date:20090707

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Ken Schaefer

Hi,

Unless you have proper procedures for safegaurding this stuff, and legals in 
place, I would do this all on the customer's premises (or wherever they 
instruct you to work) on their equipment. They must have a budget for this 
(otherwise how are they paying you?), and it becomes a cost of part of the 
project. If someone breaks into their offices and steals a server, that's not 
your problem then.

Now, I have a bunch of commercially sensitive stuff on my laptop (as do 
most/all of our other consultants). But we have our risk management in place 
(e.g. Bitlocker-ed laptops, Exchange sync policy enforcement for phones, 
IRM/RMS, policy documents we have to sign etc), and we have the contractual 
stuff in place to indemnify us against customer lawsuits (and no doubt the 
necessary insurance cover as well).

Cheers
Ken


From: Erik Goldoff [egold...@gmail.com]
Sent: Wednesday, 8 July 2009 3:54 PM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain


"What happens when you tell the customer you’ve made a backup of their whatever 
and their office burns down a couple days later? "

You're wy off base here ... there are too many theoreticals ... what 
happens, if during the upgrade, something goes wrong and the active directory 
metabase becomes corrupt... they have no internal backups, I don't make a copy, 
and now they cannot login to their network resources ...  I can still be sued 
for free, and the probability of that scenario happening is much higher than a 
bus running over my laptop.  And if their office burns down, they're gonna need 
more than the DC image I have, not to mention that I explicitly state the 
purpose of the backup copy I make, 'to recover if the upgrade process goes 
wrong' ... period ...

I understand your perspective on the situation, but sorry, it just won't fly in 
the real world dealing with SOHO and Small business sites.  Your data center 
fires is a neat story, but for Soho and Small business, their 'data center' is 
usually a commandeered closet or corner with a collection of servers ... note 
that this issue revolves around upgrading from Windows 2000 ???  Not a 
technilogically current installation, no spare server or desktop hardware, nor 
OS license to spare.

I'm curious as to how you would handle the business continuity planning for a 
problem with the upgrade ...
Erik Goldoff

IT  Consultant

Systems, Networks, & Security




From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Wednesday, July 08, 2009 1:34 AM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

Yes pretty much.

Here’s another way I’d think of this. What’s your liability insurance got to 
say about this bonus service? What happens when you tell the customer you’ve 
made a backup of their whatever and their office burns down a couple days 
later? Sure you can just restore that bonus backup except your laptop got 
runover by a bus in between the backup and the fire.

A colleague had some wise words for me the first time I did a gig at a legal 
services customer – “Just remember, they can sue you for free.”


Many customers I deal with, offsite backups consist of tapes going in these 
heavy duty metal boxes with locks on them. The boxes are barcoded or numbered 
or something and a guy comes to pick them up, signs for them, and the offsite 
people basically guarantee their safety until you sign for them when they come 
back. The delivery guy also drops off any locked tape boxes whose retention 
policies dictate their return as they’ve expired. In the unlikely event of some 
major crisis, the offsite people are on the nut to get your box of tapes 
somewhere in some prearranged guaranteed time window.

Some customers are also sending stuff live (e.g. replicas on standby hardware) 
into a 3rd party datacenter designed for this sort of fallback plan (e.g. 
Sungard). They also have contracts where if their computer room burns down or 
something the vendor is on the nut to provide K servers of approximate 
configuration Z in location Y within X hours of notification of the requirement.

These vendors have the kind of capacity and capability to deal with something 
like 9/11 or Katrina if the customer has the action plan to respond. Or perhaps 
something more simple like the two datacenter fires this past weekend – Seattle 
and Toronto both had high rise carrier hotel fires. One of them, I forget 
which, the electrical busing between floors was completely hosed (literally) 
from what I heard.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Erik Goldoff

 
"What happens when you tell the customer you've made a backup of their
whatever and their office burns down a couple days later? "
 
You're wy off base here ... there are too many theoreticals ... what
happens, if during the upgrade, something goes wrong and the active
directory metabase becomes corrupt... they have no internal backups, I don't
make a copy, and now they cannot login to their network resources ...  I can
still be sued for free, and the probability of that scenario happening is
much higher than a bus running over my laptop.  And if their office burns
down, they're gonna need more than the DC image I have, not to mention that
I explicitly state the purpose of the backup copy I make, 'to recover if the
upgrade process goes wrong' ... period ...
 
I understand your perspective on the situation, but sorry, it just won't fly
in the real world dealing with SOHO and Small business sites.  Your data
center fires is a neat story, but for Soho and Small business, their 'data
center' is usually a commandeered closet or corner with a collection of
servers ... note that this issue revolves around upgrading from Windows 2000
???  Not a technilogically current installation, no spare server or desktop
hardware, nor OS license to spare.
 
I'm curious as to how you would handle the business continuity planning for
a problem with the upgrade ...

Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Wednesday, July 08, 2009 1:34 AM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain



Yes pretty much.

 

Here's another way I'd think of this. What's your liability insurance got to
say about this bonus service? What happens when you tell the customer you've
made a backup of their whatever and their office burns down a couple days
later? Sure you can just restore that bonus backup except your laptop got
runover by a bus in between the backup and the fire.

 

A colleague had some wise words for me the first time I did a gig at a legal
services customer - "Just remember, they can sue you for free."

 

 

Many customers I deal with, offsite backups consist of tapes going in these
heavy duty metal boxes with locks on them. The boxes are barcoded or
numbered or something and a guy comes to pick them up, signs for them, and
the offsite people basically guarantee their safety until you sign for them
when they come back. The delivery guy also drops off any locked tape boxes
whose retention policies dictate their return as they've expired. In the
unlikely event of some major crisis, the offsite people are on the nut to
get your box of tapes somewhere in some prearranged guaranteed time window. 

 

Some customers are also sending stuff live (e.g. replicas on standby
hardware) into a 3rd party datacenter designed for this sort of fallback
plan (e.g. Sungard). They also have contracts where if their computer room
burns down or something the vendor is on the nut to provide K servers of
approximate configuration Z in location Y within X hours of notification of
the requirement.

 

These vendors have the kind of capacity and capability to deal with
something like 9/11 or Katrina if the customer has the action plan to
respond. Or perhaps something more simple like the two datacenter fires this
past weekend - Seattle and Toronto both had high rise carrier hotel fires.
One of them, I forget which, the electrical busing between floors was
completely hosed (literally) from what I heard. 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Erik Goldoff

 Thank You !  Someone that gets it !  The real world versus how it should
be.

You folks working within a 'real' corporate IT structure don't know how good
you have it ( I have been there, too ).  You wouldn't believe the number of
sites with no disaster recovery plan, or even backups.  Of those that do
have backups, some have NEVER done a test restore.  I have seen too many
sites fail because they could not restore from tape some otherwise critical
data.

And I can assure you that if they do not understand the flaw in keeping
login credentials on a postit note on their monitor, nor the flaw in not
having a password expiration policy, nor the flaw in letting the owner's
child play on the internet with the owner's login that has full privledges,
they wouldn't be worried about how my method of protecting them violates
'best practices'.

Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Wednesday, July 08, 2009 1:21 AM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

On Wed, Jul 8, 2009 at 12:59 AM, Ken Schaefer wrote:
> I'm going to have to agree with Brian on this. Making a copy of 
> someone's DIT isn't the same as a proper backup. I don't think Brian's 
> questioning your professionalism here - but if I was a customer I'd be 
> quite nervous about this to.

  You guys have been working for "real" companies too long.

  For SOHOs, if you say "I'm making a virtual machine of an Active Directory
Domain Controller on my laptop; that includes the DIT files.
 I'll keep it for a few days in case we have trouble" you're going to get
nothing but blank stares.  When you then rephrase it as "I'm keeping a copy
of important server stuff on my laptop in case we have trouble", you'll get
thanked.

  Remember, a lot of these sorts of places *have no backups at all*.
I know that seems incomprehensible to people on this list, but for a lot of
really small shops (< 5 people), their disaster recovery plan is chapter 7
bankruptcy liquidation.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Brian Desmond

Yes pretty much.

Here's another way I'd think of this. What's your liability insurance got to 
say about this bonus service? What happens when you tell the customer you've 
made a backup of their whatever and their office burns down a couple days 
later? Sure you can just restore that bonus backup except your laptop got 
runover by a bus in between the backup and the fire.

A colleague had some wise words for me the first time I did a gig at a legal 
services customer - "Just remember, they can sue you for free."


Many customers I deal with, offsite backups consist of tapes going in these 
heavy duty metal boxes with locks on them. The boxes are barcoded or numbered 
or something and a guy comes to pick them up, signs for them, and the offsite 
people basically guarantee their safety until you sign for them when they come 
back. The delivery guy also drops off any locked tape boxes whose retention 
policies dictate their return as they've expired. In the unlikely event of some 
major crisis, the offsite people are on the nut to get your box of tapes 
somewhere in some prearranged guaranteed time window.

Some customers are also sending stuff live (e.g. replicas on standby hardware) 
into a 3rd party datacenter designed for this sort of fallback plan (e.g. 
Sungard). They also have contracts where if their computer room burns down or 
something the vendor is on the nut to provide K servers of approximate 
configuration Z in location Y within X hours of notification of the requirement.

These vendors have the kind of capacity and capability to deal with something 
like 9/11 or Katrina if the customer has the action plan to respond. Or perhaps 
something more simple like the two datacenter fires this past weekend - Seattle 
and Toronto both had high rise carrier hotel fires. One of them, I forget 
which, the electrical busing between floors was completely hosed (literally) 
from what I heard.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Tuesday, July 07, 2009 11:59 PM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

Erik,

I'm going to have to agree with Brian on this. Making a copy of someone's DIT 
isn't the same as a proper backup. I don't think Brian's questioning your 
professionalism here - but if I was a customer I'd be quite nervous about this 
to.

The type of clients that Brian works with don't need consultants to take 
offsite backups for them :-)

Cheers
Ken


From: Erik Goldoff [egold...@gmail.com]
Sent: Wednesday, 8 July 2009 6:39 AM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain
You're entitled to your opinion ... but from my experience, providing and 
offsite backup at my expense ( zero charge if not needed ) is a very VALUABLE 
service to most of these small businesses.  And I *NEVER* do this without fully 
informing the client, so they always have right of refusal.  Most have no idea 
about proper business continuity planning, and don't think ahead on how to get 
the business runnining again after a network shutdown.

That said, I think your characterization of   'walking off with a copy' a bit 
harsh, it's not like I'm stealing a copy for my own benefit, selling to black 
hats, or putting them at extended risk.   I would hope, given YOUR background, 
that you already have fallback plans in place, and it would not be necessary 
for ME to cover your behind like I do for many of my clients that don't know 
any better.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security



From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Tuesday, July 07, 2009 2:39 PM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain
IMO a "network security engineer" would know better than to take copies of 
sensitive customer data like that. Put it this way, if you were on my payroll 
and I found out you were walking off with a copy of my DIT you'd be shown the 
door straight away.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 11:52 AM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

Agree with best practices, but with personal experience in dealing with 
consultants, we make them sign a contract/NDA that prohibits them from using 
any information or disclosing it outside our organization.
On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff 
mailto:egold...@gmail.com>> wrote:
With all due respect, if they cannot trust a network security engineer that 
helps to maintain and improve their security ( have remote access to firewall 
and TS ) then they ma

Re: Win2003 DC on Win2000 domain

2009-07-07 Thread Ben Scott

On Wed, Jul 8, 2009 at 12:59 AM, Ken Schaefer wrote:
> I'm going to have to agree with Brian on this. Making a copy of someone's
> DIT isn't the same as a proper backup. I don't think Brian's questioning
> your professionalism here - but if I was a customer I'd be quite nervous
> about this to.

  You guys have been working for "real" companies too long.

  For SOHOs, if you say "I'm making a virtual machine of an Active
Directory Domain Controller on my laptop; that includes the DIT files.
 I'll keep it for a few days in case we have trouble" you're going to
get nothing but blank stares.  When you then rephrase it as "I'm
keeping a copy of important server stuff on my laptop in case we have
trouble", you'll get thanked.

  Remember, a lot of these sorts of places *have no backups at all*.
I know that seems incomprehensible to people on this list, but for a
lot of really small shops (< 5 people), their disaster recovery plan
is chapter 7 bankruptcy liquidation.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Ken Schaefer

Erik,

I'm going to have to agree with Brian on this. Making a copy of someone's DIT 
isn't the same as a proper backup. I don't think Brian's questioning your 
professionalism here - but if I was a customer I'd be quite nervous about this 
to.

The type of clients that Brian works with don't need consultants to take 
offsite backups for them :-)

Cheers
Ken


From: Erik Goldoff [egold...@gmail.com]
Sent: Wednesday, 8 July 2009 6:39 AM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

You're entitled to your opinion ... but from my experience, providing and 
offsite backup at my expense ( zero charge if not needed ) is a very VALUABLE 
service to most of these small businesses.  And I *NEVER* do this without fully 
informing the client, so they always have right of refusal.  Most have no idea 
about proper business continuity planning, and don't think ahead on how to get 
the business runnining again after a network shutdown.

That said, I think your characterization of   'walking off with a copy' a bit 
harsh, it's not like I'm stealing a copy for my own benefit, selling to black 
hats, or putting them at extended risk.   I would hope, given YOUR background, 
that you already have fallback plans in place, and it would not be necessary 
for ME to cover your behind like I do for many of my clients that don't know 
any better.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security




From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Tuesday, July 07, 2009 2:39 PM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

IMO a “network security engineer” would know better than to take copies of 
sensitive customer data like that. Put it this way, if you were on my payroll 
and I found out you were walking off with a copy of my DIT you’d be shown the 
door straight away.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 11:52 AM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

Agree with best practices, but with personal experience in dealing with 
consultants, we make them sign a contract/NDA that prohibits them from using 
any information or disclosing it outside our organization.
On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff 
mailto:egold...@gmail.com>> wrote:
With all due respect, if they cannot trust a network security engineer that 
helps to maintain and improve their security ( have remote access to firewall 
and TS ) then they may as well still run on paper.  Their internal security 
knowledge, as well as any BCP is practically non-existant.

But from a best practices perspective, you are right.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security



From: Brian Desmond 
[mailto:br...@briandesmond.com]
Sent: Tuesday, July 07, 2009 12:28 PM

To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain


That is pretty scary from a risk management perspective that you’re walking off 
with a copy of the customer’s AD.



Thanks,

Brian Desmond

br...@briandesmond.com



c - 312.731.3132



Active Directory, 4th Ed - http://www.briandesmond.com/ad4/

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian











~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread David Lum

It was a joke on my part, I couldn't resist the jab. In all honesty I use 
Outlook everywhere (work, home, clients) and have no issues with it. Same for 
IE. Same for XP / Vista. They're popular to shoot fun at, but for me, what I do 
day in and day out, it's no problem. I figure the more frequent patching, etc 
is probably equivalent to the time to make "other than MS" options work in a 
largely MS environment.  We have many Mac users in my office, and while they 
gloat about not having vulnerabilites to speak of, they bitch that stuff from 
PC's doesn't always work on their Mac's and vice versa.

I tried to migrate a (45 user) client to 100% FireFox (back at version 1.1). 
Another cleint (20 users) I tried to go to 100% Foxit Reader. Guess what, there 
was enough incompatibility that ultimately it wasn't worth the effort in either 
case. There are times with "go with what you know" actually IS a time and 
effort saver.

Much of my time is making 3rd party apps work with Microsoft's stuff - weather 
I should be blaming Microsoft or the 3rd patry vendor depends entirely upon 
which side of the fence you're on :-).

Dave


From: Michael B. Smith [mich...@owa.smithcons.com]
Sent: Tuesday, July 07, 2009 4:43 PM
To: NT System Admin Issues
Subject: RE: Gmail

Hey - I said fully-featured.

(No intent to start a war here. :-) )

From: Tom Miller [tmil...@hnncsb.org]
Sent: Tuesday, July 07, 2009 7:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW admin 
for many years, many versions.  (Exchange admin as well but I can't say 
Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>
Oh?

And what fully-featured Email/PIM do you find to be more stable than Outlook?


From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook….

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..
On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
mailto:mfree...@alanet.org>> wrote:
How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.


Murray



From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues
Subject: RE: Gmail

They are now collector’s items. Put them on ebay.



-sc



From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail



Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had?

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

I guess that shows what they think of you.



-sc



From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail



Mine still shows as Beta.



Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

Well, well, well… finally out of beta.



-sc

















--
Devin















--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke














Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New IE zero day exploit in the wild

2009-07-07 Thread Ken Schaefer

Are all your users admins? Otherwise, how is that logon script going to update 
HKLM?

Machine-based startup script would be better idea, no?

