (one is my neighbor) who have one-minute-password key chains, so...

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I do it, and it 1) doesn't create heartburn for our folks and 2) it does prompt 
my folks for the reset pwd upon next logon.

 

Sean Rector, MCSE

 

From: Jeremy Anderson [mailto:jer...@mapiadmin.net] 
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

 

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

 

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

 

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

 

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Ralph Smith]

I think the idea is that if you prohibit the reuse of the same password
for x number of changes, this prevents the user from cycling through
several consecutive changes in order to be able to use the same password
they started with, thus defeating the policy requiring password changes.

 



From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Tuesday, April 28, 2009 11:58 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I don't think the behavior is as you expect.

 

Fire up a virtual AD and check. :-)

 

But I still think it's silly. YMMV.

 



From: Jeremy Anderson [jer...@mapiadmin.net]
Sent: Tuesday, April 28, 2009 11:39 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

The security guy is insisting that we set the Min Password Age to 1 day.
I agree in theory that this is a swell idea, but in practice, I think it
will be a disaster.

 

We have users that forget their passwords every other day (Don't ask)
and company politics that are going to let this bad habit continue.
Admins reset the password, and set the flag that says "Must change
password on next logon"

 

I say, that the user will never get prompted to reset the next time they
login, or that changing it will fail, because the password is now less
than one day old.

 

Security guy says "Not having that set is a bad idea, other companies do
it, make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

 

 

Confidentiality Notice: 

--



This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Devin Meade]

On that note, when this was brought up in my firm, I gathered up some
info on Apple certification and training.  IIRC, I mentioned that if
we are to start supporting Mac's, lets to it properly, just like we do
with Windows (and AutoCAD, and Vmware, and whatever).  That means
training, training, and more training (and  testing, testing and more
testing).  I then pulled some historical costs for our Windows
training.  I never asked for a Mac for IS testing, but did kinda sorta
mentioned it between the lines.  That was about a year ago, upper mgnt
has not given the go-ahead.  I just approached it like anything else -
with a set of requirements and costs before we adopt new / different
technology.  So far this has not made it much past water-fountain
talk.

On Tue, Apr 28, 2009 at 10:35 AM, Ben Scott  wrote:
> On Tue, Apr 28, 2009 at 9:09 AM, Jon Harris  wrote:
>> Not from what my Windows person is finding.  He is producing the same level
>> of work as a professional that we pay for.  The biggest difference is in the
>> training.
>
>  I think that's actually the case for both users and admins.  If one
> has most of one's experience with %PLATFORM%, then one will find
> %OTHER_PLATFORM% harder.
>
>  If most of the formal training the IT staff has is in
> Microsoft-based IT systems, and all but one of the computers in the
> organization is Microsoft-based, and then we have this one computer
> running a different OS, *of course* it's going to have
> disproportionate costs and weird difficulties and everything else.
> It'd be the same way if it was all Mac OS X except for one Windows
> box.
>
>  Same applies to the users and applications.  If somebody has been
> working on a Mac for their entire professional career, then of course
> the Mac will be perceived as better, because the Mac fits their
> experience, where as anything else will involve re-training and
> re-learning.
>
>  Of course, interoperability with third-party platforms has never
> been Microsoft's strong suit, either.  Some of that's by design (cf.
> the so-called "Halloween memos", US DoJ v MSFT, etc.).  But in
> fairness, some of it is just the result of being the incumbent market
> leader.  Microsoft has far less market pressure to work with the other
> guys, while if you're a minority platform you've *got* to interoperate
> with Microsoft or you're hamstrung.
>
>  The real hard part in all this is quantifying the costs associated
> with supporting a new platform within an organization, vs the benefits
> the platform provides.  If you can provide an ROI analysis, decisions
> get a lot easier.  If, say, it's just one guy Mac guy and all he's
> using is Adobe Creative Suite, then chances are you can easily
> demonstrate that it's cheaper to just move him to Windows.  Pay for
> some Windows training for the guy once.  Adobe CS is fairly similar
> across platforms, or so I'm told.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>



-- 
Devin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Holstrom, Don]

At the last place I was at, a p .r. firm, an outside "computer expert group"  
recommended that we set everyone's password to password. I couldn't stop 
laughing, but the operating v.p. wasn't laughing, I recall. There are large 
groups of companies who do this, apparently. I left soon, for other reasons, 
don't know what they did...

 

Here at the Museum, when I showed up, seven years ago, everyone's password was 
password. When I set them up with OWA, I made them all adopt a password. Many 
complained. Our outside auditing firm made me give passwords a 50-day life. I 
also added the three-of-four rule, they liked that.

 

Changing passwords each day would be a bit much for these folks. But I know 
three people (one is my neighbor) who have one-minute-password key chains, so...

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Tuesday, April 28, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: Password Policy - - how do you handle this?

 

I do it, and it 1) doesn't create heartburn for our folks and 2) it does prompt 
my folks for the reset pwd upon next logon.

 

Sean Rector, MCSE

 

From: Jeremy Anderson [mailto:jer...@mapiadmin.net] 
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

 

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

 

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

 

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

 

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season   The One You 
Love
Celebrate with a 2009-2010 Subscription: La Bohème 
 , The Daughter of the 
Regiment  , Don Giovanni 
  and Porgy and BessSM 
  
Visit us online at www.vaopera.org   or call 
1-866-OPERA-VA 



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments. 

{*}

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Don Guyer]

What other password policies are already in place?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Jeremy Anderson [mailto:jer...@mapiadmin.net] 
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

 

The security guy is insisting that we set the Min Password Age to 1 day.
I agree in theory that this is a swell idea, but in practice, I think it
will be a disaster.

