Re: RE: Microsoft Office Communication Server 2007 R2

2010-02-11 Thread Stefan Jafs 
Thanks good to know because I would want my BB users using communicator

Stefan

On Thu, Feb 11, 2010 at 6:42 PM, Eisenberg, Wayne <
wayne.eisenb...@pbvllc.com> wrote:

> The only caveat I would add is that if you think you will want to have
> Blackberries/BES tied in to OCS, do NOT install OCS 2007 R2 directly. It
> is a known issue that OCS 2007 R2 will not work with Communicator for
> BES. You have to install OCS 2007 first (using the OCS 2007 schema, not
> the R2 schema), create a 2007 OCS web access server, and *then* upgrade
> it to 2007 R2. Do not uninstall or remove the non-R2 web access box or
> you will be sunk. That little factoid bit us in the rear when we were
> doing that process and now our Blackberry users cannot use Communicator
> for Blackberry to IM the rest of the company. :(
>
> Caveat emptor,
> Wayne
>
>
>
> -Original Message-
> From: Steven Peck [mailto:sep...@gmail.com]
> Sent: Wednesday, February 10, 2010 12:21 PM
> To: NT System Admin Issues
> Subject: Re: RE: Microsoft Office Communication Server 2007 R2
>
> As long as you don't have an existing LCS2005 deployment, not much.
> It's just a standard MS product that leverages AD for storing
> configuration information with an account.
>
> On Tue, Feb 9, 2010 at 6:22 PM, Ben N  wrote:
> > +1. Backup AD and do it. I have never had issues with schema updates
> like
> > this.
> >
> > On Feb 9, 2010 1:25 PM, "Greg Olson"  wrote:
> >
> > +1 have a backup and you should be good to go.
> >
> > Have done this at 20 locations so far with no issue.
> >
> >
> >
> >
> >
> > From: Don Guyer [mailto:don.gu...@prufoxroach.com]
> > Sent: Tuesday, February 09, 2010 12:31 PM
> >
> > To: NT System Admin Issues
> >
> > Subject: RE: Microsoft Office Communication Server 2007 R2
> >
> >
> >
> > Did this a few times for different reasons with no issues. Just make
> sure
> > you backup AD before ...
> >
> >
> >
> >
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: Google Username Assistance - huh?

2010-02-11 Thread Micheal Espinola Jr 
...and will given enough time. Change is life.

--
ME2


On Thu, Feb 11, 2010 at 2:49 PM, Alverson, Tom (Xetron) <
tom.alver...@ngc.com> wrote:

> Remember back when we were all using Altavista and this new kid "Google"
> came along.  We dropped Altavista like a rock.  Same thing could happen to
> Google.
>
> -Original Message-
> From: Andrew S. Baker [mailto:asbz...@gmail.com]
> Sent: Wednesday, February 10, 2010 8:48 PM
> To: NT System Admin Issues
> Subject: Re: OT: Google Username Assistance - huh?
>
> This too shall pass...
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread John Aldrich 
I've got a user's Vista Home Premium desktop that they brought in to have 
me fix after applying Windows Updates and getting a BSOD when it rebooted. 
Getting an error in SCFLTR.SYS and a STOP error as well. Anyone know if 
this is the same problem?

-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OCS and Cisco Call Manager

2010-02-11 Thread Eisenberg, Wayne 
Ditto - we use the Cisco softphone where needed and use MOC for call
control.

 

Wayne

 

 

From: Tim Vander Kooi [mailto:tvanderk...@expl.com] 
Sent: Wednesday, February 10, 2010 6:35 PM
To: NT System Admin Issues
Subject: RE: OCS and Cisco Call Manager

 

We are doing  all of that except for we can't use the MOC client as a
softphone (this is theoretically possible with the latest version of
Call/Communication Manager from Cisco) as it requires setting up SIP
trunks between your OCS and CUCM servers which we have not done. We have
headsets for our Cisco desk phones though and can use MOC to take a
Cisco phone off hook thereby allowing a person to make a call on the
phone with MOC without touching the phone. It works great, which is
evidenced by the fact that I have not touched my desk phone in almost a
year.

Tim

 

From: Senter, John [mailto:john.sen...@etrade.com] 
Sent: Wednesday, February 10, 2010 5:11 PM
To: NT System Admin Issues
Subject: OCS and Cisco Call Manager

 

Just wanted to see if anyone in the community has worked to deploy a OCS
system using Cisco Call Manager for call routing.  We are in the process
of deploying OCS for internal IM.  We also have Call Manager in place
and all users have desk phones.   The plan would be to still have desk
phones for all users, at this time, and also allow OCS to function as a
soft phone if the user is at the office or away.  So basically have a
split setup so both phones ring, desk phone and OCS, the user can use
either to answer.  This should then update the OCS presence to indicate
On Phone.  I am being told there are issues connecting OCS to the Cisco
RCC gateway (CUPS).  Just curious if anyone has done this and what they
found out.

 

Thanks

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: RE: Microsoft Office Communication Server 2007 R2

2010-02-11 Thread Eisenberg, Wayne 
The only caveat I would add is that if you think you will want to have
Blackberries/BES tied in to OCS, do NOT install OCS 2007 R2 directly. It
is a known issue that OCS 2007 R2 will not work with Communicator for
BES. You have to install OCS 2007 first (using the OCS 2007 schema, not
the R2 schema), create a 2007 OCS web access server, and *then* upgrade
it to 2007 R2. Do not uninstall or remove the non-R2 web access box or
you will be sunk. That little factoid bit us in the rear when we were
doing that process and now our Blackberry users cannot use Communicator
for Blackberry to IM the rest of the company. :(

Caveat emptor,
Wayne



-Original Message-
From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Wednesday, February 10, 2010 12:21 PM
To: NT System Admin Issues
Subject: Re: RE: Microsoft Office Communication Server 2007 R2

As long as you don't have an existing LCS2005 deployment, not much.
It's just a standard MS product that leverages AD for storing
configuration information with an account.

On Tue, Feb 9, 2010 at 6:22 PM, Ben N  wrote:
> +1. Backup AD and do it. I have never had issues with schema updates
like
> this.
>
> On Feb 9, 2010 1:25 PM, "Greg Olson"  wrote:
>
> +1 have a backup and you should be good to go.
>
> Have done this at 20 locations so far with no issue.
>
>
>
>
>
> From: Don Guyer [mailto:don.gu...@prufoxroach.com]
> Sent: Tuesday, February 09, 2010 12:31 PM
>
> To: NT System Admin Issues
>
> Subject: RE: Microsoft Office Communication Server 2007 R2
>
>
>
> Did this a few times for different reasons with no issues. Just make
sure
> you backup AD before ...
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: Google Username Assistance - huh?

2010-02-11 Thread Alverson, Tom (Xetron) 
Remember back when we were all using Altavista and this new kid "Google" came 
along.  We dropped Altavista like a rock.  Same thing could happen to Google.

-Original Message-
From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, February 10, 2010 8:48 PM
To: NT System Admin Issues
Subject: Re: OT: Google Username Assistance - huh?

This too shall pass...

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: Fix for Outlook Message Size Issue in Outlook 2010 beta

2010-02-11 Thread Michael B. Smith 
OK, I got accused (rightfully so) of this issue. All of the rest of you running 
Outlook 2010 beta should apply this too!

http://blogs.technet.com/office2010/archive/2010/02/11/fix-for-message-size-issue-in-outlook-2010-beta.aspx

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: Fix for Outlook Message Size Issue in Outlook 2010 beta

2010-02-11 Thread Michael B. Smith 
OK, I got accused (rightfully so) of this issue. All of the rest of you running 
Outlook 2010 beta should apply this too!

http://blogs.technet.com/office2010/archive/2010/02/11/fix-for-message-size-issue-in-outlook-2010-beta.aspx

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

Re: GPO question

2010-02-11 Thread Tom Miller 
I don't think it's that - this is the same on all PCs.  Can you show me a snap 
of you GPP settings?