Cheers
Ken

From: Kurt Buff [kurt.b...@gmail.com]
Sent: Wednesday, 8 July 2009 2:41 AM
To: NT System Admin Issues
Subject: Re: New IE zero day exploit in the wild

I'm just pushing out the .reg file in the login script:

 regedit /s \\fileserver\public\patches\videokillbits.reg

The file was easy to create, in a capable editor (not notepad or
wordpad) that allows metacharacter search and replace, such as '\n'
for CRLF and '\t' for tab. I used the ancient, no-longer-supported
PFE32. I really should switch to VIM, I suppose.

On Tue, Jul 7, 2009 at 08:40, Eric
Wittersheim wrote:
> I'm pushing out the .reg via GP.  So far so good.
>
> On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:
>>
>> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is pushing
>> fine (so far just a few test cases have it, but no issues). Beats trying to
>> push out a .REG or something…
>>
>>
>>
>> David Lum // SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 971.222.1025 // (Cell) 503.267.9764
>>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

It has its flaws, but it re-defined the way email/contacts/calendar were
done, and as far as I'm concerned, does them more seamlessly than just
about any other program. 

It's not too hard to find many other programs that are trying to be like
Outlook.

Now admittedly it's best when running with an Exchange back-end, and
yes, I was using the "IMAP" as a generic catch-all to mean "other IMAP
mailer front ends"... you left out the part where I mentioned the many
location/machine part.

Outlook-MAPI-Exchange has no equals I've found when it comes to having a
single view of all my PIM data everywhere that's all synced, all the
time.

Of course, YMMV. Void where prohibited. Do not fold, spindle or
mutilate.

-sc

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Tuesday, July 07, 2009 9:46 PM
To: NT System Admin Issues
Subject: Re: Gmail

On Tue, Jul 7, 2009 at 9:01 PM, Steven M. Caesare
wrote:
> Outlook has rocked for years.

  Outlook isn't terribly good at anything in particular.  There are
better email programs.  There are better calendar programs.  There are
better task managers.  Outlook's strengths lie in integration, having
everything in one program, which a lot of people like, and has some
benefits in terms of information sharing.

> IMAP didn't even really come close... and I tried hard to make it.

  IMAP's a protocol, not a program.  Outlook even supports IMAP.  So,
um: Huh?  :)

  If you're trying to say that it's hard to find a good IMAP client, I
agree.  Harder still to find one that has lots of power *and also*
does offline caching well.  I've never really found one that did
everything I wanted to and also did offline caching well.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 9:01 PM, Steven M. Caesare wrote:
> Outlook has rocked for years.

  Outlook isn't terribly good at anything in particular.  There are
better email programs.  There are better calendar programs.  There are
better task managers.  Outlook's strengths lie in integration, having
everything in one program, which a lot of people like, and has some
benefits in terms of information sharing.

> IMAP didn’t even really come close… and I tried hard to make it.

  IMAP's a protocol, not a program.  Outlook even supports IMAP.  So,
um: Huh?  :)

  If you're trying to say that it's hard to find a good IMAP client, I
agree.  Harder still to find one that has lots of power *and also*
does offline caching well.  I've never really found one that did
everything I wanted to and also did offline caching well.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 7:44 PM, Ben Schorr wrote:
> That explains why so many clients are calling me to get them off Exchange
> and onto Groupwis

  Popularity generally isn't a reflection of technical merit.

  Just look at television or popular music.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Ben Schorr

Well, that's true, I am definitely of the opinion that "whatever works"
but to be honest...in the last 5 years I've had ZERO calls to replace
Exchange with Groupwise and probably a dozen or more who wanted to
replace Groupwise with Exchange.

Your mileage may vary, of course. :-)

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com  
b...@rolandschorr.com  

Twitter: http://www.twitter.com/bschorr

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Tuesday, July 07, 2009 2:08 PM
To: NT System Admin Issues
Subject: RE: Gmail

Seriously?  Exchange has most of the market but GW is so easy to manage.
Some of the features are different than Exchange, but it is definitely a
full-featured client.  Whatever works for my employer is what they
get...

>>> "Ben Schorr"  7/7/2009 7:44 PM >>>

That explains why so many clients are calling me to get them off
Exchange and onto Groupwis

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com  
b...@rolandschorr.com  

Twitter: http://www.twitter.com/bschorr

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Tuesday, July 07, 2009 1:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW
admin for many years, many versions.  (Exchange admin as well but I
can't say Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>

Oh?

And what fully-featured Email/PIM do you find to be more stable than
Outlook?

From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outloo.

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
wrote:

How do I tell if I'm still in beta? I don't use my account very often
and I don't remember any "beta" notification.

Murray 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues

Subject: RE: Gmail

They are now collects items. Put them on ebay.

-sc

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

-sc

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, wel finally out of beta.

-sc

-- 
Devin

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

Exchange != Outlook

 

AnywaI dunno what you are doing, but with proper admin, Exchange doesn���t 
either.

 

-sc

 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Tuesday, July 07, 2009 7:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

 

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW admin 
for many years, many versions.  (Exchange admin as well but I can't say 
Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>

Oh?

 

And what fully-featured Email/PIM do you find to be more stable than Outlook?

 



From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outloo.

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

 

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman  wrote:

How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

 

Murray 

 

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM


To: NT System Admin Issues

Subject: RE: Gmail

They are now collect�s items. Put them on ebay.

 

-sc

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare  wrote:

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare  wrote:

Well, well, we� finally out of beta.

 

-sc

 

 

 

 

 

 

 




-- 
Devin

 

 

 

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 

 

 

 

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

I have to second Michael's sentiment. Outlook has rocked for years. I've
yet to find anything as remotely slick as Outlook/Exchange... particular
for multiple-PC/multiple-location/mobile folks.

 

IMAP didn't even really come close... and I tried hard to make it.

 

-sc

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Tuesday, July 07, 2009 7:36 PM
To: NT System Admin Issues
Subject: RE: Gmail

 

Oh?

 

And what fully-featured Email/PIM do you find to be more stable than
Outlook?

 



From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

 

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
wrote:

How do I tell if I'm still in beta? I don't use my account very often
and I don't remember any "beta" notification.

 

Murray 

 

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM


To: NT System Admin Issues

Subject: RE: Gmail

They are now collector's items. Put them on ebay.

 

-sc

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

 

-sc

 

 

 

 

 

 

 




-- 
Devin

 

 

 

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MJ's Arcade Virtual Tour (my submit for next week's sunbelt newsletter links)

2009-07-07 Thread Steven M. Caesare

Well, the flash debugger popping up to give diagnostic info (including
the registered owner if the development tool, lol) kinda spoiled the
browser magic for me... but actually it was very cool.

 

-sc

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, July 07, 2009 5:12 PM
To: NT System Admin Issues
Subject: RE: MJ's Arcade Virtual Tour (my submit for next week's sunbelt
newsletter links)

 

I can't decide what's more bitchin' - the arcade, or the ability to
navigate through it

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Tuesday, July 07, 2009 1:48 PM
To: NT System Admin Issues
Subject: OT: MJ's Arcade Virtual Tour (my submit for next week's sunbelt
newsletter links)

 

http://www.pinsane.com/pinorama/events/MJ_09/kr/michael_jackson_arcade_e
ntry.html
  
In. Sane. 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MJ's Arcade Virtual Tour (my submit for next week's sunbelt newsletter links)

2009-07-07 Thread Steven M. Caesare

He had some nice cabs and pins in there...

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Tuesday, July 07, 2009 4:48 PM
To: NT System Admin Issues
Subject: OT: MJ's Arcade Virtual Tour (my submit for next week's sunbelt
newsletter links)

 

http://www.pinsane.com/pinorama/events/MJ_09/kr/michael_jackson_arcade_e
ntry.html
  
In. Sane. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Tom Miller

Seriously?  Exchange has most of the market but GW is so easy to manage.  Some 
of the features are different than Exchange, but it is definitely a 
full-featured client.  Whatever works for my employer is what they get...

>>> "Ben Schorr"  7/7/2009 7:44 PM >>>

That explains why so many clients are calling me to get them off Exchange and 
onto Groupwis

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com ( http://www.rolandschorr.com/ )
b...@rolandschorr.com
Twitter: http://www.twitter.com/bschorr

From:Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Tuesday, July 07, 2009 1:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW admin 
for many years, many versions.  (Exchange admin as well but I can't say 
Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>

Oh?

And what fully-featured Email/PIM do you find to be more stable than Outlook?

From:David Lum [david@nwea.org] 
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outloo.

From:Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman  wrote:

How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

Murray 

From:Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues

Subject:RE: Gmail

They are now collects items. Put them on ebay.

-sc

From:Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare  wrote:

I guess that shows what they think of you.

-sc

From:Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare  wrote:

Well, well, wel finally out of beta.

-sc

-- 
Devin

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Michael B. Smith

Hey - I said fully-featured.

(No intent to start a war here. :-) )

From: Tom Miller [tmil...@hnncsb.org]
Sent: Tuesday, July 07, 2009 7:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW admin 
for many years, many versions.  (Exchange admin as well but I can't say 
Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>
Oh?

And what fully-featured Email/PIM do you find to be more stable than Outlook?

From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook….

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..
On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
mailto:mfree...@alanet.org>> wrote:
How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

Murray

From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues
Subject: RE: Gmail

They are now collector’s items. Put them on ebay.

-sc

From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had?

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

I guess that shows what they think of you.

-sc

From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

Well, well, well… finally out of beta.

-sc

--
Devin

--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Ben Schorr

That explains why so many clients are calling me to get them off Exchange and 
onto Groupwi�

���oh wait, I think I said that backwards. ;-)

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com  
b...@rolandschorr.com  

Twitter: http://www.twitter.com/bschorr

 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Tuesday, July 07, 2009 1:42 PM
To: NT System Admin Issues
Subject: RE: Gmail

 

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW admin 
for many years, many versions.  (Exchange admin as well but I can't say 
Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM >>>

Oh?

 

And what fully-featured Email/PIM do you find to be more stable than Outlook?

 



From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook���.

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

 

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman  wrote:

How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

 

Murray 

 

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM


To: NT System Admin Issues

Subject: RE: Gmail

They are now collectos items. Put them on ebay.

 

-sc

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare  wrote:

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare  wrote:

Well, well, wel finally out of beta.

 

-sc

 

 

 

 

 

 

 




-- 
Devin

 

 

 

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 

 

 

 

Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Tom Miller

GroupWise.  Never goes down (on Windows/Linux/Netware).  Been doing GW
admin for many years, many versions.  (Exchange admin as well but I
can't say Exchange didn't go down, but I hear 2010 is real good.)

>>> "Michael B. Smith"  7/7/2009 7:35 PM
>>>
Oh?

And what fully-featured Email/PIM do you find to be more stable than
Outlook?

From: David Lum [david@nwea.org] 
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook….

From:Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
wrote:

How do I tell if I'm still in beta? I don't use my account very often
and I don't remember any "beta" notification.

Murray 

From:Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues

Subject:RE: Gmail

They are now collector’s items. Put them on ebay.

-sc

From:Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left. 
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

-sc

From:Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare
 wrote:

Well, well, well… finally out of beta.

-sc

-- 
Devin

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."

Arthur C. Clarke

Confidentiality Notice:  This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure, or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Michael B. Smith

Oh?

And what fully-featured Email/PIM do you find to be more stable than Outlook?

From: David Lum [david@nwea.org]
Sent: Tuesday, July 07, 2009 3:04 PM
To: NT System Admin Issues
Subject: RE: Gmail

So has Outlook….

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..
On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
mailto:mfree...@alanet.org>> wrote:
How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

Murray

From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues
Subject: RE: Gmail

They are now collector’s items. Put them on ebay.

-sc

From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had?

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

I guess that shows what they think of you.

-sc

From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

Well, well, well… finally out of beta.

-sc

--
Devin

--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Import-mailbox duplicate behaviour

2009-07-07 Thread Michael B. Smith

My advice to you (and all other readers) - don't depend on default behavior. 
Specify all available parameters.

From: Oliver Marshall [oliver.marsh...@g2support.com]
Sent: Tuesday, July 07, 2009 4:16 PM
To: NT System Admin Issues
Subject: Import-mailbox duplicate behaviour

Hi gang,

Does anyone know what the default behaviour of the import-mailbox powershell 
command is when importing data in to an existing mailbox? Will duplicates occur 
if two emails are the same, or will it only import emails that don’t already 
exist?

Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New IE zero day exploit in the wild

2009-07-07 Thread Carl Houseman

What patch?  Killbit workaround is not a patch.  Open the registry and look
for the registry keys.

 

Carl

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, July 07, 2009 5:49 PM
To: NT System Admin Issues
Subject: RE: New IE zero day exploit in the wild

 

Anyone know how to confirm this patch is applied? Any tools around yet? I'd
just as soon not manually check 4 or 5 machines sand assume all 400 are
OK.and if I don't have to write my own script to check 'em, all the better.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New IE zero day exploit in the wild

2009-07-07 Thread David Lum

Anyone know how to confirm this patch is applied? Any tools around yet? I'd 
just as soon not manually check 4 or 5 machines sand assume all 400 are 
OK...and if I don't have to write my own script to check 'em, all the better...
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: MJ's Arcade Virtual Tour (my submit for next week's sunbelt newsletter links)

2009-07-07 Thread David Lum

I can't decide what's more bitchin' - the arcade, or the ability to navigate 
through it

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com]
Sent: Tuesday, July 07, 2009 1:48 PM
To: NT System Admin Issues
Subject: OT: MJ's Arcade Virtual Tour (my submit for next week's sunbelt 
newsletter links)


http://www.pinsane.com/pinorama/events/MJ_09/kr/michael_jackson_arcade_entry.html
In. Sane.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: MJ's Arcade Virtual Tour (my submit for next week's sunbelt newsletter links)

2009-07-07 Thread David Mazzaccaro

http://www.pinsane.com/pinorama/events/MJ_09/kr/michael_jackson_arcade_e
ntry.html
In. Sane.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Server 2008 fail/ My fail?

2009-07-07 Thread Jonathan Link

Did you adjust the GPO?
Administrative Templates\System\User Profiles

"Add the Administrators security group to roaming user profiles"


On Tue, Jul 7, 2009 at 2:12 PM, Owens, Michael
wrote:

>  Heres what is going on.
>
> I have a share, that TS profiles get created on. Only that account has
> access to them, and system. For some reason it takes away administrators - I
> would like to add a group, to the parent folder, to propogate to all child
> objects created. Does that make sense?
>
>  --
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:46 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Server 2008 fail/ My fail?
>
>   I have been doing that for the last week while I move from 2003 to
> 2008.  Look at the Security Tab bottom Advanced then Edit then Edit again
> then Apply To.  Will this not work or do you want to Add a
> group/person/etc.  If you are adding then the second Edit should be Add
> instead.
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:38 PM, Owens, Michael  > wrote:
>
>>  Does anyone know why they got rid of the option to "replace permission
>> entries on all child objects with entries shown here that apply to child
>> objects?" Or did they move it?
>>
>> --
>> This message, and any response to it, may constitute a public record and
>> thus may be publicly available to anyone who requests it in accordance
>> with Chapter 149 of the Ohio Revised Code.
>>
>>
>>
>>
>>
>>
>
>
>
>
>
> --
> This message, and any response to it, may constitute a public record and
> thus may be publicly available to anyone who requests it in accordance
> with Chapter 149 of the Ohio Revised Code.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firefox 3.5 Silent Install.

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 4:06 PM, Angus Scott-Fleming wrote:
> No, you have to be admin to update any program except Chrome, which installs 
> in
> %APPDATA% and is completely writeable by the user who install it.

  And it doesn't even offer the *option* of installing somewhere else.
 Or at least it didn't last I tried it.  I deleted it from my home
Windows PC for that reason, and won't consider it at work for the same
reason.  Software does **not** go in my user directory!  That means
every account needs its own install, and it means any malware that
gets into a user account can modify software!

  Granted, I also run my home Windows PC with a separate admin
account, so I expect I'm not really the common case for the home
market.  :)  But you'd think Google would want to encourage
corporations to adopt their browser, too, and that's a far less rare
scenario in that world.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Erik Goldoff

You're entitled to your opinion ... but from my experience, providing and
offsite backup at my expense ( zero charge if not needed ) is a very
VALUABLE service to most of these small businesses.  And I *NEVER* do this
without fully informing the client, so they always have right of refusal.
Most have no idea about proper business continuity planning, and don't think
ahead on how to get the business runnining again after a network shutdown.
 
That said, I think your characterization of   'walking off with a copy' a
bit harsh, it's not like I'm stealing a copy for my own benefit, selling to
black hats, or putting them at extended risk.   I would hope, given YOUR
background, that you already have fallback plans in place, and it would not
be necessary for ME to cover your behind like I do for many of my clients
that don't know any better.
 

Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, July 07, 2009 2:39 PM
To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain



IMO a "network security engineer" would know better than to take copies of
sensitive customer data like that. Put it this way, if you were on my
payroll and I found out you were walking off with a copy of my DIT you'd be
shown the door straight away. 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 11:52 AM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

 

Agree with best practices, but with personal experience in dealing with
consultants, we make them sign a contract/NDA that prohibits them from using
any information or disclosing it outside our organization.  

