RE: UPSes

[Phillip Partipilo]

My overall experience with Tripp-Lite is a product that is designed to be 
basically disposable.  A product designed to last the life of the battery, at 
most.  Poor thermal management, overheating components, and overall low quality 
components.  Whereas APC units (especially SmartUPS models) are built like 
tanks.  Granted I haven't worked with a Tripp-Lite in a bit over 5 years, thats 
just been the general taste of their products.  If you're concerned about 
money, purchase from refurbups.com.  The stuff I've got from them has been 
basically good as new, aside from some being old stock, usually rs232 instead 
of usb, for example, but can't beat the prices.  A single unit purchase from 
them of a sizable unit (say a 1000 or 750xl) will offset the cost of that 
software.

Sometimes they sell refurbed models that are well over EOL, but still good, 
like this one enormous 2200RMXL5U that I got a few years ago. Must weigh at 
least 150 pounds. Big momma of a UPS. They just dont make single (rackmount) 
units anymore like that, with massive runtime without additional battery packs.

Good prices on battery packs there, though ive searched around and found 
ragebattery.com to have the best prices on their Rhino branded SLA batteries, 
which you can buy as cases of batteries and disassemble your old RBC packs and 
rebuild a new pack in a matter of minutes.  Then dump the old batteries off at 
a local auto parts store.  They get paid a bounty so they're usually happy to 
take them off your hands for free.



From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Tuesday, April 20, 2010 10:08 PM
To: NT System Admin Issues
Subject: Re: UPSes

On 16 Apr 2010 at 8:25, Reimer, Mark  wrote:

>
> Hi folks, I've done some (or tried to) research on the differences
> between APC Backups vs Smart-UPS, or Tripp Lite SmartPro vs OmniSmart. One
> set (Backups and OmniSmart) seem to be almost ½ price of the other set
> (Smart-UPS and SmartPro) for the same rated VA/wattage. The only real
> difference I can find is manageability. These will be for POE switches in
> wiring closets. Any help/experience will be most appreciated. Thanks.

FWIW I have both TrippLites and APCs at one client who has bought them here and 
there.  They have not installed the cables or software, and the cables have 
disappeared.  The new TrippLites use standard USB A-to-B cables, while the APCs 
use proprietary $30 RJ5-to-USB-A cables.  A bunch of their APCs are older, with 
RS-232 interfaces (proprietary APC $32 cable).  I'm about to replace most of 
the units without cables, and the TrippLites are about 20-25% less for the same 
specs.

Does anyone here have experience with their network software?  APC wants $280 
for a 5-to-25-user version of their network console.  TrippLite has a free 
network console for up to 250 stations.



--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-895-3270
Security Blog: http://geoapps.com/







~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Erik Goldoff]

Any failures or imminent failures reported in insight manager ?  Possible
power supply issue, or thermal failures ?

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected an
issue with Windows. However, I booted into the BIOS and let it sit there for
a few minutes. Again at random intervals the system will reboot. Sometimes I
can’t even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) – still
reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this with
the G4’s? It had run for about four years prior with no issue until this
started. No other hardware changes or updates to the BIOS have been done in
the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not be
used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential,
and is intended solely for the use of the individuals or entities to whom it
is addressed. If you are not the intended recipient or the person
responsible for delivering the e-mail to the intended recipient, be advised
that you have received this e-mail in error and that any use, dissemination,
forwarding, printing, or copying of this e-mail and any file attachments is
strictly prohibited. If you have received this e-mail in error, please
immediately notify us by telephone toll-free at (866) 841-6888 or by reply
e-mail to the sender. You must destroy the original transmission and its
contents. You will be reimbursed for reasonable costs incurred in notifying
us. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Running Forefront(tm) Client Security - RAM usage?

[Hart, Robert]

Running XP SP3, fully patched

 

Today's reading;

 

>From Process Explorer - Sysinternals

 

MsMpEng.exe

Working Set = 60,240

WS Private = 58,096

MsPMSPSv.exe

Working Set = 1,568

WS Private = 56

 

 

 

From: James Hill [mailto:james.h...@superamart.com.au] 
Sent: Tuesday, April 20, 2010 9:29 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

 

My experience with MSE (which is based on forefront I believe) showed
much higher ram usage under XP compared to Windows 7 as well.

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Wednesday, 21 April 2010 5:34 AM
To: NT System Admin Issues
Subject: Re: Running Forefront(tm) Client Security - RAM usage?

 

What metric do those values represent?  My Win7 x64 machine running
Vipre Enterprise (3.1.2848) shows the following for working set.

 

SBAMSvc.exe = 21,424

SBAMTray.exe = 45,984

 

However, the private working set values are significantly lower:

 

SBAMSvc.exe = 16,960

SBAMTray.exe = 2,124

 

IIRC, XP and earlier reported the working set value from Task Manager.
The same utility in Vista and later reports the private working set by
default.  (But can be made to show working set as well.)

 

 

On Tue, Apr 20, 2010 at 2:30 PM, Hart, Robert
 wrote:

MsMpEng.exe = 66,720K sitting ldle

MsPMSPSv.exe = 1,568K sitting idle

 

If I may add I dislike the product.

 

 

Bob

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Tuesday, April 20, 2010 2:08 PM


To: NT System Admin Issues

Subject: Running Forefront(tm) Client Security - RAM usage?

 

Anyone running Forefront that can quickly tell me what its real-world
RAM usage is on an end-point?

 

Warm regards,

Stu Sjouwerman

Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com

... 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Nagios folks....

[Joseph L. Casale]

http://nagiosplugins.org/man/check_snmp

Or to make things easy, this guy wrote some custom checks using snmp that make 
things easier:

http://nagios.manubulon.com/

I wrote the cmd templates such that it passes hostaddress, then ARG1 so that I 
can use snmpv3 on all my nix boxes and v2 on my windows boxes with the same 
check cmd. Works well...

jlc
From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 20, 2010 10:27 PM
To: NT System Admin Issues
Subject: RE: Nagios folks

Cool thanks! Can you point me to documentation, etc than I can send my current 
Nagios admin to?

Dave

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Ziots, Edward]

Usually  if you have replaced the memory, and you are still getting the
random reboots, and nothing is showing in the IML Log, or via Insight
Management Agents in the Event Log, then its probably Motherboard issue,
and you should have that replaced. 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 6:42 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Any failures or imminent failures reported in insight manager ?
Possible power supply issue, or thermal failures ?

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: UPSes

[Ziots, Edward]

I might be a little baised, since I worked for APC as my first job and been a 
loyal supporter of their UPS's for years, but you just can't beat the quality 
of the systems, especially the Powerstructure systems, but I have either used 
or troubleshooted or supported everything from the Backup to Smart Ups to 
Matrix, Symmetrix and Powerstructure UPS over the last 10+ years, and again you 
can't beat the quality. 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Phillip Partipilo [mailto:p...@psnet.com] 
Sent: Wednesday, April 21, 2010 3:18 AM
To: NT System Admin Issues
Subject: RE: UPSes

 

My overall experience with Tripp-Lite is a product that is designed to be 
basically disposable.  A product designed to last the life of the battery, at 
most.  Poor thermal management, overheating components, and overall low quality 
components.  Whereas APC units (especially SmartUPS models) are built like 
tanks.  Granted I haven't worked with a Tripp-Lite in a bit over 5 years, thats 
just been the general taste of their products.  If you're concerned about 
money, purchase from refurbups.com.  The stuff I've got from them has been 
basically good as new, aside from some being old stock, usually rs232 instead 
of usb, for example, but can't beat the prices.  A single unit purchase from 
them of a sizable unit (say a 1000 or 750xl) will offset the cost of that 
software.

 

Sometimes they sell refurbed models that are well over EOL, but still good, 
like this one enormous 2200RMXL5U that I got a few years ago. Must weigh at 
least 150 pounds. Big momma of a UPS. They just dont make single (rackmount) 
units anymore like that, with massive runtime without additional battery packs.

 

Good prices on battery packs there, though ive searched around and found 
ragebattery.com to have the best prices on their Rhino branded SLA batteries, 
which you can buy as cases of batteries and disassemble your old RBC packs and 
rebuild a new pack in a matter of minutes.  Then dump the old batteries off at 
a local auto parts store.  They get paid a bounty so they're usually happy to 
take them off your hands for free.

 

 



From: Angus Scott-Fleming [mailto:angu...@geoapps.com] 
Sent: Tuesday, April 20, 2010 10:08 PM
To: NT System Admin Issues
Subject: Re: UPSes

 

On 16 Apr 2010 at 8:25, Reimer, Mark  wrote:

 

> 

> Hi folks, I've done some (or tried to) research on the differences

> between APC Backups vs Smart-UPS, or Tripp Lite SmartPro vs OmniSmart. One

> set (Backups and OmniSmart) seem to be almost ½ price of the other set

> (Smart-UPS and SmartPro) for the same rated VA/wattage. The only real

> difference I can find is manageability. These will be for POE switches in

> wiring closets. Any help/experience will be most appreciated. Thanks. 

 

FWIW I have both TrippLites and APCs at one client who has bought them here and 
there.  They have not installed the cables or software, and the cables have 
disappeared.  The new TrippLites use standard USB A-to-B cables, while the APCs 
use proprietary $30 RJ5-to-USB-A cables.  A bunch of their APCs are older, with 
RS-232 interfaces (proprietary APC $32 cable).  I'm about to replace most of 
the units without cables, and the TrippLites are about 20-25% less for the same 
specs.

 

Does anyone here have experience with their network software?  APC wants $280 
for a 5-to-25-user version of their network console.  TrippLite has a free 
network console for up to 250 stations.

 

 

 

--

Angus Scott-Fleming

GeoApps, Tucson, Arizona

1-520-895-3270

Security Blog: http://geoapps.com/

 

  

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server monitoring solution recommendations? - Email has different SMTP TO: and MIME TO: fields in the email addresses

[Martin Blackstone]

Does PA Server Monitor use agents? Im looking for similar but would really
prefer an agentless app.

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, April 20, 2010 12:02 PM
To: NT System Admin Issues
Subject: RE: Server monitoring solution recommendations? - Email has
different SMTP TO: and MIME TO: fields in the email addresses

I've used both Whats Up Gold and Solarwinds. Solarwinds is better, but still
not inexpensive.

You might look @ PA Server Monitor. It may be what you're looking for, and
is very cost effective compared to WUG or SW. We use it for some of our
monitoring.

http://www.poweradmin.com/servermonitor/


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: kstephenso...@thinkpath.com [mailto:kstephenso...@thinkpath.com]
Sent: Tuesday, April 20, 2010 2:46 PM
To: NT System Admin Issues
Subject: [SPAM] - RE: Server monitoring solution recommendations? - Email
has different SMTP TO: and MIME TO: fields in the email addresses

Completely Understand - Yes; cost is still high.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Tuesday, April 20, 2010 2:42 PM
To: NT System Admin Issues
Subject: Re: Server monitoring solution recommendations?

Cost-effective? Not the last time I looked at it.

However, when I last used it in production (um, well, more than 10 years
ago) it was *very* nice.

Kurt

On Tue, Apr 20, 2010 at 08:55,   wrote:
> Hello Steven
> One other product which I used previously was WhatsUp(r) Gold Premium 
> Edition provides an extensive and cost-effective out-of-the-box single 
> site management and monitoring solution for networks of all sizes
>
> Ken
>
> -Original Message-
> From: Stringham, Steven [mailto:sstri...@lrlaw.com]
> Sent: Tuesday, April 20, 2010 11:50 AM
> To: NT System Admin Issues
> Subject: RE: Server monitoring solution recommendations?
>
> +1 Nagios - yes a bit to setup - but it just runs.
>
> +1 also for Cacti - if you want the historical graphs. Very nice.
>
>
> -Original Message-
> From: Michael Leone [mailto:oozerd...@gmail.com]
> Sent: Friday, April 16, 2010 6:07 AM
> To: NT System Admin Issues
> Subject: Server monitoring solution recommendations?
>
> I'm investigating server monitoring solutions for my enterprise. What 
> I'm interested in is real world experiences and recommendations, not 
> just sales pitches and product sheets that I can get from Google.
>
> The way I see it, I need 2 basic functions: I need to be able to 
> monitor various aspects of a server (CPU usage, free disk space, is a 
> service running, does the web service return a web page in a timely 
> manner, is the switch at that site being overloaded, etc - the usual 
> things you'd want to know from a server, I think) and then alert me 
> when certain triggers or thresholds are crossed; and also to provide 
> historical reports, showing trends over time. At a previous job, I 
> used to ServersAlive!, which suited my needs there. But now I am at a 
> place that has over 100 servers and switches, across multiple sites.
> And so I think I'd need something with more heft, perhaps.
>
> We're an HP shop, and I am looking at HP's SIM (Insight Manager) 
> software, but that doesn't seem to monitor all the sorts of functions 
> I want, nor does it seem to present it in a timely manner.
>
> I'm also looking at PacketTraps PT 360 tool suite (which is free), and 
> that seems to show me some of what I need, but doesn't seem to have a 
> lot in the way of reporting, nor have I found a way (yet) for it to 
> alert me to configurable settings.
>
> I've also downloaded SpiceWorks, on the recommendation of a colleague, 
> but haven't had a chance to investigate it yet.
>
> We're a gov't agency, so I don't have a whole lot of money. But I have 
> a need, and at the moment, nothing in place to fill it. Getting an 
> alert email that tells me that my mail server CPU has been up over 80% 
> for more than xx seconds would be a good thing, so I don't have to get 
> phone calls from users, asking why mail is so slow, and that's the 
> first
I've heard of it.
> I'm sure you get the idea. And the boss wants reports over time, for 
> capacity planning and the like.
>
> So any recommendations would be welcome, as would anything I've forgotten.
> We're almost exclusively a Windows shop, but with 10 VMware ESX hosts, 
> a number of MS SQL servers (2000, 2005), and a number of Cisco 
> switches (and a couple Nortel ones scattered here and there). No 
> Exchange (we're a Notes shop).
>
> TIA
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> 
> For more information about Lewis and Roca LLP, please go to 
> www.lewisandroca.com.
> Phoenix (602) 262-5311
> Tucson (520) 622-2090
> Las Vegas (702) 949-8200
> Reno (775) 82

RE: Spontaneous server reboots

[John Aldrich]

You're probably right, Edward, however, I'd also try replacing the power
supply with a "known good" power supply first. THEN if the spontaneous
reboots continue, I'd say you've exhausted all other options and should
replace the motherboard.

 

John-AldrichTile-Tools

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, April 21, 2010 7:35 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Usually  if you have replaced the memory, and you are still getting the
random reboots, and nothing is showing in the IML Log, or via Insight
Management Agents in the Event Log, then its probably Motherboard issue, and
you should have that replaced. 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 6:42 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Any failures or imminent failures reported in insight manager ?  Possible
power supply issue, or thermal failures ?

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected an
issue with Windows. However, I booted into the BIOS and let it sit there for
a few minutes. Again at random intervals the system will reboot. Sometimes I
can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) - still
reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this with
the G4's? It had run for about four years prior with no issue until this
started. No other hardware changes or updates to the BIOS have been done in
the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not be
used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential,
and is intended solely for the use of the individuals or entities to whom it
is addressed. If you are not the intended recipient or the person
responsible for delivering the e-mail to the intended recipient, be advised
that you have received this e-mail in error and that any use, dissemination,
forwarding, printing, or copying of this e-mail and any file attachments is
strictly prohibited. If you have received this e-mail in error, please
immediately notify us by telephone toll-free at (866) 841-6888 or by reply
e-mail to the sender. You must destroy the original transmission and its
contents. You will be reimbursed for reasonable costs incurred in notifying
us. 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: need suggestions...iPad in a Windows enterprise, anyone?

[paul d]

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
> 
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
> 
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
> 
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
> 
> Enter the iPad, Apple's answer to the Tablet PC.
> 
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
> 
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
> 
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
> 
> Thanks in advance,
> 
> 
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
> 
> 
> 
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
  
_
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[John Hornbuckle]

I'm hazy on what, specifically, these medical practices will be running on the 
iPads. Is this for web surfing? For checking e-mail? Or are there actual, real 
applications (e.g., electronic patient record systems) that run on them?

It seems like a slate with Win7 would be more practical. Virtually every 
doctor's office and hospital I've ever been to was a PC shop.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>

The New Busy is not the old busy. Search, chat and e-mail from your inbox. Get 
started.






NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Kim Longenbaugh]

What kind of security does the iPad provide?  How do you keep
unauthorized people from getting access to patient info?  What happens
if it's lost or stolen?

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 8:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

I'm hazy on what, specifically, these medical practices will be running
on the iPads. Is this for web surfing? For checking e-mail? Or are there
actual, real applications (e.g., electronic patient record systems) that
run on them?

 

It seems like a slate with Win7 would be more practical. Virtually every
doctor's office and hospital I've ever been to was a PC shop.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 

 

 

From: paul d [mailto:pdw1...@hotmail.com] 
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

I was read the thread this morning and then found this article on
Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single
site.  I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
> 
> Ok, I need some insight/thoughts/suggestions...especially if any of
you have come up against this.
> 
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with
802.1x authentication (we don't support 802.11b, and 802.11g is on the
way out the door). All desktops are XP, with a small handful of 2000 Pro
boxes left out in the field. We've never supported Vista or
Apple-anything on our network, and pulled the last 9x box off of our
network years ago. We're close to getting rid of all of the 2000 clients
off, and we're starting to look at Windows 7. We're multi-specialty,
multi-location, physician-owned healthcare provider, which means HIPAA
is of significant concern. Not much else applies, since we're not
publicly traded (aside from common sense and the law in general). We
have about 425 employees and around 65 physicians (most of the
physicians are shareholders).
> 
> I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.
> 
> Enter the iPad, Apple's answer to the Tablet PC.
> 
> We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.
> 
> I've tried connecting a 64 Gig iPod touch to our wireless network to
no avail, and then discovered that apparently the iPod touch doesn't
like hidden networks. I'm not about to start broadcasting my SSID...
this gives me pause about even considering an iPad, not to mention that
I wouldn't be able to control the machine or authenticate the machine
against the network.
> 
> Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?
> 
> Thanks in advance,
> 
> 
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
> 
> 
> 
> Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 



The New Busy is not the old busy. Search, chat and e-mail from your
inbox. Get started.
  

 

 

 

 
 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog

Domain controllers, what is supposed to happen.

[Reimer, Mark]

Sorry, long email.

 

Windows 2003 Native Domain, two domain controllers, server1 and server2.
Workstations are primarily XP, some Windows 7. Other servers (file
server, email etc) are all Windows 2003. We have about 150 workstations.

 

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master,
PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master,
Schema Master. Both are GC's.

 

In the DHCP settings workstations get both server's IP's as DNS. Server2
is listed first, then server1. Primary WINS server is server1, secondary
is Server2.

 

Last night Server1 went down. It was off hours, but I got a call from
some late night worker (using XP), saying they couldn't do anything.
Couldn't reach any of the servers, or internet. I was able to get the
server going again (bad memory chip, so I just took it out).

 

I thought that if one server went down, the DNS/WINS look up would go to
the other server. But it might be slower (note, I didn't try any of
this, just going on what the user said). Comments?

 

If I didn't get Server1 running again, what should I have done? I assume
I should do the following.

 

1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take
out Server1 as DNS/WINS possibilities.

 

Then work on getting Server1 running again, or replacing it.

 

Did I miss anything?

 

Thanks for any help and insight you can give.

 

Mark

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Mayo, Bill]

The article indicates that they are using the Citrix application to
access a virtual desktop.  I have also heard of specialized applications
that some medical systems are developing/using, particularly in the
field of seeing x-rays et al right from the patient room.



From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 9:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?



I'm hazy on what, specifically, these medical practices will be running
on the iPads. Is this for web surfing? For checking e-mail? Or are there
actual, real applications (e.g., electronic patient record systems) that
run on them?

