Re: TS licensing question
Are the remote desktop cals able to be bought as user CALS or device CALS as was with the 2003 CALS? On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Synchronous RDP Session Monitoring.
rdp to terminal server user is connecting to via RDP. Run up terminal services manger, select server user is on ,select user and right click remote control. user will get a prompt to allow remote control ( there is a ctrl+key to exit take over) this is on win 2003 TS dunno about 2008. hth ps there is a good citrix/rdp list at http://www.freelists.org/list/thin On Fri, Feb 19, 2010 at 2:50 PM, Harry Singh hbo...@gmail.com wrote: Forgive my ignorance, but I've been a Dameware user for over 6 years and I have a very simple query for RDP users out there. Dameware, as does VNC, allows you to connect to a desktop synchronously so you can see the user's actual Desktop as it appears for them -- is that an option while using RDP ? if yes, how would i get that done ? In an attempt to cut costs, Dameware is slowly approaching the proverbial chopping block. Harry. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: TS licensing question
I didn't see it mentioned, but don't forget you'll need to run a 2008 TS Licensing server to hand out 2008 CALs-they won't install on 2003. On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.commailto:kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.commailto:p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.commailto:p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: TS licensing question
Yes On 2/21/2010 4:40 AM, Dean Cunningham wrote: Are the remote desktop cals able to be bought as user CALS or device CALS as was with the 2003 CALS? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: TS licensing question
Probably user CALs, unless there's some compelling reason otherwise. I anticipate the largest set of users will be people who are using our Sonciwall SSL VPN remotely. Kurt On Sun, Feb 21, 2010 at 02:40, Dean Cunningham dean.cunning...@gmail.com wrote: Are the remote desktop cals able to be bought as user CALS or device CALS as was with the 2003 CALS? On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: TS licensing question
Good to know. Can the licensing server be the TS machine itself? On Sun, Feb 21, 2010 at 05:16, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: I didn’t see it mentioned, but don’t forget you’ll need to run a 2008 TS Licensing server to hand out 2008 CALs—they won’t install on 2003. On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: TS licensing question
Mine is. I moved our ts licensing from an 03 to 08 to do just this. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 11:16 AM To: NT System Admin Issues Subject: Re: TS licensing question Good to know. Can the licensing server be the TS machine itself? On Sun, Feb 21, 2010 at 05:16, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: I didn’t see it mentioned, but don’t forget you’ll need to run a 2008 TS Licensing server to hand out 2008 CALs—they won’t install on 2003. On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ This message contains confidential information and is intended only for the intended recipient(s). If you are not the named recipient you should not read, distribute or copy this e-mail. Please notify the sender immediately via e-mail if you have received this e-mail by mistake; then, delete this e-mail from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
DHCP in Win2k3 R2 domain
All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: TS licensing question
That's very nice. Thanks. On Sun, Feb 21, 2010 at 10:20, Eldridge, Dave d...@parkviewmc.com wrote: Mine is. I moved our ts licensing from an 03 to 08 to do just this. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 11:16 AM To: NT System Admin Issues Subject: Re: TS licensing question Good to know. Can the licensing server be the TS machine itself? On Sun, Feb 21, 2010 at 05:16, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: I didn’t see it mentioned, but don’t forget you’ll need to run a 2008 TS Licensing server to hand out 2008 CALs—they won’t install on 2003. On Sat, Feb 20, 2010 at 9:39 AM, Kurt Buff kurt.b...@gmail.com wrote: Buying more CALs than absolutely required is not going to be an option - the money just isn't there for it. On Fri, Feb 19, 2010 at 11:33, Phil Brutsche p...@optimumdata.com wrote: In other words, I would make sure you get the CALs to cover everyone in your org., rather than just those that will be using the new TS. Volume licensing covers older operating systems, so you may be over-licensed on your 2k3 R2 machines. Kurt Buff wrote: #2 - I would find a way to work the user CALs for Server 08 R2 into your overall CAL scheme. At this point I have no idea how to do that. As I said, this would be our very first Win2k8 server, let alone R2. I'm assuming that the user CALs could be used for any new Win2k8 R2 servers we spin up, though, correct? -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ This message contains confidential information and is intended only for the intended recipient(s). If you are not the named recipient you should not read, distribute or copy this e-mail. Please notify the sender immediately via e-mail if you have received this e-mail by mistake; then, delete this e-mail from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: External Drives