On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff  wrote:

With all due respect, if they cannot trust a network security engineer that
helps to maintain and improve their security ( have remote access to
firewall and TS ) then they may as well still run on paper.  Their internal
security knowledge, as well as any BCP is practically non-existant.

 

But from a best practices perspective, you are right. 

 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

 

  _  

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, July 07, 2009 12:28 PM


To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

 

That is pretty scary from a risk management perspective that you're walking
off with a copy of the customer's AD.

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Tuesday, July 07, 2009 9:18 AM


To: NT System Admin Issues

Subject: RE: Win2003 DC on Win2000 domain

 

Yep, FALLBACK is my concern.  I'll be doing most of the work remotely, as
the two new 2003 servers are in place and on the wire.  Low level help desk
type will be on site, but as of yet, no spare/temp machine as a 2000 DC ...
( I normally bring in my laptop with a 2000 server and a 2003 server running
virtually and promote to DC to grab a copy for 'just in case' in the first
few days, but I won't be on site this time )

 

once forestprep & domainprep run, it's a one way race to the finish

 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

 

  _  

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:05 AM


To: NT System Admin Issues

Subject: Re: Win2003 DC on Win2000 domain

Agreed.  The only difference is since you have Exchange on a DC you might
want to make a 2000 DC on some desktop as a fall back.  Once the fall back
is finished with the sync turn it off.  Do the domain/forest prep if all go
well put the fall back on the network again let it sync again then turn it
off while bringing up the new DC's.  Once all is well and good bring it up
and kill it off.

 

Jon

On Tue, Jul 7, 2009 at 9:59 AM, KenM  wrote:

Why not just install 2003 on the new hardware run dcpromo /forestprep and
/domainprep and run dcpromo on 2003 servers and transfer roles.

 

 



 

On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff  wrote:

Client wants to bring in two new servers ( forklift new hardware ) into
their current Windows 2000 domain, but wants to upgrade Active Directory to
2003 ... two new servers will ultimately replace two existing 2000 servers
which are File/Print/DC  and Exchange/DC  

 

My normally cautious method would be to bring in a temp 2000 box, promote it
to DC in the 2000 domain, move FS

RE: GPO to block chrome.exe

2009-07-07 Thread Free, Bob

> Google felt it was above security principles and users/lusers should
have the final say

 

They supplied an adm file for a GPO to block their toolbar in the past
so that's not entirely accurate. Seems to me they will have to adapt
that mindset if they want to their services to appeal to
enterprises...which I think they want J 

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:56 AM
To: NT System Admin Issues
Subject: Re: GPO to block chrome.exe

 

Last time I heard you could not block the install.  Google felt it was
above security principles and users/lusers should have the final say in
what they ran on "their" systems.

 

Jon

On Tue, Jul 7, 2009 at 1:52 PM, David Lum  wrote:

I have a GPO with a path value blocking %userprofile%\Local
Settings\Application Data\Google\Chrome\Application\chrome.exe, but it
doesn't seem to be working. Running the modeling wizard I see the GPO is
applied to the correct system. I also see chrome.exe seems to exist in
all sorts of "Local Settings\Temp\chrome_" locations, what's up w/
that?

 

I also have a hash value block of the .EXE (well, one version of them)
in the same GPO.

 

I need to block the app (please don't get me started at blocking the
install on the first place...one step at a time here).

 

Ideas?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Import-mailbox duplicate behaviour

2009-07-07 Thread Oliver Marshall

Hi gang,

Does anyone know what the default behaviour of the import-mailbox powershell 
command is when importing data in to an existing mailbox? Will duplicates occur 
if two emails are the same, or will it only import emails that don't already 
exist?

Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firefox 3.5 Silent Install.

2009-07-07 Thread Angus Scott-Fleming

On 5 Jul 2009 at 11:57, Stephen Wimberly  wrote:

> The NTT sounds great, but can a non-admin run it and upgrade any 
> update???

No, you have to be admin to update any program except Chrome, which installs in 
%APPDATA% and is completely writeable by the user who install it.

Now if you had installed Firefox in %APPDATA%, each user would have a separate 
installation but they could update their own --- and when Chrome or FF gets 0-
day-holed, so would their browsers.

There are reasons why users can't update applications.

I think Frontmotion makes an MSI installer for corporate deployments of 
Firefox.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Advice... need a network book

2009-07-07 Thread Ralph Smith

 

 

Vickey,

 

I am also in the process of looking for no/low cost (non-profit, no
budget) training for myself and our two other staff, so I'm interested
to see what people recommend.  

 

One option in addition to a good book that looks interesting is video
training at vtc.com.  They have a $30 dollar a month plan which gives
access to all their videos, and most of the courses they have the first
couple of chapters free so you can take a look at them.  They have
CompTia Network + and a couple of CCNA courses.

 

I looked at some of the free samples and they seem pretty good, but I
haven't purchased the subscription yet so I'm not sure how much detail
they go into.   It may be worth a look.

 

Ralph Smith

 

 

 



From: Vicky Spelshaus [mailto:vicky.spelsh...@gmail.com] 
Sent: Tuesday, July 07, 2009 3:15 PM
To: NT System Admin Issues
Subject: OT: Advice... need a network book

 

As the IT staff for a small college (just me and one other full time
person in charge of distance ed support), I am the perfect example of
"jack of all trades, master of none".  While I'm comfortable with my
skill level in regard to the servers and the workstations, I'm somewhat
lost when it comes to the network itself.  By 'network' I mean
terminolgy, properly configuring the switches, the wireless network,
implementing a VLAN, etc.

 

Therr hasn't been any budget for attending any kind of training in some
time, so I'm looking for suggestions for good books to train myself.
Suggestions?  Please?

 

Thanks in advance.

 

-- 

Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

 

 

 

 

Confidentiality Notice: 

--



This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New IE zero day exploit in the wild

2009-07-07 Thread Ziots, Edward

TY

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:57 PM
To: NT System Admin Issues
Subject: Re: New IE zero day exploit in the wild

 

yes

On Tue, Jul 7, 2009 at 12:49 PM, Ziots, Edward 
wrote:

Are you doing it in a Startup script via the GP? 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] 
Sent: Tuesday, July 07, 2009 11:41 AM


To: NT System Admin Issues
Subject: Re: New IE zero day exploit in the wild

 

I'm pushing out the .reg via GP.  So far so good.

On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:

The "Microsoft fix-it" is an MSI that I am pushing via SMS and is
pushing fine (so far just a few test cases have it, but no issues).
Beats trying to push out a .REG or something...

 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

From: J Kyo [mailto:jky...@gmail.com] 
Sent: Tuesday, July 07, 2009 8:18 AM


To: NT System Admin Issues

Subject: Re: New IE zero day exploit in the wild

 

Curious if anyone has used the "Microsoft Fix It" from:
http://support.microsoft.com/kb/972890.

On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman 
wrote:

Recommendation from MS is to set the killbits everywhere.

 

http://www.microsoft.com/technet/security/advisory/972890.mspx

 

Carl

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Monday, July 06, 2009 9:06 PM 


To: NT System Admin Issues

Subject: RE: New IE zero day exploit in the wild 

 

Seems to be XP / Windows Server 2003 only?

Cheers

Ken

 



From: Alex Eckelberry [al...@sunbelt-software.com]
Sent: Tuesday, 7 July 2009 5:56 AM
To: NT System Admin Issues
Subject: New IE zero day exploit in the wild

Our labs have confirmed this and it is quite nasty.  Best bet for now is
to set the killbits. Or don't use IE. 

 

Some references:

 

Microsoft: 

 

http://www.microsoft.com/technet/security/advisory/972890.mspx

 

SANS: 

 

http://isc.sans.org/diary.html?storyid=6733

 

I would take this one quite seriously.  

 

Alex

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Win2003 DC on Win2000 domain

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 2:39 PM, Brian Desmond wrote:
> IMO a “network security engineer” would know better than to take copies of
> sensitive customer data like that. Put it this way, if you were on my
> payroll and I found out you were walking off with a copy of my DIT you’d be
> shown the door straight away.

  It really depends on what they're paying the guy for.  For a lot of
small shops I've dealt with, keeping a free backup of their stuff
would be considered a perk, not a pitfall.

  "Many of the truths we cling to depend greatly on our own point of view."

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Advice... need a network book

2009-07-07 Thread Christopher Bodnar

Maybe something like this to start with?

 

http://www.amazon.com/Network-Warrior-Gary-Donahue/dp/0596101511/ref=sr_1_
5?ie=UTF8
 &s=books&qid=1246995980&sr=1-5

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

  _  

From: vicky.spelsh...@gmail.com [mailto:vicky.spelsh...@gmail.com] 
Sent: Tuesday, July 07, 2009 3:15 PM
To: NT System Admin Issues
Subject: OT: Advice... need a network book

 

As the IT staff for a small college (just me and one other full time
person in charge of distance ed support), I am the perfect example of
"jack of all trades, master of none".  While I'm comfortable with my skill
level in regard to the servers and the workstations, I'm somewhat lost
when it comes to the network itself.  By 'network' I mean terminolgy,
properly configuring the switches, the wireless network, implementing a
VLAN, etc.

 

Therr hasn't been any budget for attending any kind of training in some
time, so I'm looking for suggestions for good books to train myself.
Suggestions?  Please?

 

Thanks in advance.

 

-- 

Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

 

 

 

 



-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: troubleshooting website performance

2009-07-07 Thread Ziots, Edward

Also you can use Fiddler to look at the http responses from a client
prespective to see if you can capture the 400/500 errors. You can even
see which script or url sequence is taking the longest as it looks from
the client, and reissue that request after you make changes to see if
the performance is helping. 

 

Also need to hook up filemon and regmon to the W3wp.exe process that is
running in the web application pool(s) that are running under the
website. Also look at any issues with the backend database if you are
using one for the website, which might be your problem if you are
dealing with locking/blocking or slow website performance due to DB
issues. Also the stuff at Ken's site (IISSTATE and others will prove
useful) 

 

Are you seeing any specific errors in the IIS logs ( like 400.X or
500.x) or the httperr.log  (Look at 

http://msdn.microsoft.com/en-us/library/aa954365.aspx) 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Thursday, July 02, 2009 5:08 PM
To: NT System Admin Issues
Subject: RE: troubleshooting website performance

 

I would start with web analytics software so you can determine which
transactions are specifically at issue, concurrent with that - what does
perfmon have to say?

 



From: Andy Shook [andy.sh...@peak10.com]
Sent: Thursday, July 02, 2009 4:44 PM
To: NT System Admin Issues
Subject: troubleshooting website performance

Server 2003 SP2

Newer IBM something or other 

2.8Ghz dual core

1.5GB RAM

7 disk  (2 in a RAID1 four in a RAID5 with a hot spare)

 

Server is paging at 1.14GB continually and page file is set to 768MB in
size.

 

Performance issue on website response.  Server literally takes 20-30
seconds to response to request sent by the firewall before firewall
forwards response to user on the Interwebs.  Mucho time spent with
wireshark analyzing packet traces to show that the firewall is receiving
the request from the WAN and promptly forwards http request to internal
web server.  Web server response takes forever to respond,
troubleshooting now but wanted to throw this out to the collective...

 

TIA,  

 

Shook

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Advice... need a network book

2009-07-07 Thread Kurt Buff

Heh.

Haven't worked with the HP WAPs, so don't have an opinion on those,
but the Linksys and DLink WAPs I had were utter rubbish, and I'm glad
to have the Cisco units.

Kurt

On Tue, Jul 7, 2009 at 12:35, Vicky Spelshaus wrote:
> Sorry Kurt - even the wireless is HP.   :-)
> Wireless Edge services in the 5308xl and ProCurve 210 radios.  Can't afford
> Cisco.
>
>
> On Tue, Jul 7, 2009 at 2:25 PM, Kurt Buff  wrote:
>>
>> If she's got Cisco switches I suggest selling them on ebay, getting HP
>> equipement, then investing the difference in the books she needs.
>>
>> Except for the Cisco WAPs, of course - can't beat those, IME.
>>
>> On Tue, Jul 7, 2009 at 12:21, paul chinnery wrote:
>> > I found the Cisco Press books to be quite good, especially the Catalyst
>> > Switch Config field manual.  What kind of switches do you have (Cisco,
>> > 3com,
>> > HP?)
>> >
>> > 
>> > From: vicky.spelsh...@gmail.com
>> > Date: Tue, 7 Jul 2009 14:15:11 -0500
>> > Subject: OT: Advice... need a network book
>> > To: ntsysadmin@lyris.sunbelt-software.com
>> >
>> > As the IT staff for a small college (just me and one other full time
>> > person
>> > in charge of distance ed support), I am the perfect example of "jack of
>> > all
>> > trades, master of none".  While I'm comfortable with my skill level in
>> > regard to the servers and the workstations, I'm somewhat lost when it
>> > comes
>> > to the network itself.  By 'network' I mean terminolgy, properly
>> > configuring
>> > the switches, the wireless network, implementing a VLAN, etc.
>> >
>> > Therr hasn't been any budget for attending any kind of training in some
>> > time, so I'm looking for suggestions for good books to train myself.
>> > Suggestions?  Please?
>> >
>> > Thanks in advance.
>> >
>> > --
>> > Organization and good planning are just crutches for people that can't
>> > handle stress and caffeine. - unknown
>> >
>> >
>> >
>> >
>> >
>> >
>> > 
>> > Lauren found her dream laptop. Find the PC that’s right for you.
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
> --
> Organization and good planning are just crutches for people that can't
> handle stress and caffeine. - unknown
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Don Guyer

No wonder it's causing an issue, it's Ed Rendell!

 

J

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com  

 

From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 12:40 PM
To: NT System Admin Issues
Subject: Can't change hidden attribute, nor take ownership, of a file

 


Win2003. One of my users seems to have created a file that is name
"._x.JPG" (I think this may have come from one of my very few Mac
users, but I don't know that for certain). Anyway, I see the file in
Windows Explorer, and it has an attribute of "H" (hidden). But I can't
seem to change it to be non-hidden. I can't take ownership of the file -
clicking "Properties" shows me only 1 tab - "General".  There is no
"Security" tab.  I have verified that the file system is NTFS. I can not
rename the file, either- "Cannot rename file: cannot read from source
file or disk". (this is the only file this happens on, so I am convinced
that the problem is this file, not the disk) 

>From a command prompt, I see the file when I do a "dir /a". 

04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 

However, I can not change the attribute. 

>attrib -h * 
Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 

I am unable to take ownership of the file, either, because apparently
the file can't be found ... 

 
subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot find
the file specified. 

Elapsed Time: 00 00:00:00 
Done:1, Modified0, Failed1, Syntax errors
0 
Last Done  : ._49 Greene & Rendell.JPG 
Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system
cannot find the file specified. 
 

At this point, I am stumped. I can't change attributes, I can't rename,
I can't take ownership (thinking that perhaps I could rename it that
way). 

Thoughts? Pointers? Clues? etc 


-- 
Michael Leone
Network Administrator, ISM
Philadelphia Housing Authority
2500 Jackson St
Philadelphia, PA 19145
Tel:  215-684-4180
Cell: 215-252-0143


 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Weird issue with Domain Controllers

2009-07-07 Thread Brian Desmond

There should be a corresponding mini in c:\windows\minidump, let's start with 
that.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Tuesday, July 07, 2009 1:41 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Yes but it is almost 4GB


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Tuesday, July 07, 2009 1:40 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
Have you got a copy of one of the dumps I can look at?

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Tuesday, July 07, 2009 1:27 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Well no new update on this.  We thought we had it taken care of on Friday but 
it seems to have started back up today.

Friday we removed one troublesome DC from the domain but today we have another 
one doing it.  We have not narrowed it down to anything.  I cant get the one 
that is currently rebooting to stay online long enough to remove AV from it yet.


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Monday, July 06, 2009 11:07 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

  *   0x0008, or Double Fault, indicates that an exception occurs during a 
call to the handler for a prior exception. Typically, the two exceptions are 
handled serially. However, there are several exceptions that cannot be handled 
serially, and in this situation the processor signals a double fault. There are 
two common causes of a double fault:
 *   A kernel stack overflow. This overflow occurs when a guard page is 
hit, and the kernel tries to push a trap frame. Because there is no stack left, 
a stack overflow results, causing the double fault. If you think this overview 
has occurred, use 
!thread
 to determine the stack limits, and then use kb (Display Stack 
Backtrace)
 with a large parameter (for example, kb 100) to display the full stack.
 *   A hardware problem.


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 10:49 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Windows Server 2003

The stop errors were all similar to this: 0x0007f (0x8, 0xf7727fe0, 
0x, 0x).  Nothing really helpful.

Servers are a mix of HP DL 140s and DL 380s.

No recent updates


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
Sent: Monday, July 06, 2009 10:31 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
What version is your domain?  What's the stop error?  Are all the servers the 
same hardware?  Any recent updates?