>>> James Rankin  2/11/2010 4:47 PM >>>
All of our Office stuff gives the correct icon too. Have you tried anything 
like rebuilding the icon cache (Googling may help, I am rebuilding a PC here 
and it's well slow.)

On 11 February 2010 21:23, Tom Miller  wrote:


I want to provide some users Office (Word, Excel) desktop icons via GPO 
Preferences. The icon works, but none of them are the application icon - they 
are generic shortcut icons. 
For my other apps I copy down *.ico files and point to them. But for office the 
bitmap is embedded within the exe. Suggestions? 
Tom


Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message. 







-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."


 
 

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: GPO question

2010-02-11 Thread James Rankin 
All of our Office stuff gives the correct icon too. Have you tried anything
like rebuilding the icon cache (Googling may help, I am rebuilding a PC here
and it's well slow.)

On 11 February 2010 21:23, Tom Miller  wrote:

>  I want to provide some users Office (Word, Excel) desktop icons via GPO
> Preferences.  The icon works, but none of them are the application icon -
> they are generic shortcut icons.
>
> For my other apps I copy down *.ico files and point to them.  But for
> office the bitmap is embedded within the exe.  Suggestions?
>
> Tom
>
> Confidentiality Notice: This e-mail message, including attachments, is for
> the sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
>
>
>
>


-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO question

2010-02-11 Thread Tom Miller 
Yes, file system object and I point to the local .exe for the app and the icon. 
 Should I not?

>>> James Hill  2/11/2010 4:29 PM >>>

We use GPP for this and the icon displays correctly.  You are just using GPP 
shortcuts?
 

From:Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Friday, 12 February 2010 7:24 AM
To: NT System Admin Issues
Subject: GPO question

 

I want to provide some users Office (Word, Excel) desktop icons via GPO 
Preferences.  The icon works, but none of them are the application icon - they 
are generic shortcut icons.  

 

For my other apps I copy down *.ico files and point to them.  But for office 
the bitmap is embedded within the exe.  Suggestions?  

 

Tom

 
Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.
  

 
 

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO question

2010-02-11 Thread James Hill 
We use GPP for this and the icon displays correctly.  You are just using GPP 
shortcuts?

From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Friday, 12 February 2010 7:24 AM
To: NT System Admin Issues
Subject: GPO question

I want to provide some users Office (Word, Excel) desktop icons via GPO 
Preferences.  The icon works, but none of them are the application icon - they 
are generic shortcut icons.

For my other apps I copy down *.ico files and point to them.  But for office 
the bitmap is embedded within the exe.  Suggestions?

Tom


Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

GPO question

2010-02-11 Thread Tom Miller 
I want to provide some users Office (Word, Excel) desktop icons via GPO 
Preferences.  The icon works, but none of them are the application icon - they 
are generic shortcut icons.  
 
For my other apps I copy down *.ico files and point to them.  But for office 
the bitmap is embedded within the exe.  Suggestions?  
 
Tom

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: External Drives

2010-02-11 Thread Jonathan Link 
As I recall I had that behavior because another drive was attached and the
windows disk management was confused.  In my case it was a mapped network
share, and I just exited Disk Managment, disconnected the physical drive,
unmapped the network drive and plugged the physical back in.
But it's been a a while since I've seen that behavior (especially since I
moved all network drives to above h:).


On Thu, Feb 11, 2010 at 3:47 PM, Steve Ens  wrote:

> Anyone come across a USB drive that gets recognized by Windows 7, but
> doesn't get a drive letter assigned?  I have a stubborn Seagate that works
> on XP and OSX, but not 7.  I've tried manually assigning a letter but that
> is greyed out.  The only option I get is to convert to dynamic, but that
> gets me an error too.  Any ideas appreciated.
> Thanks
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

External Drives

2010-02-11 Thread Steve Ens 
Anyone come across a USB drive that gets recognized by Windows 7, but
doesn't get a drive letter assigned?  I have a stubborn Seagate that works
on XP and OSX, but not 7.  I've tried manually assigning a letter but that
is greyed out.  The only option I get is to convert to dynamic, but that
gets me an error too.  Any ideas appreciated.
Thanks

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Wireless NAC

2010-02-11 Thread Chyka, Robert 
No, but I will.

Thanks...

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Thursday, February 11, 2010 3:40 PM
To: NT System Admin Issues
Subject: Re: Wireless NAC

Have you looked at PacketFence?

http://www.packetfence.org

On Thu, Feb 11, 2010 at 07:41, Chyka, Robert  wrote:
> We currently have a homegrown system for our dorm students on campus for our
> wired network.  It resembles Cisco clean access, but it is agent-less.  It
> basically puts all ports on an isolated subnet that can only get to our
> "ResNet" clean access system
>
> Our system makes sure that they remove their current and install our
> Corporate managed Antivirus Product, it makes them run Microsoft Update to
> patch their system, run a qucik spyware scan with an embedded scanner on the
> webpage, then it makes them authenticate against our user database serverss
> and then it "flips" their network port over to the non isolated network
> segment (vlan).
>
> We do not have wireless in the dorms, and we need to get it there soon.  The
> reason why we don't have wireless in the dorms is so they don't bypass our
> "clean access" system when they bring their machines from home filled with
> junk.
>
> Does anyone know a good package to look at for wireless nac?  Agentless
> would be best,  We evaluated Clean Access 2 years ago and it really wasn't
> worth the money.  Had alot of issues and maybe just wasn't mature then?
>
> Thanks for any suggestions.
>
> Bob
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Wireless NAC

2010-02-11 Thread Kurt Buff 
Have you looked at PacketFence?

http://www.packetfence.org

On Thu, Feb 11, 2010 at 07:41, Chyka, Robert  wrote:
> We currently have a homegrown system for our dorm students on campus for our
> wired network.  It resembles Cisco clean access, but it is agent-less.  It
> basically puts all ports on an isolated subnet that can only get to our
> "ResNet" clean access system
>
> Our system makes sure that they remove their current and install our
> Corporate managed Antivirus Product, it makes them run Microsoft Update to
> patch their system, run a qucik spyware scan with an embedded scanner on the
> webpage, then it makes them authenticate against our user database serverss
> and then it "flips" their network port over to the non isolated network
> segment (vlan).
>
> We do not have wireless in the dorms, and we need to get it there soon.  The
> reason why we don't have wireless in the dorms is so they don't bypass our
> "clean access" system when they bring their machines from home filled with
> junk.
>
> Does anyone know a good package to look at for wireless nac?  Agentless
> would be best,  We evaluated Clean Access 2 years ago and it really wasn't
> worth the money.  Had alot of issues and maybe just wasn't mature then?
>
> Thanks for any suggestions.
>
> Bob
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Non-local admin for developers, etc

2010-02-11 Thread James Hill 
We do this but they don't have admin rights.  They are given another account 
that has admin rights on their dev machine that they can use RUN-AS with.

There was a lot of complaining when I first implemented this (because using RUN 
AS is SO hard you know).

But when I started here everyone was local admins.
-Original Message-
From: Charlie Kaiser [mailto:charl...@golden-eagle.org] 
Sent: Friday, 12 February 2010 12:37 AM
To: NT System Admin Issues
Subject: RE: Non-local admin for developers, etc

VMWare or a second machine. "Primary corporate PC" does not get admin
rights. VM or second machine is imaged at developer's request. Any blowup of
the machine gets a reimage with latest saved image. No troubleshooting.
That policy saved us about 40% of our IT troubleshooting work and increased
dev productivity.

The biggest gotcha on this was image storage space. We had to ramp up
storage and quota the developers. Once they understood the amount of storage
(number of images) they were allowed, they managed fine.