 

It seems like a slate with Win7 would be more practical. Virtually every
doctor's office and hospital I've ever been to was a PC shop.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 

 

 

From: paul d [mailto:pdw1...@hotmail.com] 
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

I was read the thread this morning and then found this article on
Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single
site.  I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
> 
> Ok, I need some insight/thoughts/suggestions...especially if any of
you have come up against this.
> 
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with
802.1x authentication (we don't support 802.11b, and 802.11g is on the
way out the door). All desktops are XP, with a small handful of 2000 Pro
boxes left out in the field. We've never supported Vista or
Apple-anything on our network, and pulled the last 9x box off of our
network years ago. We're close to getting rid of all of the 2000 clients
off, and we're starting to look at Windows 7. We're multi-specialty,
multi-location, physician-owned healthcare provider, which means HIPAA
is of significant concern. Not much else applies, since we're not
publicly traded (aside from common sense and the law in general). We
have about 425 employees and around 65 physicians (most of the
physicians are shareholders).
> 
> I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.
> 
> Enter the iPad, Apple's answer to the Tablet PC.
> 
> We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.
> 
> I've tried connecting a 64 Gig iPod touch to our wireless network to
no avail, and then discovered that apparently the iPod touch doesn't
like hidden networks. I'm not about to start broadcasting my SSID...
this gives me pause about even considering an iPad, not to mention that
I wouldn't be able to control the machine or authenticate the machine
against the network.
> 
> Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?
> 
> Thanks in advance,
> 
> 
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
> 
> 
> 
> Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 



The New Busy is not the old busy. Search, chat and e-mail from your
inbox. Get started.
  

 

 

 

 


NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

Paul,

Thanks very much for this link. I was considering allowing access through our 
guest network and then leveraging our XenApp/XenDesktop environement, which is 
exactly what this guy is doing. That way I don't have to worry about managing 
the devices on my production network, and everything stays in our environment 
and the iPad is simply an access mechanism to our Citrix environment.

You're in healthcare too, I take it? If so, could we connect offline? Please 
shoot me an email if you have a moment.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>

The New Busy is not the old busy. Search, chat and e-mail from your inbox. Get 
started.




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Printer managment

[Gavin Wilby]

Hi All,

I have taken over yet another site of around 50 users, all on XP
workstations. They have a 2003 server that acts as a DC, and file and print
server.

They have around 20 odd network printers scattered over 4 floors, that have
all sorts of names and network addresses.

I want to rename them logically and give them all static addresses in order
of their name, so Laser 1 would be 192.168.100.201 for example.

Normally we would just rename the printer, change the IP address of it and
then manually remove the old queue from the relavant PC's and reattch the
new queue by connecting to \\server\laser1 .

I feel there must be a better and less disruptive way of doing this,... what
do you guys do when managing large organisations?

-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

The argument from one of my physicians is that the iPad is under $1,000, while 
the Tablet PCs we're purchasing are essentially double that, and the battery 
life is longer. Also, tech support through he Genius Bar is dirt cheap...

If we can leverage Citrix, then it might not be such a bad idea. (What, did I 
actually just type that?!? - I think I'm starting to hear Darth Vader's voice 
in my head...power of the dark side is growing stronger...)


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 9:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I'm hazy on what, specifically, these medical practices will be running on the 
iPads. Is this for web surfing? For checking e-mail? Or are there actual, real 
applications (e.g., electronic patient record systems) that run on them?

It seems like a slate with Win7 would be more practical. Virtually every 
doctor's office and hospital I've ever been to was a PC shop.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ 

RE: Domain controllers, what is supposed to happen.

[Michael B. Smith]

It's possible that XP may require a reboot before it retires an unreachable DNS 
server. I dunno. But it should work just fine.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Reimer, Mark [mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC's.

In the DHCP settings workstations get both server's IP's as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn't do anything. Couldn't reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn't try any of this, just 
going on what the user said). Comments?

If I didn't get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

Citrix, leveraged and configured properly, answers all of those questions.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Kim Longenbaugh [mailto:k...@colonialsavings.com]
Sent: Wednesday, April 21, 2010 9:10 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What kind of security does the iPad provide?  How do you keep unauthorized 
people from getting access to patient info?  What happens if it's lost or 
stolen?

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 8:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I'm hazy on what, specifically, these medical practices will be running on the 
iPads. Is this for web surfing? For checking e-mail? Or are there actual, real 
applications (e.g., electronic patient record systems) that run on them?

It seems like a slate with Win7 would be more practical. Virtually every 
doctor's office and hospital I've ever been to was a PC shop.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>
___

RE: Domain controllers, what is supposed to happen.

[Carol Fee]

+1 on that.  I think if the XP workstation had been rebooted, it would have 
been just fine.

CFee
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, April 21, 2010 9:24 AM
To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

It's possible that XP may require a reboot before it retires an unreachable DNS 
server. I dunno. But it should work just fine.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Reimer, Mark [mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC's.

In the DHCP settings workstations get both server's IP's as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn't do anything. Couldn't reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn't try any of this, just 
going on what the user said). Comments?

If I didn't get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

eClinicalWorks, (our Electronic Medical Record system vendor) actually has 
developed a very slick mobile version of their application. The only platform 
on which it is supported? iPhone/iPod Touch (and I'm assuming support for iPad 
now as well).

And we've had computer access to x-rays and other CR images for years. Now that 
we have a wireless network and tablet PCs, we've brought that functionality 
into the exam rooms. WE started doing that almost a year ago.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 9:18 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

The article indicates that they are using the Citrix application to access a 
virtual desktop.  I have also heard of specialized applications that some 
medical systems are developing/using, particularly in the field of seeing 
x-rays et al right from the patient room.


From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 9:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
I'm hazy on what, specifically, these medical practices will be running on the 
iPads. Is this for web surfing? For checking e-mail? Or are there actual, real 
applications (e.g., electronic patient record systems) that run on them?

It seems like a slate with Win7 would be more practical. Virtually every 
doctor's office and hospital I've ever been to was a PC shop.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for th

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Eldridge, Dave]

Jonathan we are starting to ramp up ecw for our physicians group. Do you
have any info on this you could send me offline? Thanks

 

dave

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Wednesday, April 21, 2010 7:28 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

eClinicalWorks, (our Electronic Medical Record system vendor) actually
has developed a very slick mobile version of their application. The only
platform on which it is supported? iPhone/iPod Touch (and I'm assuming
support for iPad now as well).

 

And we've had computer access to x-rays and other CR images for years.
Now that we have a wireless network and tablet PCs, we've brought that
functionality into the exam rooms. WE started doing that almost a year
ago.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  



From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Wednesday, April 21, 2010 9:18 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

The article indicates that they are using the Citrix application to
access a virtual desktop.  I have also heard of specialized applications
that some medical systems are developing/using, particularly in the
field of seeing x-rays et al right from the patient room.

 



From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 9:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I'm hazy on what, specifically, these medical practices will be running
on the iPads. Is this for web surfing? For checking e-mail? Or are there
actual, real applications (e.g., electronic patient record systems) that
run on them?

 

It seems like a slate with Win7 would be more practical. Virtually every
doctor's office and hospital I've ever been to was a PC shop.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 

 

 

From: paul d [mailto:pdw1...@hotmail.com] 
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

 

I was read the thread this morning and then found this article on
Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single
site.  I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
> 
> Ok, I need some insight/thoughts/suggestions...especially if any of
you have come up against this.
> 
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with
802.1x authentication (we don't support 802.11b, and 802.11g is on the
way out the door). All desktops are XP, with a small handful of 2000 Pro
boxes left out in the field. We've never supported Vista or
Apple-anything on our network, and pulled the last 9x box off of our
network years ago. We're close to getting rid of all of the 2000 clients
off, and we're starting to look at Windows 7. We're multi-specialty,
multi-location, physician-owned healthcare provider, which means HIPAA
is of significant concern. Not much else applies, since we're not
publicly traded (aside from common sense and the law in general). We
have about 425 employees and around 65 physicians (most of the
physicians are shareholders).
> 
> I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.
> 
> Enter the iPad, Apple's answer to the Tablet PC.
> 
> We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.
> 
> I've tried connecting a 64 Gig iPod touch to our wireless network to
no avail, and then discovered that apparently the iPod touch doesn't
like hidden networks. I'm not about to start broadcasting my SSID...
this gives me pause about even considering an iPad, not to mention that
I wouldn't be able to control the machine or authenticate the machine
against the network.
> 
> Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?
> 
> Thanks in advance,
> 
> 
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
> 
> 
> 
> Any med

Re: Domain controllers, what is supposed to happen.

[Gavin Wilby]

Surely though if you have a pri and secondary DNS server, that after DNS1
times out on resolution then DNS2 will then be queried?



On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee  wrote:

>  +1 on that.  I think if the XP workstation had been rebooted, it would
> have been just fine.
>
>
>
> *CFee*
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Wednesday, April 21, 2010 9:24 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Domain controllers, what is supposed to happen.
>
>
>
> It’s possible that XP may require a reboot before it retires an unreachable
> DNS server. I dunno. But it should work just fine.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Reimer, Mark [mailto:mark.rei...@prairie.edu]
> *Sent:* Wednesday, April 21, 2010 9:15 AM
> *To:* NT System Admin Issues
> *Subject:* Domain controllers, what is supposed to happen.
>
>
>
> Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is
> listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>


-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[kstephenson04]

Hello Mark,
Configuration as outlined looks good - responses regarding reboot of the XP
computer - I would agree as well.
The only other issue that I could see would be with regards to Gateway
listed through DHCP - make sure this interface was not compromised 
 
Ken

  _  

From: Reimer, Mark [mailto:mark.rei...@prairie.edu] 
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.



Sorry, long email.

 

Windows 2003 Native Domain, two domain controllers, server1 and server2.
Workstations are primarily XP, some Windows 7. Other servers (file server,
email etc) are all Windows 2003. We have about 150 workstations.

 

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
Master. Both are GC's.

 

In the DHCP settings workstations get both server's IP's as DNS. Server2 is
listed first, then server1. Primary WINS server is server1, secondary is
Server2.

 

Last night Server1 went down. It was off hours, but I got a call from some
late night worker (using XP), saying they couldn't do anything. Couldn't
reach any of the servers, or internet. I was able to get the server going
again (bad memory chip, so I just took it out).

 

I thought that if one server went down, the DNS/WINS look up would go to the
other server. But it might be slower (note, I didn't try any of this, just
going on what the user said). Comments?

 

If I didn't get Server1 running again, what should I have done? I assume I
should do the following.

 

1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out
Server1 as DNS/WINS possibilities.

 

Then work on getting Server1 running again, or replacing it.

 

Did I miss anything?

 

Thanks for any help and insight you can give.

 

Mark

 

 

 


 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Spontaneous server reboots

[Gavin Wilby]

Was going to be my suggestion!

On Wed, Apr 21, 2010 at 12:41 AM, Mike Gill wrote:

>  Check for bad caps on the motherboard?
>
>
>
> --
> Mike Gill
>
>
>
> *From:* Kyle Plummer [mailto:kplum...@nje.com]
> *Sent:* Tuesday, April 20, 2010 3:46 PM
> *To:* NT System Admin Issues
> *Subject:* Spontaneous server reboots
>
>
>
> I have an HP DL380G4 server that randomly reboots. At first I suspected an
> issue with Windows. However, I booted into the BIOS and let it sit there for
> a few minutes. Again at random intervals the system will reboot. Sometimes I
> can’t even get all the way into the BIOS.
>
>
>
> I replaced the memory modules with new ones (twice, just to be sure) –
> still reboots randomly even from the BIOS. I suspect an issue with the
> motherboard. Any other possible causes, or has anyone experienced this with
> the G4’s? It had run for about four years prior with no issue until this
> started. No other hardware changes or updates to the BIOS have been done in
> the last year (only Windows patches).
>
>
>
> Thanks in advance,
>
>
>
> Kyle B. Plummer
>
>
>
> *This written advice is not intended or written to be used, and can not be
> used, by a taxpayer for the purpose of avoiding penalties that may be
> imposed on the taxpayer.*
>
> Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION
>
> This e-mail (including attachments) is covered by the Electronic
> Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
> confidential, and is intended solely for the use of the individuals or
> entities to whom it is addressed. If you are not the intended recipient or
> the person responsible for delivering the e-mail to the intended recipient,
> be advised that you have received this e-mail in error and that any use,
> dissemination, forwarding, printing, or copying of this e-mail and any file
> attachments is strictly prohibited. If you have received this e-mail in
> error, please immediately notify us by telephone toll-free at (866)
> 841-6888 or by reply e-mail to the sender. You must destroy the original
> transmission and its contents. You will be reimbursed for reasonable costs
> incurred in notifying us.
>
>
>
>
>
>
>
>
>
>


-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[Michael B. Smith]

That's the way it works in Vista/Win7. I'm not sure that's the way it works in 
XP. I think that XP is stupid - if it gets a response from a server, it uses 
that one server throughout an entire boot cycle.

This is just a vague memory though. I've not supported XP in several years.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Wednesday, April 21, 2010 9:30 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

Surely though if you have a pri and secondary DNS server, that after DNS1 times 
out on resolution then DNS2 will then be queried?



On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee 
mailto:c...@massbar.org>> wrote:
+1 on that.  I think if the XP workstation had been rebooted, it would have 
been just fine.

CFee
From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Wednesday, April 21, 2010 9:24 AM

To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

It's possible that XP may require a reboot before it retires an unreachable DNS 
server. I dunno. But it should work just fine.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Reimer, Mark 
[mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC's.

In the DHCP settings workstations get both server's IP's as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn't do anything. Couldn't reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn't try any of this, just 
going on what the user said). Comments?

If I didn't get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark











--
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

Hi Mark,

I have a couple of questions if you don't mind. Firstly why have you split
the FSMO roles out on to two different domain controllers? It's not that
it's wrong or anything, it's just simpler (and Microsoft's recommendation)
to keep them all on one domain controller unless there is a specific need to
do otherwise.

Secondly, which server(s) is/are your DHCP server? Another server right? Not
one of the domain controllers?

Thirdly, what is your requirement for WINS, out of interest?

To answer your questions, yes the DNS/WINS services on the remaining domain
controller should have fulfilled client requests, so I would certainly look
into why that didn't happen. Did anyone try rebooting their PCs, as that may
have helped?

If you had been unable to get Server1 running again then yes you would have
had to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and
modify your DNS/WINS. But don't try and bring Server1 back up at this point
("Then work on getting Server1 running again, or replacing it."), you must
rebuild or replace it.

Regards,

Andrew



On 21 April 2010 22:14, Reimer, Mark  wrote:

>  Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is
> listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>


-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Gavin Wilby]

Fair enough - if correct though, your right XP is stupid.

Gavin.

On Wed, Apr 21, 2010 at 2:36 PM, Michael B. Smith wrote:

>  That’s the way it works in Vista/Win7. I’m not sure that’s the way it
> works in XP. I think that XP is stupid – if it gets a response from a
> server, it uses that one server throughout an entire boot cycle.
>
>
>
> This is just a vague memory though. I’ve not supported XP in several years.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Gavin Wilby [mailto:gavin.wi...@gmail.com]
> *Sent:* Wednesday, April 21, 2010 9:30 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Domain controllers, what is supposed to happen.
>
>
>
> Surely though if you have a pri and secondary DNS server, that after DNS1
> times out on resolution then DNS2 will then be queried?
>
>
>
>
>
> On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee  wrote:
>
> +1 on that.  I think if the XP workstation had been rebooted, it would have
> been just fine.
>
>
>
> *CFee*
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Wednesday, April 21, 2010 9:24 AM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* RE: Domain controllers, what is supposed to happen.
>
>
>
> It’s possible that XP may require a reboot before it retires an unreachable
> DNS server. I dunno. But it should work just fine.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Reimer, Mark [mailto:mark.rei...@prairie.edu]
> *Sent:* Wednesday, April 21, 2010 9:15 AM
> *To:* NT System Admin Issues
> *Subject:* Domain controllers, what is supposed to happen.
>
>
>
> Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is
> listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Gavin Wilby,
> Twitter: http://twitter.com/gavin_wilby
> GSXR Blog: http://www.stoof.co.uk
>
>
>
>
>
>
>
>
>
>


-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

It is getting on a bit now, don't forget!

On 21 April 2010 22:40, Gavin Wilby  wrote:

> Fair enough - if correct though, your right XP is stupid.
>
> Gavin.
>
> On Wed, Apr 21, 2010 at 2:36 PM, Michael B. Smith 
> wrote:
>
>>  That’s the way it works in Vista/Win7. I’m not sure that’s the way it
>> works in XP. I think that XP is stupid - if it gets a response from a
>> server, it uses that one server throughout an entire boot cycle.
>>
>>
>>
>> This is just a vague memory though. I’ve not supported XP in several
>> years.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith
>>
>> Consultant and Exchange MVP
>>
>> http://TheEssentialExchange.com 
>>
>>
>>
>> *From:* Gavin Wilby [mailto:gavin.wi...@gmail.com]
>> *Sent:* Wednesday, April 21, 2010 9:30 AM
>>
>> *To:* NT System Admin Issues
>> *Subject:* Re: Domain controllers, what is supposed to happen.
>>
>>
>>
>> Surely though if you have a pri and secondary DNS server, that after DNS1
>> times out on resolution then DNS2 will then be queried?
>>
>>
>>
>>
>>
>> On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee  wrote:
>>
>> +1 on that.  I think if the XP workstation had been rebooted, it would
>> have been just fine.
>>
>>
>>
>> *CFee*
>>
>> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
>> *Sent:* Wednesday, April 21, 2010 9:24 AM
>>
>>
>> *To:* NT System Admin Issues
>>
>> *Subject:* RE: Domain controllers, what is supposed to happen.
>>
>>
>>
>> It’s possible that XP may require a reboot before it retires an
>> unreachable DNS server. I dunno. But it should work just fine.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith
>>
>> Consultant and Exchange MVP
>>
>> http://TheEssentialExchange.com 
>>
>>
>>
>> *From:* Reimer, Mark [mailto:mark.rei...@prairie.edu]
>> *Sent:* Wednesday, April 21, 2010 9:15 AM
>> *To:* NT System Admin Issues
>> *Subject:* Domain controllers, what is supposed to happen.
>>
>>
>>
>> Sorry, long email.
>>
>>
>>
>> Windows 2003 Native Domain, two domain controllers, server1 and server2.
>> Workstations are primarily XP, some Windows 7. Other servers (file server,
>> email etc) are all Windows 2003. We have about 150 workstations.
>>
>>
>>
>> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master,
>> PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master,
>> Schema Master. Both are GC’s.
>>
>>
>>
>> In the DHCP settings workstations get both server’s IP’s as DNS. Server2
>> is listed first, then server1. Primary WINS server is server1, secondary is
>> Server2.
>>
>>
>>
>> Last night Server1 went down. It was off hours, but I got a call from some
>> late night worker (using XP), saying they couldn’t do anything. Couldn’t
>> reach any of the servers, or internet. I was able to get the server going
>> again (bad memory chip, so I just took it out).
>>
>>
>>
>> I thought that if one server went down, the DNS/WINS look up would go to
>> the other server. But it might be slower (note, I didn’t try any of this,
>> just going on what the user said). Comments?
>>
>>
>>
>> If I didn’t get Server1 running again, what should I have done? I assume I
>> should do the following.
>>
>>
>>
>> 1.   Seize the FSMO roles from server1, and put them on server2.
>>
>> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
>> out Server1 as DNS/WINS possibilities.
>>
>>
>>
>> Then work on getting Server1 running again, or replacing it.
>>
>>
>>
>> Did I miss anything?
>>
>>
>>
>> Thanks for any help and insight you can give.
>>
>>
>>
>> Mark
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>> Gavin Wilby,
>> Twitter: http://twitter.com/gavin_wilby
>> GSXR Blog: http://www.stoof.co.uk
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Gavin Wilby,
> Twitter: http://twitter.com/gavin_wilby
> GSXR Blog: http://www.stoof.co.uk
>
>
>
>
>
>


-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Gavin Wilby]

Of course, and DNS being such a new protocol and all that ;)