I've only seen that with devices which don't have a decent driver for the device OR the format of the device is incompatible. -ASB: http://xeesm.com/AndrewBaker Sent from my Verizon Smartphone -Original Message- From: Len Hammond lenhammo...@gmail.com Date: Sat, 20 Feb 2010 17:13:24 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: Re: External Drives I have seen the same kind of thing with both USB thumb drives and USB connected Hard drives. You need an open drive letter between the last physical drive letter used on the machine and the next mapped drive letter or there is a problem of not finding the USB drive. Have seen this same issue on XP as well as 7. Never tried it on Vista as I used Vista very little in the migration from XP to 7. Len Hammond CSI:Hartland lenhamm...@gmail.com On Thu, Feb 11, 2010 at 4:22 PM, Jonathan Link jonathan.l...@gmail.comwrote: As I recall I had that behavior because another drive was attached and the windows disk management was confused. In my case it was a mapped network share, and I just exited Disk Managment, disconnected the physical drive, unmapped the network drive and plugged the physical back in. But it's been a a while since I've seen that behavior (especially since I moved all network drives to above h:). On Thu, Feb 11, 2010 at 3:47 PM, Steve Ens stevey...@gmail.com wrote: Anyone come across a USB drive that gets recognized by Windows 7, but doesn't get a drive letter assigned? I have a stubborn Seagate that works on XP and OSX, but not 7. I've tried manually assigning a letter but that is greyed out. The only option I get is to convert to dynamic, but that gets me an error too. Any ideas appreciated. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: I lost the fight
I don't have an Exchange 2003 org handy but there's a Global Settings type node in the top of the tree in ESM and then under there is a Mobile Options type thing. Said Mobile stuff showed up in 2003 SP2 so if you're missing that (hope not) you won't see it. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: HELP_PC [mailto:g...@enter.it] Sent: Sunday, February 21, 2010 12:55 AM To: NT System Admin Issues Subject: R: I lost the fight Where is it ? GuidoElia HELPPC Da: Brian Desmond [mailto:br...@briandesmond.com] Inviato: sabato 20 febbraio 2010 19.26 A: NT System Admin Issues Oggetto: RE: I lost the fight You just need to check the Allow Unprovisionable Devices checkbox on the Mobile Settings node. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Bill Lambert [mailto:blamb...@concuity.com] Sent: Saturday, February 20, 2010 10:08 AM To: NT System Admin Issues Subject: I lost the fight I have to allow a selected few to connect to Exchange 2003 with iPhones. I'm still arguing for the use of Good software but in the mean time I have to configure Exchange to connect. Is there a definitive article that you may have used on how to configure Exchange for iPhones? Google has returned various results. Thanks in advance! Bill Lambert Windows System Administrator Concuity A healthcare division of Trintech, Inc. Phone 847-941-9206 Fax 847-465-9147 [clip_image001] NASDAQ: TTPA The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.gif
RE: DHCP in Win2k3 R2 domain
Kurt, For remote offices, we have always made sure that we have 2 DC's both with DHCP, although only if they are in a secure location with restricted physical access, we have done this mainly for redundancy, we have looked at running DHCP from a centralised location, but even in this day and age, wan links or VPNs can sometimes be unreliable. This way if the WAN or VPN is down then the users can still logon and still browse the internet. Cheers Matt -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 21 February 2010 18:34 To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ _ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately at h...@generalatlantic.com . Thank You. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
Nobody from IT has been to this overseas office in my 8 years at this company. We've shipped servers and this admin has set them in the rack and hooked them up. By now, the political situation has gotten to be such that it would be thoroughly resented if I went to correct things, such as locking away the servers - even if it were just the DC and Exchange server. It's extremely unlikely that we'd get a second DC in the overseas offices, and one should be sufficient, because if they lost both the DC and the WAN or VPN at the same time, they'd likely have bigger problems. On Sun, Feb 21, 2010 at 11:43, Davies,Matt mdav...@generalatlantic.com wrote: Kurt, For remote offices, we have always made sure that we have 2 DC's both with DHCP, although only if they are in a secure location with restricted physical access, we have done this mainly for redundancy, we have looked at running DHCP from a centralised location, but even in this day and age, wan links or VPNs can sometimes be unreliable. This way if the WAN or VPN is down then the users can still logon and still browse the internet. Cheers Matt -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 21 February 2010 18:34 To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ _ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately at h...@generalatlantic.com . Thank You. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