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: David Lum [mailto:david@nwea.org] 
> Sent: Thursday, February 11, 2010 7:02 AM
> To: NT System Admin Issues
> Subject: Non-local admin for developers, etc
> 
> For those of you who have adopted the "no login as local 
> administrator" and have software developers, how do you 
> handle the developers? 
> 
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 // (Cell) 503.267.9764
> 
>  
> 
>  
> 
>  
> 
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread paul d 

Rolled it out last night to my test group of XP sp3 and no problem.  But, if MS 
can't get it fixed by next week when I roll out to the entire user base, I'll 
have exclude that patch.

Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows 
Kernel
Date: Thu, 11 Feb 2010 14:18:20 -0500
From: ezi...@lifespan.org
To: ntsysadmin@lyris.sunbelt-software.com
















I haven’t seen it with the 100+ I have patched so far, but there
has been a few blogs out there posting that it is doing it. So until I get one
( which I hope I don’t) I won’t have a minidump. 

 

Z

 





From: Ken Schaefer
[mailto:k...@adopenstatic.com] 

Sent: Thursday, February 11, 2010 11:44 AM

To: NT System Admin Issues

Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for
Windows Kernel





 

Get minidumps please.

 

Cheers

Ken

 





From: Ziots, Edward
[mailto:ezi...@lifespan.org] 

Sent: Friday, 12 February 2010 12:04 AM

To: NT System Admin Issues

Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel





 

 

Getting some chatter at my workplace about reports of possible
BSOD with MS10-015 being applied to machines, can anyone confirm what you are
seeing from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 


 

 


 


 



 

  
_
Hotmail: Free, trusted and rich email service.
http://clk.atdmt.com/GBL/go/201469228/direct/01/
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PCI compliance

2010-02-11 Thread paul d 

Now, I've run into a snag.  Changed all my servers but now they're saying my 
firewall is failing.  Which is ridiculous for obvious reasons.
ugh. 

Subject: RE: PCI compliance
Date: Wed, 10 Feb 2010 16:42:03 -0500
From: ezi...@lifespan.org
To: ntsysadmin@lyris.sunbelt-software.com



















Yes, 

 

I have ran into this on some audits, and done work on detecting
this SSL based systems ( namely) IIS/Apache and the HP System Management Home
page that I just got done working on. 

 

IE 6.0 supports SSLv3 and TLS1.0 which is what they are probably
looking for when they dinged you for the PCI audit. 

 

You can hit me off list if you like to discuss more. 

 

Z

 





From: paul d
[mailto:pdw1...@hotmail.com] 

Sent: Wednesday, February 10, 2010 1:57 PM

To: NT System Admin Issues

Subject: PCI compliance





 

We have failed our PCI compliance due to
some servers having SSL 2.0 enabled and "...the use of weak ciphers."



Has anybody run into an issue whereby they disabled 2.0 and/or weak ciphers and
then users couldn't connect?



Servers are W2000 and W2003.



My main concern is that since our pay "stubs" are now online (running
on the w2003 box) and someone using IE6 can't connect.



Thanks.







Hotmail:
Trusted email with Microsoft’s powerful SPAM protection. Sign up
now. 

 

 


 



 

  
_
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469226/direct/01/
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PCI compliance

2010-02-11 Thread paul d 

I tried 8 at home.  I'll still stick with FF.  It's the plug-ins that I like.  
One of my favorites is speed dial.  Allows me to have up to 9 'home' pages.  
For example, I press ctrl-6 to go right to hotmail or shift-ctrl-6 to open 
hotmail in a new page.  

Date: Wed, 10 Feb 2010 13:42:41 -0800
Subject: Re: PCI compliance
From: sep...@gmail.com
To: ntsysadmin@lyris.sunbelt-software.com

To be honest I really like IE8 and have been tending to use that over Firefox 
in many cases.  So really if you need to get off IE6, just get the internal app 
testing with IE7 or IE8 done.  As a user and beneficiary of the IT indu$try I 
find that accurate assement is more useful then knee jerk actions.


Steven

On Wed, Feb 10, 2010 at 12:12 PM, John Aldrich  
wrote:















Well, there’s plugins for FF that will open IE in a frame… J that’s
about the best you can hope for, especially since Micro$oft has seen fit to
hard-wire Windows to include IE. 

 








 





From: paul d
[mailto:pdw1...@hotmail.com] 

Sent: Wednesday, February 10, 2010 3:07 PM

To: NT System Admin Issues

Subject: RE: PCI compliance





 

Great, thanks for the reply.

Agreed about IE6.  Frankly, I'd like to get rid of IE completely and run
FF on all desktops like I do on my desktop. Unfortunately, some s/w can only
use IE. 







To:
ntsysadmin@lyris.sunbelt-software.com

Subject: Re: PCI compliance

From: asbz...@gmail.com

Date: Wed, 10 Feb 2010 20:02:47 +



We disabled that some months back without issue. 



There should be no connection issues. And get off of IE6

 

-ASB: http://xeesm.com/AndrewBaker

Sent from my Verizon Smartphone









From:
paul
d  





Date:
Wed,
10 Feb 2010 13:57:29 -0500





To:
NT
System Admin Issues





Subject:
PCI
compliance





 



We have failed our PCI compliance due to
some servers having SSL 2.0 enabled and "...the use of weak ciphers."



Has anybody run into an issue whereby they disabled 2.0 and/or weak ciphers and
then users couldn't connect?



Servers are W2000 and W2003.



My main concern is that since our pay "stubs" are now online (running
on the w2003 box) and someone using IE6 can't connect.



Thanks.







Hotmail: Trusted email with Microsoft’s
powerful SPAM protection. Sign up now.  

 



 

 

 







Hotmail:
Trusted email with powerful SPAM protection. Sign up
now. 

 

 


 



 







 



 

  
_
Hotmail: Trusted email with powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469227/direct/01/
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Ziots, Edward 
I haven't seen it with the 100+ I have patched so far, but there has
been a few blogs out there posting that it is doing it. So until I get
one ( which I hope I don't) I won't have a minidump. 

 

Z

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Thursday, February 11, 2010 11:44 AM
To: NT System Admin Issues
Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for
Windows Kernel

 

Get minidumps please.

 

Cheers

Ken

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, 12 February 2010 12:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are
seeing from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Penetration Testing

2010-02-11 Thread Kennedy, Jim 
This is probably the most awesome father moment of my life (and he has provided 
many). My son is on the Metasploit team, and is the author of Fast-Track.


From: Marc Maiffret [mailto:marc.maiff...@fireeye.com]
Sent: Thursday, February 11, 2010 1:46 PM
To: NT System Admin Issues
Subject: RE: Penetration Testing

Metasploit is going to be the best free tool you can use to do pentesting 
around software vulnerabilities etc... Backtrack is a good free linux boot 
cd/image that has basically every major pentest tool on it should you want to 
do wireless testing etc... This is a good documented framework around testing 
http://www.isecom.org/osstmm/

Commercial pentest tools are Core Impact and Immunity's Canvas are good also.

From: Mark Robinson [mailto:mark.robin...@cips.org]
Sent: Wednesday, February 10, 2010 7:51 AM
To: NT System Admin Issues
Subject: Penetration Testing

Hi there,

Does anyone know of a good quality, free, network-layer penetration testing 
tool?

Many thanks

Mark Robinson
IT Technical Support Analyst
The Chartered Institute of Purchasing & Supply
Tel: +44 (0) 1780 761526 Fax: +44 (0) 1780 751610
www.cips.org




IMPORTANT INFORMATION


Internet communications are not secure and therefore CIPS does not accept legal 
responsibility for the contents of any e-mail message sent via this medium. The 
content of any e-mail communication is the view of the individual and CIPS does 
not accept legal liability for the contents. Although this message and any 
attachments are believed to be free of virus or other defect that might affect 
any computer system into which it is received and opened, it is the 
responsibility of the recipient to ensure that it is virus free and no 
responsibility is accepted by CIPS for any loss or damage in any way arising 
from its use.

CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, 
MS Project 2002. Please ensure that any files you send are compatible.


The Chartered Institute of Purchasing & Supply (CIPS) is an organisation 
incorporated under Royal Charter and is based at Easton House, Easton on the 
Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered 
Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary 
company of CIPS, registered in England under number 2610367 and is registered 
at the address shown above. Both organisations operate under a group VAT 
registration number: 3426 489 42.


--
Scanned by iCritical.






--
This message has been scanned for viruses and
dangerous content by
Mailscanner and is
believed to be clean.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Penetration Testing

2010-02-11 Thread Marc Maiffret 
Metasploit is going to be the best free tool you can use to do pentesting 
around software vulnerabilities etc... Backtrack is a good free linux boot 
cd/image that has basically every major pentest tool on it should you want to 
do wireless testing etc... This is a good documented framework around testing 
http://www.isecom.org/osstmm/

Commercial pentest tools are Core Impact and Immunity's Canvas are good also.

From: Mark Robinson [mailto:mark.robin...@cips.org]
Sent: Wednesday, February 10, 2010 7:51 AM
To: NT System Admin Issues
Subject: Penetration Testing

Hi there,

Does anyone know of a good quality, free, network-layer penetration testing 
tool?

Many thanks

Mark Robinson
IT Technical Support Analyst
The Chartered Institute of Purchasing & Supply
Tel: +44 (0) 1780 761526 Fax: +44 (0) 1780 751610
www.cips.org





IMPORTANT INFORMATION


Internet communications are not secure and therefore CIPS does not accept legal 
responsibility for the contents of any e-mail message sent via this medium. The 
content of any e-mail communication is the view of the individual and CIPS does 
not accept legal liability for the contents. Although this message and any 
attachments are believed to be free of virus or other defect that might affect 
any computer system into which it is received and opened, it is the 
responsibility of the recipient to ensure that it is virus free and no 
responsibility is accepted by CIPS for any loss or damage in any way arising 
from its use.

CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, 
MS Project 2002. Please ensure that any files you send are compatible.


The Chartered Institute of Purchasing & Supply (CIPS) is an organisation 
incorporated under Royal Charter and is based at Easton House, Easton on the 
Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered 
Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary 
company of CIPS, registered in England under number 2610367 and is registered 
at the address shown above. Both organisations operate under a group VAT 
registration number: 3426 489 42.


--
Scanned by iCritical.






--
This message has been scanned for viruses and
dangerous content by
Mailscanner and is
believed to be clean.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Wireless NAC

2010-02-11 Thread Jon Harris 
Have you looked at or considered using 2008 AD/NAS/NAC for this?

Jon

On Thu, Feb 11, 2010 at 11:34 AM, Chyka, Robert  wrote:

>  Well we have Cisco WAPs, controllers, and radius servers.  We have full
> authentication built into Active Directory.  We are missing the whole NAC
> piece though like the checks for Antivirus, scanning, patching etc before
> you autehnticate.
>
> Thanks.
>
>  --
> *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> *Sent:* Thursday, February 11, 2010 11:31 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Wireless NAC
>
>There are controls built into a lot of the 3rd-party firmware for
> wireless access points to allow you to have a “hotspot” mode. I’m sure that
> could be modified to require authentication against the network, etc.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Chyka, Robert [mailto:bch...@medaille.edu]
> *Sent:* Thursday, February 11, 2010 10:41 AM
> *To:* NT System Admin Issues
> *Subject:* Wireless NAC
>
>
>
> We currently have a homegrown system for our dorm students on campus for
> our wired network.  It resembles Cisco clean access, but it is agent-less.
> It basically puts all ports on an isolated subnet that can only get to our
> "ResNet" clean access system
>
>
>
> Our system makes sure that they remove their current and install our
> Corporate managed Antivirus Product, it makes them run Microsoft Update to
> patch their system, run a qucik spyware scan with an embedded scanner on the
> webpage, then it makes them authenticate against our user database serverss
> and then it "flips" their network port over to the non isolated network
> segment (vlan).
>
>
>
> We do not have wireless in the dorms, and we need to get it there soon.
> The reason why we don't have wireless in the dorms is so they don't bypass
> our "clean access" system when they bring their machines from home filled
> with junk.
>
>
>
> Does anyone know a good package to look at for wireless nac?  Agentless
> would be best,  We evaluated Clean Access 2 years ago and it really wasn't
> worth the money.  Had alot of issues and maybe just wasn't mature then?
>
>
>
> Thanks for any suggestions.
>
>
>
> Bob
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Google Username Assistance - huh?

2010-02-11 Thread Joseph Heaton 
Isn't Buzz, just Google's version of Facebook/Myspace, etc?

>>> Steve Ens  2/10/2010 6:07 PM >>>
So far I've found the buzz to be less buggy.

On Wed, Feb 10, 2010 at 4:43 PM, Richard Stovall  wrote:

> Who knows?  Maybe Buzz is Wave lite.
>
>
> On Wed, Feb 10, 2010 at 5:48 PM, Carl Houseman wrote:
>
>>  So, wave bye-bye to Wave ? J
>>
>>
>>
>> *From:* Richard Stovall [mailto:rich...@gmail.com] 
>> *Sent:* Wednesday, February 10, 2010 5:02 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* Re: Google Username Assistance - huh?
>>
>>
>>
>> I think the implications inherent in your choice of words are hilarious.
>>
>>
>>
>> "Did you ever use..." implies in the past, back when Wave once WAS
>> useful/cool/interesting/promising"
>> "Have you ever used..." would have implied that Wave is STILL
>> useful/cool/interesting/promising.
>>
>>
>>
>> Poor Wave.
>>
>>
>>
>>
>>
>> On Wed, Feb 10, 2010 at 4:47 PM, Steven M. Caesare 
>> wrote:
>>
>> Did you ever use Google Wave?
>>
>> There's some funky disconnectedness between wave and gmail addressing if
>> you use different account names, which I did.
>>
>> I didn't experience your exact issue, but that might be a start...
>>
>> -sc
>>
>> -Original Message-
>> From: Carl Houseman [mailto:c.house...@gmail.com] 
>> Sent: Wednesday, February 10, 2010 4:25 PM
>> To: NT System Admin Issues
>> Subject: OT: Google Username Assistance - huh?
>>
>> OK, this seems very weird to me.  For some time, mail addressed to
>> chouse...@gmail.com has been delivered to my c.house...@gmail.com 
>> mailbox.
>> I thought, at some point, I created the chouseman mailbox and configured
>> forwarding.  But I couldn't sign in to Google with the chouseman address
>> and
>> no attempts to use their automatic password reset worked.   About 3
>> months
>> ago I went the distance trying to reset the password, using the last
>> resort method several times.  Each time I received an automatic message
>> telling me I should be able to access the account, but of course, I
>> never could.
>>
>> And then today this comes in:
>> 
>> From: accounts-nore...@google.com [mailto:accounts-nore...@google.com] 
>> Sent: Wednesday, February 10, 2010 3:55 PM
>> To: chouse...@gmail.com 
>> Subject: Google Username Assistance
>>
>> We searched our database but we were unable to find any usernames
>> associated with your email address chouse...@gmail.com.
>>
>> > exist>
>> 
>>
>> So the takeaway from that message is what, exactly?  There's no
>> username, therefore there is no account associated with
>> chouse...@gmail.com?  And nonetheless, I have to keep receiving e-mail
>> for that address?  I don't see where a Google account can have multiple
>> e-mail addresses tied to it as Exchange can, but apparently that's what
>> has happened?
>>
>> It's crap like this that will keep me from ever recommending cloud
>> services from Google.
>>
>> Carl
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>>   ~
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Google Username Assistance - huh?

2010-02-11 Thread Jonathan Link 
Just noticed Buzz is enabled by default.  Then I ran across this article on
lifehacker.
http://lifehacker.com/5469388/stop-google-buzz-from-showing-the-world-your-contacts

I think it's buzzworthy.