From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 10:24 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
Kaspersky


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Monday, July 06, 2009 10:23 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
What's your AV solution?
From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 11:04 AM
To: NT System Admin Issues
Subject: Weird issue with Domain Controllers

Has anyone experienced any strange issues with Domain Controllers lately?

Friday we had every single one of ours randomly reboot with Stop errors 
throughout the day.  We ended up having to remove one and that seemed to have 
calmed down the issues.  Today it seems to have started up again.

I have no idea of where to even start looking.


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association





































~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Advice... need a network book

2009-07-07 Thread Vicky Spelshaus

Sorry Kurt - even the wireless is HP.   :-)
Wireless Edge services in the 5308xl and ProCurve 210 radios.  Can't afford
Cisco.



On Tue, Jul 7, 2009 at 2:25 PM, Kurt Buff  wrote:

> If she's got Cisco switches I suggest selling them on ebay, getting HP
> equipement, then investing the difference in the books she needs.
>
> Except for the Cisco WAPs, of course - can't beat those, IME.
>
> On Tue, Jul 7, 2009 at 12:21, paul chinnery wrote:
> > I found the Cisco Press books to be quite good, especially the Catalyst
> > Switch Config field manual.  What kind of switches do you have (Cisco,
> 3com,
> > HP?)
> >
> > 
> > From: vicky.spelsh...@gmail.com
> > Date: Tue, 7 Jul 2009 14:15:11 -0500
> > Subject: OT: Advice... need a network book
> > To: ntsysadmin@lyris.sunbelt-software.com
> >
> > As the IT staff for a small college (just me and one other full time
> person
> > in charge of distance ed support), I am the perfect example of "jack of
> all
> > trades, master of none".  While I'm comfortable with my skill level in
> > regard to the servers and the workstations, I'm somewhat lost when it
> comes
> > to the network itself.  By 'network' I mean terminolgy, properly
> configuring
> > the switches, the wireless network, implementing a VLAN, etc.
> >
> > Therr hasn't been any budget for attending any kind of training in some
> > time, so I'm looking for suggestions for good books to train myself.
> > Suggestions?  Please?
> >
> > Thanks in advance.
> >
> > --
> > Organization and good planning are just crutches for people that can't
> > handle stress and caffeine. - unknown
> >
> >
> >
> >
> >
> >
> > 
> > Lauren found her dream laptop. Find the PC that’s right for you.
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New IE zero day exploit in the wild

2009-07-07 Thread Kurt Buff

How lucky for you. Heh.

Still on Win2k3 here, and likely to be so for quite a while.

On Tue, Jul 7, 2009 at 12:14, James Rankin wrote:
> I'm pushing it out via Group Policy Preferences. 2008 rocks
>
> 2009/7/7 Kurt Buff 
>>
>> I'm just pushing out the .reg file in the login script:
>>
>>     regedit /s \\fileserver\public\patches\videokillbits.reg
>>
>> The file was easy to create, in a capable editor (not notepad or
>> wordpad) that allows metacharacter search and replace, such as '\n'
>> for CRLF and '\t' for tab. I used the ancient, no-longer-supported
>> PFE32. I really should switch to VIM, I suppose.
>>
>> On Tue, Jul 7, 2009 at 08:40, Eric
>> Wittersheim wrote:
>> > I'm pushing out the .reg via GP.  So far so good.
>> >
>> > On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:
>> >>
>> >> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is
>> >> pushing
>> >> fine (so far just a few test cases have it, but no issues). Beats
>> >> trying to
>> >> push out a .REG or something…
>> >>
>> >>
>> >>
>> >> David Lum // SYSTEMS ENGINEER
>> >> NORTHWEST EVALUATION ASSOCIATION
>> >> (Desk) 971.222.1025 // (Cell) 503.267.9764
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> From: J Kyo [mailto:jky...@gmail.com]
>> >> Sent: Tuesday, July 07, 2009 8:18 AM
>> >> To: NT System Admin Issues
>> >> Subject: Re: New IE zero day exploit in the wild
>> >>
>> >>
>> >>
>> >> Curious if anyone has used the "Microsoft Fix It" from:
>> >> http://support.microsoft.com/kb/972890.
>> >>
>> >> On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman 
>> >> wrote:
>> >>
>> >> Recommendation from MS is to set the killbits everywhere.
>> >>
>> >>
>> >>
>> >> http://www.microsoft.com/technet/security/advisory/972890.mspx
>> >>
>> >>
>> >>
>> >> Carl
>> >>
>> >>
>> >>
>> >> From: Ken Schaefer [mailto:k...@adopenstatic.com]
>> >> Sent: Monday, July 06, 2009 9:06 PM
>> >>
>> >> To: NT System Admin Issues
>> >>
>> >> Subject: RE: New IE zero day exploit in the wild
>> >>
>> >>
>> >>
>> >> Seems to be XP / Windows Server 2003 only?
>> >>
>> >> Cheers
>> >>
>> >> Ken
>> >>
>> >>
>> >>
>> >> 
>> >>
>> >> From: Alex Eckelberry [al...@sunbelt-software.com]
>> >> Sent: Tuesday, 7 July 2009 5:56 AM
>> >> To: NT System Admin Issues
>> >> Subject: New IE zero day exploit in the wild
>> >>
>> >> Our labs have confirmed this and it is quite nasty.  Best bet for now
>> >> is
>> >> to set the killbits. Or don't use IE.
>> >>
>> >>
>> >>
>> >> Some references:
>> >>
>> >>
>> >>
>> >> Microsoft:
>> >>
>> >>
>> >>
>> >> http://www.microsoft.com/technet/security/advisory/972890.mspx
>> >>
>> >>
>> >>
>> >> SANS:
>> >>
>> >>
>> >>
>> >> http://isc.sans.org/diary.html?storyid=6733
>> >>
>> >>
>> >>
>> >> I would take this one quite seriously.
>> >>
>> >>
>> >>
>> >> Alex
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
> http://raythestray.blogspot.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Advice... need a network book

2009-07-07 Thread Kurt Buff

If she's got Cisco switches I suggest selling them on ebay, getting HP
equipement, then investing the difference in the books she needs.

Except for the Cisco WAPs, of course - can't beat those, IME.

On Tue, Jul 7, 2009 at 12:21, paul chinnery wrote:
> I found the Cisco Press books to be quite good, especially the Catalyst
> Switch Config field manual.  What kind of switches do you have (Cisco, 3com,
> HP?)
>
> 
> From: vicky.spelsh...@gmail.com
> Date: Tue, 7 Jul 2009 14:15:11 -0500
> Subject: OT: Advice... need a network book
> To: ntsysadmin@lyris.sunbelt-software.com
>
> As the IT staff for a small college (just me and one other full time person
> in charge of distance ed support), I am the perfect example of "jack of all
> trades, master of none".  While I'm comfortable with my skill level in
> regard to the servers and the workstations, I'm somewhat lost when it comes
> to the network itself.  By 'network' I mean terminolgy, properly configuring
> the switches, the wireless network, implementing a VLAN, etc.
>
> Therr hasn't been any budget for attending any kind of training in some
> time, so I'm looking for suggestions for good books to train myself.
> Suggestions?  Please?
>
> Thanks in advance.
>
> --
> Organization and good planning are just crutches for people that can't
> handle stress and caffeine. - unknown
>
>
>
>
>
>
> 
> Lauren found her dream laptop. Find the PC that’s right for you.
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Advice... need a network book

2009-07-07 Thread Vicky Spelshaus

All HP...  core switch is a 5308xl and all the rest are 2800 series.

On Tue, Jul 7, 2009 at 2:21 PM, paul chinnery  wrote:

> I found the Cisco Press books to be quite good, especially the Catalyst
> Switch Config field manual.  What kind of switches do you have (Cisco, 3com,
> HP?)
>
> --
> From: vicky.spelsh...@gmail.com
> Date: Tue, 7 Jul 2009 14:15:11 -0500
> Subject: OT: Advice... need a network book
> To: ntsysadmin@lyris.sunbelt-software.com
>
>
> As *the* IT staff for a small college (just me and one other full time
> person in charge of distance ed support), I am the perfect example of "jack
> of all trades, master of none".  While I'm comfortable with my skill level
> in regard to the servers and the workstations, I'm somewhat lost when it
> comes to the network itself.  By 'network' I mean terminolgy, properly
> configuring the switches, the wireless network, implementing a VLAN, etc.
>
> Therr hasn't been any budget for attending any kind of training in some
> time, so I'm looking for suggestions for good books to train myself.
> Suggestions?  Please?
>
> Thanks in advance.
>
> --
> Organization and good planning are just crutches for people that can't
> handle stress and caffeine. - unknown
>
>
>
>
>
>
>
>
> --
> Lauren found her dream laptop. Find the PC that’s right for 
> you.
>
>
>
>
>
>


-- 
Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Advice... need a network book

2009-07-07 Thread Kurt Buff

On Tue, Jul 7, 2009 at 12:15, Vicky Spelshaus wrote:
> As the IT staff for a small college (just me and one other full time person
> in charge of distance ed support), I am the perfect example of "jack of all
> trades, master of none".  While I'm comfortable with my skill level in
> regard to the servers and the workstations, I'm somewhat lost when it comes
> to the network itself.  By 'network' I mean terminolgy, properly configuring
> the switches, the wireless network, implementing a VLAN, etc.
>
> Therr hasn't been any budget for attending any kind of training in some
> time, so I'm looking for suggestions for good books to train myself.
> Suggestions?  Please?

Heh.

You'll need more than one book.

Try this site:

http://www.ora.com

You might want to consider a Safari subscription - unless you're like
me, and just absolutely *have* to have a book. I've heard good things
about Safari, though.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: Advice... need a network book

2009-07-07 Thread paul chinnery

I found the Cisco Press books to be quite good, especially the Catalyst Switch 
Config field manual.  What kind of switches do you have (Cisco, 3com, HP?)

From: vicky.spelsh...@gmail.com
Date: Tue, 7 Jul 2009 14:15:11 -0500
Subject: OT: Advice... need a network book
To: ntsysadmin@lyris.sunbelt-software.com

As the IT staff for a small college (just me and one other full time person in 
charge of distance ed support), I am the perfect example of "jack of all 
trades, master of none".  While I'm comfortable with my skill level in regard 
to the servers and the workstations, I'm somewhat lost when it comes to the 
network itself.  By 'network' I mean terminolgy, properly configuring the 
switches, the wireless network, implementing a VLAN, etc.

Therr hasn't been any budget for attending any kind of training in some time, 
so I'm looking for suggestions for good books to train myself. Suggestions?  
Please?

Thanks in advance.

-- 
Organization and good planning are just crutches for people that can't handle 
stress and caffeine. - unknown

_
Lauren found her dream laptop. Find the PC that’s right for you.
http://www.microsoft.com/windows/choosepc/?ocid=ftp_val_wl_290
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: Advice... need a network book

2009-07-07 Thread Vicky Spelshaus

As *the* IT staff for a small college (just me and one other full time
person in charge of distance ed support), I am the perfect example of "jack
of all trades, master of none".  While I'm comfortable with my skill level
in regard to the servers and the workstations, I'm somewhat lost when it
comes to the network itself.  By 'network' I mean terminolgy, properly
configuring the switches, the wireless network, implementing a VLAN, etc.

Therr hasn't been any budget for attending any kind of training in some
time, so I'm looking for suggestions for good books to train myself.
Suggestions?  Please?

Thanks in advance.

-- 
Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New IE zero day exploit in the wild

2009-07-07 Thread James Rankin

I'm pushing it out via Group Policy Preferences. 2008 rocks

2009/7/7 Kurt Buff 

> I'm just pushing out the .reg file in the login script:
>
> regedit /s \\fileserver\public\patches\videokillbits.reg
>
> The file was easy to create, in a capable editor (not notepad or
> wordpad) that allows metacharacter search and replace, such as '\n'
> for CRLF and '\t' for tab. I used the ancient, no-longer-supported
> PFE32. I really should switch to VIM, I suppose.
>
> On Tue, Jul 7, 2009 at 08:40, Eric
> Wittersheim wrote:
> > I'm pushing out the .reg via GP.  So far so good.
> >
> > On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:
> >>
> >> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is
> pushing
> >> fine (so far just a few test cases have it, but no issues). Beats trying
> to
> >> push out a .REG or something…
> >>
> >>
> >>
> >> David Lum // SYSTEMS ENGINEER
> >> NORTHWEST EVALUATION ASSOCIATION
> >> (Desk) 971.222.1025 // (Cell) 503.267.9764
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> From: J Kyo [mailto:jky...@gmail.com]
> >> Sent: Tuesday, July 07, 2009 8:18 AM
> >> To: NT System Admin Issues
> >> Subject: Re: New IE zero day exploit in the wild
> >>
> >>
> >>
> >> Curious if anyone has used the "Microsoft Fix It" from:
> >> http://support.microsoft.com/kb/972890.
> >>
> >> On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman 
> >> wrote:
> >>
> >> Recommendation from MS is to set the killbits everywhere.
> >>
> >>
> >>
> >> http://www.microsoft.com/technet/security/advisory/972890.mspx
> >>
> >>
> >>
> >> Carl
> >>
> >>
> >>
> >> From: Ken Schaefer [mailto:k...@adopenstatic.com]
> >> Sent: Monday, July 06, 2009 9:06 PM
> >>
> >> To: NT System Admin Issues
> >>
> >> Subject: RE: New IE zero day exploit in the wild
> >>
> >>
> >>
> >> Seems to be XP / Windows Server 2003 only?
> >>
> >> Cheers
> >>
> >> Ken
> >>
> >>
> >>
> >> 
> >>
> >> From: Alex Eckelberry [al...@sunbelt-software.com]
> >> Sent: Tuesday, 7 July 2009 5:56 AM
> >> To: NT System Admin Issues
> >> Subject: New IE zero day exploit in the wild
> >>
> >> Our labs have confirmed this and it is quite nasty.  Best bet for now is
> >> to set the killbits. Or don't use IE.
> >>
> >>
> >>
> >> Some references:
> >>
> >>
> >>
> >> Microsoft:
> >>
> >>
> >>
> >> http://www.microsoft.com/technet/security/advisory/972890.mspx
> >>
> >>
> >>
> >> SANS:
> >>
> >>
> >>
> >> http://isc.sans.org/diary.html?storyid=6733
> >>
> >>
> >>
> >> I would take this one quite seriously.
> >>
> >>
> >>
> >> Alex
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

http://raythestray.blogspot.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New IE zero day exploit in the wild

2009-07-07 Thread James Rankin

Just about ALL my users think the monitor is the computer...bloody chip PCs

2009/7/7 paul chinnery 

>  I know, Sherry.  But try to teach that to all the users.  I still have a
> few who think the monitor IS the computer.
>
> --
> Date: Tue, 7 Jul 2009 10:54:41 -0500
> Subject: Re: New IE zero day exploit in the wild
> From: saber...@gmail.com
>
> To: ntsysadmin@lyris.sunbelt-software.com
>
> IE Tabs will work for just about everything IE in FF.
>
> On Tue, Jul 7, 2009 at 10:51 AM, paul chinnery wrote:
>
>  Same here.  (I so wish we could use FF but a couple of our apps won't run
> if we do so I have to be content with using it myself.)
>
> --
> Date: Tue, 7 Jul 2009 11:29:13 -0400
> Subject: Re: New IE zero day exploit in the wild
> From: lee.doug...@gmail.com
> To: ntsysadmin@lyris.sunbelt-software.com
>
> Yes, on several XP machines. So far nothing is broken, at least.
>
>
> On Tue, Jul 7, 2009 at 11:17 AM, J Kyo  wrote:
>
> Curious if anyone has used the "Microsoft Fix It" from:
> http://support.microsoft.com/kb/972890.
>
> On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman wrote:
>
>  Recommendation from MS is to set the killbits everywhere.
>
> http://www.microsoft.com/technet/security/advisory/972890.mspx
>
> Carl
>
>  *From:* Ken Schaefer [mailto:k...@adopenstatic.com]
> *Sent:* Monday, July 06, 2009 9:06 PM
> *To:* NT System Admin Issues
> *Subject:* RE: New IE zero day exploit in the wild
>
>
>  Seems to be XP / Windows Server 2003 only?
>  Cheers
>  Ken
>
>  --
>
> *From:* Alex Eckelberry [al...@sunbelt-software.com]
> *Sent:* Tuesday, 7 July 2009 5:56 AM
> *To:* NT System Admin Issues
> *Subject:* New IE zero day exploit in the wild
>   Our labs have confirmed this and it is quite nasty.  Best bet for now is
> to set the killbits. Or don't use IE.
>
> Some references:
>
> Microsoft:
>
> http://www.microsoft.com/technet/security/advisory/972890.mspx
>
> SANS:
>
> http://isc.sans.org/diary.html?storyid=6733
>
> I would take this one quite seriously.
>
> Alex
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Windows Live™: Keep your life in sync. Check it 
> out.
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
> --
> Lauren found her dream laptop. Find the PC that’s right for 
> you.
>
>
>
>
>
>


-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

http://raythestray.blogspot.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread David Lum

So has Outlook

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 10:53 AM
To: NT System Admin Issues
Subject: Re: Gmail

Gmail has been "beta" for years..
On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman 
mailto:mfree...@alanet.org>> wrote:
How do I tell if I'm still in beta? I don't use my account very often and I 
don't remember any "beta" notification.