Do you really want someone to control what and where the clients look to for information? Do you trust this person to keep their hands off of the network? If you say yes leave them be if you don't or if this person just is one to the type that all things Linux is good and all things Microsoft is bad then I would use the hammer and make sure you document the reason why you are doing it. I suspect this person since they have(by our own statement) shut down the DC because things were not right is going to cause you issues more so down the road with retaining control of DHCP. All clients know to look for the DHCP server for a lot of information including IP address for the DNS and AD servers. Jon On Sun, Feb 21, 2010 at 2:51 PM, Kurt Buff kurt.b...@gmail.com wrote: Nobody from IT has been to this overseas office in my 8 years at this company. We've shipped servers and this admin has set them in the rack and hooked them up. By now, the political situation has gotten to be such that it would be thoroughly resented if I went to correct things, such as locking away the servers - even if it were just the DC and Exchange server. It's extremely unlikely that we'd get a second DC in the overseas offices, and one should be sufficient, because if they lost both the DC and the WAN or VPN at the same time, they'd likely have bigger problems. On Sun, Feb 21, 2010 at 11:43, Davies,Matt mdav...@generalatlantic.com wrote: Kurt, For remote offices, we have always made sure that we have 2 DC's both with DHCP, although only if they are in a secure location with restricted physical access, we have done this mainly for redundancy, we have looked at running DHCP from a centralised location, but even in this day and age, wan links or VPNs can sometimes be unreliable. This way if the WAN or VPN is down then the users can still logon and still browse the internet. Cheers Matt -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 21 February 2010 18:34 To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ _ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately at h...@generalatlantic.com . Thank You. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DHCP in Win2k3 R2 domain
There is no intrinsic reason for DHCP to be based on Windows. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 1:34 PM To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
+1. Kind of makes me sad the guy thinks he admining DHCP. I mean really, how often do you touch it? I would just say that if you have a corp standard, follow it. Be it Windows or any other flavor. Pick one and standardize (which you have done). That's a hard argument for someone when 90% of the company is already following it. On 2/21/10, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 1:34 PM To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from my mobile device ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: I lost the fight
ESM...Global SettingsMobile services Todd Lemmiksoo From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Sunday, February 21, 2010 2:42 PM To: NT System Admin Issues Subject: RE: I lost the fight I don't have an Exchange 2003 org handy but there's a Global Settings type node in the top of the tree in ESM and then under there is a Mobile Options type thing. Said Mobile stuff showed up in 2003 SP2 so if you're missing that (hope not) you won't see it. Thanks, Brian Desmond br...@briandesmond.com mailto:br...@briandesmond.com c - 312.731.3132 From: HELP_PC [mailto:g...@enter.it] Sent: Sunday, February 21, 2010 12:55 AM To: NT System Admin Issues Subject: R: I lost the fight Where is it ? GuidoElia HELPPC Da: Brian Desmond [mailto:br...@briandesmond.com] Inviato: sabato 20 febbraio 2010 19.26 A: NT System Admin Issues Oggetto: RE: I lost the fight You just need to check the Allow Unprovisionable Devices checkbox on the Mobile Settings node. Thanks, Brian Desmond br...@briandesmond.com mailto:br...@briandesmond.com c - 312.731.3132 From: Bill Lambert [mailto:blamb...@concuity.com] Sent: Saturday, February 20, 2010 10:08 AM To: NT System Admin Issues Subject: I lost the fight I have to allow a selected few to connect to Exchange 2003 with iPhones. I'm still arguing for the use of Good software but in the mean time I have to configure Exchange to connect. Is there a definitive article that you may have used on how to configure Exchange for iPhones? Google has returned various results. Thanks in advance! Bill Lambert Windows System Administrator Concuity A healthcare division of Trintech, Inc. Phone 847-941-9206 Fax 847-465-9147 NASDAQ: TTPA The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.gif