 

We have users that forget their passwords every other day (Don't ask)
and company politics that are going to let this bad habit continue.
Admins reset the password, and set the flag that says "Must change
password on next logon"

 

I say, that the user will never get prompted to reset the next time they
login, or that changing it will fail, because the password is now less
than one day old.

 

Security guy says "Not having that set is a bad idea, other companies do
it, make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Password Policy - - how do you handle this?

[Sean Rector]

I do it, and it 1) doesn't create heartburn for our folks and 2) it does
prompt my folks for the reset pwd upon next logon.

 

Sean Rector, MCSE

 

From: Jeremy Anderson [mailto:jer...@mapiadmin.net] 
Sent: Tuesday, April 28, 2009 11:40 AM
To: NT System Admin Issues
Subject: Password Policy - - how do you handle this?

 

The security guy is insisting that we set the Min Password Age to 1 day.
I agree in theory that this is a swell idea, but in practice, I think it
will be a disaster.

 

We have users that forget their passwords every other day (Don't ask)
and company politics that are going to let this bad habit continue.
Admins reset the password, and set the flag that says "Must change
password on next logon"

 

I say, that the user will never get prompted to reset the next time they
login, or that changing it will fail, because the password is now less
than one day old.

 

Security guy says "Not having that set is a bad idea, other companies do
it, make it happen"

 

How do you guys deal with this?

 

Thanks

Jeremy

 

 

Virginia Opera's 35th Anniversary Season The One You Love
Celebrate with a 2009-2010 Subscription: La Boh?me, The Daughter of the 
Regiment, Don Giovanni and Porgy and BessSM 
Visit us online at www.vaopera.org or call 1-866-OPERA-VA

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Password Policy - - how do you handle this?

[Micheal Espinola Jr]

What is the theory behind this password age?
Other people I know don't wash after visiting the restroom.  Just because I
know or work with them doesn't mean I'd ever shake their hand.

--
ME2


On Tue, Apr 28, 2009 at 11:39 AM, Jeremy Anderson wrote:

>  The security guy is insisting that we set the Min Password Age to 1 day.
> I agree in theory that this is a swell idea, but in practice, I think it
> will be a disaster.
>
>
>
> We have users that forget their passwords every other day (Don’t ask) and
> company politics that are going to let this bad habit continue.  Admins
> reset the password, and set the flag that says “Must change password on next
> logon”
>
>
>
> I say, that the user will never get prompted to reset the next time they
> login, or that changing it will fail, because the password is now less than
> one day old.
>
>
>
> Security guy says “Not having that set is a bad idea, other companies do
> it, make it happen”
>
>
>
> How do you guys deal with this?
>
>
>
> Thanks
>
> Jeremy
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: NAC - Network Access Control

[Gary Whitten]

I hesitate to respond to this because I was not actively involved with
purchase, planning and deployment of NAC where I am.  I actually no longer
work directly with server/network planning at all.  I am, however, a senior
tech at the call center for a large company and we bore the brunt of a lot
of pain here with NAC.
 
My company uses Cisco Clean Access and it's been a horrible, painful
experience.  Weigh my opinion with others, but I'd definitely encourage you
to look elsewhere.  
  _  

From: Burgess, Jeffrey [mailto:jburg...@liberty-bank.com] 
Sent: Tuesday, April 28, 2009 11:13 AM
To: NT System Admin Issues
Subject: NAC - Network Access Control



 

 Anyone here using a NAC solution?

 

 What are you using and how do you like it?

 

 I'm looking at a few but would like to see what others are using and how
they like it.

 Specifically in how useful it is for out of band devices (Devices not owned
by your company, I.E. Vendor laptops etc.)

 

 I like ForeScout so far and I'm also looking at Cisco and Symantec.What
do you have?

 

 

Jeffrey T. Burgess
Sr. Systems Engineer
Liberty Bank
315 Main St.
Middletown CT, 06457
(860) 704-2196
jburg...@liberty-bank.com 
"Ambition is the last refuge of failure." - Oscar Wilde 

 

**

Unless you have received this email through the Liberty Bank secure email
system, before you respond, please consider that any unencrypted e-mail that
is sent to us is not secure. If you send regular e-mail to Liberty Bank,
please do not include any private or confidential information such as social
security numbers, unlisted telephone numbers, bank account numbers, personal
income information, user names, passwords, etc. If you need to provide us
with such information, please telephone us at (888)570-0773 during business
hours or write to us at 315 Main St. Middletown, CT 06457.

 

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the intended recipient of this message you are
hereby notified that any use, review, retransmission, dissemination,
distribution, reproduction or any action taken in reliance upon this message
is prohibited and may be unlawful. If you received this in error, please
contact the sender and delete the material from any computer without
disclosing it. Any views expressed in this message are those of the
individual sender and may not necessarily reflect the views of the Bank.
Thank you. 

**

 

 


 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.12.1/2069 - Release Date: 04/28/09
06:15:00



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Password Policy - - how do you handle this?

[Jeremy Anderson]

The security guy is insisting that we set the Min Password Age to 1 day.  I 
agree in theory that this is a swell idea, but in practice, I think it will be 
a disaster.

We have users that forget their passwords every other day (Don't ask) and 
company politics that are going to let this bad habit continue.  Admins reset 
the password, and set the flag that says "Must change password on next logon"

I say, that the user will never get prompted to reset the next time they login, 
or that changing it will fail, because the password is now less than one day 
old.

Security guy says "Not having that set is a bad idea, other companies do it, 
make it happen"

How do you guys deal with this?