Murray

From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Tuesday, July 07, 2009 12:23 PM

To: NT System Admin Issues
Subject: RE: Gmail

They are now collector's items. Put them on ebay.

-sc

From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Tuesday, July 07, 2009 1:14 PM

To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What 
happened to the bazillion I had?

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

I guess that shows what they think of you.

-sc

From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
mailto:scaes...@caesare.com>> wrote:

Well, well, well... finally out of beta.

-sc

--
Devin

--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Server wants to boot from USB drive - RESOLVED

2009-07-07 Thread Tom Miller

I put the current firmware on the server, and in the BIOS I can change USB 
priority from "high" to "low".  This in combination with "Removable drives" in 
the last boot order resolved the issue.

I guess this was a firmware issue.  You'd think HP would have detected this in 
testing.

>>> Ben Scott  6/29/2009 2:14 PM >>>
On Sun, Jun 28, 2009 at 2:09 PM, Tom Miller wrote:
> I changed the boot order in the bios to put "removable drives" last, but
> that has no impact.  It cannot be disabled via BIOS boot order,
> unfortunately.

  I kept expecting someone familiar with HP/Compaq to post an easy
answer, but since that didn't happen... did you try looking for
firmware/BIOS updates?  It could be a newer firmware gives you the
option you need (or fixes the one you already have).

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO to block chrome.exe

2009-07-07 Thread Carl Houseman

Block the hash of chromesetup.exe.

 

Carl

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, July 07, 2009 1:53 PM
To: NT System Admin Issues
Subject: GPO to block chrome.exe

 

I have a GPO with a path value blocking %userprofile%\Local
Settings\Application Data\Google\Chrome\Application\chrome.exe, but it
doesn't seem to be working. Running the modeling wizard I see the GPO is
applied to the correct system. I also see chrome.exe seems to exist in all
sorts of "Local Settings\Temp\chrome_" locations, what's up w/ that?

 

I also have a hash value block of the .EXE (well, one version of them) in
the same GPO.

 

I need to block the app (please don't get me started at blocking the install
on the first place.one step at a time here).

 

Ideas?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Weird issue with Domain Controllers

2009-07-07 Thread Craig Gauss

Yes but it is almost 4GB
 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572


 



From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, July 07, 2009 1:40 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers



Have you got a copy of one of the dumps I can look at? 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Tuesday, July 07, 2009 1:27 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

 

Well no new update on this.  We thought we had it taken care of on
Friday but it seems to have started back up today. 

 

Friday we removed one troublesome DC from the domain but today we have
another one doing it.  We have not narrowed it down to anything.  I cant
get the one that is currently rebooting to stay online long enough to
remove AV from it yet.

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572

 

 



From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Monday, July 06, 2009 11:07 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

*   0x0008, or Double Fault, indicates that an exception occurs
during a call to the handler for a prior exception. Typically, the two
exceptions are handled serially. However, there are several exceptions
that cannot be handled serially, and in this situation the processor
signals a double fault. There are two common causes of a double fault: 

*   A kernel stack overflow. This overflow occurs when a
guard page is hit, and the kernel tries to push a trap frame. Because
there is no stack left, a stack overflow results, causing the double
fault. If you think this overview has occurred, use !thread
  to determine the stack
limits, and then use kb (Display Stack Backtrace)
  with a large parameter (for
example, kb 100) to display the full stack. 
*   A hardware problem. 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 10:49 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

 

Windows Server 2003

 

The stop errors were all similar to this: 0x0007f (0x8,
0xf7727fe0, 0x, 0x).  Nothing really helpful.

 

Servers are a mix of HP DL 140s and DL 380s.

 

No recent updates

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572

 

 



From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, July 06, 2009 10:31 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

What version is your domain?  What's the stop error?  Are all the
servers the same hardware?  Any recent updates?

 



From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 10:24 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Kaspersky

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572

 

 



From: Richard Stovall [mailto:richard.stov...@researchdata.com] 
Sent: Monday, July 06, 2009 10:23 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

What's your AV solution?

From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 11:04 AM
To: NT System Admin Issues
Subject: Weird issue with Domain Controllers

 

Has anyone experienced any strange issues with Domain Controllers
lately?

 

Friday we had every single one of ours randomly reboot with Stop errors
throughout the day.  We ended up having to remove one and that seemed to
have calmed down the issues.  Today it seems to have started up again.

 

I have no idea of where to even start looking.

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Weird issue with Domain Controllers

2009-07-07 Thread Brian Desmond

Have you got a copy of one of the dumps I can look at?

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Tuesday, July 07, 2009 1:27 PM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Well no new update on this.  We thought we had it taken care of on Friday but 
it seems to have started back up today.

Friday we removed one troublesome DC from the domain but today we have another 
one doing it.  We have not narrowed it down to anything.  I cant get the one 
that is currently rebooting to stay online long enough to remove AV from it yet.


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Monday, July 06, 2009 11:07 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

  *   0x0008, or Double Fault, indicates that an exception occurs during a 
call to the handler for a prior exception. Typically, the two exceptions are 
handled serially. However, there are several exceptions that cannot be handled 
serially, and in this situation the processor signals a double fault. There are 
two common causes of a double fault:
 *   A kernel stack overflow. This overflow occurs when a guard page is 
hit, and the kernel tries to push a trap frame. Because there is no stack left, 
a stack overflow results, causing the double fault. If you think this overview 
has occurred, use 
!thread
 to determine the stack limits, and then use kb (Display Stack 
Backtrace)
 with a large parameter (for example, kb 100) to display the full stack.
 *   A hardware problem.


Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 10:49 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Windows Server 2003

The stop errors were all similar to this: 0x0007f (0x8, 0xf7727fe0, 
0x, 0x).  Nothing really helpful.

Servers are a mix of HP DL 140s and DL 380s.

No recent updates


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
Sent: Monday, July 06, 2009 10:31 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
What version is your domain?  What's the stop error?  Are all the servers the 
same hardware?  Any recent updates?


From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 10:24 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
Kaspersky


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572



From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Monday, July 06, 2009 10:23 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers
What's your AV solution?
From: Craig Gauss [mailto:gau...@rhahealthcare.org]
Sent: Monday, July 06, 2009 11:04 AM
To: NT System Admin Issues
Subject: Weird issue with Domain Controllers

Has anyone experienced any strange issues with Domain Controllers lately?

Friday we had every single one of ours randomly reboot with Stop errors 
throughout the day.  We ended up having to remove one and that seemed to have 
calmed down the issues.  Today it seems to have started up again.

I have no idea of where to even start looking.


Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association





























~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Brian Desmond

IMO a "network security engineer" would know better than to take copies of 
sensitive customer data like that. Put it this way, if you were on my payroll 
and I found out you were walking off with a copy of my DIT you'd be shown the 
door straight away.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Sherry Abercrombie [mailto:saber...@gmail.com]
Sent: Tuesday, July 07, 2009 11:52 AM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

Agree with best practices, but with personal experience in dealing with 
consultants, we make them sign a contract/NDA that prohibits them from using 
any information or disclosing it outside our organization.
On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff 
mailto:egold...@gmail.com>> wrote:
With all due respect, if they cannot trust a network security engineer that 
helps to maintain and improve their security ( have remote access to firewall 
and TS ) then they may as well still run on paper.  Their internal security 
knowledge, as well as any BCP is practically non-existant.

But from a best practices perspective, you are right.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security



From: Brian Desmond 
[mailto:br...@briandesmond.com]
Sent: Tuesday, July 07, 2009 12:28 PM

To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain


That is pretty scary from a risk management perspective that you're walking off 
with a copy of the customer's AD.



Thanks,

Brian Desmond

br...@briandesmond.com



c - 312.731.3132



Active Directory, 4th Ed - http://www.briandesmond.com/ad4/

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian



From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Tuesday, July 07, 2009 9:18 AM

To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain



Yep, FALLBACK is my concern.  I'll be doing most of the work remotely, as the 
two new 2003 servers are in place and on the wire.  Low level help desk type 
will be on site, but as of yet, no spare/temp machine as a 2000 DC ...  ( I 
normally bring in my laptop with a 2000 server and a 2003 server running 
virtually and promote to DC to grab a copy for 'just in case' in the first few 
days, but I won't be on site this time )



once forestprep & domainprep run, it's a one way race to the finish



Erik Goldoff

IT  Consultant

Systems, Networks, & Security







From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 10:05 AM

To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

Agreed.  The only difference is since you have Exchange on a DC you might want 
to make a 2000 DC on some desktop as a fall back.  Once the fall back is 
finished with the sync turn it off.  Do the domain/forest prep if all go well 
put the fall back on the network again let it sync again then turn it off while 
bringing up the new DC's.  Once all is well and good bring it up and kill it 
off.



Jon

On Tue, Jul 7, 2009 at 9:59 AM, KenM 
mailto:kenmli...@gmail.com>> wrote:

Why not just install 2003 on the new hardware run dcpromo /forestprep and 
/domainprep and run dcpromo on 2003 servers and transfer roles.








On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff 
mailto:egold...@gmail.com>> wrote:

Client wants to bring in two new servers ( forklift new hardware ) into their 
current Windows 2000 domain, but wants to upgrade Active Directory to 2003 ... 
two new servers will ultimately replace two existing 2000 servers which are 
File/Print/DC  and Exchange/DC



My normally cautious method would be to bring in a temp 2000 box, promote it to 
DC in the 2000 domain, move FSMOs to it, then demote existing DCs... upgrade OS 
on temp box to 2003, then promote new 2003 servers to DC, moving FSMOs to one 
of them.



Question :  Is there an unreasonable risk to promoting a 2003 server to DC on 
the 2000 domain with 2000 DCs in place when there is no plan ( or license ) to 
upgrade the OS on the 2000 boxes to 2003 ?







Erik Goldoff

IT  Consultant

Systems, Networks, & Security

































--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Kim Longenbaugh

>From a MS KB article (KB120716, I think ):

Another option is to use a syntax that bypasses the typical reserve-word
checks completely. For example, you can possibly delete any file with a
command such as: 

DEL \\.\driveletter:\path\filename

For example: 

DEL \\.\c:\somedir\aux 

If the name in the file system appears as a directory, use the following
syntax. 

For example, you can possibly delete any directory with a command such
as: 

RD \\.\:\\ 

For example: 

RD \\.\c:\somedir\aux 

-or- 

RmDir \\.\:\\ 

For example: 

RmDir \\.\C:\YourFTP_ROOT's_PATH\COM1 /s /q 

/s-This switch removes all directories and files in the specified
directory and also the directory itself. This switch also removes a
directory tree.

/q-This switch stands for Quiet mode. Do not ask if you can remove a
directory tree that contains the /s switch. 

 

The same article talks about some Posix methods as well.



From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 11:40 AM
To: NT System Admin Issues
Subject: Can't change hidden attribute, nor take ownership, of a file

 


Win2003. One of my users seems to have created a file that is name
"._x.JPG" (I think this may have come from one of my very few Mac
users, but I don't know that for certain). Anyway, I see the file in
Windows Explorer, and it has an attribute of "H" (hidden). But I can't
seem to change it to be non-hidden. I can't take ownership of the file -
clicking "Properties" shows me only 1 tab - "General".  There is no
"Security" tab.  I have verified that the file system is NTFS. I can not
rename the file, either- "Cannot rename file: cannot read from source
file or disk". (this is the only file this happens on, so I am convinced
that the problem is this file, not the disk) 

>From a command prompt, I see the file when I do a "dir /a". 

04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 

However, I can not change the attribute. 

>attrib -h * 
Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 

I am unable to take ownership of the file, either, because apparently
the file can't be found ... 

 
subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot find
the file specified. 

Elapsed Time: 00 00:00:00 
Done:1, Modified0, Failed1, Syntax errors
0 
Last Done  : ._49 Greene & Rendell.JPG 
Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system
cannot find the file specified. 
 

At this point, I am stumped. I can't change attributes, I can't rename,
I can't take ownership (thinking that perhaps I could rename it that
way). 

Thoughts? Pointers? Clues? etc 


-- 
Michael Leone
Network Administrator, ISM
Philadelphia Housing Authority
2500 Jackson St
Philadelphia, PA 19145
Tel:  215-684-4180
Cell: 215-252-0143


 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Weird issue with Domain Controllers

2009-07-07 Thread Craig Gauss

Well no new update on this.  We thought we had it taken care of on
Friday but it seems to have started back up today. 
 
Friday we removed one troublesome DC from the domain but today we have
another one doing it.  We have not narrowed it down to anything.  I cant
get the one that is currently rebooting to stay online long enough to
remove AV from it yet.
 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572


 



From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Monday, July 06, 2009 11:07 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers



*   0x0008, or Double Fault, indicates that an exception occurs
during a call to the handler for a prior exception. Typically, the two
exceptions are handled serially. However, there are several exceptions
that cannot be handled serially, and in this situation the processor
signals a double fault. There are two common causes of a double fault: 

*   A kernel stack overflow. This overflow occurs when a
guard page is hit, and the kernel tries to push a trap frame. Because
there is no stack left, a stack overflow results, causing the double
fault. If you think this overview has occurred, use !thread
  to determine the stack
limits, and then use kb (Display Stack Backtrace)
  with a large parameter (for
example, kb 100) to display the full stack. 
*   A hardware problem. 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 10:49 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

 

Windows Server 2003

 

The stop errors were all similar to this: 0x0007f (0x8,
0xf7727fe0, 0x, 0x).  Nothing really helpful.

 

Servers are a mix of HP DL 140s and DL 380s.

 

No recent updates

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572

 

 



From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, July 06, 2009 10:31 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

What version is your domain?  What's the stop error?  Are all the
servers the same hardware?  Any recent updates?

 



From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 10:24 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

Kaspersky

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association
Phone: 715-423-6060 ext. 8572

 

 



From: Richard Stovall [mailto:richard.stov...@researchdata.com] 
Sent: Monday, July 06, 2009 10:23 AM
To: NT System Admin Issues
Subject: RE: Weird issue with Domain Controllers

What's your AV solution?

From: Craig Gauss [mailto:gau...@rhahealthcare.org] 
Sent: Monday, July 06, 2009 11:04 AM
To: NT System Admin Issues
Subject: Weird issue with Domain Controllers

 

Has anyone experienced any strange issues with Domain Controllers
lately?

 

Friday we had every single one of ours randomly reboot with Stop errors
throughout the day.  We ended up having to remove one and that seemed to
have calmed down the issues.  Today it seems to have started up again.

 

I have no idea of where to even start looking.

 

Craig Gauss,  Technical Supervisor/Security Officer
Riverview Hospital Association

 

 

 

 

 

 

 

 

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Server 2008 fail/ My fail?

2009-07-07 Thread Jon Harris

Yes I go to the parent folder Edit the list and Add Administrators.  I am
doing the opposite I am removing permissions I have to Remove the user/group
from the list.  It is kind of a pain but it works when I get it right.  It
also makes it quicker to force changes down.

Jon

On Tue, Jul 7, 2009 at 2:12 PM, Owens, Michael
wrote:

>  Heres what is going on.
>
> I have a share, that TS profiles get created on. Only that account has
> access to them, and system. For some reason it takes away administrators - I
> would like to add a group, to the parent folder, to propogate to all child
> objects created. Does that make sense?
>
>  --
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:46 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Server 2008 fail/ My fail?
>
>   I have been doing that for the last week while I move from 2003 to
> 2008.  Look at the Security Tab bottom Advanced then Edit then Edit again
> then Apply To.  Will this not work or do you want to Add a
> group/person/etc.  If you are adding then the second Edit should be Add
> instead.
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:38 PM, Owens, Michael  > wrote:
>
>>  Does anyone know why they got rid of the option to "replace permission
>> entries on all child objects with entries shown here that apply to child
>> objects?" Or did they move it?
>>
>> --
>> This message, and any response to it, may constitute a public record and
>> thus may be publicly available to anyone who requests it in accordance
>> with Chapter 149 of the Ohio Revised Code.
>>
>>
>>
>>
>>
>>
>
>
>
>
>
> --
> This message, and any response to it, may constitute a public record and
> thus may be publicly available to anyone who requests it in accordance
> with Chapter 149 of the Ohio Revised Code.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Mike French

Hopefully "Whole" disk encryption will mitigate this risk.

From: KenM [mailto:kenmli...@gmail.com] 
Sent: Tuesday, July 07, 2009 12:00 PM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain

I dont think this is all about trust.

What happens when your laptop gets stolen and someone has full access to
the DC image files.