2010/4/21 Andrew Levicki 

> It is getting on a bit now, don't forget!
>
>
> On 21 April 2010 22:40, Gavin Wilby  wrote:
>
>> Fair enough - if correct though, your right XP is stupid.
>>
>> Gavin.
>>
>>   On Wed, Apr 21, 2010 at 2:36 PM, Michael B. Smith <
>> mich...@smithcons.com> wrote:
>>
>>>That’s the way it works in Vista/Win7. I’m not sure that’s the way it
>>> works in XP. I think that XP is stupid - if it gets a response from a
>>> server, it uses that one server throughout an entire boot cycle.
>>>
>>>
>>>
>>> This is just a vague memory though. I’ve not supported XP in several
>>> years.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Michael B. Smith
>>>
>>> Consultant and Exchange MVP
>>>
>>> http://TheEssentialExchange.com 
>>>
>>>
>>>
>>>  *From:* Gavin Wilby [mailto:gavin.wi...@gmail.com]
>>> *Sent:* Wednesday, April 21, 2010 9:30 AM
>>>
>>> *To:* NT System Admin Issues
>>> *Subject:* Re: Domain controllers, what is supposed to happen.
>>>
>>>
>>>
>>> Surely though if you have a pri and secondary DNS server, that after DNS1
>>> times out on resolution then DNS2 will then be queried?
>>>
>>>
>>>
>>>
>>>
>>> On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee  wrote:
>>>
>>> +1 on that.  I think if the XP workstation had been rebooted, it would
>>> have been just fine.
>>>
>>>
>>>
>>> *CFee*
>>>
>>> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
>>> *Sent:* Wednesday, April 21, 2010 9:24 AM
>>>
>>>
>>> *To:* NT System Admin Issues
>>>
>>> *Subject:* RE: Domain controllers, what is supposed to happen.
>>>
>>>
>>>
>>> It’s possible that XP may require a reboot before it retires an
>>> unreachable DNS server. I dunno. But it should work just fine.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Michael B. Smith
>>>
>>> Consultant and Exchange MVP
>>>
>>> http://TheEssentialExchange.com 
>>>
>>>
>>>
>>> *From:* Reimer, Mark [mailto:mark.rei...@prairie.edu]
>>> *Sent:* Wednesday, April 21, 2010 9:15 AM
>>> *To:* NT System Admin Issues
>>> *Subject:* Domain controllers, what is supposed to happen.
>>>
>>>
>>>
>>> Sorry, long email.
>>>
>>>
>>>
>>> Windows 2003 Native Domain, two domain controllers, server1 and server2.
>>> Workstations are primarily XP, some Windows 7. Other servers (file server,
>>> email etc) are all Windows 2003. We have about 150 workstations.
>>>
>>>
>>>
>>> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master,
>>> PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master,
>>> Schema Master. Both are GC’s.
>>>
>>>
>>>
>>> In the DHCP settings workstations get both server’s IP’s as DNS. Server2
>>> is listed first, then server1. Primary WINS server is server1, secondary is
>>> Server2.
>>>
>>>
>>>
>>> Last night Server1 went down. It was off hours, but I got a call from
>>> some late night worker (using XP), saying they couldn’t do anything.
>>> Couldn’t reach any of the servers, or internet. I was able to get the server
>>> going again (bad memory chip, so I just took it out).
>>>
>>>
>>>
>>> I thought that if one server went down, the DNS/WINS look up would go to
>>> the other server. But it might be slower (note, I didn’t try any of this,
>>> just going on what the user said). Comments?
>>>
>>>
>>>
>>> If I didn’t get Server1 running again, what should I have done? I assume
>>> I should do the following.
>>>
>>>
>>>
>>> 1.   Seize the FSMO roles from server1, and put them on server2.
>>>
>>> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
>>> out Server1 as DNS/WINS possibilities.
>>>
>>>
>>>
>>> Then work on getting Server1 running again, or replacing it.
>>>
>>>
>>>
>>> Did I miss anything?
>>>
>>>
>>>
>>> Thanks for any help and insight you can give.
>>>
>>>
>>>
>>> Mark
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Gavin Wilby,
>>> Twitter: http://twitter.com/gavin_wilby
>>> GSXR Blog: http://www.stoof.co.uk
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Gavin Wilby,
>> Twitter: http://twitter.com/gavin_wilby
>> GSXR Blog: http://www.stoof.co.uk
>>
>>
>>
>>
>>
>>
>
>
>  --
> Kind regards,
>
> Andrew Levicki
> ルビッキー アンドルュー
> Microsoft Certified Technology Specialist on Windows 7
> MCITP Enterprise Administrator on Windows Server 2008
> MCITP Enterprise Messaging Administrator on Exchange Server 2007
> Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
> Cisco Certified Network Associate (CCNA)
> ITILv3
>
>
>
>
>
>


-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Charlie Kaiser]

"Hey doc; I won't make patient care recommendations if you don't make IT
recommendations." 
One of the reasons I avoid health care clients is because IME doctors think
their education and training makes them experts in everything. And they've
been the worst when it comes to allowing "properly" managed IT services...
Little things like HIPAA just annoy them...

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
> Sent: Wednesday, April 21, 2010 6:23 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
> 
> The argument from one of my physicians is that the iPad is 
> under $1,000, while the Tablet PCs we're purchasing are 
> essentially double that, and the battery life is longer. 

> > We now have physicians who are starting to ask for iPad 
> access on the network. I'm not sure why


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: any Healthcare organizations using or considering eClinicalWorks?

[Raper, Jonathan - Eagle]

Since Paul brought it up, I figured I would see if there was anyone else on the 
list who would be interested.

Shoot me an email off-line and we can share experiences and ideas. If enough 
are interested, we can start a listserv. We're almost complete with our rollout 
to 12 facilities, 425 end users, 65 physicians. Multiple interfaces to other 
systems, and a digital fax server. And we're attempting to use it within XenApp 
as well.

Thanks,

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Eldridge, Dave [mailto:d...@parkviewmc.com]
Sent: Wednesday, April 21, 2010 9:30 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Jonathan we are starting to ramp up ecw for our physicians group. Do you have 
any info on this you could send me offline? Thanks

dave

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, April 21, 2010 7:28 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

eClinicalWorks, (our Electronic Medical Record system vendor) actually has 
developed a very slick mobile version of their application. The only platform 
on which it is supported? iPhone/iPod Touch (and I'm assuming support for iPad 
now as well).

And we've had computer access to x-rays and other CR images for years. Now that 
we have a wireless network and tablet PCs, we've brought that functionality 
into the exam rooms. WE started doing that almost a year ago.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 9:18 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

The article indicates that they are using the Citrix application to access a 
virtual desktop.  I have also heard of specialized applications that some 
medical systems are developing/using, particularly in the field of seeing 
x-rays et al right from the patient room.


From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 9:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
I'm hazy on what, specifically, these medical practices will be running on the 
iPads. Is this for web surfing? For checking e-mail? Or are there actual, real 
applications (e.g., electronic patient record systems) that run on them?

It seems like a slate with Win7 would be more practical. Virtually every 
doctor's office and hospital I've ever been to was a PC shop.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us




From: paul d [mailto:pdw1...@hotmail.com]
Sent: Wednesday, April 21, 2010 8:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I was read the thread this morning and then found this article on Network World:

http://www.networkworld.com/news/2010/042010-ipad-healthcare.html

BTW, my environment is pretty much like your's except we're only single site.  
I also thought about the iPad in our environment.

> From: jra...@eaglemds.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Tue, 20 Apr 2010 14:44:49 -0400
> Subject: need suggestions...iPad in a Windows enterprise, anyone?
>
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better t

RE: Domain controllers, what is supposed to happen.

[Michael B. Smith]

The TCP/IP stack in XP was old – really old. Even when XP was released. And 
Microsoft isn’t known for making gratuitous changes to their codebase.

The IP stack was completely rewritten for Vista/Server2008.

If you look at the original DNS resolver library that came out of UCal in BSD 
4.2 (4.1? I can’t remember), you’ll see that it was pretty stupid too.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Wednesday, April 21, 2010 9:53 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

Of course, and DNS being such a new protocol and all that ;)
2010/4/21 Andrew Levicki mailto:and...@levicki.me.uk>>
It is getting on a bit now, don't forget!

On 21 April 2010 22:40, Gavin Wilby 
mailto:gavin.wi...@gmail.com>> wrote:
Fair enough - if correct though, your right XP is stupid.

Gavin.
On Wed, Apr 21, 2010 at 2:36 PM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
That’s the way it works in Vista/Win7. I’m not sure that’s the way it works in 
XP. I think that XP is stupid – if it gets a response from a server, it uses 
that one server throughout an entire boot cycle.

This is just a vague memory though. I’ve not supported XP in several years.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Wednesday, April 21, 2010 9:30 AM

To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

Surely though if you have a pri and secondary DNS server, that after DNS1 times 
out on resolution then DNS2 will then be queried?



On Wed, Apr 21, 2010 at 2:25 PM, Carol Fee 
mailto:c...@massbar.org>> wrote:
+1 on that.  I think if the XP workstation had been rebooted, it would have 
been just fine.

CFee
From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Wednesday, April 21, 2010 9:24 AM

To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

It’s possible that XP may require a reboot before it retires an unreachable DNS 
server. I dunno. But it should work just fine.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Reimer, Mark 
[mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC’s.

In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn’t do anything. Couldn’t reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn’t try any of this, just 
going on what the user said). Comments?

If I didn’t get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark











--
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk











--
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk






--
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3







--
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[Reimer, Mark]

I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected together 
on the same machine).

 

DHCP is from server2 (yes, one of the DC’s).

 

WINS. Not sure if there is a real requirement.

 

Not sure if a reboot was done. I’ll check with the user today.

 

Thanks for the advice/comments.

 

Mark

 

From: Andrew Levicki [mailto:and...@levicki.me.uk] 
Sent: Wednesday, April 21, 2010 7:40 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

 

Hi Mark,

 

I have a couple of questions if you don't mind. Firstly why have you split the 
FSMO roles out on to two different domain controllers? It's not that it's wrong 
or anything, it's just simpler (and Microsoft's recommendation) to keep them 
all on one domain controller unless there is a specific need to do otherwise.

 

Secondly, which server(s) is/are your DHCP server? Another server right? Not 
one of the domain controllers?

 

Thirdly, what is your requirement for WINS, out of interest?

 

To answer your questions, yes the DNS/WINS services on the remaining domain 
controller should have fulfilled client requests, so I would certainly look 
into why that didn't happen. Did anyone try rebooting their PCs, as that may 
have helped?

 

If you had been unable to get Server1 running again then yes you would have had 
to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and modify 
your DNS/WINS. But don't try and bring Server1 back up at this point ("Then 
work on getting Server1 running again, or replacing it."), you must rebuild or 
replace it.

 

Regards,

 

Andrew

 

 

On 21 April 2010 22:14, Reimer, Mark  wrote:

Sorry, long email.

 

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

 

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC’s.

 

In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

 

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn’t do anything. Couldn’t reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

 

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn’t try any of this, just 
going on what the user said). Comments?

 

If I didn’t get Server1 running again, what should I have done? I assume I 
should do the following.

 

1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

 

Then work on getting Server1 running again, or replacing it.

 

Did I miss anything?

 

Thanks for any help and insight you can give.

 

Mark

 

 

 

 




-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[David Lum]

I'm guessing the server that went offline was your DHCP server and you have no 
DHCP failover.

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764



From: Reimer, Mark [mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 6:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC's.

In the DHCP settings workstations get both server's IP's as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn't do anything. Couldn't reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn't try any of this, just 
going on what the user said). Comments?

If I didn't get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark







~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

Yeah, but, that's easier said then done when you're talking to the people who 
made the decision to hire you in the first place.

For what it is worth, I have some VERY intelligent, practical, and forward 
thinking physicians on my IT Committee. One has a BS in Electrical Engineering 
from MIT. And another has been doing voice recognition for so long (well over 
10 years) that he probably was one of the co-inventors of the technology (TIC, 
but you know what I mean). Oh, and he writes VB for fun, too.

So, while my flinch response might be to agree with you as a generalization, 
the docs who are asking aren't just asking because it is a cool new toy that 
they want to play with. (Although admittedly, it is a cool new toy...)

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Charlie Kaiser [mailto:charl...@golden-eagle.org]
Sent: Wednesday, April 21, 2010 9:53 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

"Hey doc; I won't make patient care recommendations if you don't make IT
recommendations."
One of the reasons I avoid health care clients is because IME doctors think
their education and training makes them experts in everything. And they've
been the worst when it comes to allowing "properly" managed IT services...
Little things like HIPAA just annoy them...

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> Sent: Wednesday, April 21, 2010 6:23 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
>
> The argument from one of my physicians is that the iPad is
> under $1,000, while the Tablet PCs we're purchasing are
> essentially double that, and the battery life is longer.

> > We now have physicians who are starting to ask for iPad
> access on the network. I'm not sure why


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Webtrends

[Steven M. Caesare]

Joseph, here's what the folks who run with WebTrends here had to say:

-
Not sure about 2008R2.  It requires 4 Gb RAM and 300 Gb (around there)
to install.  It works better on a multi-processor box and I think we had
better experience when we had it on real hardware instead of a VM.

For basic, standard reports, it seems to work pretty well.  It has
pretty strict licensing rules where every line in a log file counts
against its page limit.  I think the regular license comes with 20
million hits per year.  But, if you decide to re-index several years of
log files (for example, if you want to exclude bots), then all the hits
from prior years are counted again!

I think my main complaint has to do with the non-ability to quickly run
a subset report.  For example, if you want to run a report on the subset
of the site, you have to re-index the log files for that subset which
can take several days.  Maybe this is our misunderstanding, but I don't
think so...


-sc


> -Original Message-
> From: Joseph Heaton [mailto:jhea...@dfg.ca.gov]
> Sent: Tuesday, April 20, 2010 7:10 PM
> To: NT System Admin Issues
> Subject: RE: Webtrends
> 
> Thanks.  Also trying to verify if it runs on Server 2k8 R2.  Their
site says yes to
> 2k8 x64, but doesn't mention R2, which as we all know, is a much
different
> beast.
> 
> >>> "Steven M. Caesare"  4/20/2010 3:56 PM >>>
> I'll see if I can talk to the folks running it at our place to get
some opinions...
> 
> -sc
> 
> -Original Message-
> From: Joseph Heaton [mailto:jhea...@dfg.ca.gov]
> Sent: Tuesday, April 20, 2010 4:37 PM
> To: NT System Admin Issues
> Subject: Webtrends
> 
> Anyone out there using Webtrends Analytics?  Trying to gather some
> information about the product, such as hardware requirements, etc, and
the
> site is confusing.  Also, would like to hear real-world experiences
with the
> product, and if you're not using Webtrends, but you do analytics, I'd
> appreciate other options.
> 
> Our basic requirements:
> 
> Product needs to be database driven:  data retention, log retention in
a
> database structure.
> 
> Web trending
> 
> client statistics
> 
> File types requested, etc.
> 
> 
> TIA,
> 
> 
> Joe Heaton
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

Hi Mark,

Have a read of this and see what you think:
http://support.microsoft.com/kb/223346

You're not the first person I've
encountered who thinks that about FSMO roles but I think Microsoft are
pretty clear on this one.

I'd probably rip WINS out if it's not needed, by the way.

Cheers,

Andrew

2010/4/21 Reimer, Mark 

>  I thought I read somewhere (this is years ago), that FSMO roles should be
> split, with some qualifications (some FSMO roles had to be connected
> together on the same machine).
>
>
>
> DHCP is from server2 (yes, one of the DC’s).
>
>
>
> WINS. Not sure if there is a real requirement.
>
>
>
> Not sure if a reboot was done. I’ll check with the user today.
>
>
>
> Thanks for the advice/comments.
>
>
>
> Mark
>
>
>
> *From:* Andrew Levicki [mailto:and...@levicki.me.uk]
> *Sent:* Wednesday, April 21, 2010 7:40 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Domain controllers, what is supposed to happen.
>
>
>
> Hi Mark,
>
>
>
> I have a couple of questions if you don't mind. Firstly why have you split
> the FSMO roles out on to two different domain controllers? It's not that
> it's wrong or anything, it's just simpler (and Microsoft's recommendation)
> to keep them all on one domain controller unless there is a specific need to
> do otherwise.
>
>
>
> Secondly, which server(s) is/are your DHCP server? Another server right?
> Not one of the domain controllers?
>
>
>
> Thirdly, what is your requirement for WINS, out of interest?
>
>
>
> To answer your questions, yes the DNS/WINS services on the remaining domain
> controller should have fulfilled client requests, so I would certainly look
> into why that didn't happen. Did anyone try rebooting their PCs, as that may
> have helped?
>
>
>
> If you had been unable to get Server1 running again then yes you would have
> had to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and
> modify your DNS/WINS. But don't try and bring Server1 back up at this point
> ("Then work on getting Server1 running again, or replacing it."), you must
> rebuild or replace it.
>
>
>
> Regards,
>
>
>
> Andrew
>
>
>
>
>
> On 21 April 2010 22:14, Reimer, Mark  wrote:
>
> Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2
> is listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Kind regards,
>
> Andrew Levicki
> ルビッキー アンドルュー
> Microsoft Certified Technology Specialist on Windows 7
> MCITP Enterprise Administrator on Windows Server 2008
> MCITP Enterprise Messaging Administrator on Exchange Server 2007
> Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
> Cisco Certified Network Associate (CCNA)
> ITILv3
>
>
>
>
>
>
>
>
>
>


-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Kyle Plummer]

When Windows is up, Insight Manager does not indicate any issues.
Everything looks good, which is why I'm leaning towards a bad
motherboard.

 

Kyle B. Plummer

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 6:42 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Any failures or imminent failures reported in insight manager ?
Possible power supply issue, or thermal failures ?

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 


This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us. 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Kyle Plummer]

That's where I was headed. I want to try the known good power supply
first just to be sure. Then I will replace the motherboard.

 

Thank you,

 

Kyle B. Plummer

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, April 21, 2010 7:35 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Usually  if you have replaced the memory, and you are still getting the
random reboots, and nothing is showing in the IML Log, or via Insight
Management Agents in the Event Log, then its probably Motherboard issue,
and you should have that replaced. 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 6:42 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Any failures or imminent failures reported in insight manager ?
Possible power supply issue, or thermal failures ?

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

 

 


This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us. 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Mayo, Bill]

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill 

-Original Message-
From: Charlie Kaiser [mailto:charl...@golden-eagle.org] 
Sent: Wednesday, April 21, 2010 9:53 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

"Hey doc; I won't make patient care recommendations if you don't make IT
recommendations." 
One of the reasons I avoid health care clients is because IME doctors
think their education and training makes them experts in everything. And
they've been the worst when it comes to allowing "properly" managed IT
services...
Little things like HIPAA just annoy them...

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> Sent: Wednesday, April 21, 2010 6:23 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
> 
> The argument from one of my physicians is that the iPad is under 
> $1,000, while the Tablet PCs we're purchasing are essentially double 
> that, and the battery life is longer.

> > We now have physicians who are starting to ask for iPad
> access on the network. I'm not sure why


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Webtrends

[Ken Cornetet]

I can tell you one thing about Webtrends (at least up to version 8) - run it 
using the built in MySQL.

If you use SQL server, you will run into problems *every* time you upgrade, and 
their tech support people will be of little use. Believe me, I've spent many, 
many hours on the phone with their tech support. They only train on MySQL based 
systems. They know nothing about SQL server.

This might have changed recently - I've not worked much with it lately. 

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Tuesday, April 20, 2010 7:10 PM
To: NT System Admin Issues
Subject: RE: Webtrends

Thanks.  Also trying to verify if it runs on Server 2k8 R2.  Their site says 
yes to 2k8 x64, but doesn't mention R2, which as we all know, is a much 
different beast.

>>> "Steven M. Caesare"  4/20/2010 3:56 PM >>>
I'll see if I can talk to the folks running it at our place to get some
opinions...

-sc

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Tuesday, April 20, 2010 4:37 PM
To: NT System Admin Issues
Subject: Webtrends

Anyone out there using Webtrends Analytics?  Trying to gather some
information about the product, such as hardware requirements, etc, and
the site is confusing.  Also, would like to hear real-world experiences
with the product, and if you're not using Webtrends, but you do
analytics, I'd appreciate other options.