On Thu, Feb 11, 2010 at 12:55 AM, Steven M. Caesare wrote:

>  I think it has SOME promise… they just need to work out the async
> notification part
>
>
>
> -sc
>
>
>
>
>
>
>
> *From:* Carl Houseman [mailto:c.house...@gmail.com]
> *Sent:* Wednesday, February 10, 2010 5:48 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Google Username Assistance - huh?
>
>
>
> So, wave bye-bye to Wave ? J
>
>
>
> *From:* Richard Stovall [mailto:rich...@gmail.com]
>  *Sent:* Wednesday, February 10, 2010 5:02 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Google Username Assistance - huh?
>
>
>
> I think the implications inherent in your choice of words are hilarious.
>
>
>
> "Did you ever use..." implies in the past, back when Wave once WAS
> useful/cool/interesting/promising"
> "Have you ever used..." would have implied that Wave is STILL
> useful/cool/interesting/promising.
>
>
>
> Poor Wave.
>
>
>
>
>
> On Wed, Feb 10, 2010 at 4:47 PM, Steven M. Caesare 
> wrote:
>
> Did you ever use Google Wave?
>
> There's some funky disconnectedness between wave and gmail addressing if
> you use different account names, which I did.
>
> I didn't experience your exact issue, but that might be a start...
>
> -sc
>
> -Original Message-
> From: Carl Houseman [mailto:c.house...@gmail.com]
> Sent: Wednesday, February 10, 2010 4:25 PM
> To: NT System Admin Issues
> Subject: OT: Google Username Assistance - huh?
>
> OK, this seems very weird to me.  For some time, mail addressed to
> chouse...@gmail.com has been delivered to my c.house...@gmail.com
> mailbox.
> I thought, at some point, I created the chouseman mailbox and configured
> forwarding.  But I couldn't sign in to Google with the chouseman address
> and
> no attempts to use their automatic password reset worked.   About 3
> months
> ago I went the distance trying to reset the password, using the last
> resort method several times.  Each time I received an automatic message
> telling me I should be able to access the account, but of course, I
> never could.
>
> And then today this comes in:
> 
> From: accounts-nore...@google.com [mailto:accounts-nore...@google.com]
> Sent: Wednesday, February 10, 2010 3:55 PM
> To: chouse...@gmail.com
> Subject: Google Username Assistance
>
> We searched our database but we were unable to find any usernames
> associated with your email address chouse...@gmail.com.
>
>  exist>
> 
>
> So the takeaway from that message is what, exactly?  There's no
> username, therefore there is no account associated with
> chouse...@gmail.com?  And nonetheless, I have to keep receiving e-mail
> for that address?  I don't see where a Google account can have multiple
> e-mail addresses tied to it as Exchange can, but apparently that's what
> has happened?
>
> It's crap like this that will keep me from ever recommending cloud
> services from Google.
>
> Carl
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Rod Trent 
http://www.krebsonsecurity.com/2010/02/new-patches-cause-bsod-for-some-windows-xp-users/
 

 

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Thursday, February 11, 2010 12:23 PM
To: NT System Admin Issues
Subject: Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows 
Kernel

 

Have only had a few machines installed with it but nothing so far. 

  _  

From: Ken Schaefer 
To: NT System Admin Issues 
Sent: Thu Feb 11 11:43:45 2010
Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows 
Kernel 

Get minidumps please.

 

Cheers

Ken

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, 12 February 2010 12:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

 

 

Getting some chatter at my workplace about reports of possible BSOD with 
MS10-015 being applied to machines, can anyone confirm what you are seeing from 
Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

 

 

 

  _  

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.



This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread John Cook 
Have only had a few machines installed with it but nothing so far.


From: Ken Schaefer
To: NT System Admin Issues
Sent: Thu Feb 11 11:43:45 2010
Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows 
Kernel
Get minidumps please.

Cheers
Ken

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Friday, 12 February 2010 12:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel


Getting some chatter at my workplace about reports of possible BSOD with 
MS10-015 being applied to machines, can anyone confirm what you are seeing from 
Windows XP, Vista or 7 with this patch or Windows 2000-2008?

Thanks
Z










CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Devin Meade 
I saw this 
article.
I deployed it to our test group and they are just fine.  This is 9 XP SP3
boxes and 19 Vista SP2 boxes.  They all have Office 2007 SP2.  We will
deploy to all remaining boxes overnight tonight.
Devin

On Thu, Feb 11, 2010 at 10:04 AM, Ziots, Edward  wrote:

>
>
> Getting some chatter at my workplace about reports of possible BSOD with
> MS10-015 being applied to machines, can anyone confirm what you are seeing
> from Windows XP, Vista or 7 with this patch or Windows 2000-2008?
>
>
>
> Thanks
>
> Z
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Rod Trent 
Have to eat really small tacos first.

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Thursday, February 11, 2010 11:44 AM
To: NT System Admin Issues
Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

Get minidumps please.

 

Cheers

Ken

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, 12 February 2010 12:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are seeing
from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Ken Schaefer 
Get minidumps please.

Cheers
Ken

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Friday, 12 February 2010 12:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel


Getting some chatter at my workplace about reports of possible BSOD with 
MS10-015 being applied to machines, can anyone confirm what you are seeing from 
Windows XP, Vista or 7 with this patch or Windows 2000-2008?

Thanks
Z





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Kiosk Controls

2010-02-11 Thread Blackman, Woody 
Free from Microsoft :

 

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default
.mspx

 

A retail product that works quite well: ($150 per station)

 

http://www.sitekiosk.com/en-US/SiteKiosk/Default.aspx

 

 

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, February 11, 2010 7:43 AM
To: NT System Admin Issues
Subject: Re: Kiosk Controls

 

Can't you just use a local group policy? What OS is it running? XP
should be able to do local policy fine

On 11 February 2010 15:40, mqcarp  wrote:

We use two computers that are off domain and on a separate network to
allow employees to surf the Internet dring lunches and breaks.
Although we can control the security portion of surfing through our
firewall/router, the local computer lacks solid controls like you can
handle with group policy.

Does anyone recommend a third party lock down tool for a computer to
handle functions like this? Essentially they only need to access a
browser and nothing on the local computer, or to change browser
settings, like a "kiosk" environment.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Wireless NAC

2010-02-11 Thread Blackman, Woody 
Bradford networks has been providing NAC services for the education
environment for over a decade.  A few years back they began marketing to
the enterprise and have developed a pretty good product suite.  They
have excellent integration in heterogeneous environments.

 

http://www.bradfordnetworks.com/education

 

 

From: Chyka, Robert [mailto:bch...@medaille.edu] 
Sent: Thursday, February 11, 2010 7:41 AM
To: NT System Admin Issues
Subject: Wireless NAC

 

We currently have a homegrown system for our dorm students on campus for
our wired network.  It resembles Cisco clean access, but it is
agent-less.  It basically puts all ports on an isolated subnet that can
only get to our "ResNet" clean access system

 

Our system makes sure that they remove their current and install our
Corporate managed Antivirus Product, it makes them run Microsoft Update
to patch their system, run a qucik spyware scan with an embedded scanner
on the webpage, then it makes them authenticate against our user
database serverss and then it "flips" their network port over to the non
isolated network segment (vlan).

 

We do not have wireless in the dorms, and we need to get it there soon.
The reason why we don't have wireless in the dorms is so they don't
bypass our "clean access" system when they bring their machines from
home filled with junk.

 

Does anyone know a good package to look at for wireless nac?  Agentless
would be best,  We evaluated Clean Access 2 years ago and it really
wasn't worth the money.  Had alot of issues and maybe just wasn't mature
then?

 

Thanks for any suggestions.

 

Bob

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing iPhones in a corporate environment?