On Tue, Jul 7, 2009 at 12:47 PM, Erik Goldoff 
wrote:

With all due respect, if they cannot trust a network security engineer
that helps to maintain and improve their security ( have remote access
to firewall and TS ) then they may as well still run on paper.  Their
internal security knowledge, as well as any BCP is practically
non-existant.

But from a best practices perspective, you are right. 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, July 07, 2009 12:28 PM 

To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain

That is pretty scary from a risk management perspective that you're
walking off with a copy of the customer's AD.

Thanks,

Brian Desmond

br...@briandesmond.com

c - 312.731.3132

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Tuesday, July 07, 2009 9:18 AM 

To: NT System Admin Issues

Subject: RE: Win2003 DC on Win2000 domain

Yep, FALLBACK is my concern.  I'll be doing most of the work remotely,
as the two new 2003 servers are in place and on the wire.  Low level
help desk type will be on site, but as of yet, no spare/temp machine as
a 2000 DC ...  ( I normally bring in my laptop with a 2000 server and a
2003 server running virtually and promote to DC to grab a copy for 'just
in case' in the first few days, but I won't be on site this time )

once forestprep & domainprep run, it's a one way race to the finish

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:05 AM 

To: NT System Admin Issues

Subject: Re: Win2003 DC on Win2000 domain

Agreed.  The only difference is since you have Exchange on a DC you
might want to make a 2000 DC on some desktop as a fall back.  Once the
fall back is finished with the sync turn it off.  Do the domain/forest
prep if all go well put the fall back on the network again let it sync
again then turn it off while bringing up the new DC's.  Once all is well
and good bring it up and kill it off.

Jon

On Tue, Jul 7, 2009 at 9:59 AM, KenM  wrote:

Why not just install 2003 on the new hardware run dcpromo /forestprep
and /domainprep and run dcpromo on 2003 servers and transfer roles.

On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff  wrote:

Client wants to bring in two new servers ( forklift new hardware ) into
their current Windows 2000 domain, but wants to upgrade Active Directory
to 2003 ... two new servers will ultimately replace two existing 2000
servers which are File/Print/DC  and Exchange/DC  

My normally cautious method would be to bring in a temp 2000 box,
promote it to DC in the 2000 domain, move FSMOs to it, then demote
existing DCs... upgrade OS on temp box to 2003, then promote new 2003
servers to DC, moving FSMOs to one of them.

Question :  Is there an unreasonable risk to promoting a 2003 server to
DC on the 2000 domain with 2000 DCs in place when there is no plan ( or
license ) to upgrade the OS on the 2000 boxes to 2003 ?

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server 2008 fail/ My fail?

2009-07-07 Thread Owens, Michael

Heres what is going on.

I have a share, that TS profiles get created on. Only that account has access 
to them, and system. For some reason it takes away administrators - I would 
like to add a group, to the parent folder, to propogate to all child objects 
created. Does that make sense?


From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 1:46 PM
To: NT System Admin Issues
Subject: Re: Server 2008 fail/ My fail?

I have been doing that for the last week while I move from 2003 to 2008.  Look 
at the Security Tab bottom Advanced then Edit then Edit again then Apply To.  
Will this not work or do you want to Add a group/person/etc.  If you are adding 
then the second Edit should be Add instead.

Jon

On Tue, Jul 7, 2009 at 1:38 PM, Owens, Michael 
mailto:michael.ow...@dys.ohio.gov>> wrote:
Does anyone know why they got rid of the option to "replace permission entries 
on all child objects with entries shown here that apply to child objects?" Or 
did they move it?


This message, and any response to it, may constitute a public record and
thus may be publicly available to anyone who requests it in accordance
with Chapter 149 of the Ohio Revised Code.











This message, and any response to it, may constitute a public record and
thus may be publicly available to anyone who requests it in accordance
with Chapter 149 of the Ohio Revised Code.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: GPO to block chrome.exe

2009-07-07 Thread Jon Harris

I personally am waiting until Windows 7 is out.  I will be trying to RC soon
for AppLocker.  I am hoping that will fix the issue as well.

Jon

On Tue, Jul 7, 2009 at 2:00 PM, David Lum  wrote:

>  Oh, I can certainly block the install – McAfee is kludgy, but I can block
> anything I want with it.
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 10:56 AM
> *To:* NT System Admin Issues
> *Subject:* Re: GPO to block chrome.exe
>
>
>
> Last time I heard you could not block the install.  Google felt it was
> above security principles and users/lusers should have the final say in what
> they ran on "their" systems.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:52 PM, David Lum  wrote:
>
> I have a GPO with a path value blocking %userprofile%\Local
> Settings\Application Data\Google\Chrome\Application\chrome.exe, but it
> doesn’t seem to be working. Running the modeling wizard I see the GPO is
> applied to the correct system. I also see chrome.exe seems to exist in all
> sorts of “Local Settings\Temp\chrome_” locations, what’s up w/ that?
>
>
>
> I also have a hash value block of the .EXE (well, one version of them) in
> the same GPO.
>
>
>
> I need to block the app (please don’t get me started at blocking the
> install on the first place…one step at a time here).
>
>
>
> Ideas?
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Michael . Leone

Ben Scott  wrote on 07/07/2009 01:15:15 PM:

> On Tue, Jul 7, 2009 at 1:04 PM,  wrote:
> > When it does, I then end
> > up with 2 files of the exact same name, but with different icons in
> > WinExplorer.
> 
>   Hmmm.  It sounds like that file name isn't as it appears -- like it
> has a reserved character in the name or something.  Like the old trick
> of finding a way to create a file named "NUL".
> 
>   Try doing "DEL *.* /P" in the directory, and only answering yes 
> for that file.

Nope - it doesn't even see that file, from the command prompt. The only 
thing that sees it from the command prompt seems to be "dir /a".

>   Try moving everything else out of the directory, and then use
> ROBOCOPY to delete the directory.  You can do this by mirroring an
> empty directory on to the directory containing the problematic file.

I will give that a try later; other things coming up at the moment.

Thanks for the help

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO to block chrome.exe

2009-07-07 Thread Christopher Bodnar

Did you take a look at this? 

 

http://windowsitpro.com/article/articleid/100418/how-to-stop-users-from-in
stalling-google-chrome.html

 

 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

  _  

From: david@nwea.org [mailto:david@nwea.org] 
Sent: Tuesday, July 07, 2009 1:53 PM
To: NT System Admin Issues
Subject: GPO to block chrome.exe

 

I have a GPO with a path value blocking %userprofile%\Local
Settings\Application Data\Google\Chrome\Application\chrome.exe, but it
doesn't seem to be working. Running the modeling wizard I see the GPO is
applied to the correct system. I also see chrome.exe seems to exist in all
sorts of "Local Settings\Temp\chrome_" locations, what's up w/ that?

 

I also have a hash value block of the .EXE (well, one version of them) in
the same GPO.

 

I need to block the app (please don't get me started at blocking the
install on the first place.one step at a time here).

 

Ideas?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 



-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Michael . Leone

"Free, Bob"  wrote on 07/07/2009 01:25:45 PM:

> Tried the  prefixing your file path with \\?\trick ?
> 
>  ie. C:\Temp\file.txt becomes \\?\C:\Temp\file.txt
> 
> It works sometimes when other methods won?t for objects that don?t 
> adhere to Win32 naming conventions

Close!

>ren \\?\"F:\Temp\Communic\Photos\Hallway Project 1\._49 Greene & 
Rendell.JPG" a.JPG

I get a file called "a.JPG". But the original is still there. :-(

>DEL \\?\"F:\Temp\Communic\Photos\Hallway Project 1\._49 Greene & 
Rendell.JPG"
Could Not Find \\?\F:\Temp\Communic\Photos\Hallway Project 1\._49 Greene & 
Rendell.JPG




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO to block chrome.exe

2009-07-07 Thread David Lum

Oh, I can certainly block the install - McAfee is kludgy, but I can block 
anything I want with it.

From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, July 07, 2009 10:56 AM
To: NT System Admin Issues
Subject: Re: GPO to block chrome.exe

Last time I heard you could not block the install.  Google felt it was above 
security principles and users/lusers should have the final say in what they ran 
on "their" systems.

Jon
On Tue, Jul 7, 2009 at 1:52 PM, David Lum 
mailto:david@nwea.org>> wrote:

I have a GPO with a path value blocking %userprofile%\Local 
Settings\Application Data\Google\Chrome\Application\chrome.exe, but it doesn't 
seem to be working. Running the modeling wizard I see the GPO is applied to the 
correct system. I also see chrome.exe seems to exist in all sorts of "Local 
Settings\Temp\chrome_" locations, what's up w/ that?

I also have a hash value block of the .EXE (well, one version of them) in the 
same GPO.

I need to block the app (please don't get me started at blocking the install on 
the first place...one step at a time here).

Ideas?

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

List postings

2009-07-07 Thread Bill Lambert

I'm not getting any email from the NT or the Exchange list, including my
own.  I have their domain white-listed so I'm not sure why this is
happening.

 

Can someone send me the address of the list manager?  Send to 
blamb...@concuity.com

 

Thanks!

 

Bill Lambert

Windows System Administrator

Concuity

A healthcare division of Trintech, Inc.  

Phone  847-941-9206

Fax  847-465-9147

 

NASDAQ: TTPA

The information contained in this e-mail message, including any attached
files, is intended only for the personal and confidential use of the
recipient(s) named above. If you are not the intended recipient (or
authorized to receive information for the recipient) you are hereby
notified that you have received this communication in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please contact the sender by reply email and delete all copies of this
message.  Thank you.

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

Re: New IE zero day exploit in the wild

2009-07-07 Thread Eric Wittersheim

yes

On Tue, Jul 7, 2009 at 12:49 PM, Ziots, Edward  wrote:

>  Are you doing it in a Startup script via the GP?
>
>
>
> Z
>
>
>
> Edward Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
>
> ezi...@lifespan.org
>
> Phone:401-639-3505
>   --
>
> *From:* Eric Wittersheim [mailto:eric.wittersh...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 11:41 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: New IE zero day exploit in the wild
>
>
>
> I'm pushing out the .reg via GP.  So far so good.
>
> On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:
>
> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is pushing
> fine (so far just a few test cases have it, but no issues). Beats trying to
> push out a .REG or something…
>
>
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
> *From:* J Kyo [mailto:jky...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 8:18 AM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* Re: New IE zero day exploit in the wild
>
>
>
> Curious if anyone has used the "Microsoft Fix It" from:
> http://support.microsoft.com/kb/972890.
>
> On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman 
> wrote:
>
> Recommendation from MS is to set the killbits everywhere.
>
>
>
> http://www.microsoft.com/technet/security/advisory/972890.mspx
>
>
>
> Carl
>
>
>
> *From:* Ken Schaefer [mailto:k...@adopenstatic.com]
> *Sent:* Monday, July 06, 2009 9:06 PM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* RE: New IE zero day exploit in the wild
>
>
>
> Seems to be XP / Windows Server 2003 only?
>
> Cheers
>
> Ken
>
>
>   --
>
> *From:* Alex Eckelberry [al...@sunbelt-software.com]
> *Sent:* Tuesday, 7 July 2009 5:56 AM
> *To:* NT System Admin Issues
> *Subject:* New IE zero day exploit in the wild
>
> Our labs have confirmed this and it is quite nasty.  Best bet for now is to
> set the killbits. Or don't use IE.
>
>
>
> Some references:
>
>
>
> Microsoft:
>
>
>
> http://www.microsoft.com/technet/security/advisory/972890.mspx
>
>
>
> SANS:
>
>
>
> http://isc.sans.org/diary.html?storyid=6733
>
>
>
> I would take this one quite seriously.
>
>
>
> Alex
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: GPO to block chrome.exe

2009-07-07 Thread Jon Harris

Last time I heard you could not block the install.  Google felt it was above
security principles and users/lusers should have the final say in what they
ran on "their" systems.

Jon

On Tue, Jul 7, 2009 at 1:52 PM, David Lum  wrote:

>  I have a GPO with a path value blocking %userprofile%\Local
> Settings\Application Data\Google\Chrome\Application\chrome.exe, but it
> doesn’t seem to be working. Running the modeling wizard I see the GPO is
> applied to the correct system. I also see chrome.exe seems to exist in all
> sorts of “Local Settings\Temp\chrome_” locations, what’s up w/ that?
>
>
>
> I also have a hash value block of the .EXE (well, one version of them) in
> the same GPO.
>
>
>
> I need to block the app (please don’t get me started at blocking the
> install on the first place…one step at a time here).
>
>
>
> Ideas?
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Sherry Abercrombie

Gmail has been "beta" for years..

On Tue, Jul 7, 2009 at 12:51 PM, Murray Freeman  wrote:

>  How do I tell if I'm still in beta? I don't use my account very often and
> I don't remember any "beta" notification.
>
>
> *Murray *
>
>
>  --
> *From:* Steven M. Caesare [mailto:scaes...@caesare.com]
> *Sent:* Tuesday, July 07, 2009 12:23 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Gmail
>
>  They are now collector’s items. Put them on ebay.
>
>
>
> -sc
>
>
>
> *From:* Devin Meade [mailto:devin.me...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:14 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Gmail
>
>
>
> Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
> What happened to the bazillion I had?
>
> On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare 
> wrote:
>
> I guess that shows what they think of you.
>
>
>
> -sc
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:03 PM
>
>
> *To:* NT System Admin Issues
> *Subject:* Re: Gmail
>
>
>
> Mine still shows as Beta.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
> wrote:
>
> Well, well, well… finally out of beta.
>
>
>
> -sc
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Devin
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

GPO to block chrome.exe

2009-07-07 Thread David Lum

I have a GPO with a path value blocking %userprofile%\Local 
Settings\Application Data\Google\Chrome\Application\chrome.exe, but it doesn't 
seem to be working. Running the modeling wizard I see the GPO is applied to the 
correct system. I also see chrome.exe seems to exist in all sorts of "Local 
Settings\Temp\chrome_" locations, what's up w/ that?

I also have a hash value block of the .EXE (well, one version of them) in the 
same GPO.

I need to block the app (please don't get me started at blocking the install on 
the first place...one step at a time here).

Ideas?
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

Upper left under the gmail logo used to say "beta"

From: Murray Freeman [mailto:mfree...@alanet.org] 
Sent: Tuesday, July 07, 2009 1:51 PM
To: NT System Admin Issues
Subject: RE: Gmail

How do I tell if I'm still in beta? I don't use my account very often
and I don't remember any "beta" notification.

Murray 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM
To: NT System Admin Issues
Subject: RE: Gmail

They are now collector's items. Put them on ebay.

-sc

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM
To: NT System Admin Issues
Subject: Re: Gmail

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

-sc

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM

To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

-sc

-- 
Devin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Murray Freeman

How do I tell if I'm still in beta? I don't use my account very often
and I don't remember any "beta" notification.
 

Murray 

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 12:23 PM
To: NT System Admin Issues
Subject: RE: Gmail



They are now collector's items. Put them on ebay.

 

-sc

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM
To: NT System Admin Issues
Subject: Re: Gmail

 

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

 

-sc

 

 

 

 

 

 

 




-- 
Devin

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New IE zero day exploit in the wild

2009-07-07 Thread Ziots, Edward

Are you doing it in a Startup script via the GP? 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] 
Sent: Tuesday, July 07, 2009 11:41 AM
To: NT System Admin Issues
Subject: Re: New IE zero day exploit in the wild

 

I'm pushing out the .reg via GP.  So far so good.

On Tue, Jul 7, 2009 at 10:38 AM, David Lum  wrote:

The "Microsoft fix-it" is an MSI that I am pushing via SMS and is
pushing fine (so far just a few test cases have it, but no issues).
Beats trying to push out a .REG or something...

 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

From: J Kyo [mailto:jky...@gmail.com] 
Sent: Tuesday, July 07, 2009 8:18 AM


To: NT System Admin Issues

Subject: Re: New IE zero day exploit in the wild

 

Curious if anyone has used the "Microsoft Fix It" from:
http://support.microsoft.com/kb/972890.

On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman 
wrote:

Recommendation from MS is to set the killbits everywhere.

 

http://www.microsoft.com/technet/security/advisory/972890.mspx

 

Carl

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Monday, July 06, 2009 9:06 PM 


To: NT System Admin Issues

Subject: RE: New IE zero day exploit in the wild 

 

Seems to be XP / Windows Server 2003 only?

Cheers

Ken

 



From: Alex Eckelberry [al...@sunbelt-software.com]
Sent: Tuesday, 7 July 2009 5:56 AM
To: NT System Admin Issues
Subject: New IE zero day exploit in the wild

Our labs have confirmed this and it is quite nasty.  Best bet for now is
to set the killbits. Or don't use IE. 

 

Some references:

 

Microsoft: 

 

http://www.microsoft.com/technet/security/advisory/972890.mspx

 

SANS: 

 

http://isc.sans.org/diary.html?storyid=6733

 

I would take this one quite seriously.  