Thanks
Jeremy

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Ben Scott]

On Tue, Apr 28, 2009 at 9:09 AM, Jon Harris  wrote:
> Not from what my Windows person is finding.  He is producing the same level
> of work as a professional that we pay for.  The biggest difference is in the
> training.

  I think that's actually the case for both users and admins.  If one
has most of one's experience with %PLATFORM%, then one will find
%OTHER_PLATFORM% harder.

  If most of the formal training the IT staff has is in
Microsoft-based IT systems, and all but one of the computers in the
organization is Microsoft-based, and then we have this one computer
running a different OS, *of course* it's going to have
disproportionate costs and weird difficulties and everything else.
It'd be the same way if it was all Mac OS X except for one Windows
box.

  Same applies to the users and applications.  If somebody has been
working on a Mac for their entire professional career, then of course
the Mac will be perceived as better, because the Mac fits their
experience, where as anything else will involve re-training and
re-learning.

  Of course, interoperability with third-party platforms has never
been Microsoft's strong suit, either.  Some of that's by design (cf.
the so-called "Halloween memos", US DoJ v MSFT, etc.).  But in
fairness, some of it is just the result of being the incumbent market
leader.  Microsoft has far less market pressure to work with the other
guys, while if you're a minority platform you've *got* to interoperate
with Microsoft or you're hamstrung.

  The real hard part in all this is quantifying the costs associated
with supporting a new platform within an organization, vs the benefits
the platform provides.  If you can provide an ROI analysis, decisions
get a lot easier.  If, say, it's just one guy Mac guy and all he's
using is Adobe Creative Suite, then chances are you can easily
demonstrate that it's cheaper to just move him to Windows.  Pay for
some Windows training for the guy once.  Adobe CS is fairly similar
across platforms, or so I'm told.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

NAC - Network Access Control

[Burgess, Jeffrey]

 

 Anyone here using a NAC solution?

 

 What are you using and how do you like it?

 

 I'm looking at a few but would like to see what others are using and
how they like it.

 Specifically in how useful it is for out of band devices (Devices not
owned by your company, I.E. Vendor laptops etc...)

 

 I like ForeScout so far and I'm also looking at Cisco and Symantec.
What do you have?

 

 

Jeffrey T. Burgess
Sr. Systems Engineer
Liberty Bank
315 Main St.
Middletown CT, 06457
(860) 704-2196
jburg...@liberty-bank.com 
"Ambition is the last refuge of failure." - Oscar Wilde 

 

**
Unless you have received this email through the Liberty Bank secure email 
system, before you respond, please consider that any unencrypted e-mail that is 
sent to us is not secure.  If you send regular e-mail to Liberty Bank, please 
do not include any private or confidential information such as social security 
numbers, unlisted telephone numbers, bank account numbers, personal income 
information, user names, passwords, etc.  If you need to provide us with such 
information, please telephone us at (888)570-0773 during business hours or 
write to us at 315 Main St. Middletown, CT 06457.

The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. If you 
are not the intended recipient of this message you are hereby notified that any 
use, review, retransmission, dissemination, distribution, reproduction or any 
action taken in reliance upon this message is prohibited and may be unlawful. 
If you received this in error, please contact the sender and delete the 
material from any computer without disclosing it. Any views expressed in this 
message are those of the individual sender and may not necessarily reflect the 
views of the Bank.   Thank you. 
**


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[John Hornbuckle]

Replying to my own post... I was just taking another look at the Dell XPS One 
systems. When these first came out, they were crazy expensive. It seems the 
price has come down quite a bit, though.

Has anyone used these? If so, how do they compare to the iMac?




John





From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Tuesday, April 28, 2009 10:25 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

That's what we're doing here. We've managed to negotiate some better pricing to 
reduce the "Apple tax," making the iMacs' pricing closer to that of our Dells. 
We then run Vista on them, which works fine.

PC manufacturers are still clueless. They're trying to learn from Apple, but 
are still way behind.




John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us






From: Vue, Za [mailto:z...@emory.edu]
Sent: Tuesday, April 28, 2009 9:49 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I will take a one piece iMac over a PC system any day BUT running Vista. If I 
have the budget I would buy everyone an iMac and run Vista. I wish PC vendors 
start making one piece unit like Apple. Too many damn wires man! (Speaker 
wires, AC adapters, video adapters, mouse wires, KB wires)  How about start 
incorporating wireless NIC into desktop systems?
Have you all seen the size of the AC adapter on Dell machines? They are almost 
as large as the small form factor unit. ALL built-in speakers are worth sh1t on 
PC vendors(IBM/DELL). Music sounds like midi files coming from these built-in 
speakers.

-Z.V.






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[John Hornbuckle]

That's what we're doing here. We've managed to negotiate some better pricing to 
reduce the "Apple tax," making the iMacs' pricing closer to that of our Dells. 
We then run Vista on them, which works fine.

PC manufacturers are still clueless. They're trying to learn from Apple, but 
are still way behind.




John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us






From: Vue, Za [mailto:z...@emory.edu]
Sent: Tuesday, April 28, 2009 9:49 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I will take a one piece iMac over a PC system any day BUT running Vista. If I 
have the budget I would buy everyone an iMac and run Vista. I wish PC vendors 
start making one piece unit like Apple. Too many damn wires man! (Speaker 
wires, AC adapters, video adapters, mouse wires, KB wires)  How about start 
incorporating wireless NIC into desktop systems?
Have you all seen the size of the AC adapter on Dell machines? They are almost 
as large as the small form factor unit. ALL built-in speakers are worth sh1t on 
PC vendors(IBM/DELL). Music sounds like midi files coming from these built-in 
speakers.