Re: DHCP in Win2k3 R2 domain
He didn't reboot the DC, he rebooted the firewall - in spite of the fact that I asked him to call our on-call extension here in the States, which generates a page to the on-call cell phone. I'm not sure of his stance on MSFT vs. Linux, except that he definitely prefers the latter. Still, you haven't brought up any technical reasons why not. There may be further issues, and I'll keep looking around for a day or two. Kurt On Sun, Feb 21, 2010 at 12:59, Jon Harris jk.har...@gmail.com wrote: Do you really want someone to control what and where the clients look to for information? Do you trust this person to keep their hands off of the network? If you say yes leave them be if you don't or if this person just is one to the type that all things Linux is good and all things Microsoft is bad then I would use the hammer and make sure you document the reason why you are doing it. I suspect this person since they have(by our own statement) shut down the DC because things were not right is going to cause you issues more so down the road with retaining control of DHCP. All clients know to look for the DHCP server for a lot of information including IP address for the DNS and AD servers. Jon On Sun, Feb 21, 2010 at 2:51 PM, Kurt Buff kurt.b...@gmail.com wrote: Nobody from IT has been to this overseas office in my 8 years at this company. We've shipped servers and this admin has set them in the rack and hooked them up. By now, the political situation has gotten to be such that it would be thoroughly resented if I went to correct things, such as locking away the servers - even if it were just the DC and Exchange server. It's extremely unlikely that we'd get a second DC in the overseas offices, and one should be sufficient, because if they lost both the DC and the WAN or VPN at the same time, they'd likely have bigger problems. On Sun, Feb 21, 2010 at 11:43, Davies,Matt mdav...@generalatlantic.com wrote: Kurt, For remote offices, we have always made sure that we have 2 DC's both with DHCP, although only if they are in a secure location with restricted physical access, we have done this mainly for redundancy, we have looked at running DHCP from a centralised location, but even in this day and age, wan links or VPNs can sometimes be unreliable. This way if the WAN or VPN is down then the users can still logon and still browse the internet. Cheers Matt -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 21 February 2010 18:34 To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ _ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately at h...@generalatlantic.com . Thank You. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~
RE: Synchronous RDP Session Monitoring.
Ok. I believe Harry wasn't referring to a terminal server though. He wanted to remote control desktop sessions from another desktop. So it's either remote assistance, remote control (via sccm) or some other 3rd party app. -Original Message- From: Jay Dale [mailto:jay.d...@3-gig.com] Sent: Saturday, 20 February 2010 1:28 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. No, I viewed an RDP session on Windows 2003 using RDP from Windows 7. -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Friday, February 19, 2010 8:31 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. Are you saying you connected from Windows 7 to another Windows 7 and was able to view the console session without having the screen locked on the remote computer? Because I've tried and it does lock it. -Original Message- From: Jay Dale [mailto:jay.d...@3-gig.com] Sent: Saturday, 20 February 2010 1:21 AM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. http://support.microsoft.com/kb/278845 I'm using it on Windows 7 Professional, so I believe it's the updated version of RDP, and it worked fine. You could also go with Logmein - purchase a Pro license and it will allow for unlimited free connections. Setup the Pro on your home or work PC, then use the free version for all the other connections. Jay -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Thursday, February 18, 2010 11:34 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. /console was replaced with /admin in version 6(I think) onwards. It also does not permit synchronous viewing. It will lock the remote desktop. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Friday, 19 February 2010 2:18 PM To: NT System Admin Issues Subject: Re: Synchronous RDP Session Monitoring. On 18 Feb 2010 at 20:50, Harry Singh wrote: Forgive my ignorance, butI'vebeen a Dameware user for over 6 years and I have a very simple query for RDP users out there. Dameware, as does VNC, allows you to connect to a desktopsynchronouslyso you can see the user's actual Desktop as it appears for them -- is that an option while using RDP ? if yes, how would i get that done ? There's a command-line option that allows you to connect to the console of the remote machine, I believe it works like this: C: mstsc /v:SERVER /console Microsoft Windows XP - Mstsc http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/ts_cmd_mstsc.mspx Not sure if it works the same in connecting to an XP desktop, all I can do is suggest you try it out. In an attempt to cut costs, Dameware is slowly approaching the proverbial chopping block. UltraVNC works perfectly for me. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