 

Alex

 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Server 2008 fail/ My fail?

2009-07-07 Thread Jon Harris

I have been doing that for the last week while I move from 2003 to 2008.
Look at the Security Tab bottom Advanced then Edit then Edit again then
Apply To.  Will this not work or do you want to Add a group/person/etc.  If
you are adding then the second Edit should be Add instead.

Jon

On Tue, Jul 7, 2009 at 1:38 PM, Owens, Michael
wrote:

>  Does anyone know why they got rid of the option to "replace permission
> entries on all child objects with entries shown here that apply to child
> objects?" Or did they move it?
>
> --
> This message, and any response to it, may constitute a public record and
> thus may be publicly available to anyone who requests it in accordance
> with Chapter 149 of the Ohio Revised Code.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Server 2008 fail/ My fail?

2009-07-07 Thread Owens, Michael

Does anyone know why they got rid of the option to "replace permission entries 
on all child objects with entries shown here that apply to child objects?" Or 
did they move it?


This message, and any response to it, may constitute a public record and
thus may be publicly available to anyone who requests it in accordance
with Chapter 149 of the Ohio Revised Code.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Maglinger, Paul

Mac or more specifically a Unix machine.  Hidden files in Unix have a
leading period.

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Tuesday, July 07, 2009 11:56 AM
To: NT System Admin Issues
Subject: RE: Can't change hidden attribute, nor take ownership, of a
file

That's a leading period? That's probably jacking you up.

Go to the Mac that originated and see if you can rename across the
network.

-sc

From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 12:40 PM
To: NT System Admin Issues
Subject: Can't change hidden attribute, nor take ownership, of a file

Win2003. One of my users seems to have created a file that is name
"._x.JPG" (I think this may have come from one of my very few Mac
users, but I don't know that for certain). Anyway, I see the file in
Windows Explorer, and it has an attribute of "H" (hidden). But I can't
seem to change it to be non-hidden. I can't take ownership of the file -
clicking "Properties" shows me only 1 tab - "General".  There is no
"Security" tab.  I have verified that the file system is NTFS. I can not
rename the file, either- "Cannot rename file: cannot read from source
file or disk". (this is the only file this happens on, so I am convinced
that the problem is this file, not the disk) 

>From a command prompt, I see the file when I do a "dir /a". 

04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 

However, I can not change the attribute. 

>attrib -h * 
Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 

I am unable to take ownership of the file, either, because apparently
the file can't be found ... 

subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot find
the file specified. 

Elapsed Time: 00 00:00:00 
Done:1, Modified0, Failed1, Syntax errors
0 
Last Done  : ._49 Greene & Rendell.JPG 
Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system
cannot find the file specified. 

At this point, I am stumped. I can't change attributes, I can't rename,
I can't take ownership (thinking that perhaps I could rename it that
way). 

Thoughts? Pointers? Clues? etc 

-- 
Michael Leone
Network Administrator, ISM
Philadelphia Housing Authority
2500 Jackson St
Philadelphia, PA 19145
Tel:  215-684-4180
Cell: 215-252-0143

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Free, Bob

Tried the  prefixing your file path with \\?\trick ?

 

 ie. C:\Temp\file.txt becomes \\?\C:\Temp\file.txt
 

 

It works sometimes when other methods won't for objects that don't
adhere to Win32 naming conventions

 

From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 10:05 AM
To: NT System Admin Issues
Subject: RE: Can't change hidden attribute, nor take ownership, of a
file

 


"Steven M. Caesare"  wrote on 07/07/2009 12:56:18
PM:

> That's a leading period? That's probably jacking you up. 

It is. However, you can have filename that start with leading periods in
Windows; I have done that, as troubleshooting. They work fine. This
particular file does not. 

> Go to the Mac that originated and see if you can rename across the
network. 

Can't do that, unfortunately. This particular file comes from a restore
from a different server. So the problem exists on more than 1 server,
and so what I'm looking for is a method to fix the problem, that I can
then apply to either server (or any other). 

My boss says he's seen that before, and that the only way he was able to
delete it was to reboot into Safe Mode, Command Prompt Only, and then he
was able to delete it. Since this is a production server, that is a PITA
to do (especially remotely, altho with ILO on an HP server, it can be
done). 

I'm convinced it is something like that "Alternate Data Stream" or
whatever feature of NTFS, that I've never had to deal with before. 

If I try and edit the file with Notepad (from Win Explorer), it tells me
that the file doesn't exist, and it must create it. When it does, I then
end up with 2 files of the exact same name, but with different icons in
WinExplorer. 

I'm begining to think I need a really low-level, down-and-dirty editor,
to do the equivalent of editing the FAT, to rename/re-attribute this
file. 
*That* scares me. :-) 

>   
> -sc 
>   
> From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov]

> Sent: Tuesday, July 07, 2009 12:40 PM
> To: NT System Admin Issues
> Subject: Can't change hidden attribute, nor take ownership, of a file 
>   
> 
> Win2003. One of my users seems to have created a file that is name 
> "._x.JPG" (I think this may have come from one of my very few 
> Mac users, but I don't know that for certain). Anyway, I see the 
> file in Windows Explorer, and it has an attribute of "H" (hidden). 
> But I can't seem to change it to be non-hidden. I can't take 
> ownership of the file - clicking "Properties" shows me only 1 tab - 
> "General".  There is no "Security" tab.  I have verified that the 
> file system is NTFS. I can not rename the file, either- "Cannot 
> rename file: cannot read from source file or disk". (this is the 
> only file this happens on, so I am convinced that the problem is 
> this file, not the disk) 
> 
> From a command prompt, I see the file when I do a "dir /a". 
> 
> 04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 
> 
> However, I can not change the attribute. 
> 
> >attrib -h * 
> Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 
> 
> I am unable to take ownership of the file, either, because 
> apparently the file can't be found ... 
> 
>  
> subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
> ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot 
> find the file specified. 
> 
> Elapsed Time: 00 00:00:00 
> Done:1, Modified0, Failed1, Syntax errors
0 
> Last Done  : ._49 Greene & Rendell.JPG 
> Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The 
> system cannot find the file specified. 
>  
> 
> At this point, I am stumped. I can't change attributes, I can't 
> rename, I can't take ownership (thinking that perhaps I could rename
> it that way). 
> 
> Thoughts? Pointers? Clues? etc 
> 
> 
> -- 
> Michael Leone
> Network Administrator, ISM
> Philadelphia Housing Authority
> 2500 Jackson St
> Philadelphia, PA 19145
> Tel:  215-684-4180
> Cell: 215-252-0143
>  
>   
>   
>   
>   

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

They are now collector's items. Put them on ebay.

 

-sc

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:14 PM
To: NT System Admin Issues
Subject: Re: Gmail

 

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.
What happened to the bazillion I had? 

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare
 wrote:

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM


To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

 

-sc

 

 

 

 

 

 

 




-- 
Devin

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Steven M. Caesare

The alternate streams are accessed by appending a colon on the end...
don't think it's that...

 

If you don't wanna reboot and try the safe-mode trick (or I was going to
suggest a linux boot disk with the NTFS driver), you might want to see
if you can find Services for Unix v3.5... it was installable on Win2K3
and I've had success with the Unix command line utilities operating on
files that CMD would not (like files named as reserved keywords, etc...)

 

-sc

 

From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 1:05 PM
To: NT System Admin Issues
Subject: RE: Can't change hidden attribute, nor take ownership, of a
file

 


"Steven M. Caesare"  wrote on 07/07/2009 12:56:18
PM:

> That's a leading period? That's probably jacking you up. 

It is. However, you can have filename that start with leading periods in
Windows; I have done that, as troubleshooting. They work fine. This
particular file does not. 

> Go to the Mac that originated and see if you can rename across the
network. 

Can't do that, unfortunately. This particular file comes from a restore
from a different server. So the problem exists on more than 1 server,
and so what I'm looking for is a method to fix the problem, that I can
then apply to either server (or any other). 

My boss says he's seen that before, and that the only way he was able to
delete it was to reboot into Safe Mode, Command Prompt Only, and then he
was able to delete it. Since this is a production server, that is a PITA
to do (especially remotely, altho with ILO on an HP server, it can be
done). 

I'm convinced it is something like that "Alternate Data Stream" or
whatever feature of NTFS, that I've never had to deal with before. 

If I try and edit the file with Notepad (from Win Explorer), it tells me
that the file doesn't exist, and it must create it. When it does, I then
end up with 2 files of the exact same name, but with different icons in
WinExplorer. 

I'm begining to think I need a really low-level, down-and-dirty editor,
to do the equivalent of editing the FAT, to rename/re-attribute this
file. 
*That* scares me. :-) 

>   
> -sc 
>   
> From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov]

> Sent: Tuesday, July 07, 2009 12:40 PM
> To: NT System Admin Issues
> Subject: Can't change hidden attribute, nor take ownership, of a file 
>   
> 
> Win2003. One of my users seems to have created a file that is name 
> "._x.JPG" (I think this may have come from one of my very few 
> Mac users, but I don't know that for certain). Anyway, I see the 
> file in Windows Explorer, and it has an attribute of "H" (hidden). 
> But I can't seem to change it to be non-hidden. I can't take 
> ownership of the file - clicking "Properties" shows me only 1 tab - 
> "General".  There is no "Security" tab.  I have verified that the 
> file system is NTFS. I can not rename the file, either- "Cannot 
> rename file: cannot read from source file or disk". (this is the 
> only file this happens on, so I am convinced that the problem is 
> this file, not the disk) 
> 
> From a command prompt, I see the file when I do a "dir /a". 
> 
> 04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 
> 
> However, I can not change the attribute. 
> 
> >attrib -h * 
> Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 
> 
> I am unable to take ownership of the file, either, because 
> apparently the file can't be found ... 
> 
>  
> subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
> ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot 
> find the file specified. 
> 
> Elapsed Time: 00 00:00:00 
> Done:1, Modified0, Failed1, Syntax errors
0 
> Last Done  : ._49 Greene & Rendell.JPG 
> Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The 
> system cannot find the file specified. 
>  
> 
> At this point, I am stumped. I can't change attributes, I can't 
> rename, I can't take ownership (thinking that perhaps I could rename
> it that way). 
> 
> Thoughts? Pointers? Clues? etc 
> 
> 
> -- 
> Michael Leone
> Network Administrator, ISM
> Philadelphia Housing Authority
> 2500 Jackson St
> Philadelphia, PA 19145
> Tel:  215-684-4180
> Cell: 215-252-0143
>  
>   
>   
>   
>   

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Erik Goldoff

Laptop doesn't get stolen, files are in encrypted folders, I don't keep
identifying info with files beyond knicknames, I delete the virtual server
file after several days if no panic calls 
 
no world is perfect, but I do take proper and reasonable precautions ... and
I do NOT post my firewall config to the lists 
 
 
 

Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: KenM [mailto:kenmli...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:00 PM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain


I dont think this is all about trust.
 
What happens when your laptop gets stolen and someone has full access to the
DC image files.
 


 
On Tue, Jul 7, 2009 at 12:47 PM, Erik Goldoff  wrote:


With all due respect, if they cannot trust a network security engineer that
helps to maintain and improve their security ( have remote access to
firewall and TS ) then they may as well still run on paper.  Their internal
security knowledge, as well as any BCP is practically non-existant.
 
But from a best practices perspective, you are right. 
 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Tuesday, July 07, 2009 12:28 PM 

To: NT System Admin Issues
Subject: RE: Win2003 DC on Win2000 domain



That is pretty scary from a risk management perspective that you’re walking
off with a copy of the customer’s AD.

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed -  
http://www.briandesmond.com/ad4/

Microsoft MVP -  
https://mvp.support.microsoft.com/profile/Brian

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Tuesday, July 07, 2009 9:18 AM 


To: NT System Admin Issues

Subject: RE: Win2003 DC on Win2000 domain





 

Yep, FALLBACK is my concern.  I'll be doing most of the work remotely, as
the two new 2003 servers are in place and on the wire.  Low level help desk
type will be on site, but as of yet, no spare/temp machine as a 2000 DC ...
( I normally bring in my laptop with a 2000 server and a 2003 server running
virtually and promote to DC to grab a copy for 'just in case' in the first
few days, but I won't be on site this time )

 

once forestprep & domainprep run, it's a one way race to the finish

 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

 

  _  

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 10:05 AM 


To: NT System Admin Issues

Subject: Re: Win2003 DC on Win2000 domain



Agreed.  The only difference is since you have Exchange on a DC you might
want to make a 2000 DC on some desktop as a fall back.  Once the fall back
is finished with the sync turn it off.  Do the domain/forest prep if all go
well put the fall back on the network again let it sync again then turn it
off while bringing up the new DC's.  Once all is well and good bring it up
and kill it off.

 

Jon

On Tue, Jul 7, 2009 at 9:59 AM, KenM  wrote:

Why not just install 2003 on the new hardware run dcpromo /forestprep and
/domainprep and run dcpromo on 2003 servers and transfer roles.

 

 



 

On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff  wrote:

Client wants to bring in two new servers ( forklift new hardware ) into
their current Windows 2000 domain, but wants to upgrade Active Directory to
2003 ... two new servers will ultimately replace two existing 2000 servers
which are File/Print/DC  and Exchange/DC  

 

My normally cautious method would be to bring in a temp 2000 box, promote it
to DC in the 2000 domain, move FSMOs to it, then demote existing DCs...
upgrade OS on temp box to 2003, then promote new 2003 servers to DC, moving
FSMOs to one of them.

 

Question :  Is there an unreasonable risk to promoting a 2003 server to DC
on the 2000 domain with 2000 DCs in place when there is no plan ( or license
) to upgrade the OS on the 2000 boxes to 2003 ?

 

 

 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

 

 

 

 

 

 

 

 

 

 



 



 



 



 










 


 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Jonathan Link

Look at it as an opportunity to upsell security consulting services.

On Tue, Jul 7, 2009 at 12:56 PM, Erik Goldoff  wrote:

>  Compared to best practice, you all would shudder at some of what I come
> across.
>
> I do support some law offices ( a few that do real estate closings ) as
> escalation for their normal IT consultants.  I *always* call before showing
> up, and I tell them I'm going to plug into their firewall to reconfigure
> their security, and so far no one has said more than 'OK' ... I always
> repeat my name, and contact at their head office they can verify my identity
> with, but they never do.  And not one single site I've been to in the last
> two years has objected to me bringing my laptop to their network, nor even
> want to check for proper antivirus and such before allowing me to plug in
> ...
>
> And no one yet has had me sign any NDA either ...
>
> Kind of sad, really
>
>  Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>  --
> *From:* Sherry Abercrombie [mailto:saber...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 12:52 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Win2003 DC on Win2000 domain
>
> Agree with best practices, but with personal experience in dealing with
> consultants, we make them sign a contract/NDA that prohibits them from using
> any information or disclosing it outside our organization.
>
> On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff  wrote:
>
>>  With all due respect, if they cannot trust a network security engineer
>> that helps to maintain and improve their security ( have remote access to
>> firewall and TS ) then they may as well still run on paper.  Their internal
>> security knowledge, as well as any BCP is practically non-existant.
>>
>> But from a best practices perspective, you are right.
>>
>>  Erik Goldoff
>>
>> *IT  Consultant*
>>
>> *Systems, Networks, & Security *
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 1:04 PM,  wrote:
> When it does, I then end
> up with 2 files of the exact same name, but with different icons in
> WinExplorer.

  Hmmm.  It sounds like that file name isn't as it appears -- like it
has a reserved character in the name or something.  Like the old trick
of finding a way to create a file named "NUL".

  Try doing "DEL *.* /P" in the directory, and only answering yes for that file.

  Try moving everything else out of the directory, and then use
ROBOCOPY to delete the directory.  You can do this by mirroring an
empty directory on to the directory containing the problematic file.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Devin Meade

Refresh took mine out of beta.  Hey I only have 96 gmail invites left.  What
happened to the bazillion I had?

On Tue, Jul 7, 2009 at 12:11 PM, Steven M. Caesare wrote:

>  I guess that shows what they think of you.
>
>
>
> -sc
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:03 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Gmail
>
>
>
> Mine still shows as Beta.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
> wrote:
>
> Well, well, well… finally out of beta.
>
>
>
> -sc
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Devin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Jon Harris

LOL yeah is does.

Jon

On Tue, Jul 7, 2009 at 1:11 PM, Steven M. Caesare wrote:

>  I guess that shows what they think of you.
>
>
>
> -sc
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 1:03 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Gmail
>
>
>
> Mine still shows as Beta.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
> wrote:
>
> Well, well, well… finally out of beta.
>
>
>
> -sc
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Jon Harris

That worked guess they did the change sometime since 4 am today.