-Z.V.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Vue, Za]

I will take a one piece iMac over a PC system any day BUT running Vista. If I 
have the budget I would buy everyone an iMac and run Vista. I wish PC vendors 
start making one piece unit like Apple. Too many damn wires man! (Speaker 
wires, AC adapters, video adapters, mouse wires, KB wires)  How about start 
incorporating wireless NIC into desktop systems?
Have you all seen the size of the AC adapter on Dell machines? They are almost 
as large as the small form factor unit. ALL built-in speakers are worth sh1t on 
PC vendors(IBM/DELL). Music sounds like midi files coming from these built-in 
speakers.

-Z.V.

From: Holstrom, Don [mailto:dholst...@nbm.org]
Sent: Tuesday, April 28, 2009 9:14 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

The machines aren't any better, but it appears the graphics users like Macs 
more. When a Mac fails, they don't flinch, just look for me patiently. I have 
five Mac desktops and three Mac laptops here at the Museum. About eight or 10 
have Macs at home too. For the in-house users, I give them an extra monitor and 
run Parallels with Microsoft Office (Outlook) running, as all the other apps 
don't have all that Outlook offers. And I run Exchange here. One likes to use 
OWA, but the rest like to use Office for Outlook. A year or so ago I used Macs 
with two monitors at home as well as at the office to see the difference. The 
Macs are sweet, but I just like PC's better, even withstanding the half or 
third better pricing.

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Tuesday, April 28, 2009 9:01 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

Not to my knowledge, but I'm open to correction.



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us



From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Monday, April 27, 2009 7:28 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I've heard in the past that Macs were superior for Graphic Design, Video 
editing, etc., but is that really the case anymore?











This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Holstrom, Don]

The machines aren't any better, but it appears the graphics users like
Macs more. When a Mac fails, they don't flinch, just look for me
patiently. I have five Mac desktops and three Mac laptops here at the
Museum. About eight or 10 have Macs at home too. For the in-house users,
I give them an extra monitor and run Parallels with Microsoft Office
(Outlook) running, as all the other apps don't have all that Outlook
offers. And I run Exchange here. One likes to use OWA, but the rest like
to use Office for Outlook. A year or so ago I used Macs with two
monitors at home as well as at the office to see the difference. The
Macs are sweet, but I just like PC's better, even withstanding the half
or third better pricing.

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, April 28, 2009 9:01 AM
To: NT System Admin Issues
Subject: RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

Not to my knowledge, but I'm open to correction.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

318 North Clark Street

Perry, FL 32347

 

www.taylor.k12.fl.us

 

 

 

From: Sean Martin [mailto:seanmarti...@gmail.com] 
Sent: Monday, April 27, 2009 7:28 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

 

I've heard in the past that Macs were superior for Graphic Design, Video
editing, etc., but is that really the case anymore?

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jon Harris]

Not from what my Windows person is finding.  He is producing the same level
of work as a professional that we pay for.  The biggest difference is in the
training.  The professional was trained on a Mac and our inside person has
had no training.  The Mac person takes the work done by the Windows person
and uses it as is.

Jon

On Tue, Apr 28, 2009 at 9:00 AM, John Hornbuckle <
john.hornbuc...@taylor.k12.fl.us> wrote:

>  Not to my knowledge, but I’m open to correction.
>
>
>
>
>
>
>
> John Hornbuckle
>
> MIS Department
>
> Taylor County School District
>
> 318 North Clark Street
>
> Perry, FL 32347
>
>
>
> www.taylor.k12.fl.us
>
>
>
>
>
>
>
> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
> *Sent:* Monday, April 27, 2009 7:28 PM
> *To:* NT System Admin Issues
> *Subject:* Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
>
>
>
> I've heard in the past that Macs were superior for Graphic Design, Video
> editing, etc., but is that really the case anymore?
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[John Hornbuckle]

Not to my knowledge, but I'm open to correction.



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us



From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Monday, April 27, 2009 7:28 PM
To: NT System Admin Issues
Subject: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

I've heard in the past that Macs were superior for Graphic Design, Video 
editing, etc., but is that really the case anymore?


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: DFS issues

[John Aldrich]

Hi, Bonnie.

Thanks for that link. I'll take a look at it. As for the other questions,
there are no quotas, etc. The share/NTFS permissions have always been
read/write for everyone and full-control for a select few, at least in the
main folders.  The directory structure is something like this:

"Public" = full read/write

Sub-folder of Public, "Product Info"=read-only except for certain select
people who need access to change things in there.

 

I, personally, tried to save a file into the "public" folder  (copying a
link from the desktop for a website) while the user was still logged in. It
gave me an error, something to the effect of the folder being "read only."
My assistant who has the same permissions on that share as I do tried to
delete something off another wide-open sub-folder of the "public" folder and
was unable to do so until she rebooted for some strange reason, while I was
able, from my desktop, to delete files out of the same folder she was having
problems with.

 

John-AldrichTile-Tools

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Monday, April 27, 2009 4:56 PM
To: NT System Admin Issues
Subject: RE: DFS issues

 

Sorry to jump in so late-If you're just talking about the checkbox next to
read only, that is by design on folders as per
http://support.microsoft.com/kb/326549.

 

How are the share and NTFS permissions?  Any quota software being used?
What program are they having trouble saving with?

 

-B

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, April 21, 2009 11:44 AM
To: NT System Admin Issues
Subject: RE: DFS issues

 

When I looked at the properties of the shared folder on the second server,
the "read only" checkbox was checked.