2010-02-11 Thread Sean Martin 
You need to install the ActiveSync Mobile Admin, but its pretty
straightforward. Remote wipes work quite well in my testing. The longest
delay I experienced between issuing the command and it taking effect was 20
minutes. Otherwise, it's usually completed in less than 5 minutes.

We were in the process of moving all mobile phones to ActiveSync (Exch 03)
from Good Mobile, because we had to support iPhones and figured it wasn't
worth paying for Good Mobile any longer. However, now that Good supports the
iPhone along with encryption capabilities, we'll most likely move away from
ActiveSync to Good Mobile. I'm curious to hear more from the person that
indicated the new Good Mobile iPhone app is really bad. Can you elaborate?

- Sean

On Thu, Feb 11, 2010 at 6:42 AM, Chyka, Robert  wrote:

> Right from System Manager?
>
> -Original Message-
> From: Sam Cayze [mailto:sam.ca...@rollouts.com]
> Sent: Thursday, February 11, 2010 10:00 AM
> To: NT System Admin Issues
>  Subject: RE: Managing iPhones in a corporate environment?
>
> Exchange itself can remote wipe phones.  You don't need special software
> just for wipes.
>
>
> >Just curious what are you using currently to remote wipe your
> activesync
> >phones now?  I am looking for a good program with Exchange 2003.
> >
> >Thanks.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Wireless NAC

2010-02-11 Thread Chyka, Robert 
Well we have Cisco WAPs, controllers, and radius servers.  We have full
authentication built into Active Directory.  We are missing the whole
NAC piece though like the checks for Antivirus, scanning, patching etc
before you autehnticate.
 
Thanks.



From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, February 11, 2010 11:31 AM
To: NT System Admin Issues
Subject: RE: Wireless NAC



There are controls built into a lot of the 3rd-party firmware for
wireless access points to allow you to have a "hotspot" mode. I'm sure
that could be modified to require authentication against the network,
etc.

 

  

 

From: Chyka, Robert [mailto:bch...@medaille.edu] 
Sent: Thursday, February 11, 2010 10:41 AM
To: NT System Admin Issues
Subject: Wireless NAC

 

We currently have a homegrown system for our dorm students on campus for
our wired network.  It resembles Cisco clean access, but it is
agent-less.  It basically puts all ports on an isolated subnet that can
only get to our "ResNet" clean access system

 

Our system makes sure that they remove their current and install our
Corporate managed Antivirus Product, it makes them run Microsoft Update
to patch their system, run a qucik spyware scan with an embedded scanner
on the webpage, then it makes them authenticate against our user
database serverss and then it "flips" their network port over to the non
isolated network segment (vlan).

 

We do not have wireless in the dorms, and we need to get it there soon.
The reason why we don't have wireless in the dorms is so they don't
bypass our "clean access" system when they bring their machines from
home filled with junk.

 

Does anyone know a good package to look at for wireless nac?  Agentless
would be best,  We evaluated Clean Access 2 years ago and it really
wasn't worth the money.  Had alot of issues and maybe just wasn't mature
then?

 

Thanks for any suggestions.

 

Bob

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread David Mazzaccaro 
Installed on 20 XP Pro SP3 w/ no issues.
 



From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, February 11, 2010 11:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel



 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are
seeing from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 


.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread John Aldrich 
Hmm. after reading the blog, that sounds like the problem my user is having.
Hopefully it won't be a problem now that I'm reinstalling. with any luck,
Microsoft has pulled this patch!

 

John-AldrichTile-Tools

 

From: Jay Dale [mailto:jay.d...@3-gig.com] 
Sent: Thursday, February 11, 2010 11:18 AM
To: NT System Admin Issues
Subject: RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

http://sunbeltblog.blogspot.com/2010/02/winxp-users-hold-off-on-installing.h
tml

 

Jay

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Thursday, February 11, 2010 10:16 AM
To: NT System Admin Issues
Subject: Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

Haven't pushed it out here yet, but something is apparently going on.

 

http://www.computerworld.com/s/article/9155419/Windows_patch_cripples_XP_wit
h_blue_screen_users_claim?source=CTWNLE_nlt_dailyam_2010-02-11

 

On Thu, Feb 11, 2010 at 11:04 AM, Ziots, Edward  wrote:

 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are seeing
from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread John Aldrich 
I had one computer that I'm having to reimage due to a failure to finish
booting. I was able to get the user's data off by hooking the HDD into
another PC, but I chalked it up to a conflict between some sort of Windows
Update last night and the Deep Freeze software that was on there (although
it wasn't enforcing, it was still running, and would not let me boot into
safe mode, forcing the reinstall.)

 

John-AldrichTile-Tools

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, February 11, 2010 11:04 AM
To: NT System Admin Issues
Subject: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are seeing
from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Eric Wittersheim 
No problems here either. W7, 2000, 2003, and XP SP3

On Thu, Feb 11, 2010 at 10:28 AM, Phil Brutsche wrote:

> no reports of BSODs across 200+ XP SP3 machines.
>
> On 2/11/2010 10:27 AM, tony patton wrote:
> > We've rolled all the patches to test groups and about 40 XP SP3 pcs have
> > all patches installed with no issues reported.
>
> --
>
> Phil Brutsche
> p...@optimumdata.com
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Wireless NAC

2010-02-11 Thread John Aldrich 
There are controls built into a lot of the 3rd-party firmware for wireless
access points to allow you to have a "hotspot" mode. I'm sure that could be
modified to require authentication against the network, etc.

 

John-AldrichTile-Tools

 

From: Chyka, Robert [mailto:bch...@medaille.edu] 
Sent: Thursday, February 11, 2010 10:41 AM
To: NT System Admin Issues
Subject: Wireless NAC

 

We currently have a homegrown system for our dorm students on campus for our
wired network.  It resembles Cisco clean access, but it is agent-less.  It
basically puts all ports on an isolated subnet that can only get to our
"ResNet" clean access system

 

Our system makes sure that they remove their current and install our
Corporate managed Antivirus Product, it makes them run Microsoft Update to
patch their system, run a qucik spyware scan with an embedded scanner on the
webpage, then it makes them authenticate against our user database serverss
and then it "flips" their network port over to the non isolated network
segment (vlan).

 

We do not have wireless in the dorms, and we need to get it there soon.  The
reason why we don't have wireless in the dorms is so they don't bypass our
"clean access" system when they bring their machines from home filled with
junk.

 

Does anyone know a good package to look at for wireless nac?  Agentless
would be best,  We evaluated Clean Access 2 years ago and it really wasn't
worth the money.  Had alot of issues and maybe just wasn't mature then?

 

Thanks for any suggestions.

 

Bob

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Phil Brutsche 
no reports of BSODs across 200+ XP SP3 machines.

On 2/11/2010 10:27 AM, tony patton wrote:
> We've rolled all the patches to test groups and about 40 XP SP3 pcs have 
> all patches installed with no issues reported.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread tony patton 
We've rolled all the patches to test groups and about 40 XP SP3 pcs have 
all patches installed with no issues reported.

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com



From:
"Jay Dale" 
To:
"NT System Admin Issues" 
Date:
11/02/2010 16:18
Subject:
RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel



http://sunbeltblog.blogspot.com/2010/02/winxp-users-hold-off-on-installing.html
 
Jay
 
From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Thursday, February 11, 2010 10:16 AM
To: NT System Admin Issues
Subject: Re: Has anyone seen BSOD's when applying MS10-015 Patch for 
Windows Kernel
 
Haven't pushed it out here yet, but something is apparently going on.
 
http://www.computerworld.com/s/article/9155419/Windows_patch_cripples_XP_with_blue_screen_users_claim?source=CTWNLE_nlt_dailyam_2010-02-11
 
On Thu, Feb 11, 2010 at 11:04 AM, Ziots, Edward  
wrote:
 
Getting some chatter at my workplace about reports of possible BSOD with 
MS10-015 being applied to machines, can anyone confirm what you are seeing 
from Windows XP, Vista or 7 with this patch or Windows 2000-2008?
 