Jon

On Tue, Jul 7, 2009 at 1:10 PM, Kevin Lundy  wrote:

> Just do a full browser refresh
>
>  On Tue, Jul 7, 2009 at 1:02 PM, Jon Harris  wrote:
>
>>  Mine still shows as Beta.
>>
>>  Jon
>>
>>   On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare > > wrote:
>>
>>>  Well, well, well… finally out of beta.
>>>
>>>
>>>
>>> -sc
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

I'll literally LoL if they have a widespread outage today.

-sc

> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Tuesday, July 07, 2009 1:04 PM
> To: NT System Admin Issues
> Subject: Re: Gmail
> 
> On Tue, Jul 7, 2009 at 1:01 PM, Steven M.
Caesare
> wrote:
> > Well, well, well... finally out of beta.
> 
>   OMG, it's *s* much better now!
> 
>   (To quote Homer Simpson, "In case you can't tell, I'm being
> sarcastic.")
> 
>   ;-)
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 12:39 PM,  wrote:
> Thoughts? Pointers? Clues? etc

  More standard-issue guesses than anything:

- Make sure nothing has the file open.  Use FSMGMT.MSC and HANDLE.EXE
from Sysinternals.
- Try closing Windows Explorer (Start -> Shutdown, then
CTRL+ALT+SHIFT+ESC) and manipulating from the command prompt.
- Stop your antivirus software and see if that makes a difference.
- Try "CHKDSK /F".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Steven M. Caesare

I guess that shows what they think of you.

 

-sc

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 1:03 PM
To: NT System Admin Issues
Subject: Re: Gmail

 

Mine still shows as Beta.

 

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

 

-sc

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Kevin Lundy

Just do a full browser refresh

On Tue, Jul 7, 2009 at 1:02 PM, Jon Harris  wrote:

> Mine still shows as Beta.
>
> Jon
>
>   On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
> wrote:
>
>>  Well, well, well… finally out of beta.
>>
>>
>>
>> -sc
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 1:02 PM, Jon Harris wrote:
> Mine still shows as Beta.

  I've seen in the past that Google's systems take a while to
propagate changes.  Given the purported size and distribution of their
IT infrastructure, that doesn't surprise me.

  They have an "official" blog entry about it:

http://googleblog.blogspot.com/2009/07/google-apps-is-out-of-beta-yes-really.html

  Pretty content-free.  Although -- and I swear I'm not making this up
-- they do say there is a user option to put the "Beta" label back in
the logo.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Michael . Leone

"Steven M. Caesare"  wrote on 07/07/2009 12:56:18 
PM:

> That?s a leading period? That?s probably jacking you up.

It is. However, you can have filename that start with leading periods in 
Windows; I have done that, as troubleshooting. They work fine. This 
particular file does not.

> Go to the Mac that originated and see if you can rename across the 
network.

Can't do that, unfortunately. This particular file comes from a restore 
from a different server. So the problem exists on more than 1 server, and 
so what I'm looking for is a method to fix the problem, that I can then 
apply to either server (or any other).

My boss says he's seen that before, and that the only way he was able to 
delete it was to reboot into Safe Mode, Command Prompt Only, and then he 
was able to delete it. Since this is a production server, that is a PITA 
to do (especially remotely, altho with ILO on an HP server, it can be 
done).

I'm convinced it is something like that "Alternate Data Stream" or 
whatever feature of NTFS, that I've never had to deal with before.

If I try and edit the file with Notepad (from Win Explorer), it tells me 
that the file doesn't exist, and it must create it. When it does, I then 
end up with 2 files of the exact same name, but with different icons in 
WinExplorer.

I'm begining to think I need a really low-level, down-and-dirty editor, to 
do the equivalent of editing the FAT, to rename/re-attribute this file.
*That* scares me. :-)

> 
> -sc
> 
> From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
> Sent: Tuesday, July 07, 2009 12:40 PM
> To: NT System Admin Issues
> Subject: Can't change hidden attribute, nor take ownership, of a file
> 
> 
> Win2003. One of my users seems to have created a file that is name 
> "._x.JPG" (I think this may have come from one of my very few 
> Mac users, but I don't know that for certain). Anyway, I see the 
> file in Windows Explorer, and it has an attribute of "H" (hidden). 
> But I can't seem to change it to be non-hidden. I can't take 
> ownership of the file - clicking "Properties" shows me only 1 tab - 
> "General".  There is no "Security" tab.  I have verified that the 
> file system is NTFS. I can not rename the file, either- "Cannot 
> rename file: cannot read from source file or disk". (this is the 
> only file this happens on, so I am convinced that the problem is 
> this file, not the disk) 
> 
> From a command prompt, I see the file when I do a "dir /a". 
> 
> 04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 
> 
> However, I can not change the attribute. 
> 
> >attrib -h * 
> Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 
> 
> I am unable to take ownership of the file, either, because 
> apparently the file can't be found ... 
> 
>  
> subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
> ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot 
> find the file specified. 
> 
> Elapsed Time: 00 00:00:00 
> Done:1, Modified0, Failed1, Syntax errors 0 
> Last Done  : ._49 Greene & Rendell.JPG 
> Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The 
> system cannot find the file specified. 
>  
> 
> At this point, I am stumped. I can't change attributes, I can't 
> rename, I can't take ownership (thinking that perhaps I could rename
> it that way). 
> 
> Thoughts? Pointers? Clues? etc 
> 
> 
> -- 
> Michael Leone
> Network Administrator, ISM
> Philadelphia Housing Authority
> 2500 Jackson St
> Philadelphia, PA 19145
> Tel:  215-684-4180
> Cell: 215-252-0143
> 
> 
> 
> 
> 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Gmail

2009-07-07 Thread Eldridge, Dave

No beta here. wow

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, July 07, 2009 11:03 AM
To: NT System Admin Issues
Subject: Re: Gmail

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare 
wrote:

Well, well, well... finally out of beta.

-sc

This message contains confidential information and is intended only for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute or copy this e-mail. Please notify the sender immediately via e-mail 
if you have received this e-mail by mistake; then, delete this e-mail from your 
system.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare wrote:
> Well, well, well… finally out of beta.

  OMG, it's *s* much better now!

  (To quote Homer Simpson, "In case you can't tell, I'm being sarcastic.")

  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Gmail

2009-07-07 Thread Jon Harris

Mine still shows as Beta.

Jon

On Tue, Jul 7, 2009 at 1:01 PM, Steven M. Caesare wrote:

>  Well, well, well… finally out of beta.
>
>
>
> -sc
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Gmail

2009-07-07 Thread Steven M. Caesare

Well, well, well... finally out of beta.

 

-sc


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Win2003 DC on Win2000 domain

2009-07-07 Thread KenM

I dont think this is all about trust.

What happens when your laptop gets stolen and someone has full access to the
DC image files.




On Tue, Jul 7, 2009 at 12:47 PM, Erik Goldoff  wrote:

>  With all due respect, if they cannot trust a network security engineer
> that helps to maintain and improve their security ( have remote access to
> firewall and TS ) then they may as well still run on paper.  Their internal
> security knowledge, as well as any BCP is practically non-existant.
>
> But from a best practices perspective, you are right.
>
>  Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>  --
> *From:* Brian Desmond [mailto:br...@briandesmond.com]
> *Sent:* Tuesday, July 07, 2009 12:28 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Win2003 DC on Win2000 domain
>
>   *That is pretty scary from a risk management perspective that you’re
> walking off with a copy of the customer’s AD.*
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *br...@briandesmond.com*
>
> * *
>
> *c - 312.731.3132*
>
> * *
>
> *Active Directory, 4th Ed** - http://www.briandesmond.com/ad4/*
>
> *Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian*
>
> * *
>
> *From:* Erik Goldoff [mailto:egold...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 9:18 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Win2003 DC on Win2000 domain
>
>
>
> Yep, FALLBACK is my concern.  I'll be doing most of the work remotely, as
> the two new 2003 servers are in place and on the wire.  Low level help desk
> type will be on site, but as of yet, no spare/temp machine as a 2000 DC ...
> ( I normally bring in my laptop with a 2000 server and a 2003 server running
> virtually and promote to DC to grab a copy for 'just in case' in the first
> few days, but I won't be on site this time )
>
>
>
> once forestprep & domainprep run, it's a one way race to the finish
>
>
> Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>
>
>  --
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 10:05 AM
> *To:* NT System Admin Issues
> *Subject:* Re: Win2003 DC on Win2000 domain
>
>  Agreed.  The only difference is since you have Exchange on a DC you might
> want to make a 2000 DC on some desktop as a fall back.  Once the fall back
> is finished with the sync turn it off.  Do the domain/forest prep if all go
> well put the fall back on the network again let it sync again then turn it
> off while bringing up the new DC's.  Once all is well and good bring it up
> and kill it off.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 9:59 AM, KenM  wrote:
>
> Why not just install 2003 on the new hardware run dcpromo /forestprep and
> /domainprep and run dcpromo on 2003 servers and transfer roles.
>
>
>
>
>
>
>
>
>
> On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff  wrote:
>
> Client wants to bring in two new servers ( forklift new hardware ) into
> their current Windows 2000 domain, but wants to upgrade Active Directory to
> 2003 ... two new servers will ultimately replace two existing 2000 servers
> which are File/Print/DC  and Exchange/DC
>
>
>
> My normally cautious method would be to bring in a temp 2000 box, promote
> it to DC in the 2000 domain, move FSMOs to it, then demote existing DCs...
> upgrade OS on temp box to 2003, then promote new 2003 servers to DC, moving
> FSMOs to one of them.
>
>
>
> Question :  Is there an unreasonable risk to promoting a 2003 server to DC
> on the 2000 domain with 2000 DCs in place when there is no plan ( or license
> ) to upgrade the OS on the 2000 boxes to 2003 ?
>
>
>
>
>
>
> Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New IE zero day exploit in the wild

2009-07-07 Thread Ben Scott

On Tue, Jul 7, 2009 at 11:54 AM, Sherry Abercrombie wrote:
> IE Tabs will work for just about everything IE in FF.

  That wouldn't help the IE security issue that kicked off this
thread.  (Well, assuming the luser went and invoked an IE tab to get
the ActiveX control that wouldn't run, to run.  And let's face it,
that's what lusers do.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: RE: Win2003 DC on Win2000 domain

2009-07-07 Thread Erik Goldoff

Compared to best practice, you all would shudder at some of what I come
across.  
 
I do support some law offices ( a few that do real estate closings ) as
escalation for their normal IT consultants.  I *always* call before showing
up, and I tell them I'm going to plug into their firewall to reconfigure
their security, and so far no one has said more than 'OK' ... I always
repeat my name, and contact at their head office they can verify my identity
with, but they never do.  And not one single site I've been to in the last
two years has objected to me bringing my laptop to their network, nor even
want to check for proper antivirus and such before allowing me to plug in
...
 
And no one yet has had me sign any NDA either ... 
 
Kind of sad, really
 

Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Tuesday, July 07, 2009 12:52 PM
To: NT System Admin Issues
Subject: Re: Win2003 DC on Win2000 domain


Agree with best practices, but with personal experience in dealing with
consultants, we make them sign a contract/NDA that prohibits them from using
any information or disclosing it outside our organization.  


On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff  wrote:


With all due respect, if they cannot trust a network security engineer that
helps to maintain and improve their security ( have remote access to
firewall and TS ) then they may as well still run on paper.  Their internal
security knowledge, as well as any BCP is practically non-existant.
 
But from a best practices perspective, you are right. 
 


Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Can't change hidden attribute, nor take ownership, of a file

2009-07-07 Thread Steven M. Caesare

That's a leading period? That's probably jacking you up.

 

Go to the Mac that originated and see if you can rename across the
network.

 

-sc

 

From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov] 
Sent: Tuesday, July 07, 2009 12:40 PM
To: NT System Admin Issues
Subject: Can't change hidden attribute, nor take ownership, of a file

 


Win2003. One of my users seems to have created a file that is name
"._x.JPG" (I think this may have come from one of my very few Mac
users, but I don't know that for certain). Anyway, I see the file in
Windows Explorer, and it has an attribute of "H" (hidden). But I can't
seem to change it to be non-hidden. I can't take ownership of the file -
clicking "Properties" shows me only 1 tab - "General".  There is no
"Security" tab.  I have verified that the file system is NTFS. I can not
rename the file, either- "Cannot rename file: cannot read from source
file or disk". (this is the only file this happens on, so I am convinced
that the problem is this file, not the disk) 

>From a command prompt, I see the file when I do a "dir /a". 

04/27/2004  03:44 PM55,554 ._49 Greene & Rendell.JPG 

However, I can not change the attribute. 

>attrib -h * 
Unable to change attribute - F:\Temp\._49 Greene & Rendell.JPG 

I am unable to take ownership of the file, either, because apparently
the file can't be found ... 

 
subinacl /file "._49 Greene & Rendell.JPG" /display=owner 
._49 Greene & Rendell.JPG - CreateFile Error : 2 The system cannot find
the file specified. 

Elapsed Time: 00 00:00:00 
Done:1, Modified0, Failed1, Syntax errors
0 
Last Done  : ._49 Greene & Rendell.JPG 
Last Failed: ._49 Greene & Rendell.JPG - CreateFile Error : 2 The system
cannot find the file specified. 
 

At this point, I am stumped. I can't change attributes, I can't rename,
I can't take ownership (thinking that perhaps I could rename it that
way). 

Thoughts? Pointers? Clues? etc 


-- 
Michael Leone
Network Administrator, ISM
Philadelphia Housing Authority
2500 Jackson St
Philadelphia, PA 19145
Tel:  215-684-4180
Cell: 215-252-0143


 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Win2003 DC on Win2000 domain

2009-07-07 Thread Sherry Abercrombie

Agree with best practices, but with personal experience in dealing with
consultants, we make them sign a contract/NDA that prohibits them from using
any information or disclosing it outside our organization.

On Tue, Jul 7, 2009 at 11:47 AM, Erik Goldoff  wrote:

>  With all due respect, if they cannot trust a network security engineer
> that helps to maintain and improve their security ( have remote access to
> firewall and TS ) then they may as well still run on paper.  Their internal
> security knowledge, as well as any BCP is practically non-existant.
>
> But from a best practices perspective, you are right.
>
>  Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>  --
> *From:* Brian Desmond [mailto:br...@briandesmond.com]
> *Sent:* Tuesday, July 07, 2009 12:28 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Win2003 DC on Win2000 domain
>
>  *That is pretty scary from a risk management perspective that you’re
> walking off with a copy of the customer’s AD.*
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *br...@briandesmond.com*
>
> * *
>
> *c - 312.731.3132*
>
> * *
>
> *Active Directory, 4th Ed** - http://www.briandesmond.com/ad4/*
>
> *Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian*
>
> * *
>
> *From:* Erik Goldoff [mailto:egold...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 9:18 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Win2003 DC on Win2000 domain
>
>
>
> Yep, FALLBACK is my concern.  I'll be doing most of the work remotely, as
> the two new 2003 servers are in place and on the wire.  Low level help desk
> type will be on site, but as of yet, no spare/temp machine as a 2000 DC ...
> ( I normally bring in my laptop with a 2000 server and a 2003 server running
> virtually and promote to DC to grab a copy for 'just in case' in the first
> few days, but I won't be on site this time )
>
>
>
> once forestprep & domainprep run, it's a one way race to the finish
>
>
> Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>
>
>  --
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Tuesday, July 07, 2009 10:05 AM
> *To:* NT System Admin Issues
> *Subject:* Re: Win2003 DC on Win2000 domain
>
> Agreed.  The only difference is since you have Exchange on a DC you might
> want to make a 2000 DC on some desktop as a fall back.  Once the fall back
> is finished with the sync turn it off.  Do the domain/forest prep if all go
> well put the fall back on the network again let it sync again then turn it
> off while bringing up the new DC's.  Once all is well and good bring it up
> and kill it off.
>
>
>
> Jon
>
> On Tue, Jul 7, 2009 at 9:59 AM, KenM  wrote:
>
> Why not just install 2003 on the new hardware run dcpromo /forestprep and
> /domainprep and run dcpromo on 2003 servers and transfer roles.
>
>
>
>
>
>
>
>
>
> On Tue, Jul 7, 2009 at 9:54 AM, Erik Goldoff  wrote:
>
> Client wants to bring in two new servers ( forklift new hardware ) into
> their current Windows 2000 domain, but wants to upgrade Active Directory to
> 2003 ... two new servers will ultimately replace two existing 2000 servers
> which are File/Print/DC  and Exchange/DC
>
>
>
> My normally cautious method would be to bring in a temp 2000 box, promote
> it to DC in the 2000 domain, move FSMOs to it, then demote existing DCs...
> upgrade OS on temp box to 2003, then promote new 2003 servers to DC, moving
> FSMOs to one of them.
>
>
>
> Question :  Is there an unreasonable risk to promoting a 2003 server to DC
> on the 2000 domain with 2000 DCs in place when there is no plan ( or license
> ) to upgrade the OS on the 2000 boxes to 2003 ?
>
>
>
>
>
>
> Erik Goldoff
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

1 2 >

1 - 100 of 143 matches

Mail list logo