 

John-AldrichTile-Tools

 

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, April 21, 2009 2:24 PM
To: NT System Admin Issues
Subject: RE: DFS issues

 

What do you mean permissions set to read only? 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, April 21, 2009 11:05 AM
To: NT System Admin Issues
Subject: DFS issues

 

We just recently switched from using Synctoy for keeping our two servers
(DC/File Server combos) synchronized to using DFS. I just started having
some issues after it's been in place for a couple weeks. the "public" file
share (really mostly a public file dump) started being read-only to people
for some reason. I checked our primary server (in my office) and the
permissions and everything we correct. Then today, after it happened again
on someone else, I got a wild hair and checked our other server and it had
the permission set to "read only" for the "public" share.

 

Anyone ever seen anything like this happen before? Is it just coincidence
that about two weeks after we implement DFS the file share goes "read
only"??? 

 

Any ideas how to keep it from happening in the future?

 

John-AldrichTile-Tools

 

 

 

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.12.1/2071 - Release Date: 04/21/09
08:30:00

 

 

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.12.4/2082 - Release Date: 04/27/09
06:19:00


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jonathan Link]

Sounds like some user education is in order.  Next time a snide comment is
made, give them a chart that shows their use of support compared to the rest
of the Windows group.



On Mon, Apr 27, 2009 at 7:06 PM, Steven Peck  wrote:

> It has been our experience that while the technical issues of MAC's
> can be resolved, most issues come from the MAC users themselves.
> Having got themselves a little exception to the overall IT policy,
> they will often refuse to play nice with things like storing files on
> network shares which are backed up.  Consume support resources with
> their custom needs the drain your teams time.  Make constant snide
> comments about Windows and support and get really irritable when you
> produce the article clearly showing it was a MAC issue.
>
> The last time we looked at 'some groups' needs, there were Windows
> versions of all the applications available but they were able to
> maintain their separate resource stance.  Of course we were all
> sympathy when they lost a major amount of data do to their refusal to
> play nice with corporate IT policy.
>
> Of course, I may be biased.
>
> Steven
>
> On Mon, Apr 27, 2009 at 12:24 PM, Jonathan Link 
> wrote:
> > I use VMWare Fusion with a license of WindowsXP on my MacBook Pro, and
> can
> > launch the windows version of Outlook for the full integrated email
> > experience.
> >
> >
> > On Mon, Apr 27, 2009 at 2:34 PM, Murray Freeman 
> wrote:
> >>
> >> I'm being asked to investigate the use of a few MAC's in our network. I
> >> know that it would be only used by a few of our staff for graphics and a
> few
> >> other apps. I'm concerned about the ability of a MAC to interface into
> our
> >> network and Exchange Server email.Obviously we would purchase new
> machines,
> >> so they could be dual boot machines. I'm also aware of virtualization,
> but
> >> haven't looked into that as of yet. Any suggestions, warnings or
> concerns
> >> from anyone with this kind of experience would be greatly appreciated.
> >>
> >>
> >> Murray
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Restricted groups, where have you been....

[Ziots, Edward]

But they cant stop a HIPS :-) Control the Execution...

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Friday, April 24, 2009 4:43 AM
To: NT System Admin Issues
Subject: RE: Restricted groups, where have you been

 

Yes, it will go on and on :-) That's the point - you can't really stop
administrators from doing whatever they want on their own machines. You
need something that's not under their control to do anything that can't
be subverted.

 

As Bob Fronk alluded to earlier, Mark Russinovich did a blog post on how
admins can stop GPOs applying to their machines.

 

Cheer

Ken

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, 24 April 2009 6:41 PM
To: NT System Admin Issues
Subject: Re: Restricted groups, where have you been

 

I suppose this could go on and on :-)

The facts, which we all already know, is that admins can generally get
around most restrictions at this level, given enough time and guile. The
question which I am asking, when I get a spare minute, is why the
scanning software in use needs admin privs anyway. A bit of process
monitor should hopefully provide the answer, however as I have a host of
annoying users and senior management to keep happy, finding the time to
do it is the key. The GPO only exists to put them off in the
meantime...I am relying on the technical ignorance of my users to ensure
it works. I have managed to get rid of all but two of the applications
in my environment that require admin privs to run, so I think I am
getting somewhere.

Cheers for the input though...it helps to be reminded of how many bases
I have to cover in these situations

2009/4/24 Ken Schaefer 

What about SeBackupPrivilege (because that ignores File ACLs - I can
just use NTBackup to make a backup of cacls.exe and restore it
somewhere)?

 

Cheers

Ken

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, 24 April 2009 5:22 PM


To: NT System Admin Issues
Subject: Re: Restricted groups, where have you been

 

good point. SeTakeOwnershipPrivilege is now about to be removed.

You probably are right, it would have been easier to configure at the
perimeter...but that is managed by my boss and I don't trust him to do
it properly and/or not reverse it accidentally or deliberately

2009/4/24 Ken Schaefer 

Now that it is out there, then it's relatively easy to look them up.

 

But in James' case, I can just bring my own copy of cacls.exe (or have a
scheduled job to make a copy of the existing one) and unless
SeTakeOwnership Privilege is removed from the Administrators group I can
then get permissions back to everything that he's just removed. 

 

If the purpose was to block internet access, then I think it would have
been easier to just configure this on the outbound proxy or router or
firewall or whatever device that's inplace there.