Our basic requirements:

Product needs to be database driven:  data retention, log retention in a
database structure.

Web trending

client statistics

File types requested, etc.


TIA,


Joe Heaton


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Webtrends

[Joseph Heaton]

Steven,

Thanks for the info.  I'll forward it on to my web guy and let him decide if he 
wants to pursue further.


Joe Heaton

>>> "Steven M. Caesare"  4/21/2010 7:05 AM >>>
Joseph, here's what the folks who run with WebTrends here had to say:

-
Not sure about 2008R2.  It requires 4 Gb RAM and 300 Gb (around there)
to install.  It works better on a multi-processor box and I think we had
better experience when we had it on real hardware instead of a VM.

For basic, standard reports, it seems to work pretty well.  It has
pretty strict licensing rules where every line in a log file counts
against its page limit.  I think the regular license comes with 20
million hits per year.  But, if you decide to re-index several years of
log files (for example, if you want to exclude bots), then all the hits
from prior years are counted again!

I think my main complaint has to do with the non-ability to quickly run
a subset report.  For example, if you want to run a report on the subset
of the site, you have to re-index the log files for that subset which
can take several days.  Maybe this is our misunderstanding, but I don't
think so...


-sc


> -Original Message-
> From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
> Sent: Tuesday, April 20, 2010 7:10 PM
> To: NT System Admin Issues
> Subject: RE: Webtrends
> 
> Thanks.  Also trying to verify if it runs on Server 2k8 R2.  Their
site says yes to
> 2k8 x64, but doesn't mention R2, which as we all know, is a much
different
> beast.
> 
> >>> "Steven M. Caesare"  4/20/2010 3:56 PM >>>
> I'll see if I can talk to the folks running it at our place to get
some opinions...
> 
> -sc
> 
> -Original Message-
> From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
> Sent: Tuesday, April 20, 2010 4:37 PM
> To: NT System Admin Issues
> Subject: Webtrends
> 
> Anyone out there using Webtrends Analytics?  Trying to gather some
> information about the product, such as hardware requirements, etc, and
the
> site is confusing.  Also, would like to hear real-world experiences
with the
> product, and if you're not using Webtrends, but you do analytics, I'd
> appreciate other options.
> 
> Our basic requirements:
> 
> Product needs to be database driven:  data retention, log retention in
a
> database structure.
> 
> Web trending
> 
> client statistics
> 
> File types requested, etc.
> 
> 
> TIA,
> 
> 
> Joe Heaton
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Christopher Bodnar]

Sorry but I have to disagree with you. I believe the recommendation of the 
article is to divide the FSMO roles, giving guidance on how to do that. 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003



From:   Andrew Levicki 
To: "NT System Admin Issues" 
Date:   04/21/2010 10:06 AM
Subject:Re: Domain controllers, what is supposed to happen.



Hi Mark,

Have a read of this and see what you think:
http://support.microsoft.com/kb/223346

You're not the first person I've encountered who thinks that about FSMO 
roles but I think Microsoft are pretty clear on this one.

I'd probably rip WINS out if it's not needed, by the way.

Cheers,

Andrew

2010/4/21 Reimer, Mark 
I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected 
together on the same machine).
 
DHCP is from server2 (yes, one of the DC?s).
 
WINS. Not sure if there is a real requirement.
 
Not sure if a reboot was done. I?ll check with the user today.
 
Thanks for the advice/comments.
 
Mark
 
From: Andrew Levicki [mailto:and...@levicki.me.uk] 
Sent: Wednesday, April 21, 2010 7:40 AM

To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.
 
Hi Mark,
 
I have a couple of questions if you don't mind. Firstly why have you split 
the FSMO roles out on to two different domain controllers? It's not that 
it's wrong or anything, it's just simpler (and Microsoft's recommendation) 
to keep them all on one domain controller unless there is a specific need 
to do otherwise.
 
Secondly, which server(s) is/are your DHCP server? Another server right? 
Not one of the domain controllers?
 
Thirdly, what is your requirement for WINS, out of interest?
 
To answer your questions, yes the DNS/WINS services on the remaining 
domain controller should have fulfilled client requests, so I would 
certainly look into why that didn't happen. Did anyone try rebooting their 
PCs, as that may have helped?
 
If you had been unable to get Server1 running again then yes you would 
have had to seize the domain-wide FSMO roles (RIP) from Server1 on to 
Server2 and modify your DNS/WINS. But don't try and bring Server1 back up 
at this point ("Then work on getting Server1 running again, or replacing 
it."), you must rebuild or replace it.
 
Regards,
 
Andrew
 
 
On 21 April 2010 22:14, Reimer, Mark  wrote:
Sorry, long email.
 
Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.
 
We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, 
PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, 
Schema Master. Both are GC?s.
 
In the DHCP settings workstations get both server?s IP?s as DNS. Server2 
is listed first, then server1. Primary WINS server is server1, secondary 
is Server2.
 
Last night Server1 went down. It was off hours, but I got a call from some 
late night worker (using XP), saying they couldn?t do anything. Couldn?t 
reach any of the servers, or internet. I was able to get the server going 
again (bad memory chip, so I just took it out).
 
I thought that if one server went down, the DNS/WINS look up would go to 
the other server. But it might be slower (note, I didn?t try any of this, 
just going on what the user said). Comments?
 
If I didn?t get Server1 running again, what should I have done? I assume I 
should do the following.
 
1.   Seize the FSMO roles from server1, and put them on server2.
2.   Change DHCP so Primary WINS server is server2. Maybe even take 
out Server1 as DNS/WINS possibilities.
 
Then work on getting Server1 running again, or replacing it.
 
Did I miss anything?
 
Thanks for any help and insight you can give.
 
Mark
 
 
 
 



-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3
 
 
 
 



-- 
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3

 
 



-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notifi

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

Bingo.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill

-Original Message-
From: Charlie Kaiser [mailto:charl...@golden-eagle.org]
Sent: Wednesday, April 21, 2010 9:53 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

"Hey doc; I won't make patient care recommendations if you don't make IT
recommendations."
One of the reasons I avoid health care clients is because IME doctors
think their education and training makes them experts in everything. And
they've been the worst when it comes to allowing "properly" managed IT
services...
Little things like HIPAA just annoy them...

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> Sent: Wednesday, April 21, 2010 6:23 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
>
> The argument from one of my physicians is that the iPad is under
> $1,000, while the Tablet PCs we're purchasing are essentially double
> that, and the battery life is longer.

> > We now have physicians who are starting to ask for iPad
> access on the network. I'm not sure why


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[Damien Solodow]

It depends on your environment. If you have a single domain forest, and all of 
your DCs are GCs, it doesn’t matter where the FSMO roles are. 

 

From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Wednesday, April 21, 2010 10:13 AM
To: NT System Admin Issues
Cc: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

 

Sorry but I have to disagree with you. I believe the recommendation of the 
article is to divide the FSMO roles, giving guidance on how to do that. 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 



From:Andrew Levicki  
To:"NT System Admin Issues"  
Date:04/21/2010 10:06 AM 
Subject:Re: Domain controllers, what is supposed to happen. 






Hi Mark, 

Have a read of this and see what you think: 
http://support.microsoft.com/kb/223346  
 

You're not the first person I've encountered who thinks that about FSMO roles 
but I think Microsoft are pretty clear on this one. 

I'd probably rip WINS out if it's not needed, by the way. 

Cheers, 

Andrew 

2010/4/21 Reimer, Mark mailto:mark.rei...@prairie.edu> > 
I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected together 
on the same machine). 

  

DHCP is from server2 (yes, one of the DC’s). 

  

WINS. Not sure if there is a real requirement. 

  

Not sure if a reboot was done. I’ll check with the user today. 

  

Thanks for the advice/comments. 

  

Mark 

  

From: Andrew Levicki [mailto:and...@levicki.me.uk  
] 
Sent: Wednesday, April 21, 2010 7:40 AM 


To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen. 

  

Hi Mark, 

  

I have a couple of questions if you don't mind. Firstly why have you split the 
FSMO roles out on to two different domain controllers? It's not that it's wrong 
or anything, it's just simpler (and Microsoft's recommendation) to keep them 
all on one domain controller unless there is a specific need to do otherwise. 

  

Secondly, which server(s) is/are your DHCP server? Another server right? Not 
one of the domain controllers? 

  

Thirdly, what is your requirement for WINS, out of interest? 

  

To answer your questions, yes the DNS/WINS services on the remaining domain 
controller should have fulfilled client requests, so I would certainly look 
into why that didn't happen. Did anyone try rebooting their PCs, as that may 
have helped? 

  

If you had been unable to get Server1 running again then yes you would have had 
to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and modify 
your DNS/WINS. But don't try and bring Server1 back up at this point ("Then 
work on getting Server1 running again, or replacing it."), you must rebuild or 
replace it. 

  

Regards, 

  

Andrew 

  

  

On 21 April 2010 22:14, Reimer, Mark mailto:mark.rei...@prairie.edu> > wrote: 

Sorry, long email. 

  

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations. 

  

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC’s. 

  

In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2. 

  

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn’t do anything. Couldn’t reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out). 

  

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn’t try any of this, just 
going on what the user said). Comments? 

  

If I didn’t get Server1 running again, what should I have done? I assume I 
should do the following. 

  

1.   Seize the FSMO roles from server1, and put them on server2. 

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities. 

  

Then work on getting Server1 running again, or replacing it. 

  

Did I miss anything? 

  

Thanks for any help and insight you can give. 

  

Mark 

  

  

  

  




-- 

Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE

OT: iPhone Issues in the NorthEast

[Don Guyer]

All,

 

Has anyone had any issues with Exchange connections
within the last week or two in the NE USA? We've been having sporadic
issues with our Exchange connection (such as when tapping on the e-mail
to open it you receive a "cannot connect to server" error), but other
accounts (such as Gmail and Hotmail) seem to be fine.

 

TIA!

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

WINS (- was RE: Domain controllers, what is supposed to happen.)

[Raper, Jonathan - Eagle]

Speaking of WINS, if you don’t have any non-windows or pre-w2k clients, is 
there ANY good reason to keep WINS running on your network? If so, why?

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Andrew Levicki [mailto:and...@levicki.me.uk]
Sent: Wednesday, April 21, 2010 10:07 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

Hi Mark,

Have a read of this and see what you think:
http://support.microsoft.com/kb/223346

You're not the first person I've 
encountered who thinks that about FSMO roles but I think Microsoft are pretty 
clear on this one.

I'd probably rip WINS out if it's not needed, by the way.

Cheers,

Andrew

2010/4/21 Reimer, Mark mailto:mark.rei...@prairie.edu>>
I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected together 
on the same machine).

DHCP is from server2 (yes, one of the DC’s).

WINS. Not sure if there is a real requirement.

Not sure if a reboot was done. I’ll check with the user today.

Thanks for the advice/comments.

Mark

From: Andrew Levicki [mailto:and...@levicki.me.uk]
Sent: Wednesday, April 21, 2010 7:40 AM

To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

Hi Mark,

I have a couple of questions if you don't mind. Firstly why have you split the 
FSMO roles out on to two different domain controllers? It's not that it's wrong 
or anything, it's just simpler (and Microsoft's recommendation) to keep them 
all on one domain controller unless there is a specific need to do otherwise.

Secondly, which server(s) is/are your DHCP server? Another server right? Not 
one of the domain controllers?

Thirdly, what is your requirement for WINS, out of interest?

To answer your questions, yes the DNS/WINS services on the remaining domain 
controller should have fulfilled client requests, so I would certainly look 
into why that didn't happen. Did anyone try rebooting their PCs, as that may 
have helped?

If you had been unable to get Server1 running again then yes you would have had 
to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and modify 
your DNS/WINS. But don't try and bring Server1 back up at this point ("Then 
work on getting Server1 running again, or replacing it."), you must rebuild or 
replace it.

Regards,

Andrew


On 21 April 2010 22:14, Reimer, Mark 
mailto:mark.rei...@prairie.edu>> wrote:
Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC’s.

In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn’t do anything. Couldn’t reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn’t try any of this, just 
going on what the user said). Comments?

If I didn’t get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark









--
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3











--
Kind regards,

Andrew Levicki
ルビッキー アンドルュー
Microsoft Certified Technology Specialist on Windows 7
MCITP Enterprise Administrator on Windows Server 2008
MCITP Enterprise Messaging Administrator on Exchange Server 2007
Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
Cisco Certified Network Associate (CCNA)
ITILv3






Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is un

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

Where does it say that?

2010/4/21 Christopher Bodnar 

> Sorry but I have to disagree with you. I believe the recommendation of the
> article is to divide the FSMO roles, giving guidance on how to do that.
>
>
> Chris Bodnar, MCSE
> Systems Engineer
> Distributed Systems Service Delivery - Intel Services
> Guardian Life Insurance Company of America
> Email: christopher_bod...@glic.com
> Phone: 610-807-6459
> Fax: 610-807-6003
>
>
>
> From:Andrew Levicki 
> To:"NT System Admin Issues"  >
> Date:04/21/2010 10:06 AM
> Subject:Re: Domain controllers, what is supposed to happen.
> --
>
>
>
> Hi Mark,
>
> Have a read of this and see what you think:
> *http://support.microsoft.com/kb/223346*
>
> You're not the first person I've
> encountered who thinks that about FSMO roles but I think Microsoft are
> pretty clear on this one.
>
> I'd probably rip WINS out if it's not needed, by the way.
>
> Cheers,
>
> Andrew
>
> 2010/4/21 Reimer, Mark <*mark.rei...@prairie.edu*
> >
> I thought I read somewhere (this is years ago), that FSMO roles should be
> split, with some qualifications (some FSMO roles had to be connected
> together on the same machine).
>
>
>
> DHCP is from server2 (yes, one of the DC’s).
>
>
>
> WINS. Not sure if there is a real requirement.
>
>
>
> Not sure if a reboot was done. I’ll check with the user today.
>
>
>
> Thanks for the advice/comments.
>
>
>
> Mark
>
>
>
> *From:* Andrew Levicki [mailto:*and...@levicki.me.uk*]
> *
> Sent:* Wednesday, April 21, 2010 7:40 AM
>
> *
> To:* NT System Admin Issues*
> Subject:* Re: Domain controllers, what is supposed to happen.
>
>
>
> Hi Mark,
>
>
>
> I have a couple of questions if you don't mind. Firstly why have you split
> the FSMO roles out on to two different domain controllers? It's not that
> it's wrong or anything, it's just simpler (and Microsoft's recommendation)
> to keep them all on one domain controller unless there is a specific need to
> do otherwise.
>
>
>
> Secondly, which server(s) is/are your DHCP server? Another server right?
> Not one of the domain controllers?
>
>
>
> Thirdly, what is your requirement for WINS, out of interest?
>
>
>
> To answer your questions, yes the DNS/WINS services on the remaining domain
> controller should have fulfilled client requests, so I would certainly look
> into why that didn't happen. Did anyone try rebooting their PCs, as that may
> have helped?
>
>
>
> If you had been unable to get Server1 running again then yes you would have
> had to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and
> modify your DNS/WINS. But don't try and bring Server1 back up at this point
> ("Then work on getting Server1 running again, or replacing it."), you must
> rebuild or replace it.
>
>
>
> Regards,
>
>
>
> Andrew
>
>
>
>
>
> On 21 April 2010 22:14, Reimer, Mark 
> <*mark.rei...@prairie.edu*>
> wrote:
>
> Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is
> listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>
>
>
> --
>
> Kind regards,
>
> Andrew Levicki
> ルビッキー アンドルュー
> Microsoft Certified Technology Specialist on Windows 7
> MCITP Enterprise Administrator on Windows Server 2008
> MCITP Enterprise Messaging Administrator on Exchange Server 2007
> Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003
> Cisco Certified Network Associate (CCNA)
> ITILv3
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Kind regards,
>
> Andrew Levicki

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

With the proviso that it's "easier to keep track of FSMO roles if you host
them on fewer machines."

2010/4/21 Damien Solodow 

> It depends on your environment. If you have a single domain forest, and all
> of your DCs are GCs, it doesn’t matter where the FSMO roles are.
>
>
>
> *From:* Christopher Bodnar [mailto:christopher_bod...@glic.com]
> *Sent:* Wednesday, April 21, 2010 10:13 AM
>
> *To:* NT System Admin Issues
> *Cc:* NT System Admin Issues
>
> *Subject:* Re: Domain controllers, what is supposed to happen.
>
>
>
> Sorry but I have to disagree with you. I believe the recommendation of the
> article is to divide the FSMO roles, giving guidance on how to do that.
>
>
> Chris Bodnar, MCSE
> Systems Engineer
> Distributed Systems Service Delivery - Intel Services
> Guardian Life Insurance Company of America
> Email: christopher_bod...@glic.com
> Phone: 610-807-6459
> Fax: 610-807-6003
>
>
>
> From:Andrew Levicki 
> To:"NT System Admin Issues"  >
> Date:04/21/2010 10:06 AM
> Subject:Re: Domain controllers, what is supposed to happen.
> --
>
>
>
>
> Hi Mark,
>
> Have a read of this and see what you think:
> http://support.microsoft.com/kb/223346
>
> You're not the first person I've encountered who thinks that about FSMO
> roles but I think Microsoft are pretty clear on this one.
>
> I'd probably rip WINS out if it's not needed, by the way.
>
> Cheers,
>
> Andrew
>
> 2010/4/21 Reimer, Mark 
> I thought I read somewhere (this is years ago), that FSMO roles should be
> split, with some qualifications (some FSMO roles had to be connected
> together on the same machine).
>
>
>
> DHCP is from server2 (yes, one of the DC’s).
>
>
>
> WINS. Not sure if there is a real requirement.
>
>
>
> Not sure if a reboot was done. I’ll check with the user today.
>
>
>
> Thanks for the advice/comments.
>
>
>
> Mark
>
>
>
> *From:* Andrew Levicki [mailto:and...@levicki.me.uk] *
> Sent:* Wednesday, April 21, 2010 7:40 AM
>
> *
> To:* NT System Admin Issues*
> Subject:* Re: Domain controllers, what is supposed to happen.
>
>
>
> Hi Mark,
>
>
>
> I have a couple of questions if you don't mind. Firstly why have you split
> the FSMO roles out on to two different domain controllers? It's not that
> it's wrong or anything, it's just simpler (and Microsoft's recommendation)
> to keep them all on one domain controller unless there is a specific need to
> do otherwise.
>
>
>
> Secondly, which server(s) is/are your DHCP server? Another server right?
> Not one of the domain controllers?
>
>
>
> Thirdly, what is your requirement for WINS, out of interest?
>
>
>
> To answer your questions, yes the DNS/WINS services on the remaining domain
> controller should have fulfilled client requests, so I would certainly look
> into why that didn't happen. Did anyone try rebooting their PCs, as that may
> have helped?
>
>
>
> If you had been unable to get Server1 running again then yes you would have
> had to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and
> modify your DNS/WINS. But don't try and bring Server1 back up at this point
> ("Then work on getting Server1 running again, or replacing it."), you must
> rebuild or replace it.
>
>
>
> Regards,
>
>
>
> Andrew
>
>
>
>
>
> On 21 April 2010 22:14, Reimer, Mark  wrote:
>
> Sorry, long email.
>
>
>
> Windows 2003 Native Domain, two domain controllers, server1 and server2.
> Workstations are primarily XP, some Windows 7. Other servers (file server,
> email etc) are all Windows 2003. We have about 150 workstations.
>
>
>
> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
> Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
> Master. Both are GC’s.
>
>
>
> In the DHCP settings workstations get both server’s IP’s as DNS. Server2 is
> listed first, then server1. Primary WINS server is server1, secondary is
> Server2.
>
>
>
> Last night Server1 went down. It was off hours, but I got a call from some
> late night worker (using XP), saying they couldn’t do anything. Couldn’t
> reach any of the servers, or internet. I was able to get the server going
> again (bad memory chip, so I just took it out).
>
>
>
> I thought that if one server went down, the DNS/WINS look up would go to
> the other server. But it might be slower (note, I didn’t try any of this,
> just going on what the user said). Comments?
>
>
>
> If I didn’t get Server1 running again, what should I have done? I assume I
> should do the following.
>
>
>
> 1.   Seize the FSMO roles from server1, and put them on server2.
>
> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
> out Server1 as DNS/WINS possibilities.
>
>
>
> Then work on getting Server1 running again, or replacing it.
>
>
>
> Did I miss anything?
>
>
>
> Thanks for any help and insight you can give.
>
>
>
> Mark
>
>
>
>
>
>
>
>
>
>
>
>
> --
>
> Kind regards,
>
> Andrew Levicki
> ルビッキー アンドルュー
> Microsoft Certified Technology Specialis

Re: UPSes

[Roger Wright]

FWIW - I had opportunity to make a claim against APC's equipment
protection warranty a few years ago.  After supplying details they
honored the warranty and paid off the claim without a hassle.