There really aren't any technical reasons not to. And he has physical access anyway. As you said, not enough reason to be draconian. Yet. :) -ASB: http://xeesm.com/AndrewBaker Sent from my Verizon Smartphone -Original Message- From: Kurt Buff kurt.b...@gmail.com Date: Sun, 21 Feb 2010 13:48:05 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: Re: DHCP in Win2k3 R2 domain He didn't reboot the DC, he rebooted the firewall - in spite of the fact that I asked him to call our on-call extension here in the States, which generates a page to the on-call cell phone. I'm not sure of his stance on MSFT vs. Linux, except that he definitely prefers the latter. Still, you haven't brought up any technical reasons why not. There may be further issues, and I'll keep looking around for a day or two. Kurt On Sun, Feb 21, 2010 at 12:59, Jon Harris jk.har...@gmail.com wrote: Do you really want someone to control what and where the clients look to for information? Do you trust this person to keep their hands off of the network? If you say yes leave them be if you don't or if this person just is one to the type that all things Linux is good and all things Microsoft is bad then I would use the hammer and make sure you document the reason why you are doing it. I suspect this person since they have(by our own statement) shut down the DC because things were not right is going to cause you issues more so down the road with retaining control of DHCP. All clients know to look for the DHCP server for a lot of information including IP address for the DNS and AD servers. Jon On Sun, Feb 21, 2010 at 2:51 PM, Kurt Buff kurt.b...@gmail.com wrote: Nobody from IT has been to this overseas office in my 8 years at this company. We've shipped servers and this admin has set them in the rack and hooked them up. By now, the political situation has gotten to be such that it would be thoroughly resented if I went to correct things, such as locking away the servers - even if it were just the DC and Exchange server. It's extremely unlikely that we'd get a second DC in the overseas offices, and one should be sufficient, because if they lost both the DC and the WAN or VPN at the same time, they'd likely have bigger problems. On Sun, Feb 21, 2010 at 11:43, Davies,Matt mdav...@generalatlantic.com wrote: Kurt, For remote offices, we have always made sure that we have 2 DC's both with DHCP, although only if they are in a secure location with restricted physical access, we have done this mainly for redundancy, we have looked at running DHCP from a centralised location, but even in this day and age, wan links or VPNs can sometimes be unreliable. This way if the WAN or VPN is down then the users can still logon and still browse the internet. Cheers Matt -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 21 February 2010 18:34 To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ _ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you
RE: DHCP in Win2k3 R2 domain
Is this office an exception? Or do you have other offices that also have linux dhcp servers? Are there other techs that may need to remotely manage this site? Do they have the access/skills/knowledge to work with a linux dhcp server? Do they know to even look for it or are they expecting windows dhcp? To me there are a two main issues here:- Possible lack of standardisation An Admin that wants to control something for no real reason. There is smoke here in my opinion. What's he hiding? Technical solutions(which may or not be possible) is to take control at the network level. Block dhcp broadcasts on the switch for the relevant ports (67,68 from memory) for the linux dhcp server. If there are other subnets involved set your ip helper configuration to forward requests to the windows dhcp server. But really this guy needs to understand the benefits of standardisation. Unless he can provide an outstanding benefit of running the dhcp server on linux then it makes no sense to have an exception from the norm. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, 22 February 2010 4:34 AM To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DHCP in Win2k3 R2 domain
With regards to the clients updating DNS, yes they are normally set to do that. However you can configure the dhcp server to do it. This can be beneficial in environments where you have clients that are unable to update dns with their new IP information. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, 22 February 2010 7:57 AM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DHCP in Win2k3 R2 domain