 

Cheers

Ken

 



From: Free, Bob [r...@pge.com]
Sent: Friday, 24 April 2009 2:18 AM


To: NT System Admin Issues

Subject: RE: Restricted groups, where have you been

Before Russinovich blogged it you at least had to have a bit of a clue
about GPO's to defeat them, now it is trivial...relatively

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 

Sent: Thursday, April 23, 2009 12:26 AM

To: NT System Admin Issues

Subject: RE: Restricted groups, where have you been

 

If they are administrators, they can defeat GPOs given sufficient
knowledge...

 

Cheers

Ken

 



From: James Rankin [kz2...@googlemail.com]
Sent: Thursday, 23 April 2009 5:12 PM
To: NT System Admin Issues
Subject: Re: Restricted groups, where have you been

For those who can remember the NT4 days, GPOs as a whole are an awesome
admin tool. When I managed an NT4 network with 10,000 users I actually
had batch scripts running overnight that reset the user rights on all
DCs and members servers, checked the local group memberships and altered
them back to a default if they'd changed. Group Policy finally made my
life easy.

I just recently implemented a group policy that blocks internet access
on our few scanning workstations even though the users are admins...a
combination of a false proxy and restrictive file permissions on
inetcpl.cpl, regedit, reg.exe, rshx32.dll and cacls.exe has done the
trick. Power is great

2009/4/22 David Lum 

...all my life! We are just getting to use this feature and it's DA
BOMB! Being able to add users to local groups w/out affecting the
existing memberships is awesome!

 

We are narrowing down how many Domain Admins we have and this feature is
*hugely* helpful in delegating to non domain admins.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RE: Tape swapping service

[Andy Crellin]

No - that's just for the offsite storage and delivery service. There is a 
further menu of charges for emergency (e.g. 2 hour) tape delivery etc.

The last price I remember paying for LTO tapes was £40 per tape if that's of 
any use to you.

Andy Crellin 
Technical Services Manager
Leonard Cheshire Disability
Telephone: 01904 479200
E-mail: andy.crel...@lcdisability.org


-Original Message-
From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] 
Sent: 28 April 2009 11:23
To: NT System Admin Issues
Subject: RE: Tape swapping service

Thanks Andy. Does that include the tapes as needed or do you supply those ?

Olly


-Original Message-
From: Andy Crellin [mailto:andy.crel...@lcdisability.org] 
Sent: 28 April 2009 11:20
To: NT System Admin Issues
Subject: RE: Tape swapping service


I pay £5000-£6000 per year for this service. I've had quotes around the same 
area as well, so this seems to be the price point. 

Andy Crellin 
Technical Services Manager
Leonard Cheshire Disability
Telephone: 01904 479200
E-mail: andy.crel...@lcdisability.org

-Original Message-
From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] 
Sent: 28 April 2009 10:58
To: NT System Admin Issues
Subject: Tape swapping service

Hi chaps,

Just roughly speaking, what would it cost for someone to come out and swap our 
tapes each day and take the previous days tape offsite with them, and bring the 
right tape in for the right day ?

Anyone know any broad costings? £100's per month or £1000's per month do you 
reckon ?

Olly


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Internet communications are not secure and therefore Leonard Cheshire 
Disability does not accept any liability for the content of this message. Any 
views or opinions presented are solely those of the author and do not 
necessarily represent those of Leonard Cheshire Disability. If you have 
received this transmission in error, please contact the sender and delete it 
immediately.
 
Leonard Cheshire Disability is a company limited by guarantee, registered in 
England no: 552847, and a registered charity no: 218186 (England & Wales) and 
no: SC005117 (Scotland) VAT no: 899 3223 75. Registered office: 66 South 
Lambeth Road, London, SW8 1RL.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Internet communications are not secure and therefore Leonard Cheshire 
Disability does not accept any liability for the content of this message. Any 
views or opinions presented are solely those of the author and do not 
necessarily represent those of Leonard Cheshire Disability. If you have 
received this transmission in error, please contact the sender and delete it 
immediately.
 
Leonard Cheshire Disability is a company limited by guarantee, registered in 
England no: 552847, and a registered charity no: 218186 (England & Wales) and 
no: SC005117 (Scotland) VAT no: 899 3223 75. Registered office: 66 South 
Lambeth Road, London, SW8 1RL.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Tape swapping service

[Oliver Marshall]

Thanks Andy. Does that include the tapes as needed or do you supply those ?

Olly


-Original Message-
From: Andy Crellin [mailto:andy.crel...@lcdisability.org] 
Sent: 28 April 2009 11:20
To: NT System Admin Issues
Subject: RE: Tape swapping service


I pay £5000-£6000 per year for this service. I've had quotes around the same 
area as well, so this seems to be the price point. 

Andy Crellin 
Technical Services Manager
Leonard Cheshire Disability
Telephone: 01904 479200
E-mail: andy.crel...@lcdisability.org

-Original Message-
From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] 
Sent: 28 April 2009 10:58
To: NT System Admin Issues
Subject: Tape swapping service

Hi chaps,

Just roughly speaking, what would it cost for someone to come out and swap our 
tapes each day and take the previous days tape offsite with them, and bring the 
right tape in for the right day ?

Anyone know any broad costings? £100's per month or £1000's per month do you 
reckon ?

Olly


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Internet communications are not secure and therefore Leonard Cheshire 
Disability does not accept any liability for the content of this message. Any 
views or opinions presented are solely those of the author and do not 
necessarily represent those of Leonard Cheshire Disability. If you have 
received this transmission in error, please contact the sender and delete it 
immediately.
 