Thanks
Z
 
 
 
 
 
 
 


http://www.quinn-insurance.com

This e-mail is intended only for the addressee named above. The contents
should not be copied nor disclosed to any other person. Any views or
opinions expressed are solely those of the sender and
do not necessarily represent those of QUINN-Insurance, unless otherwise
specifically stated . As internet communications are not secure,
QUINN-Insurance is not responsible for the contents of this message nor
responsible for any change made to this message after it was sent by the
original sender. Although virus scanning is used on all inbound and
outbound e-mail, we advise you to carry out your own virus check before
opening any attachment. We cannot accept liability for any damage sustained
as a result of any software viruses.



QUINN-Life Direct Limited is regulated by the Financial Regulator.
QUINN-Insurance Limited is regulated by the Financial Regulator and
regulated by the Financial Services Authority for the conduct of UK
business.



QUINN-Life Direct Limited is registered in Ireland, registration number
292374 and is a private company limited by shares.
QUINN-Insurance Limited is registered in Ireland, registration number
240768 and is a private company limited by shares.
Both companies have their head office at Dublin Road, Cavan, Co. Cavan.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Jay Dale 
http://sunbeltblog.blogspot.com/2010/02/winxp-users-hold-off-on-installing.h
tml

 

Jay

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Thursday, February 11, 2010 10:16 AM
To: NT System Admin Issues
Subject: Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows
Kernel

 

Haven't pushed it out here yet, but something is apparently going on.

 

http://www.computerworld.com/s/article/9155419/Windows_patch_cripples_XP_wit
h_blue_screen_users_claim?source=CTWNLE_nlt_dailyam_2010-02-11

 

On Thu, Feb 11, 2010 at 11:04 AM, Ziots, Edward  wrote:

 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are seeing
from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Richard Stovall 
Haven't pushed it out here yet, but something is apparently going on.

http://www.computerworld.com/s/article/9155419/Windows_patch_cripples_XP_with_blue_screen_users_claim?source=CTWNLE_nlt_dailyam_2010-02-11


On Thu, Feb 11, 2010 at 11:04 AM, Ziots, Edward  wrote:

>
>
> Getting some chatter at my workplace about reports of possible BSOD with
> MS10-015 being applied to machines, can anyone confirm what you are seeing
> from Windows XP, Vista or 7 with this patch or Windows 2000-2008?
>
>
>
> Thanks
>
> Z
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Has anyone seen BSOD's when applying MS10-015 Patch for Windows Kernel

2010-02-11 Thread Ziots, Edward 
 

Getting some chatter at my workplace about reports of possible BSOD with
MS10-015 being applied to machines, can anyone confirm what you are
seeing from Windows XP, Vista or 7 with this patch or Windows 2000-2008?

 

Thanks

Z


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing iPhones in a corporate environment?

2010-02-11 Thread Chyka, Robert 
Right from System Manager? 

-Original Message-
From: Sam Cayze [mailto:sam.ca...@rollouts.com] 
Sent: Thursday, February 11, 2010 10:00 AM
To: NT System Admin Issues
Subject: RE: Managing iPhones in a corporate environment?

Exchange itself can remote wipe phones.  You don't need special software
just for wipes.


>Just curious what are you using currently to remote wipe your
activesync
>phones now?  I am looking for a good program with Exchange 2003.
>
>Thanks.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Kiosk Controls

2010-02-11 Thread James Rankin 
Can't you just use a local group policy? What OS is it running? XP should be
able to do local policy fine

On 11 February 2010 15:40, mqcarp  wrote:

> We use two computers that are off domain and on a separate network to
> allow employees to surf the Internet dring lunches and breaks.
> Although we can control the security portion of surfing through our
> firewall/router, the local computer lacks solid controls like you can
> handle with group policy.
>
> Does anyone recommend a third party lock down tool for a computer to
> handle functions like this? Essentially they only need to access a
> browser and nothing on the local computer, or to change browser
> settings, like a "kiosk" environment.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>



-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Wireless NAC

2010-02-11 Thread Chyka, Robert 
We currently have a homegrown system for our dorm students on campus for
our wired network.  It resembles Cisco clean access, but it is
agent-less.  It basically puts all ports on an isolated subnet that can
only get to our "ResNet" clean access system
 
Our system makes sure that they remove their current and install our
Corporate managed Antivirus Product, it makes them run Microsoft Update
to patch their system, run a qucik spyware scan with an embedded scanner
on the webpage, then it makes them authenticate against our user
database serverss and then it "flips" their network port over to the non
isolated network segment (vlan).
 
We do not have wireless in the dorms, and we need to get it there soon.
The reason why we don't have wireless in the dorms is so they don't
bypass our "clean access" system when they bring their machines from
home filled with junk.
 
Does anyone know a good package to look at for wireless nac?  Agentless
would be best,  We evaluated Clean Access 2 years ago and it really
wasn't worth the money.  Had alot of issues and maybe just wasn't mature
then?
 
Thanks for any suggestions.
 
Bob

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Kiosk Controls

2010-02-11 Thread mqcarp 
We use two computers that are off domain and on a separate network to
allow employees to surf the Internet dring lunches and breaks.
Although we can control the security portion of surfing through our
firewall/router, the local computer lacks solid controls like you can
handle with group policy.

Does anyone recommend a third party lock down tool for a computer to
handle functions like this? Essentially they only need to access a
browser and nothing on the local computer, or to change browser
settings, like a "kiosk" environment.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing iPhones in a corporate environment?

2010-02-11 Thread mqcarp 
We use Good Messaging for all phone deployment except iPhones. Good
has been excellent for controlling devices, remote wipe, etc.

Good has a "new" app for iPhones but in my testing it is really bad.
At this point we use Exchange 03 to manage them. You can use the
iPhone congiguration utility to control device properties pretty well.
I have not tested a remote wipe with it though. I find Activesync a
PITA personally

On Thu, Feb 11, 2010 at 8:59 AM, Sam Cayze  wrote:
> Exchange itself can remote wipe phones.  You don't need special software
> just for wipes.
>
>
>>Just curious what are you using currently to remote wipe your
> activesync
>>phones now?  I am looking for a good program with Exchange 2003.
>>
>>Thanks.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing iPhones in a corporate environment?

2010-02-11 Thread Sam Cayze 
Exchange itself can remote wipe phones.  You don't need special software
just for wipes.


>Just curious what are you using currently to remote wipe your
activesync
>phones now?  I am looking for a good program with Exchange 2003.
>
>Thanks.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing iPhones in a corporate environment?

2010-02-11 Thread Chyka, Robert 
Thanks for the reply.  What do others use to remote wipe non Blackberry phones? 
 IPhone, Droid, Activesync phones etc.

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Thursday, February 11, 2010 9:52 AM
To: NT System Admin Issues
Subject: Re: Managing iPhones in a corporate environment?

Right now we're 100% blackberry only using BES 5.X.



On Thu, Feb 11, 2010 at 9:45 AM, Chyka, Robert  wrote:
> Just curious what are you using currently to remote wipe your activesync
> phones now?  I am looking for a good program with Exchange 2003.
>
> Thanks.
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Thursday, February 11, 2010 9:45 AM
> To: NT System Admin Issues
> Subject: Managing iPhones in a corporate environment?
>
> I'm curious how everyone else who allows iPhones manages them in terms
> of remote wipe, password policies, encryption, etc.
> I know there are a few 3rd party software packages like 'Good for
> Enterprise' and Sybase but I know nothing about them
>
> Are any better than the others? Any issues with them?
> Also if it matters, we're an exchange 2003 shop.
>
>
> Thanks in advance,
> Jon
>
>
>
>
> .
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Managing iPhones in a corporate environment?

2010-02-11 Thread Jon D 
Right now we're 100% blackberry only using BES 5.X.