The converse to the DHCP detection stuff is that if any Windows box comes up in the domain with DHCP installed, DHCP won't actually start until someone with (by default) Enterprise Admin privs authorizes it. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 3:57 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
On Sun, Feb 21, 2010 at 13:22, Martin Blackstone mblackst...@gmail.com wrote: +1. Kind of makes me sad the guy thinks he admining DHCP. I mean really, how often do you touch it? I would just say that if you have a corp standard, follow it. Be it Windows or any other flavor. Pick one and standardize (which you have done). That's a hard argument for someone when 90% of the company is already following it. Understood and agreed. He's fighting the loss of control, I suspect, more than anything. Standardization is a good thing, though, and it may come down to that. I think I'll ask him to quantify the amount of change he's seeing in his environment, and why setting up a pool of leases won't suffice, along with a helpdesk ticket to set up reservations if he needs them. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
We have two overseas offices. The one under discussion is an exception. I was wondering what was being hidden as well, but at this point there's not enough smoke. He's fought me on a lot of issues. I'm gradually winning. :) On Sun, Feb 21, 2010 at 14:20, James Hill james.h...@superamart.com.au wrote: Is this office an exception? Or do you have other offices that also have linux dhcp servers? Are there other techs that may need to remotely manage this site? Do they have the access/skills/knowledge to work with a linux dhcp server? Do they know to even look for it or are they expecting windows dhcp? To me there are a two main issues here:- Possible lack of standardisation An Admin that wants to control something for no real reason. There is smoke here in my opinion. What's he hiding? Technical solutions(which may or not be possible) is to take control at the network level. Block dhcp broadcasts on the switch for the relevant ports (67,68 from memory) for the linux dhcp server. If there are other subnets involved set your ip helper configuration to forward requests to the windows dhcp server. But really this guy needs to understand the benefits of standardisation. Unless he can provide an outstanding benefit of running the dhcp server on linux then it makes no sense to have an exception from the norm. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, 22 February 2010 4:34 AM To: NT System Admin Issues Subject: DHCP in Win2k3 R2 domain All, Actually, the issue isn't really that, it's the part time admin in one of our overseas offices. He's running DHCP on a linux box, and handing out DNS/WINS entries pointing to the AD servers. I've got DHCP set up on the DC in their office, but haven't turned it on yet. He's balking because he want to control the handing out of addresses in his environment. Yes, I've taken away a large portion of his former set of control, but he can set up new users (including their mailboxes, etc.) and workstations, and he is an admin on the file server and the ERP box in their office, but little else - he doesn't have access to the DC with WINS/DNS, nor the firewall (though he has pulled the plug on it when it wasn't working right, without calling me, which really pissed me off.) I could just turn on DHCP on the DC, and let those two machines fight it out, with the resulting chaos that would ensue, but I don't think that's terribly smart. I could just use the management hammer and tell him to turn the linux service off because I said so but that seems less than optimal as well. The servers are set up with static addresses, so that bit is not an issue. Can anyone point me to KB articles or other documentation on running DHCP that bolsters the case for centralizing it with AD? OTOH, if there's no compelling reason for doing so, I'd like to hear that as well, though I think that having network infrastructure services served out of the same platform, and manageable by the HQ would be a good thing. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Synchronous RDP Session Monitoring.
Thanks Dean, but James is correct. I'll do more research on remote assistance or might just look up the various ways on how to deploy and maintain rev changes with UltraVNC. On Sun, Feb 21, 2010 at 4:55 PM, James Hill james.h...@superamart.com.auwrote: Ok. I believe Harry wasn't referring to a terminal server though. He wanted to remote control desktop sessions from another desktop. So it's either remote assistance, remote control (via sccm) or some other 3rd party app. -Original Message- From: Jay Dale [mailto:jay.d...@3-gig.com] Sent: Saturday, 20 February 2010 1:28 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. No, I viewed an RDP session on Windows 2003 using RDP from Windows 7. -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Friday, February 19, 2010 8:31 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. Are you saying you connected from Windows 7 to another Windows 7 and was able to view the console session without having the screen locked on the remote computer? Because I've tried and it does lock it. -Original Message- From: Jay Dale [mailto:jay.d...