I think APC's reputation is well-deserved.


Die dulci fruere!

Roger Wright
___




On Tue, Apr 20, 2010 at 10:08 PM, Angus Scott-Fleming
 wrote:
> On 16 Apr 2010 at 8:25, Reimer, Mark  wrote:
>>
>> Hi folks, I’ve done some (or tried to) research on the differences
>> between APC Backups vs Smart-UPS, or Tripp Lite SmartPro vs OmniSmart. One
>> set (Backups and OmniSmart) seem to be almost ½ price of the other set
>> (Smart-UPS and SmartPro) for the same rated VA/wattage. The only real
>> difference I can find is manageability. These will be for POE switches in
>> wiring closets. Any help/experience will be most appreciated. Thanks.
> FWIW I have both TrippLites and APCs at one client who has bought them here
> and there.  They have not installed the cables or software, and the cables
> have disappeared.  The new TrippLites use standard USB A-to-B cables, while
> the APCs use proprietary $30 RJ5-to-USB-A cables.  A bunch of their APCs are
> older, with RS-232 interfaces (proprietary APC $32 cable).  I'm about to
> replace most of the units without cables, and the TrippLites are about
> 20-25% less for the same specs.
> Does anyone here have experience with their network software?  APC wants
> $280 for a 5-to-25-user version of their network console.  TrippLite has a
> free network console for up to 250 stations.
>
>
> --
> Angus Scott-Fleming
> GeoApps, Tucson, Arizona
> 1-520-895-3270
> Security Blog: http://geoapps.com/
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: WINS (- was RE: Domain controllers, what is supposed to happen.)

[Ben Scott]

On Wed, Apr 21, 2010 at 10:17 AM, Raper, Jonathan - Eagle
 wrote:
> Speaking of WINS, if you don’t have any non-windows or pre-w2k clients, is
> there ANY good reason to keep WINS running on your network? If so, why?

  If you're using NetBIOS at all, I strongly recommend WINS.

  Getting rid of NetBIOS sometimes proves problematic.  Aside from
vestigial dependencies in some software, it's also what drives the
browse list ("Network Neighborhood" or whatever it's called this
year).

  But yah, if you can shut off NetBIOS, that's a beautiful thing, and
then you don't need WINS.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Domain controllers, what is supposed to happen.

[Sherry Abercrombie]

I dunno, that whole section about placement of FSMO roles.

2010/4/21 Andrew Levicki 

> Where does it say that?
>
> 2010/4/21 Christopher Bodnar 
>
> Sorry but I have to disagree with you. I believe the recommendation of the
>> article is to divide the FSMO roles, giving guidance on how to do that.
>>
>>
>> Chris Bodnar, MCSE
>> Systems Engineer
>> Distributed Systems Service Delivery - Intel Services
>> Guardian Life Insurance Company of America
>> Email: christopher_bod...@glic.com
>> Phone: 610-807-6459
>> Fax: 610-807-6003
>>
>>
>>
>> From:Andrew Levicki 
>> To:"NT System Admin Issues" <
>> ntsysadmin@lyris.sunbelt-software.com>
>> Date:04/21/2010 10:06 AM
>> Subject:Re: Domain controllers, what is supposed to happen.
>> --
>>
>>
>>
>> Hi Mark,
>>
>> Have a read of this and see what you think:
>> *http://support.microsoft.com/kb/223346*
>>
>> You're not the first person I've
>> encountered who thinks that about FSMO roles but I think Microsoft are
>> pretty clear on this one.
>>
>> I'd probably rip WINS out if it's not needed, by the way.
>>
>> Cheers,
>>
>> Andrew
>>
>> 2010/4/21 Reimer, Mark <*mark.rei...@prairie.edu*
>> >
>> I thought I read somewhere (this is years ago), that FSMO roles should be
>> split, with some qualifications (some FSMO roles had to be connected
>> together on the same machine).
>>
>>
>>
>> DHCP is from server2 (yes, one of the DC’s).
>>
>>
>>
>> WINS. Not sure if there is a real requirement.
>>
>>
>>
>> Not sure if a reboot was done. I’ll check with the user today.
>>
>>
>>
>> Thanks for the advice/comments.
>>
>>
>>
>> Mark
>>
>>
>>
>> *From:* Andrew Levicki [mailto:*and...@levicki.me.uk*]
>> *
>> Sent:* Wednesday, April 21, 2010 7:40 AM
>>
>> *
>> To:* NT System Admin Issues*
>> Subject:* Re: Domain controllers, what is supposed to happen.
>>
>>
>>
>> Hi Mark,
>>
>>
>>
>> I have a couple of questions if you don't mind. Firstly why have you split
>> the FSMO roles out on to two different domain controllers? It's not that
>> it's wrong or anything, it's just simpler (and Microsoft's recommendation)
>> to keep them all on one domain controller unless there is a specific need to
>> do otherwise.
>>
>>
>>
>> Secondly, which server(s) is/are your DHCP server? Another server right?
>> Not one of the domain controllers?
>>
>>
>>
>> Thirdly, what is your requirement for WINS, out of interest?
>>
>>
>>
>> To answer your questions, yes the DNS/WINS services on the remaining
>> domain controller should have fulfilled client requests, so I would
>> certainly look into why that didn't happen. Did anyone try rebooting their
>> PCs, as that may have helped?
>>
>>
>>
>> If you had been unable to get Server1 running again then yes you would
>> have had to seize the domain-wide FSMO roles (RIP) from Server1 on to
>> Server2 and modify your DNS/WINS. But don't try and bring Server1 back up at
>> this point ("Then work on getting Server1 running again, or replacing it."),
>> you must rebuild or replace it.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Andrew
>>
>>
>>
>>
>>
>> On 21 April 2010 22:14, Reimer, Mark 
>> <*mark.rei...@prairie.edu*>
>> wrote:
>>
>> Sorry, long email.
>>
>>
>>
>> Windows 2003 Native Domain, two domain controllers, server1 and server2.
>> Workstations are primarily XP, some Windows 7. Other servers (file server,
>> email etc) are all Windows 2003. We have about 150 workstations.
>>
>>
>>
>> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master,
>> PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master,
>> Schema Master. Both are GC’s.
>>
>>
>>
>> In the DHCP settings workstations get both server’s IP’s as DNS. Server2
>> is listed first, then server1. Primary WINS server is server1, secondary is
>> Server2.
>>
>>
>>
>> Last night Server1 went down. It was off hours, but I got a call from some
>> late night worker (using XP), saying they couldn’t do anything. Couldn’t
>> reach any of the servers, or internet. I was able to get the server going
>> again (bad memory chip, so I just took it out).
>>
>>
>>
>> I thought that if one server went down, the DNS/WINS look up would go to
>> the other server. But it might be slower (note, I didn’t try any of this,
>> just going on what the user said). Comments?
>>
>>
>>
>> If I didn’t get Server1 running again, what should I have done? I assume I
>> should do the following.
>>
>>
>>
>> 1.   Seize the FSMO roles from server1, and put them on server2.
>>
>> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
>> out Server1 as DNS/WINS possibilities.
>>
>>
>>
>> Then work on getting Server1 running again, or replacing it.
>>
>>
>>
>> Did I miss anything?
>>
>>
>>
>> Thanks for any help and insight you can give.
>>
>>
>>
>> Mark
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>>
>> Kind regards,
>>
>> Andrew Levicki
>> ルビッキー アンドルュー
>> Microsoft Certified Te

Re: Domain controllers, what is supposed to happen.

[Andrew Levicki]

OK, well you go right ahead and split them out if you think that's what the
article recommends.

2010/4/21 Sherry Abercrombie 

> I dunno, that whole section about placement of FSMO roles.
>
> 2010/4/21 Andrew Levicki 
>
>> Where does it say that?
>>
>> 2010/4/21 Christopher Bodnar 
>>
>> Sorry but I have to disagree with you. I believe the recommendation of the
>>> article is to divide the FSMO roles, giving guidance on how to do that.
>>>
>>>
>>> Chris Bodnar, MCSE
>>> Systems Engineer
>>> Distributed Systems Service Delivery - Intel Services
>>> Guardian Life Insurance Company of America
>>> Email: christopher_bod...@glic.com
>>> Phone: 610-807-6459
>>> Fax: 610-807-6003
>>>
>>>
>>>
>>> From:Andrew Levicki 
>>> To:"NT System Admin Issues" <
>>> ntsysadmin@lyris.sunbelt-software.com>
>>> Date:04/21/2010 10:06 AM
>>> Subject:Re: Domain controllers, what is supposed to happen.
>>> --
>>>
>>>
>>>
>>> Hi Mark,
>>>
>>> Have a read of this and see what you think:
>>> *http://support.microsoft.com/kb/223346*
>>>
>>> You're not the first person I've
>>> encountered who thinks that about FSMO roles but I think Microsoft are
>>> pretty clear on this one.
>>>
>>> I'd probably rip WINS out if it's not needed, by the way.
>>>
>>> Cheers,
>>>
>>> Andrew
>>>
>>> 2010/4/21 Reimer, Mark <*mark.rei...@prairie.edu*
>>> >
>>> I thought I read somewhere (this is years ago), that FSMO roles should be
>>> split, with some qualifications (some FSMO roles had to be connected
>>> together on the same machine).
>>>
>>>
>>>
>>> DHCP is from server2 (yes, one of the DC’s).
>>>
>>>
>>>
>>> WINS. Not sure if there is a real requirement.
>>>
>>>
>>>
>>> Not sure if a reboot was done. I’ll check with the user today.
>>>
>>>
>>>
>>> Thanks for the advice/comments.
>>>
>>>
>>>
>>> Mark
>>>
>>>
>>>
>>> *From:* Andrew Levicki [mailto:*and...@levicki.me.uk*]
>>> *
>>> Sent:* Wednesday, April 21, 2010 7:40 AM
>>>
>>> *
>>> To:* NT System Admin Issues*
>>> Subject:* Re: Domain controllers, what is supposed to happen.
>>>
>>>
>>>
>>> Hi Mark,
>>>
>>>
>>>
>>> I have a couple of questions if you don't mind. Firstly why have you
>>> split the FSMO roles out on to two different domain controllers? It's not
>>> that it's wrong or anything, it's just simpler (and Microsoft's
>>> recommendation) to keep them all on one domain controller unless there is a
>>> specific need to do otherwise.
>>>
>>>
>>>
>>> Secondly, which server(s) is/are your DHCP server? Another server right?
>>> Not one of the domain controllers?
>>>
>>>
>>>
>>> Thirdly, what is your requirement for WINS, out of interest?
>>>
>>>
>>>
>>> To answer your questions, yes the DNS/WINS services on the remaining
>>> domain controller should have fulfilled client requests, so I would
>>> certainly look into why that didn't happen. Did anyone try rebooting their
>>> PCs, as that may have helped?
>>>
>>>
>>>
>>> If you had been unable to get Server1 running again then yes you would
>>> have had to seize the domain-wide FSMO roles (RIP) from Server1 on to
>>> Server2 and modify your DNS/WINS. But don't try and bring Server1 back up at
>>> this point ("Then work on getting Server1 running again, or replacing it."),
>>> you must rebuild or replace it.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Andrew
>>>
>>>
>>>
>>>
>>>
>>> On 21 April 2010 22:14, Reimer, Mark 
>>> <*mark.rei...@prairie.edu*>
>>> wrote:
>>>
>>> Sorry, long email.
>>>
>>>
>>>
>>> Windows 2003 Native Domain, two domain controllers, server1 and server2.
>>> Workstations are primarily XP, some Windows 7. Other servers (file server,
>>> email etc) are all Windows 2003. We have about 150 workstations.
>>>
>>>
>>>
>>> We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master,
>>> PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master,
>>> Schema Master. Both are GC’s.
>>>
>>>
>>>
>>> In the DHCP settings workstations get both server’s IP’s as DNS. Server2
>>> is listed first, then server1. Primary WINS server is server1, secondary is
>>> Server2.
>>>
>>>
>>>
>>> Last night Server1 went down. It was off hours, but I got a call from
>>> some late night worker (using XP), saying they couldn’t do anything.
>>> Couldn’t reach any of the servers, or internet. I was able to get the server
>>> going again (bad memory chip, so I just took it out).
>>>
>>>
>>>
>>> I thought that if one server went down, the DNS/WINS look up would go to
>>> the other server. But it might be slower (note, I didn’t try any of this,
>>> just going on what the user said). Comments?
>>>
>>>
>>>
>>> If I didn’t get Server1 running again, what should I have done? I assume
>>> I should do the following.
>>>
>>>
>>>
>>> 1.   Seize the FSMO roles from server1, and put them on server2.
>>>
>>> 2.   Change DHCP so Primary WINS server is server2. Maybe even take
>>> out Server1 as DNS/WINS possibilitie

RE: Domain controllers, what is supposed to happen.

[Sean Rector]

Quoting the article:

 

General recommendations for FSMO placement

・ Place the RID and PDC emulator roles on the same domain controller. 
It is also easier to keep track of FSMO roles if you host them on fewer 
machines.

If the load on the primary FSMO load justifies a move, place the RID and 
primary domain controller emulator roles on separate domain controllers in the 
same domain and active directory site that are direct replication partners of 
each other. 

・ As a general rule, the infrastructure master should be located on a 
nonglobal catalog server that has a direct connection object to some global 
catalog in the forest, preferably in the same Active Directory site. Because 
the global catalog server holds a partial replica of every object in the 
forest, the infrastructure master, if placed on a global catalog server, will 
never update anything, because it does not contain any references to objects 
that it does not hold. Two exceptions to the "do not place the infrastructure 
master on a global catalog server" rule are: 

oSingle domain forest: 

In a forest that contains a single Active Directory domain, there are no 
phantoms, and so the infrastructure master has no work to do. The 
infrastructure master may be placed on any domain controller in the domain, 
regardless of whether that domain controller hosts the global catalog or not. 

oMultidomain forest where every domain controller in a domain holds the 
global catalog: 

If every domain controller in a domain that is part of a multidomain forest 
also hosts the global catalog, there are no phantoms or work for the 
infrastructure master to do. The infrastructure master may be put on any domain 
controller in that domain. 

・ At the forest level, the schema master and domain naming master roles 
should be placed on the same domain controller as they are rarely used and 
should be tightly controlled. Additionally, the domain naming master FSMO 
should also be a global catalog server. Certain operations that use the domain 
naming master, such as creating grand-child domains, will fail if this is not 
the case.

In a forest at the Forest Functional Level Windows Server 2003, you do not have 
to place the domain naming master on a global catalog.

Most importantly, confirm that all FSMO roles are available using one of the 
management consoles (such as Dsa.msc or Ntdsutil.exe).

 

Sean Rector, MCSE

 

From: Andrew Levicki [mailto:and...@levicki.me.uk] 
Sent: Wednesday, April 21, 2010 10:26 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

 

OK, well you go right ahead and split them out if you think that's what the 
article recommends.

 

2010/4/21 Sherry Abercrombie 

I dunno, that whole section about placement of FSMO roles.

2010/4/21 Andrew Levicki 

Where does it say that?

2010/4/21 Christopher Bodnar 

 

Sorry but I have to disagree with you. I believe the recommendation of 
the article is to divide the FSMO roles, giving guidance on how to do that. 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 



From:Andrew Levicki  
To:"NT System Admin Issues" 
 
Date:04/21/2010 10:06 AM 

Subject:Re: Domain controllers, what is supposed to happen. 






Hi Mark, 

Have a read of this and see what you think: 
http://support.microsoft.com/kb/223346 
  

You're not the first person I've encountered who thinks that about FSMO 
roles but I think Microsoft are pretty clear on this one. 

I'd probably rip WINS out if it's not needed, by the way. 

Cheers, 

Andrew 

2010/4/21 Reimer, Mark mailto:mark.rei...@prairie.edu> > 
I thought I read somewhere (this is years ago), that FSMO roles should 
be split, with some qualifications (some FSMO roles had to be connected 
together on the same machine). 

  

DHCP is from server2 (yes, one of the DC’s). 

  

WINS. Not sure if there is a real requirement. 

  

Not sure if a reboot was done. I’ll check with the user today. 

  

Thanks for the advice/comments. 

  

Mark 

  

From: Andrew Levicki [mailto:and...@levicki.me.uk 
 ] 
Sent: Wednesday, April 21, 2010 7:40 AM 


To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen. 

  

Hi Mark, 

  

I have a couple of ques

Re: Domain controllers, what is supposed to happen.

[Christopher Bodnar]

I could ask you the same question. The article does not specifically say 
to keep the FSMO roles on one DC, in fact it makes recommendations on how 
to separate them.  This article is a guide, not an absolute. It makes 
recommendations based on different factors. My suggestion based on this 
guideline and Mark's infrastructure would be the following:

Server1
RID 
PDC 

Server2
schema master
domain naming master
infrastructure master


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003



From:   Andrew Levicki 
To: "NT System Admin Issues" 
Date:   04/21/2010 10:18 AM
Subject:Re: Domain controllers, what is supposed to happen.



Where does it say that?

2010/4/21 Christopher Bodnar 
Sorry but I have to disagree with you. I believe the recommendation of the 
article is to divide the FSMO roles, giving guidance on how to do that. 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 



From:Andrew Levicki  
To:"NT System Admin Issues"  
Date:04/21/2010 10:06 AM 
Subject:Re: Domain controllers, what is supposed to happen. 



Hi Mark, 

Have a read of this and see what you think: 
http://support.microsoft.com/kb/223346 

You're not the first person I've encountered who thinks that about FSMO 
roles but I think Microsoft are pretty clear on this one. 

I'd probably rip WINS out if it's not needed, by the way. 

Cheers, 

Andrew 

2010/4/21 Reimer, Mark  
I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected 
together on the same machine). 
  
DHCP is from server2 (yes, one of the DC?s). 
  
WINS. Not sure if there is a real requirement. 
  
Not sure if a reboot was done. I?ll check with the user today. 
  
Thanks for the advice/comments. 
  
Mark 
  
From: Andrew Levicki [mailto:and...@levicki.me.uk] 
Sent: Wednesday, April 21, 2010 7:40 AM 

To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen. 
 
Hi Mark, 
 
I have a couple of questions if you don't mind. Firstly why have you split 
the FSMO roles out on to two different domain controllers? It's not that 
it's wrong or anything, it's just simpler (and Microsoft's recommendation) 
to keep them all on one domain controller unless there is a specific need 
to do otherwise. 
 
Secondly, which server(s) is/are your DHCP server? Another server right? 
Not one of the domain controllers? 
 
Thirdly, what is your requirement for WINS, out of interest? 
 
To answer your questions, yes the DNS/WINS services on the remaining 
domain controller should have fulfilled client requests, so I would 
certainly look into why that didn't happen. Did anyone try rebooting their 
PCs, as that may have helped? 
 
If you had been unable to get Server1 running again then yes you would 
have had to seize the domain-wide FSMO roles (RIP) from Server1 on to 
Server2 and modify your DNS/WINS. But don't try and bring Server1 back up 
at this point ("Then work on getting Server1 running again, or replacing 
it."), you must rebuild or replace it. 
 
Regards, 
 
Andrew 
 
 
On 21 April 2010 22:14, Reimer, Mark  wrote: 
Sorry, long email. 
 
Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations. 
 
We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, 
PDC Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, 
Schema Master. Both are GC?s. 
 