Leonard Cheshire Disability is a company limited by guarantee, registered in 
England no: 552847, and a registered charity no: 218186 (England & Wales) and 
no: SC005117 (Scotland) VAT no: 899 3223 75. Registered office: 66 South 
Lambeth Road, London, SW8 1RL.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Tape swapping service

[Andy Crellin]

I pay £5000-£6000 per year for this service. I've had quotes around the same 
area as well, so this seems to be the price point. 

Andy Crellin 
Technical Services Manager
Leonard Cheshire Disability
Telephone: 01904 479200
E-mail: andy.crel...@lcdisability.org

-Original Message-
From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] 
Sent: 28 April 2009 10:58
To: NT System Admin Issues
Subject: Tape swapping service

Hi chaps,

Just roughly speaking, what would it cost for someone to come out and swap our 
tapes each day and take the previous days tape offsite with them, and bring the 
right tape in for the right day ?

Anyone know any broad costings? £100's per month or £1000's per month do you 
reckon ?

Olly


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Internet communications are not secure and therefore Leonard Cheshire 
Disability does not accept any liability for the content of this message. Any 
views or opinions presented are solely those of the author and do not 
necessarily represent those of Leonard Cheshire Disability. If you have 
received this transmission in error, please contact the sender and delete it 
immediately.
 
Leonard Cheshire Disability is a company limited by guarantee, registered in 
England no: 552847, and a registered charity no: 218186 (England & Wales) and 
no: SC005117 (Scotland) VAT no: 899 3223 75. Registered office: 66 South 
Lambeth Road, London, SW8 1RL.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: script to add auditing

[Ziots, Edward]

Correct, 

Stored in SACL, so subinacl only has the /sdeny switch and /revoke. 

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505
-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Monday, April 27, 2009 8:30 PM
To: NT System Admin Issues
Subject: RE: script to add auditing

Auditing is stored in the SACL not the DACL right?

I was going to recommend icacls.exe which has a /remove switch, but I
think it only does DACLs not SACLs

Cheers
Ken


From: Ziots, Edward [ezi...@lifespan.org]
Sent: Tuesday, 28 April 2009 6:27 AM
To: NT System Admin Issues
Subject: RE: script to add auditing

I think the sdeny will setup a deny acl, but unless you can combine with
/revoke switch that might not be possible...

Z

Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

-Original Message-
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Monday, April 27, 2009 1:28 PM
To: NT System Admin Issues
Subject: RE: script to add auditing

Can Subinacl remove a single entry from the audit list? I've looked
through the documentation, but I don't see a way to do this. I know the
/audit switch will wipe the list out entirely.

Thanks,

Chris
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Tape swapping service

[Oliver Marshall]

Hi chaps,

Just roughly speaking, what would it cost for someone to come out and swap our 
tapes each day and take the previous days tape offsite with them, and bring the 
right tape in for the right day ?

Anyone know any broad costings? £100's per month or £1000's per month do you 
reckon ?

Olly


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jon Harris]

No Samba but putting the specific deny write on that file seems to have
worked.  The Mac user can not up date the file or do anything else with it
but read it.

Jon

On Tue, Apr 28, 2009 at 5:44 AM, Miguel Gonzalez  wrote:

>
> About the famous . files that normally screw backups up, there are tools
> that clean up those files in the Mac and the Windows side (in the case you
> have a Samba server.
>
> Miguel
>
>
> --- El mar, 28/4/09, Jon Harris  escribió:
>
> > De: Jon Harris 
> > Asunto: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
> > Para: "NT System Admin Issues" 
> > Fecha: martes, 28 abril, 2009 5:36
>  > Agreed they are a pain.  They also like to leave files
> > around that make
> > backups fail (or appear to fail).  I took to leaving the
> > files in place and
> > put specific deny write on the Mac user in my environment.
> > Mac users are
> > also a pain to deal with as they usaully whine that it is
> > so much easier on
> > a Mac but in real life it is pretty much the same.
> >
> > Jon
> >
> > On Mon, Apr 27, 2009 at 2:49 PM, Sherry Abercrombie
> > wrote:
> >
> > > Macs are a pain.  Not only do I have about 2 dozen of
> > them on my network,
> > > I've got a stupid Mac Server also.
> > >
> > > Macs use Entourage for interaction with Exchange
> > (OWA), it's not perfect,
> > > there are issues, and it's on the Mac side.  Not
> > any issues with having them
> > > on your network, I just don't like Macs.
> > >
> > >
> > > On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman
> > wrote:
> > >
> > >>  I'm being asked to investigate the use of a
> > few MAC's in our network. I
> > >> know that it would be only used by a few of our
> > staff for graphics and a few
> > >> other apps. I'm concerned about the ability of
> > a MAC to interface into our
> > >> network and Exchange Server email.Obviously we
> > would purchase new machines,
> > >> so they could be dual boot machines. I'm also
> > aware of virtualization, but
> > >> haven't looked into that as of yet. Any
> > suggestions, warnings or concerns
> > >> from anyone with this kind of experience would be
> > greatly appreciated.
> > >>
> > >>
> > >> *Murray*
> > >>
> > >>
> > >>
> > >>
> > >>
> > >>
> > >>
> > >
> > >
> > > --
> > > Sherry Abercrombie
> > >
> > > "Any sufficiently advanced technology is
> > indistinguishable from magic."
> > > Arthur C. Clarke
> > > Sent from Haslet, TX, United States
> > >
> > >
> > >
> > >
> > >
> > >
> >
>  > ~ Finally, powerful endpoint security that ISN'T a
> > resource hog! ~
> > ~
> > 
> >  ~
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jon Harris]

I will add one additional fact.  Our Mac has spent on average at least 2
days a year in service with another 2 days per year on either side of that
having issues, either hardware or software.  All of the Windows Desktops and
Laptops combined have only 4 days in the shop for issues, with most of those
restricted to a machine that is more than 5 years old running an OS that the
manufacturer says it will not run.  Funny thing is that adding RAM to the
machine and it worked fine.  It was a test machine that got pushed into
production when the users machine died after reaching about 10 years of age.