On Thu, Feb 11, 2010 at 9:45 AM, Chyka, Robert  wrote:
> Just curious what are you using currently to remote wipe your activesync
> phones now?  I am looking for a good program with Exchange 2003.
>
> Thanks.
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Thursday, February 11, 2010 9:45 AM
> To: NT System Admin Issues
> Subject: Managing iPhones in a corporate environment?
>
> I'm curious how everyone else who allows iPhones manages them in terms
> of remote wipe, password policies, encryption, etc.
> I know there are a few 3rd party software packages like 'Good for
> Enterprise' and Sybase but I know nothing about them
>
> Are any better than the others? Any issues with them?
> Also if it matters, we're an exchange 2003 shop.
>
>
> Thanks in advance,
> Jon
>
>
>
>
> .
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Managing iPhones in a corporate environment?

2010-02-11 Thread Chyka, Robert 
Just curious what are you using currently to remote wipe your activesync
phones now?  I am looking for a good program with Exchange 2003.

Thanks.

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Thursday, February 11, 2010 9:45 AM
To: NT System Admin Issues
Subject: Managing iPhones in a corporate environment?

I'm curious how everyone else who allows iPhones manages them in terms
of remote wipe, password policies, encryption, etc.
I know there are a few 3rd party software packages like 'Good for
Enterprise' and Sybase but I know nothing about them

Are any better than the others? Any issues with them?
Also if it matters, we're an exchange 2003 shop.


Thanks in advance,
Jon




.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Managing iPhones in a corporate environment?

2010-02-11 Thread Jon D 
I'm curious how everyone else who allows iPhones manages them in terms
of remote wipe, password policies, encryption, etc.
I know there are a few 3rd party software packages like 'Good for
Enterprise' and Sybase but I know nothing about them

Are any better than the others? Any issues with them?
Also if it matters, we're an exchange 2003 shop.


Thanks in advance,
Jon




.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Non-local admin for developers, etc

2010-02-11 Thread Steven M. Caesare 
For servers or workstations?

 

For production servers they don't. Period. Parallel dev environments.

 

For workstations, they can apply for, and get, a second "aa" account
("aa is prepended to their normal login name) and that account is added
as a local admin to their workstation. They can use that account for
priv escalation as needed. Auditing is turned up on the workstations.

 

-sc

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, February 11, 2010 9:02 AM
To: NT System Admin Issues
Subject: Non-local admin for developers, etc

 

For those of you who have adopted the "no login as local administrator"
and have software developers, how do you handle the developers? 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Non-local admin for developers, etc

2010-02-11 Thread Kevin Lundy 
Enforce standards and good practices on where in the registry and
local drives the corporate developed software can write.  Give them
permissions to those locations.

That solves the problem for most of our software.  We do have some
people working at the driver level and those work in a lab.

On 2/11/10, David Lum  wrote:
> For those of you who have adopted the "no login as local administrator" and
> have software developers, how do you handle the developers?
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 // (Cell) 503.267.9764
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Non-local admin for developers, etc

2010-02-11 Thread Charlie Kaiser 
VMWare or a second machine. "Primary corporate PC" does not get admin
rights. VM or second machine is imaged at developer's request. Any blowup of
the machine gets a reimage with latest saved image. No troubleshooting.
That policy saved us about 40% of our IT troubleshooting work and increased
dev productivity.

The biggest gotcha on this was image storage space. We had to ramp up
storage and quota the developers. Once they understood the amount of storage
(number of images) they were allowed, they managed fine.

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: David Lum [mailto:david@nwea.org] 
> Sent: Thursday, February 11, 2010 7:02 AM
> To: NT System Admin Issues
> Subject: Non-local admin for developers, etc
> 
> For those of you who have adopted the "no login as local 
> administrator" and have software developers, how do you 
> handle the developers? 
> 
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 // (Cell) 503.267.9764
> 
>  
> 
>  
> 
>  
> 
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Non-local admin for developers, etc

2010-02-11 Thread James Rankin 
VMWare Workstation on some

Delegated admin rights to virtual test systems on others

Liberal use of RunAs feature

On 11 February 2010 14:02, David Lum  wrote:

>  For those of you who have adopted the “no login as local administrator”
> and have software developers, how do you handle the developers?
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>


-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Non-local admin for developers, etc

2010-02-11 Thread David Lum 
For those of you who have adopted the "no login as local administrator" and 
have software developers, how do you handle the developers?
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: Conference Calls

2010-02-11 Thread Alex Eckelberry 
FreeConferencing works just fine.  If you do the free service, though, it's 
pretty clear to the people on the call that you're using a free service 
("Welcome to FreeConferencing.net!" is the greeting on the call, not always the 
best image you may want to present).

We use Budget Conferencing and it's quite good, and seems relatively well 
priced.  I would recommend them, although I'm certainly no expert. 

http://www.budgetconferencing.com/ 

-Original Message-
From: Roger Wright [mailto:rhw...@gmail.com] 
Sent: Wednesday, February 10, 2010 2:52 PM
To: NT System Admin Issues
Subject: Re: OT: Conference Calls

Have you checked Yugma?  The desktop sharing can be free (or low-cost) and they 
offer audio conferencing as well.


Die dulci fruere!

Roger Wright
___





On Wed, Feb 10, 2010 at 2:44 PM, Sam Cayze  wrote:
> What are some favorites out there?  Currently using Genesys but the 
> costs just seem to high compared to all the free ones out there. 
> (Anyone using www.freeconferencecall.com/?  We had a few try it here 
> in the office with success).
>
> Desktop Sharing would be a bonus.
>
> Tia,
> Sam
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PCI compliance

2010-02-11 Thread tony patton 
We have an internal web-based application that the vendor will on support 
on IE6 without a lot of dosh.
So upgrading isn't an option for a lot of people.

It works in IE7, but not 8 with out without compatibility mode.

The worst part is that IE7 was released before the pilot even started.

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com



From:
"John Aldrich" 
To:
"NT System Admin Issues" 
Date:
10/02/2010 19:10
Subject:
RE: PCI compliance



IE6 is severely out of date. If that?s the best someone has, tell them 
they need to upgrade. I wouldn?t worry about IE6 compatibility at this 
point, considering how long it?s been since IE6?s replacements have been 
available!
 

 
From: paul d [mailto:pdw1...@hotmail.com] 
Sent: Wednesday, February 10, 2010 1:57 PM
To: NT System Admin Issues
Subject: PCI compliance
 
We have failed our PCI compliance due to some servers having SSL 2.0 
enabled and "...the use of weak ciphers."

Has anybody run into an issue whereby they disabled 2.0 and/or weak 
ciphers and then users couldn't connect?

Servers are W2000 and W2003.

My main concern is that since our pay "stubs" are now online (running on 
the w2003 box) and someone using IE6 can't connect.

Thanks.

Hotmail: Trusted email with Microsoft?s powerful SPAM protection. Sign up 
now. 
 
 
 
 


http://www.quinn-insurance.com

This e-mail is intended only for the addressee named above. The contents
should not be copied nor disclosed to any other person. Any views or
opinions expressed are solely those of the sender and
do not necessarily represent those of QUINN-Insurance, unless otherwise
specifically stated . As internet communications are not secure,
QUINN-Insurance is not responsible for the contents of this message nor
responsible for any change made to this message after it was sent by the
original sender. Although virus scanning is used on all inbound and
outbound e-mail, we advise you to carry out your own virus check before
opening any attachment. We cannot accept liability for any damage sustained
as a result of any software viruses.



QUINN-Life Direct Limited is regulated by the Financial Regulator.
QUINN-Insurance Limited is regulated by the Financial Regulator and
regulated by the Financial Services Authority for the conduct of UK
business.



QUINN-Life Direct Limited is registered in Ireland, registration number
292374 and is a private company limited by shares.
QUINN-Insurance Limited is registered in Ireland, registration number
240768 and is a private company limited by shares.
Both companies have their head office at Dublin Road, Cavan, Co. Cavan.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~