@3-gig.com] Sent: Saturday, 20 February 2010 1:21 AM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. http://support.microsoft.com/kb/278845 I'm using it on Windows 7 Professional, so I believe it's the updated version of RDP, and it worked fine. You could also go with Logmein - purchase a Pro license and it will allow for unlimited free connections. Setup the Pro on your home or work PC, then use the free version for all the other connections. Jay -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Thursday, February 18, 2010 11:34 PM To: NT System Admin Issues Subject: RE: Synchronous RDP Session Monitoring. /console was replaced with /admin in version 6(I think) onwards. It also does not permit synchronous viewing. It will lock the remote desktop. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Friday, 19 February 2010 2:18 PM To: NT System Admin Issues Subject: Re: Synchronous RDP Session Monitoring. On 18 Feb 2010 at 20:50, Harry Singh wrote: Forgive my ignorance, butI'vebeen a Dameware user for over 6 years and I have a very simple query for RDP users out there. Dameware, as does VNC, allows you to connect to a desktopsynchronouslyso you can see the user's actual Desktop as it appears for them -- is that an option while using RDP ? if yes, how would i get that done ? There's a command-line option that allows you to connect to the console of the remote machine, I believe it works like this: C: mstsc /v:SERVER /console Microsoft Windows XP - Mstsc http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/ts_cmd_mstsc.mspx Not sure if it works the same in connecting to an XP desktop, all I can do is suggest you try it out. In an attempt to cut costs, Dameware is slowly approaching the proverbial chopping block. UltraVNC works perfectly for me. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
Yes, but it seems a bit shortsighted in the face I what I've had to deal with - on at least two occasions I've had people drag personal (linksys, dlink) firewalls/routers into work because they needed them, and really screwed with one of my subnets. This was back when we were on NT4, and it was not on the subnet with the servers, so it didn't DoS the entire office, just that subnet, but still... Kurt On Sun, Feb 21, 2010 at 14:31, Brian Desmond br...@briandesmond.com wrote: The converse to the DHCP detection stuff is that if any Windows box comes up in the domain with DHCP installed, DHCP won't actually start until someone with (by default) Enterprise Admin privs authorizes it. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 3:57 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DHCP in Win2k3 R2 domain
Yep. Do your switches support DHCP Snooping? You can pretty much kill the problem if they have such a feature. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 5:11 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain Yes, but it seems a bit shortsighted in the face I what I've had to deal with - on at least two occasions I've had people drag personal (linksys, dlink) firewalls/routers into work because they needed them, and really screwed with one of my subnets. This was back when we were on NT4, and it was not on the subnet with the servers, so it didn't DoS the entire office, just that subnet, but still... Kurt On Sun, Feb 21, 2010 at 14:31, Brian Desmond br...@briandesmond.com wrote: The converse to the DHCP detection stuff is that if any Windows box comes up in the domain with DHCP installed, DHCP won't actually start until someone with (by default) Enterprise Admin privs authorizes it. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 3:57 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DHCP in Win2k3 R2 domain
Unknown. Possibly. I have a bunch of HP 2510-48s, and an HP 2400cl for my backbone. I'll have to check that out. I don't know what I have in my overseas offices. Kurt On Sun, Feb 21, 2010 at 15:37, Brian Desmond br...@briandesmond.com wrote: Yep. Do your switches support DHCP Snooping? You can pretty much kill the problem if they have such a feature. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 5:11 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain Yes, but it seems a bit shortsighted in the face I what I've had to deal with - on at least two occasions I've had people drag personal (linksys, dlink) firewalls/routers into work because they needed them, and really screwed with one of my subnets. This was back when we were on NT4, and it was not on the subnet with the servers, so it didn't DoS the entire office, just that subnet, but still... Kurt On Sun, Feb 21, 2010 at 14:31, Brian Desmond br...@briandesmond.com wrote: The converse to the DHCP detection stuff is that if any Windows box comes up in the domain with DHCP installed, DHCP won't actually start until someone with (by default) Enterprise Admin privs authorizes it. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Sunday, February 21, 2010 3:57 PM To: NT System Admin Issues Subject: Re: DHCP in Win2k3 R2 domain On Sun, Feb 21, 2010 at 13:11, Michael B. Smith mich...