Jon

On Tue, Apr 28, 2009 at 5:36 AM, Jon Harris  wrote:

>  Agreed they are a pain.  They also like to leave files around that make
> backups fail (or appear to fail).  I took to leaving the files in place and
> put specific deny write on the Mac user in my environment.  Mac users are
> also a pain to deal with as they usaully whine that it is so much easier on
> a Mac but in real life it is pretty much the same.
>
> Jon
>
>  On Mon, Apr 27, 2009 at 2:49 PM, Sherry Abercrombie 
> wrote:
>
>> Macs are a pain.  Not only do I have about 2 dozen of them on my network,
>> I've got a stupid Mac Server also.
>>
>> Macs use Entourage for interaction with Exchange (OWA), it's not perfect,
>> there are issues, and it's on the Mac side.  Not any issues with having them
>> on your network, I just don't like Macs.
>>
>>
>> On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman wrote:
>>
>>>  I'm being asked to investigate the use of a few MAC's in our network. I
>>> know that it would be only used by a few of our staff for graphics and a few
>>> other apps. I'm concerned about the ability of a MAC to interface into our
>>> network and Exchange Server email.Obviously we would purchase new machines,
>>> so they could be dual boot machines. I'm also aware of virtualization, but
>>> haven't looked into that as of yet. Any suggestions, warnings or concerns
>>> from anyone with this kind of experience would be greatly appreciated.
>>>
>>>
>>> *Murray*
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Sherry Abercrombie
>>
>> "Any sufficiently advanced technology is indistinguishable from magic."
>> Arthur C. Clarke
>> Sent from Haslet, TX, United States
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Miguel Gonzalez]

About the famous . files that normally screw backups up, there are tools that 
clean up those files in the Mac and the Windows side (in the case you have a 
Samba server.

Miguel


--- El mar, 28/4/09, Jon Harris  escribió:

> De: Jon Harris 
> Asunto: Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT
> Para: "NT System Admin Issues" 
> Fecha: martes, 28 abril, 2009 5:36
> Agreed they are a pain.  They also like to leave files
> around that make
> backups fail (or appear to fail).  I took to leaving the
> files in place and
> put specific deny write on the Mac user in my environment. 
> Mac users are
> also a pain to deal with as they usaully whine that it is
> so much easier on
> a Mac but in real life it is pretty much the same.
> 
> Jon
> 
> On Mon, Apr 27, 2009 at 2:49 PM, Sherry Abercrombie
> wrote:
> 
> > Macs are a pain.  Not only do I have about 2 dozen of
> them on my network,
> > I've got a stupid Mac Server also.
> >
> > Macs use Entourage for interaction with Exchange
> (OWA), it's not perfect,
> > there are issues, and it's on the Mac side.  Not
> any issues with having them
> > on your network, I just don't like Macs.
> >
> >
> > On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman
> wrote:
> >
> >>  I'm being asked to investigate the use of a
> few MAC's in our network. I
> >> know that it would be only used by a few of our
> staff for graphics and a few
> >> other apps. I'm concerned about the ability of
> a MAC to interface into our
> >> network and Exchange Server email.Obviously we
> would purchase new machines,
> >> so they could be dual boot machines. I'm also
> aware of virtualization, but
> >> haven't looked into that as of yet. Any
> suggestions, warnings or concerns
> >> from anyone with this kind of experience would be
> greatly appreciated.
> >>
> >>
> >> *Murray*
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > Sherry Abercrombie
> >
> > "Any sufficiently advanced technology is
> indistinguishable from magic."
> > Arthur C. Clarke
> > Sent from Haslet, TX, United States
> >
> >
> >
> >
> >
> >
> 
> ~ Finally, powerful endpoint security that ISN'T a
> resource hog! ~
> ~
> 
>  ~


  

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USE OF MAC COMPUTERS IN WINDOWS ENVIRONMENT

[Jon Harris]

Agreed they are a pain.  They also like to leave files around that make
backups fail (or appear to fail).  I took to leaving the files in place and
put specific deny write on the Mac user in my environment.  Mac users are
also a pain to deal with as they usaully whine that it is so much easier on
a Mac but in real life it is pretty much the same.

Jon

On Mon, Apr 27, 2009 at 2:49 PM, Sherry Abercrombie wrote:

> Macs are a pain.  Not only do I have about 2 dozen of them on my network,
> I've got a stupid Mac Server also.
>
> Macs use Entourage for interaction with Exchange (OWA), it's not perfect,
> there are issues, and it's on the Mac side.  Not any issues with having them
> on your network, I just don't like Macs.
>
>
> On Mon, Apr 27, 2009 at 1:34 PM, Murray Freeman wrote:
>
>>  I'm being asked to investigate the use of a few MAC's in our network. I
>> know that it would be only used by a few of our staff for graphics and a few
>> other apps. I'm concerned about the ability of a MAC to interface into our
>> network and Exchange Server email.Obviously we would purchase new machines,
>> so they could be dual boot machines. I'm also aware of virtualization, but
>> haven't looked into that as of yet. Any suggestions, warnings or concerns
>> from anyone with this kind of experience would be greatly appreciated.
>>
>>
>> *Murray*
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
> Sent from Haslet, TX, United States
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~