In the DHCP settings workstations get both server?s IP?s as DNS. Server2 
is listed first, then server1. Primary WINS server is server1, secondary 
is Server2. 
 
Last night Server1 went down. It was off hours, but I got a call from some 
late night worker (using XP), saying they couldn?t do anything. Couldn?t 
reach any of the servers, or internet. I was able to get the server going 
again (bad memory chip, so I just took it out). 
 
I thought that if one server went down, the DNS/WINS look up would go to 
the other server. But it might be slower (note, I didn?t try any of this, 
just going on what the user said). Comments? 
 
If I didn?t get Server1 running again, what should I have done? I assume I 
should do the following. 
 
1.   Seize the FSMO roles from server1, and put them on server2. 
2.   Change DHCP so Primary WINS server is server2. Maybe even take 
out Server1 as DNS/WINS possibilities. 
 
Then work on getting Server1 running again, or replacing it. 
 
Did I miss anything? 
 
Thanks for any help and insight you can give. 
 
Mark 
 
 
 
  



-- 
Kind regards,

Andrew Levicki

RE: need suggestions...iPad in a Windows enterprise, anyone?

[John Hornbuckle]

How is iPad patch management and configuration handled? When someone wants to 
connect their iPad to my network--a network it's sharing with other devices 
that are managed and known to be secure--how do I know the device is secure? 
How do I prevent my iPad users from installing and running unapproved 
applications that could interfere with the performance and security of my 
network?

The touch interface isn't a toy. Windows 7 provides such an interface. Plus, 
Windows 7 comes in flavors that are designed for the enterprise. The iPad was 
designed as a consumer device--not a device for the enterprise.

At least from what I can tell. But I'd love to be wrong on this, because we 
like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill 


NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: WINS (- was RE: Domain controllers, what is supposed to happen.)

[Sherry Abercrombie]

Turn it off and then see if anyone or any application screams.  It will
drastically cut down on unnecessary chatter on the network.  But like Ben
said, some outdated software applications require it to work.

On Wed, Apr 21, 2010 at 9:21 AM, Ben Scott  wrote:

> On Wed, Apr 21, 2010 at 10:17 AM, Raper, Jonathan - Eagle
>  wrote:
> > Speaking of WINS, if you don’t have any non-windows or pre-w2k clients,
> is
> > there ANY good reason to keep WINS running on your network? If so, why?
>
>   If you're using NetBIOS at all, I strongly recommend WINS.
>
>  Getting rid of NetBIOS sometimes proves problematic.  Aside from
> vestigial dependencies in some software, it's also what drives the
> browse list ("Network Neighborhood" or whatever it's called this
> year).
>
>  But yah, if you can shut off NetBIOS, that's a beautiful thing, and
> then you don't need WINS.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: UPSes

[Ben Scott]

On Wed, Apr 21, 2010 at 3:18 AM, Phillip Partipilo  wrote:
> My overall experience with Tripp-Lite is a product that is designed to be
> basically disposable.  A product designed to last the life of the battery,
> at most.  Poor thermal management, overheating components, and overall low
> quality components.  Whereas APC units (especially SmartUPS models) are
> built like tanks.

  APC makes some cheap disposable stuff, too.  Several of the Back-UPS
model lines fall into that category.  The Back-UPS 500 LS seems to
have a penchant for overheating and killing itself, I've discovered.
But yah, heir Smart-UPS stuff is generally top-notch.

  I've had a few instances of trouble over the years with swollen
batteries in the Smart-UPS units, and I've heard reports of same on
this list.  I don't know if that was time of trouble, or if it's been
since fixed, or what.

  The APC "Line-R" voltage regulators seem to self-destruct after a
few years, always with the same failure mode (won't power up under
load).

  I know Tripp-Lite basics some outstanding TVSS units ("IsoBar").  I
agree that their cheap UPSes are poor quality.  One hopes their
high-end stuff is better, but I don't know.  They offer double
conversion models, which APC doesn't.  But if it's poor quality,
that's still no good.

  I've also used Eaton (AKA PowerWare, AKA Best Power) UPSes before
with good results.  They also offer double conversion models.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

If you provide a guest network "as-is", and allow them access only through the 
guest network (provided that the traffic is truly segregated from your 
production network) and you throttle the guest network, who cares? They would 
still be subject to any internet usage policy you have in place...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone wants to 
connect their iPad to my network--a network it's sharing with other devices 
that are managed and known to be secure--how do I know the device is secure? 
How do I prevent my iPad users from installing and running unapproved 
applications that could interfere with the performance and security of my 
network?

The touch interface isn't a toy. Windows 7 provides such an interface. Plus, 
Windows 7 comes in flavors that are designed for the enterprise. The iPad was 
designed as a consumer device--not a device for the enterprise.

At least from what I can tell. But I'd love to be wrong on this, because we 
like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill


NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: WINS (- was RE: Domain controllers, what is supposed to happen.)

[Ben Scott]

On Wed, Apr 21, 2010 at 10:29 AM, Sherry Abercrombie  wrote:
> Turn it off and then see if anyone or any application screams.  It will
> drastically cut down on unnecessary chatter on the network.

  Correct if "turn it off" means NetBIOS.  I believe incorrect if
"turn it off" means WINS without also implying NetBIOS.  :)

  If properly configured, WINS will actually drastically *reduce*
broadcast traffic.  But you have to also configure all NetBIOS does as
P-nodes -- peer nodes, type 0x2 -- unicast WINS only, no broadcasts.

  You should also configure NetBIOS such that a small set of reliable
computers attempt to be browse masters, and configure everything else
*not* to attempt to be a browse master.  Otherwise you'll get browser
elections ever time a computer boots.  (This is not a WINS issue,
technically speaking, but part of the NetBIOS protocol design.)

  If you don't have WINS but don't also disable NetBIOS, you'll get
just as much, if not more, network chatter.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[John Hornbuckle]

Well, I currently don't have to create a separate isolated wireless network for 
my employees' devices, because those devices were designed for the enterprise 
and are secured. So that's an extra bit of work right there to accommodate the 
Apple stuff.

But let's say we do it, and Drs. A through Z are sharing this isolated guest 
network. When Dr. A connects his malware-infected iPad (let's not pretend this 
isn't a possibility--I think we all know by now that Apple OS's aren't immune) 
and shuts down the guest network, what happens to Drs. B through Z?




John


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Wednesday, April 21, 2010 10:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

If you provide a guest network "as-is", and allow them access only through the 
guest network (provided that the traffic is truly segregated from your 
production network) and you throttle the guest network, who cares? They would 
still be subject to any internet usage policy you have in place...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone wants to 
connect their iPad to my network--a network it's sharing with other devices 
that are managed and known to be secure--how do I know the device is secure? 
How do I prevent my iPad users from installing and running unapproved 
applications that could interfere with the performance and security of my 
network?

The touch interface isn't a toy. Windows 7 provides such an interface. Plus, 
Windows 7 comes in flavors that are designed for the enterprise. The iPad was 
designed as a consumer device--not a device for the enterprise.

At least from what I can tell. But I'd love to be wrong on this, because we 
like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill


NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Charlie Kaiser]

As I said, most docs think they're pretty smart and they are. But an MD
and/or EE degree doesn't necessarily put them in a position to make good IT
decisions; there's a completely different set of knowledge and experience
required. Knowing the difference between mobile devices from a
security/manageability/compatibility POV is an IT skill specific to our
world. It's the reverse paradigm for me not recommending a specific X-ray
machine for their use...

But I hear you on the "they write my check" thing. That's why I avoid med
clients... :-)

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
> Sent: Wednesday, April 21, 2010 7:02 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
> 
> Yeah, but, that's easier said then done when you're talking 
> to the people who made the decision to hire you in the first place.
> 
> For what it is worth, I have some VERY intelligent, 
> practical, and forward thinking physicians on my IT 
> Committee. One has a BS in Electrical Engineering from MIT. 
> And another has been doing voice recognition for so long 
> (well over 10 years) that he probably was one of the 
> co-inventors of the technology (TIC, but you know what I 
> mean). Oh, and he writes VB for fun, too.
> 
> So, while my flinch response might be to agree with you as a 
> generalization, the docs who are asking aren't just asking 
> because it is a cool new toy that they want to play with. 
> (Although admittedly, it is a cool new toy...)
> 
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
> 
> 
> -Original Message-
> From: Charlie Kaiser [mailto:charl...@golden-eagle.org]
> Sent: Wednesday, April 21, 2010 9:53 AM
> To: NT System Admin Issues
> Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?
> 
> "Hey doc; I won't make patient care recommendations if you 
> don't make IT recommendations."
> One of the reasons I avoid health care clients is because IME 
> doctors think their education and training makes them experts 
> in everything. And they've been the worst when it comes to 
> allowing "properly" managed IT services...
> Little things like HIPAA just annoy them...
> 
> ***
> Charlie Kaiser
> charl...@golden-eagle.org
> Kingman, AZ
> ***
> 
> > -Original Message-
> > From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> > Sent: Wednesday, April 21, 2010 6:23 AM
> > To: NT System Admin Issues
> > Subject: RE: need suggestions...iPad in a Windows 
> enterprise, anyone?
> >
> > The argument from one of my physicians is that the iPad is under 
> > $1,000, while the Tablet PCs we're purchasing are 
> essentially double 
> > that, and the battery life is longer.
> 
> > > We now have physicians who are starting to ask for iPad
> > access on the network. I'm not sure why
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource 
> hog! ~ ~ 
>   ~
> 
> Any medical information contained in this electronic message 
> is CONFIDENTIAL and privileged. It is unlawful for 
> unauthorized persons to view, copy, disclose, or disseminate 
> CONFIDENTIAL information. This electronic message may contain 
> information that is confidential and/or legally privileged. 
> It is intended only for the use of the individual(s) and/or 
> entity named as recipients in the message. If you are not an 
> intended recipient of this message, please notify the sender 
> immediately and delete this material from your computer. Do 
> not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the 
> information that it contains.
> 
> ~ Finally, powerful endpoint security that ISN'T a resource 
> hog! ~ ~ 
>   ~
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Mayo, Bill]

The biggest complaint folks have about the iPhone/iPod Touch/iPad is
that you can't install just any application.  In other words (short of
jailbreaking) you can't install any applications that aren't either
distributed by your IT department or available in the app store.  If you
mean can you keep people from installing other apps from the app store,
the honest answer is I don't know.  Apple does have some tools for the
enterprise, but I don't know if they allow you to lock down the
installed applications.

I haven't personally used Windows 7, so I can't speak to the "touch
interface" to which you refer.  Based on past Microsoft products,
though, I tend to believe you are talking about something where touch
screens are supported, and not what I would call a touch interface.  I
know that the tablet interface that Microsoft originally came out was
absolutely no different than the standard windows interface, you just
used a stylus instead of a mouse, and it would let you do some
handwritten stuff (like the Newton did, lo those many years ago).  That
is not the same; it is kind of like saying that Windows 1.0 had a GUI
interface, where all it really did was let you use a mouse to move the
cursor around.  A lot of folks were surprised that Apple put the iPhone
interface on the iPad, instead of Mac OS X (disappointed, even).
Apple's argument is that you can't just slap a touch interface on top of
an application that was written for a mouse-driven interface.  Or
rather, you can, but there isn't much of a point.  This is really the
problem with things like Flash on a mobile platform.  It depends so
heavily on rollover type effects, what does that mean when you are using
your finger?  It's a whole different paradigm, and Apple is saying that
you have to rethink everything.  A whole, whole lot of folks who have
picked up an iPhone or iPad seem to agree.  People love them because the
interface is designed to be used with your fingers.

I don't disagree that the iPad was designed as a consumer device.  That
doesn't mean that it can't serve some functions in some industries,
though.

Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone
wants to connect their iPad to my network--a network it's sharing with
other devices that are managed and known to be secure--how do I know the
device is secure? How do I prevent my iPad users from installing and
running unapproved applications that could interfere with the
performance and security of my network?

The touch interface isn't a toy. Windows 7 provides such an interface.
Plus, Windows 7 comes in flavors that are designed for the enterprise.
The iPad was designed as a consumer device--not a device for the
enterprise.

At least from what I can tell. But I'd love to be wrong on this, because
we like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill 


NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
co

Re: OT: iPhone Issues in the NorthEast

[Richard Stovall]

None in Central Virginia, though I guess that's not the NE.  (Having grown
up in Texas, it seems like it though.)

On Wed, Apr 21, 2010 at 10:16 AM, Don Guyer wrote:

>  All,
>
>
>
> Has anyone had any issues with Exchange connections within
> the last week or two in the NE USA? We’ve been having sporadic issues with
> our Exchange connection (such as when tapping on the e-mail to open it you
> receive a “cannot connect to server” error), but other accounts (such as
> Gmail and Hotmail) seem to be fine.
>
>
>
> TIA!
>
>
>
> Don Guyer
>
> Systems Engineer - Information Services
>
> Prudential, Fox & Roach/Trident Group
>
> 431 W. Lancaster Avenue
>
> Devon, PA 19333
>
> Direct: (610) 993-3299
>
> Fax: (610) 650-5306
>
> don.gu...@prufoxroach.com
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Free, Bob]

I have had similar spontaneous shutdowns that were unexplained till I
realized they were actually caused by the APC UPS's in my lab/office.
One did it nearly daily till I just happened to be there to observe it
and realize what was going on.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have it on an APC Smart-UPS 1500, very light load. I have my own AC
and keep the server room around 68 or so. Good airflow. No dust build up
inside the case. I'll try swapping the power supply itself with a known
good one to see if that helps.

 

Thank you,

 

Kyle B. Plummer

 

From: Mathew Shember [mailto:mathew.shem...@synopsys.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Bad power supply?  

 

How is the circuit load?

 

 

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Mayo, Bill]

You can't really get malware on an iPad unless it is jailbroken, at
least as of now.  Your point is understood, but if the possibility of
getting malware on a device keeps you from connecting it to your
network, then you will have *nothing* connected to your network.
Apologies to the list sponsor, but I don't think that anybody would
claim that there is an AV/AM solution out there guarantees nothing will
ever get on your PCs.  Even if something does get on the iPad, it's no
different than any other device--isolate it from the network and go from
there.

Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 10:48 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Well, I currently don't have to create a separate isolated wireless
network for my employees' devices, because those devices were designed
for the enterprise and are secured. So that's an extra bit of work right
there to accommodate the Apple stuff.

But let's say we do it, and Drs. A through Z are sharing this isolated
guest network. When Dr. A connects his malware-infected iPad (let's not
pretend this isn't a possibility--I think we all know by now that Apple
OS's aren't immune) and shuts down the guest network, what happens to
Drs. B through Z?




John


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, April 21, 2010 10:33 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

If you provide a guest network "as-is", and allow them access only
through the guest network (provided that the traffic is truly segregated
from your production network) and you throttle the guest network, who
cares? They would still be subject to any internet usage policy you have
in place...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone
wants to connect their iPad to my network--a network it's sharing with
other devices that are managed and known to be secure--how do I know the
device is secure? How do I prevent my iPad users from installing and
running unapproved applications that could interfere with the
performance and security of my network?

The touch interface isn't a toy. Windows 7 provides such an interface.
Plus, Windows 7 comes in flavors that are designed for the enterprise.
The iPad was designed as a consumer device--not a device for the
enterprise.

At least from what I can tell. But I'd love to be wrong on this, because
we like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill


NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


~ Finally, powerful endpoint security that ISN'T a 

RE: Spontaneous server reboots

[Kyle Plummer]

I've had it on two different UPS units. First one had other servers on
it (load was at 50%), but none of the other servers had an issue. I
moved it to a new UPS (both are Smart-UPS 1500 units from APC) that had
nothing else on it. Still did the reboots. That's a good suggestion,
though. I didn't think of that when I moved it. I was more concerned
with isolating the server from the other ones.

 

Thank you,

 

Kyle B. Plummer

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 21, 2010 10:55 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have had similar spontaneous shutdowns that were unexplained till I
realized they were actually caused by the APC UPS's in my lab/office.
One did it nearly daily till I just happened to be there to observe it
and realize what was going on.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have it on an APC Smart-UPS 1500, very light load. I have my own AC
and keep the server room around 68 or so. Good airflow. No dust build up
inside the case. I'll try swapping the power supply itself with a known
good one to see if that helps.

 

Thank you,

 

Kyle B. Plummer

 

From: Mathew Shember [mailto:mathew.shem...@synopsys.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Bad power supply?  

 

How is the circuit load?

 

 

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 


This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person

RE: Infragard

[Free, Bob]

>From what I have observed over the years it is generally larger
companies with critical infrastructure involvement that have reps and
they are usually at or near the executive level. For example, our Mgr of
Infosec or his designee was involved. We actually used to get some
pretty good information back. Post-911 I think things have changed
organizationally rather drastically with DHS, NERC-CIP ETC ETC . I know
the current mgr is in very close contact with the feds but I think it is
via different mechanisms.

-Original Message-
From: Roger Wright [mailto:rhw...@gmail.com] 
Sent: Tuesday, April 20, 2010 11:12 AM
To: NT System Admin Issues
Subject: Infragard

http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?



Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: need suggestions...iPad in a Windows enterprise, anyone?

[Silvio L. Nisgoski]

But then you would need to configure it to just access the Citrix server, in 
your case. After some time, people would ask to be able to access other 
systems, because program X is very good to use in the iPad, etc etc.


Then you have to let them use the tablet to access e-mail. The why not that 
online radio / voip application, because "insert-excuse-here "


I believe like all kinds of technology, if HR helps IT inforce the necessary 
policies, and the thing solves a problem or is a better / cheaper solution 
than the other options, there is no problem. As Bill Mayo put, IT is about 
to help run the business, not encumbers it.


We support a cardiac ressonance equipment that still runs on NT..*argh*. But 
opinions aside, it works well. Now if I could just get the doctors to stop 
trying to access orkut in the thing...






- Original Message - 
From: "Raper, Jonathan - Eagle" 

To: "NT System Admin Issues" 
Sent: Wednesday, April 21, 2010 11:33 AM
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?


If you provide a guest network "as-is", and allow them access only through 
the guest network (provided that the traffic is truly segregated from your 
production network) and you throttle the guest network, who cares? They 
would still be subject to any internet usage policy you have in place...


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone wants 
to connect their iPad to my network--a network it's sharing with other 
devices that are managed and known to be secure--how do I know the device is 
secure? How do I prevent my iPad users from installing and running 
unapproved applications that could interfere with the performance and 
security of my network?


The touch interface isn't a toy. Windows 7 provides such an interface. Plus, 
Windows 7 comes in flavors that are designed for the enterprise. The iPad 
was designed as a consumer device--not a device for the enterprise.


At least from what I can tell. But I'd love to be wrong on this, because we 
like the idea of the iPad here, too.




John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to me.  And really, there is no comparison to an
interface that is designed for touch versus any regular old application
in which you simply use your finger or, heaven forbid, a stylus as some
kind of proxy for a mouse.

Real IT is about helping people do their jobs better in a fashion that
is economical and protects your companies assets (data and physical).
Standards are important, but there needs to be a solid reason for them.

Bill


NOTICE: Florida has a broad public records law. Most written communications 
to or from this entity are public records that will be disclosed to the 
public and the media upon request. E-mail communications may be subject to 
public disclosure.



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message 
may contain information that is confidential and/or legally privileged. It 
is intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recip

RE: UPSes

[Phillip Partipilo]

Eaton/Powerware/Best is another top notch brand. Probably more geared towards 
larger applications (?).  Worked with a rather large FerrUPS way back when.  It 
was pretty neat.  It had a wyse/vt100 terminal attached to it, and it could 
spit out, in a textmode graphic of sorts, a visual representation of the 
incoming AC waveform, amongst other cool things.  No PC or software needed, 
just a dumb terminal.  It was truly huge for its capacity, but I think that was 
already 10+ years old when I was started there, and it was still running strong 
5 years later when I left.


Phillip Partipilo
Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, April 21, 2010 10:33 AM
To: NT System Admin Issues
Subject: Re: UPSes

  I've also used Eaton (AKA PowerWare, AKA Best Power) UPSes before
with good results.  They also offer double conversion models.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[John Hornbuckle]

We have an iPad touch scheduled for delivery here on Friday. Any pointers as to 
enterprise management apps? I have no clue how to lock one of those things 
down, and deploy apps to it centrally.