@smithcons.com wrote: There is no intrinsic reason for DHCP to be based on Windows. No technical reason then. As I suspected. There are some easy of admin features that I think are nice - such as when you build the subnet the wizard prompts you for the site-aware DNS and WINS server and the automatic DNS and rDNS registrations. Explain that a bit more? Doesn't the setting in WinXP (which is what we're on) also handle that if set manually during OS installation? But any modern (i.e., the last 15 years) DHCP server knows about WINS and NBNS node types, etc. etc. Right. If DHCP on Windows detects another DHCP server, it'll automatically shut itself down to avoid fighting for control. That I didn't know. I'm not sure I like that. I prefer running DHCP on Windows - especially in branch offices, I can go one place and control everything and see everything. And it makes monitoring easier, too. From a security standpoint, this is a win - knowing if new MAC addresses are picking up IP addresses out of the pool is a good thing, and while it's possible to do this with the Linux DHCP server (even easy, if your scripting skills are good) it's just one more place to look. This is something to consider. Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: log levels
When your machine blue screens, the state of the machine's memory is captured in the dump file. Get a kernel dump for a snapshot of what's in memory. What are you expecting the Windows Event Logs to tell you? FWIW, it's up to each application to determine what to write to the Windows event log. If the application doesn't support a verbose logging mode, then you can't get any more data out of the Event Logs Cheers Ken From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Saturday, 20 February 2010 2:00 AM To: NT System Admin Issues Subject: RE: log levels Well, what's happening is that our time and attendance software will start to import the punches from the clocks and then it'll blue screen. Some research looking at the mini-dump files suggests that Vipre is the culprit, and I've got logging enabled at the maximum level there, but right now Vipre is disabled at the suggestion of Support. I was hoping I could attack this from both sides - from the Windows side of things and from the Vipre side. Guess I can't turn up the event log levels...wish I could. :( From: KenM [mailto:kenmli...@gmail.com] Sent: Friday, February 19, 2010 9:44 AM To: NT System Admin Issues Subject: Re: log levels Crashing, is this just an app or is the computer itself crashing. If it is the computer configure it to create a dump file and look at that. If it is a app you can use adplus. On Fri, Feb 19, 2010 at 9:26 AM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: Is there any way to increase the verbosity of the information recorded in the event logs in Windows 2000? I've got a machine that has been crashing intermittently. I *may* have tracked down the culprit, but I'd like to be sure by getting as much info as possible from the event logs. Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
R: I lost the fight
Found and everything is checked (SBS2k3 and probably the CEICW put the checks) GuidoElia HELPPC _ Da: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] Inviato: domenica 21 febbraio 2010 22.34 A: NT System Admin Issues Oggetto: RE: I lost the fight ESM...Global SettingsMobile services Todd Lemmiksoo _ From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Sunday, February 21, 2010 2:42 PM To: NT System Admin Issues Subject: RE: I lost the fight I don't have an Exchange 2003 org handy but there's a Global Settings type node in the top of the tree in ESM and then under there is a Mobile Options type thing. Said Mobile stuff showed up in 2003 SP2 so if you're missing that (hope not) you won't see it. Thanks, Brian Desmond mailto:br...@briandesmond.com br...@briandesmond.com c - 312.731.3132 From: HELP_PC [mailto:g...@enter.it] Sent: Sunday, February 21, 2010 12:55 AM To: NT System Admin Issues Subject: R: I lost the fight Where is it ? GuidoElia HELPPC _ Da: Brian Desmond [mailto:br...@briandesmond.com] Inviato: sabato 20 febbraio 2010 19.26 A: NT System Admin Issues Oggetto: RE: I lost the fight You just need to check the Allow Unprovisionable Devices checkbox on the Mobile Settings node. Thanks, Brian Desmond mailto:br...@briandesmond.com br...@briandesmond.com c - 312.731.3132 From: Bill Lambert [mailto:blamb...@concuity.com] Sent: Saturday, February 20, 2010 10:08 AM To: NT System Admin Issues Subject: I lost the fight I have to allow a selected few to connect to Exchange 2003 with iPhones. I'm still arguing for the use of Good software but in the mean time I have to configure Exchange to connect. Is there a definitive article that you may have used on how to configure Exchange for iPhones? Google has returned various results. Thanks in advance! Bill Lambert Windows System Administrator Concuity A healthcare division of Trintech, Inc. Phone 847-941-9206 Fax 847-465-9147 clip_image001 NASDAQ: TTPA The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.gif