I haven't played with the Win7 touch interface, either. My understanding is 
that it's multitouch. But just because the OS is designed for that doesn't mean 
the apps are. App developers have to get on board.



John

-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Wednesday, April 21, 2010 10:52 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

The biggest complaint folks have about the iPhone/iPod Touch/iPad is
that you can't install just any application.  In other words (short of
jailbreaking) you can't install any applications that aren't either
distributed by your IT department or available in the app store.  If you
mean can you keep people from installing other apps from the app store,
the honest answer is I don't know.  Apple does have some tools for the
enterprise, but I don't know if they allow you to lock down the
installed applications.

I haven't personally used Windows 7, so I can't speak to the "touch
interface" to which you refer.  Based on past Microsoft products,
though, I tend to believe you are talking about something where touch
screens are supported, and not what I would call a touch interface.  I
know that the tablet interface that Microsoft originally came out was
absolutely no different than the standard windows interface, you just
used a stylus instead of a mouse, and it would let you do some
handwritten stuff (like the Newton did, lo those many years ago).  That
is not the same; it is kind of like saying that Windows 1.0 had a GUI
interface, where all it really did was let you use a mouse to move the
cursor around.  A lot of folks were surprised that Apple put the iPhone
interface on the iPad, instead of Mac OS X (disappointed, even).
Apple's argument is that you can't just slap a touch interface on top of
an application that was written for a mouse-driven interface.  Or
rather, you can, but there isn't much of a point.  This is really the
problem with things like Flash on a mobile platform.  It depends so
heavily on rollover type effects, what does that mean when you are using
your finger?  It's a whole different paradigm, and Apple is saying that
you have to rethink everything.  A whole, whole lot of folks who have
picked up an iPhone or iPad seem to agree.  People love them because the
interface is designed to be used with your fingers.

I don't disagree that the iPad was designed as a consumer device.  That
doesn't mean that it can't serve some functions in some industries,
though.

Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone
wants to connect their iPad to my network--a network it's sharing with
other devices that are managed and known to be secure--how do I know the
device is secure? How do I prevent my iPad users from installing and
running unapproved applications that could interfere with the
performance and security of my network?

The touch interface isn't a toy. Windows 7 provides such an interface.
Plus, Windows 7 comes in flavors that are designed for the enterprise.
The iPad was designed as a consumer device--not a device for the
enterprise.

At least from what I can tell. But I'd love to be wrong on this, because
we like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; real men don't use GUIs, etc.  Now, folks act
like the mouse-based GUI is the end-all of user interfaces and the touch
interface is a toy.  Nobody (well, at least not me) is saying that a
touch interface is the proper solution to every problem, but I think
there is no question that it is the answer to some problems, and this
sure sounds like one to 

New Forefront question

[Joseph Heaton]

I'm currently running SEP11 on my own machine.  I want to add my machine to my 
test group for Forefront Client Security.  Does Forefront cleanly remove SEP?  
(I'm thinking not, but figured I'd ask) or do I need to manually uninstall, and 
hope I can clean all the cruft left behind?


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: UPSes

[Angus Scott-Fleming]

Re-asking the main question:

On 20 Apr 2010 at 19:08, Angus Scott-Fleming  wrote:

> Does anyone here have experience with their network software? APC wants $280
> for a 5-to-25-user version of their network console. TrippLite has a free
> network console for up to 250 stations. 



--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-895-3270
Security Blog: http://geoapps.com/



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: UPSes

[Angus Scott-Fleming]

[correcting the gag-me-with-a-shovel apostrophized subject]

On 16 Apr 2010 at 10:37, Andrew S. Baker  wrote:

> APC used to be wy ahead of the pack, but I don't find that to be ture
> anymore.  Their quality has gone down a little, and the quality of the other
> players in this space have gone up quite a bit. 
> 
> I'm fine with Tripplite, APC and CyberPower UPS products in the 500VA to
> 3000VA range. 

The consensus in the current threads on UPS is "APC is the Cadillac" but that 
you pay Cadillac prices for them.  

One thing that really torques me about APC is their insistence on using custom, 
non-standard interfaces like the $30+-to-replace RJ-50-to-USB cables they 
currently use, and the $35+-to-replace non-standard "RS-232" cables they used 
to use -- why not use a standard USB A-to-B cable like TrippLite?  G!

Most modern PCs no longer have RS-232 ports, so refurb units with RS-232 cables 
are off the table for my clients.  Once you add the cost of purchasing and 
configuring a USB-to-RS-232 adapter, you've lost a good chunk of the  cost 
savings and there's no guarantee the UPS software will work with it.



--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-895-3270
Security Blog: http://geoapps.com/



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: UPSes

[Raper, Jonathan - Eagle]

We purchased a handful of mid-sized TrippLite UPSes (somewhere between 1000 and 
3000 VA) for phone systems back in 2002/2003. The management interface was 
horrible, and the Management cards themselves were more than a little 
unreliable. If they were out of warranty, TrippLite offered ZERO support, not 
even a pay per incident. In order to get support I would have had to buy new 
management cards...

Needless to say we are a 100% APC shop now, and are satisfied. FWIW, we also 
bought infrastruXure manager to centrally manage all of our closet systems 
along with our Data Center.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Wednesday, April 21, 2010 11:20 AM
To: NT System Admin Issues
Subject: Re: UPSes

Re-asking the main question:

On 20 Apr 2010 at 19:08, Angus Scott-Fleming  wrote:

> Does anyone here have experience with their network software? APC wants $280
> for a 5-to-25-user version of their network console. TrippLite has a free
> network console for up to 250 stations.



--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-895-3270
Security Blog: http://geoapps.com/








Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Free, Bob]

My experience was much the same, one was a 1500 and one a 2200. I think
they are both of near the same vintage. I *thought* I ruled out the UPS
for the one server that did it nearly daily when I moved it to the
larger one for a while then it happened again, just at a different
interval and lower frequency. Replaced all the batteries and it's a lot
better. I should get off my duff and connect and configure PowerChute
but that is a PITA  covered in another thread and they are just lab
servers so they don't have any priority.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Wednesday, April 21, 2010 8:03 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I've had it on two different UPS units. First one had other servers on
it (load was at 50%), but none of the other servers had an issue. I
moved it to a new UPS (both are Smart-UPS 1500 units from APC) that had
nothing else on it. Still did the reboots. That's a good suggestion,
though. I didn't think of that when I moved it. I was more concerned
with isolating the server from the other ones.

 

Thank you,

 

Kyle B. Plummer

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 21, 2010 10:55 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have had similar spontaneous shutdowns that were unexplained till I
realized they were actually caused by the APC UPS's in my lab/office.
One did it nearly daily till I just happened to be there to observe it
and realize what was going on.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have it on an APC Smart-UPS 1500, very light load. I have my own AC
and keep the server room around 68 or so. Good airflow. No dust build up
inside the case. I'll try swapping the power supply itself with a known
good one to see if that helps.

 

Thank you,

 

Kyle B. Plummer

 

From: Mathew Shember [mailto:mathew.shem...@synopsys.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Bad power supply?  

 

How is the circuit load?

 

 

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by

Re: need suggestions...iPad in a Windows enterprise, anyone?

[Eric Brouwer]

I don't think you're reverse paradigm analogy is totally accurate.  I  
assume the doc in question wants to introduce an iPad for a specific  
reason that he thinks will accomplish a new goal, or achieve an  
existing goal in a new/better way.  Is this a fair assumption.


Unless you recommending a new X-ray machine that allows for better  
scans, has less radiation, etc. the analogy isn't accurate.


On Apr 21, 2010, at 10:49 AM, Charlie Kaiser wrote:

As I said, most docs think they're pretty smart and they are. But an  
MD
and/or EE degree doesn't necessarily put them in a position to make  
good IT
decisions; there's a completely different set of knowledge and  
experience

required. Knowing the difference between mobile devices from a
security/manageability/compatibility POV is an IT skill specific to  
our
world. It's the reverse paradigm for me not recommending a specific  
X-ray

machine for their use...

But I hear you on the "they write my check" thing. That's why I  
avoid med

clients... :-)

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, April 21, 2010 7:02 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Yeah, but, that's easier said then done when you're talking
to the people who made the decision to hire you in the first place.

For what it is worth, I have some VERY intelligent,
practical, and forward thinking physicians on my IT
Committee. One has a BS in Electrical Engineering from MIT.
And another has been doing voice recognition for so long
(well over 10 years) that he probably was one of the
co-inventors of the technology (TIC, but you know what I
mean). Oh, and he writes VB for fun, too.

So, while my flinch response might be to agree with you as a
generalization, the docs who are asking aren't just asking
because it is a cool new toy that they want to play with.
(Although admittedly, it is a cool new toy...)

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Charlie Kaiser [mailto:charl...@golden-eagle.org]
Sent: Wednesday, April 21, 2010 9:53 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

"Hey doc; I won't make patient care recommendations if you
don't make IT recommendations."
One of the reasons I avoid health care clients is because IME
doctors think their education and training makes them experts
in everything. And they've been the worst when it comes to
allowing "properly" managed IT services...
Little things like HIPAA just annoy them...

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, April 21, 2010 6:23 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows

enterprise, anyone?


The argument from one of my physicians is that the iPad is under
$1,000, while the Tablet PCs we're purchasing are

essentially double

that, and the battery life is longer.



We now have physicians who are starting to ask for iPad

access on the network. I'm not sure why



~ Finally, powerful endpoint security that ISN'T a resource
hog! ~ ~
  ~

Any medical information contained in this electronic message
is CONFIDENTIAL and privileged. It is unlawful for
unauthorized persons to view, copy, disclose, or disseminate
CONFIDENTIAL information. This electronic message may contain
information that is confidential and/or legally privileged.
It is intended only for the use of the individual(s) and/or
entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender
immediately and delete this material from your computer. Do
not deliver, distribute or copy this message, and do not
disclose its contents or take any action in reliance on the
information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource
hog! ~ ~
  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



Eric Brouwer
IT Manager
www.forestpost.com
er...@forestpost.com
248.855.4333





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Mayo, Bill]

http://www.apple.com/ipad/business/ has links to "Configuration Utility"
and "Enterprise Deployment Scenarios".

HTH,
Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Wednesday, April 21, 2010 11:13 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

We have an iPad touch scheduled for delivery here on Friday. Any
pointers as to enterprise management apps? I have no clue how to lock
one of those things down, and deploy apps to it centrally.

I haven't played with the Win7 touch interface, either. My understanding
is that it's multitouch. But just because the OS is designed for that
doesn't mean the apps are. App developers have to get on board.



John

-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:52 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

The biggest complaint folks have about the iPhone/iPod Touch/iPad is
that you can't install just any application.  In other words (short of
jailbreaking) you can't install any applications that aren't either
distributed by your IT department or available in the app store.  If you
mean can you keep people from installing other apps from the app store,
the honest answer is I don't know.  Apple does have some tools for the
enterprise, but I don't know if they allow you to lock down the
installed applications.

I haven't personally used Windows 7, so I can't speak to the "touch
interface" to which you refer.  Based on past Microsoft products,
though, I tend to believe you are talking about something where touch
screens are supported, and not what I would call a touch interface.  I
know that the tablet interface that Microsoft originally came out was
absolutely no different than the standard windows interface, you just
used a stylus instead of a mouse, and it would let you do some
handwritten stuff (like the Newton did, lo those many years ago).  That
is not the same; it is kind of like saying that Windows 1.0 had a GUI
interface, where all it really did was let you use a mouse to move the
cursor around.  A lot of folks were surprised that Apple put the iPhone
interface on the iPad, instead of Mac OS X (disappointed, even).
Apple's argument is that you can't just slap a touch interface on top of
an application that was written for a mouse-driven interface.  Or
rather, you can, but there isn't much of a point.  This is really the
problem with things like Flash on a mobile platform.  It depends so
heavily on rollover type effects, what does that mean when you are using
your finger?  It's a whole different paradigm, and Apple is saying that
you have to rethink everything.  A whole, whole lot of folks who have
picked up an iPhone or iPad seem to agree.  People love them because the
interface is designed to be used with your fingers.

I don't disagree that the iPad was designed as a consumer device.  That
doesn't mean that it can't serve some functions in some industries,
though.

Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone
wants to connect their iPad to my network--a network it's sharing with
other devices that are managed and known to be secure--how do I know the
device is secure? How do I prevent my iPad users from installing and
running unapproved applications that could interfere with the
performance and security of my network?

The touch interface isn't a toy. Windows 7 provides such an interface.
Plus, Windows 7 comes in flavors that are designed for the enterprise.
The iPad was designed as a consumer device--not a device for the
enterprise.

At least from what I can tell. But I'd love to be wrong on this, because
we like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds like they have a valid
point.  I think there is a real mindset in IT these days that if it is
not Microsoft, it is bad.  This is no different than 30 years ago when
it was all-IBM all the time.  IMHO, the touch interface that Apple has
designed on these devices is as revolutionary as the mouse/GUI interface
was in the DOS days.  In a similar vein, the arguments I hear sound a
lot like the ones that were made when the first Macintosh was
introduced: it's a toy; re

McAfee DAT problems

[Erik Goldoff]

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Don Guyer]

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com  

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Ziots, Edward]

I am seeing problems with Systems reporting Wecorl.a infections and
shutting down. Are you seeing the same issue? 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Wednesday, April 21, 2010 11:51 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New Forefront question

[Joseph L. Casale]

>I'm currently running SEP11 on my own machine.  I want to add my machine to my 
>test group for Forefront Client Security.  Does Forefront cleanly remove SEP?  
>(I'm thinking not, >but figured I'd ask) or do I need to manually uninstall, 
>and hope I can clean all the cruft left behind?

Nope, it doesn't do any of that unfortunately...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Symantec v6.5 Install Issue

[John Bowles]

All-

I'm trying to install Symanted Mail Security for Exchange product on my E2K10 
server.  The issue I'm having is at the section where it's prompting you for 
service account information.  It's asking for you to provide the 
domain\username and password.  I provide this information and it tells me that 
this account doesn't have a mailbox (which it does) or the username needs to be 
changed.

I've tried several accounts.. and I get the same issue for each one.  Any 
suggestions?

Thank you,



John Bowles 



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Don Guyer]

Sorry to hear that. Nope.

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com  

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, April 21, 2010 11:55 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

I am seeing problems with Systems reporting Wecorl.a infections and
shutting down. Are you seeing the same issue? 

 

Z

 

Edward Ziots

CISSP,MCSA,MCP+I,Security +,Network +,CCA

Network Engineer

Lifespan Organization

401-639-3505

ezi...@lifespan.org

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Wednesday, April 21, 2010 11:51 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Free, Bob]

http://isc.sans.org/diary.html?storyid=8656&rss

 

 

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 8:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

[Raper, Jonathan - Eagle]

Bill, thanks for the link. This is VERY interesting.

I now feel the need to buy one just to test these things out...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 11:38 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

http://www.apple.com/ipad/business/ has links to "Configuration Utility"
and "Enterprise Deployment Scenarios".

HTH,
Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 11:13 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

We have an iPad touch scheduled for delivery here on Friday. Any
pointers as to enterprise management apps? I have no clue how to lock
one of those things down, and deploy apps to it centrally.

I haven't played with the Win7 touch interface, either. My understanding
is that it's multitouch. But just because the OS is designed for that
doesn't mean the apps are. App developers have to get on board.



John

-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:52 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

The biggest complaint folks have about the iPhone/iPod Touch/iPad is
that you can't install just any application.  In other words (short of
jailbreaking) you can't install any applications that aren't either
distributed by your IT department or available in the app store.  If you
mean can you keep people from installing other apps from the app store,
the honest answer is I don't know.  Apple does have some tools for the
enterprise, but I don't know if they allow you to lock down the
installed applications.

I haven't personally used Windows 7, so I can't speak to the "touch
interface" to which you refer.  Based on past Microsoft products,
though, I tend to believe you are talking about something where touch
screens are supported, and not what I would call a touch interface.  I
know that the tablet interface that Microsoft originally came out was
absolutely no different than the standard windows interface, you just
used a stylus instead of a mouse, and it would let you do some
handwritten stuff (like the Newton did, lo those many years ago).  That
is not the same; it is kind of like saying that Windows 1.0 had a GUI
interface, where all it really did was let you use a mouse to move the
cursor around.  A lot of folks were surprised that Apple put the iPhone
interface on the iPad, instead of Mac OS X (disappointed, even).
Apple's argument is that you can't just slap a touch interface on top of
an application that was written for a mouse-driven interface.  Or
rather, you can, but there isn't much of a point.  This is really the
problem with things like Flash on a mobile platform.  It depends so
heavily on rollover type effects, what does that mean when you are using
your finger?  It's a whole different paradigm, and Apple is saying that
you have to rethink everything.  A whole, whole lot of folks who have
picked up an iPhone or iPad seem to agree.  People love them because the
interface is designed to be used with your fingers.

I don't disagree that the iPad was designed as a consumer device.  That
doesn't mean that it can't serve some functions in some industries,
though.

Bill

-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, April 21, 2010 10:29 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

How is iPad patch management and configuration handled? When someone
wants to connect their iPad to my network--a network it's sharing with
other devices that are managed and known to be secure--how do I know the
device is secure? How do I prevent my iPad users from installing and
running unapproved applications that could interfere with the
performance and security of my network?

The touch interface isn't a toy. Windows 7 provides such an interface.
Plus, Windows 7 comes in flavors that are designed for the enterprise.
The iPad was designed as a consumer device--not a device for the
enterprise.

At least from what I can tell. But I'd love to be wrong on this, because
we like the idea of the iPad here, too.



John Hornbuckle
MIS Department
Taylor County School District
www.taylor.k12.fl.us







-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Wednesday, April 21, 2010 10:08 AM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Fair enough, but what is your counter-argument to what is stated?  If
the device is acting as a Citrix client, costs only $500, and the
battery lasts their entire shift, it sounds lik

RE: McAfee DAT problems

[Erik Goldoff]

I’ve only heard through the grapevine, colleagues supporting clients other
than mine had to leave a conference call due to DAT issues with 5958, I
don’t know if it was shutdowns or reboots, and/or different for servers and
EUCs … which is why I asked.

 

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Wednesday, April 21, 2010 11:51 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Printer managment

[tony patton]

Here's a WIP of mine at the minute, a bit buggy at the minute, has a 
tendency to delete the wrong printer :)

Not the tidiest, written in about 20 minutes and hasn't been looked at in 
a couple of months so never went live.
IF I ever get round to finishing it, it'll run as part of the login 
script.
Usual disclaimer, use at own risk :)

The script is supposed to do 2 things:
1. rename the server to an alias if it isn't already using it
2. rename the queue if it's an old one

The 6 queues in this script were replaced over time by 1 physical printer, 
we have about another 5 physical printers on top of this with at least 4 
redundant queues each.

The first part of the printersX line is the current old name, the second 
is the new one to map it to.

8<--

Dim printersX(5)

printersX(0) = "NewBus_2870_096;Cvn_QFS_1stRight_VP2050"
printersX(1) = "Oce_CustCare_3511_234;Cvn_QFS_1stRight_VP2050"
printersX(2) = "HP LaserJet 4100 Series Renewals;Cvn_QFS_1stRight_VP2050"
printersX(3) = "Accounts_4100_55;Cvn_QFS_1stRight_VP2050"
printersX(4) = "CustCare_4050_022;Cvn_QFS_1stRight_VP2050"
printersX(5) = "Finance_Canon_123.232;Cvn_QFS_1stRight_VP2050"
strComputer = "."

Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colInstalledPrinters =  objWMIService.ExecQuery("Select * from 
Win32_Printer")

For Each objPrinter in colInstalledPrinters
If Left(objprinter.name,2)="\\" Then
myarray = Split(objprinter.name,"\",4)
myarray(2) = LCase(myarray(2))
If myarray(2) = "server_alias" Or myarray(2) = 
"printserver1" Or myarray(2) = "printserver2" Then
For Each print1 In printersX
strprint = Split(print1,";",2)
'If LCase(myarray(2)) <> "server_alias" 
Then
'   myarray(2) = "server_alias"
'End If
If strprint(0) = myarray(3) Then
WScript.Echo "'" & strprint(0) & 
"' has been replaced by '" & strprint(1) & "'"
'Set objNetwork = 
WScript.CreateObject("WScript.Network")
'objNetwork.RemovePrinterConnection 
objPrinter.Name
'WScript.Echo "Adding printer : " & 
strprint(1)
'objnetwork.AddWindowsPrinterConnection 
"\\server_alias\" & strprint(1)
'Set objNetwork = Nothing
'If objPrinter.Default = "True" Then
'   Set colInstalledPrinters2 = 
objWMIService.ExecQuery("Select * from Win32_Printer Where Name ='" & 
strprint(1) & "'")
'   For Each objprinter2 In 
colInstalledPrinters2
' objPrinter2.setdefaultPrinter()
'   Next
'End If
ReconnectPrinters objPrinter.name, 
"\\server_alias", strprint(1)
Exit For
ElseIf myarray(2) <> "server_alias" Then
ReconnectPrinters objPrinter.Name, 
"\\server_alias", myarray(3)
Exit For
End If
Next
End If
End If
Next

Sub ReconnectPrinters(strOldPrinter, strServer, strPrinter)
WScript.Echo "Deleting printer : " & strOldPrinter
Set objNetwork = WScript.CreateObject("WScript.Network")
objNetwork.RemovePrinterConnection strOldPrinter
WScript.Echo "Adding printer : " & strprinter
objnetwork.AddWindowsPrinterConnection strserver & "\" & strprinter
Set objNetwork = Nothing
If objPrinter.Default = "True" Then
Set colInstalledPrinters2 = objWMIService.ExecQuery("Select * from 
Win32_Printer Where Name ='" & strprinter & "'")
For Each objprinter2 In colInstalledPrinters2
objPrinter2.setdefaultPrinter()
Next
End If
End Sub

8<--

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com



From:
Gavin Wilby 
To:
"NT System Admin Issues" 
Date:
21/04/2010 14:21
Subject:
Printer managment



Hi All,
 
I have taken over yet another site of around 50 users, all on XP 
workstations. They have a 2003 server that acts as a DC, and file and 
print server.
 
They have around 20 odd network printers scattered over 4 floors, that 
have all sorts of names and network addresses.
 
I want to rename them logically and give them all static addresses in 
order of their name, so Laser 1 would be 192.168.100.201 for example.
 
Normally we wou

RE: Domain controllers, what is supposed to happen.

[Reimer, Mark]

Thanks for the help and articles. Everything is working just fine when both 
DC’s are up and running.

 

I talked with the user who couldn’t connect. He had trouble shutting down 
(unrelated issue). Others who had troubles were going again a few minutes later 
(not sure if they rebooted, or if things just started working). So it appears 
all was working as it should have been.

 

Thanks again for clarification, help, advice, etc.

 

Mark

 

From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Wednesday, April 21, 2010 8:28 AM
To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen.

 

I could ask you the same question. The article does not specifically say to 
keep the FSMO roles on one DC, in fact it makes recommendations on how to 
separate them.  This article is a guide, not an absolute. It makes 
recommendations based on different factors. My suggestion based on this 
guideline and Mark's infrastructure would be the following: 

Server1 
RID 
PDC 

Server2 
schema master 
domain naming master 
infrastructure master 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 



From:Andrew Levicki  
To:"NT System Admin Issues"  
Date:04/21/2010 10:18 AM 
Subject:Re: Domain controllers, what is supposed to happen. 






Where does it say that?

2010/4/21 Christopher Bodnar mailto:christopher_bod...@glic.com> > 
Sorry but I have to disagree with you. I believe the recommendation of the 
article is to divide the FSMO roles, giving guidance on how to do that. 


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com  
Phone: 610-807-6459
Fax: 610-807-6003 



From:Andrew Levicki mailto:and...@levicki.me.uk> 
> 
To:"NT System Admin Issues" mailto:ntsysadmin@lyris.sunbelt-software.com> > 
Date:04/21/2010 10:06 AM 
Subject:Re: Domain controllers, what is supposed to happen. 






Hi Mark, 

Have a read of this and see what you think: 
http://support.microsoft.com/kb/223346  
 

You're not the first person I've encountered who thinks that about FSMO roles 
but I think Microsoft are pretty clear on this one. 

I'd probably rip WINS out if it's not needed, by the way. 

Cheers, 

Andrew 

2010/4/21 Reimer, Mark mailto:mark.rei...@prairie.edu> > 
I thought I read somewhere (this is years ago), that FSMO roles should be 
split, with some qualifications (some FSMO roles had to be connected together 
on the same machine). 

  

DHCP is from server2 (yes, one of the DC’s). 

  

WINS. Not sure if there is a real requirement. 

  

Not sure if a reboot was done. I’ll check with the user today. 

  

Thanks for the advice/comments. 

  

Mark 

  

From: Andrew Levicki [mailto:and...@levicki.me.uk  
] 
Sent: Wednesday, April 21, 2010 7:40 AM 


To: NT System Admin Issues
Subject: Re: Domain controllers, what is supposed to happen. 

  

Hi Mark, 

  

I have a couple of questions if you don't mind. Firstly why have you split the 
FSMO roles out on to two different domain controllers? It's not that it's wrong 
or anything, it's just simpler (and Microsoft's recommendation) to keep them 
all on one domain controller unless there is a specific need to do otherwise. 

  

Secondly, which server(s) is/are your DHCP server? Another server right? Not 
one of the domain controllers? 

  

Thirdly, what is your requirement for WINS, out of interest? 

  

To answer your questions, yes the DNS/WINS services on the remaining domain 
controller should have fulfilled client requests, so I would certainly look 
into why that didn't happen. Did anyone try rebooting their PCs, as that may 
have helped? 

  

If you had been unable to get Server1 running again then yes you would have had 
to seize the domain-wide FSMO roles (RIP) from Server1 on to Server2 and modify 
your DNS/WINS. But don't try and bring Server1 back up at this point ("Then 
work on getting Server1 running again, or replacing it."), you must rebuild or 
replace it. 

  

Regards, 

  

Andrew 

  

  

On 21 April 2010 22:14, Reimer, Mark mailto:mark.rei...@prairie.edu> > wrote: 

Sorry, long email. 

  

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations. 

  

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC’s. 

  

In the DHCP settings workstat

Web filtering solutions

[James Rankin]

We are looking to cut costs at the minute and the issue of our web filtering
solution has come up. Currently we use WebSense Enterprise in a mixed Citrix
/ Xen / VMWare View environment which makes the WebSense implementation a
little challenging at the best of times. We're not bothered about whether it
is a hardware or software solution, but ease of setup is probably a primary
factor in our needs. Does anyone have any particular recommendations, or
know of any solutions that we should avoid like the plague? All of our users
are on Windows of one sort or another, and we'd probably like something that
had half-decent reporting - but as I said, the ease of setup is most likely
the biggest factor in our equation.

TIA for any suggestions,




JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[David Lum]

Here's McAfee's official word. I got this e-mail from them about 30 minutes ago.

Dave

From: McAfee [mailto:mca...@connect.mcafee.com]
Sent: Wednesday, April 21, 2010 9:06 AM
To: David Lum
Subject: McAfee SNS ALERT: w32/wecorl.a False Positive in 5958 DAT

McAfee is aware of a w32/wecorl.a false positive with the 5958 DAT file April 
21 at  2:00pm (GMT +1). McAfee advises NOT to download this DAT. Please disable 
pull tasks and update tasks.

Information updates will be sent every 90 minutes to keep you advised.


McAfee Support Notification Service (SNS) provides valuable information to help 
you maximize the functionality and protection capabilities of your McAfee 
products.

To manage your SNS email preferences, please go to the SNS Subscription Center 
at 
http://my.mcafee.com/content/SNS_Subscription_Center
(NOTE: This URL ensures your previous preferences are populated for your 
review).
For Support issues, contact your Support Account Manager (SAM), or go to 
https://mysupport.mcafee.com.
For McAfee Security Quickstart services, go to 
http://www.mcafeequickstart.com.
For other questions, go to 
http://www.mcafee.com/us/about/contact/index.html
 and select the appropriate contact link.

McAfee, Inc. | 3965 Freedom Circle | Santa Clara, CA | 95054 | 888.847.8766 | 
www.mcafee.com

McAfee and/or additional marks herein are registered trademarks or trademarks 
of McAfee, Inc. or its affiliates in the US and other countries. All other 
registered and unregistered trademarks herein are the sole property of their 
respective owners. (c) 2010 McAfee, Inc. All rights reserved.




From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, April 21, 2010 9:11 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

http://isc.sans.org/diary.html?storyid=8656&rss



From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Wednesday, April 21, 2010 8:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

Anyone else heard of problems with the latest McAfee DAT (5958) ???

Erik Goldoff
IT  Consultant
Systems, Networks, & Security
'  Security is an ongoing process, not a one time event ! '









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Maglinger, Paul]

Yep.  We got hit with it and are in the process of cleaning up.

 

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 10:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Maglinger, Paul]

This is nasty.  It's putting the svchost.exe in quarantine and causing
the system to bomb.  When the system comes back up the taskbar is
missing, no network connectivity, half the services aren't running and
can't be started.  You can't even do a system restore point.

 

Right now we've removed the latest DAT, un-quarantined the file,
un-installed McCrappy, and go back to a restore point and that seems to
be working.  We're trying to find a way to streamline it.  

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:13 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

I've only heard through the grapevine, colleagues supporting clients
other than mine had to leave a conference call due to DAT issues with
5958, I don't know if it was shutdowns or reboots, and/or different for
servers and EUCs ... which is why I asked.

 

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Wednesday, April 21, 2010 11:51 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New Forefront question

[Joseph Heaton]

Didn't figure it did, but thanks for the verification.

Has anyone out there done an extensive migration from Symantec to Forefront?  
Is it possible to script/automate the uninstallation of Symantec?

>>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>
>I'm currently running SEP11 on my own machine.  I want to add my machine to my 
>test group for Forefront Client Security.  Does Forefront cleanly remove SEP?  
>(I'm thinking not, >but figured I'd ask) or do I need to manually uninstall, 
>and hope I can clean all the cruft left behind?

Nope, it doesn't do any of that unfortunately...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Web filtering solutions

[Richard Stovall]

When I swapped out our Pixes a few months ago we also dropped our
SmartFilter subscription.  The SonicWalls we moved to do UTM and content
Filtering.  It's not as good as SmartFilter was, and is not as mature.  For
our sized shop, however, it made a great deal of economic sense to do it the
way we did.  The cost advantage far outweighed the marginal benefits
provided by SmartFilter.  Two NSA 240s with failover, UTM, content
filtering, and 3 years of support + updates was only a few hundred dollars
more than 1 year of the SmartFilter subscription.  Over the same 3 years the
savings will be over $5,000.  (Tack on another $10,000 or so in savings by
not replacing the Pixes with equivalent ASAs.)

Even if the above is not helpful because its tied to the SonicWall hardware,
I can definitely recommend SmartFilter as a solution that worked well for
us.

On Wed, Apr 21, 2010 at 12:19 PM, James Rankin wrote:

> We are looking to cut costs at the minute and the issue of our web
> filtering solution has come up. Currently we use WebSense Enterprise in a
> mixed Citrix / Xen / VMWare View environment which makes the WebSense
> implementation a little challenging at the best of times. We're not bothered
> about whether it is a hardware or software solution, but ease of setup is
> probably a primary factor in our needs. Does anyone have any particular
> recommendations, or know of any solutions that we should avoid like the
> plague? All of our users are on Windows of one sort or another, and we'd
> probably like something that had half-decent reporting - but as I said, the
> ease of setup is most likely the biggest factor in our equation.
>
> TIA for any suggestions,
>
>
>
>
> JRR
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

[Kyle Plummer]

Did you have other servers hooked up to the same UPS when the server was
rebooting? And it only affected the one server? Unfortunately for me,
this is a production server - in this case a DC. Fortunately for me, it
is just a backup DC so no one is missing it.

 

Kyle B. Plummer

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 21, 2010 11:29 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

My experience was much the same, one was a 1500 and one a 2200. I think
they are both of near the same vintage. I *thought* I ruled out the UPS
for the one server that did it nearly daily when I moved it to the
larger one for a while then it happened again, just at a different
interval and lower frequency. Replaced all the batteries and it's a lot
better. I should get off my duff and connect and configure PowerChute
but that is a PITA  covered in another thread and they are just lab
servers so they don't have any priority.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Wednesday, April 21, 2010 8:03 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I've had it on two different UPS units. First one had other servers on
it (load was at 50%), but none of the other servers had an issue. I
moved it to a new UPS (both are Smart-UPS 1500 units from APC) that had
nothing else on it. Still did the reboots. That's a good suggestion,
though. I didn't think of that when I moved it. I was more concerned
with isolating the server from the other ones.

 

Thank you,

 

Kyle B. Plummer

 

From: Free, Bob [mailto:r...@pge.com] 
Sent: Wednesday, April 21, 2010 10:55 AM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have had similar spontaneous shutdowns that were unexplained till I
realized they were actually caused by the APC UPS's in my lab/office.
One did it nearly daily till I just happened to be there to observe it
and realize what was going on.

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

I have it on an APC Smart-UPS 1500, very light load. I have my own AC
and keep the server room around 68 or so. Good airflow. No dust build up
inside the case. I'll try swapping the power supply itself with a known
good one to see if that helps.

 

Thank you,

 

Kyle B. Plummer

 

From: Mathew Shember [mailto:mathew.shem...@synopsys.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Bad power supply?  

 

How is the circuit load?

 

 

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it

RE: Domain controllers, what is supposed to happen.

[Carl Houseman]

When XP is using the secondary DNS and I want it to use the primary which is
now available, I just disable/re-enable the NIC. I believe this holds true
for Vista/7 as well.

 

If the primary was working and then becomes unavailable, I find that it will
keep trying it, timeout (30 seconds), then use the secondary.  But it should
definitely fail over to secondary servers with some annoying delay.
Bouncing the NIC will eliminate the delay.

 

Also the SP3 IP stack is modern, not old.  It was completely replaced in SP3
using the same codebase as Vista.

 

Carl

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Wednesday, April 21, 2010 9:24 AM
To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

 

It's possible that XP may require a reboot before it retires an unreachable
DNS server. I dunno. But it should work just fine.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Reimer, Mark [mailto:mark.rei...@prairie.edu] 
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

 

Sorry, long email.

 

Windows 2003 Native Domain, two domain controllers, server1 and server2.
Workstations are primarily XP, some Windows 7. Other servers (file server,
email etc) are all Windows 2003. We have about 150 workstations.

 

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema
Master. Both are GC's.

 

In the DHCP settings workstations get both server's IP's as DNS. Server2 is
listed first, then server1. Primary WINS server is server1, secondary is
Server2.

 

Last night Server1 went down. It was off hours, but I got a call from some
late night worker (using XP), saying they couldn't do anything. Couldn't
reach any of the servers, or internet. I was able to get the server going
again (bad memory chip, so I just took it out).

 

I thought that if one server went down, the DNS/WINS look up would go to the
other server. But it might be slower (note, I didn't try any of this, just
going on what the user said). Comments?

 

If I didn't get Server1 running again, what should I have done? I assume I
should do the following.

 

1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out
Server1 as DNS/WINS possibilities.

 

Then work on getting Server1 running again, or replacing it.

 

Did I miss anything?

 

Thanks for any help and insight you can give.

 

Mark

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: McAfee DAT problems

[Erik Goldoff]

Ouch …

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Wednesday, April 21, 2010 12:33 PM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

This is nasty.  It’s putting the svchost.exe in quarantine and causing the
system to bomb.  When the system comes back up the taskbar is missing, no
network connectivity, half the services aren’t running and can’t be started.
You can’t even do a system restore point.

 

Right now we’ve removed the latest DAT, un-quarantined the file,
un-installed McCrappy, and go back to a restore point and that seems to be
working.  We’re trying to find a way to streamline it.  

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:13 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

I’ve only heard through the grapevine, colleagues supporting clients other
than mine had to leave a conference call due to DAT issues with 5958, I
don’t know if it was shutdowns or reboots, and/or different for servers and
EUCs … which is why I asked.

 

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Wednesday, April 21, 2010 11:51 AM
To: NT System Admin Issues
Subject: RE: McAfee DAT problems

 

My clients are just starting to update, a handful already have it, no
complaints yet.  What are you seeing?

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, April 21, 2010 11:48 AM
To: NT System Admin Issues
Subject: McAfee DAT problems

 

Anyone else heard of problems with the latest McAfee DAT (5958) ???

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New Forefront question

[Justin Thomas]

yes and yes. It's been a couple of years now, but we used SCCM to push out
NoNav, and Forefront installed through WSUS and GP. We couldn't get real
tight integration of the whole thing, so some folks were running both for a
period of time. With all of that I suspect we visited at least 10% of the
machines personally.

On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton  wrote:

> Didn't figure it did, but thanks for the verification.
>
> Has anyone out there done an extensive migration from Symantec to
> Forefront?  Is it possible to script/automate the uninstallation of
> Symantec?
>
> >>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>
>  >I'm currently running SEP11 on my own machine.  I want to add my machine
> to my test group for Forefront Client Security.  Does Forefront cleanly
> remove SEP?  (I'm thinking not, >but figured I'd ask) or do I need to
> manually uninstall, and hope I can clean all the cruft left behind?
>
> Nope, it doesn't do any of that unfortunately...
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Domain controllers, what is supposed to happen.

[Michael B. Smith]

I didn't know it had been replaced. Cool.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Carl Houseman [mailto:c.house...@gmail.com]
Sent: Wednesday, April 21, 2010 12:38 PM
To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

When XP is using the secondary DNS and I want it to use the primary which is 
now available, I just disable/re-enable the NIC. I believe this holds true for 
Vista/7 as well.

If the primary was working and then becomes unavailable, I find that it will 
keep trying it, timeout (30 seconds), then use the secondary.  But it should 
definitely fail over to secondary servers with some annoying delay.  Bouncing 
the NIC will eliminate the delay.

Also the SP3 IP stack is modern, not old.  It was completely replaced in SP3 
using the same codebase as Vista.

Carl

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, April 21, 2010 9:24 AM
To: NT System Admin Issues
Subject: RE: Domain controllers, what is supposed to happen.

It's possible that XP may require a reboot before it retires an unreachable DNS 
server. I dunno. But it should work just fine.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Reimer, Mark [mailto:mark.rei...@prairie.edu]
Sent: Wednesday, April 21, 2010 9:15 AM
To: NT System Admin Issues
Subject: Domain controllers, what is supposed to happen.

Sorry, long email.

Windows 2003 Native Domain, two domain controllers, server1 and server2. 
Workstations are primarily XP, some Windows 7. Other servers (file server, 
email etc) are all Windows 2003. We have about 150 workstations.

We have AD DNS, and WINS. Server1 has FSMO roles Infrastructure Master, PDC 
Emulator, RID Master. Server2 has FSMO roles Domain Naming Master, Schema 
Master. Both are GC's.

In the DHCP settings workstations get both server's IP's as DNS. Server2 is 
listed first, then server1. Primary WINS server is server1, secondary is 
Server2.

Last night Server1 went down. It was off hours, but I got a call from some late 
night worker (using XP), saying they couldn't do anything. Couldn't reach any 
of the servers, or internet. I was able to get the server going again (bad 
memory chip, so I just took it out).

I thought that if one server went down, the DNS/WINS look up would go to the 
other server. But it might be slower (note, I didn't try any of this, just 
going on what the user said). Comments?

If I didn't get Server1 running again, what should I have done? I assume I 
should do the following.


1.   Seize the FSMO roles from server1, and put them on server2.

2.   Change DHCP so Primary WINS server is server2. Maybe even take out 
Server1 as DNS/WINS possibilities.

Then work on getting Server1 running again, or replacing it.

Did I miss anything?

Thanks for any help and insight you can give.

Mark

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~